๐ŸฏHoneyOpus

An ESP32-C3 SSH/Telnet honeypot โ€” installable from your browser.

Target: ESP32-C3 Build: latest Built: โ€”

Install the latest firmware

Plug your ESP32-C3 board in via USB, then click Connect and pick the serial port.

Your browser can't talk to USB serial. Use a recent Chrome, Edge or Opera on a desktop computer.

What is this?

HoneyOpus is a pocket-sized honeypot that fakes a sloppy Ubuntu server on ports 22 and 23. It records every attacker session as an asciinema cast, classifies the attack profile (Mirai, IoT loader, manual operator, โ€ฆ), geolocates the source, and can optionally report to AbuseIPDB and AlienVault OTX.

After flashing

  1. The OLED briefly shows the boot logo, then turns off.
  2. The board comes up as a SoftAP HoneyOpus-XXXXXX (password honeyopus). Connect with your phone โ€” the captive portal opens automatically.
  3. Pick your Wi-Fi network, enter the password, hit Connect. The device reboots and joins your LAN.
  4. Browse to the IP shown on the OLED. Default dashboard login is admin / honeyopus (LAN clients are auto-allowed without auth โ€” change the password before exposing the device).

Using it safely

Run it on a network segment you don't care about. Forward only TCP 22 and 23 from your router. The fake shell never executes anything โ€” it returns canned strings โ€” but no honeypot is hardened against a determined adversary. Never leave the default dashboard password if the device is reachable from the internet.