User Experience on mobile might not be great yet, but I'm working on it.

Your first time on this page? Allow me to give some explanations.

Awesome Honeypots

an awesome list of honeypot resources

Here you can see meta information about this topic like the time we last updated this page, the original creator of the awesome list and a link to the original GitHub repository.

Last Update: Jan. 16, 2022, 7:06 p.m.

Thank you paralax & contributors
View Topic on GitHub:
paralax/awesome-honeypots

Search for resources by name or description.
Simply type in what you are looking for and the results will be filtered on the fly.

Further filter the resources on this page by type (repository/other resource), number of stars on GitHub and time of last commit in months.

Contents

๐Ÿ˜Ž Awesome lists about all kinds of interesting topics

184.56K
22.58K
61d
CC0-1.0

Related Lists

A collection of tools developed by other researchers in the Computer Science area to process network traces. All the right reserved for the original authors.

2.34K
396
4m
CC0-1.0

Defund the Police.

7.9K
2.14K
91d
n/a

Honeypots

12
4
6y 7m
n/a

ESPot - ElasticSearch Honeypot

21
3
7y 4m
n/a

A Simple Elasticsearch Honeypot

166
54
6y 6m
MIT

A honeypot proxy for mongodb. When run, this will proxy and log all traffic to a dummy mongodb server.

76
23
1y 9m
GPL-3.0

The NoSQL Honeypot Framework

102
21
4y 12m
GPL-2.0

Low interaction MySQL honeypot written in C

15
8
7m
MIT

A mysql honeypot, still very very early stage

23
1
9y 97d
n/a

Low-interaction Postgres Honeypot

8
7
3y 6m
n/a

medium interaction postgresql honeypot

6
3
2y 97d
n/a

express honeypot

0
0
6d
MIT

Honeypot type for Symfony forms

31
13
2y 4m
n/a

Web Application Honeypot

458
174
93d
n/a

HellPot is a portal to endless suffering meant to punish unruly HTTP bots.

90
6
92d
MIT

Simple spam prevention package for Laravel applications

413
40
1y 87d
MIT

A nodejs web application honeypot

37
9
6y 4m
n/a

Webapplication Honeypot

12
4
8y 8m
n/a

Struts Apache 2 based honeypot as well as a detection module for Apache 2 servers

68
16
4y 10m
MIT

This project is designed to create deceptive webpages to deceive and redirect attackers away from real websites.

44
14
3y 9m
BSD-3-Clause

bap - http Basic Authentication honeyPot

31
3
7y 4d
n/a

้ซ˜ๅฏพ่ฉฑๅž‹ใƒใƒ‹ใƒผใƒใƒƒใƒˆ

24
1
2y 10m
GPL-3.0

A fake Django admin login screen page.

814
98
11m
MIT

Drupal Honeypot

54
10
2y 6m
MIT

HoneyHTTPD is a Python-based web server honeypot/service imitation builder. Great for honeypots or faking HTTP services.

17
11
1y 3d
MPL-2.0

An uploader honeypot designed to look like poor website security.

7
0
56d
GPL-3.0

A basic flask based Outlook Web Honey pot

7
0
2y 7m
Apache-2.0

A simple and effective phpmyadmin honeypot

63
32
3y 11m
GPL-3.0

WebApp Honeypot for detecting Shell Shock exploit attempts

52
21
9m
LGPL-2.1

PHP Script demonstrating a smart honey pot.

16
2
7y 9m
MIT

Super Next generation Advanced Reactive honEypot

348
115
96d
GPL-3.0

He who flays the hide

154
68
6m
GPL-3.0

Inserts a trap for spam bots into responses.

23
3
7y 11m
MIT

Honeypot that mimics Tomcat manager endpoints. Logs requests and saves attacker's WAR file for later study

7
1
4y 4m
MIT

WordPress Honeypot

25
8
4y 0d
GPL-2.0

python based WordPress honeypot in a docker container

1
9
1y 59d
n/a

Wordpress plugin to reduce comment spam with a smarter honeypot.

26
4
4y 97d
MIT

A Wordpress Honeypot

162
56
1y 7m
n/a

Low interaction honeypot designed for Android Debug Bridge over TCP/IP

130
25
8m
GPL-3.0

Honeypot for Intel's AMT Firmware Vulnerability CVE-2017-5689

14
4
2y 15d
n/a
67
14
4y 9m
BSD-2-Clause

A low to medium interaction honeypot.

