pure python honeyclient implementation

a honeyclient is designed to give insights into malicious web sites, including the exploits on the page and their consequences.

features

• understands useful HTML tags for remote links
• hrefs, imgs, etc ...
• also iframes, frames, etc
• understands scripting languages
• javascript (through spidermonkey)
• visual basic script (through vb2py)
• supports deobfuscation, remote script sources
• ActiveX vulnerability "modules" for exploit detection
• supports multiple detection methods for a page
• AV detection via ClamAV
• vulnerability modules

Status

builds are not as clean as we would like and this is our number one priority right now.

at present there is no downloadable package, you have to SVN checkout. the other milestones for 1.0 are mainly working on outputs (we have an XML schema we're developing to) and the build, it should be streamlined for everyone.

IRC

we chat on freenode IRC on the #phoneyc channel to discuss and coordinate phoneyc development and issues.

email

we have a google group for phoneyc at http://groups.google.com/group/phoneyc and we encourage users and developers to join.