To learn the tools, tactics and motives involved in computer and network attacks, and share the lessons learned.


"Secure Exploit Payload Staging…or how we did not kill an 0day at Defcon"

We have interviewed Georg Wicherski, who is one of the speakers for the Honeynet Workshop in Dubai 10-12 of February. Georg will give a briefing about “Secure Exploit Payload Staging…or how we did not kill an 0day at Defcon”

So Georg, why did you become a security expert?

Pathos: Hacking is my second love after my family and working as a security person allows me to live my passion every day.

And what will you talk about? Read more »

Visualize your attacks workshop in Dubai 10-12th

We have interviewed Raffy, who is one of the teachers for the Honeynet Workshop in Dubai 10-12 of February. Raffy will give the following talk: How Big Data, Data Mining, and Visualization Enable Security Intelligence and a class on Information Visualization - Bridging the Gap Between Tufte and Firewalls"

So Marty, tell us, why did you become a security expert? Read more »

The Month of the Honeynet Project Tools

Let the "Month of the Honeynet Project Tools" begin!

The idea beyond the MoHPT is quite simple. We would be really glad to involve more and more researchers out there in our research stuff and tools. In order to encourage contributions we are proposing you to dive deep into one of the already existing Honeynet Project tool cited below and contribute with feedback, ideas, documentation and/or code.

Ghost USB Honeypot
Thug Read more »

Forensic Challenge 13 – "A Message in a Picture"

Let's start the new year with a forensic challenge!

I am really pleased to announce Forensic Challenge 13 – "A Message in a Picture". The challenge has been provided by the Honeynet Project Pacific Northwest Chapter. Submission deadline is 2013, Feb 15th and we will be announcing winners around the first week of March 2013.

Happy new year and have fun!

Angelo Dell'Aera
The Honeynet Project

The Ethics of Social Honeypots

For the last few years, I have been participating in a Department of Homeland Security sponsored effort to develop principles and applications for the evaluation of information and communication technology (ICT) research. If you are not familiar with the Menlo Report, you can find a description in Michael Bailey, David Dittrich, Erin Kenneally, and Douglas Maughan. The Menlo Report. Security & Privacy, IEEE, 10(2):71–75, March/April 2012.

I and two of my Menlo colleagues -- Wendy Vischer and Erin Kenneally -- recently taught a didactic course at the PRIM&R Advancing Ethical Research conference in San Diego. (PRIM&R is the conference for Institutional Review Board, or IRB, professionals, with the annual AER conference having thousands of attendees). Our course primarily described the Menlo Report process to date, but we concluded with a mock IRB committee review of a fictional proposed research project in which researchers develop countermeasures to malicious botnets in social network platforms like Facebook using a combination of deception to build a social network of over 1 million users and to then use "good bots" that infiltrate the "bad bots". Read more »

Cuckoo Sandbox 0.5 is out!

Claudio has just released a new version of Cuckoo Sandbox 0.5. The list of new features is very impressive! Check it out at

42+ Best Practices: Secure Mobile Development for iOS and Android

This is good. Enjoy!..

Mobile Device Security Summit 2013 (Anaheim, CA)

This looks like a great event.

Donate to the Honeynet Project

In many countries, its the time of the year you can make tax deductible donations to support your favorite charity and non-profit organization. Id like to ask you to consider donating to the Honeynet Project this year. The Honeynet Project is a 501c3 non-profit organization (EIN: 36-4460128) that - over the past decade - learned the tools, tactics and motives involved in computer and network attacks, and shared the lessons learned with the public. Along the way, we have authored and published many open-source tools to capture & analyze attacks. If you would like to support the cause, please donate.

Happy Holidays to all of you.

Christian Seifert
CEO, The Honeynet Project

Two roads diverged in Ghost development

Over the last few weeks I've basically rewritten the core of Ghost, our system for USB malware detection. While the new approach promises to be much more effective, it has a drawback: It only works for Windows Vista and later systems. As a consequence, there are now two flavors of Ghost in existence: One supports Windows XP but won't receive much further development, whereas a lot of interesting new features will be implemented for the other one, which is dedicated to Vista and later. In this post, I'm going to explain the reasoning behind the decision, describe the recent technical advances and outline some of our plans for the future. Read more »

Syndicate content