Threat Detection • Deception • Kali Linux

Honeypot Simulation & Monitoring

Kali Linux 2024.4 • Pentbox v1.8 • VMware • HTTP Monitoring

Simulated a network honeypot using Pentbox on a Kali Linux VM to mimic a web server and monitor unauthorized access attempts and attacker telemetry.

Architecture & Components

Core components

—Kali Linux 2024.4
—Pentbox v1.8
—VMware Workstation Pro
—Ruby Environment

Project Visuals

Honeypot simulation terminal output screenshot 1 — Initial honeypot setup and monitoring view used to capture inbound connection attempts.

Honeypot simulation terminal output screenshot 2 — Observed request activity and source metadata from unauthorized probes against the listener.

Honeypot simulation terminal output screenshot 3 — Follow-up monitoring used to review repeated access patterns and deceptive responses over time.

Challenges & Engineering Decisions

Real-time Detection Logging

Problem

Ensuring the honeypot captured enough telemetry to be useful for threat analysis.

Solution

Configured Pentbox to log detailed request headers and source IPs directly to the terminal.

Outcome

—Immediate visibility into reconnaissance activity
—Captured device info from intrusion attempts

Reflection

This project served as a basic yet effective example of cybersecurity threat detection and monitoring, while reinforcing the value of deception as an early-warning control.