Projects

This page contains a list of tools and services that we use on a regular basis. Most of these tools have been created by our members and GSoC students, but some are also external and not affiliated with the Honeynet Project. If you see that a specific tool is not listed, but should, feel free to email [email protected]. Projects are sorted by last commit date.

Active Projects

Intel Owl

IntelOwl: manage your Threat Intelligence at scale

Website GitHub 4211 Python AGPL-3.0
cyber-security cyber-threat-intelligence cybersecurity dfir enrichment hacktoberfest honeynet incident-response intel-owl ioc malware-analysis malware-analyzer osint osint-python python

GreedyBear

Threat Intel Platform for T-POTs

GitHub 157 Python MIT
cyber-threat-intelligence cybersecurity hacktoberfest honeypot ioc open-source python threat-intelligence threatintel tpot

BuffaLogs

an Open Source Django App whose main purpose is to detect login anomalies

GitHub 45 Python

DRAKVUF

Black-box Binary Analysis

Website GitHub 1135 C++
introspection malware-analysis virtualization xen

mitmproxy

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

Website GitHub 39.8k Python MIT
debugging http http2 man-in-the-middle mitmproxy proxy python security ssl tls websocket

T-Pot

The All In One Multi Honeypot Platform 🐝

GitHub 8088 C GPL-3.0
deception docker elk honeypot network-security security t-pot

thug

Python low-interaction honeyclient

GitHub 1016 Python GPL-2.0
client-honeypot honeyclient low-interaction python security-tools shellcode virustotal

Glutton

Generic Low Interaction Honeypot

GitHub 281 Go MIT
hacktoberfest honeypot

ochi

Website GitHub 32 Go GPL-3.0
honeypot visualization

PcapMonkey

will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.

GitHub 155 Zeek

Conpot

ICS/SCADA honeypot

GitHub 1359 Python GPL-2.0
hacktoberfest honeypot ics python scada security

honeyscanner

A vulnerability analyzer for honeypots

Website GitHub 45 Python MIT
cybersecurity cybersecurity-assessments dos-attack exploitation fuzzing honeypots passive-vulnerability-scanner ssh-honeypot vulnerability-scanner

TANNER

He who flays the hide

GitHub 228 Python GPL-3.0
honeypot security

DroidBot

A lightweight test input generator for Android. Similar to Monkey, but with more intelligence and cool features!

GitHub 887 Python MIT

dionaea

Home of the dionaea honeypot

Website GitHub 757 Python GPL-2.0
dionaea honeypot security

Glastopf

Web Application Honeypot

Website GitHub 579 Python

Old Projects

SNARE

Super Next generation Advanced Reactive honEypot

Website GitHub 467 Python GPL-3.0
hacktoberfest honeypot security

WhisperPot

VoIP honeypot system

GitHub 20 Python MIT
honeypot voip

RIoTPot

the IoT and OT (Operational Technology) Honeypot

GitHub 25 Go MIT

Kippo

SSH Honeypot

GitHub 1696 Python

Droidbox

Dynamic analysis of Android apps

GitHub 783 Python

cuckoo

Sandbox is an automated dynamic malware analysis system

Website GitHub 5748 JavaScript

dockpot

GitHub 52 Python

Google Hack Honeypot

Google Hack Honeypot

GitHub 7 PHP GPL-2.0
honeypot security

Honeytrap

a low-interaction honeypot

GitHub 94 C GPL-2.0

GVol

GitHub 20 Java MIT

Capture-HPC

A high interaction client honeypot

GitHub 31 C

Capture BAT

a behavioral analysis tool of applications for the Win32 operating system family.

GitHub 32 C++ GPL-2.0

honeysnap

GitHub 13 Python

honeyc

GitHub 8 Ruby

HFlow2

GitHub 5 C++ GPL-2.0

APKinspector

a powerful GUI tool for analysts to analyze the Android applications.

GitHub 844 Java

HoneyBow

A high-interaction malware collection toolkit

Website

Honeyd

A low-interaction honeypot

Honeystick

A portable honeynet demonstration and incident response tool

Latest Activity

@mlodic
mlodic opened a pull request in intelowlproject/GreedyBear. · at July 18, 2025
#553 Threatfox
63 additions and 2 deletions in 4 changed files.
@mlodic
mlodic pushed to intelowlproject/GreedyBear · at July 18, 2025
1 commit to intelowlproject/GreedyBear
1b797b6 threatfox fix to upload only URLs with full paths to avoid FP
@Lorygold
Lorygold opened a pull request in certego/BuffaLogs. · at July 18, 2025
#358 test
1 additions and 0 deletions in 1 changed files.
@Lorygold
Lorygold pushed to certego/BuffaLogs · at July 18, 2025
12 commits to certego/BuffaLogs
68fbf03 Merge pull request #316 from certego/develop e4d1a24 Added PyYAML requirement (#337) f0af890 Email Integration in Users Model (#320)
@carellamartina
carellamartina pushed to intelowlproject/IntelOwl · at July 17, 2025
1 commit to intelowlproject/IntelOwl
b65d1b9 fix
@carellamartina
carellamartina opened a pull request in intelowlproject/IntelOwl. · at July 17, 2025
#2928 User events modal form
2055 additions and 644 deletions in 38 changed files.
@tklengyel
tklengyel pushed to tklengyel/drakvuf · at July 15, 2025
1 commit to tklengyel/drakvuf
0fa2fd6 Vista support : adapting win_get_object_name and win_get_object_type_name …
@lups2000
lups2000 opened a pull request in mitmproxy/mitmproxy. · at July 14, 2025
#7804 Web: Show Local timezone in the Timing tab
14 additions and 5 deletions in 3 changed files.
@lups2000
lups2000 pushed to mitmproxy/mitmproxy · at July 14, 2025
1 commit to mitmproxy/mitmproxy
a4d794c fix: update log message with correct header name (#7802)
@zaterio
zaterio opened a pull request in telekom-security/tpotce. · at July 13, 2025
#1815 update.sh: Updates and maintains Docker Compose and TPOT_TYPE in .env #1813
49 additions and 5 deletions in 1 changed files.
@Boolean-Autocrat
Boolean-Autocrat opened a pull request in mushorg/glutton. · at July 7, 2025
#186 Introduce Spicy parser framework with HTTP parser implementation
1434 additions and 5 deletions in 16 changed files.
@t3chn0m4g3
t3chn0m4g3 pushed to telekom-security/tpotce · at July 5, 2025
1 commit to telekom-security/tpotce
ffc464b feat: flags in install.sh for silent installation (#1766)
@julie-nga
julie-nga opened a pull request in tklengyel/drakvuf. · at July 4, 2025
#1844 Vista support : adapting win_get_object_name and win_get_object_type_name
41 additions and 17 deletions in 4 changed files.
@buffer
buffer pushed to buffer/thug · at June 29, 2025
2 commits to buffer/thug
0f1e44a Update requirements: Bump lxml from 5.4.0 to 6.0.0 fe7d090 Merge pull request #414 from buffer/dependabot/pip/lxml-6.0.0
@namay26
namay26 opened a pull request in mushorg/glutton. · at June 26, 2025
#185 Passthrough implementation
125 additions and 3 deletions in 4 changed files.