The Honeynet Project

The Honeynet Project Workshop 2025

Mon, 24 Mar 2025 00:00:00 +0000

We are very happy to announce The Honeynet Project Workshop 2025, scheduled to take place in Prague, Czech Republic, from June 2nd to 4th. The event will be hosted at the National Technical Library (NTK) and will feature a combination of cybersecurity briefings and advanced hands-on training sessions.

The Honeynet Project Workshop 2024

Thu, 07 Dec 2023 00:00:00 +0000

We are thrilled to announce The Honeynet Project Workshop 2024, scheduled to take place in Copenhagen, Denmark, from May 27th to 29th. The event will be hosted at the Mødecenter of the Technical University of Denmark and will feature a combination of cybersecurity briefings and hands-on training sessions.

Long-term distributed honeypot network deployment logistics

Wed, 14 Jan 2026 11:00:06 +0100

Overview

For several years The Honeynet Project has operated a network of distributed honeypots. While operating a sensor network over multiple years, we’ve improved our ability to leverage orchestration to deploy in a variety of environments, manage the various sensors, and improve them over time.

Challenges

An early problem was simply how to manage honeypots running the same sensor software but deployed in very different environments. Further, the sensors needed to be lightweight and require as few resources as possible (so that we could deploy as many as possible). Luckily this effort didn’t require very much net-new orchestration and started out by relying on what had already been developed for tpot. Putting it all together, Ansible has really served as the backbone for bringing up new systems, and making it very easy to customize the sensors and deploy changes. Better yet, the effort into orchestration efforts make the individual sensors semi-disposable; their data is valuable but the sensors themselves are disposable and easily replaced by spinning up more instances.

GSoC 2025 Project summary. BuffaLogs: Alerting Module Enhancement

Mon, 15 Sep 2025 11:00:06 +0100

Contributor: Kunal Gurtatta Mentors: Lorena Goldoni, Federico Foschini

Overview

As a Python developer and security enthusiast, I always wanted to contribute to open-source security projects. When I learned about GSoC from one of my seniors, I started searching for security organizations and came across Honeynet. They had just announced their ideas for this year’s GSoC, and one of them was BuffaLogs, which matched my tech stack perfectly. I began contributing in late Feb'25, submitting PRs to implement alerters and making small refactors to get familiar with the codebase. Since my early contributions focused on alerters, I decided to continue working on integrating more of them and improving the alerting logic in my proposal.

GSoC 2025 Project summary. Developing BuffaCLI for Command-Line Management and BuffaWatch for Real-Time Log Tracking

Mon, 15 Sep 2025 11:00:06 +0100

Contributor: Onunwa Goodness Mentors: Lorena Goldoni, Federico Foschini

My Google Summer of Code 2025 - The Honeynet Project (BuffaLogs)

September 1, 2025 officially marks the end of the Google Summer of Code (GSoC) 2025 coding period. Over the past four months, I’ve had the privilege of contributing as a developer to The BuffaLogs Project under The Honeynet Project. It’s been four months of doing what I love most—building and shipping code.

Google Summer of Code 2024 Announcement

Sun, 25 Feb 2024 11:45:22 +0100

We are happy to announce that we have been selected as an organization to participate in Google Summer of Code 2024! This will be the 15th time that Honeynet is participating in the Google Summer of Code program to accelerate the creation of information- and cyber security related tools that are free and open source software. We are now entering the community bonding phase during which students are encouraged to reach out and interact with organizations and start getting involved with potential projects. We strongly recommend to join our Discord.

Glutton 1.0 Release

Sat, 23 Sep 2023 20:41:27 +0200

I’d like to announce the 1.0 release of the server-side, low-interaction honeypot Glutton!

We have built Glutton as a versatile honeypot, capable of receiving any network traffic by accepting connections on any port. Being very easy to adapt and extend, Glutton is a fantastic tool to understand network threats.

GSoC 2023 Project summary: Frontend Improvements for Buffalogs, IntelOwl

Sun, 27 Aug 2023 00:00:00 +0000

Our dedicated Google Summer of Code (GSoC) participant, Abheek, has spent an impressive three-month duration program actively contributing to not one, but two distinct projects: IntelOwl and Buffalogs. Notably, Abheek undertook the responsibility of crafting the brand-new official website for IntelOwl throughout this period.

In light of this significant achievement, we believe it is only fitting to showcase his remarkable results and contributions within the official IntelOwl site, in which he discuses his journey as a designer/frontend developer, the tasks involved and the detailed contributions to both projects, including the revamping of IntelOwl’s website, implementing JWT authentication for Buffalogs, creating maps and graphs for BuffaLogs’ dashboard, and crafting a frontend guide for IntelOwl using react-joyride.

GSoC 2023 Project summary: Ochi

Thu, 24 Aug 2023 11:00:06 +0100

Our GSoC student Kumiszhan Dybyspayeva was working for three months under the supervision of Lukas Rist on Ochi, specifically on introducing new features such as event filtering using a DSL, persisting filters and sharing an event.

Read on for an overview of their achievements and how they successfully contributed towards Ochi and some considerations for the future.

