A curated list of awesome honeypots, plus related components and much more, divided into categories such as Web, services, and others, with a focus on free and open source projects.
There is no pre-established order of items in each category, the order is for contribution. If you want to contribute, please read the guide .
Discover more awesome lists at sindresorhus/awesome .
Contents Awesome Honeypots Contents Related Lists Honeypots Honeyd Tools Network and Artifact Analysis Data Tools Guides Related Lists Honeypots Database Honeypots Delilah – Elasticsearch Honeypot written in Python (originally from Novetta).ESPot – Elasticsearch honeypot written in NodeJS, to capture every attempts to exploit CVE-2014-3120.ElasticPot – An Elasticsearch Honeypot.Elastic honey – Simple Elasticsearch Honeypot.MongoDB-HoneyProxy – MongoDB honeypot proxy.NoSQLpot – Honeypot framework built on a NoSQL-style database.mysql-honeypotd – Low interaction MySQL honeypot written in C.MysqlPot – MySQL honeypot, still very early stage.pghoney – Low-interaction Postgres Honeypot.sticky_elephant – Medium interaction postgresql honeypot.RedisHoneyPot – High Interaction Honeypot Solution for Redis protocol. Web honeypots Express honeypot – RFI & LFI honeypot using nodeJS and express.EoHoneypotBundle – Honeypot type for Symfony2 forms.Glastopf – Web Application Honeypot.Google Hack Honeypot – Designed to provide reconnaissance against attackers that use search engines as a hacking tool against your resources.HellPot – Honeypot that tries to crash the bots and clients that visit it’s location.Laravel Application Honeypot – Simple spam prevention package for Laravel applications.Nodepot – NodeJS web application honeypot.PasitheaHoneypot – RestAPI honeypot.Servletpot – Web application Honeypot.Shadow Daemon – Modular Web Application Firewall / High-Interaction Honeypot for PHP, Perl, and Python apps.StrutsHoneypot – Struts Apache 2 based honeypot as well as a detection module for Apache 2 servers.WebTrap – Designed to create deceptive webpages to deceive and redirect attackers away from real websites.basic-auth-pot (bap) – HTTP Basic Authentication honeypot.bwpot – Breakable Web applications honeyPot.django-admin-honeypot – Fake Django admin login screen to notify admins of attempted unauthorized access.drupo – Drupal Honeypot.galah – an LLM-powered web honeypot using the OpenAI API.honeyhttpd – Python-based web server honeypot builder.honeyup – An uploader honeypot designed to look like poor website security.modpot – Modpot is a modular web application honeypot framework and management application written in Golang and making use of gin framework.owa-honeypot – A basic flask based Outlook Web Honey pot.phpmyadmin_honeypot – Simple and effective phpMyAdmin honeypot.shockpot – WebApp Honeypot for detecting Shell Shock exploit attempts.smart-honeypot – PHP Script demonstrating a smart honey pot.Snare/Tanner – successors to Glastopf Snare – Super Next generation Advanced Reactive honeypot.Tanner – Evaluating SNARE events. stack-honeypot – Inserts a trap for spam bots into responses.tomcat-manager-honeypot – Honeypot that mimics Tomcat manager endpoints. Logs requests and saves attacker’s WAR file for later study.WordPress honeypots HonnyPotter – WordPress login honeypot for collection and analysis of failed login attempts.HoneyPress – Python based WordPress honeypot in a Docker container.wp-smart-honeypot – WordPress plugin to reduce comment spam with a smarter honeypot.wordpot – WordPress Honeypot. Python-Honeypot – OWASP Honeypot, Automated Deception Framework. Related November 10, 2023 In "Cyber security"
March 12, 2024 In "Cyber security"
January 10, 2025 In "Cyber security"