Created FTP honeypot
I’ve been working on a small honeypot project that emulates an FTP server to capture unauthorized login attempts and monitor attacker behavior. It logs attempted credentials, commands entered by the attacker, and uses IP geolocation to provide additional context.
I thought this might be helpful for others doing threat analysis or studying attacker behavior patterns. It’s lightweight and open source: GitHub repo: https://github.com/irhdab/FTP-honeypot