Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/alphaSeclab/awesome-honeypot

Awesome Honeypot Resource Collection. Including 250+ Honeypot tools, and 350+ posts about Honeypot.
https://github.com/alphaSeclab/awesome-honeypot

List: awesome-honeypot

honeypot

Last synced: 3 months ago
JSON representation

Awesome Honeypot Resource Collection. Including 250+ Honeypot tools, and 350+ posts about Honeypot.

Awesome Lists containing this project

README

        

# 所有收集类项目:
- [收集的所有开源工具: sec-tool-list](https://github.com/alphaSeclab/sec-tool-list): 超过18K, 包括Markdown和Json两种格式
- [全平台逆向资源: awesome-reverse-engineering](https://github.com/alphaSeclab/awesome-reverse-engineering):
- Windows平台安全: PE/DLL/DLL-Injection/Dll-Hijack/Dll-Load/UAC-Bypass/Sysmon/AppLocker/ETW/WSL/.NET/Process-Injection/Code-Injection/DEP/Kernel/...
- Linux安全: ELF/...
- macOS/iXxx安全: Mach-O/越狱/LLDB/XCode/...
- Android安全: HotFix/XPosed/Pack/Unpack/Emulator/Obfuscate
- 知名工具: IDA/Ghidra/x64dbg/OllDbg/WinDBG/CuckooSandbox/Radare2/BinaryNinja/DynamoRIO/IntelPin/Frida/QEMU/...
- [网络相关的安全资源: awesome-network-stuff](https://github.com/alphaSeclab/awesome-network-stuff):
- 网络通信: 代理/SS/V2ray/GFW/反向代理/隧道/VPN/Tor/I2P/...
- 网络攻击: 中间人/PortKnocking/...
- 网络分析: 嗅探/协议分析/网络可视化/网络分析/网络诊断等
- [攻击性网络安全资源: awesome-cyber-security](https://github.com/alphaSeclab/awesome-cyber-security): 漏洞/渗透/物联网安全/数据渗透/Metasploit/BurpSuite/KaliLinux/C&C/OWASP/免杀/CobaltStrike/侦查/OSINT/社工/密码/凭证/威胁狩猎/Payload/WifiHacking/无线攻击/后渗透/提权/UAC绕过/...
- [开源远控和恶意远控分析报告: awesome-rat](https://github.com/alphaSeclab/awesome-rat): 开源远控工具: Windows/Linux/macOS/Android; 远控类恶意恶意代码的分析报告等
- [Webshell工具和分析/使用文章: awesome-webshell](https://github.com/alphaSeclab/awesome-webshell): Webshell资源收集, 包括150个Github项目, 200个左右文章
- [取证相关工具和文章: awesome-forensics](https://github.com/alphaSeclab/awesome-forensics): 近300个取开源取证工具,近600与取证相关文章
- [蜜罐资源: awesome-honeypot](https://github.com/alphaSeclab/awesome-honeypot): 250+个取开源蜜罐工具,350+与蜜罐相关文章

# honeypot

- 250+蜜罐工具,350+跟蜜罐有关文章.
- [English Version](https://github.com/alphaSeclab/awesome-honeypot/blob/master/Readme_en.md)

# 目录
- [工具](#a2df15c7819a024c2f5c4a7489285597)
- [(178) 未分类](#a53d22b9c5d09dc894413453f4755658)
- [(5) 收集](#efde8c850d8d09e7c94aa65a1ab92acf)
- [(49) SSH&&Telnet](#c8f749888134d57b5fb32382c78ef2d1)
- [(9) Docker](#2e3aed6e2eb3c766dfc9fc9e2366822a)
- [(5) 部署](#09ca001321cd03b28a6a61d02dbf9875)
- [(5) Wordpress](#9aa5628c3f74ba02986e52c463ec17d7)
- [文章](#957ad521896ad97286dbf23edaf1c8d9)
- [(361) 新添加](#f8e1e47d56133ac82f5bf3d331d2c4d0)

