To learn the tools, tactics and motives involved in computer and network attacks, and share the lessons learned.


Alaska Chapter - Status Report 2011-2012

• Brian Hay (Chapter Lead, Full Member)
• Kara Nance (BoD Member, Full Member)
• Chris Hecker
• Clark Harshbarger
• Matt Bishop
• Wesley McGrew
• Lucas McDaniel

• 1 Honeeebox in Alaska
• Purchased multiple other Honeeeboxes available for third party deployments
• Periodic Dionaea deployments in both public and private clouds for student and demonstration use.


1. Ongoing development of hypervisor-based honeypot monitoring using virtual machine introspection (VMI) on Xen and KVM platforms. Read more »

UAE Chapter Status Report For 2012

Ahmad Alajail – Chapter Lead
Ahmad Hassan – Member
Anastasios Monachos - New Member
Andrew Marrington – New Member
Majid Al Ali - Member

we have successfully change all of our distributed Honeypots from Nepenthes to Dionaea and upgrade our honeypharm with reporting mechanism and the additional information received from Dionaea.


Canadian Chapter Status Report For 2011

Last year our chapter membership has gone through several changes: some members moved to new places and new positions and are no longer a part of the honeynet chapter, while others (Natalia Stakhanova) came back.

Our current members include Ali Ghorbani, Natalia Stakhanova, Hadi Shiravi (Unversity of New Brunswick) and Sami Guirguis (Toronto).


We currently have deployed a cluster of server honeypots and SGNET sensor. Both are primarily used for capturing botnet network traffic.


Spartan Devils Chapter Status Report For 2012

Spartan Devils Chapter Status Report For 2012


Our current membership includes: Gail Joon Ahn (Arizona State University) Tom Holt, (Michigan State University) Max Kilger, and Napoleon Paxton, We are also happy to report that we added Paul Neff to our roster in the last few months.

In addition to all tools from honeynet site, we also installed Sandboxie on Vmware ESXi to automatically test malware and reset VMs.


Forensic Challenge 12 – “Hiding in Plain Sight“ - And the winners are...

the Honeynet Project Alaska Chapter has judged all submissions and results have been posted on the challenge page. The winners are:

1. Shaun Zinck
2. Vadim Kotov and Alberto Boschetti
3. José Valentín Gutiérrez Boquete

Congratulations to the winners and thanks to the other participants!

Angelo Dell'Aera
The Honeynet Project

Two more of our projects selected for Magnificent7

Rapid7 have announced the selected projects for the second round of their Magnificent7 program. The program sponsors open source efforts in the area of IT security over the course of a year and provides them with Rapid7's technological and marketing expertise.

In March, Cuckoo and Androguard - both developed by members of the Honeynet Project - were chosen, and today's press release revealed two more of our members' projects to be supported under the Magnificent7 program.

Buttinsky, led by Patrik Lantz and Lukas Rist, will be a framework for botnet monitoring built from scratch. Ghost, led by Sebastian Poeplau, protects against malware that spreads on USB storage. We also congratulate the developers of John the Ripper, which is the third project to be selected today.

HoneyMap - Visualizing Worldwide Attacks in Real-Time

HoneyMap Screenshot

The HoneyMap shows a real-time visualization of attacks against the Honeynet Project's sensors deployed around the world. It leverages the internal data sharing protocol hpfeeds as its data source. Read this post to learn about the technical details and frequently asked questions. Before going into explanations, take a look at the map itself:! Read more »

HpfeedsHoneyGraph - Automated Attack Graph Construction for Hpfeeds Logs

Finally it is good enough to announce my GSoC project - HpfeedsHoneyGraph which is a Splunk APP to display attack graph for hpfeeds logs. It is not a easy project for me to complete in short time. During the last three months, I have to learn several skills for implementation including HPfeeds logs correlation of several hpfeeds channels, Splunk frameworks, Splunk REST API , D3.v2.js graph library and fast-fluxing modules. The most difficult challenge for me is to write javascript code. I SUPER hate javascript. Read more »

Forensic Challenge 12 – “Hiding in Plain Sight“ - Submission deadline passed

the submission deadline for the Forensic Challenge 12 – “Hiding in Plain Sight“ put up by the Alaska Chapter under the leadership of Lucas McDaniel has passed. We have received 4 submissions and will be announcing results on Mon, Oct 15th 2012. The top three submissions will be awarded little prizes.

Angelo Dell'Aera
The Honeynet Project

Project 12 - Improving APKInspektor

The updated version of APKInspector is a powerful static analysis tool for Android Malicious applications. It provide convenient and various features for smartphone security engineers. With the sensitive permission analysis, static instrumentation and easy-to-use graph-code interaction .etc, they can get a thorough and deep understanding of the malicious applications on Android.
The improvement mainly focus on two categories: User Interface and Security Analysis. The goal is to build an easy-to-use tool with strong security analysis features. Read more »

Syndicate content