Attack Detection
Explore 32 curated tools and resources
Search by name, description, or purpose... (⌘+K)
PINNED
Promoted • 6 toolsCommercial
Data Protection
Commercial
Network Security
Commercial
Consulting
Commercial
Application Security
Commercial
Cloud Security
Commercial
Application Security
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
HoneyFS is an LLM-powered honeypot tool that generates realistic fake file systems using GPT-3.5 to deceive attackers and enhance security analysis.
SSHGuard protects hosts from brute-force attacks by monitoring system logs, detecting attacks, and blocking attackers using a firewall.
SSHGuard protects hosts from brute-force attacks by monitoring system logs, detecting attacks, and blocking attackers using a firewall.
GridPot is a honeypot framework that combines GridLAB-D, Conpot, and libiec61850 to simulate industrial control systems and detect attacks on power grid infrastructure.
Honeytrap is a low-interaction honeypot and network security tool with various modes of operation and plugin support for catching attacks against TCP and UDP services.
Honeytrap is a low-interaction honeypot and network security tool with various modes of operation and plugin support for catching attacks against TCP and UDP services.
A honeypot designed to detect and analyze malicious activities in instant messaging platforms.
A honeypot designed to detect and analyze malicious activities in instant messaging platforms.
TANNER is a remote data analysis service that evaluates HTTP requests and generates responses for SNARE honeypots while emulating application vulnerabilities.
Hived is a honeypot tool for deceiving attackers and gathering information.
Medium interaction SSH honeypot for logging brute force attacks and shell interactions.
A Go-based honeypot that mimics Intel's AMT management service to detect and log exploitation attempts targeting the CVE-2017-5689 firmware vulnerability.
A Go-based honeypot that mimics Intel's AMT management service to detect and log exploitation attempts targeting the CVE-2017-5689 firmware vulnerability.
Ghost USB Honeypot emulates USB storage devices to detect and analyze malware that spreads via USB without requiring prior threat intelligence.
Ghost USB Honeypot emulates USB storage devices to detect and analyze malware that spreads via USB without requiring prior threat intelligence.
Troje is a honeypot that creates dynamic LXC container environments to attract and monitor attackers while recording their activities and system changes.
Troje is a honeypot that creates dynamic LXC container environments to attract and monitor attackers while recording their activities and system changes.
An Apache 2 based honeypot with detection capabilities specifically designed to identify and analyze Struts CVE-2017-5638 exploitation attempts.
A Java-based Bluetooth honeypot that captures and analyzes malware and attacks targeting Bluetooth-enabled devices.
An open source honeypot for NoSQL databases with support for Redis and additional features for detecting attackers and logging attack incidents.
An open source honeypot for NoSQL databases with support for Redis and additional features for detecting attackers and logging attack incidents.
A modified version of OpenSSH deamon forwarding commands to Cowrie for logging brute force attacks and shell interactions.
A cybersecurity concept categorizing indicators of compromise based on their level of difficulty for threat actors to change.
A cybersecurity concept categorizing indicators of compromise based on their level of difficulty for threat actors to change.
A Docker-based honeypot network implementation featuring cowrie and dionaea honeypots with centralized event collection, geolocation enrichment, and real-time attack visualization.
A Docker-based honeypot network implementation featuring cowrie and dionaea honeypots with centralized event collection, geolocation enrichment, and real-time attack visualization.
NotRuler is a tool for Exchange Admins to detect client-side Outlook rules and VBScript enabled forms, aiding in the detection of attacks created through Ruler.
NotRuler is a tool for Exchange Admins to detect client-side Outlook rules and VBScript enabled forms, aiding in the detection of attacks created through Ruler.
BW-Pot is an interactive web application honeypot that deploys vulnerable applications to attract and monitor HTTP/HTTPS attacks, with automated logging to Google BigQuery for analysis.
BW-Pot is an interactive web application honeypot that deploys vulnerable applications to attract and monitor HTTP/HTTPS attacks, with automated logging to Google BigQuery for analysis.
Kippo is a medium interaction SSH honeypot with fake filesystem and session logging capabilities.
6Guard is an IPv6 attack detector sponsored by Google Summer of Code 2012 and supported by The Honeynet Project organization.
6Guard is an IPv6 attack detector sponsored by Google Summer of Code 2012 and supported by The Honeynet Project organization.
Honeyntp is an NTP honeypot and logging tool that captures NTP packets into a Redis database to detect DDoS attacks and monitor network time protocol traffic.
A honeypot system that detects and identifies attack commands, recon attempts, and download commands, mimicking a vulnerable Elasticsearch instance.
A honeypot system that detects and identifies attack commands, recon attempts, and download commands, mimicking a vulnerable Elasticsearch instance.
A nodejs web application honeypot designed for small environments like Raspberry Pi to capture and analyze malicious web-based attacks.
An open source DDoS protection system that uses distributed algorithms to defend against multi-vector attacks and scale to handle varying bandwidth requirements for network operators and service providers.
An open source DDoS protection system that uses distributed algorithms to defend against multi-vector attacks and scale to handle varying bandwidth requirements for network operators and service providers.
A simple Telnet honeypot program that logs login attempts and credentials from botnet attacks, specifically designed to track Mirai botnet activity.
A honeypot that simulates an exposed networked printer using PJL protocol to capture and log attacker interactions through a virtual filesystem.
A plugin repository that extends the Honeycomb honeypot framework with additional features and capabilities for enhanced threat detection and analysis.
A plugin repository that extends the Honeycomb honeypot framework with additional features and capabilities for enhanced threat detection and analysis.
A low-interaction SSH honeypot that logs connection attempts, usernames, and passwords without allowing actual login access.
A low-interaction SSH honeypot that logs connection attempts, usernames, and passwords without allowing actual login access.
Ensnare is a Ruby on Rails gem that deploys honey traps and automated responses to detect and interfere with malicious behavior in web applications.
A Go-based honeypot server for detecting and logging attacker activity
DDoSPot is a plugin-based honeypot platform that tracks UDP-based DDoS attacks and generates daily blacklists of potential attackers and scanners.
