Projects

This page contains a list of tools and services that we use on a regular basis. Most of these tools have been created by our members and GSoC students, but some are also external and not affiliated with the Honeynet Project. If you see that a specific tool is not listed, but should, feel free to email [email protected]. Projects are sorted by last commit date.

Active Projects

BuffaLogs

an Open Source Django App whose main purpose is to detect login anomalies

GitHub 63 Python

GreedyBear

Threat Intel Platform for T-POTs

GitHub 196 Python MIT
cyber-threat-intelligence cybersecurity hacktoberfest honeypot ioc open-source python threat-intelligence threatintel tpot

Intel Owl

IntelOwl: manage your Threat Intelligence at scale

Website GitHub 4541 Python AGPL-3.0
cyber-security cyber-threat-intelligence cybersecurity dfir enrichment hacktoberfest honeynet incident-response intel-owl ioc malware-analysis malware-analyzer osint osint-python python

Conpot

ICS/SCADA honeypot

GitHub 1457 Python GPL-2.0
hacktoberfest honeypot ics python scada security

thug

Python low-interaction honeyclient

GitHub 1023 Python GPL-2.0
client-honeypot honeyclient low-interaction python security-tools shellcode virustotal

mitmproxy

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

Website GitHub 43.1k Python MIT
debugging http http2 man-in-the-middle mitmproxy proxy python security ssl tls websocket

ochi

Website GitHub 36 Go GPL-3.0
honeypot visualization

PcapMonkey

will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.

GitHub 166 Zeek

T-Pot

The All In One Multi Honeypot Platform ๐Ÿ

GitHub 9055 C GPL-3.0
deception docker elk honeypot network-security security t-pot

DRAKVUF

Black-box Binary Analysis

Website GitHub 1221 C++
introspection malware-analysis virtualization xen

honeyscanner

A vulnerability analyzer for honeypots

Website GitHub 62 Python MIT
cybersecurity cybersecurity-assessments dos-attack exploitation fuzzing honeypots passive-vulnerability-scanner ssh-honeypot vulnerability-scanner

Glutton

Generic Low Interaction Honeypot

GitHub 299 Go MIT
hacktoberfest honeypot

Old Projects

TANNER

He who flays the hide

GitHub 231 Python GPL-3.0
honeypot security

DroidBot

A lightweight test input generator for Android. Similar to Monkey, but with more intelligence and cool features!

GitHub 955 Python MIT

dionaea

Home of the dionaea honeypot

Website GitHub 800 Python GPL-2.0
dionaea honeypot security

Glastopf

Web Application Honeypot

Website GitHub 598 Python

SNARE

Super Next generation Advanced Reactive honEypot

Website GitHub 479 Python GPL-3.0
hacktoberfest honeypot security

WhisperPot

VoIP honeypot system

GitHub 22 Python MIT
honeypot voip

RIoTPot

the IoT and OT (Operational Technology) Honeypot

GitHub 30 Go MIT

Kippo

SSH Honeypot

GitHub 1712 Python

Droidbox

Dynamic analysis of Android apps

GitHub 798 Python

cuckoo

Sandbox is an automated dynamic malware analysis system

Website GitHub 5947 JavaScript

dockpot

GitHub 52 Python

Google Hack Honeypot

Google Hack Honeypot

GitHub 7 PHP GPL-2.0
honeypot security

Honeytrap

a low-interaction honeypot

GitHub 96 C GPL-2.0

GVol

GitHub 20 Java MIT

Capture-HPC

A high interaction client honeypot

GitHub 31 C

Capture BAT

a behavioral analysis tool of applications for the Win32 operating system family.

GitHub 32 C++ GPL-2.0

honeysnap

GitHub 13 Python

honeyc

GitHub 8 Ruby

HFlow2

GitHub 5 C++ GPL-2.0

APKinspector

a powerful GUI tool for analysts to analyze the Android applications.

