Loading...
Beelzebub is a free Honeypots & Deception tool. Security professionals most commonly compare it with . All 212 alternatives are matched by shared capabilities, tags, and NIST CSF 2.0 coverage.
A closer look at the 8 most relevant alternatives and competitors to Beelzebub, including their key features and shared capabilities.
Helix is a versatile honeypot designed to mimic the behavior of various protocols including Kubernetes API server, HTTP, TCP, and UDP.
Cloud-native deception platform deploying dynamic security canaries
AI-powered deception platform using honeypots to detect & disrupt attacks
AI-based deception platform for collecting cyber threat intelligence
Credential-based deception platform that lures attackers to capture stolen creds
AI-powered deception platform for early APT and advanced threat detection
AI-powered deception platform for cloud threat detection using honeytokens
Deception platform using external-facing decoys for threat intel & recon detection
Helix is a versatile honeypot designed to mimic the behavior of various protocols including Kubernetes API server, HTTP, TCP, and UDP.
Cloud-native deception platform deploying dynamic security canaries
AI-powered deception platform using honeypots to detect & disrupt attacks
AI-based deception platform for collecting cyber threat intelligence
Credential-based deception platform that lures attackers to capture stolen creds
AI-powered deception platform for early APT and advanced threat detection
AI-powered deception platform for cloud threat detection using honeytokens
Deception platform using external-facing decoys for threat intel & recon detection
Adversary engagement & deception platform for detecting advanced threats
AI-driven deception platform using honeypots and decoys to detect threats.
Deception platform that diverts attackers & provides threat intelligence
AI-driven deception tech creating cyber clones to trap attackers & detect threats
Crowd-sourced honeynet providing real-time threat intelligence and protection
Deception-based intrusion detection system for CRITIS compliance
AI-powered fraud prevention using bots to engage scammers and extract intel
Real-time ransomware attack deflection through deception and diversion
Active Directory deception technology for threat detection and response
Agentless deception platform with internal & external decoy deployment.
Agentless network defense platform using deception to preemptively disrupt threats.
Network deception tool deploying lures to detect & analyze advanced threats.
Deception platform using decoys to detect lateral movement & identity attacks.
Real-time customer journey monitoring platform for fraud & bot detection.
Deception-based breach detection tools including honeypots & canary tokens.
Cyber deception platform for early threat detection, attacker engagement & response.
A signature-based, multi-threaded honeypot detection tool written in Golang that identifies honeypots through crafted requests and response analysis.
Fake protocol server simulator supporting 50+ network protocols for deception
TANNER is a remote data analysis service that evaluates HTTP requests and generates responses for SNARE honeypots while emulating application vulnerabilities.
Cross-platform HTTP honeypot that traps bots with infinite data streams
A low-interaction honeypot that simulates network services to detect intrusion attempts
SaaS cyber deception platform deploying decoy sensors to detect attackers.
Open-source nonprofit org developing honeypot tools & threat research.
HoneyDB is a honeypot-based threat intelligence platform that provides real-time insights into attacker behavior and malicious activity on networks.
Deception based detection techniques with MITRE ATT&CK mapping and Honey Resources.
Galah is an LLM-powered web honeypot that mimics various web applications by dynamically responding to HTTP requests.
Create and monitor fake HTTP endpoints automatically with Honeyku, deployable on Heroku or your own server.
A serverless application that creates and monitors fake HTTP endpoints as honeytokens to detect attackers, malicious insiders, and automated threats.
A combination of honeypot, monitoring tool, and alerting system for detecting insecure configurations.
A PHP port of Rack::Honeypot, a spam trap that detects and blocks spambots
A low interaction Python honeypot designed to mimic various services and ports to attract attackers and log access attempts.
Medium interaction SSH honeypot for logging brute force attacks and shell interactions.
Open-source honeypot tool for detecting and analyzing malicious activities in the Apache Struts exploit.
An Apache 2 based honeypot with detection capabilities specifically designed to identify and analyze Struts CVE-2017-5638 exploitation attempts.
A plugin repository that extends the Honeycomb honeypot framework with additional features and capabilities for enhanced threat detection and analysis.
A low interaction honeypot to detect CVE-2018-2636 in Oracle Hospitality Applications.
A low-interaction honeypot to detect and analyze attempts to exploit the CVE-2017-10271 vulnerability in Oracle WebLogic Server
Honeypot tool with bug-catching capabilities and support for multiple protocols.
A web-based visualization tool that displays statistics and generates charts from Shockpot honeypot data stored in PostgreSQL databases.
Create deceptive webpages to deceive and redirect attackers away from real websites by cloning them.
A low-interaction SSH authentication logging honeypot that logs all authentication attempts in JSON format.
