HosTaGe is a lightweight, low-interaction, portable, and generic honeypot for mobile devices that aims on the detection of malicious, wireless network environments. As most malware propagate over the network via specific protocols, a low-interaction honeypot located at a mobile device can check wireless networks for actively propagating malware. We envision such honeypots running on all kinds of mobile devices, e.g., smartphones and tablets, to provide a quick assessment on the potential security state of a network.
HosTaGe emulates the following protocols as of the latest version: AMQP, COAP, ECHO, FTP, HTTP, HTTPS, MySQL, MQTT, MODBUS, S7COMM, SNMP, SIP, SMB, SSH, SMTP and TELNET
Download from Play Store!
The stable release of HosTaGe can be installed from Google Play Store. Play Store Link or, Scan the QR code below from your Android device.
References
The research behind HosTaGe has been published and presented in a number of scientific and industrial conferences. Below you can find some selected papers:
[1] Emmanouil Vasilomanolakis, Shankar Karuppayah, Mathias Fischer, Mihai Plasoianu, Wulf Pfeiffer, Lars Pandikow, Max Mühlhäuser: This Network is Infected: HosTaGe – a Low-Interaction Honeypot for Mobile Devices. SPSM@CCS 2013:43-48
[2] Emmanouil Vasilomanolakis, Shankar Karuppayah, Mathias Fischer, Max Mühlhäuser: HosTaGe: a Mobile Honeypot for Collaborative Defense. ACM SIN 2014:330-333
[3] Emmanouil Vasilomanolakis, Shreyas Srinivasa, Max Mühlhäuser: Did you really hack a nuclear power plant? An industrial control mobile honeypot. IEEE CNS 2015:729-730
[4] Emmanouil Vasilomanolakis, Shreyas Srinivasa, Carlos Garcia Cordero, Max Mühlhäuser: Multi-stage Attack Detection and Signature Generation with ICS Honeypots. IEEE/IFIP DISSECT@NOMS 2016:1227-1232
Download APK
HosTaGe-v2.2.11.apkRelease-Notes(latest)
HosTaGe-v2.1.1.apk Release-Notes
HosTaGe-v2.0.0.apk Release-Notes
Wiki
The Wiki provides information on getting started and using the app. Wiki for HosTaGe can be found here: Wiki.
GUI
Original Authors
Emmanouil Vasilomanolakis - idea, guidance and suggestions during development
Contributors
Shreyas Srinivasa, lead developer, Aalborg University and Technische Universität Darmstadt (Github - @sastry17)
Eirini Lygerou, GSoC 2020 Developer (Github - @irinil)
Mihai Plasoianu, student developer, Technische Universität Darmstadt
Wulf Pfeiffer, student developer, Technische Universität Darmstadt
Lars Pandikow, student developer, Technische Universität Darmstadt
Researchers
Shankar Karuppayah, mentoring, developer, Technische Universität Darmstadt
Mathias Fischer, mentoring, Universität Hamburg
Max Mühlhäuser, mentoring, Technische Universität Darmstadt
Carlos Garcia Cordero, mentoring, Technische Universität Darmstadt
Features of HoneyRJ were inspiration for this project. http://www.cse.wustl.edu/~jain/cse571-09/ftp/honey/manual.html\
Encryption for the SSH protocol were taken from Ganymed SSH-2 and slightly modified. http://code.google.com/p/ganymed-ssh-2/
GSoC 2020
The project was actively developed with participation in Google Summer of Code 2020. More information about GSoC2020 is here
HPFeeds
To access the hpfeeds from hostage please send an access request to hostage@es.aau.dk with your name and organization. Please note that access to the hpfeeds repository is provided only after an internal review.
Contact
Please use the Github issues to report any issues or for questions. Slack channel; Email