FICHA · AUR

cowrie

Medium interaction SSH honeypot designed to log brute force attacks and entire shell interaction

  • Service
  • Server
  • SECURITY
  • NETWORK
  • Launchable
  • Background service
official+codex · reviewed · May 31, 2026 description in en

Description

SSH attack attempts can be captured in a controlled honeypot that records brute-force logins and interactive shell behavior. It is useful for security teams studying attacker patterns without exposing a real server account.

Honeypots are internet-facing security tools. Isolate them from production systems, review logs for sensitive data, and avoid treating captured behavior as safe to execute elsewhere.

How to run

cowrie

Commands: cowrie

Permissions

Permissions not analysed for this source yet.