423
90
8m
GPL-2.0

A multi-purpose, modular medium-interaction honeypot based on Twisted.

17
7
7m
MIT

Bash and Python Honeyport scripts

36
7
4y 11m
GPL-3.0

Printer honeypot

15
7
5y 11m
n/a

MICROS Honeypot is a low interaction honeypot to detect CVE-2018-2636 in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (MICROS). This is a directory traversal vulnerability.

10
4
3y 115d
MIT

Remote Desktop Protocol in Twisted Python

1.43K
502
6m
GPL-3.0

Simple High Interaction Honeypot Solution for SMB protocol

34
16
9m
n/a

Tom's Honey Pot as seen in Applied Network Security Monitoring.

18
8
6y 8m
n/a

WebLogic Honeypot is a low interaction honeypot to detect CVE-2017-10271 in the Oracle WebLogic Server component of Oracle Fusion Middleware. This is a Remote Code Execution vulnerability.

23
6
1y 8m
MIT

Twisted based HoneyPot for WhiteFace

3
2
6y 9m
LGPL-3.0

Simple Docker Honeypot server emulating small snippets of the Docker HTTP API

19
4
1y 103d
Apache-2.0

The plugin repository for Honeycomb, the honeypot framework by Cymmetria

22
10
2y 38d
MIT

NTP logger/honeypot

51
10
7y 9m
n/a

observation camera honeypot

48
18
6y 7m
BSD-2-Clause

FTP Honeypot

21
12
3y 119d
BSD-2-Clause

Advanced Honeypot framework.

1.01K
162
5m
n/a

RDP monster-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact

650
158
76d
GPL-3.0

Troje is a honeypot built around lxc containers. It will run each connection with the service within a seperate lxc container.

44
11
7y 5m
MIT

Distributed Honeypot

45
6
3y 8m
MIT

Quick proof of concept to detect a Kippo SSH honeypot instance externally

49
15
7y 40d
n/a

ICS/SCADA honeypot

937
358
118d
GPL-2.0

GasPot Released at Blackhat 2015

102
29
9m
CC0-1.0

Open source tools for realistic-behaving electric grid honeynets

44
10
6y 10m
n/a

damn simple honey pot

14
3
5y 7m
Apache-2.0

Repo for the Open Source version of NOVA

72
23
1y 4m
GPL-3.0

OpenFlow Honeypot

17
1
9y 14d
n/a

Modular and decentralised honeypot

1.31K
240
108d
BSD-3-Clause

A low interaction honeypot for the Cisco ASA component capable of detecting CVE-2018-0101, a DoS and remote code execution vulnerability.

42
17
3y 56d
MIT

A medium interaction printer honeypot ๐Ÿฏ

185
16
1y 15d
GPL-3.0

Botnet command & control monitor

155
62
4y 91d
n/a

Google Summer of Code 2012 project, supported by The Honeynet Project organization.

34
12
1y 5m
n/a

Modern Honey Network

2.17K
621
78d
n/a

Honeypot for router backdoor (TCP 32764)

15
3
7y 11m
n/a

A honeypot that can be used to observe traffic directed at home routers.

9
1
3y 65d
n/a

A modern tool for the Windows kernel exploration and tracing

1.44K
150
89d
n/a

A honeypot for malware that propagates via USB storage devices

73
21
6y 10m
GPL-3.0

Passive Network Audit Framework

29
9
3y 8m
n/a

Script to create templates to use with VirtualBox to make vm detection harder

577
103
12m
MIT

Automated Virtual Machine Generation and Cloaking for Cuckoo Sandbox.

371
104
9m
n/a

A debugger backend and LUA wrapper for PIN

29
7
8y 74d
n/a

A debugger frontend

142
15
6y 69d
n/a

Reverse engineering, Malware and goodware analysis of Android applications ... and more (ninja !)

3.73K
911
82d
Apache-2.0

APKinspector is a powerful GUI tool for analysts to analyze the Android applications.

755
248
8y 10m
n/a

๐Ÿฏ T-Pot - The All In One Honeypot Platform ๐Ÿ

3.01K
624
76d
GPL-3.0

The Artillery Project is an open-source blue team tool designed to protect Linux and Windows operating systems through multiple methods.

