Projects

This page contains a list of tools and services that we use on a regular basis. Most of these tools have been created by our members and GSoC students, but some are also external and not affiliated with the Honeynet Project. If you see that a specific tool is not listed, but should, feel free to email [email protected]. Projects are sorted by last commit date.

Active Projects

Intel Owl

IntelOwl: manage your Threat Intelligence at scale

Website GitHub 3942 Python AGPL-3.0
cyber-security cyber-threat-intelligence cybersecurity dfir enrichment hacktoberfest honeynet incident-response intel-owl ioc malware-analysis malware-analyzer osint osint-python python

GreedyBear

Threat Intel Platform for T-POTs

GitHub 138 Python MIT
cyber-threat-intelligence cybersecurity hacktoberfest honeypot ioc open-source python threat-intelligence threatintel tpot

BuffaLogs

an Open Source Django App whose main purpose is to detect login anomalies

GitHub 20 Python Apache-2.0

mitmproxy

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

Website GitHub 37.6k Python MIT
debugging http http2 man-in-the-middle mitmproxy proxy python security ssl tls websocket

T-Pot

The All In One Multi Honeypot Platform 馃悵

GitHub 7156 C GPL-3.0
deception docker elk honeypot network-security security t-pot

thug

Python low-interaction honeyclient

GitHub 1002 Python GPL-2.0
client-honeypot honeyclient low-interaction python security-tools shellcode virustotal

Glutton

Generic Low Interaction Honeypot

GitHub 255 Go MIT
hacktoberfest honeypot

Conpot

ICS/SCADA honeypot

GitHub 1270 Python GPL-2.0
hacktoberfest honeypot ics python scada security

DRAKVUF

Black-box Binary Analysis

Website GitHub 1081 C++
introspection malware-analysis virtualization xen

ochi

Website GitHub 28 Go GPL-3.0
honeypot visualization

honeyscanner

A vulnerability analyzer for honeypots

Website GitHub 30 Python MIT
cybersecurity cybersecurity-assessments dos-attack exploitation fuzzing honeypots passive-vulnerability-scanner ssh-honeypot vulnerability-scanner

TANNER

He who flays the hide

GitHub 224 Python GPL-3.0
honeypot security

DroidBot

A lightweight test input generator for Android. Similar to Monkey, but with more intelligence and cool features!

GitHub 829 Python MIT

dionaea

Home of the dionaea honeypot

Website GitHub 723 Python GPL-2.0
dionaea honeypot security

Glastopf

Web Application Honeypot

Website GitHub 567 Python

SNARE

Super Next generation Advanced Reactive honEypot

Website GitHub 453 Python GPL-3.0
hacktoberfest honeypot security

WhisperPot

VoIP honeypot system

GitHub 14 Python MIT
honeypot voip

RIoTPot

the IoT and OT (Operational Technology) Honeypot

GitHub 21 Go MIT

PcapMonkey

will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.

GitHub 147 Zeek

Old Projects

Kippo

SSH Honeypot

GitHub 1639 Python

Droidbox

Dynamic analysis of Android apps

GitHub 762 Python

cuckoo

Sandbox is an automated dynamic malware analysis system

Website GitHub 5590 JavaScript

dockpot

GitHub 52 Python

Google Hack Honeypot

Google Hack Honeypot

GitHub 6 PHP GPL-2.0
honeypot security

Honeytrap

a low-interaction honeypot

GitHub 94 C GPL-2.0

GVol

GitHub 20 Java MIT

Capture-HPC

A high interaction client honeypot

GitHub 31 C

Capture BAT

a behavioral analysis tool of applications for the Win32 operating system family.

GitHub 32 C++ GPL-2.0

honeysnap

GitHub 13 Python

honeyc

GitHub 8 Ruby

HFlow2

GitHub 4 C++ GPL-2.0

APKinspector

a powerful GUI tool for analysts to analyze the Android applications.

