You can join the Cowrie community at the following `Slack workspace <http://bit.ly/cowrieslack>`_.
Features
*****************************************
Some interesting features:
* Fake filesystem with the ability to add/remove files. A full fake filesystem resembling a Debian 5.0 installation is included
* Possibility of adding fake file contents so the attacker can `cat` files such as `/etc/passwd`. Only minimal file contents are included
* Session logs are stored in an `UML Compatible <http://user-mode-linux.sourceforge.net/>`_ format for easy replay with original timings with the `bin/playlog` utility.
* Cowrie saves files downloaded with wget/curl or uploaded with SFTP and scp for later inspection log
Additional functionality over standard kippo:
* SFTP and SCP support for file upload
* Support for SSH exec commands
* Logging of direct-tcp connection attempts (ssh proxying)
* Forward SMTP connections to SMTP Honeypot (e.g. `mailoney <https://github.com/awhitehatter/mailoney>`_)
* Logging in JSON format for easy processing in log management solutions
* Many, many additional commands
Docker
*****************************************
Docker versions are available.
* To get started quickly and give Cowrie a try, run::
docker run -p 2222:2222 cowrie/cowrie
ssh -p 2222 root@localhost
* On Docker Hub: https://hub.docker.com/r/cowrie/cowrie
* Or get the Dockerfile directly at https://github.com/cowrie/docker-cowrie
*`cowrie.cfg` - Cowrie's configuration file. Default values can be found in `etc/cowrie.cfg.dist <https://github.com/cowrie/cowrie/blob/master/etc/cowrie.cfg.dist>`_.
*`honeyfs/ <https://github.com/cowrie/cowrie/tree/master/honeyfs>`_ - file contents for the fake filesystem - feel free to copy a real system here or use `bin/fsctl`
