User Experience on mobile might not be great yet, but I'm working on it.

Your first time on this page? Allow me to give some explanations.

Awesome Honeypots

an awesome list of honeypot resources

Here you can see meta information about this topic like the time we last updated this page, the original creator of the awesome list and a link to the original GitHub repository.

Last Update: Nov. 26, 2021, 3:05 p.m.

Thank you paralax & contributors
View Topic on GitHub:
paralax/awesome-honeypots

Search for resources by name or description.
Simply type in what you are looking for and the results will be filtered on the fly.

Further filter the resources on this page by type (repository/other resource), number of stars on GitHub and time of last commit in months.

Related Lists

A collection of tools developed by other researchers in the Computer Science area to process network traces. All the right reserved for the original authors.

2.34K
396
70d
CC0-1.0

Defund the Police.

7.9K
2.14K
40d
n/a

Honeypots

12
4
6y 5m
n/a

ESPot - ElasticSearch Honeypot

21
3
7y 96d
n/a

A Simple Elasticsearch Honeypot

166
54
6y 4m
MIT

A honeypot proxy for mongodb. When run, this will proxy and log all traffic to a dummy mongodb server.

76
23
1y 7m
GPL-3.0

The NoSQL Honeypot Framework

102
21
4y 10m
GPL-2.0

Low interaction MySQL honeypot written in C

15
8
5m
MIT

A mysql honeypot, still very very early stage

23
1
9y 46d
n/a

Low-interaction Postgres Honeypot

8
7
3y 4m
n/a

medium interaction postgresql honeypot

6
3
2y 46d
n/a

Honeypot type for Symfony forms

31
13
2y 70d
n/a

Web Application Honeypot

458
174
42d
n/a

HellPot is a portal to endless suffering meant to punish unruly HTTP bots.

90
6
41d
MIT

Simple spam prevention package for Laravel applications

413
40
1y 36d
MIT

A nodejs web application honeypot

37
9
6y 98d
n/a

Webapplication Honeypot

12
4
8y 6m
n/a

Struts Apache 2 based honeypot as well as a detection module for Apache 2 servers

68
16
4y 8m
MIT

This project is designed to create deceptive webpages to deceive and redirect attackers away from real websites.

44
14
3y 8m
BSD-3-Clause

bap - http Basic Authentication honeyPot

31
3
6y 10m
n/a

้ซ˜ๅฏพ่ฉฑๅž‹ใƒใƒ‹ใƒผใƒใƒƒใƒˆ

24
1
2y 8m
GPL-3.0

A fake Django admin login screen page.

814
98
9m
MIT

Drupal Honeypot

54
10
2y 4m
MIT

HoneyHTTPD is a Python-based web server honeypot/service imitation builder. Great for honeypots or faking HTTP services.

17
11
10m
MPL-2.0

An uploader honeypot designed to look like poor website security.

7
0
5d
GPL-3.0

A simple and effective phpmyadmin honeypot

63
32
3y 9m
GPL-3.0

WebApp Honeypot for detecting Shell Shock exploit attempts

52
21
7m
LGPL-2.1

PHP Script demonstrating a smart honey pot.

16
2
7y 7m
MIT

Super Next generation Advanced Reactive honEypot

348
115
45d
GPL-3.0

He who flays the hide

154
68
5m
GPL-3.0

Inserts a trap for spam bots into responses.

23
3
7y 10m
MIT

Honeypot that mimics Tomcat manager endpoints. Logs requests and saves attacker's WAR file for later study

7
1
4y 93d
MIT

WordPress Honeypot

25
8
3y 10m
GPL-2.0

python based WordPress honeypot in a docker container

1
9
1y 8d
n/a

Wordpress plugin to reduce comment spam with a smarter honeypot.

26
4
4y 46d
MIT

A Wordpress Honeypot

162
56
1y 5m
n/a

Low interaction honeypot designed for Android Debug Bridge over TCP/IP

130
25
6m
GPL-3.0

Honeypot for Intel's AMT Firmware Vulnerability CVE-2017-5689

14
4
1y 10m
n/a

A low to medium interaction honeypot.

423
90
7m
GPL-2.0

A multi-purpose, modular medium-interaction honeypot based on Twisted.

