| Name | cowrie JSON |
| Version |
2.8.0
JSON |
| download |
| home_page | None |
| Summary | Cowrie SSH/Telnet Honeypot. |
| upload_time | 2025-10-07 01:33:30 |
| maintainer | None |
| docs_url | None |
| author | None |
| requires_python | !=3.0.*,!=3.1.*,!=3.2.*,!=3.3.*,!=3.4.*,!=3.5.*,!=3.6.*,!=3.7.*,!=3.8.*,!=3.9.*,<4,>=2.7 |
| license | None |
| keywords |
ssh
telnet
honeypot
|
| VCS |
 |
| bugtrack_url |
|
| requirements |
attrs
bcrypt
cryptography
hyperlink
idna
packaging
pyasn1_modules
requests
service_identity
tftpy
treq
twisted
urllib3
|
| Travis-CI |
No Travis.
|
| coveralls test coverage |
No coveralls.
|
Cowrie
######
Welcome to the Cowrie GitHub repository
*****************************************
This is the official repository for the Cowrie SSH and Telnet
Honeypot effort.
What is Cowrie
*****************************************
Cowrie is a medium to high interaction SSH and Telnet honeypot
designed to log brute force attacks and the shell interaction
performed by the attacker. In medium interaction mode (shell) it
emulates a UNIX system in Python, in high interaction mode (proxy)
it functions as an SSH and telnet proxy to observe attacker behavior
to another system.
`Cowrie <http://github.com/cowrie/cowrie/>`_ is maintained by Michel Oosterhof.
Documentation
****************************************
The Documentation can be found `here <https://docs.cowrie.org/en/latest/index.html>`_.
Slack
*****************************************
You can join the Cowrie community at the following `Slack workspace <https://www.cowrie.org/slack/>`_.
Features
*****************************************
* Choose to run as an emulated shell (default):
* Fake filesystem with the ability to add/remove files. A full fake filesystem resembling a Debian 5.0 installation is included
* Possibility of adding fake file contents so the attacker can `cat` files such as `/etc/passwd`. Only minimal file contents are included
* Cowrie saves files downloaded with wget/curl or uploaded with SFTP and scp for later inspection
* Or proxy SSH and telnet to another system
* Run as a pure telnet and ssh proxy with monitoring
* Or let Cowrie manage a pool of QEMU emulated servers to provide the systems to login to
For both settings:
* Session logs are stored in an `UML Compatible <http://user-mode-linux.sourceforge.net/>`_ format for easy replay with the `bin/playlog` utility.
* SFTP and SCP support for file upload
* Support for SSH exec commands
* Logging of direct-tcp connection attempts (ssh proxying)
* Forward SMTP connections to SMTP Honeypot (e.g. `mailoney <https://github.com/awhitehatter/mailoney>`_)
* JSON logging for easy processing in log management solutions
Docker
*****************************************
Docker images are available on Docker Hub.
* To get started quickly and give Cowrie a try, run::
$ docker run -p 2222:2222 cowrie/cowrie:latest
$ ssh -p 2222 root@localhost
* To just make it locally, run::
$ make docker-build
Requirements
*****************************************
Software required to run locally:
* Python 3.10+
* python-virtualenv
Files of interest:
*****************************************
* `etc/cowrie.cfg` - Cowrie's configuration file.
* `etc/cowrie.cfg.dist <https://github.com/cowrie/cowrie/blob/main/etc/cowrie.cfg.dist>`_ - default settings, don't change this file
* `etc/userdb.txt` - credentials to access the honeypot
* `src/cowrie/data/fs.pickle` - fake filesystem, this only contains metadata (path, uid, gid, size)
* `honeyfs/ <https://github.com/cowrie/cowrie/tree/main/honeyfs>`_ - contents for the fake filesystem
* `honeyfs/etc/issue.net` - pre-login banner
* `honeyfs/etc/motd <https://github.com/cowrie/cowrie/blob/main/honeyfs/etc/issue>`_ - post-login banner
* `src/cowrie/data/txtcmds/` - output for simple fake commands
* `var/log/cowrie/cowrie.json` - audit output in JSON format
* `var/log/cowrie/cowrie.log` - log/debug output
* `var/lib/cowrie/tty/` - session logs, replayable with the `bin/playlog` utility.
* `var/lib/cowrie/downloads/` - files transferred from the attacker to the honeypot are stored here
* `bin/createfs` - create your own fake filesystem
* `bin/playlog` - utility to replay session logs
Contributors
***************
Many people have contributed to Cowrie over the years. Special thanks to:
* Upi Tamminen (desaster) for all his work developing Kippo on which Cowrie was based
* Dave Germiquet (davegermiquet) for TFTP support, unit tests, new process handling
* Olivier Bilodeau (obilodeau) for Telnet support
* Ivan Korolev (fe7ch) for many improvements over the years.