313
285
1y 109d
n/a

Automatic deploy bifrozt with ansible. ALPHA

4
4
5y 10m
n/a

Credentials catching honeypot

311
75
1y 21d
GPL-3.0
8
6
6y 10m
n/a

Telnet Honeypot

150
45
2y 10m
MIT

Open Source Telnet Honeypot

96
29
4y 10m
MIT

Semi-Intelligent HoneyPot Network - Semi-Intelligent Reactive Environment Network

9
1
3y 10m
n/a

A simple telnet honeypot

0
0
5y 12m
n/a

Simple UDP honeypot script

38
7
1y 4m
GPL-3.0

Yet Another Fake Honeypot written in Go

5
0
4y 41d
GPL-3.0

a low interaction honeypot.

1
0
3y 5m
n/a

Fake Protocol Server

805
83
80d
n/a

Generic Low Interaction Honeypot

163
49
91d
MIT

A honeypot server written in Go.

39
3
2y 105d
n/a

honeypot go lang emulators

8
5
5y 10m
n/a

SMTP honeypot written in Golang

13
6
5y 5m
n/a

a low-interaction honeypot

84
17
4y 7m
GPL-2.0

IMAP honeypot written in Golang

16
2
3y 9m
MIT

A high scalable low to medium interactive SSH/TCP honeypot using Linux Namespaces, capabilities, seccomp, cgroups designed for OpenWrt and IoT devices.

27
6
1y 6m
BSD-3-Clause

Port listener / honeypot in Rust with protocol guessing and safe string display

11
1
1y 7m
MIT

A simple low-interaction port monitoring honeypot.

14
5
1y 7m
n/a

Python telnet honeypot for catching botnet binaries

264
85
10m
n/a

Simulates enough of a Telnet connection in order to log failed login attempts.

225
67
4y 10m
n/a

Low-interaction VNC honeypot with a static challenge.

19
6
2y 5m
Zlib

Honeynet Project generic authenticated datafeed protocol

197
106
9m
GPL-3.0

HoneySpider Network version of Capture-HPC

12
10
10y 32d
n/a

Automatically exported from code.google.com/p/jsunpack-n

143
61
6y 9m
GPL-2.0
26
9
6y 8m
GPL-2.0

YALIH (Yet Another Low Interaction Honeyclient) is a low Interaction Client honeypot designed to detect malicious websites through signature, anomaly and pattern matching techniques

61
9
2y 7m
Apache-2.0

Instant messenger honeypot

11
6
5y 10m
GPL-3.0

Powerful Python tool to analyze PDF documents

732
186
1y 7m
GPL-3.0

Multi-head SSH honeypot system.

9
4
2y 29d
MIT

Cowrie SSH/Telnet Honeypot https://cowrie.readthedocs.io

3.78K
690
85d
n/a

Docker container running cowrie with DShield output enabled.

9
3
5y 7m
n/a

HonSSH is designed to log all SSH communications between a client and server.

350
74
3y 9m
BSD-3-Clause

Hudinx is a tiny interaction SSH honeypot engineered in Python to log brute force attacks and, most importantly, the entire shell interaction performed by the attacker.

2
2
2y 8m
GPL-3.0

Kippo - SSH Honeypot

1.4K
268
2y 110d
n/a

Kippo configured to be a backdoored netscreen

9
2
6y 28d
n/a

Kojoney2 is a low interaction SSH honeypot written in Python. Based on Kojoney by Jose Antonio Coret

34
4
7y 13d
GPL-2.0

Longitudinal Analysis of SSH Cowrie Honeypot Logs

4
1
94d
MIT

Simple TCP/UDP honeypot implemented in Perl

2
0
4y 88d
n/a

Mock an SSH server and define all commands it supports (Python, Twisted)

112
20
1y 4m
n/a

Parse cowrie honeypot logs into a neo4j database

3
4
4y 94d
GPL-3.0

SSH Honeypot

25
3
4y 7m
MIT

A simple ssh honeypot in golang

34
5
6y 9m
n/a

A SSH honeypot written in Go

9
2
8y 38d
Apache-2.0

hived is a honeypot

2
0
4y 4m
MIT

A SSH Server in Go that logs username/password combos

36
11
2y 9d
MIT

SSH Honeypot written in Go

22
8
8y 30d
n/a

A credential dumping SSH honeypot with statistics

9
2
2y 92d
n/a

SSH Multipot

21
2
3y 8m
GPL-3.0

A low/zero interaction ssh authentication logging honeypot

13
8
11m
n/a

Fake sshd that logs ip addresses, usernames, and passwords.