A honeypot tool to detect and log CVE-2019-19781 scan and exploitation attempts.
An SDN honeypot tool for detecting and analyzing malicious activities in Software-Defined Networking environments.
A honeypot system that allows you to set up a decoy API to detect and analyze potential security threats.
A WordPress plugin that logs failed login attempts to help monitor unauthorized access attempts on WordPress websites.
A low interaction client honeypot that detects malicious websites using signature, anomaly and pattern matching techniques with automated URL collection and JavaScript analysis capabilities.
A Docker-based honeypot network implementation featuring cowrie and dionaea honeypots with centralized event collection, geolocation enrichment, and real-time attack visualization.
A Go-based honeypot server for detecting and logging attacker activity
An open-source Python software for creating honeypots and honeynets securely.
SSH Honeypot written in Go that records commands and IP addresses of attempted logins.
A Python telnet honeypot that emulates shell environments to capture and analyze IoT malware and botnet binaries through automated detection mechanisms.
A logging proxy tool created in response to the 'MongoDB Apocalypse', with Docker support.
Distributed low interaction honeypot with Agent/Master design supporting various protocol handlers.
A honeypot system that detects and identifies attack commands, recon attempts, and download commands, mimicking a vulnerable Elasticsearch instance.
Maltego transform pack for analyzing and graphing Honeypots using MySQL data.
Modular honeypot based on Python with support for Siemens S7 protocol.
An Ansible role that automates the deployment and management of Bifrozt honeypots for network security monitoring.
DDoSPot is a plugin-based honeypot platform that tracks UDP-based DDoS attacks and generates daily blacklists of potential attackers and scanners.
Ensnare is a Ruby on Rails gem that deploys honey traps and automated responses to detect and interfere with malicious behavior in web applications.
A low-interaction honeypot for detecting and analyzing security threats
An observation camera honeypot for proof-of-concept purposes
FTP Honeypot tool with FTP + SSL-FTP features, used for catching credentials and malware files, distributing honeytoken files, and generating SSL certificates.
A modified version of OpenSSH deamon forwarding commands to Cowrie for logging brute force attacks and shell interactions.
A Java-based Bluetooth honeypot that captures and analyzes malware and attacks targeting Bluetooth-enabled devices.
Automated script to install and deploy a honeypot with kippo, dionaea, and p0f on Ubuntu 12.04.
A script for setting up a dionaea and kippo honeypot using Docker images.
Tango is a set of scripts and Splunk apps for deploying honeypots with ease.
SMTP Honeypot with custom modules for different modes of operation.
Port listener / honeypot in Rust with protocol guessing, safe string display and rudimentary SQLite logging.
A Perl honeypot program for monitoring hostile traffic and wasting hackers' time.
A medium-interaction PostgreSQL honeypot with configurable settings
bap is a webservice honeypot that logs HTTP basic authentication credentials.
Python-based web server framework for setting up fake web servers and services with precise data responses.
A honeypot for remote file inclusion (RFI) and local file inclusion (LFI) using fake URLs to catch scanning bots and malwares.
A FTP honeypot tool for detecting and capturing malicious file upload attempts.
Emulates Docker HTTP API with event logging and AWS deployment script.
Pure Python implementation of Microsoft RDP protocol with various tools and support for different security layers.
A low interaction honeypot for detecting CVE-2018-0101 vulnerability in Cisco ASA component.
A high-interaction honeypot system supporting the Redis protocol.
Medium interaction SSH Honeypot with multiple virtual hosts and sandboxed filesystems.
A honeypot installation for Drupal that supports Go modules and mimics different versions of Drupal.
A project providing honeypots for embedded device vulnerabilities with support for AWS integration and JSON output.
A command-line tool for analyzing Cowrie honeypot log files over time, generating statistics and visualizations from local or remote log data.
Kippo is a medium interaction SSH honeypot with fake filesystem and session logging capabilities.
A fake Django admin login screen to detect and notify admins of attempted unauthorized access
A low-interaction SSH honeypot that logs connection attempts, usernames, and passwords without allowing actual login access.
A multiarch honeypot platform supporting 20+ honeypots and offering visualization options and security tools.
Troje is a honeypot that creates dynamic LXC container environments to attract and monitor attackers while recording their activities and system changes.
A honeypot trap for Symfony2 forms to reduce spam submissions.
A low to medium interaction honeypot with a variety of plugins for cybersecurity monitoring.
PHP Script demonstrating a smart honey pot for email form protection.
WordPress plugin to reduce comment spam with a smarter honeypot.
Script for turning a Raspberry Pi into a Honey Pot Pi with various monitoring and logging capabilities.
Web application for visualizing live GPS locations on an SVG world map using honeypot captures.
