Honeypots & Deception Tools
Honeypots and cyber deception solution that simulate vulnerable systems to detect, divert, and analyze attacker activities in real time.
Browse 214 honeypots & deception tools
FEATURED
USE CASES
A script for setting up a dionaea and kippo honeypot using Docker images.
Automated script to install and deploy a honeypot with kippo, dionaea, and p0f on Ubuntu 12.04.
A Java-based Bluetooth honeypot that captures and analyzes malware and attacks targeting Bluetooth-enabled devices.
A modified version of OpenSSH deamon forwarding commands to Cowrie for logging brute force attacks and shell interactions.
FTP Honeypot tool with FTP + SSL-FTP features, used for catching credentials and malware files, distributing honeytoken files, and generating SSL certificates.
An observation camera honeypot for proof-of-concept purposes
A low-interaction honeypot for detecting and analyzing security threats
Ensnare is a Ruby on Rails gem that deploys honey traps and automated responses to detect and interfere with malicious behavior in web applications.
DDoSPot is a plugin-based honeypot platform that tracks UDP-based DDoS attacks and generates daily blacklists of potential attackers and scanners.
An Ansible role that automates the deployment and management of Bifrozt honeypots for network security monitoring.
Helix is a versatile honeypot designed to mimic the behavior of various protocols including Kubernetes API server, HTTP, TCP, and UDP.
Modular honeypot based on Python with support for Siemens S7 protocol.
Maltego transform pack for analyzing and graphing Honeypots using MySQL data.
A honeypot system that detects and identifies attack commands, recon attempts, and download commands, mimicking a vulnerable Elasticsearch instance.
Distributed low interaction honeypot with Agent/Master design supporting various protocol handlers.
A logging proxy tool created in response to the 'MongoDB Apocalypse', with Docker support.
A Python telnet honeypot that emulates shell environments to capture and analyze IoT malware and botnet binaries through automated detection mechanisms.
SSH Honeypot written in Go that records commands and IP addresses of attempted logins.
An open-source Python software for creating honeypots and honeynets securely.
A Go-based honeypot server for detecting and logging attacker activity
A Docker-based honeypot network implementation featuring cowrie and dionaea honeypots with centralized event collection, geolocation enrichment, and real-time attack visualization.
A low interaction client honeypot that detects malicious websites using signature, anomaly and pattern matching techniques with automated URL collection and JavaScript analysis capabilities.
A WordPress plugin that logs failed login attempts to help monitor unauthorized access attempts on WordPress websites.
Honeypots & Deception Tools FAQ
Common questions about Honeypots & Deception tools, selection guides, pricing, and comparisons.
Honeypots deploy fake assets (servers, credentials, files, database records) that appear legitimate but have no production purpose. Any interaction with them is inherently suspicious, providing high-fidelity alerts with virtually zero false positives. Modern deception platforms deploy thousands of breadcrumbs and decoys across your environment, detecting lateral movement, credential theft, and reconnaissance that other tools miss.