415
217
1y 56d
MIT
21
0
3y 29d
BSD-3-Clause

A low-interaction SSH honeypot written in C

8
1
76d
MIT

framework for a high interaction SSH honeypot

40
5
1y 9m
MIT

An easy to set up and use SSH honeypot, a fake SSH server that lets anyone in and logs their activity

1.11K
66
80d
Apache-2.0

High-interaction MitM SSH honeypot

164
51
3y 8m
Zlib

Yet another no-frills low-interaction ssh honeypot in Go.

11
2
1y 11m
Zlib

A low-to-medium interaction SSH Honeypot with features to capture terminal activity and upload to asciinema.org

83
6
2y 10m
GPL-3.0

SSH, FTP and Telnet honeypots based on Twisted

69
20
2y 22d
GPL-2.0

An SMTP Honeypot

218
64
110d
n/a

Fetch all Honeypot

15
8
3y 107d
Apache-2.0

Spam Honeypot with Intelligent Virtual Analyzer

123
35
5y 7m
n/a

Spam Honeypot Tool

23
2
5y 7m
GPL-2.0

The Project Honey Pot un-official PHP SDK

2
0
5y 12m
MIT

Bluetooth Honeypot

140
23
1y 15d
n/a

Docker configs and build scripts.

22
6
7y 29d
n/a

A docker based honeypot.

146
13
6y 8m
BSD-2-Clause

Docker based honeypot (Dionaea & Kippo)

21
4
6y 10m
MIT

Very simple but effective honeypot to detect port scanning on your network

2
0
2y 84d
n/a

Core elements of the Modern Honey Network implemented in Docker

28
4
3y 9m
n/a

TR-069 Honeypot

95
41
5y 10m
GPL-3.0

Kako "IoT" honeypot framework.

20
7
1y 4m
MIT

Canarytokens helps track activity and actions on your network.

815
142
75d
n/a

A PoC tool designed to enhance the effectiveness of your traps by spreading breadcrumbs & honeytokens across your systems to lure the attacker toward your honeypots

233
39
2y 10m
GPL-3.0

honeyฮป - a simple, serverless application designed to create and monitor fake HTTP endpoints (i.e. URL honeytokens) automatically, on top of AWS Lambda and Amazon API Gateway

471
52
3y 90d
GPL-3.0

A tool for deploying and detecting use of Active Directory honeytokens

468
99
5y 118d
GPL-3.0

A Heroku-based web honeypot that can be used to create and monitor fake HTTP endpoints (i.e. honeytokens).

50
8
2y 8m
GPL-3.0

Honeyd Tools

Network and Artifact Analysis

Data Tools

Dionaea Front Web

62
30
4y 5m
n/a

Django App for kippo SSH Honeypot: https://code.google.com/p/kippo/

11
1
9y 6m
n/a

Honeypot Intelligence with Splunk

249
47
3y 92d
GPL-2.0

Simplified UI for showing honeypot alarms

3
1
4y 11m
Apache-2.0

A flask website which displays data I've gathered with my SSH Honeypot

2
0
5y 11m
n/a

Attack Community Graphs through Event Clustering

11
6
6y 106d
n/a

AfterGlow Cloud is a security visualization tool which lets users upload data and visualize the data as graphs on-the-fly (part of Google Summer of Code 2012).

16
7
8y 8m
n/a

easy honeypot statistics

0
0
6y 36d
n/a

Maltego tranforms for mapping Honeypot systems.

15
3
7y 35d
Apache-2.0

Real-time websocket stream of GPS events on a fancy SVG world map

212
89
5y 5m
LGPL-3.0

HpfeedsHoneyGraph is a visualization app to visualize hpfeeds logs

14
4
8y 11m
n/a

Mojolicious app to display statistics for your kippo SSH honeypot

20
2
10y 8m
n/a

The Intelligent Honey Net Project attempts to create actionable information from honeypots

55
12
6y 75d
n/a
47
15
8y 9m
GPL-3.0

Guides