Submissions2csv.py
I’ve coded a small python script to read the logged_submissions log file and output the interesting data in .csv format. Admittedly the script is nothing special and can likely be improved on as my coding skills are a bit rusty, but this may be useful to others, or provide a starting point in similar situations.
Original Post – Direct Download
Submissions2mysql.py
Initially this serves the same purpose as it’s CSV counterpart, importing the date into system with powerful search and filter functionality. However this may be useful if wanting to work with the data in more complex tools as SQL databases form powerful backends and can be manipulated easily with almost programming language.
Original Post – Direct Download
Submissions2stat.py
Small utility to parse Nepenthes’ logged_submissions file and generate statistics from the connections received by the honeypot senor. Statistics are quite general at this stage, mainly compiling overall statistics from the log file including:
- Total number of submissions
- Number of unique malware samples (based on MD5 hashes)
- Number of unique source IPs
- Run time
- Average daily submissions