Projects

This page contains a list of tools and services that we use on a regular basis. Most of these tools have been created by our members and GSoC students, but some are also external and not affiliated with the Honeynet Project. If you see that a specific tool is not listed, but should, feel free to email [email protected]. Projects are sorted by last commit date.

Active Projects

mitmproxy

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

Website GitHub 42.1k Python MIT
debugging http http2 man-in-the-middle mitmproxy proxy python security ssl tls websocket

Intel Owl

IntelOwl: manage your Threat Intelligence at scale

Website GitHub 4432 Python AGPL-3.0
cyber-security cyber-threat-intelligence cybersecurity dfir enrichment hacktoberfest honeynet incident-response intel-owl ioc malware-analysis malware-analyzer osint osint-python python

GreedyBear

Threat Intel Platform for T-POTs

GitHub 164 Python MIT
cyber-threat-intelligence cybersecurity hacktoberfest honeypot ioc open-source python threat-intelligence threatintel tpot

BuffaLogs

an Open Source Django App whose main purpose is to detect login anomalies

GitHub 61 Python

T-Pot

The All In One Multi Honeypot Platform 🐝

GitHub 8689 C GPL-3.0
deception docker elk honeypot network-security security t-pot

ochi

Website GitHub 34 Go GPL-3.0
honeypot visualization

thug

Python low-interaction honeyclient

GitHub 1022 Python GPL-2.0
client-honeypot honeyclient low-interaction python security-tools shellcode virustotal

honeyscanner

A vulnerability analyzer for honeypots

Website GitHub 56 Python MIT
cybersecurity cybersecurity-assessments dos-attack exploitation fuzzing honeypots passive-vulnerability-scanner ssh-honeypot vulnerability-scanner

Glutton

Generic Low Interaction Honeypot

GitHub 294 Go MIT
hacktoberfest honeypot

DRAKVUF

Black-box Binary Analysis

Website GitHub 1202 C++
introspection malware-analysis virtualization xen

PcapMonkey

will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.

GitHub 162 Zeek

Old Projects

Conpot

ICS/SCADA honeypot

GitHub 1425 Python GPL-2.0
hacktoberfest honeypot ics python scada security

TANNER

He who flays the hide

GitHub 230 Python GPL-3.0
honeypot security

DroidBot

A lightweight test input generator for Android. Similar to Monkey, but with more intelligence and cool features!

GitHub 931 Python MIT

dionaea

Home of the dionaea honeypot

Website GitHub 787 Python GPL-2.0
dionaea honeypot security

Glastopf

Web Application Honeypot

Website GitHub 594 Python

SNARE

Super Next generation Advanced Reactive honEypot

Website GitHub 474 Python GPL-3.0
hacktoberfest honeypot security

WhisperPot

VoIP honeypot system

GitHub 21 Python MIT
honeypot voip

RIoTPot

the IoT and OT (Operational Technology) Honeypot

GitHub 30 Go MIT

Kippo

SSH Honeypot

GitHub 1709 Python

Droidbox

Dynamic analysis of Android apps

GitHub 795 Python

cuckoo

Sandbox is an automated dynamic malware analysis system

Website GitHub 5903 JavaScript

dockpot

GitHub 52 Python

Google Hack Honeypot

Google Hack Honeypot

GitHub 7 PHP GPL-2.0
honeypot security

Honeytrap

a low-interaction honeypot

GitHub 95 C GPL-2.0

GVol

GitHub 20 Java MIT

Capture-HPC

A high interaction client honeypot

GitHub 31 C

Capture BAT

a behavioral analysis tool of applications for the Win32 operating system family.

GitHub 32 C++ GPL-2.0

honeysnap

GitHub 13 Python

honeyc

GitHub 8 Ruby

HFlow2

GitHub 5 C++ GPL-2.0

APKinspector

a powerful GUI tool for analysts to analyze the Android applications.

