Cyber security

Awesome Honeypots : Guardians Of The Digital Frontier – A Comprehensive Guide To Cybersecurity Tools

A curated list of awesome honeypots, plus related components and much more, divided into categories such as Web, services, and others, with a focus on free and open source projects.

There is no pre-established order of items in each category, the order is for contribution. If you want to contribute, please read the guide.

Discover more awesome lists at sindresorhus/awesome.

Contents

  • Awesome Honeypots
  • Contents
    • Related Lists
    • Honeypots
    • Honeyd Tools
    • Network and Artifact Analysis
    • Data Tools
    • Guides

Related Lists

Honeypots

  • Database Honeypots
    • Delilah – Elasticsearch Honeypot written in Python (originally from Novetta).
    • ESPot – Elasticsearch honeypot written in NodeJS, to capture every attempts to exploit CVE-2014-3120.
    • ElasticPot – An Elasticsearch Honeypot.
    • Elastic honey – Simple Elasticsearch Honeypot.
    • MongoDB-HoneyProxy – MongoDB honeypot proxy.
    • NoSQLpot – Honeypot framework built on a NoSQL-style database.
    • mysql-honeypotd – Low interaction MySQL honeypot written in C.
    • MysqlPot – MySQL honeypot, still very early stage.
    • pghoney – Low-interaction Postgres Honeypot.
    • sticky_elephant – Medium interaction postgresql honeypot.
    • RedisHoneyPot – High Interaction Honeypot Solution for Redis protocol.
  • Web honeypots
    • Express honeypot – RFI & LFI honeypot using nodeJS and express.
    • EoHoneypotBundle – Honeypot type for Symfony2 forms.
    • Glastopf – Web Application Honeypot.
    • Google Hack Honeypot – Designed to provide reconnaissance against attackers that use search engines as a hacking tool against your resources.
    • HellPot – Honeypot that tries to crash the bots and clients that visit it’s location.
    • Laravel Application Honeypot – Simple spam prevention package for Laravel applications.
    • Nodepot – NodeJS web application honeypot.
    • PasitheaHoneypot – RestAPI honeypot.
    • Servletpot – Web application Honeypot.
    • Shadow Daemon – Modular Web Application Firewall / High-Interaction Honeypot for PHP, Perl, and Python apps.
    • StrutsHoneypot – Struts Apache 2 based honeypot as well as a detection module for Apache 2 servers.
    • WebTrap – Designed to create deceptive webpages to deceive and redirect attackers away from real websites.
    • basic-auth-pot (bap) – HTTP Basic Authentication honeypot.
    • bwpot – Breakable Web applications honeyPot.
    • django-admin-honeypot – Fake Django admin login screen to notify admins of attempted unauthorized access.
    • drupo – Drupal Honeypot.
    • galah – an LLM-powered web honeypot using the OpenAI API.
    • honeyhttpd – Python-based web server honeypot builder.
    • honeyup – An uploader honeypot designed to look like poor website security.
    • modpot – Modpot is a modular web application honeypot framework and management application written in Golang and making use of gin framework.
    • owa-honeypot – A basic flask based Outlook Web Honey pot.
    • phpmyadmin_honeypot – Simple and effective phpMyAdmin honeypot.
    • shockpot – WebApp Honeypot for detecting Shell Shock exploit attempts.
    • smart-honeypot – PHP Script demonstrating a smart honey pot.
    • Snare/Tanner – successors to Glastopf
      • Snare – Super Next generation Advanced Reactive honeypot.
      • Tanner – Evaluating SNARE events.
    • stack-honeypot – Inserts a trap for spam bots into responses.
    • tomcat-manager-honeypot – Honeypot that mimics Tomcat manager endpoints. Logs requests and saves attacker’s WAR file for later study.
    • WordPress honeypots
      • HonnyPotter – WordPress login honeypot for collection and analysis of failed login attempts.
      • HoneyPress – Python based WordPress honeypot in a Docker container.
      • wp-smart-honeypot – WordPress plugin to reduce comment spam with a smarter honeypot.
      • wordpot – WordPress Honeypot.
    • Python-Honeypot – OWASP Honeypot, Automated Deception Framework.
Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.

Recent Posts

Install MySQL on Ubuntu 20.04: Setup, Security, and Root Access

MySQL is the most popular open-source relational database management system. It is fast, reliable, and a…

6 hours ago

Install Git on Ubuntu 20.04: Apt, Source, and Configuration

Git is the most widely used version control system in the world. It was created by…

6 hours ago

Install Go on Ubuntu 20.04: Download, Setup, and First Program

Go (also called Golang) is an open-source programming language built by Google. It is designed to…

6 hours ago

Install VS Code on Ubuntu 20.04: Snap Package and Apt Guide

Visual Studio Code (VS Code) is an open-source code editor developed by Microsoft. It is one…

7 hours ago

Install Nginx on Ubuntu 20.04: Setup, Firewall, and Config Guide

Nginx (pronounced "engine x") is an open-source, high-performance web server and reverse proxy. It is used…

7 hours ago

Install Apache on Ubuntu 20.04: Setup and Virtual Host Guide

Apache is one of the most widely used open-source web servers in the world. It is…

1 day ago