matheo-lm / weblabyrinth Goto Github PK
View Code? Open in Web Editor NEWThis project forked from mayhemiclabs/weblabyrinth
A system that creates a bogus web structure to entrap and delay web scanners
This project forked from mayhemiclabs/weblabyrinth
A system that creates a bogus web structure to entrap and delay web scanners
WebLabyrinth - A simple tool that creates a maze of bogus web pages to confuse web scanners. It's main goal is to delay and occupy malicious scanners that scan websites in order for incident handlers to detected and respond to them before damage is done. WebLabyrinth code Copyright (c) 2010, Ben Jackson and Mayhemic Labs - [email protected]. All rights reserved. Dissociated Press functions based off of David Pascoe-Deslauriers' <[email protected]> dissociatedpress class. Copyright 2000-2009 David Pascoe-Deslauriers. All rights reserved. Original Dissociated Press code available at http://www.csiuo.com/drupal/node/13 PREREQUISITES * Apache * mod_rewrite * PHP * sqlite * PHP sqlite extension * PHP mail() support SETUP AND CONFIGURATION Configuration is broken up into two parts, setting up the web application, and configuring the database. First, copy all the files in a web accessible directory and edit the config.inc.php to reflect the directory name. If you installed it as /labyrinth, it should be all set. Next, you also need to create a .htaccess file in the same directory as the installation. There is an example in EXAMPLE.htaccess, built with theassumption that you have WebLabyrinth installed in a web path called /labyrinth and the index.php file has not been renamed. The only two variables in the .htaccess that should ever need to be changed is RewriteBase which should be the web path that WebLabyrinth is installed in and RewriteRule which is the web path that the main index.php file is located. Finally, you need to configure the database. This database should be installed in a non web accessible directory. The directory should both readable and writeable by the Apache user. The SQL script to create the database is labyrinth.sql. The following commands do this on my (Debian) system: mkdir /opt/weblabyrinth/ cat labyrinth.sql | sqlite /opt/weblabyrinth/labyrinth.db chown -R www-data:www-data /opt/weblabyrinth Once the database is created, edit the config.inc.php 'tracking_db' variable to point to your freshly created database. ALERTING One of the new features (as of the 0.3 branch) is the ability to generate alerts if a crawler reaches a certain level. The two ways weblabyrinth can do this is by generating an e-mail or by generating text that an IDS system can trigger on. All of these options are controlled in the config.inc.php file. If you use snort, the following rule should generate an alert if the word used by default is found. alert tcp any 80 -> any any (content:"honorificabilitudinitatibus"; msg: "WebLabyrinth alert keyword detected";) By default the system will generate an alert if the crawlers get three levels deep within the labyrinth. The system will generate the alert maximum once an hour for an ongoing scan. NOTE ABOUT APACHE Please note that you may need to reconfigure apache to allow .htaccess files to control configuration options. This is done in the apache site's configuration file (/etc/apache2/sites-available/<your site here>). Below is an example from my installation on a Debian server: <Directory /var/www/labyrinth> Options Indexes FollowSymLinks MultiViews AllowOverride FileInfo Options Order allow,deny allow from all </Directory> The "AllowOverride FileInfo Options" is the important bit. Remember to restart Apache when you're done.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.