Projects

This page contains a list of tools and services that we use on a regular basis. Most of these tools have been created by our members and GSoC students, but some are also external and not affiliated with the Honeynet Project. If you see that a specific tool is not listed, but should, feel free to email [email protected]. Projects are sorted by last commit date.

Active Projects

thug

Python low-interaction honeyclient

GitHub 1021 Python GPL-2.0

client-honeypot honeyclient low-interaction python security-tools shellcode virustotal

ochi

Website GitHub 35 Go GPL-3.0

honeypot visualization

GreedyBear

Threat Intel Platform for T-POTs

GitHub 183 Python MIT

cyber-threat-intelligence cybersecurity hacktoberfest honeypot ioc open-source python threat-intelligence threatintel tpot

mitmproxy

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

Website GitHub 42.6k Python MIT

debugging http http2 man-in-the-middle mitmproxy proxy python security ssl tls websocket

DRAKVUF

Black-box Binary Analysis

Website GitHub 1210 C++

introspection malware-analysis virtualization xen

Intel Owl

IntelOwl: manage your Threat Intelligence at scale

Website GitHub 4483 Python AGPL-3.0

cyber-security cyber-threat-intelligence cybersecurity dfir enrichment hacktoberfest honeynet incident-response intel-owl ioc malware-analysis malware-analyzer osint osint-python python

BuffaLogs

an Open Source Django App whose main purpose is to detect login anomalies

GitHub 63 Python

T-Pot

The All In One Multi Honeypot Platform 🐝

GitHub 8830 C GPL-3.0

deception docker elk honeypot network-security security t-pot

honeyscanner

A vulnerability analyzer for honeypots

Website GitHub 60 Python MIT

cybersecurity cybersecurity-assessments dos-attack exploitation fuzzing honeypots passive-vulnerability-scanner ssh-honeypot vulnerability-scanner

Glutton

Generic Low Interaction Honeypot

GitHub 296 Go MIT

hacktoberfest honeypot

PcapMonkey

will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.

GitHub 164 Zeek

Old Projects

Conpot

ICS/SCADA honeypot

GitHub 1435 Python GPL-2.0

hacktoberfest honeypot ics python scada security

TANNER

He who flays the hide

GitHub 231 Python GPL-3.0

honeypot security

DroidBot

A lightweight test input generator for Android. Similar to Monkey, but with more intelligence and cool features!

GitHub 940 Python MIT

dionaea

Home of the dionaea honeypot

Website GitHub 790 Python GPL-2.0

dionaea honeypot security

Glastopf

Web Application Honeypot

Website GitHub 596 Python

SNARE

Super Next generation Advanced Reactive honEypot

Website GitHub 477 Python GPL-3.0

hacktoberfest honeypot security

WhisperPot

VoIP honeypot system

GitHub 21 Python MIT

honeypot voip

RIoTPot

the IoT and OT (Operational Technology) Honeypot

GitHub 30 Go MIT

Kippo

SSH Honeypot

GitHub 1712 Python

Droidbox

Dynamic analysis of Android apps

GitHub 796 Python

cuckoo

Sandbox is an automated dynamic malware analysis system

Website GitHub 5924 JavaScript

dockpot

GitHub 52 Python

Google Hack Honeypot

GitHub 7 PHP GPL-2.0

honeypot security

Honeytrap

a low-interaction honeypot

GitHub 95 C GPL-2.0

GVol

GitHub 20 Java MIT

Capture-HPC

A high interaction client honeypot

GitHub 31 C

Capture BAT

a behavioral analysis tool of applications for the Win32 operating system family.

GitHub 32 C++ GPL-2.0

honeysnap

GitHub 13 Python

honeyc

GitHub 8 Ruby

HFlow2

GitHub 5 C++ GPL-2.0

APKinspector

a powerful GUI tool for analysts to analyze the Android applications.

GitHub 853 Java

HoneyBow

A high-interaction malware collection toolkit

Website

Honeyd

A low-interaction honeypot

Honeystick

A portable honeynet demonstration and incident response tool

Latest Activity

ayushgupta704 opened a pull request in intelowlproject/IntelOwl. · at March 7, 2026

#3443 Establish dynamic Data Model visualization.

250 additions and 250 deletions in 8 changed files.

Gagan144-blip opened a pull request in intelowlproject/IntelOwl. · at March 7, 2026

#3442 Add support for ingesting YARA rules from Unprotect API. Closes #1711

173 additions and 5 deletions in 3 changed files.

buffer pushed to buffer/thug · at March 7, 2026

1 commit to buffer/thug

5281622 Minor change

R1sh0bh-1 opened a pull request in intelowlproject/GreedyBear. · at March 7, 2026

#993 Fix unauthenticated feeds memory exhaustion DoS. Closes #844

32 additions and 5 deletions in 2 changed files.

Sanchit2662 opened a pull request in intelowlproject/GreedyBear. · at March 7, 2026

#992 fix: union instead of replace for include_similar in command_sequence…

39 additions and 1 deletions in 2 changed files.

lups2000 pushed to mitmproxy/mitmproxy · at March 6, 2026

1 commit to mitmproxy/mitmproxy

6d073bb Console: Option to hide quickhelp UI (#5746) (#8095)

tklengyel pushed to tklengyel/drakvuf · at March 5, 2026

1 commit to tklengyel/drakvuf

cb62139 Update etwmon to support Windows 11 (#1867)

iBug opened a pull request in mitmproxy/mitmproxy. · at March 5, 2026

#8121 Add a Clear Screen button

26 additions and 0 deletions in 3 changed files.

buffer pushed to buffer/thug · at March 4, 2026

1 commit to buffer/thug

df6e0b0 Minor change

lfreijo opened a pull request in tklengyel/drakvuf. · at March 3, 2026

#1867 Update etwmon to support Windows 11

46 additions and 1 deletions in 1 changed files.

lucaCigarini pushed to certego/BuffaLogs · at February 25, 2026

1 commit to certego/BuffaLogs

65ae3c3 fix: setup_config accepts multiple values for list fields …

eugenioseveri pushed to certego/BuffaLogs · at February 10, 2026

1 commit to certego/BuffaLogs

41c98d7 Update CHANGELOG for version 3.1.0 (#564)

Anikets290799 opened a pull request in mushorg/conpot. · at February 6, 2026

#601 clarify Conpot HTTP behavior and setup verification

9 additions and 0 deletions in 1 changed files.

vedantan150179-alt opened a pull request in honeynet/honeyscanner. · at February 6, 2026

#52 Fix README paths and run instructions

72 additions and 5 deletions in 6 changed files.