GitHub 853 Java

HoneyBow

A high-interaction malware collection toolkit

Website

Honeyd

A low-interaction honeypot

Honeystick

A portable honeynet demonstration and incident response tool

Latest Activity

@nishantxscooby
nishantxscooby opened a pull request in certego/BuffaLogs. · at January 31, 2026
#559 perf: add query-aligned indexes for Login model
128 additions and 2 deletions in 6 changed files.
@AnshSinghal
AnshSinghal opened a pull request in intelowlproject/IntelOwl. · at January 31, 2026
#3252 implemented atomicity
14 additions and 6 deletions in 1 changed files.
@nishantxscooby
nishantxscooby opened a pull request in certego/BuffaLogs. · at January 31, 2026
#558 fix: correctly parse multi-value list flags in setup_config (#539)
384 additions and 97 deletions in 2 changed files.
@lups2000
lups2000 pushed to mitmproxy/mitmproxy · at January 31, 2026
1 commit to mitmproxy/mitmproxy
ef48ecb Mitmweb: Add number of selected flows in the footer (#8057)
@lups2000
lups2000 pushed to mitmproxy/mitmproxy · at January 31, 2026
1 commit to mitmproxy/mitmproxy
6a48046 Fix some typos in function docstrings(#8059)
@R1sh0bh-1
R1sh0bh-1 opened a pull request in intelowlproject/IntelOwl. · at January 31, 2026
#3251 feat(connectors): implement LLMSummarizer with Ollama for job report …
497 additions and 0 deletions in 1 changed files.
@Sumit-ai-dev
Sumit-ai-dev opened a pull request in intelowlproject/GreedyBear. · at January 30, 2026
#758 Feature/522 ip enrichment feeds
1007 additions and 0 deletions in 16 changed files.
@sristyanand00
sristyanand00 opened a pull request in intelowlproject/GreedyBear. · at January 30, 2026
#757 feat: Implement change password capability. Closes #291
233 additions and 3 deletions in 8 changed files.
@lfreijo
lfreijo opened a pull request in tklengyel/drakvuf. · at January 29, 2026
#1864 Linux fixes for syscalls, filetracer and added linux support for fileextractor
1532 additions and 26 deletions in 14 changed files.
@lfreijo
lfreijo opened a pull request in tklengyel/drakvuf. · at January 29, 2026
#1863 syscalls: Fix NULL pointer crash when enumerating kernel modules
4 additions and 0 deletions in 1 changed files.
@t3chn0m4g3
t3chn0m4g3 pushed to telekom-security/tpotce · at January 29, 2026
1 commit to telekom-security/tpotce
13bf21b Fixes #1866, thank you @regulartim for reporting
@t3chn0m4g3
t3chn0m4g3 pushed to telekom-security/tpotce · at January 28, 2026
1 commit to telekom-security/tpotce
fb9a9b0 fix debian netiso link, optimize link checker
@soorya38
soorya38 opened a pull request in honeynet/ochi. · at January 19, 2026
#124 feat(backend): implement binary download with dynamic sensor UUID inj…
166 additions and 2 deletions in 4 changed files.
@buffer
buffer pushed to buffer/thug · at January 13, 2026
1 commit to buffer/thug
0e8ef7e Minor change
@buffer
buffer pushed to buffer/thug · at January 13, 2026
2 commits to buffer/thug
f7fda7a Update requirements: Bump zope-interface from 8.1.1 to 8.2 9685720 Merge pull request #438 from …
@dzikriinzl
dzikriinzl opened a pull request in mushorg/snare. · at January 12, 2026
#336 Logging baseline
1256 additions and 88 deletions in 10 changed files.
@mlodic
mlodic pushed to honeynet/honeyscanner · at January 2, 2026
9 commits to honeynet/honeyscanner
28d7c38 optimized for async operations and faster execution ddab1ac fixed cowrie requirements file fc1990e changed from string to dict for reporting