The number of client-side attacks has grown significantly in the past few years shifting focus on poorly protected vulnerable clients. Just as the most known honeypot technologies enable research into server-side attacks, honeyclients allow the study of client-side attacks.
A complement to honeypots, a honeyclient is a tool designed to mimic the behavior of a user-driven network client application, such as a web browser, and be exploited by an attacker's content.
Thug is a Python low-interaction honeyclient aimed at mimicing the behavior of a web browser in order to detect and emulate malicious contents.
Documentation about Thug installation and usage can be found in the source tree or alternatively at http://buffer.github.com/thug/
-
Mailing Lists
- Thug users https://public.honeynet.org/mailman/listinfo/thug
- Thug development https://public.honeynet.org/mailman/listinfo/thug-dev
-
IRC
- Freenode #thug-dev
Thug is open source and free to use for any purpose (even commercial ones). If you use and appreciate Thug, consider supporting the project with a donation using Paypal (details at http://buffer.github.com/thug/).
Copyright (C) 2011-2015 Angelo Dell'Aera angelo.dellaera@honeynet.org
License: GNU General Public License, version 2 or later; see COPYING.txt included in this archive for details.