17
7
5m
MIT

Bash and Python Honeyport scripts

36
7
4y 9m
GPL-3.0

Printer honeypot

15
7
5y 10m
n/a

MICROS Honeypot is a low interaction honeypot to detect CVE-2018-2636 in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (MICROS). This is a directory traversal vulnerability.

10
4
3y 64d
MIT

Remote Desktop Protocol in Twisted Python

1.43K
502
5m
GPL-3.0

Simple High Interaction Honeypot Solution for SMB protocol

34
16
8m
n/a

Tom's Honey Pot as seen in Applied Network Security Monitoring.

18
8
6y 7m
n/a

WebLogic Honeypot is a low interaction honeypot to detect CVE-2017-10271 in the Oracle WebLogic Server component of Oracle Fusion Middleware. This is a Remote Code Execution vulnerability.

23
6
1y 7m
MIT

Twisted based HoneyPot for WhiteFace

3
2
6y 7m
LGPL-3.0

Simple Docker Honeypot server emulating small snippets of the Docker HTTP API

19
4
1y 52d
Apache-2.0

The plugin repository for Honeycomb, the honeypot framework by Cymmetria

22
10
1y 11m
MIT

NTP logger/honeypot

51
10
7y 8m
n/a

observation camera honeypot

48
18
6y 5m
BSD-2-Clause

FTP Honeypot

21
12
3y 68d
BSD-2-Clause

Advanced Honeypot framework.

1.01K
162
4m
n/a

RDP monster-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact

650
158
25d
GPL-3.0

Troje is a honeypot built around lxc containers. It will run each connection with the service within a seperate lxc container.

44
11
7y 109d
MIT

Distributed Honeypot

45
6
3y 7m
MIT

Quick proof of concept to detect a Kippo SSH honeypot instance externally

49
15
6y 11m
n/a

ICS/SCADA honeypot

937
358
67d
GPL-2.0

GasPot Released at Blackhat 2015

102
29
8m
CC0-1.0

Open source tools for realistic-behaving electric grid honeynets

44
10
6y 8m
n/a

damn simple honey pot

14
3
5y 6m
Apache-2.0

Repo for the Open Source version of NOVA

72
23
1y 88d
GPL-3.0

OpenFlow Honeypot

17
1
8y 10m
n/a

Modular and decentralised honeypot

1.31K
240
57d
BSD-3-Clause

A low interaction honeypot for the Cisco ASA component capable of detecting CVE-2018-0101, a DoS and remote code execution vulnerability.

42
17
3y 5d
MIT

A medium interaction printer honeypot ๐Ÿฏ

185
16
10m
GPL-3.0

Botnet command & control monitor

155
62
4y 40d
n/a

Google Summer of Code 2012 project, supported by The Honeynet Project organization.

34
12
1y 4m
n/a

Modern Honey Network

2.17K
621
27d
n/a

Honeypot for router backdoor (TCP 32764)

15
3
7y 9m
n/a

A honeypot that can be used to observe traffic directed at home routers.

9
1
3y 14d
n/a

A modern tool for the Windows kernel exploration and tracing

1.44K
150
38d
n/a

A honeypot for malware that propagates via USB storage devices

73
21
6y 8m
GPL-3.0

Passive Network Audit Framework

29
9
3y 6m
n/a

Script to create templates to use with VirtualBox to make vm detection harder

577
103
10m
MIT

Automated Virtual Machine Generation and Cloaking for Cuckoo Sandbox.

371
104
8m
n/a

A debugger backend and LUA wrapper for PIN

29
7
8y 23d
n/a

A debugger frontend

142
15
6y 18d
n/a

Reverse engineering, Malware and goodware analysis of Android applications ... and more (ninja !)

3.73K
911
31d
Apache-2.0

APKinspector is a powerful GUI tool for analysts to analyze the Android applications.

755
248
8y 9m
n/a

๐Ÿฏ T-Pot - The All In One Honeypot Platform ๐Ÿ

3.01K
624
25d
GPL-3.0

The Artillery Project is an open-source blue team tool designed to protect Linux and Windows operating systems through multiple methods.

