To learn the tools, tactics and motives involved in computer and network attacks, and share the lessons learned.


Reversing Malicious Flashy Flash and Dissecting Malicious Document with Mahmud!

We have interviewed Mahmud ab Rahman, who currently works as an Information Security Specialist for Malaysia Computer Emergency and Response Team (MyCERT) under the umbrella of CyberSecurity Malaysia. His areas of focus are network security,botnet monitoring, and malware analysis. Read more »

HoneyProxy 1.1 - Dubai - released!

HoneyProxy 1.1 - Dubai

Ready for the Honeynet Project Meeting in February, we are pleased to announce our second release of HoneyProxy!

Started as a Google Summer of Code 2012 project, HoneyProxy is a lightweight tool that allows live HTTP and HTTPS traffic inspection and analysis. This release features a new Report Editor which allows you to analyze your flows, aggregate data or search for anomalies in your traffic dumps. Read more »

Felix Leder and his talk "Lord of the Rings – Monitoring malware behavior on all layers" in Dubai 10-12th of February!

We have interviewed Felix Leder, who works as an innovation and new technology architect for Norman ASA. He has has presented classes around the world on malware analysis, reverse engineering, and anti-botnet approaches. Read more »

SSH honeypot workshop Bsides London 2013

At the last BruCON conference in Ghent last year I had the pleasure to talk to Soraya (Iggi), Bsides London co-organizer. She convinced me into submitting a workshop proposal for the Bsides London 2013.

And guess what, it got accepted.

So I will be doing a workshop on setting up a basic kippo SSH honeypot from Upi Tamminen ( and if time permits, using Ioannis Koniaris (Ion) kippo visualization tool kippo-graph (
Bsides London will be held on April 24th 2013 at Kensington and Chelsea Town Hall Read more »

"Secure Exploit Payload Staging…or how we did not kill an 0day at Defcon"

We have interviewed Georg Wicherski, who is one of the speakers for the Honeynet Workshop in Dubai 10-12 of February. Georg will give a briefing about “Secure Exploit Payload Staging…or how we did not kill an 0day at Defcon”

So Georg, why did you become a security expert?

Pathos: Hacking is my second love after my family and working as a security person allows me to live my passion every day.

And what will you talk about? Read more »

Visualize your attacks workshop in Dubai 10-12th

We have interviewed Raffy, who is one of the teachers for the Honeynet Workshop in Dubai 10-12 of February. Raffy will give the following talk: How Big Data, Data Mining, and Visualization Enable Security Intelligence and a class on Information Visualization - Bridging the Gap Between Tufte and Firewalls"

So Marty, tell us, why did you become a security expert? Read more »

The Month of the Honeynet Project Tools

Let the "Month of the Honeynet Project Tools" begin!

The idea beyond the MoHPT is quite simple. We would be really glad to involve more and more researchers out there in our research stuff and tools. In order to encourage contributions we are proposing you to dive deep into one of the already existing Honeynet Project tool cited below and contribute with feedback, ideas, documentation and/or code.

Ghost USB Honeypot
Thug Read more »

Forensic Challenge 13 – "A Message in a Picture"

Let's start the new year with a forensic challenge!

I am really pleased to announce Forensic Challenge 13 – "A Message in a Picture". The challenge has been provided by the Honeynet Project Pacific Northwest Chapter. Submission deadline is 2013, Feb 15th and we will be announcing winners around the first week of March 2013.

Happy new year and have fun!

Angelo Dell'Aera
The Honeynet Project

The Ethics of Social Honeypots

For the last few years, I have been participating in a Department of Homeland Security sponsored effort to develop principles and applications for the evaluation of information and communication technology (ICT) research. If you are not familiar with the Menlo Report, you can find a description in Michael Bailey, David Dittrich, Erin Kenneally, and Douglas Maughan. The Menlo Report. Security & Privacy, IEEE, 10(2):71–75, March/April 2012.

I and two of my Menlo colleagues -- Wendy Vischer and Erin Kenneally -- recently taught a didactic course at the PRIM&R Advancing Ethical Research conference in San Diego. (PRIM&R is the conference for Institutional Review Board, or IRB, professionals, with the annual AER conference having thousands of attendees). Our course primarily described the Menlo Report process to date, but we concluded with a mock IRB committee review of a fictional proposed research project in which researchers develop countermeasures to malicious botnets in social network platforms like Facebook using a combination of deception to build a social network of over 1 million users and to then use "good bots" that infiltrate the "bad bots". Read more »

Cuckoo Sandbox 0.5 is out!

Claudio has just released a new version of Cuckoo Sandbox 0.5. The list of new features is very impressive! Check it out at

Syndicate content