What is a honeypot?

A honeypot is a computer or computer system intended to mimic likely targets of cyberattacks. It can be used to detect attacks or deflect them from a legitimate target. It can also be used to gain information about how cybercriminals operate.

How honeypots work?

The honeypot looks like a real computer system, with applications and data, fooling cybercriminals into thinking it's a legitimate target. Honeypots are made attractive to attackers by building in deliberate security vulnerabilities. For instance, a honeypot might have ports that respond to a port scan or weak passwords. Vulnerable ports might be left open to entice attackers into the honeypot environment, rather than the more secure live network.

About BAP:

BAP is a webservice honeypot that logs HTTP basic authentication credentials in a "parser friendly format"™.

The webservice handles HEAD and GET requests, to which it always responds with 401 WWW-Authenticate: Basic realm="ADMIN". HTTP request methods other than HEAD or GET will result in an error response generated by BaseHTTPServer.

There is no valid username / password for the service. Credentials are only decoded and logged.

Install:

Running:

Web Browser Check:

Logging:

Logfiles are written to the same directory as bap.py - stdout and stderr ends up here.