A curated list of awesome honeypots, plus related components and much more, divided into categories such as Web, services, and others, with a focus on free and open source projects.
There is no pre-established order of items in each category, the order is for contribution. If you want to contribute, please read the guide.
Discover more awesome lists at sindresorhus/awesome.
Contents
- Awesome Honeypots
- Contents
- Related Lists
- Honeypots
- Honeyd Tools
- Network and Artifact Analysis
- Data Tools
- Guides
Related Lists
- awesome-pcaptools – Useful in network traffic analysis.
- awesome-malware-analysis – Some overlap here for artifact analysis.
Honeypots
- Database Honeypots
- Delilah – Elasticsearch Honeypot written in Python (originally from Novetta).
- ESPot – Elasticsearch honeypot written in NodeJS, to capture every attempts to exploit CVE-2014-3120.
- ElasticPot – An Elasticsearch Honeypot.
- Elastic honey – Simple Elasticsearch Honeypot.
- MongoDB-HoneyProxy – MongoDB honeypot proxy.
- NoSQLpot – Honeypot framework built on a NoSQL-style database.
- mysql-honeypotd – Low interaction MySQL honeypot written in C.
- MysqlPot – MySQL honeypot, still very early stage.
- pghoney – Low-interaction Postgres Honeypot.
- sticky_elephant – Medium interaction postgresql honeypot.
- RedisHoneyPot – High Interaction Honeypot Solution for Redis protocol.
- Web honeypots
- Express honeypot – RFI & LFI honeypot using nodeJS and express.
- EoHoneypotBundle – Honeypot type for Symfony2 forms.
- Glastopf – Web Application Honeypot.
- Google Hack Honeypot – Designed to provide reconnaissance against attackers that use search engines as a hacking tool against your resources.
- HellPot – Honeypot that tries to crash the bots and clients that visit it’s location.
- Laravel Application Honeypot – Simple spam prevention package for Laravel applications.
- Nodepot – NodeJS web application honeypot.
- PasitheaHoneypot – RestAPI honeypot.
- Servletpot – Web application Honeypot.
- Shadow Daemon – Modular Web Application Firewall / High-Interaction Honeypot for PHP, Perl, and Python apps.
- StrutsHoneypot – Struts Apache 2 based honeypot as well as a detection module for Apache 2 servers.
- WebTrap – Designed to create deceptive webpages to deceive and redirect attackers away from real websites.
- basic-auth-pot (bap) – HTTP Basic Authentication honeypot.
- bwpot – Breakable Web applications honeyPot.
- django-admin-honeypot – Fake Django admin login screen to notify admins of attempted unauthorized access.
- drupo – Drupal Honeypot.
- galah – an LLM-powered web honeypot using the OpenAI API.
- honeyhttpd – Python-based web server honeypot builder.
- honeyup – An uploader honeypot designed to look like poor website security.
- modpot – Modpot is a modular web application honeypot framework and management application written in Golang and making use of gin framework.
- owa-honeypot – A basic flask based Outlook Web Honey pot.
- phpmyadmin_honeypot – Simple and effective phpMyAdmin honeypot.
- shockpot – WebApp Honeypot for detecting Shell Shock exploit attempts.
- smart-honeypot – PHP Script demonstrating a smart honey pot.
- Snare/Tanner – successors to Glastopf
- stack-honeypot – Inserts a trap for spam bots into responses.
- tomcat-manager-honeypot – Honeypot that mimics Tomcat manager endpoints. Logs requests and saves attacker’s WAR file for later study.
- WordPress honeypots
- HonnyPotter – WordPress login honeypot for collection and analysis of failed login attempts.
- HoneyPress – Python based WordPress honeypot in a Docker container.
- wp-smart-honeypot – WordPress plugin to reduce comment spam with a smarter honeypot.
- wordpot – WordPress Honeypot.
- Python-Honeypot – OWASP Honeypot, Automated Deception Framework.