A lightweight SSH honeypot written in Python. It simulates a real SSH server to capture unauthorized login attempts and log attacker commands for educational and monitoring purposes.
- Listens on port
2222and mimics an SSH service. - Logs:
- Source IP and timestamp of connection
- Username and password input
- All shell-like commands typed by the attacker
- Sends fake SSH banner to appear legitimate.
- Fully written in Python (no third-party libraries).
=== Connection from <your IP>:54012 at 2025-05-22 01:08:34 ===
[<your IP>] Username attempt: admin
[<your IP>] Password attempt: hunter2
[<your IP>] Command: whoami
[<your IP>] Command: uname -a
git clone https://github.com/3LiRad/simple-ssh-honeypot.git
cd simple-ssh-honeypot
sudo python3 honeypot.pyπ§ͺ From another terminal or machine:
nc <your IP> 2222Then type some fake SSH commands and check log.txt.
This project is intended for educational use, local testing, and safe internal lab environments. Do not expose it directly to the internet without proper hardening.
Ali Abobaker Ali Radman
Cybersecurity Enthusiast | eJPT Certified
LinkedIn β’ GitHub
This project is for educational and demonstration purposes only. Running a honeypot publicly without proper authorization may violate laws and terms of service.