# 工具

***

## 未分类

- [**1860**星][3m] [Py] [pwnlandia/mhn](https://github.com/pwnlandia/mhn) 蜜罐网络
- [**1334**星][25d] [Go] [hacklcx/hfish](https://github.com/hacklcx/hfish) 扩展企业安全测试主动诱导型开源蜜罐框架系统,记录黑客攻击手段
- [**846**星][4y] [utkusen/hidden-tear](https://github.com/utkusen/hidden-tear) an open source ransomware honeypot
- [**748**星][3m] [Py] [buffer/thug](https://github.com/buffer/thug) Python low-interaction honeyclient
- [**709**星][28d] [Py] [mushorg/conpot](https://github.com/mushorg/conpot) ICS/SCADA honeypot
- [**674**星][7m] [Go] [honeytrap/honeytrap](https://github.com/honeytrap/honeytrap) 高级蜜罐框架, 可以运行/监控/管理蜜罐. Go语言编写
- [**597**星][6m] [Py] [dmpayton/django-admin-honeypot](https://github.com/dmpayton/django-admin-honeypot) a fake Django admin login screen to log and notify admins of attempted unauthorized access.
- [**590**星][3m] [Py] [thinkst/opencanary](https://github.com/thinkst/opencanary) Modular and decentralised honeypot
- [**437**星][1y] [Py] [0x4d31/honeylambda](https://github.com/0x4d31/honeylambda) honeyλ - a simple, serverless application designed to create and monitor fake HTTP endpoints (i.e. URL honeytokens) automatically, on top of AWS Lambda and Amazon API Gateway
- [**398**星][4m] [Py] [mushorg/glastopf](https://github.com/mushorg/glastopf) Web Application Honeypot
- [**386**星][4m] [PHP] [msurguy/honeypot](https://github.com/msurguy/honeypot) 一种简单有效的方法,来阻止某些进入您网站的垃圾邮件机器人
- [**384**星][4m] [Py] [p1r06u3/opencanary_web](https://github.com/p1r06u3/opencanary_web) The web management platform of honeypot
- [**382**星][4m] [Py] [foospidy/honeypy](https://github.com/foospidy/honeypy) A low to medium interaction honeypot.
- [**379**星][2m] [Py] [dinotools/dionaea](https://github.com/dinotools/dionaea) Home of the dionaea honeypot
- [**328**星][1y] [JS] [shmakov/honeypot](https://github.com/shmakov/honeypot) Low interaction honeypot that displays real time attacks
- [**272**星][1y] [Py] [gbafana25/esp8266_honeypot](https://github.com/gbafana25/esp8266_honeypot) a honeypot programmed in Micropython for the ESP8266
- [**230**星][1y] [Shell] [aplura/tango](https://github.com/aplura/tango) Honeypot Intelligence with Splunk
- [**230**星][3m] [Py] [johnnykv/heralding](https://github.com/johnnykv/heralding) Credentials catching honeypot
- [**227**星][29d] [Py] [jamesturk/django-honeypot](https://github.com/jamesturk/django-honeypot) Django application that provides utilities for preventing automated form spam.
- [**223**星][22d] [Py] [mushorg/snare](https://github.com/mushorg/snare) Super Next generation Advanced Reactive honEypot
- [**204**星][6y] [CoffeeScript] [fw42/honeymap](https://github.com/fw42/honeymap) Real-time websocket stream of GPS events on a fancy SVG world map
- [**195**星][6y] [C] [datasoft/honeyd](https://github.com/datasoft/honeyd) virtual honeypots
- [**192**星][10m] [Go] [0x4d31/honeybits](https://github.com/0x4d31/honeybits) A PoC tool designed to enhance the effectiveness of your traps by spreading breadcrumbs & honeytokens across your systems to lure the attacker toward your honeypots
- [**172**星][2y] [Py] [awhitehatter/mailoney](https://github.com/awhitehatter/mailoney) An SMTP Honeypot
- [**168**星][2y] [PS] [javelinnetworks/honeypotbuster](https://github.com/javelinnetworks/honeypotbuster) Microsoft PowerShell module designed for red teams that can be used to find honeypots and honeytokens in the network or at the host.
- [**162**星][9m] [Py] [sa7mon/miniprint](https://github.com/sa7mon/miniprint) A medium interaction printer honeypot
- [**150**星][6y] [Py] [rep/dionaea](https://github.com/rep/dionaea) dionaea low interaction honeypot (forked from dionaea.carnivore.it)
- [**131**星][4y] [Go] [jordan-wright/elastichoney](https://github.com/jordan-wright/elastichoney) A Simple Elasticsearch Honeypot
- [**128**星][6m] [Go] [mushorg/glutton](https://github.com/mushorg/glutton) Generic Low Interaction Honeypot
- [**116**星][4y] [Py] [shiva-spampot/shiva](https://github.com/shiva-spampot/shiva) Spam Honeypot with Intelligent Virtual Analyzer
- [**103**星][2m] [Py] [huuck/adbhoney](https://github.com/huuck/adbhoney) Low interaction honeypot designed for Android Debug Bridge over TCP/IP
- [**102**星][4y] [utkusen/eda2](https://github.com/utkusen/eda2) a more complex ransomware honeypot
- [**96**星][3y] [Py] [torque59/nosqlpot](https://github.com/torque59/nosqlpot) The NoSQL Honeypot Framework
- [**85**星][4y] [Py] [omererdem/honeything](https://github.com/omererdem/honeything) TR-069 Honeypot
- [**78**星][11m] [Py] [cymmetria/honeycomb](https://github.com/cymmetria/honeycomb) An extensible honeypot framework
- [**77**星][5m] [Go] [netxfly/x-proxy](https://github.com/netxfly/x-proxy) honeypot proxy
- [**76**星][4y] [PS] [pwdrkeg/honeyport](https://github.com/pwdrkeg/honeyport) A powershell script for creating a Windows honeyport.
- [**74**星][2y] [Py] [gento/dionaea](https://github.com/gento/dionaea) 低交互蜜罐
- [**73**星][5y] [Shell] [andrewmichaelsmith/honeypot-setup-script](https://github.com/andrewmichaelsmith/honeypot-setup-script) Honeypot (Dionaea and kippo) setup script
- [**72**星][3y] [C] [tillmannw/honeytrap](https://github.com/tillmannw/honeytrap) a low-interaction honeypot
- [**68**星][8m] [JS] [plazmaz/mongodb-honeyproxy](https://github.com/plazmaz/mongodb-honeyproxy) A honeypot proxy for mongodb. When run, this will proxy and log all traffic to a dummy mongodb server.
- [**65**星][3y] [PHP] [cymmetria/strutshoneypot](https://github.com/cymmetria/strutshoneypot) Struts Apache 2 based honeypot as well as a detection module for Apache 2 servers
- [**65**星][2y] [HTML] [secwiki/ipot](https://github.com/secwiki/ipot) 蜜罐技术研究小组
- [**60**星][5y] [Go] [jgrahamc/torhoney](https://github.com/jgrahamc/torhoney) Gets the list of TOR exit nodes and matches them with Project Honeypot data
- [**57**星][5y] [C] [honeynet/ghost-usb-honeypot](https://github.com/honeynet/ghost-usb-honeypot) A honeypot for malware that propagates via USB storage devices
- [**54**星][7m] [Py] [masood-m/yalih](https://github.com/masood-m/yalih) a low Interaction Client honeypot designed to detect malicious websites through signature, anomaly and pattern matching techniques
- [**53**星][6m] [HTML] [d1str0/drupot](https://github.com/d1str0/drupot) Drupal Honeypot
- [**53**星][4y] [PHP] [gfoss/phpmyadmin_honeypot](https://github.com/gfoss/phpmyadmin_honeypot) phpmyadmin honeypot
