Directory of Honeypots and Honeynets Resources

Home > Computers > Security > Honeypots and Honeynets

Resources in This Category

• An Evening with Berferd

  http://all.net/books/berferd/berferd.html
  A hacker is lured, endured, and studied. One of the first examples of a honeypot. First published in 1992.

• Anton Chuvakin Honeynet

  http://www.chuvakin.com/honeynet/
  Live honeynet status data, papers produced as a result of research, and other related resources.

• APT detection system using honeypots

  http://www.wseas.us/e-library/conferences/2013/Valencia/ACIC/ACIC-02.pdf
  APT detection system using honeypots

• Basted

  http://basted.sourceforge.net/
  A program that acts as a honeypot for spammers who use spambots to harvest email addresses from Web sites.

• Capture

  https://projects.honeynet.org/capture-hpc
  A high interaction client honeypot. A client honeypot is a security technology that allows one to find malicious servers on a network.

• Deception ToolKit (DTK)

  http://all.net/dtk/index.html
  A toolkit designed to make it appear to attackers as if the system running DTK has a large number of widely known vulnerabilities.

• Deploying and Using Sinkholes

  http://www.nanog.org/meetings/nanog28/presentations/sink.pdf
  Sink Holes - an ISP Security Tool

• Dynamic Honeypots

  http://www.symantec.com/connect/articles/dynamic-honeypots
  Honeypots that dynamically learn your network then deploy virtual honeypots that adapt to your network.

• Fighting Internet Worms With Honeypots

  http://www.symantec.com/connect/articles/fighting-internet-worms-honeypots
  This paper evaluates the usefulness of using honeypots to fight Internet worms and perform counterattacks.

• For Stronger Password Security, Try a Spoonful of Honeywords

  http://www.wired.com/insights/2013/05/for-stronger-password-security-try-a-spoonful-of-honeywords/
  Describing new scheme of password protection called honeywords.

• Glastopf Honeypot Project Page

  http://glastopf.org/
  Glastopf is a small Python webserver which emulates thousands of web application vulnerabilities.

• Google Hack Honeypot (GHH)

  http://sourceforge.net/projects/ghh/
  Emulates a vulnerable web application by allowing itself to be indexed by search engines. Project information and free download.

• Honeybee

  http://www.thomas-apel.de/honeybee/
  A tool for semi-automatically creating emulators of network server applications.

• HoneyBOT

  http://www.atomicsoftwaresolutions.com/
  A free windows based medium interaction honeypot solution.

• HoneyC Low-Interaction Client Honeypot

  https://projects.honeynet.org/honeyc/
  A platform independent low interaction client honeypot that allows identify rogue servers on the web.

• Honeycomb

  http://www.icir.org/christian/honeycomb/
  A system for automated generation of signatures for network intrusion detection systems (NIDSs).

• Honeyd

  http://www.citi.umich.edu/u/provos/honeyd/
  Small daemon that creates virtual hosts on a network (honeypot). Can be used as a virtual honeynet, for network monitoring, or as a spam trap. For *BSD, GNU/Linux, and Solaris.

• Honeyd Control Center

  http://old.zope.org/Members/Ioan/HoneydCenter/
  Honeyd configuration wizard, a SQL Interface, and reports.

• HoneyDrive Desktop

  http://bruteforce.gr/honeydrive-desktop-released.html
  A virtual appliance containing various honeypot software packages.

• HoneyDrive | Free software downloads at SourceForge.net

  http://sourceforge.net/projects/honeydrive/
  Premiere honeypot bundle distro.

• Honeynet.org: Tracking Botnets

  http://www.honeynet.org/papers/bots/
  Paper on the use of honeynets to learn more about botnets. Covers uses of botnets, how they work and how to track them.

• Honeypot (computing) - Wikipedia

  http://en.wikipedia.org/wiki/Honeypot_(computing)
  Brief encyclopedia article describing Honeypots.

• Honeypot + Honeypot = Honeynet

  http://www.eweek.com/c/a/IT-Management/Honeypot-Honeypot-Honeynet/
  Article discussing the creation of the Honeynet Project.

• Honeypots

  http://www.honeypots.net/
  Information covering intrusion detection and prevention systems, research and production honeypots, and incident handling. Also provides general overview of network security issues.