Honeyntp is an NTP honeypot and logging tool that captures NTP packets into a Redis database to detect DDoS attacks and monitor network time protocol traffic.
A web honeypot tool for detecting and monitoring potential attacks on phpMyAdmin installations.
A printer honeypot PoC that simulates a printer on a network to detect and analyze potential attackers.
BW-Pot is an interactive web application honeypot that deploys vulnerable applications to attract and monitor HTTP/HTTPS attacks, with automated logging to Google BigQuery for analysis.
A honeypot mimicking Tomcat manager endpoints to log requests and save attacker's WAR files for analysis.
A Splunk application that processes honeypot data from hpfeeds channels to generate clustered meta-events and visualizations for security analysis.
Ghost USB Honeypot emulates USB storage devices to detect and analyze malware that spreads via USB without requiring prior threat intelligence.
PhoneyC is a client-side honeypot that emulates vulnerable web browsers to detect and analyze malicious web content and browser-based exploits.
An extensible and open-source system for running, monitoring, and managing honeypots with advanced features.
A low-interaction honeypot for detecting and analyzing potential attacks on Android devices via ADB over TCP/IP
A honeypot system designed to detect and analyze potential security threats
A network responder supporting various protocols with minimal assumptions on client intentions.
An easy to set up SSH honeypot for logging SSH connections and activity.
A configurable DNS honeypot with SQLite logging and Docker support.
A Flask-based honeypot that simulates Outlook Web App (OWA) environments to attract and analyze malicious activities targeting OWA systems.
Honeypot for analyzing data with customizable services and logging capabilities.
A simple honeypot that collects credentials across various protocols
A simple Elasticsearch honeypot to catch attackers exploiting RCE vulnerabilities.
A honeypot agent for running honeypots with service and data at threatwar.com.
A comprehensive dashboard for managing and monitoring honeypots with detailed information on attack attempts and connections.
A Python web application that provides statistical analysis and visualization for Glastopf honeypot data by connecting to the honeypot's SQLite database.
A set of Go-based emulators for testing network security and analyzing network traffic.
A honeypot tool to mimic the router backdoor 'TCP32764' found in various router firmwares, providing a way to test for vulnerabilities.
A honeypot system that simulates RDP services on port 3389, automatically assigns virtual machines to incoming connections, and captures comprehensive forensic data including packet captures and disk images.
WordPress honeypot tool running in a Docker container for monitoring access attempts.
A Python-based honeypot service for SSH, FTP, and Telnet connections
A honeypot that emulates a Belkin N300 Home Wireless router with default setup to observe traffic
A honeypot daemon project for processing, filtering, and redirecting incoming traffic to a sandbox environment.
High-interaction SSH honeypot for logging SSH proxy with ongoing development.
A low-interaction SSH honeypot tool for recording authentication attempts.
Low-interaction VNC honeypot for logging responses to a static VNC Auth challenge.
Fake SSH server that sends push notifications for login attempts
A webapp for displaying statistics about your kippo SSH honeypot.
A honeypot tool that simulates an open relay to capture and analyze spam
Syrup is a Go-based SSH honeypot that simulates SSH services with fake shells, session recording, and comprehensive logging to monitor and analyze unauthorized access attempts.
Blacknet is a low interaction SSH multi-head honeypot system with logging capabilities.
Docker-based honeypot setup with detailed installation and configuration instructions.
A spam prevention technique using hidden fields to detect and deter spam bots in Laravel applications.
Python web application honeypot with vulnerability type emulation and modular design.
Tool for setting up Glutton, a cybersecurity tool for monitoring SSH traffic.
A honeypot designed to detect and analyze malicious activities in instant messaging platforms.
A web application honeypot sensor attracting malicious traffic from the Internet
ElasticSearch honeypot to capture attempts to exploit CVE-2014-3120, with logging and daemon options.
A simple honeypot that opens a listening socket and waits for connection attempts, with configurable reply and event handling
A DICOM server with a twist, blocking C-STORE attempts for protection but logging them.
HoneyThing is a honeypot for Internet of TR-069 things, emulating vulnerabilities and supporting TR-069 protocol.
A Go-based honeypot that mimics Intel's AMT management service to detect and log exploitation attempts targeting the CVE-2017-5689 firmware vulnerability.
Honey-Pod for SSH that logs username and password tries during brute-force attacks.
A high-interaction honeypot solution for detecting and analyzing SMB-based attacks
HoneyFS is an LLM-powered honeypot tool that generates realistic fake file systems using GPT-3.5 to deceive attackers and enhance security analysis.
A modular web application honeypot framework with automation and logging capabilities.
hpfeeds is a lightweight authenticated publish-subscribe protocol with Python 3 compatible broker and client.
