Projects

This page contains a list of tools and services that we use on a regular basis. Most of these tools have been created by our members and GSoC students, but some are also external and not affiliated with the Honeynet Project. If you see that a specific tool is not listed, but should, feel free to email [email protected]. Projects are sorted by last commit date.

Active Projects

mitmproxy

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

Website GitHub 41.2k Python MIT
debugging http http2 man-in-the-middle mitmproxy proxy python security ssl tls websocket

Intel Owl

IntelOwl: manage your Threat Intelligence at scale

Website GitHub 4351 Python AGPL-3.0
cyber-security cyber-threat-intelligence cybersecurity dfir enrichment hacktoberfest honeynet incident-response intel-owl ioc malware-analysis malware-analyzer osint osint-python python

thug

Python low-interaction honeyclient

GitHub 1017 Python GPL-2.0
client-honeypot honeyclient low-interaction python security-tools shellcode virustotal

BuffaLogs

an Open Source Django App whose main purpose is to detect login anomalies

GitHub 52 Python

GreedyBear

Threat Intel Platform for T-POTs

GitHub 157 Python MIT
cyber-threat-intelligence cybersecurity hacktoberfest honeypot ioc open-source python threat-intelligence threatintel tpot

DRAKVUF

Black-box Binary Analysis

Website GitHub 1183 C++
introspection malware-analysis virtualization xen

T-Pot

The All In One Multi Honeypot Platform ๐Ÿ

GitHub 8462 C GPL-3.0
deception docker elk honeypot network-security security t-pot

Glutton

Generic Low Interaction Honeypot

GitHub 292 Go MIT
hacktoberfest honeypot

ochi

Website GitHub 32 Go GPL-3.0
honeypot visualization

PcapMonkey

will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.

GitHub 159 Zeek

Conpot

ICS/SCADA honeypot

GitHub 1401 Python GPL-2.0
hacktoberfest honeypot ics python scada security

Old Projects

honeyscanner

A vulnerability analyzer for honeypots

Website GitHub 52 Python MIT
cybersecurity cybersecurity-assessments dos-attack exploitation fuzzing honeypots passive-vulnerability-scanner ssh-honeypot vulnerability-scanner

TANNER

He who flays the hide

GitHub 229 Python GPL-3.0
honeypot security

DroidBot

A lightweight test input generator for Android. Similar to Monkey, but with more intelligence and cool features!

GitHub 921 Python MIT

dionaea

Home of the dionaea honeypot

Website GitHub 780 Python GPL-2.0
dionaea honeypot security

Glastopf

Web Application Honeypot

Website GitHub 589 Python

SNARE

Super Next generation Advanced Reactive honEypot

Website GitHub 472 Python GPL-3.0
hacktoberfest honeypot security

WhisperPot

VoIP honeypot system

GitHub 20 Python MIT
honeypot voip

RIoTPot

the IoT and OT (Operational Technology) Honeypot

GitHub 29 Go MIT

Kippo

SSH Honeypot

GitHub 1706 Python

Droidbox

Dynamic analysis of Android apps

GitHub 785 Python

cuckoo

Sandbox is an automated dynamic malware analysis system

Website GitHub 5846 JavaScript

dockpot

GitHub 52 Python

Google Hack Honeypot

Google Hack Honeypot

GitHub 7 PHP GPL-2.0
honeypot security

Honeytrap

a low-interaction honeypot

GitHub 94 C GPL-2.0

GVol

GitHub 20 Java MIT

Capture-HPC

A high interaction client honeypot

GitHub 31 C

Capture BAT

a behavioral analysis tool of applications for the Win32 operating system family.

GitHub 32 C++ GPL-2.0

honeysnap

GitHub 13 Python

honeyc

GitHub 8 Ruby

HFlow2

GitHub 5 C++ GPL-2.0

APKinspector

a powerful GUI tool for analysts to analyze the Android applications.

GitHub 847 Java

HoneyBow

A high-interaction malware collection toolkit

Website

Honeyd

A low-interaction honeypot

Honeystick

A portable honeynet demonstration and incident response tool

Latest Activity

@lups2000
lups2000 pushed to mitmproxy/mitmproxy ยท at November 14, 2025
1 commit to mitmproxy/mitmproxy
08a947b Add "local" mode to โ€˜--mode helpโ€™ command description โ€ฆ
@Rohankaf
Rohankaf opened a pull request in mitmproxy/mitmproxy. ยท at November 14, 2025
#7977 Add missing "local" mode to --mode help text (#7976)
1 additions and 1 deletions in 1 changed files.
@drosetti
drosetti pushed to intelowlproject/IntelOwl ยท at November 14, 2025
1 commit to intelowlproject/IntelOwl
c2c7096 fixed test
@drosetti
drosetti pushed to intelowlproject/IntelOwl ยท at November 13, 2025
1 commit to intelowlproject/IntelOwl
246311b fixed autoreload (#3071)
@buffer
buffer published thug v6.19. ๐ŸŽ‰ ยท at November 13, 2025
@buffer
buffer pushed to buffer/thug ยท at November 13, 2025
1 commit to buffer/thug
f1ed6f8 Version 6.19
@Lorygold
Lorygold pushed to certego/BuffaLogs ยท at November 12, 2025
1 commit to certego/BuffaLogs
b5a6a11 feat: add task execution logging (#471)
@prafullpandey614
prafullpandey614 opened a pull request in certego/BuffaLogs. ยท at November 12, 2025
#476 Add testcases for models - Login, Config, & UserIP
309 additions and 7 deletions in 1 changed files.
@psrok1
psrok1 opened a pull request in tklengyel/drakvuf. ยท at November 3, 2025
#1857 injector: Improve shellexecute method
307 additions and 24 deletions in 16 changed files.
@tklengyel
tklengyel pushed to tklengyel/drakvuf ยท at November 1, 2025
1 commit to tklengyel/drakvuf
f619440 fix: Hooked SslGenerateSessionKeys function to get TLS keys โ€ฆ
@dependabot
dependabot pushed to intelowlproject/GreedyBear ยท at October 16, 2025
2 commits to intelowlproject/GreedyBear
9dbaf0b Bump scikit-learn from 1.6.1 to 1.7.2 in /requirements โ€ฆ 98479cc Bump uwsgi from 2.0.30 to 2.0.31 in /requirements
@regulartim
regulartim pushed to intelowlproject/GreedyBear ยท at October 16, 2025
1 commit to intelowlproject/GreedyBear
9dbaf0b Bump scikit-learn from 1.6.1 to 1.7.2 in /requirements โ€ฆ