• Honeypots: A Security Manager's Guide to Honeypots

  http://www.sans.edu/research/security-laboratory/article/honeypots-guide
  A discussion by Stephen Northcutt and Eric Cole, SANS Technology Institute, on the values and risks of deploying honeypots in one's organization.

• Honeypots: Monitoring and Forensics Project

  http://honeypots.sourceforge.net/
  Techniques, tools and resources for conducting Honeypot Research and Forensic Investigation. White papers include monitoring VMware honeypots, apache web server honeypots, and VMware honeypot forensics.

• HoneySink: Beta Release | The Honeynet Project

  http://www.honeynet.org/node/773
  HoneySink is an open source network sinkhole that provides a mechanism for detection and prevention of malicious traffic on a given network.

• Honeytokens -The Other Honeypot

  http://www.symantec.com/connect/articles/honeytokens-other-honeypot
  This paper discusses honeytokens, honeypots that are not computers, but rather digital entities that are stored in a restricted part of the network.

• Honeywall

  https://projects.honeynet.org/honeywall
  The Honeywall CDROM is a bootable CD that installs onto a hard drive and comes with all the tools and functionality for you to implement data capture, control and analysis.

• Honeywall CDROM

  http://www.honeynet.org/project/HoneywallCDROM
  A honeynet gateway on a bootable CDROM.

• Honeywords: Making Password-Cracking Detectable

  http://people.csail.mit.edu/rivest/pubs/JR13.pdf
  Research paper suggesting a simple method for improving the security of hashed passwords: the maintenance of additional \honeywords" (false passwords) associated with each user's account.

• Impost

  http://impost.sourceforge.net/
  Impost can either act as a honey pot and take orders from a Perl script controlling how it responds and communicates with connecting clients; or it can operate as a packet sniffer and monitor incoming data to specified destination port supplied by the command-line arguments (pre-release version available).

• KeyFocus - KF Sensor - Honey pot IDS

  http://www.keyfocus.net/kfsensor/
  A Windows honeypot designed to attract and detect hackers by simulating vulnerable system services and trojans.

• kippo - SSH Honeypot - Google Project Hosting

  https://github.com/desaster/kippo
  A medium interaction SSH honeypot designed to log brute force attacks and, most importantly, the entire shell interaction performed by the attacker.

• Know Your Enemy

  http://www.honeynet.org/papers/
  A series of white papers describing the concepts and technology of the Honeynet Project and Research Alliance and sharing lessons learned.

• Know Your Enemy: GenII Honeynets

  http://www.honeynet.org/papers/gen2/
  An Introduction to second generation honeynets (honeywalls).

• Know your Enemy: Phishing

  http://www.honeynet.org/papers/phishing/
  This white paper aims to provide practical information on the practice of phishing and draws on data collected by the German Honeynet Project and UK Honeynet Project.

• LaBrea Tarpit

  http://labrea.sourceforge.net/
  A program that creates a tarpit or, as some have called it, a "sticky honeypot".

• Medium Interaction Honeypots

  http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.133.9431&rep=rep1&type=pdf
  Document outlines the weaknesses of different existing approaches to catch malware – especially bots – and shows how Medium Interaction Honeypots solves these problems.

• MicroSolved, Inc.

  http://microsolved.com/
  Seller of HoneyPoint family of products.

• NoAH

  http://www.fp6-noah.org/
  European Network of Affiliated Honeypots.

• Open Proxy Honeypot

  http://www.webappsec.org/projects/honeypots/
  Web Application Security Consortium Distributed Open Proxy Honeypot Project.

• Problems and Challenges with Honeypots

  http://www.symantec.com/connect/articles/problems-and-challenges-honeypots
  Article discussing issues with Honeypot technology, focusing on dealing with the possibility of your Honeypot being detected (and potentially abused) by an attacker.

• SCADA HoneyNet Project

  http://scadahoneynet.sourceforge.net/
  SCADA HoneyNet Project: Building Honeypots for Industrial Networks (SCADA, DCS, and PLC architectures).

• SecurityFocus: Defeating Honeypots - Network issues, Part 1

  http://www.symantec.com/connect/articles/defeating-honeypots-network-issues-part-1
  Article discussing methods hackers use to detect honeypots.