- [**50**星][4y] [Py] [jpyorre/intelligenthoneynet](https://github.com/jpyorre/intelligenthoneynet) The Intelligent Honey Net Project attempts to create actionable information from honeypots
- [**49**星][1m] [Py] [zdresearch/owasp-honeypot](https://github.com/zdresearch/owasp-honeypot) OWASP Honeypot
- [**48**星][2y] [Py] [rubenespadas/dionaeafr](https://github.com/rubenespadas/dionaeafr) Front Web to Dionaea low-interaction honeypot.
- [**48**星][8m] [Py] [anouarbensaad/honeypot-iot](https://github.com/anouarbensaad/honeypot-iot) This tool to simulate http server attacks in Python which logs HackerIP and all the tracing he does into a Logfile then a database.
- [**47**星][3m] [Py] [pwnlandia/shockpot](https://github.com/pwnlandia/shockpot) WebApp Honeypot for detecting Shell Shock exploit attempts
- [**46**星][7y] [C] [shjalayeri/mcedp](https://github.com/shjalayeri/mcedp) Malicious Code Execution Detection Prevention (MCEDP) High Interaction Client Honeypot
- [**44**星][8m] [Py] [0x4d31/honeyku](https://github.com/0x4d31/honeyku) A Heroku-based web honeypot that can be used to create and monitor fake HTTP endpoints (i.e. honeytokens).
- [**43**星][6y] [Py] [fygrave/honeyntp](https://github.com/fygrave/honeyntp) NTP logger/honeypot
- [**41**星][7m] [Py] [kryptoslogic/rdppot](https://github.com/kryptoslogic/rdppot) RDP honeypot
- [**40**星][5y] [Py] [alexbredo/honeypot-camera](https://github.com/alexbredo/honeypot-camera) observation camera honeypot
- [**40**星][5y] [Go] [dutchcoders/troje](https://github.com/dutchcoders/troje) Troje is a honeypot built around lxc containers. It will run each connection with the service within a seperate lxc container.
- [**39**星][9m] [Py] [zeroq/amun](https://github.com/zeroq/amun) Amun Honeypot
- [**38**星][4y] [Py] [cudeso/cudeso-honeypot](https://github.com/cudeso/cudeso-honeypot) Honeypot repo
- [**38**星][6y] [C] [shjalayeri/pwnypot](https://github.com/shjalayeri/pwnypot) PwnyPot, High Interaction Client Honeypot
- [**37**星][6y] [Py] [johnnykv/mnemosyne](https://github.com/johnnykv/mnemosyne) Normalizer for honeypot data.
- [**37**星][5y] [C] [sk4ld/gridpot](https://github.com/sk4ld/gridpot) Open source tools for realistic-behaving electric grid honeynets
- [**36**星][2y] [Go] [mojachieee/go-honeypot](https://github.com/mojachieee/go-honeypot) A honeypot server written in Go.
- [**34**星][1y] [JS] [cymmetria/ciscoasa_honeypot](https://github.com/cymmetria/ciscoasa_honeypot) A low interaction honeypot for the Cisco ASA component capable of detecting CVE-2018-0101, a DoS and remote code execution vulnerability.
- [**34**星][2y] [JS] [honeypotio/techmap](https://github.com/honeypotio/techmap) Honeypot's Tech Map
- [**30**星][2y] [Py] [revengecoming/demonhunter](https://github.com/revengecoming/demonhunter) Distributed Honeypot
- [**29**星][3m] [PHP] [eymengunay/eohoneypotbundle](https://github.com/eymengunay/eohoneypotbundle) Honeypot type for Symfony forms
- [**29**星][4y] [HTML] [schmalle/nodepot](https://github.com/schmalle/nodepot) A nodejs web application honeypot
- [**28**星][5m] [Py] [jekil/udpot](https://github.com/jekil/udpot) Simple UDP honeypot script
- [**28**星][3y] [Shell] [securitygeneration/honeyport](https://github.com/securitygeneration/honeyport) Bash and Python Honeyport scripts
- [**27**星][3y] [Py] [mzweilin/ipv6-attack-detector](https://github.com/mzweilin/ipv6-attack-detector) Google Summer of Code 2012 project, supported by The Honeynet Project organization.
- [**27**星][1y] [Py] [honeynet/checkpot](https://github.com/honeynet/checkpot) Checkpot Honeypot Checker
- [**25**星][4y] [Shell] [binkybear/honeypi](https://github.com/binkybear/honeypi) Bash script to install Honeypot projects ona Raspbian System
- [**25**星][4y] [Shell] [cert-polska/hsn2-bundle](https://github.com/cert-polska/hsn2-bundle) a highly-scalable system integrating multiple client honeypots to detect malicious websites.
- [**25**星][5y] [C] [honeynet/phoneyc](https://github.com/honeynet/phoneyc)
- [**25**星][12d] [F#] [paralax/burningdogs](https://github.com/paralax/burningdogs) Honeypot log processor to create OTX Pulse entries
- [**25**星][2y] [Py] [scanfsec/ihoneyportscan](https://github.com/scanfsec/ihoneyportscan) 轻量端口扫描器、信息泄露扫描、批量网站备份扫描
- [**24**星][2y] [Shell] [oniondecoy/installer](https://github.com/oniondecoy/installer) A platform to run private unannounced Honeypots as Tor Hidden Services (aka Onion Decoys) inside the Tor Network.
- [**24**星][4m] [Shell] [owasp/honeypot-project](https://github.com/owasp/honeypot-project) to identify emerging attacks against web applications and report them to the community, in order to facilitate protection against such targeted attacks.
- [**22**星][10m] [CSS] [ytisf/apate](https://github.com/ytisf/apate) Your Friendly Neighbourhood Honeypot Maker and Manager
- [**21**星][2y] [Shell] [wolfvan/some-samples](https://github.com/wolfvan/some-samples) Malware captured with honeypots
- [**20**星][3y] [Go] [0x4445565a/portanoia](https://github.com/0x4445565a/portanoia) A tool that sets a honeypot port and runs a command against every IP that connects to it.
- [**20**星][11m] [HTML] [cymmetria/honeycomb_plugins](https://github.com/cymmetria/honeycomb_plugins) The plugin repository for Honeycomb, the honeypot framework by Cymmetria
- [**19**星][10m] [Shell] [graneed/bwpot](https://github.com/graneed/bwpot) 高対話型ハニーポット
- [**19**星][5m] [Go] [magisterquis/vnclowpot](https://github.com/magisterquis/vnclowpot) Low-interaction VNC honeypot with a static challenge.
- [**19**星][2y] [Py] [r0hi7/honeysmb](https://github.com/r0hi7/honeysmb) Simple High Interaction Honeypot Solution for SMB protocol
- [**19**星][7y] [C#] [schmalle/mysqlpot](https://github.com/schmalle/mysqlpot) A mysql honeypot, still very very early stage
- [**18**星][6y] [PHP] [chh/stack-honeypot](https://github.com/chh/stack-honeypot) Inserts a trap for spam bots into responses.
- [**18**星][5y] [Shell] [free5ty1e/honeypotpi](https://github.com/free5ty1e/honeypotpi) Script for turning a Raspberry Pi into a Honey Pot Pi
- [**18**星][6y] [Shell] [ikoniaris/dionaea-vagrant](https://github.com/ikoniaris/dionaea-vagrant) Vagrant configuration to setup a Dionaea honeypot VM
- [**18**星][2y] [C#] [nao-sec/starc](https://github.com/nao-sec/starc) Simple high-interactive client honeypot
- [**17**星][2y] [Py] [g4lb1t/tc2017](https://github.com/g4lb1t/tc2017) Anti-Honeypot Demo (obsolete)
