HoneyCreds : Network Credential Injection To Detect Responder And Other Network Poisoners

HoneyCreds network credential injection to detect responder and other network poisoners.

Requirements

Requires Python 3.6+ (tested on Python 3.9)
smbprotocol
cffi
splunk-sdk

Installation

git clone https://github.com/Ben0xA/HoneyCreds.git
cd HoneyCreds
pip3 install -r requirements.txt

Running

python3 honeycreds.py

Settings

It is advised that you change these settings to best suit your environment.

Note: You can use an existing account, just change the password.

Change these in honeycreds.conf

Choose a legit looking username

def_username = ‘honeycreds’

This can match your current Short Domain

def_domain = ‘XQQX’

Make this whatever you want. Note: HTTP requests will send this in plaintext

def_password = ‘This is a honey cred account.’

The FQDN. Leave .local at the end.

def_fqdn = ‘xqqx.local’

The hostname that DOES NOT EXIST but looks legit.

def_hostname = ‘HNECRD01’

The log file and location

def_logfile = ‘honeycreds.log’

Ability to turn SMB or HTTP on or off. Set to “OFF” to turn off.

SMB = ‘ON’
HTTP = ‘ON’

The time to pause in seconds between requests.

SMB_SLEEP = 5
HTTP_SLEEP = 12

R K

Recent Posts

Playwright-MCP : A Powerful Tool For Browser Automation

Playwright-MCP (Model Context Protocol) is a cutting-edge tool designed to bridge the gap between AI…

3 weeks ago

JBDev : A Tool For Jailbreak And TrollStore Development

JBDev is a specialized development tool designed to streamline the creation and debugging of jailbreak…

3 weeks ago

Kereva LLM Code Scanner : A Revolutionary Tool For Python Applications Using LLMs

The Kereva LLM Code Scanner is an innovative static analysis tool tailored for Python applications…

3 weeks ago

Nuclei-Templates-Labs : A Hands-On Security Testing Playground

Nuclei-Templates-Labs is a dynamic and comprehensive repository designed for security researchers, learners, and organizations to…

3 weeks ago

SSH-Stealer : The Stealthy Threat Of Advanced Credential Theft

SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to…

3 weeks ago

ollvm-unflattener : A Tool For Reversing Control Flow Flattening In OLLVM

Control flow flattening is a common obfuscation technique used by OLLVM (Obfuscator-LLVM) to transform executable…

3 weeks ago