GitHub 834 Java

HoneyBow

A high-interaction malware collection toolkit

Website

Honeyd

A low-interaction honeypot

Honeystick

A portable honeynet demonstration and incident response tool

Latest Activity

@dependabot
dependabot pushed to intelowlproject/IntelOwl at January 20, 2025
9 commits to intelowlproject/IntelOwl
4b83d49 WAD Analyzer, Closes #814 (#2655) bd89c48 Bump pygraphviz in /integrations/malware_tools_analyzers/requirements (#2682) af98ed8 Bump blinker from 1.7.0 to 1.8.2 in /integrations/phishing_analyzers (#2679)
@dependabot
dependabot pushed to intelowlproject/IntelOwl at January 20, 2025
9 commits to intelowlproject/IntelOwl
4b83d49 WAD Analyzer, Closes #814 (#2655) bd89c48 Bump pygraphviz in /integrations/malware_tools_analyzers/requirements (#2682) af98ed8 Bump blinker from 1.7.0 to 1.8.2 in /integrations/phishing_analyzers (#2679)
@drosetti
drosetti pushed to intelowlproject/GreedyBear at January 20, 2025
1 commit to intelowlproject/GreedyBear
c672105 Improve extraction speed. Closes #422. (#423)
@Lorygold
Lorygold pushed to certego/BuffaLogs at January 20, 2025
3 commits to certego/BuffaLogs
4445aad Installed ua-parser library for user-agent parsing c8b9e0a Added "source.as.organization.name" field from elastic query search d1ae9ec Added AlertFilter logic based on Config object values
@errorxyz
errorxyz pushed to mitmproxy/mitmproxy at January 19, 2025
1 commit to mitmproxy/mitmproxy
b761cb4 Web: harden `xsrf_token` usage (#7491)
@lups2000
lups2000 pushed to mitmproxy/mitmproxy at January 18, 2025
9 commits to mitmproxy/mitmproxy
277bf97 mitmproxy 11.1.0 ee1ead7 reopen main for development dfb2b27 Updates docs for DNS and HTTP/3 mode (#7474)
@Lorygold
Lorygold pushed to certego/BuffaLogs at January 17, 2025
2 commits to certego/BuffaLogs
dfbbe34 fixed valid_alert_filter_type_choices constraint aa45452 Added users and location filters
@t3chn0m4g3
t3chn0m4g3 pushed to telekom-security/tpotce at January 15, 2025
1 commit to telekom-security/tpotce
8162ce2 Pin poetry==1.8.3
@t3chn0m4g3
t3chn0m4g3 pushed to telekom-security/tpotce at January 15, 2025
1 commit to telekom-security/tpotce
4917c42 Fix Debian download link
@regulartim
regulartim opened a pull request in intelowlproject/GreedyBear. at January 9, 2025
#423 Improve extraction speed. Closes #422.
30 additions and 8 deletions in 4 changed files.
@buffer
buffer pushed to buffer/thug at January 9, 2025
1 commit to buffer/thug
ed101c8 [macOS] Disable screenshot unit tests in Github Actions
@buffer
buffer pushed to buffer/thug at January 9, 2025
1 commit to buffer/thug
c028cb2 Upgrade STPyV8 to v13.1.201.22
@glaslos
glaslos pushed to mushorg/glutton at January 5, 2025
2 commits to mushorg/glutton
84b8373 cleanup f99e578 rules init refactor
@glaslos
glaslos pushed to mushorg/glutton at December 29, 2024
1 commit to mushorg/glutton
e2915c6 let parent process clean up
@glaslos
glaslos pushed to mushorg/conpot at December 24, 2024
1 commit to mushorg/conpot
6ada5dc post merge cleanups
@glaslos
glaslos pushed to mushorg/conpot at December 24, 2024
1 commit to mushorg/conpot
cb865c0 simplify lint workflow
@iamabhi747
iamabhi747 opened a pull request in honeynet/ochi. at December 7, 2024
#110 Fix #60, Added syntactic content assistance to the filter field
147 additions and 32 deletions in 3 changed files.
@tklengyel
tklengyel pushed to tklengyel/drakvuf at November 22, 2024
1 commit to tklengyel/drakvuf
168dac3 socketmon: extend Windows builds support for Win10 1909 (#1817)
@malwarectigouvfr
malwarectigouvfr opened a pull request in tklengyel/drakvuf. at November 22, 2024
#1817 socketmon: extend Windows builds support for Win10 1909
23 additions and 0 deletions in 2 changed files.
@zr4in
zr4in opened a pull request in honeynet/droidbot. at November 12, 2024
#163 fix bug: DeviceState.get_all_children doesn't return all the children
1 additions and 1 deletions in 1 changed files.