< UCSB iCTF Results | Merry Christmas Storm! >

Amun Honeypot

Today, Jan Göbel released his tool Amun. The tool is similar to nepenthes and designed to collect samples of autonomous spreading malware. The basic idea is to simulate vulnerable network service and trick an incoming exploitation attempt into thinking that the honeypot is a real system.

Amun is implemented in Python and thus it is quite easy to add additional vulnerability modules. The tool can be downloaded via http://zero.ram.rwth-aachen.de/amun/download.php.
This entry was posted by Thorsten Holz on Tuesday, December 11. 2007 at 11:03. and is filed under honeynets. You can leave a response, or trackback from your own blog. All new comments are subject to moderation before being displayed.

Trackbacks

Trackback specific URI for this entry

    No Trackbacks

Comments

Display comments as (Linear | Threaded)

  1. Anonymous says:
    #1 2007-12-20 12:15 (Reply)

    I like how you came up with the egyptian theme, it is really creative and independent - I don't think there is any other autonomous malware analysis project out there, with a similar name... or maybe it is just a blatant rip off from Anubis????

  2. Thorsten says:
    #1.1 2007-12-21 08:46 (Reply)

    I don't know why Jan choose this name. But please note: Amun is no "autonomous malware analysis project", it is about capturing autonomous spreading malware. The analysis can then be performed with tools like Anubis or CWSandbox.


Add Comment


Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA
 
Submitted comments will be subject to moderation before being displayed.