- [**17**星][11m] [Py] [lcatro/etherum_rpc_steal](https://github.com/lcatro/etherum_rpc_steal) 以太坊"偷渡"漏洞利用和蜜罐工具集.
- [**17**星][5y] [Perl] [miguelraulb/spamhat](https://github.com/miguelraulb/spamhat) Spam Honeypot Tool
- [**17**星][3y] [Py] [travisbgreen/intel_amt_honeypot](https://github.com/travisbgreen/intel_amt_honeypot) intel amt honeypot
- [**16**星][4y] [orthographic-pedant/honeypot](https://github.com/orthographic-pedant/honeypot) Any other spell-checkers out there? Let's call this one the bait.
- [**15**星][5y] [JS] [mycert/espot](https://github.com/mycert/espot) ESPot - ElasticSearch Honeypot
- [**15**星][2y] [Py] [pratiklotia/sdn-intrusion-prevention-system-honeypot](https://github.com/pratiklotia/sdn-intrusion-prevention-system-honeypot) Intrusion Prevention System to dynamically add firewall rules to block malicious traffic detected by IDS system implemented on Software Defined Networl (SDN). Alternatively, the malicious traffic can be redirected to a Honeypot Server. OpenFlow protocol used for SDN. Snort used for IDS (Intrusion Detection System).
- [**15**星][6y] [Perl] [tiny-honeypot/thp](https://github.com/tiny-honeypot/thp) Tiny Honeypot
- [**15**星][8m] [Py] [plazmaz/liquidhoney](https://github.com/plazmaz/liquidhoney) A small, fluid, low-interaction honeypot
- [**14**星][5y] [Py] [bjeborn/basic-auth-pot](https://github.com/bjeborn/basic-auth-pot) bap - http Basic Authentication honeyPot
- [**14**星][5y] [Py] [canadianjeff/honeywrt](https://github.com/canadianjeff/honeywrt) a low interaction Python honeypot that is designed to mimic services or ports that might get targeted by attackers.
- [**14**星][4y] [Py] [glaslos/honeyprint](https://github.com/glaslos/honeyprint) Printer honeypot
- [**13**星][2y] [Py] [cymmetria/weblogic_honeypot](https://github.com/cymmetria/weblogic_honeypot) WebLogic Honeypot is a low interaction honeypot to detect CVE-2017-10271 in the Oracle WebLogic Server component of Oracle Fusion Middleware. This is a Remote Code Execution vulnerability.
- [**13**星][6y] [PHP] [freak3dot/smart-honeypot](https://github.com/freak3dot/smart-honeypot) PHP Script demonstrating a smart honey pot.
- [**13**星][5y] [Py] [inguardians/toms_honeypot](https://github.com/inguardians/toms_honeypot) Tom's Honey Pot as seen in Applied Network Security Monitoring.
- [**13**星][7y] [Py] [upa/ofpot](https://github.com/upa/ofpot) OpenFlow Honeypot
- [**12**星][2y] [Go] [yvesago/imap-honey](https://github.com/yvesago/imap-honey) IMAP honeypot written in Golang
- [**11**星][2y] [Shell] [kulinacs/cowrie-attack](https://github.com/kulinacs/cowrie-attack) Mapping the ATT&CK matrix in a Cowrie honeypot
- [**11**星][7y] [Java] [schmalle/servletpot](https://github.com/schmalle/servletpot) Webapplication Honeypot
- [**11**星][5y] [Py] [sneakersinc/honeymalt](https://github.com/SneakersInc/HoneyMalt) Maltego tranforms for mapping Honeypot systems.
- [**11**星][2y] [Py] [johestephan/verysimplehoneypot](https://github.com/johestephan/VerySimpleHoneypot) Fetch all Honeypot
- [**11**星][2y] [Py] [schmalle/elasticpotpy](https://github.com/schmalle/elasticpotpy) Elasticsearch honeypot written in Python with Bottle framework
- [**10**星][5y] [Py] [alexbredo/honeypot-ftp](https://github.com/alexbredo/honeypot-ftp) FTP Honeypot
- [**10**星][9m] [Go] [packetflare/amthoneypot](https://github.com/packetflare/amthoneypot) Honeypot for Intel's AMT Firmware Vulnerability CVE-2017-5689
- [**10**星][5m] [Shell] [teakolik/honeytea](https://github.com/teakolik/honeytea) Cloudflare, Centos ve CMS birleşimi ile Honeypot
- [**10**星][2m] [HTML] [uhh-iss/honeygrove](https://github.com/uhh-iss/honeygrove) A multi-purpose, modular medium-interaction honeypot based on Twisted.
- [**10**星][7y] [JS] [yuchincheng/hpfeedshoneygraph](https://github.com/yuchincheng/hpfeedshoneygraph) HpfeedsHoneyGraph is a visualization app to visualize hpfeeds logs
- [**9**星][2y] [Py] [blaverick62/siren](https://github.com/blaverick62/siren) Semi-Intelligent HoneyPot Network - Semi-Intelligent Reactive Environment Network
- [**9**星][10m] [Py] [bocajspear1/honeyhttpd](https://github.com/bocajspear1/honeyhttpd) HoneyHTTPD is a Python-based web server honeypot builder.
- [**9**星][1y] [Ruby] [cedric/spamtrap](https://github.com/cedric/spamtrap) This is a simple spamtrap to fight spamdexing. You can create bogus form fields (honeypots) that will be filled-in by spambots. When these forms are submitted, the content will be discarded while still returning a 200 response.
- [**9**星][2y] [ASP] [cymmetria/micros_honeypot](https://github.com/cymmetria/micros_honeypot) MICROS Honeypot is a low interaction honeypot to detect CVE-2018-2636 in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (MICROS). This is a directory traversal vulnerability.
- [**9**星][6y] [CoffeeScript] [knalli/honeypot-for-tcp-32764](https://github.com/knalli/honeypot-for-tcp-32764) Honeypot for router backdoor (TCP 32764)
- [**9**星][4y] [Py] [naorlivne/dshp](https://github.com/naorlivne/dshp) damn simple honey pot
- [**9**星][7y] [Shell] [rshipp/slipm-honeypot](https://github.com/rshipp/slipm-honeypot) A simple low-interaction port monitoring honeypot.
- [**9**星][2y] [Py] [richpayne/jenny](https://github.com/richpayne/jenny) A scalable Mirai botnet honeypot
- [**8**星][2y] [Go] [betheroot/pghoney](https://github.com/betheroot/pghoney) Low-interaction Postgres Honeypot
- [**8**星][4y] [Go] [kingtuna/go-emulators](https://github.com/kingtuna/go-emulators) honeypot go lang emulators
- [**8**星][4y] [Py] [mushorg/imhoneypot](https://github.com/mushorg/imhoneypot) Instant messenger honeypot
- [**8**星][3y] [Go] [0x4d31/honeybits-win](https://github.com/0x4d31/honeybits-win) Windows version of honeybits - a PoC tool to create breadcrumbs and honeytokens, to lead the attackers to your honeypots!
- [**7**星][2y] [C] [anvol/micro-honeypot](https://github.com/anvol/micro-honeypot) Simple honeypot to block port scanning
- [**7**星][9y] [Java] [argomirr/honeypot](https://github.com/argomirr/honeypot) A honeypot plugin for Bukkit
- [**7**星][10m] [Rust] [bartnv/portlurker](https://github.com/bartnv/portlurker) Port listener / honeypot in Rust with protocol guessing and safe string display
- [**7**星][2y] [Shell] [executemalware/honeypot-visualizations](https://github.com/executemalware/honeypot-visualizations) some useful scripts and information that I use for visualizing the data from my Dionaea and Cowrie honeypots.
