Projects

This page contains a list of tools and services that we use on a regular basis. Most of these tools have been created by our members and GSoC students, but some are also external and not affiliated with the Honeynet Project. If you see that a specific tool is not listed, but should, feel free to email [email protected]. Projects are sorted by last commit date.

Active Projects

thug

Python low-interaction honeyclient

GitHub 1004 Python GPL-2.0
client-honeypot honeyclient low-interaction python security-tools shellcode virustotal

GreedyBear

Threat Intel Platform for T-POTs

GitHub 141 Python MIT
cyber-threat-intelligence cybersecurity hacktoberfest honeypot ioc open-source python threat-intelligence threatintel tpot

Intel Owl

IntelOwl: manage your Threat Intelligence at scale

Website GitHub 4026 Python AGPL-3.0
cyber-security cyber-threat-intelligence cybersecurity dfir enrichment hacktoberfest honeynet incident-response intel-owl ioc malware-analysis malware-analyzer osint osint-python python

ochi

Website GitHub 28 Go GPL-3.0
honeypot visualization

T-Pot

The All In One Multi Honeypot Platform 🐝

GitHub 7410 C GPL-3.0
deception docker elk honeypot network-security security t-pot

DRAKVUF

Black-box Binary Analysis

Website GitHub 1093 C++
introspection malware-analysis virtualization xen

mitmproxy

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

Website GitHub 38.0k Python MIT
debugging http http2 man-in-the-middle mitmproxy proxy python security ssl tls websocket

BuffaLogs

an Open Source Django App whose main purpose is to detect login anomalies

GitHub 31 Python Apache-2.0

Glutton

Generic Low Interaction Honeypot

GitHub 265 Go MIT
hacktoberfest honeypot

Conpot

ICS/SCADA honeypot

GitHub 1287 Python GPL-2.0
hacktoberfest honeypot ics python scada security

honeyscanner

A vulnerability analyzer for honeypots

Website GitHub 34 Python MIT
cybersecurity cybersecurity-assessments dos-attack exploitation fuzzing honeypots passive-vulnerability-scanner ssh-honeypot vulnerability-scanner

TANNER

He who flays the hide

GitHub 222 Python GPL-3.0
honeypot security

DroidBot

A lightweight test input generator for Android. Similar to Monkey, but with more intelligence and cool features!

GitHub 837 Python MIT

dionaea

Home of the dionaea honeypot

Website GitHub 732 Python GPL-2.0
dionaea honeypot security

Glastopf

Web Application Honeypot

Website GitHub 569 Python

SNARE

Super Next generation Advanced Reactive honEypot

Website GitHub 457 Python GPL-3.0
hacktoberfest honeypot security

WhisperPot

VoIP honeypot system

GitHub 18 Python MIT
honeypot voip

RIoTPot

the IoT and OT (Operational Technology) Honeypot

GitHub 22 Go MIT

PcapMonkey

will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.

GitHub 150 Zeek

Old Projects

Kippo

SSH Honeypot

GitHub 1646 Python

Droidbox

Dynamic analysis of Android apps

GitHub 763 Python

cuckoo

Sandbox is an automated dynamic malware analysis system

Website GitHub 5612 JavaScript

dockpot

GitHub 52 Python

Google Hack Honeypot

Google Hack Honeypot

GitHub 6 PHP GPL-2.0
honeypot security

Honeytrap

a low-interaction honeypot

GitHub 94 C GPL-2.0

GVol

GitHub 20 Java MIT

Capture-HPC

A high interaction client honeypot

GitHub 31 C

Capture BAT

a behavioral analysis tool of applications for the Win32 operating system family.

GitHub 32 C++ GPL-2.0

honeysnap

GitHub 13 Python

honeyc

GitHub 8 Ruby

HFlow2

GitHub 4 C++ GPL-2.0

APKinspector

a powerful GUI tool for analysts to analyze the Android applications.

