Honeypots & Deception for Penetration Testing

A honeypot that emulates a Belkin N300 Home Wireless router with default setup to observe traffic

Blacknet is a low interaction SSH multi-head honeypot system with logging capabilities.

A high-interaction honeypot solution for detecting and analyzing SMB-based attacks

An extensible and open-source system for running, monitoring, and managing honeypots with advanced features.

IMAP-Honey is a honeypot tool for IMAP and SMTP protocols with support for logging to console or syslog.

Endlessh is an SSH tarpit that traps SSH clients by sending an endless, random SSH banner.

A Python-based honeypot service for SSH, FTP, and Telnet connections

LaBrea is a 'sticky' honeypot and IDS tool that traps malicious actors by creating virtual servers on unused IP addresses.

Tool for setting up Glutton, a cybersecurity tool for monitoring SSH traffic.

An easy to set up SSH honeypot for logging SSH connections and activity.

Medium interaction SSH Honeypot with multiple virtual hosts and sandboxed filesystems.

KFSensor is an advanced Windows honeypot system for detecting hackers and worms by simulating vulnerable system services.

A simple Docker-based honeypot to detect port scanning

Low-interaction VNC honeypot for logging responses to a static VNC Auth challenge.

A low-interaction SSH honeypot tool for recording authentication attempts.

Script for turning a Raspberry Pi into a Honey Pot Pi with various monitoring and logging capabilities.

Fake SSH server that sends push notifications for login attempts

A honeypot mimicking Tomcat manager endpoints to log requests and save attacker's WAR files for analysis.

A Docker container that starts a SSH honeypot and reports statistics to the SANS ISC DShield project

A printer honeypot PoC that simulates a printer on a network to detect and analyze potential attackers.

A simple Postgres honey pot inspired by Elastichoney.

Automated script to install and deploy a honeypot with kippo, dionaea, and p0f on Ubuntu 12.04.