- [**7**星][1y] [PHP] [ph-7/fake-admin-honeypot-v1.1](https://github.com/ph-7/fake-admin-honeypot-v1.1) an effective and powerful honeypot fake admin CP for the security site
- [**6**星][Py] [0x4d31/honeytls](https://github.com/0x4d31/honeytls) Nothing but a simple dirty bash script to set up Bro, JA3 script for Bro and Nginx, that can be used as a simple honeypot to capture JA3 hashes (SSL/TLS client fingerprints)
- [**6**星][3m] [Ruby] [betheroot/sticky_elephant](https://github.com/betheroot/sticky_elephant) medium interaction postgresql honeypot
- [**6**星][17d] [PHP] [geerlingguy/drupal-honeypot](https://github.com/geerlingguy/drupal-honeypot) Official GitHub mirror of the Honeypot module for Drupal.
- [**6**星][10m] [Shell] [jamesbower/engagedthreat](https://github.com/jamesbower/engagedthreat) provide honeypot researchers the ability to hold the attention of an attacker or to induce the attacker to participate in some sort of increased activity.
- [**6**星][3y] [HTML] [shipcod3/honeypy](https://github.com/shipcod3/honeypy) A simple web app honeypot project which leverages SimpleHTTPServer and has a classic theme from the 80's
- [**6**星][3y] [weboide/esp8266-wifi-honeypot](https://github.com/weboide/esp8266-wifi-honeypot) ESP8266 wifi honeypot
- [**6**星][5y] [PHP] [nathanpitman/honeypot.ext.ee_addon](https://github.com/nathanpitman/honeypot.ext.ee_addon) Helps to limit spam submissions through native comment forms and popular add-ons such as "Solspace User", "Solspace Freeform" and "Expresso FreeMember" by testing against a field that should not be completed, a honeypot.
- [**5**星][2y] [PHP] [devarjhay/honeypot](https://github.com/devarjhay/honeypot) A simple spam protection for Laravel 5.4 and up.
- [**5**星][2y] [Go] [fnzv/yafh](https://github.com/fnzv/yafh) Yet Another Fake Honeypot written in Go
- [**5**星][3y] [Go] [sec51/honeymail](https://github.com/sec51/honeymail) SMTP honeypot written in Golang
- [**5**星][10m] [C] [sjinks/mysql-honeypotd](https://github.com/sjinks/mysql-honeypotd) Low interaction MySQL honeypot written in C
- [**5**星][3y] [Py] [xiaoxiaoleo/honeymysql](https://github.com/xiaoxiaoleo/honeymysql) A simple Mysql honeypot project
- [**5**星][1y] [Py] [gmr/httpbl](https://github.com/gmr/httpbl) Python client library for the project-honeypot.org Http:BL API
- [**4**星][3y] [govolution/honeypotwordlist](https://github.com/govolution/honeypotwordlist) containing all passwords sorted and unique smtpcredentials.txt -> all snmp credentials is user:password format, sorted and unique
- [**4**星][1y] [CSS] [lcashdol/wapot](https://github.com/lcashdol/wapot) A honeypot that can be used to observe traffic directed at home routers.
- [**4**星][5y] [Perl] [pentestpartners/honeypot-scripts](https://github.com/pentestpartners/honeypot-scripts) Honeypot support scripts
- [**4**星][9y] [C] [rvermeulen/argos](https://github.com/rvermeulen/argos) Advertised honeypot with operating system wide dynamic taint tracking
- [**4**星][2y] [shbhmsingh72/honeypot-research-papers](https://github.com/shbhmsingh72/honeypot-research-papers)
- [**3**星][3y] [gianluca_students/gmail-honeypot](https://bitbucket.org/gianluca_students/gmail-honeypot) This is the infrastructure we developed to instrument and monitor honey accounts, as presented in the paper below.
- [**3**星][5y] [Py] [csirtgadgets/csirtg-honeypot](https://github.com/csirtgadgets/csirtg-honeypot) Twisted based HoneyPot for WhiteFace
- [**3**星][11m] [Py] [cyb3r3x3r/chanakya](https://github.com/cyb3r3x3r/chanakya) Scan websites for multiple things like honeypot, whois , port scan etc...
- [**3**星][2y] [Java] [helospark/tomcat-manager-honeypot](https://github.com/helospark/tomcat-manager-honeypot) Honeypot that mimics Tomcat manager endpoints. Logs requests and saves attacker's WAR file for later study
- [**3**星][4y] [Py] [mrtc0/honeylog2016](https://github.com/mrtc0/honeylog2016) Honeypot log 2016
- [**3**星][3y] [Groovy] [schmalle/honeyalarmg2](https://github.com/schmalle/honeyalarmg2) Simplified UI for showing honeypot alarms
- [**3**星][5y] [Py] [securitytw/delilah](https://github.com/securitytw/delilah) a honeypot system inspired by Jordan Wright’s Elastichoney
- [**3**星][3y] [PHP] [heiglandreas/orgheiglcontact](https://github.com/heiglandreas/orgheiglcontact) A Contact-Module for ZendFramework3 with honeypot-protection
- [**2**星][2m] [Py] [jwxa2015/mongodb-honeyproxypy](https://github.com/jwxa2015/mongodb-honeyproxypy) 一个mongoDB的代理蜜罐
- [**2**星][2y] [Go] [sahilm/hived](https://github.com/sahilm/hived) hived is a honeypot
- [**2**星][2y] [PHP] [slober3/pothead](https://github.com/slober3/pothead) A simple lightweight packet for creating a minimal interaction honeypot
- [**2**星][2y] [Py] [xlfe/cowrie2neo](https://github.com/xlfe/cowrie2neo) Parse cowrie honeypot logs into a neo4j database
- [**2**星][3y] [C#] [jlchntoz/ransomhoneypot](https://github.com/jlchntoz/ransomhoneypot) Experimental program for detecting if any ransomware is attacking your files
- [**1**星][2y] [Py] [ajackal/arctic-swallow](https://github.com/ajackal/arctic-swallow) a low interaction honeypot.
- [**1**星][2y] [Perl] [batchmcnulty/malbait](https://github.com/batchmcnulty/malbait) Simple TCP/UDP honeypot implemented in Perl
- [**1**星][4y] [PHP] [govcert-cz/wordpot-frontend](https://github.com/govcert-cz/wordpot-frontend) a full featured script to visualize statistics from a Wordpot honeypot.
- [**1**星][4y] [PHP] [jadb/honeypot](https://github.com/jadb/honeypot) The Project Honey Pot un-official PHP SDK
- [**1**星][11y] [C] [provos/honeyd](https://github.com/provos/honeyd)
- [**1**星][7y] [PHP] [ph-7/honeypots](https://github.com/ph-7/honeypots) an example of using honeypots with a Standalone model and a model with the Joomla CMS
- [**0**星][3m] [C] [akagisho/multi-honeypot-ansible](https://github.com/akagisho/multi-honeypot-ansible) Set up various honeypot servers.
- [**0**星][4y] [PHP] [govcert-cz/shockpot-frontend](https://github.com/govcert-cz/shockpot-frontend) a full featured script to visualize statistics from a Shockpot honeypot.
- [**0**星][5y] [Perl] [katkad/glastopf-analytics](https://github.com/katkad/glastopf-analytics) easy honeypot statistics
- [**0**星][2y] [w3ttr3y/ta-mhn-wet](https://github.com/w3ttr3y/ta-mhn-wet) WET's Modern Honeypot Network Technology Add-on for Splunk