* Florian Pelgrim (craneworks) for his work on code cleanup and Docker.
* Guilherme Borges (sgtpepperpt) for SSH and telnet proxy (GSoC 2019)
* And many many others.
Raw data
{
"_id": null,
"home_page": null,
"name": "cowrie",
"maintainer": null,
"docs_url": null,
"requires_python": "!=3.0.*,!=3.1.*,!=3.2.*,!=3.3.*,!=3.4.*,!=3.5.*,!=3.6.*,!=3.7.*,!=3.8.*,!=3.9.*,<4,>=2.7",
"maintainer_email": "Michel Oosterhof <michel@oosterhof.net>",
"keywords": "ssh, telnet, honeypot",
"author": null,
"author_email": "Michel Oosterhof <michel@oosterhof.net>",
"download_url": "https://files.pythonhosted.org/packages/d4/f5/ef0aedfa0c94eba99850c73d0ce8f8cae843aa36b1ff9498386a8cdc8946/cowrie-2.8.0.tar.gz",
"platform": null,
"description": "Cowrie\n######\n\nWelcome to the Cowrie GitHub repository\n*****************************************\n\nThis is the official repository for the Cowrie SSH and Telnet\nHoneypot effort.\n\nWhat is Cowrie\n*****************************************\n\nCowrie is a medium to high interaction SSH and Telnet honeypot\ndesigned to log brute force attacks and the shell interaction\nperformed by the attacker. In medium interaction mode (shell) it\nemulates a UNIX system in Python, in high interaction mode (proxy)\nit functions as an SSH and telnet proxy to observe attacker behavior\nto another system.\n\n`Cowrie <http://github.com/cowrie/cowrie/>`_ is maintained by Michel Oosterhof.\n\nDocumentation\n****************************************\n\nThe Documentation can be found `here <https://docs.cowrie.org/en/latest/index.html>`_.\n\nSlack\n*****************************************\n\nYou can join the Cowrie community at the following `Slack workspace <https://www.cowrie.org/slack/>`_.\n\nFeatures\n*****************************************\n\n* Choose to run as an emulated shell (default):\n * Fake filesystem with the ability to add/remove files. A full fake filesystem resembling a Debian 5.0 installation is included\n * Possibility of adding fake file contents so the attacker can `cat` files such as `/etc/passwd`. Only minimal file contents are included\n * Cowrie saves files downloaded with wget/curl or uploaded with SFTP and scp for later inspection\n\n* Or proxy SSH and telnet to another system\n * Run as a pure telnet and ssh proxy with monitoring\n * Or let Cowrie manage a pool of QEMU emulated servers to provide the systems to login to\n\nFor both settings:\n\n* Session logs are stored in an `UML Compatible <http://user-mode-linux.sourceforge.net/>`_ format for easy replay with the `bin/playlog` utility.\n* SFTP and SCP support for file upload\n* Support for SSH exec commands\n* Logging of direct-tcp connection attempts (ssh proxying)\n* Forward SMTP connections to SMTP Honeypot (e.g. `mailoney <https://github.com/awhitehatter/mailoney>`_)\n* JSON logging for easy processing in log management solutions\n\nDocker\n*****************************************\n\nDocker images are available on Docker Hub.\n\n* To get started quickly and give Cowrie a try, run::\n\n $ docker run -p 2222:2222 cowrie/cowrie:latest\n $ ssh -p 2222 root@localhost\n\n* To just make it locally, run::\n\n $ make docker-build\n\nRequirements\n*****************************************\n\nSoftware required to run locally:\n\n* Python 3.10+\n* python-virtualenv\n\nFiles of interest:\n*****************************************\n\n* `etc/cowrie.cfg` - Cowrie's configuration file.\n* `etc/cowrie.cfg.dist <https://github.com/cowrie/cowrie/blob/main/etc/cowrie.cfg.dist>`_ - default settings, don't change this file\n* `etc/userdb.txt` - credentials to access the honeypot\n* `src/cowrie/data/fs.pickle` - fake filesystem, this only contains metadata (path, uid, gid, size)\n* `honeyfs/ <https://github.com/cowrie/cowrie/tree/main/honeyfs>`_ - contents for the fake filesystem\n* `honeyfs/etc/issue.net` - pre-login banner\n* `honeyfs/etc/motd <https://github.com/cowrie/cowrie/blob/main/honeyfs/etc/issue>`_ - post-login banner\n* `src/cowrie/data/txtcmds/` - output for simple fake commands\n* `var/log/cowrie/cowrie.json` - audit output in JSON format\n* `var/log/cowrie/cowrie.log` - log/debug output\n* `var/lib/cowrie/tty/` - session logs, replayable with the `bin/playlog` utility.