T-Pot is the all in one, optionally distributed, multiarch (amd64, arm64) honeypot plattform, supporting 20+ honeypots and countless visualization options using the Elastic Stack, animated live attack maps and lots of security tools to further improve the deception experience. TL;DR Meet the system requirements. The T-Pot installation needs at least 8-16 GB RAM, 128 GB free disk space as well as a working (outgoing non-filtered) internet connection. Download or use a running, supported distribution. Install the ISO with as minimal packages / services as possible (ssh required) Install curl: $ sudo [apt, dnf, zypper] install curl if not installed already Run installer as non-root from $HOME: env bash -c "$(curl -sL https://github.com/telekom-security/tpotce/raw/master/install.sh)" Follow instructions, read messages, check for possible port conflicts and reboot Table of Contents T-Pot - The All In One Multi Honeypot Platform TL;DR Table of Contents Disclaimer Technical Concept Technical Architecture Services User Types System Requirements Running in a VM Running on Hardware Running in a Cloud Required Ports System Placement Installation
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A Docker-based honeypot network implementation featuring cowrie and dionaea honeypots with centralized event collection, geolocation enrichment, and real-time attack visualization.
A low-interaction SSH authentication logging honeypot that logs all authentication attempts in JSON format.
A WordPress plugin that logs failed login attempts to help monitor unauthorized access attempts on WordPress websites.
A plugin repository that extends the Honeycomb honeypot framework with additional features and capabilities for enhanced threat detection and analysis.
An SDN honeypot tool for detecting and analyzing malicious activities in Software-Defined Networking environments.
A low interaction client honeypot that detects malicious websites using signature, anomaly and pattern matching techniques with automated URL collection and JavaScript analysis capabilities.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.