Skip to content

T-Pot Attack Map that follows ES honeypot events within T-Pot and parses IPs, ports and honeypot info to visualize events in real time.

License

Notifications You must be signed in to change notification settings

t3chn0m4g3/t-pot-attack-map

 
 

Repository files navigation

T-Pot Attack Map

This fork of the GeoIP Attack Map was adjusted for T-Pot, also introducing new features (i.e. dynamic destination IPs to represent T-Pots), better performance for the Attack Map Server by using aiohttp, asyncio and aioredis and, where possible, serving the dependencies locally instead from different CDNs.

T-Pot Attack Map Visualization

This geoip attack map visualizer was forked and adjusted to display T-Pot Honeypot events in real time. The data server connects to elasticsearch, parses out source IP, destination IP, source port, destination port, timestamp, honeypot type and honeypot statistics (events per last 1m, 1h, 1d). Protocols are determined via common ports, and the visualizations vary in color based on protocol type while keeping stats regarding top source IPs and countries.

img.png

Credits

The original attack map was created by Matthew Clark May.
First T-Pot based fork was released by Eddie4.

Licenses / Copyright

Bootstrap, D3, Flagpack, JQuery, Leaflet, OpenStreetMap.

About

T-Pot Attack Map that follows ES honeypot events within T-Pot and parses IPs, ports and honeypot info to visualize events in real time.

Topics

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • JavaScript 36.2%
  • CSS 26.3%
  • Python 22.4%
  • HTML 15.1%