\n* `var/lib/cowrie/downloads/` - files transferred from the attacker to the honeypot are stored here\n* `bin/createfs` - create your own fake filesystem\n* `bin/playlog` - utility to replay session logs\n\nContributors\n***************\n\nMany people have contributed to Cowrie over the years. Special thanks to:\n\n* Upi Tamminen (desaster) for all his work developing Kippo on which Cowrie was based\n* Dave Germiquet (davegermiquet) for TFTP support, unit tests, new process handling\n* Olivier Bilodeau (obilodeau) for Telnet support\n* Ivan Korolev (fe7ch) for many improvements over the years.\n* Florian Pelgrim (craneworks) for his work on code cleanup and Docker.\n* Guilherme Borges (sgtpepperpt) for SSH and telnet proxy (GSoC 2019)\n* And many many others.\n",
"bugtrack_url": null,
"license": null,
"summary": "Cowrie SSH/Telnet Honeypot.",
"version": "2.8.0",
"project_urls": {
"documentation": "https://docs.cowrie.org/",
"homepage": "https://www.cowrie.org/",
"repository": "https://github.com/cowrie/cowrie"
},
"split_keywords": [
"ssh",
" telnet",
" honeypot"
],
"urls": [
{
"comment_text": null,
"digests": {
"blake2b_256": "948e6cd0e2c1205b4df3304aa583da56de707d01f7ca6481de96ad0c0f8d8416",
"md5": "aa85df275e343b9c9502d95731be08fa",
"sha256": "92323024d6a66d180181fcbe9dbd4a14cbb910faa8b327f6ed32354ffe46f40c"
},
"downloads": -1,
"filename": "cowrie-2.8.0-py3-none-any.whl",
"has_sig": false,
"md5_digest": "aa85df275e343b9c9502d95731be08fa",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": "!=3.0.*,!=3.1.*,!=3.2.*,!=3.3.*,!=3.4.*,!=3.5.*,!=3.6.*,!=3.7.*,!=3.8.*,!=3.9.*,<4,>=2.7",
"size": 647091,
"upload_time": "2025-10-07T01:33:28",
"upload_time_iso_8601": "2025-10-07T01:33:28.323555Z",
"url": "https://files.pythonhosted.org/packages/94/8e/6cd0e2c1205b4df3304aa583da56de707d01f7ca6481de96ad0c0f8d8416/cowrie-2.8.0-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": null,
"digests": {
"blake2b_256": "d4f5ef0aedfa0c94eba99850c73d0ce8f8cae843aa36b1ff9498386a8cdc8946",
"md5": "d49fcf4fb66e7ee0ee812604fa7d1b9c",
"sha256": "78f024d80e1d82f48dbac7e90965dcc09c47364bd5988fb4238b47da1eb0294d"
},
"downloads": -1,
"filename": "cowrie-2.8.0.tar.gz",
"has_sig": false,
"md5_digest": "d49fcf4fb66e7ee0ee812604fa7d1b9c",
"packagetype": "sdist",
"python_version": "source",
"requires_python": "!=3.0.*,!=3.1.*,!=3.2.*,!=3.3.*,!=3.4.*,!=3.5.*,!=3.6.*,!=3.7.*,!=3.8.*,!=3.9.*,<4,>=2.7",
"size": 603691,
"upload_time": "2025-10-07T01:33:30",
"upload_time_iso_8601": "2025-10-07T01:33:30.032673Z",
"url": "https://files.pythonhosted.org/packages/d4/f5/ef0aedfa0c94eba99850c73d0ce8f8cae843aa36b1ff9498386a8cdc8946/cowrie-2.8.0.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2025-10-07 01:33:30",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "cowrie",
"github_project": "cowrie",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"requirements": [
{
"name": "attrs",
"specs": [
[
"==",
"25.3.0"
]
]
},
{
"name": "bcrypt",
"specs": [
[
"==",
"5.0.0"
]
]
},
{
"name": "cryptography",
"specs": [
[
"==",
"46.0.1"
]
]
},
{
"name": "hyperlink",
"specs": [
[
"==",
"21.0.0"
]
]
},
{
"name": "idna",
"specs": [
[
"==",
"3.10"
]
]
},
{
"name": "packaging",
"specs": [
[
"==",
"25.0"
]
]
},
{
"name": "pyasn1_modules",
"specs": [
[
"==",
"0.4.2"
]
]
},
{
"name": "requests",
"specs": [
[
"==",
"2.32.5"
]
]
},
{
"name": "service_identity",
"specs": [
[
"==",
"24.2.0"
]
]
},
{
"name": "tftpy",
"specs": [
[
"==",
"0.8.6"
]
]
},
{
"name": "treq",
"specs": [
[
"==",
"25.5.0"
]
]
},
{
"name": "twisted",
"specs": [
[
"==",
"25.5.0"
]
]
},
{
"name": "urllib3",
"specs": [
[
"==",
"2.5.0"
]
]
}
],
"tox": true,
"lcname": "cowrie"
}
