The Simple PostgreSQL Honeypot Server is a script developed for cybersecurity professionals and hobbyists to analyze PostgreSQL-based network interactions. Written in Python and leveraging the Twisted framework, this script emulates a PostgreSQL server to log unauthorized access attempts and credentials. This tool is invaluable for understanding PostgreSQL vulnerabilities and potential intrusion strategies.
- Low-Interaction Honeypot: Effectively simulates a PostgreSQL server to log authentication attempts in a safe environment.
- Configurable Settings: Customize host and port settings via command-line arguments for flexibility.
- Extensive Logging: Captures every interaction, including usernames, passwords, and database names.
- Real-Time Activity Monitoring: Instantly logs and reports PostgreSQL activities for timely anomaly detection.
- Educational and Research Tool: Ideal for learning about PostgreSQL security weaknesses and network reconnaissance.
- Python 3.x
- Twisted Python library
To set up the PostgreSQL honeypot server, follow these steps:
git clone https://github.com/0xNslabs/postgresql-honeypot.git
cd postgresql-honeypot
pip install twistedRun the server with optional arguments for host and port. Defaults to binding on all interfaces (0.0.0.0) at port 5432.
python3 psql.py --host 0.0.0.0 --port 5432Interaction logs are stored in postgresql_honeypot.log, offering detailed records of all PostgreSQL queries, login attempts, and credentials used.
This image illustrates the Simple PostgreSQL Honeypot Server capturing real-time PostgreSQL queries and login attempts.
Check out the other honeypot services for monitoring various network protocols:
- DNS Honeypot - Monitors DNS interactions.
- FTP Honeypot - Simulates an FTP server.
- LDAP Honeypot - Mimics an LDAP server.
- HTTP Honeypot - Monitors HTTP interactions.
- HTTPS Honeypot - Monitors HTTPS interactions.
- NTP Honeypot - Monitors Network Time Protocol interactions.
- PostgreSQL Honeypot - Simulates a PostgreSQL database server.
- SIP Honeypot - Monitors SIP (Session Initiation Protocol) interactions.
- SSH Honeypot - Emulates an SSH server.
- TELNET Honeypot - Simulates a TELNET server.
- Caution: Operate this honeypot within secure, controlled settings for research and learning purposes.
- Compliance: Deploy this honeypot in accordance with local and international legal and ethical standards.
This project is available under the MIT License. See the LICENSE file for more information.