A curated list of awesome honeypots, plus related components and much more, divided into categories such as Web, services, and others, with a focus on free and open source projects.

There is no pre-established order of items in each category, the order is for contribution. If you want to contribute, please read the guide.

Discover more awesome lists at sindresorhus/awesome.

Contents

  • Awesome Honeypots 
  • Contents
    • Related Lists
    • Honeypots
    • Honeyd Tools
    • Network and Artifact Analysis
    • Data Tools
    • Guides

Related Lists

Honeypots

  • Database Honeypots
    • Delilah – Elasticsearch Honeypot written in Python (originally from Novetta).
    • ESPot – Elasticsearch honeypot written in NodeJS, to capture every attempts to exploit CVE-2014-3120.
    • ElasticPot – An Elasticsearch Honeypot.
    • Elastic honey – Simple Elasticsearch Honeypot.
    • MongoDB-HoneyProxy – MongoDB honeypot proxy.
    • NoSQLpot – Honeypot framework built on a NoSQL-style database.
    • mysql-honeypotd – Low interaction MySQL honeypot written in C.
    • MysqlPot – MySQL honeypot, still very early stage.
    • pghoney – Low-interaction Postgres Honeypot.
    • sticky_elephant – Medium interaction postgresql honeypot.
    • RedisHoneyPot – High Interaction Honeypot Solution for Redis protocol.
  • Web honeypots
    • Express honeypot – RFI & LFI honeypot using nodeJS and express.
    • EoHoneypotBundle – Honeypot type for Symfony2 forms.
    • Glastopf – Web Application Honeypot.
    • Google Hack Honeypot – Designed to provide reconnaissance against attackers that use search engines as a hacking tool against your resources.
    • HellPot – Honeypot that tries to crash the bots and clients that visit it’s location.
    • Laravel Application Honeypot – Simple spam prevention package for Laravel applications.
    • Nodepot – NodeJS web application honeypot.
    • PasitheaHoneypot – RestAPI honeypot.
    • Servletpot – Web application Honeypot.
    • Shadow Daemon – Modular Web Application Firewall / High-Interaction Honeypot for PHP, Perl, and Python apps.
    • StrutsHoneypot – Struts Apache 2 based honeypot as well as a detection module for Apache 2 servers.
    • WebTrap – Designed to create deceptive webpages to deceive and redirect attackers away from real websites.
    • basic-auth-pot (bap) – HTTP Basic Authentication honeypot.
    • bwpot – Breakable Web applications honeyPot.
    • django-admin-honeypot – Fake Django admin login screen to notify admins of attempted unauthorized access.
    • drupo – Drupal Honeypot.
    • galah – an LLM-powered web honeypot using the OpenAI API.
    • honeyhttpd – Python-based web server honeypot builder.
    • honeyup – An uploader honeypot designed to look like poor website security.
    • modpot – Modpot is a modular web application honeypot framework and management application written in Golang and making use of gin framework.
    • owa-honeypot – A basic flask based Outlook Web Honey pot.
    • phpmyadmin_honeypot – Simple and effective phpMyAdmin honeypot.
    • shockpot – WebApp Honeypot for detecting Shell Shock exploit attempts.
    • smart-honeypot – PHP Script demonstrating a smart honey pot.
    • Snare/Tanner – successors to Glastopf
      • Snare – Super Next generation Advanced Reactive honeypot.
      • Tanner – Evaluating SNARE events.
    • stack-honeypot – Inserts a trap for spam bots into responses.
    • tomcat-manager-honeypot – Honeypot that mimics Tomcat manager endpoints. Logs requests and saves attacker’s WAR file for later study.
    • WordPress honeypots
      • HonnyPotter – WordPress login honeypot for collection and analysis of failed login attempts.
      • HoneyPress – Python based WordPress honeypot in a Docker container.
      • wp-smart-honeypot – WordPress plugin to reduce comment spam with a smarter honeypot.
      • wordpot – WordPress Honeypot.
    • Python-Honeypot – OWASP Honeypot, Automated Deception Framework.