GitHub 836 Java

HoneyBow

A high-interaction malware collection toolkit

Website

Honeyd

A low-interaction honeypot

Honeystick

A portable honeynet demonstration and incident response tool

Latest Activity

@glaslos
glaslos pushed to honeynet/ochi · at February 20, 2025
1 commit to honeynet/ochi
154a8a4 Bump golang.org/x/net from 0.23.0 to 0.33.0 (#113)
@dependabot
dependabot pushed to honeynet/ochi · at February 20, 2025
2 commits to honeynet/ochi
bc23e13 Bump golang.org/x/crypto from 0.21.0 to 0.31.0 (#112) f68b494 Bump golang.org/x/net from 0.23.0 to 0.33.0
@AnshSinghal
AnshSinghal opened a pull request in intelowlproject/IntelOwl. · at February 20, 2025
#2763 Draft PR for Mullvad_DNS
281 additions and 0 deletions in 3 changed files.
@mlodic
mlodic pushed to intelowlproject/IntelOwl · at February 20, 2025
1 commit to intelowlproject/IntelOwl
64daa28 IPQuery Analyzer, Closes #2707 (#2719)
@DenizenB
DenizenB opened a pull request in mitmproxy/mitmproxy. · at February 20, 2025
#7568 Fix websocket view jumps to top bug
9 additions and 1 deletions in 1 changed files.
@t3chn0m4g3
t3chn0m4g3 pushed to telekom-security/tpotce · at February 20, 2025
1 commit to telekom-security/tpotce
bdea4e2 pin tpotinit to alpine 3.20
@t3chn0m4g3
t3chn0m4g3 pushed to telekom-security/tpotce · at February 20, 2025
1 commit to telekom-security/tpotce
26a2571 bump elastic stack to 8.17.2
@github-actions
github-actions published GreedyBear 1.5.0. 🎉 · at February 20, 2025
@mlodic
mlodic pushed to intelowlproject/GreedyBear · at February 20, 2025
8 commits to intelowlproject/GreedyBear
cb9c1a8 Bump elasticsearch-dsl from 8.16.0 to 8.17.1 in /requirements (#425) 52edb56 remove null bytes from cowrie recorded credentials 01cae5a fix IOCModelAdmin (#447)
@tklengyel
tklengyel pushed to tklengyel/drakvuf · at February 20, 2025
1 commit to tklengyel/drakvuf
cdea18d Fix/drakvuf obj ref by handle (#1822)
@tklengyel
tklengyel pushed to tklengyel/drakvuf · at February 20, 2025
1 commit to tklengyel/drakvuf
95adc27 Update ci.yml
@mhils
mhils pushed to mitmproxy/mitmproxy · at February 19, 2025
1 commit to mitmproxy/mitmproxy
35bcadd docs: Enhance homebrew installation command for Brewfile users (#7566)
@ManofWax
ManofWax opened a pull request in certego/BuffaLogs. · at February 19, 2025
#122 Implemented dummy alerter
135 additions and 3 deletions in 13 changed files.
@Lorygold
Lorygold pushed to certego/BuffaLogs · at February 19, 2025
5 commits to certego/BuffaLogs
b67b3ad Refactored BuffalogsProcessLogsTask in order to process every active ingestion … 7a9f409 Added ingestion configuration file e841933 Updated CHANGELOG.md
@buffer
buffer pushed to buffer/thug · at February 19, 2025
1 commit to buffer/thug
02b79fd Minor change
@buffer
buffer pushed to buffer/thug · at February 19, 2025
1 commit to buffer/thug
e0f9e4e Version 6.12
@glaslos
glaslos pushed to mushorg/glutton · at February 18, 2025
1 commit to mushorg/glutton
dd187cb #166: Added support for the interface name in the config file (#167)
@Beeram12
Beeram12 opened a pull request in mushorg/glutton. · at February 17, 2025
#174 #166 : Added support for the interface name in the config file
11 additions and 6 deletions in 4 changed files.
@kunalsz
kunalsz opened a pull request in honeynet/honeyscanner. · at February 4, 2025
#48 Feature : Added argument to choose the attack
209 additions and 9 deletions in 5 changed files.
@kunalsz
kunalsz opened a pull request in honeynet/honeyscanner. · at February 3, 2025
#46 Fixed : Improved downloading of requirements.txt
32 additions and 71 deletions in 3 changed files.