The High Interaction Honeypot Analysis Toolkit (HIHAT) allows to transform arbitrary PHP applications into web-based high-interaction Honeypots. Furthermore a graphical user interface is provided which supports the process of monitoring the Honeypot and analysing the acquired data. Features: * automatically scans for known attacks. * detects SLQ-Injections, (Remote) File-Inlcusions, Cross-Site Scripting (XSS), Download attempts for malicious files e.g. with WGET or CURL, Command-Injections, etc. * provides an overview mode which allows you to look and scan for new incidents quickly (semi-automatic mode). * supports detailed information about all data correlated with every access to the honeypot. * saves copies of malicious tools in a secured place for later analysis. * provides a geographical, IP-based mapping about the attack sources. * generates numerous statistics about all traffic recognized at the system.