GitHub 854 Java

HoneyBow

A high-interaction malware collection toolkit

Website

Honeyd

A low-interaction honeypot

Honeystick

A portable honeynet demonstration and incident response tool

Latest Activity

@regulartim
regulartim opened a pull request in GreedyBear-Project/GreedyBear. ยท at April 14, 2026
#1232 3.3.2
4724 additions and 8828 deletions in 34 changed files.
@regulartim
regulartim pushed to GreedyBear-Project/GreedyBear ยท at April 14, 2026
1 commit to GreedyBear-Project/GreedyBear
3336f66 Bind formik values to username and password inputs in Login โ€ฆ
@mlodic
mlodic pushed to intelowlproject/IntelOwl ยท at April 14, 2026
1 commit to intelowlproject/IntelOwl
fd852b7 refactor: remove Greynoise_Labs analyzer (#3648)
@mlodic
mlodic pushed to intelowlproject/IntelOwl ยท at April 14, 2026
1 commit to intelowlproject/IntelOwl
a6a7246 fix(misp): eliminate N+1 HTTP requests in MISP connector. โ€ฆ
@glaslos
glaslos pushed to mushorg/conpot ยท at April 14, 2026
1 commit to mushorg/conpot
79399ad Bump pytest from 9.0.2 to 9.0.3 (#611)
@badideasforsale
badideasforsale opened a pull request in telekom-security/tpotce. ยท at April 14, 2026
#1879 fix: use sudo -n detection for all distros instead of hardcoding for Debian
9 additions and 15 deletions in 1 changed files.
@buffer
buffer pushed to buffer/thug ยท at April 13, 2026
2 commits to buffer/thug
7ea17c9 Update requirements: Bump lxml from 6.0.3 to 6.0.4 66d8860 Merge pull request #449 from โ€ฆ
@mhils
mhils pushed to mitmproxy/mitmproxy ยท at April 13, 2026
1 commit to mitmproxy/mitmproxy
d332cbf Update asgiref requirement from <=3.11.0,>=3.2.10 to โ€ฆ
@mhils
mhils pushed to mitmproxy/mitmproxy ยท at April 13, 2026
1 commit to mitmproxy/mitmproxy
00ee4e9 Update pyopenssl requirement from <=25.3.0,>=24.3 to โ€ฆ
@buffer
buffer pushed to buffer/thug ยท at April 13, 2026
2 commits to buffer/thug
04e0eeb Update requirements: Bump lxml from 6.0.2 to 6.0.3 56bad59 Merge pull request #447 from โ€ฆ
@north-echo
north-echo opened a pull request in mushorg/conpot. ยท at April 12, 2026
#610 Add wiki pages: deployment, templates, attack patterns, research
479 additions and 0 deletions in 6 changed files.
@lucaCigarini
lucaCigarini pushed to certego/BuffaLogs ยท at March 30, 2026
1 commit to certego/BuffaLogs
de665bb Correct way to reference the Apacne 2.0 license (#567)
@pdelsante
pdelsante opened a pull request in certego/BuffaLogs. ยท at March 30, 2026
#567 Correct way to reference the Apache 2.0 license
13 additions and 3 deletions in 2 changed files.
@alwaysalearner1234
alwaysalearner1234 opened a pull request in honeynet/honeyscanner. ยท at March 27, 2026
#54 Fix IPv6 handling: preserve ':' in target IP sanitization
2 additions and 2 deletions in 1 changed files.
@eugenioseveri
eugenioseveri pushed to certego/PcapMonkey ยท at March 25, 2026
1 commit to certego/PcapMonkey
da829c6 Adding CONTRIBUTING.md and CLA (#39)
@pdelsante
pdelsante opened a pull request in certego/PcapMonkey. ยท at March 20, 2026
#39 Adding CONTRIBUTING.md and CLA
53 additions and 0 deletions in 1 changed files.
@glaslos
glaslos pushed to honeynet/ochi ยท at March 19, 2026
1 commit to honeynet/ochi
6c69549 Bump google.golang.org/grpc from 1.71.0 to 1.79.3 (#131)