Honeypots & Deception Tools
Honeypots and cyber deception solution that simulate vulnerable systems to detect, divert, and analyze attacker activities in real time.
Browse 214 honeypots & deception tools
FEATURED
USE CASES
SMTP honeypot tool with configurable response messages, email storage, and automatic information extraction.
A honeypot tool emulating HL7 / FHIR protocols with various installation and customization options.
A simplified UI for showing honeypot alarms for the DTAG early warning system
A nodejs web application honeypot designed for small environments like Raspberry Pi to capture and analyze malicious web-based attacks.
Hived is a honeypot tool for deceiving attackers and gathering information.
A honeypot that simulates an exposed networked printer using PJL protocol to capture and log attacker interactions through a virtual filesystem.
A low-interaction honeypot that uses Dionaea as its core, providing a simple and easy-to-use interface for setting up and managing honeypots.
A simple Telnet honeypot program that logs login attempts and credentials from botnet attacks, specifically designed to track Mirai botnet activity.
hpfeeds is a lightweight authenticated publish-subscribe protocol with Python 3 compatible broker and client.
A modular web application honeypot framework with automation and logging capabilities.
HoneyFS is an LLM-powered honeypot tool that generates realistic fake file systems using GPT-3.5 to deceive attackers and enhance security analysis.
A high-interaction honeypot solution for detecting and analyzing SMB-based attacks
Honey-Pod for SSH that logs username and password tries during brute-force attacks.
A Go-based honeypot that mimics Intel's AMT management service to detect and log exploitation attempts targeting the CVE-2017-5689 firmware vulnerability.
HoneyThing is a honeypot for Internet of TR-069 things, emulating vulnerabilities and supporting TR-069 protocol.
A DICOM server with a twist, blocking C-STORE attempts for protection but logging them.
A simple honeypot that opens a listening socket and waits for connection attempts, with configurable reply and event handling
ElasticSearch honeypot to capture attempts to exploit CVE-2014-3120, with logging and daemon options.
A web application honeypot sensor attracting malicious traffic from the Internet
A honeypot designed to detect and analyze malicious activities in instant messaging platforms.
Tool for setting up Glutton, a cybersecurity tool for monitoring SSH traffic.
Python web application honeypot with vulnerability type emulation and modular design.
Honeypots & Deception Tools FAQ
Common questions about Honeypots & Deception tools, selection guides, pricing, and comparisons.
Honeypots deploy fake assets (servers, credentials, files, database records) that appear legitimate but have no production purpose. Any interaction with them is inherently suspicious, providing high-fidelity alerts with virtually zero false positives. Modern deception platforms deploy thousands of breadcrumbs and decoys across your environment, detecting lateral movement, credential theft, and reconnaissance that other tools miss.