***

## 收集

- [**3796**星][16d] [Py] [paralax/awesome-honeypots](https://github.com/paralax/awesome-honeypots) an awesome list of honeypot resources
- [**135**星][2y] [thec00n/smart-contract-honeypots](https://github.com/thec00n/smart-contract-honeypots) 智能合约蜜罐收集
- [**47**星][9m] [turing-chain/honeypots-on-blockchain](https://github.com/turing-chain/honeypots-on-blockchain) This repo collects almost all the smart contract honeypots that you could find in the first three pages of Google search.
- [**11**星][1y] [hackinfinity/honey-pots-](https://github.com/hackinfinity/honey-pots-) My collection of Honeypot resources
- [**4**星][7m] [gexos/malrepo](https://github.com/gexos/malrepo) A collection of malware samples caught by DIONAEA Honeypot

***

## SSH&&Telnet

- [**2956**星][18d] [Py] [cowrie/cowrie](https://github.com/cowrie/cowrie) 中型/交互型 SSH/Telnet 蜜罐,
- [**1238**星][3y] [Py] [desaster/kippo](https://github.com/desaster/kippo) Kippo - SSH Honeypot
- [**962**星][3y] [Go] [jaksi/sshesame](https://github.com/jaksi/sshesame) A fake SSH server that lets everyone in and logs their activity
- [**281**星][1m] [C] [droberson/ssh-honeypot](https://github.com/droberson/ssh-honeypot) Fake sshd that logs ip addresses, usernames, and passwords.
- [**196**星][3y] [C] [robertdavidgraham/telnetlogger](https://github.com/robertdavidgraham/telnetlogger) Simulates enough of a Telnet connection in order to log failed login attempts.
- [**190**星][2m] [Py] [phype/telnet-iot-honeypot](https://github.com/phype/telnet-iot-honeypot) Python telnet honeypot for catching botnet binaries
- [**154**星][3y] [C] [x0rz/ssh-honeypot](https://github.com/x0rz/ssh-honeypot) Fake sshd that logs ip addresses, usernames, and passwords.
- [**146**星][2y] [Go] [magisterquis/sshhipot](https://github.com/magisterquis/sshhipot) High-interaction MitM SSH honeypot
- [**125**星][10m] [Py] [stamparm/hontel](https://github.com/stamparm/hontel) Telnet Honeypot
- [**124**星][3y] [PHP] [ikoniaris/kippo-graph](https://github.com/ikoniaris/kippo-graph) Visualize statistics from a Kippo SSH honeypot
- [**107**星][1y] [Py] [ohmyadd/wetland](https://github.com/ohmyadd/wetland) A high interaction SSH honeypot
- [**100**星][3y] [Py] [ncouture/mockssh](https://github.com/ncouture/mockssh) Mock an SSH server and define all commands it supports (Python, Twisted)
- [**93**星][3y] [Py] [cymmetria/mtpot](https://github.com/cymmetria/mtpot) Open Source Telnet Honeypot
- [**79**星][10m] [Go] [mkishere/sshsyrup](https://github.com/mkishere/sshsyrup) A low-to-medium interaction SSH Honeypot with features to capture terminal activity and upload to asciinema.org
- [**74**星][3y] [Py] [compoterhacker/mehrai](https://github.com/compoterhacker/mehrai) docker based telnet honeypot
- [**55**星][2y] [Shell] [lanjelot/twisted-honeypots](https://github.com/lanjelot/twisted-honeypots) SSH, FTP and Telnet honeypots based on Twisted
- [**44**星][5y] [Py] [andrew-morris/kippo_detect](https://github.com/andrew-morris/kippo_detect) Quick proof of concept to detect a Kippo SSH honeypot instance externally
- [**38**星][5y] [Py] [internetwache/ssh-honeypot](https://github.com/internetwache/ssh-honeypot) Simple SSH Honeypot in Python
- [**37**星][4y] [Py] [fabio-d/honeypot](https://github.com/fabio-d/honeypot) Honeypot that emulates several protocols (incl. SSH, telnet, SMTP, HTTP, SSL and SIP)
- [**36**星][5y] [Go] [traetox/sshforshits](https://github.com/traetox/sshforshits) framework for a high interaction SSH honeypot
- [**36**星][1y] [Go] [joshrendek/hnypots-agent](https://github.com/joshrendek/hnypots-agent) A SSH Server in Go that logs username/password combos
- [**33**星][5y] [Ruby] [madirish/kojoney2](https://github.com/madirish/kojoney2) Kojoney2 is a low interaction SSH honeypot written in Python. Based on Kojoney by Jose Antonio Coret
- [**31**星][4y] [Py] [basilfx/kippo-extra](https://github.com/basilfx/kippo-extra) Set of extra commands for kippo, the SSH honeypot daemon
- [**31**星][5y] [Go] [fzerorubigd/go0r](https://github.com/fzerorubigd/go0r) A simple ssh honeypot in golang
- [**29**星][1y] [Go] [netxfly/docker_ssh_honeypot](https://github.com/netxfly/docker_ssh_honeypot) 安全开发教学 - 用Docker制作一个高交互ssh蜜罐
- [**24**星][3y] [C] [te-k/openssh-backdoor](https://github.com/te-k/openssh-backdoor) Openssh backdoor found with a ssh honeypot
- [**21**星][6y] [Py] [ikoniaris/kippo-malware](https://github.com/ikoniaris/kippo-malware) Download all malicious files from a Kippo SSH honeypot database
- [**20**星][2y] [Py] [czardoz/hornet](https://github.com/czardoz/hornet) SSH Multipot
- [**20**星][4m] [C] [lnslbrty/potd](https://github.com/lnslbrty/potd) A high scalable low to medium interactive SSH/TCP honeypot using Linux Namespaces, capabilities, seccomp, cgroups designed for OpenWrt and IoT devices.
- [**19**星][9y] [Perl] [mfontani/kippo-stats](https://github.com/mfontani/kippo-stats) Mojolicious app to display statistics for your kippo SSH honeypot
- [**18**星][6y] [Go] [mdp/honeypot.go](https://github.com/mdp/honeypot.go) SSH Honeypot written in Go
- [**17**星][1y] [C] [amv42/sshd-honeypot](https://github.com/amv42/sshd-honeypot) a modified version of the OpenSSH deamon that forwards commands to Cowrie where all commands are interpreted and returned
- [**17**星][3y] [Go] [ashmckenzie/go-sshoney](https://github.com/ashmckenzie/go-sshoney) SSH Honeypot
- [**17**星][10m] [Go] [fffaraz/fakessh](https://github.com/fffaraz/fakessh) A dockerized fake SSH server honeypot written in Go that logs login attempts.
- [**17**星][3y] [Go] [pandipanda69/my-little-honeypot](https://github.com/pandipanda69/my-little-honeypot) This repository aims to show how easy it is to code a telnet honeypot in order to recovering IOT malwares, and thus, active Command & Control.
- [**15**星][5m] [Dockerfile] [random-robbie/docker-ssh-honey](https://github.com/random-robbie/docker-ssh-honey) SSH Honey pot for docker
- [**10**星][2y] [Go] [magisterquis/sshlowpot](https://github.com/magisterquis/sshlowpot) Yet another no-frills low-interaction ssh honeypot in Go.
- [**9**星][7y] [Py] [jedie/django-kippo](https://github.com/jedie/django-kippo) Django App for kippo SSH Honeypot:
- [**9**星][6y] [Go] [paulmaddox/gohoney](https://github.com/paulmaddox/gohoney) A SSH honeypot written in Go
- [**7**星][3y] [Go] [ppacher/honeyssh](https://github.com/ppacher/honeyssh) A credential dumping SSH honeypot with statistics
- [**6**星][1y] [C] [tomwillfixit/honeypot](https://github.com/tomwillfixit/honeypot) Simple honeypot to log ssh connections
- [**5**星][2y] [Go] [justinazoff/ssh-auth-logger](https://github.com/justinazoff/ssh-auth-logger) A low/zero interaction ssh authentication logging honeypot
- [**5**星][1y] [C] [sjinks/ssh-honeypotd](https://github.com/sjinks/ssh-honeypotd) A low-interaction SSH honeypot written in C
- [**3**星][10d] [Py] [morian/blacknet](https://github.com/morian/blacknet) Multi-head SSH honeypot system.
- [**2**星][20d] [Go] [wisepythagoras/honeyshell](https://github.com/wisepythagoras/honeyshell) An SSH honeypot based on the libssh library written entirely in Go.
- [**2**星][4y] [JS] [joss-steward/honeypotdisplay](https://github.com/joss-steward/honeypotdisplay) A flask website which displays data I've gathered with my SSH Honeypot
- [**2**星][20d] [Go] [wisepythagoras/honeyshell](https://github.com/wisepythagoras/honeyshell) An SSH honeypot based on the libssh library written entirely in Go.
- [**1**星][8m] [Tcl] [cryptix720/hudinx](https://github.com/cryptix720/hudinx) Hudinx is a tiny interaction SSH honeypot engineered in Python to log brute force attacks and, most importantly, the entire shell interaction performed by the attacker.
- [**0**星][4y] [C#] [balte/telnethoney](https://github.com/balte/telnethoney) A simple telnet honeypot

