Getting Started

This page contains a list of potential project ideas that we are keen to develop during GSoC 2025. If you would like to apply as a GSoC student, please follow these two steps to get started:

1. Read through this page and identify the project ideas you find interesting. Play around with our tools!
2. Join us on Discord and talk to your potential mentors on Discord

If there are any questions, please don’t hesitate and get in touch! 🙂

GSoC and The Honeynet Project

During the previous years of GSoC, the Honeynet Project’s students have created a wide range of very successful open source security projects, many of which have gone on to become the industry standard open source tools in their respective fields.

We are also always interested in hearing any ideas for additional relevant computer security and honeynet-related R&D projects (although remember that to qualify for receiving GSoC funding from Google your project deliverables need to fit in to GSoC’s project timescales!). If you have a suitable and interesting project, we will always try and find the right resources to mentor it and support you.

Please note - even if you aren’t an eligible GSoC participant, we are also always looking for general volunteers who are enthusiastic and interested in getting involved in honeynet R&D.

Each sponsored GSoC 2025 project will have one or more mentors available to provide a guaranteed contact point to students, plus one or more technical advisors to help applicants with the technical direction and delivery of the project (often the original author of a tool or its current maintainer, and usually someone recognized as an international expert in their particular field). Our Google Summer of Code organizational administrators will also be available to all sponsored GSoC students for general advice and logistical support. We’ll also provide hosting for project infrastructure, if required.

For all questions about the Honeynet Project, the GSoC program or our projects, please contact us on Discord (preferred)** or email us at [email protected].

Application template

If you are considering applying to participate with us in GSoC 2025 please find our application template here. Use it when you are preparing your application on the official GSoC site and don’t hesitate to ask your mentors for feedback before submitting!

GSoC 2025 Project Ideas Overview

• #1 - Improving the SweetCam IP camera honeypot
• #2 - Improving the DICOMHawk medical honeypot
• #3 - Implementing Protocol Parsers for Glutton Using Spicy

#1 - Improving the SweetCam IP camera honeypot

SweetCam is an open-source honeypot designed to emulate IP camera behaviors with minimal setup while offering robust modularity for extending functionality. It is built to support the emulation of key protocols commonly used by IP cameras, including SSH, RTSP, and HTTP. A distinguishing feature of SweetCam is its ability to create a realistic web interface resembling an IP camera’s dashboard. This includes a login page and a simulated camera interface that can be customized using user-defined 360-degree video streams and images, making it highly adaptable to various use cases. The modular architecture of SweetCam ensures flexibility, allowing users to easily integrate support for new camera models and configurations. By providing a realistic medium-interaction environment, SweetCam effectively lures and studies attackers targeting IP cameras, offering valuable insights for cybersecurity research and network defense strategies.

GSoC 2025

Outcomes

• template-based device emulation
• new protocol support
• enhance Docker Usability (Automation & Base setup)
• Various improvements: Error based handling on HTTP page, Language Button at HTTP page, forgot password, implementation of sound, day/night configurations

Skills Preferred

• Basic Linux/Command Line skills
• Docker
• Shell, JavaScript

#2 - Improving the DICOMHawk medical honeypot

DICOMHawk is a powerful and efficient honeypot for DICOM servers, designed to attract and log unauthorized access attempts and interactions. Built using Flask and pynetdicom, DICOMHawk offers a streamlined web interface for monitoring and managing DICOM interactions in real-time.

Features

• DICOM Server Simulation: Supports C-ECHO, C-FIND, and C-STORE operations to simulate a realistic DICOM server environment.
• Logging: Detailed logging of DICOM associations, DIMSE messages, and event-specific data to track and analyze potential attacks.
• Web Interface: A user-friendly web interface to view server status, active associations, and logs.
• Custom Handlers: Easily extendable to support additional DICOM services and custom logging or handling requirements.

GSoC 2025

Outcomes

• Examine a potential integration with TPot
• Improve Docker usage (Security & Automation)
• Improve logging capabilities
• Integrate CanaryToken Webhook
• Potentially add additional protocol
• Documentation of the Implementations
• Testing

Skills Preferred

• Basic Linux/Command Line skills
• Docker
• Python

#3 - Implementing Protocol Parsers for Glutton Using Spicy

Glutton is a powerful Generic Low Interaction Honeypot designed to emulate various network services and capture malicious activity for security analysis. Its strength lies in its generic nature, supporting a wide range of network protocols.

The goal of this project is to:

• Develop a Go wrapper to integrate Spicy with Glutton.
• Implement protocol parsers for HTTP and DNS as initial examples.
• Provide documentation to explain the implementation.

The primary required skill is proficiency in Go programming and familiarity with Linux networking.
An understanding of network monitoring tools like Spicy or similar is a nice-to-have skill.