- HoneyBadger is primarily a comprehensive TCP stream analysis tool for detecting and recording TCP attacks. Perhaps it can assist in discovering 0-days and botnets.
- HoneyBadger will include a variety of TCP stream injections attacks (it now includes 2) which prove that the TCP attack detection is reliable.
- Read about HoneyBadger's design and implementation: https://honeybadger.readthedocs.org/
- Read the manual integration procedure - a reproduciable procedure which proves HoneyBadger's TCP injection attack detection is reliable; in less than 2 minutes you can perform a test on your loopback interface... and test that HoneyBadger can detect injected data into a netcat client-server connection.
- Read the godoc autogenerated API documentation
It is not a good idea to run network traffic analysis tools as root. In Linux you can run these tools as an unprivileged user after you run setcap as root like this:
# setcap cap_net_raw,cap_net_admin=eip honeyBadger
HoneyBadger is free software made available via the GPL3... except for small sections of code which are BSD licensed.
- email [email protected]
- gpg key ID 0x836501BE9F27A723
- gpg fingerprint F473 51BD 87AB 7FCF 6F88 80C9 8365 01BE 9F27 A723