313
285
1y 58d
n/a

Automatic deploy bifrozt with ansible. ALPHA

4
4
5y 8m
n/a

Credentials catching honeypot

311
75
11m
GPL-3.0
18
3
6y 96d
n/a
8
6
6y 8m
n/a

Telnet Honeypot

150
45
2y 8m
MIT

Open Source Telnet Honeypot

96
29
4y 8m
MIT

Semi-Intelligent HoneyPot Network - Semi-Intelligent Reactive Environment Network

9
1
3y 8m
n/a

A simple telnet honeypot

0
0
5y 10m
n/a

Simple UDP honeypot script

38
7
1y 98d
GPL-3.0

Yet Another Fake Honeypot written in Go

5
0
3y 11m
GPL-3.0

a low interaction honeypot.

1
0
3y 4m
n/a

Fake Protocol Server

805
83
29d
n/a

Generic Low Interaction Honeypot

163
49
40d
MIT

A honeypot server written in Go.

39
3
2y 54d
n/a

honeypot go lang emulators

8
5
5y 9m
n/a

SMTP honeypot written in Golang

13
6
5y 111d
n/a

a low-interaction honeypot

84
17
4y 5m
GPL-2.0

IMAP honeypot written in Golang

16
2
3y 7m
MIT

A high scalable low to medium interactive SSH/TCP honeypot using Linux Namespaces, capabilities, seccomp, cgroups designed for OpenWrt and IoT devices.

27
6
1y 4m
BSD-3-Clause

Port listener / honeypot in Rust with protocol guessing and safe string display

11
1
1y 6m
MIT

A simple low-interaction port monitoring honeypot.

14
5
1y 5m
n/a

Python telnet honeypot for catching botnet binaries

264
85
8m
n/a

Simulates enough of a Telnet connection in order to log failed login attempts.

225
67
4y 8m
n/a

Low-interaction VNC honeypot with a static challenge.

19
6
2y 110d
Zlib

Honeynet Project generic authenticated datafeed protocol

197
106
8m
GPL-3.0

HoneySpider Network version of Capture-HPC

12
10
9y 11m
n/a

Automatically exported from code.google.com/p/jsunpack-n

143
61
6y 8m
GPL-2.0
26
9
6y 6m
GPL-2.0

YALIH (Yet Another Low Interaction Honeyclient) is a low Interaction Client honeypot designed to detect malicious websites through signature, anomaly and pattern matching techniques

61
9
2y 5m
Apache-2.0

Instant messenger honeypot

11
6
5y 8m
GPL-3.0

Powerful Python tool to analyze PDF documents

732
186
1y 5m
GPL-3.0

Multi-head SSH honeypot system.

9
4
1y 11m
MIT

Cowrie SSH/Telnet Honeypot https://cowrie.readthedocs.io

3.78K
690
34d
n/a

Docker container running cowrie with DShield output enabled.

9
3
5y 5m
n/a

HonSSH is designed to log all SSH communications between a client and server.

350
74
3y 7m
BSD-3-Clause

Hudinx is a tiny interaction SSH honeypot engineered in Python to log brute force attacks and, most importantly, the entire shell interaction performed by the attacker.

2
2
2y 7m
GPL-3.0

Kippo - SSH Honeypot

1.4K
268
2y 59d
n/a

Kippo configured to be a backdoored netscreen

9
2
5y 11m
n/a

Kojoney2 is a low interaction SSH honeypot written in Python. Based on Kojoney by Jose Antonio Coret

34
4
6y 10m
GPL-2.0

Simple TCP/UDP honeypot implemented in Perl

2
0
4y 37d
n/a

Mock an SSH server and define all commands it supports (Python, Twisted)

112
20
1y 79d
n/a

Parse cowrie honeypot logs into a neo4j database

3
4
4y 43d
GPL-3.0

SSH Honeypot

25
3
4y 6m
MIT

A simple ssh honeypot in golang

34
5
6y 7m
n/a

A SSH honeypot written in Go

9
2
7y 11m
Apache-2.0

hived is a honeypot

2
0
4y 92d
MIT

A SSH Server in Go that logs username/password combos

36
11
1y 10m
MIT

SSH Honeypot written in Go

22
8
7y 11m
n/a

A credential dumping SSH honeypot with statistics

9
2
2y 41d
n/a

SSH Multipot

21
2
3y 7m
GPL-3.0

A low/zero interaction ssh authentication logging honeypot

13
8
10m
n/a

Fake sshd that logs ip addresses, usernames, and passwords.

