HosTaGe - Honeypot-To-Go

Copyright (C) 2013-2021, Aalborg University (Denmark) and Technische Universität Darmstadt (Germany)

HosTaGe is a lightweight, low-interaction, portable, and generic honeypot for mobile devices that aims on the detection of malicious, wireless network environments. As most malware propagate over the network via specific protocols, a low-interaction honeypot located at a mobile device can check wireless networks for actively propagating malware. We envision such honeypots running on all kinds of mobile devices, e.g., smartphones and tablets, to provide a quick assessment on the potential security state of a network.

HosTaGe emulates the following protocols as of the latest version: AMQP, COAP, ECHO, FTP, HTTP, HTTPS, MySQL, MQTT, MODBUS, S7COMM, SNMP, SIP, SMB, SSH, SMTP and TELNET

Download from Play Store!

The stable release of HosTaGe can be installed from Google Play Store. Play Store Link or, Scan the QR code below from your Android device.

References

The research behind HosTaGe has been published and presented in a number of scientific and industrial conferences. Below you can find some selected papers:

[1] Emmanouil Vasilomanolakis, Shankar Karuppayah, Mathias Fischer, Mihai Plasoianu, Wulf Pfeiffer, Lars Pandikow, Max Mühlhäuser: This Network is Infected: HosTaGe – a Low-Interaction Honeypot for Mobile Devices. SPSM@CCS 2013:43-48

[2] Emmanouil Vasilomanolakis, Shankar Karuppayah, Mathias Fischer, Max Mühlhäuser: HosTaGe: a Mobile Honeypot for Collaborative Defense. ACM SIN 2014:330-333

[3] Emmanouil Vasilomanolakis, Shreyas Srinivasa, Max Mühlhäuser: Did you really hack a nuclear power plant? An industrial control mobile honeypot. IEEE CNS 2015:729-730

[4] Emmanouil Vasilomanolakis, Shreyas Srinivasa, Carlos Garcia Cordero, Max Mühlhäuser: Multi-stage Attack Detection and Signature Generation with ICS Honeypots. IEEE/IFIP DISSECT@NOMS 2016:1227-1232

Download APK

HosTaGe-v2.2.11.apk Release-Notes(latest)

HosTaGe-v2.1.1.apk Release-Notes

HosTaGe-v2.0.0.apk Release-Notes

Wiki

The Wiki provides information on getting started and using the app. Wiki for HosTaGe can be found here: Wiki.

GUI

Original Authors

Emmanouil Vasilomanolakis - idea, guidance and suggestions during development

Contributors

Shreyas Srinivasa, lead developer, Aalborg University and Technische Universität Darmstadt (Github - @sastry17)

Eirini Lygerou, GSoC 2020 Developer (Github - @irinil)

Mihai Plasoianu, student developer, Technische Universität Darmstadt

Wulf Pfeiffer, student developer, Technische Universität Darmstadt

Lars Pandikow, student developer, Technische Universität Darmstadt

Researchers

Shankar Karuppayah, mentoring, developer, Technische Universität Darmstadt

Mathias Fischer, mentoring, Universität Hamburg

Max Mühlhäuser, mentoring, Technische Universität Darmstadt

Carlos Garcia Cordero, mentoring, Technische Universität Darmstadt

Features of HoneyRJ were inspiration for this project. http://www.cse.wustl.edu/~jain/cse571-09/ftp/honey/manual.html\

Encryption for the SSH protocol were taken from Ganymed SSH-2 and slightly modified. http://code.google.com/p/ganymed-ssh-2/

GSoC 2020

The project was actively developed with participation in Google Summer of Code 2020. More information about GSoC2020 is here

HPFeeds

To access the hpfeeds from hostage please send an access request to hostage@es.aau.dk with your name and organization. Please note that access to the hpfeeds repository is provided only after an internal review.

Contact

Please use the Github issues to report any issues or for questions. Slack channel; Email

License & Distribution

Distributed under the MIT license. See LICENSE for license information.