Command Palette

Search for a command to run...

UnylyUnyly
Весь каталог

Honeypot Server

БесплатноНе проверен

Enables querying a honeypot threat-intelligence database via natural language to analyze attacker activity, without writing SQL. Provides read-only tools for ov

GitHubEmbed

Описание

Enables querying a honeypot threat-intelligence database via natural language to analyze attacker activity, without writing SQL. Provides read-only tools for overview, top attackers, credentials, commands, and more.

README

A small Model Context Protocol server that exposes my live honeypot's threat-intelligence database to an MCP client (Claude Desktop / Claude Code) as read-only tools — so I can investigate attacker activity by just asking, instead of writing SQL.

The data comes from a self-hosted honeypot stack (Cowrie SSH/Telnet + a custom HTTP honeypot) writing into PostgreSQL — currently ~530k attack sessions, ~33k login attempts, and thousands of captured attacker commands and file-staging events.

Tools

Tool What it returns
honeypot_overview(days) Totals (sessions, unique IPs, logins, commands, file events) + breakdown by honeypot/protocol
top_attackers(days, limit) Busiest source IPs with country + ASN org
top_credentials(days, limit) Most-tried username/password pairs
recent_commands(days, limit) Commands attackers ran post-login (TTPs)
attacks_by_country(days, limit) Sessions grouped by source country
malware_downloads(days, limit) Captured file/malware staging (filename, URL, sha256)
lookup_ip(ip) Full profile for one IP: sessions, geo/ASN, creds tried, commands, ban status

Safety

  • Read-only by construction. Every connection opens a read-only transaction and every query is a SELECT. No tool mutates data.
  • The IP passed to lookup_ip is validated with ipaddress and bound as a query parameter — never string-formatted into SQL.
  • Recommended: point HONEYPOT_DATABASE_URL at a DB role granted SELECT only.

Setup

python3 -m venv .venv && source .venv/bin/activate
pip install -r requirements.txt
cp .env.example .env          # then edit with your connection string
export HONEYPOT_DATABASE_URL="postgresql://user:[email protected]:5433/honeypot"

python server.py selftest      # verify DB connectivity
python server.py               # run as an MCP (stdio) server

Connecting a client

Claude Code (claude mcp add):

claude mcp add honeypot -- bash -lc 'cd /path/to/honeypot-mcp && \
  HONEYPOT_DATABASE_URL="postgresql://user:[email protected]:5433/honeypot" \
  .venv/bin/python server.py'

Claude Desktop (claude_desktop_config.json):

{
  "mcpServers": {
    "honeypot": {
      "command": "/path/to/honeypot-mcp/.venv/bin/python",
      "args": ["/path/to/honeypot-mcp/server.py"],
      "env": { "HONEYPOT_DATABASE_URL": "postgresql://user:[email protected]:5433/honeypot" }
    }
  }
}

The DB lives on my server (bound to localhost), so I either run this server there, or launch it over SSH stdio from my laptop:

{ "mcpServers": { "honeypot": {
  "command": "ssh",
  "args": ["ubuntu", "cd honeypot-mcp && .venv/bin/python server.py"]
}}}

from github.com/FradleyJ/honeypot-mcp

Установка Honeypot Server

У этого сервера нет опубликованного пакета — он собирается из исходников. Открой репозиторий и следуй инструкции в README.

▸ github.com/FradleyJ/honeypot-mcp

FAQ

Honeypot Server MCP бесплатный?

Да, Honeypot Server MCP бесплатный — установка в пару кликов через Unyly без оплаты.

Нужен ли API-ключ для Honeypot Server?

Нет, Honeypot Server работает без API-ключей и переменных окружения.

Honeypot Server — hosted или self-hosted?

Self-hosted: сервер запускается локально на твоей машине командой из раздела установки.

Как установить Honeypot Server в Claude Desktop, Claude Code или Cursor?

Открой Honeypot Server на unyly.org, выбери вкладку своего клиента (Claude Desktop, Claude Code, Cursor) и нажми Install — конфиг сгенерируется автоматически, без правки JSON.

Похожие MCP

Compare Honeypot Server with

Не уверен что выбрать?

Найди свой стек за 60 секунд

Автор?

Embed-бейдж для README

Похожее

Все в категории data