ELKFH (Elastic, Logstash, Kibana, Filebeat and Honeypot) system for monitoring security tools that interact with (HTTP, HTTPS, SSH, RDP, VNC, Redis, MySQL, MONGO, SMB, LDAP)

• Logs are accessible via Kibana
• All services running in one container using supervisord
• Ingress sniffer, layers and packet parser

git clone https://github.com/qeeqbox/seahorse.git
cd seahorse
chmod +x ./run.sh
./run.sh auto_configure

Wait ~2-10 mins until the web browser opens up (until seahorse_initializer_1 exit with 0)

• HTTP (Apache)
• HTTPS (Apache)
• SSH (Custom OpenSSH)
• FTP (vsftpd)
• SMB (samba)
• ldap (slapd)
• VNC (tightvncserver)
• RDP (xrdp)
• Redis (redis-server)
• Mysql (mysql-community-server)

• 2020.V.01.01

• Add more services

elastic, scapy

By using this framework, you are accepting the license terms of all these packages: elasticsearch, logstash, kibana, filebeat, openbsd, openbsd, Zlib, build-essential, libssl-dev, lsof, supervisord, rsyslog, openldap, mysql, redis, mongodb, Samba, Vsftpd, db-util, tvnserver, xrdp, apache, iptables, tcpdump, nmap, iputils-ping, python, Pip, psycopg, psmisc, dnsutils, python-ldap, FreeRDP, net-tools, sshpass, paramiko, connector-python, mongo-python-driver, pysmb, vncdotool, requests, cryptography

• Do not deploy without proper configuration
• Setup some security group rules and remove default credentials
• Please let me know if i missed a resource or dependency