***

## Docker

- [**1341**星][1m] [C] [dtag-dev-sec/tpotce](https://github.com/dtag-dev-sec/tpotce) 创建多蜜罐平台T-Pot ISO 镜像
- [**141**星][3y] [JS] [atiger77/dionaea](https://github.com/atiger77/dionaea) 基于Docker的蜜罐系统
- [**128**星][5y] [Shell] [mrschyte/dockerpot](https://github.com/mrschyte/dockerpot) A docker based honeypot.
- [**60**星][8m] [HTML] [dustyfresh/honeypress](https://github.com/dustyfresh/honeypress) python based WordPress honeypot in a docker container
- [**23**星][2y] [Shell] [mattcarothers/mhn-core-docker](https://github.com/mattcarothers/mhn-core-docker) Core elements of the Modern Honey Network implemented in Docker
- [**19**星][5m] [Shell] [philcryer/prickly-pete](https://github.com/philcryer/prickly-pete) A script using Docker to quickly bring up some honeypots exposing 16 services. For research, reconnaissance, and fun. (DISCLAIMER may not be fun, not to be taken internally, aim away from face)
- [**17**星][5y] [Shell] [sreinhardt/docker-honeynet](https://github.com/sreinhardt/docker-honeynet) Docker configs and build scripts.
- [**15**星][5y] [Shell] [andrewmichaelsmith/manuka](https://github.com/andrewmichaelsmith/manuka) Docker based honeypot (Dionaea & Kippo)
- [**6**星][4y] [Shell] [xme/dshield-docker](https://github.com/xme/dshield-docker) Docker container running cowrie with DShield output enabled.

***

## 部署

- [**435**星][3y] [Py] [secureworks/dcept](https://github.com/secureworks/dcept) A tool for deploying and detecting use of Active Directory honeytokens
- [**230**星][10m] [Py] [honeynet/beeswarm](https://github.com/honeynet/beeswarm) Honeypot deployment made easy
- [**39**星][3y] [Ruby] [fsecurelabs/honeypot_recipes](https://github.com/FSecureLABS/honeypot_recipes) A chef cookbook which can be used to quickly deploy a high interaction honeypot, using the sysdig and falco tools
- [**8**星][1y] [Shell] [foospidy/honeyminer](https://github.com/foospidy/honeyminer) Deploy a honeypot and a crypto currency miner together, so sweet.
- [**3**星][4y] [Shell] [ziemeck/bifrozt-ansible](https://github.com/ziemeck/bifrozt-ansible) Automatic deploy bifrozt with ansible. ALPHA

***

## Wordpress

- [**135**星][1y] [CSS] [gbrindisi/wordpot](https://github.com/gbrindisi/wordpot) A Wordpress Honeypot
- [**23**星][2y] [PHP] [freak3dot/wp-smart-honeypot](https://github.com/freak3dot/wp-smart-honeypot) Wordpress plugin to reduce comment spam with a smarter honeypot.
- [**19**星][4y] [PHP] [martiningesen/honnypotter](https://github.com/martiningesen/honnypotter) WordPress Honeypot
- [**1**星][4y] [PHP] [softwareagenten/wordpress-login-honeypot](https://github.com/softwareagenten/wordpress-login-honeypot) Fake Wordpress login- and register-page for tracking bot behavior.
- [**0**星][6y] [no3x/wp-login-honeypot](https://github.com/no3x/wp-login-honeypot) A honeypot for wordpress login.php that blacklists all clients accessing it.

