respotterLogo

Respotter is a reliable Responder HoneyPot!

status: Respotter is currently undergoing a rewrite in Python. Basic functionality works, but new features are being added rapidly. Major changes may happen at any time.

How it works

This application uses LLMNR, mDNS, and NBNS protols to search for a bogus hostname that does not exist (default: Loremipsumdolorsitamet). Responder "responds" to any DNS query, correct or incorrect. If the requests get a response back, then it means that Responder is likely running on your network.

Installation

Docker

docker run --rm -d --net=host --name=respotter ghcr.io/lawndoc/respotter:latest

Note: --net=host is required due to privileged socket usage when crafting request packets

Running locally

Clone the repo:

git clone https://github.com/lawndoc/Respotter
cd Respotter

Create your config file:

cp respotter.conf.template respotter.conf
vim respotter.conf

Setup a venv and run the script:

python3 -m venv venv
./venv/bin/pip install -r requirements.txt
sudo ./venv/bin/python ./respotter.py

Output

When Responder is found on your network:

[!] [<PROTOCOL>] Responder detected at: X.X.X.X - responded to name 'Loremipsumdolorsitamet'

Demo

demo gif

https://www.youtube.com/watch?v=vcPbdAVR560&ab_channel=BadenErb

License

MIT

Contributors

This project was originally created by Baden Erb (@badenerb)

Current maintainers:

C.J. May (@lawndoc)
[Matt Perry]() (@xmjp)

lawndoc / Respotter

readme