GridPot is a honeypot framework designed for industrial control systems (ICS) security research and attack detection. The tool integrates three key components: GridLAB-D for power grid simulation, Conpot as the honeypot platform, and libiec61850 for IEC 61850 protocol support. The framework simulates realistic industrial environments by combining power system modeling capabilities with honeypot functionality. GridLAB-D provides the underlying power flow simulation engine, while Conpot handles the honeypot operations and attack detection mechanisms. The libiec61850 library enables support for the IEC 61850 communication protocol commonly used in electrical substations and power systems. GridPot requires several dependencies including autoconf, automake, libtool, subversion, python-dev, mysql-server, python-mysqldb, xerces-c, and libcurl. The setup process involves configuring MySQL database, installing Conpot with Python setup tools, building GridLAB-D from source using autotools, and compiling libiec61850 with make commands. The tool allows security researchers to deploy realistic industrial control system environments that can attract and analyze attacks targeting critical infrastructure. It provides capabilities for monitoring unauthorized access attempts, protocol manipulation, and other malicious activities directed at power grid systems.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A web-based visualization tool that displays statistics and generates charts from Shockpot honeypot data stored in PostgreSQL databases.
A Docker-based honeypot network implementation featuring cowrie and dionaea honeypots with centralized event collection, geolocation enrichment, and real-time attack visualization.
An Apache 2 based honeypot with detection capabilities specifically designed to identify and analyze Struts CVE-2017-5638 exploitation attempts.
An SDN honeypot tool for detecting and analyzing malicious activities in Software-Defined Networking environments.
A low interaction honeypot to detect CVE-2018-2636 in Oracle Hospitality Applications.
A plugin repository that extends the Honeycomb honeypot framework with additional features and capabilities for enhanced threat detection and analysis.
A WordPress plugin that logs failed login attempts to help monitor unauthorized access attempts on WordPress websites.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.