Projects

This page contains a list of tools and services that we use on a regular basis. Most of these tools have been created by our members and GSoC students, but some are also external and not affiliated with the Honeynet Project. If you see that a specific tool is not listed, but should, feel free to email [email protected]. Projects are sorted by last commit date.

Active Projects

Intel Owl

IntelOwl: manage your Threat Intelligence at scale

Website GitHub 4286 Python AGPL-3.0

cyber-security cyber-threat-intelligence cybersecurity dfir enrichment hacktoberfest honeynet incident-response intel-owl ioc malware-analysis malware-analyzer osint osint-python python

BuffaLogs

an Open Source Django App whose main purpose is to detect login anomalies

GitHub 49 Python

T-Pot

The All In One Multi Honeypot Platform 🐝

GitHub 8189 C GPL-3.0

deception docker elk honeypot network-security security t-pot

mitmproxy

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

Website GitHub 40.3k Python MIT

debugging http http2 man-in-the-middle mitmproxy proxy python security ssl tls websocket

thug

Python low-interaction honeyclient

GitHub 1019 Python GPL-2.0

client-honeypot honeyclient low-interaction python security-tools shellcode virustotal

DRAKVUF

Black-box Binary Analysis

Website GitHub 1150 C++

introspection malware-analysis virtualization xen

GreedyBear

Threat Intel Platform for T-POTs

GitHub 161 Python MIT

cyber-threat-intelligence cybersecurity hacktoberfest honeypot ioc open-source python threat-intelligence threatintel tpot

Glutton

Generic Low Interaction Honeypot

GitHub 284 Go MIT

hacktoberfest honeypot

ochi

Website GitHub 32 Go GPL-3.0

honeypot visualization

PcapMonkey

will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.

GitHub 157 Zeek

Conpot

ICS/SCADA honeypot

GitHub 1371 Python GPL-2.0

hacktoberfest honeypot ics python scada security

Old Projects

honeyscanner

A vulnerability analyzer for honeypots

Website GitHub 46 Python MIT

cybersecurity cybersecurity-assessments dos-attack exploitation fuzzing honeypots passive-vulnerability-scanner ssh-honeypot vulnerability-scanner

TANNER

He who flays the hide

GitHub 228 Python GPL-3.0

honeypot security

DroidBot

A lightweight test input generator for Android. Similar to Monkey, but with more intelligence and cool features!

GitHub 897 Python MIT

dionaea

Home of the dionaea honeypot

Website GitHub 764 Python GPL-2.0

dionaea honeypot security

Glastopf

Web Application Honeypot

Website GitHub 581 Python

SNARE

Super Next generation Advanced Reactive honEypot

Website GitHub 467 Python GPL-3.0

hacktoberfest honeypot security

WhisperPot

VoIP honeypot system

GitHub 20 Python MIT

honeypot voip

RIoTPot

the IoT and OT (Operational Technology) Honeypot

GitHub 25 Go MIT

Kippo

SSH Honeypot

GitHub 1699 Python

Droidbox

Dynamic analysis of Android apps

GitHub 784 Python

cuckoo

Sandbox is an automated dynamic malware analysis system

Website GitHub 5780 JavaScript

dockpot

GitHub 52 Python

Google Hack Honeypot

GitHub 7 PHP GPL-2.0

honeypot security

Honeytrap

a low-interaction honeypot

GitHub 94 C GPL-2.0

GVol

GitHub 20 Java MIT

Capture-HPC

A high interaction client honeypot

GitHub 31 C

Capture BAT

a behavioral analysis tool of applications for the Win32 operating system family.

GitHub 32 C++ GPL-2.0

honeysnap

GitHub 13 Python

honeyc

GitHub 8 Ruby

HFlow2

GitHub 5 C++ GPL-2.0

APKinspector

a powerful GUI tool for analysts to analyze the Android applications.

GitHub 846 Java

HoneyBow

A high-interaction malware collection toolkit

Website

Honeyd

A low-interaction honeypot

Honeystick

A portable honeynet demonstration and incident response tool

Latest Activity

spoiicy pushed to intelowlproject/IntelOwl · at August 26, 2025

1 commit to intelowlproject/IntelOwl

4eb99c4 fixed migration issues

spoiicy pushed to intelowlproject/IntelOwl · at August 26, 2025

9 commits to intelowlproject/IntelOwl

72f3da4 Added CommandSequenceAPI to GreedyBear (#2902) 7bdc3b9 Fix abuseipdb tags (#2932) 8de0446 Frontend - analyzables page + user events modal (#2931)

Lorygold pushed to certego/BuffaLogs · at August 25, 2025

2 commits to certego/BuffaLogs

1f84f11 Fixed settings path in debug env fdb7334 Fixed impossible travel fields enrichment to alert

Lorygold pushed to certego/BuffaLogs · at August 25, 2025

1 commit to certego/BuffaLogs

30a44cc Added migration

errorxyz pushed to mitmproxy/mitmproxy · at August 25, 2025

1 commit to mitmproxy/mitmproxy

10be97f Revert hypothesis bump

mhils pushed to mitmproxy/mitmproxy · at August 24, 2025

1 commit to mitmproxy/mitmproxy

38a7ee9 clarify MSFT env vars

buffer pushed to buffer/thug · at August 24, 2025

1 commit to buffer/thug

749ff99 Update requirements

buffer pushed to buffer/thug · at August 24, 2025

2 commits to buffer/thug

3580e81 Update requirements: Bump lxml from 6.0.0 to 6.0.1 3556399 Merge pull request #420 from buffer/dependabot/pip/lxml-6.0.1

github-actions published GreedyBear 1.6.7. 🎉 · at August 18, 2025

mlodic pushed to intelowlproject/GreedyBear · at August 18, 2025

7 commits to intelowlproject/GreedyBear

4e955e8 added filter for whatsmyip domains (#557) 6fd2ebb Bump djangorestframework from 3.16.0 to 3.16.1 in /requirements (#560) f8eb83a added codeowners in place of dependabot deprecated reviewers

t3chn0m4g3 pushed to telekom-security/tpotce · at August 15, 2025

1 commit to telekom-security/tpotce

eefbf7d bump h0neytr4p to v0.35

t3chn0m4g3 pushed to telekom-security/tpotce · at August 15, 2025

1 commit to telekom-security/tpotce

1b528ea Bump h0neytr4p to v0.34

tklengyel pushed to tklengyel/drakvuf · at August 8, 2025

1 commit to tklengyel/drakvuf

a7db19a Fix: changed make_hook_id to not overwrite return hook when apicall was nested …

psrok1 opened a pull request in tklengyel/drakvuf. · at August 8, 2025

#1847 Fix potential use-after-free in trap->name set by userhook on running process

7 additions and 5 deletions in 2 changed files.