Kippo-Malware is a Python script that will download all malicious files stored as URLs in a Kippo SSH honeypot database. This is useful in situations where you have lost your files or something happened to your VPS/server but you still have your DB intact. The script also supports HTTP proxy usage to cover your IP address from malicious servers and custom User-Agent values.

DOWNLOAD Kippo-Malware

The script uses the following packages: MySQL-python, pony, requests, and clint. Installing those is trivial via pip. Your only problem might be with MySQL-python under Windows but you can use this precompiled binary.



Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.


    • Petro on September 27, 2014 at 11:17 PM
    • Reply

    Have you gotten kippo to work with sftp at all?

      • Ion on September 27, 2014 at 11:41 PM
      • Reply

      Hi Petro,
      there is a fork of Kippo with SFTP support added but I haven’t tried it. Link:


    • Claz on March 20, 2015 at 6:39 PM
    • Reply

    I have an attacker trying to chmod 755 his malware so it can run, but kippo doesn’t seem to allow that command. Is there a way to allow attackers to chmod in kippo settings without it compromising its security?

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.