A simple Telnet honeypot program that logs login attempts and credentials from botnet attacks, specifically designed to track Mirai botnet activity.
A low-interaction honeypot that uses Dionaea as its core, providing a simple and easy-to-use interface for setting up and managing honeypots.
A honeypot that simulates an exposed networked printer using PJL protocol to capture and log attacker interactions through a virtual filesystem.
Hived is a honeypot tool for deceiving attackers and gathering information.
A nodejs web application honeypot designed for small environments like Raspberry Pi to capture and analyze malicious web-based attacks.
A simplified UI for showing honeypot alarms for the DTAG early warning system
A honeypot tool emulating HL7 / FHIR protocols with various installation and customization options.
SMTP honeypot tool with configurable response messages, email storage, and automatic information extraction.
A honeytoken-based tripwire for Microsoft's Active Directory to detect privilege escalation attempts
A simpler version of a honeypot that looks for connections from external parties and performs a specific action, usually blacklisting.
SHIVA: Spam Honeypot with Intelligent Virtual Analyzer for capturing and analyzing spam data.
GasPot is a honeypot simulation tool for Gas Station tanks in the oil and gas industry.
Low interaction MySQL honeypot with various configuration options.
A low-interaction SSH honeypot written in C that simulates SSH services to capture and log unauthorized access attempts.
GridPot is a honeypot framework that combines GridLAB-D, Conpot, and libiec61850 to simulate industrial control systems and detect attacks on power grid infrastructure.
Endlessh is an SSH tarpit that traps SSH clients by sending an endless, random SSH banner.
An open-source OSINT honeypot that monitors threat actor reconnaissance attempts and generates early-warning intelligence for blue teams during the pre-attack phase.
OpenCanary is a multi-protocol network honeypot with low resource requirements and alerting capabilities.
A honeypot specifically designed to detect and capture Log4Shell vulnerability exploitation attempts with payload analysis and flexible logging capabilities.
Honeytrap is a low-interaction honeypot and network security tool with various modes of operation and plugin support for catching attacks against TCP and UDP services.
An open source honeypot for NoSQL databases with support for Redis and additional features for detecting attackers and logging attack incidents.
An OpenFlow honeypot that detects unused IP addresses and simulates network traffic to attract and analyze potential threats
cowrie2neo parses Cowrie honeypot logs and imports the data into Neo4j databases for graph-based analysis and visualization of honeypot interactions.
A Docker container that starts a SSH honeypot and reports statistics to the SANS ISC DShield project
HpfeedsHoneyGraph is a visualization application that creates graphical representations of hpfeeds logs to aid cybersecurity analysis of honeypot data.
IMAP-Honey is a honeypot tool for IMAP and SMTP protocols with support for logging to console or syslog.
A tutorial on setting up Dionaea on an EC2 instance in 20 minutes
An active and aggressive honeypot tool for network security.
HoneyDrive is the premier honeypot Linux distro with over 10 pre-installed honeypot software packages and numerous analysis tools.
Multi-honeypot platform with various honeypots and monitoring tools.
GHH is a honeypot tool to defend against search engine hackers using Google as a hacking tool.
Non-profit organization supporting the advancement of open source software.
A toolkit that transforms PHP applications into web-based high-interaction Honeypots for monitoring and analyzing attacks.
A hybrid honeypot framework that combines low and high interaction honeypots for network security
HoneyView is a tool for analyzing honeyd logfiles graphically and textually.
Impost is a powerful network security auditing tool with honey pot and packet sniffer capabilities.
LaBrea is a 'sticky' honeypot and IDS tool that traps malicious actors by creating virtual servers on unused IP addresses.
A crawler-based low-interaction client honeypot for exposing website threats.
Building Honeypots for Industrial Networks using Honeyd and simulating SCADA, DCS, and PLC architectures.
High interaction honeypot solution for Linux systems with data control and integrity features.
A collection of tools that can be used with Honeyd for data analysis or other purposes
Automated signature creation using honeypots for network intrusion detection systems.
KFSensor is an advanced Windows honeypot system for detecting hackers and worms by simulating vulnerable system services.
Email collection point designed to trap spammers and blacklist IPs.
A security framework for process isolation and sandboxing based on capability-based security principles.
The DShield Raspberry Pi Sensor is a tool that turns a Raspberry Pi into a honeypot to collect and submit security logs to the DShield project for analysis.
Common questions security professionals ask when evaluating alternatives and competitors to Beelzebub.
The most popular alternatives to Beelzebub include Helix Honeypot, Tracebit Dynamic Security Canaries, Guardpot AI-Powered Cyber Deception, CatchProbe SmartDeceptive, and MokN Bait. These Honeypots & Deception tools offer similar capabilities and are frequently compared by security professionals evaluating their options.
