Respotter is an open-source honeypot designed to detect attackers when they launch Responder within your environment. This application identifies active instances of Responder by exploiting its behavior when responding to any DNS query. Respotter leverages LLMNR, mDNS, and NBNS protocols to query a non-existent hostname (default: Loremipsumdolorsitamet). If any of these requests receive a response, Responder is likely operating on your network. Respotter can send webhooks to Slack, Teams, or Discord. It also supports sending … More

The post Respotter: Open-source Responder honeypot appeared first on Help Net Security.