Beelzebub: A Comprehensive Introduction
Overview
Beelzebub is a sophisticated honeypot framework designed to detect and analyze cyber attacks in a secure environment. This framework offers a user-friendly, low-code solution which helps in implementing and simulating the activity of high-interaction honeypots using artificial intelligence.
Core Features
Beelzebub includes a host of features that enhance its functionality and utility:
- Support for Well-known AI Models: Compatible with both Ollama and OpenAI technologies.
- Diverse Honeypot Options: Includes SSH, HTTP, and TCP honeypots.
- Data and Metrics Integration: Works with Prometheus for openmetrics, Docker, and RabbitMQ integrations.
- Kubernetes Support: Seamless integration with Kubernetes for deployment.
Getting Started
Beelzebub can be quickly set up using the following methods:
Using Docker Compose
- Build Docker images with the command:
$ docker-compose build
- Run Beelzebub in detached mode:
$ docker-compose up -d
Using Go Compiler
- Download the necessary Go modules:
$ go mod download
- Build the Beelzebub executable:
$ go build
- Run the program:
$ ./beelzebub
Deploying on Kubernetes
- Install Helm, then deploy Beelzebub with:
$ helm install beelzebub ./beelzebub-chart
- For updates, use:
$ helm upgrade beelzebub ./beelzebub-chart
Real-Time Attack Monitoring
Users can stay informed about real-time attacks through the dedicated Telegram channel.
Configuration Examples
Beelzebub allows for flexible honeypot configurations. Users can customize configurations for various ports and protocols.
- HTTP Honeypot Example: Simulate a WordPress environment on port 80.
- SSH Honeypot Example: Use AI models like OpenAI's GPT-4 or Ollama's Llama3 to simulate interactive SSH sessions.
Testing
Beelzebub provides robust testing options:
- Unit Tests: Run using
$ make test.unit
. - Integration Tests: Conduct with a series of commands starting with
$ make test.dependencies.start
.
Future Directions
The roadmap for Beelzebub includes developing it into a powerful Platform-as-a-Service (PaaS) solution for broader accessibility and functionality.
Contributing to Beelzebub
The project is open for contributions, and the developers encourage participants to adhere to the contributing guidelines. Interested individuals can report bugs, propose new features, or even direct inquiries. The team's guidelines and code of conduct are in place to ensure a collaborative and respectful community.
Licensing
Beelzebub is open source and licensed under the MIT License. This allows for flexible use, modification, and distribution of the software.
Additional Support
The project is supported by JetBrains, ensuring a strong foundation and providing resources for ongoing development.
This introduction serves to outline the key aspects of Beelzebub, offering a comprehensive view of its capabilities and opportunities for engagement.