Our New Web Site

Mon, 31 Jul 2023 00:00:00 +0000

It has been almost 15 years since Lance announced our new web site on August 12th 2008. While you are already enjoying the pleasures of our now home, read on for a quick tour…

GSoC 2022 Project summary: Creating Playbooks for IntelOwl

Thu, 06 Oct 2022 00:00:00 +0000

Our GSoC student Aditya Narayan Sinha was working for three months under the supervision of Matteo Lodi on the OSINT platform IntelOwl, specifically on introducing playbooks that define automated actions associated with the observation of a specific indicator of compromise.

Read on for an overview of their achievements and how they successfully contributed towards IntelOwl and some considerations for the future.

GSoC 2022 Project Summary: IntelOwl v4 Improvements

Mon, 26 Sep 2022 00:00:00 +0000

Our GSoC student Aditya Pratap Singh was working for three months under the supervision of Matteo Lodi on the OSINT platform IntelOwl, specifically on bulk analysis, single sign-on, and major improvements to the configurations and secrets.

Read on for an overview of their achievements and how they successfully contributed towards IntelOwl and some considerations for the future.

GSoC 2022 Project Summary: IntelOwl Go Client (go-intelowl)

Tue, 06 Sep 2022 00:00:00 +0000

Our GSoC student Hussain Khan was working for three months under the supervision of Matteo Lodi on the OSINT platform IntelOwl, specifically on a Go client library, allowing developers to integrate with the IntelOwl API in their solutions.

Read on for an overview of their achievements and how they successfully contributed towards IntelOwl and some considerations for the future.

New project available: GreedyBear

Mon, 27 Dec 2021 00:00:00 +0000

This year has been a Christmas more tough than usual for a lot of people. The Covid pandemic is rising again all over the world, the security analysts are facing one of the worst ever found software vulnerabilities (referring to Log4j CVE-2021-44228), and so on.

With the goal to help all the community during these hard times, recently we have been working to a new project, called GreedyBear, that you can find on Github.

The Honeynet Project has a new CEO

Tue, 07 Dec 2021 00:00:00 +0000

The Honeynet Project has appointed Ali Ikinci as the new CEO.

We wish to thank Faiz Ahmad Shuja for leading the project over the past years, and welcome Ali for accepting the challenge.

Founder and current leader of the Turkish Chapter, Ali is a longtime Honeynet Project member and contributor: he co-authored research papers on malicious website detection with low-interaction honeyclients and on honeypots for the Internet of Things. Born and raised in Germany, Ali is also an established professional in the Information Security field, with broad experience as a Chief Security Analyst, Product Manager, Senior IT consultant and Entrepreneur.

Intel Owl: Release v3.0.0

Mon, 13 Sep 2021 00:00:00 +0000

Intel Owl GitHub repository

Intel Owl is an Open Source Intelligence, or OSINT solution to get threat intelligence data about a specific file or observable from a single API at scale. Intel Owl helps enrich threat intelligence data, especially speeding up retrieval of info because it is composed of 100+ analyzers (tools, external APIs, etc.). Organizations can host their own instance of Intel Owl to help mitigate threats more effectively.

GSOC 2021 PROJECT SUMMARY - PcapMonkey

Tue, 07 Sep 2021 00:00:00 +0000

Our GSoC student Hariom Chaturved was working for three months on the network capture analysis tool PcapMonkey, specifically introducing live capture, testing architecture, and the introduction of zkg support.

Read on for an overview of their achievements and how they successfully contributed towards PcapMonkey and some considerations for the future.

GSoC 2021 Project Summary: IntelOwl Connectors Manager and Integrations

Fri, 20 Aug 2021 00:00:00 +0000

Our GSoC student Shubham Pandey was working for three months under the supervision of Matteo Lodi on the OSINT platform IntelOwl, specifically introducing the connector manager allowing for powerful integrations with external data sources.

Read on for an overview of their achievements and how they successfully contributed towards IntelOwl and some considerations for the future.

GSoC 2021 Project Summary: IntelOwl Improvements

Fri, 20 Aug 2021 00:00:00 +0000

Our GSoC student Sarthak Khattar was working for three months under the supervision of Matteo Lodi on the OSINT platform IntelOwl, specifically overhauling the analyzer configuration, API and test suite refactoring, and the integration of new analyzers.

Read on for an overview of their achievements and how they successfully contributed towards IntelOwl and some considerations for the future.

GSoC 2020 Project Summary: SNARE/TANNER

Fri, 13 Nov 2020 00:00:00 +0000

This year I got selected for Google Summer of Code 2020 under The Honeynet Project and worked on the SNARE/TANNER. GSoC 2020 was very special for me because I finally got selected for the organization, for which I’ve been trying to get selected for the past 2 years.

Background

I got to know about Google Summer of Code in 2018 when I learned that my elder brother has done it 3 years in a row. He wanted me to try to get selected for any org that I like. So I started looking for projects on GSoC archives and came across the Honeynet Project org. I was interested in it because I really liked all the projects under it, projects like Snare Tanner, Thug, etc. I think these projects attracted my attention because they have a feel of being related to the `Information Security` field.