• SecurityFocus: Defeating Honeypots: System Issues, Part 1

  http://www.symantec.com/connect/articles/defeating-honeypots-system-issues-part-1
  This two-part paper discusses how hackers discover, interact with, and sometimes disable honeypots at the system level and the application layer.

• Securityfocus: Fighting Spammers With Honeypots

  http://www.symantec.com/connect/articles/fighting-spammers-honeypots-part-1
  This paper evaluates the usefulness of using honeypots to fight spammers.

• SecurityFocus: Honeypot Farms

  http://www.symantec.com/connect/articles/honeypot-farms
  This article is about deploying and managing honeypots in large, distributed environments through the use of Honeypot Farms.

• SourceForge.net: Project - HoneyView

  http://sourceforge.net/projects/honeyview
  A tool to analyze honeyd-logfiles of the honeyd-daemon. Generates graphical and textual results from queries against the logfile data.

• Spampoison

  http://www.spampoison.com/
  Website set up to deliver almost infinite numbers of bogus email addresses to email harvesting bots.

• spank

  http://spank.sourceforge.net/
  A collection of programs to deploy, run and analyse network and host simulations in IP networks.

• Sweet Password Security Strategy: Honeywords - Security - Intrusion

  http://www.informationweek.com/security/intrusion-prevention/sweet-password-security-strategy-honeywo/240154334
  To improve detection of database breaches, businesses should store multiple fake passwords and monitor attempts to use them, according to researchers at security firm RSA.

• Sysenter Honeynet Project

  http://www.sysenter-honeynet.org/
  A volunteer no-profit research organization. Aim is to provide information about emerging security threats and vulnerabilities active in the wild in order to learn tools, tactics, and motives of the blackhat community and to share such information with IT community in order to improve the security of the Internet.

• The Bait and Switch Honeypot System

  http://baitnswitch.sourceforge.net/
  A system that redirects all hostile traffic from your production systems to a honeypot that is a partial mirror of your production system. Once switched, the would-be hacker is unknowingly attacking your honeypot instead of the real data.

• The Strider HoneyMonkey Project

  http://research.microsoft.com/HoneyMonkey/
  Microsoft Research project to detect and analyze Web sites hosting malicious code using client-side honeypots.

• The Team Cymru Darknet Project

  http://www.team-cymru.org/darknet.html
  A Darknet is a portion of routed, allocated IP space in which no active services or servers seemingly reside. However, there is in fact include at least one server for real-time analysis or post-event network forensics.

• Thug low-interaction honeyclient

  http://buffer.github.io/thug/
  A Python low-interaction honeyclient aimed at mimicing the behavior of a web browser in order to detect and emulate malicious contents

• Tiny Honeypot (thp)

  http://freecode.com/projects/thp
  A simple honey pot program based on iptables redirects and an xinetd listener.

• Valhala Honeypot | Free System Administration software downloads at SourceForge.net

  http://sourceforge.net/projects/valhalahoneypot/
  A honeypot for the Windows System with http (web), ftp, tftp, finger, pop3 enabled

• webhoneypot - DShield.org Web Application Honeypot - Google Project Hosting

  https://code.google.com/p/webhoneypot/
  Dshield web honeypot

• WebMaven (Buggy Bank)

  http://www.mavensecurity.com/webmaven
  WebMaven is an intentionally broken web application. It is intended to be used in a safe legal environment (your own host) as a training tool, as a basic benchmark platform to test web application security scanners and as a Honeypot.

• Wikipedia: Client Honeypot

  http://en.wikipedia.org/wiki/Client_honeypot
  Encyclopedia article about the security devices, including several examples.

• Wireless Honeypots

  http://www.symantec.com/connect/articles/wireless-honeypot-countermeasures
  Article discussing the use of honeypot technology to combat attacks on wireless networks.

Related Categories

• Home > Computers > Security > Internet > Research
• Home > Computers > Security > Intrusion Detection Systems

 

Home > Computers > Security > Honeypots and Honeynets

 

---

 

Thanks to DMOZ, which built a great web directory for nearly two decades and freely shared it with the web. About us