Designed to be installed on a fresh install of raspbian on a raspberry pi, by combining Respounder (Responder detection) and Artillery (port and service spoofing) for network deception, this tool allows you to detect an attacker on the network quickly by weeding out general noisy alerts with only those that matter.
Bootsy Collins is a legendary bass guitar player who laid down the best basslines known to man. In his honour, we are attempting to lay down some of the best baselines known to InfoSec.
By combining Respounder (Responder detection) and Artillery (port and service spoofing) for deception, the hope is to quickly detect an attacker on the network early and without tipping them off that they have been found out.
This project is designed to be installed on a current version (September, 2019) of raspbian OS on the raspberry pi and has been tested on a raspberry 2 and 3. We maxed out listening on approx. 4k IP addresses on a single pi before it gave up the ghost. We recommend no more than 2,500 ips per pi.
This version has also been tested on the 32-bit version of the raspberry pixel OS in a VM; however, we did test the limit on the number of ips that could be listened on.....soooo.....have fun and experiment!
./bootsy.sh [-h] [-i /install/path] [-c /path/to/iplist.csv] [-w /path/to/wordlist] [-u /path/to/whitelist/file]
where (Note: All switches are optional and you will be prompted for those you don't specify):
-h Display this help message
-i Install path
-c IPList.csv file path
-w Wordlist file path (adding this option stops the download of rockyou)
-u Whitelist file path
A logfile of everything this script does is written to "$install_path/bootsy_install.log"
Because of the multi-homeing process, the routing to the internet breaks after setup. If you would like this to have access to the internet (for patching, etc), you'll have to setup the routing manually.