415
217
1y 5d
MIT
21
0
2y 11m
BSD-3-Clause

A low-interaction SSH honeypot written in C

8
1
25d
MIT

framework for a high interaction SSH honeypot

40
5
1y 7m
MIT

An easy to set up and use SSH honeypot, a fake SSH server that lets anyone in and logs their activity

1.11K
66
29d
Apache-2.0

High-interaction MitM SSH honeypot

164
51
3y 6m
Zlib

Yet another no-frills low-interaction ssh honeypot in Go.

11
2
1y 9m
Zlib

A low-to-medium interaction SSH Honeypot with features to capture terminal activity and upload to asciinema.org

83
6
2y 9m
GPL-3.0

SSH, FTP and Telnet honeypots based on Twisted

69
20
1y 11m
GPL-2.0

An SMTP Honeypot

218
64
59d
n/a

Fetch all Honeypot

15
8
3y 56d
Apache-2.0

Spam Honeypot with Intelligent Virtual Analyzer

123
35
5y 5m
n/a

Spam Honeypot Tool

23
2
5y 6m
GPL-2.0

The Project Honey Pot un-official PHP SDK

2
0
5y 10m
MIT

Bluetooth Honeypot

140
23
10m
n/a

Docker configs and build scripts.

22
6
6y 11m
n/a

A docker based honeypot.

146
13
6y 6m
BSD-2-Clause

Docker based honeypot (Dionaea & Kippo)

21
4
6y 8m
MIT

Very simple but effective honeypot to detect port scanning on your network

2
0
2y 33d
n/a

Core elements of the Modern Honey Network implemented in Docker

28
4
3y 8m
n/a

TR-069 Honeypot

95
41
5y 8m
GPL-3.0

Kako "IoT" honeypot framework.

20
7
1y 93d
MIT

Canarytokens helps track activity and actions on your network.

815
142
24d
n/a

A PoC tool designed to enhance the effectiveness of your traps by spreading breadcrumbs & honeytokens across your systems to lure the attacker toward your honeypots

233
39
2y 8m
GPL-3.0

honeyฮป - a simple, serverless application designed to create and monitor fake HTTP endpoints (i.e. URL honeytokens) automatically, on top of AWS Lambda and Amazon API Gateway

471
52
3y 39d
GPL-3.0

A tool for deploying and detecting use of Active Directory honeytokens

468
99
5y 67d
GPL-3.0

A Heroku-based web honeypot that can be used to create and monitor fake HTTP endpoints (i.e. honeytokens).

50
8
2y 7m
GPL-3.0

Honeyd Tools

Network and Artifact Analysis

Data Tools

Dionaea Front Web

62
30
4y 113d
n/a

Django App for kippo SSH Honeypot: https://code.google.com/p/kippo/

11
1
9y 4m
n/a

Honeypot Intelligence with Splunk

249
47
3y 41d
GPL-2.0

Simplified UI for showing honeypot alarms

3
1
4y 9m
Apache-2.0

A flask website which displays data I've gathered with my SSH Honeypot

2
0
5y 9m
n/a

Attack Community Graphs through Event Clustering

11
6
6y 55d
n/a

AfterGlow Cloud is a security visualization tool which lets users upload data and visualize the data as graphs on-the-fly (part of Google Summer of Code 2012).

16
7
8y 6m
n/a

easy honeypot statistics

0
0
5y 11m
n/a

Maltego tranforms for mapping Honeypot systems.

15
3
6y 11m
Apache-2.0

Real-time websocket stream of GPS events on a fancy SVG world map

212
89
5y 111d
LGPL-3.0

HpfeedsHoneyGraph is a visualization app to visualize hpfeeds logs

14
4
8y 9m
n/a

Mojolicious app to display statistics for your kippo SSH honeypot

20
2
10y 7m
n/a

The Intelligent Honey Net Project attempts to create actionable information from honeypots

55
12
6y 24d
n/a
47
15
8y 7m
GPL-3.0

Guides