Projects

This page contains a list of tools and services that we use on a regular basis. Most of these tools have been created by our members and GSoC students, but some are also external and not affiliated with the Honeynet Project. If you see that a specific tool is not listed, but should, feel free to email [email protected]. Projects are sorted by last commit date.

Active Projects

Intel Owl

IntelOwl: manage your Threat Intelligence at scale

Website GitHub 4405 Python AGPL-3.0
cyber-security cyber-threat-intelligence cybersecurity dfir enrichment hacktoberfest honeynet incident-response intel-owl ioc malware-analysis malware-analyzer osint osint-python python

GreedyBear

Threat Intel Platform for T-POTs

GitHub 161 Python MIT
cyber-threat-intelligence cybersecurity hacktoberfest honeypot ioc open-source python threat-intelligence threatintel tpot

T-Pot

The All In One Multi Honeypot Platform 🐝

GitHub 8618 C GPL-3.0
deception docker elk honeypot network-security security t-pot

thug

Python low-interaction honeyclient

GitHub 1020 Python GPL-2.0
client-honeypot honeyclient low-interaction python security-tools shellcode virustotal

BuffaLogs

an Open Source Django App whose main purpose is to detect login anomalies

GitHub 58 Python

honeyscanner

A vulnerability analyzer for honeypots

Website GitHub 53 Python MIT
cybersecurity cybersecurity-assessments dos-attack exploitation fuzzing honeypots passive-vulnerability-scanner ssh-honeypot vulnerability-scanner

mitmproxy

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

Website GitHub 41.8k Python MIT
debugging http http2 man-in-the-middle mitmproxy proxy python security ssl tls websocket

Glutton

Generic Low Interaction Honeypot

GitHub 295 Go MIT
hacktoberfest honeypot

ochi

Website GitHub 33 Go GPL-3.0
honeypot visualization

DRAKVUF

Black-box Binary Analysis

Website GitHub 1191 C++
introspection malware-analysis virtualization xen

PcapMonkey

will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.

GitHub 161 Zeek

Old Projects

Conpot

ICS/SCADA honeypot

GitHub 1416 Python GPL-2.0
hacktoberfest honeypot ics python scada security

TANNER

He who flays the hide

GitHub 230 Python GPL-3.0
honeypot security

DroidBot

A lightweight test input generator for Android. Similar to Monkey, but with more intelligence and cool features!

GitHub 929 Python MIT

dionaea

Home of the dionaea honeypot

Website GitHub 786 Python GPL-2.0
dionaea honeypot security

Glastopf

Web Application Honeypot

Website GitHub 593 Python

SNARE

Super Next generation Advanced Reactive honEypot

Website GitHub 473 Python GPL-3.0
hacktoberfest honeypot security

WhisperPot

VoIP honeypot system

GitHub 21 Python MIT
honeypot voip

RIoTPot

the IoT and OT (Operational Technology) Honeypot

GitHub 31 Go MIT

Kippo

SSH Honeypot

GitHub 1709 Python

Droidbox

Dynamic analysis of Android apps

GitHub 792 Python

cuckoo

Sandbox is an automated dynamic malware analysis system

Website GitHub 5888 JavaScript

dockpot

GitHub 52 Python

Google Hack Honeypot

Google Hack Honeypot

GitHub 7 PHP GPL-2.0
honeypot security

Honeytrap

a low-interaction honeypot

GitHub 95 C GPL-2.0

GVol

GitHub 20 Java MIT

Capture-HPC

A high interaction client honeypot

GitHub 31 C

Capture BAT

a behavioral analysis tool of applications for the Win32 operating system family.

GitHub 32 C++ GPL-2.0

honeysnap

GitHub 13 Python

honeyc

GitHub 8 Ruby

HFlow2

GitHub 5 C++ GPL-2.0

APKinspector

a powerful GUI tool for analysts to analyze the Android applications.

GitHub 851 Java

HoneyBow

A high-interaction malware collection toolkit

Website

Honeyd

A low-interaction honeypot

Honeystick

A portable honeynet demonstration and incident response tool

Latest Activity

@LeeFred3042U
LeeFred3042U opened a pull request in intelowlproject/GreedyBear. · at January 6, 2026
#687 Fix order-dependent assertions in feeds tests. Closes #654
88 additions and 30 deletions in 1 changed files.
@fgibertoni
fgibertoni pushed to intelowlproject/IntelOwl · at January 6, 2026
1 commit to intelowlproject/IntelOwl
eef4c57 Updated to 5.2.10
@fgibertoni
fgibertoni pushed to intelowlproject/IntelOwl · at January 6, 2026
34 commits to intelowlproject/IntelOwl
ffbae22 Floss Capa Refactor (#2933) 246311b fixed autoreload (#3071) c2c7096 fixed test
@opbot-xd
opbot-xd opened a pull request in intelowlproject/GreedyBear. · at January 6, 2026
#685 fix: Refactor MassScannersCron to handle flexible IP formats. Closes #678
410 additions and 19 deletions in 4 changed files.
@t3chn0m4g3
t3chn0m4g3 pushed to telekom-security/tpotce · at January 6, 2026
1 commit to telekom-security/tpotce
39193ec Refresh nginx container (i.e. esvue) for ELK 9.2.3 support
@t3chn0m4g3
t3chn0m4g3 pushed to telekom-security/tpotce · at January 5, 2026
1 commit to telekom-security/tpotce
fdf9be3 Prepare for Elastic Stack 9.2.3
@nadav96
nadav96 opened a pull request in mitmproxy/mitmproxy. · at January 5, 2026
#8039 Added opt-in “Format” toggle for HttpMessage Copy/Edit + tests
370 additions and 16 deletions in 4 changed files.
@nishantxscooby
nishantxscooby opened a pull request in certego/BuffaLogs. · at January 4, 2026
#524 Perf: add missing indexes for Login filters to avoid sequential scans
42 additions and 0 deletions in 2 changed files.
@nishantxscooby
nishantxscooby opened a pull request in certego/BuffaLogs. · at January 4, 2026
#523 Fix: install postgresql-client so dbshell works in buffalogs container
6 additions and 4 deletions in 1 changed files.
@mlodic
mlodic pushed to honeynet/honeyscanner · at January 2, 2026
9 commits to honeynet/honeyscanner
28d7c38 optimized for async operations and faster execution ddab1ac fixed cowrie requirements file fc1990e changed from string to dict for reporting
@mhils
mhils pushed to mitmproxy/mitmproxy · at January 2, 2026
1 commit to mitmproxy/mitmproxy
e6aa924 eslint: consistent-type-imports (#7975)
@furusiyya
furusiyya pushed to mushorg/glutton · at December 31, 2025
2 commits to mushorg/glutton
2dbe825 fix: added bash support fix devcontainer build issue 59bda1e enhancement: passthrough using exclusion in the iptables …
@furusiyya
furusiyya pushed to mushorg/glutton · at December 31, 2025
1 commit to mushorg/glutton
0c9d359 WIP(enhancement): passthrough using exclusion in the …
@h29710440-coder
h29710440-coder opened a pull request in pjlantz/droidbox. · at December 19, 2025
#38 Hahha@@Create Vncdhh HDB g
6 additions and 0 deletions in 1 changed files.
@buffer
buffer pushed to buffer/thug · at December 10, 2025
2 commits to buffer/thug
244e37a Update requirements: Bump pymongo from 4.15.4 to 4.15.5 cba3cb5 Merge pull request #434 from …