Honeypots & Deception Tools
Honeypots and cyber deception solution that simulate vulnerable systems to detect, divert, and analyze attacker activities in real time.
Browse 214 honeypots & deception tools
FEATURED
USE CASES
A multiarch honeypot platform supporting 20+ honeypots and offering visualization options and security tools.
A low-interaction SSH honeypot that logs connection attempts, usernames, and passwords without allowing actual login access.
A fake Django admin login screen to detect and notify admins of attempted unauthorized access
Kippo is a medium interaction SSH honeypot with fake filesystem and session logging capabilities.
A command-line tool for analyzing Cowrie honeypot log files over time, generating statistics and visualizations from local or remote log data.
A project providing honeypots for embedded device vulnerabilities with support for AWS integration and JSON output.
A honeypot installation for Drupal that supports Go modules and mimics different versions of Drupal.
Medium interaction SSH Honeypot with multiple virtual hosts and sandboxed filesystems.
A high-interaction honeypot system supporting the Redis protocol.
A low interaction honeypot for detecting CVE-2018-0101 vulnerability in Cisco ASA component.
Pure Python implementation of Microsoft RDP protocol with various tools and support for different security layers.
Emulates Docker HTTP API with event logging and AWS deployment script.
A FTP honeypot tool for detecting and capturing malicious file upload attempts.
A honeypot for remote file inclusion (RFI) and local file inclusion (LFI) using fake URLs to catch scanning bots and malwares.
Python-based web server framework for setting up fake web servers and services with precise data responses.
bap is a webservice honeypot that logs HTTP basic authentication credentials.
A medium-interaction PostgreSQL honeypot with configurable settings
A Perl honeypot program for monitoring hostile traffic and wasting hackers' time.
Port listener / honeypot in Rust with protocol guessing, safe string display and rudimentary SQLite logging.
SMTP Honeypot with custom modules for different modes of operation.
Tango is a set of scripts and Splunk apps for deploying honeypots with ease.
Honeypots & Deception Tools FAQ
Common questions about Honeypots & Deception tools, selection guides, pricing, and comparisons.
Honeypots deploy fake assets (servers, credentials, files, database records) that appear legitimate but have no production purpose. Any interaction with them is inherently suspicious, providing high-fidelity alerts with virtually zero false positives. Modern deception platforms deploy thousands of breadcrumbs and decoys across your environment, detecting lateral movement, credential theft, and reconnaissance that other tools miss.
