Honeycomb Logo

Honeycomb

0
Free
Visit Website

Honeycomb is a system for automated generation of signatures for network intrusion detection systems (NIDSs) by applying protocol analysis and pattern-detection techniques to traffic captured on honeypots. It is particularly effective at spotting worms and can create detailed signatures for known threats like Slammer and Code Red. The system can be used to actively search for signatures in any kind of traffic and has potential applications in spam detection.

FEATURES

ALTERNATIVES

Open-source set of libraries and drivers to accelerate network performance.

A honeypot designed to detect and analyze malicious activities in instant messaging platforms.

NFStream is a multiplatform Python framework for network flow data analysis with a focus on speed and flexibility.

Network metadata capture and analysis tool

A simple IOC scanner bash script for Linux/Unix/OSX systems

Tool used to scan a range of IP addresses to identify active hosts and gather information about them.

Detects Kippo SSH honeypot instances externally

Fast passive subdomain enumeration tool