/whisperpot

VoIP honeypot system

Primary LanguagePythonMIT LicenseMIT

WhisperPot

WhisperPot is an ongoing project aimed at creating a comprehensive VoIP honeypot system. It is designed to log attack attempts and identify potential threats and vulnerabilities in VoIP systems. WhisperPot simulates a realistic VoIP environment and is targeted at security researchers, VoIP service providers, and network administrators.

Public Dashboard

Please check our public dashboard here.

Public Dashboard

Features

  • SIP protocol support
  • Multiple interaction modes (low-interaction and high-interaction)
  • Customizable profiles for different VoIP systems, devices, usernames, and passwords
  • Monitoring and logging capabilities for SIP messages, RTP traffic, and other relevant activities
  • Ability to enrich with external data sources
  • Integration with Elasticsearch for data storage and search
  • Visualization using Kibana and Grafana

Technical Implementation

WhisperPot leverages open-source technologies like Asterisk, an open-source PBX, and Kamailio, an open-source SIP server. The scripts are primarily built using Python and deployed on Linux-based operating systems.

Architecture

WhisperPot Architecture

Installation

  1. Clone the Repository
git clone https://github.com/honeynet/whisperpot

Navigate to the cloned directory:

cd whisperpot
  1. Make Script as Executable
sudo chmod +x setup_gui.sh
  1. Run the Executable Script

You need to run it as sudo:

sudo ./ setup_gui.sh
GUI Installation

GSoC 2023

The project was actively developed with participation in Google Summer of Code 2023. More information about WhisperPot in GSoC2023 here

GSoC logo

References