Introduction
OWASP Honeypot framework helps you to automate and initialize your own honeypot/deception service using docker containers in a very easy and secure way. This project has several built-in modules, and multiple functionalities to add your own new modules based on your needs.
You can get more details about my project from here : Project Details
My work
Web Console
Added new features to the web console.
- Download Charts
- Internationalization Support
- Proper error handling in log explorer
- Bulk export (all records can be exported for selected options). Data can be exported to multiple formats.
- JSON
- Excel
- CSV
API’s
Migrated REST API’s from mongodb to elasticsearch. Adding scroll in explore api to retrieve all records from elasticsearch based on user query.
Documentation
Proper documentation for API added with configuration for swagger which helps in testing API’s using web easily. Also updated the documentation of the project and readme where changes where necessary based on migration from mongodb to elasticsearch. Moreover, API documentation can easily be imported to Postman.
- Steps
- Run Api Server
- Open Postman
- Choose Import
- Enter the following link under link tab http://localhost:5000/docs-configuration
- Click on import
- API’s are ready to test.
Internationalization
I added support for multiple languages in Web Console and CLI with translations currently available for 5 languages.
- es_ES (Spanish)
- ru_RU (Russian)
- en_US (English)
- fr_FR (French)
- de_DE (German)
Unit tests
Added new tests and updated old one’s after shifting database from mongodb to elasticsearch and adding multi language support.
Templates
Added new templates for Pull Request and Issue
Links to my Work in GSOC'2k21 Period
- Refactor javascript code
- Adding and updating tests
- Adding scroll in api’s
- Adding internationalization
- Fix error cannot connect to elasticsearch
- Fix requirement checking code
- Swagger style documentation for api
- Pr Template
- Fix all record count
- Download chart functionality
- Improve error handling in log explorer
- Adding bulk export
- Update Api’s (migrating to elasticsearch)
- Update docs and readme
- Fix issue when 0 log records are returned from the api
- Fix minor bug in chart colors
Wiki
Updated wiki with information about latest features of the project.
- https://github.com/OWASP/Python-Honeypot/wiki/Setup-and-Installation
- https://github.com/OWASP/Python-Honeypot/wiki/Available-Modules
- https://github.com/OWASP/Python-Honeypot/wiki/Usage
- https://github.com/OWASP/Python-Honeypot/wiki/Developer-Guidelines
- https://github.com/OWASP/Python-Honeypot/wiki/API
- https://github.com/OWASP/Python-Honeypot/wiki/Database
- https://github.com/OWASP/Python-Honeypot/wiki/How-to-Contribute
Here one can find all the commits done for the GSOC work: here
Acknowledgment
I am very thankful to my mentors Ali Razmjoo and Dhiren Serai. Without them, the work never would have been this joyful and rewarding. Both were always available to answer my questions on time. I love the OWASP community for its welcoming and enthusiastic nature. They have been very supportive and understanding and they are always open to newer ideas. Final thanks to Google for organizing this amazing program. I feel GSoC made it easier for me to get started with open source contributions. It was a great lesson on how projects are built and maintained with great quality. I am excited to continue contributing to the open-source community.
Singing off
So with this, I am done with my blog post for GSoC evaluation. But the journey will go on. I will continue to contribute to the project after the GSoC as well. Work on code reviews and new features. Now, I will come back with new updates in my project if I got a chance.