# 文章

***

## 新添加

- 2019.12 [HackersOnBoard] [DEF CON 27 - Bernhard Mueller - The Ether Wars Exploits counter-exploits and honeypots on Ethereum](https://www.youtube.com/watch?v=dxFJ36EUM6Y)
- 2019.12 [freebuf] [HFish蜜罐使用心得](https://www.freebuf.com/vuls/220646.html)
- 2019.10 [freebuf] [基于开源蜜罐的实践与功能扩展](https://www.freebuf.com/sectool/217256.html)
- 2019.10 [PositiveTechnologies] [Active defense using Honeypots v2](https://www.youtube.com/watch?v=cfBB0GI5QzU)
- 2019.09 [aliyun] [An Accidental SSRF Honeypot in Google Calendar](https://xz.aliyun.com/t/6327)
- 2019.08 [freebuf] [开源蜜罐测评报告](https://www.freebuf.com/articles/paper/207739.html)
- 2019.08 [freebuf] [HFish:企业安全测试主动攻击型蜜罐钓鱼框架系统](https://www.freebuf.com/sectool/210318.html)
- 2019.07 [freebuf] [在Kubernetes中创建与部署蜜罐](https://www.freebuf.com/articles/network/208895.html)
- 2019.07 [freebuf] [SSH浅析与蜜罐搭建](https://www.freebuf.com/articles/database/206880.html)
- 2019.06 [arxiv] [[1906.12182] Adaptive Honeypot Engagement through Reinforcement Learning of Semi-Markov Decision Processes](https://arxiv.org/abs/1906.12182)
- 2019.06 [vanimpe] [Feed honeypot data to MISP for blocklist and RPZ creation](https://www.vanimpe.eu/2019/06/17/feed-honeypot-data-to-misp-for-blocklist-and-rpz-creation/)
- 2019.06 [apriorit] [Creating and Deploying Honeypots in Kubernetes](https://www.apriorit.com/dev-blog/619-web-cybersecurity-honeypots-in-kubernetes)
- 2019.05 [arxiv] [[1905.13254] SDN-based In-network Honeypot: Preemptively Disrupt and Mislead Attacks in IoT Networks](https://arxiv.org/abs/1905.13254)
- 2019.05 [hackerfactor] [Building a Basic Honeypot](http://hackerfactor.com/blog/index.php?/archives/841-Building-a-Basic-Honeypot.html)
- 2019.05 [freebuf] [代理蜜罐的开发与应用实战](https://www.freebuf.com/articles/network/202310.html)
- 2019.03 [hackingarticles] [Threat Detection for your Network using Kfsensor Honeypot](https://www.hackingarticles.in/threat-detection-for-your-network-using-kfsensor-honeypot/)
- 2019.03 [freebuf] [个人蜜罐Cowrie的运营分析](https://www.freebuf.com/articles/network/197714.html)
- 2019.03 [aliyun] [区块链安全—一则蜜罐DAPP欺骗手段分析](https://xz.aliyun.com/t/4367)
- 2019.03 [freebuf] [从零编写一个自己的蜜罐系统](https://www.freebuf.com/articles/es/196525.html)
- 2019.02 [talosintelligence] [Cisco Talos Honeypot Analysis Reveals Rise in Attacks on Elasticsearch Clusters](https://blog.talosintelligence.com/2019/02/cisco-talos-honeypot-analysis-reveals.html)
- 2019.02 [arxiv] [[1902.06976] The Art of The Scam: Demystifying Honeypots in Ethereum Smart Contracts](https://arxiv.org/abs/1902.06976)
- 2019.02 [aliyun] [区块链安全—守株待兔的蜜罐合约(二)](https://xz.aliyun.com/t/4070)
- 2019.02 [trustedsec] [Adventures of an RDP Honeypot – Part Three: Creation of an RDP Honeypot](https://www.trustedsec.com/2019/02/adventures-of-an-rdp-honeypot-part-three-creation-of-an-rdp-honeypot/)
- 2019.01 [trustedsec] [Adventures of an RDP Honeypot – Part Two: Know Your Enemy](https://www.trustedsec.com/2019/01/adventures-of-an-rdp-honeypot-part-two-know-you-enemy/)
- 2019.01 [aliyun] [区块链安全—守株待兔的蜜罐合约](https://xz.aliyun.com/t/3963)
- 2019.01 [trustedsec] [Adventures of an RDP Honeypot – Part One: RDP Security](https://www.trustedsec.com/2019/01/adventures-of-an-rdp-honeypot-part-one-rdp-security/)
- 2019.01 [guardicore] [What’s the Difference Between a High Interaction Honeypot and a Low Interaction Honeypot?](https://www.guardicore.com/2019/1/high-interaction-honeypot-versus-low-interaction-honeypot/)
- 2019.01 [sans] [Using ICS/SCADA Honeypots - the right way!](https://www.sans.org/cyber-security-summit/archives/file/summit_archive_1562060073.pdf)
- 2018.12 [8090] [非常棒的黑克 hacker 工具包软件 大全下载(无线嗅探,蜜罐,TCP代理,扫描工具,nmap模块,UNIX后门程序)](http://www.8090-sec.com/archives/12052)
- 2018.12 [Kaspersky] [A Framework For Fingerprinting ICS Honeypot](https://www.youtube.com/watch?v=7EWSrGnFEEM)
- 2018.11 [infosecinstitute] [Honeypots in the Cloud](https://resources.infosecinstitute.com/honeypots-in-the-cloud/)
- 2018.11 [bruteforcelab] [HNW2015 – Lukas Rist – ICS Honeypot Deployment Strategies and Technologies](https://bruteforcelab.com/hnw2015-lukas-rist-ics-honeypot-deployment-strategies-and-technologies.html)
- 2018.11 [DEFCONConference] [DEF CON 26 RECON VILLAGE - Undisclosed - Targeted User Analytics and Human Honeypots](https://www.youtube.com/watch?v=K6LJnr29JPo)
- 2018.10 [nishanmaharjan17] [Detecting Honeypots](https://medium.com/p/2735c48c84c6)
- 2018.10 [pediy] [[翻译]蜜罐搭建以及样本处理](https://bbs.pediy.com/thread-247535.htm)
- 2018.10 [guardicore] [Using Dynamic Honeypot Cyber Security: What Do I Need to Know?](https://www.guardicore.com/2018/10/dynamic-honeypot-cyber-security/)
- 2018.09 [HackerSploit] [Canarytokens - Honeypots Made Easy](https://www.youtube.com/watch?v=14YuyMkfB9Q)
- 2018.09 [nsfocus] [金融行业微蜜罐系统应用思考](http://blog.nsfocus.net/application-micro-honeypot-system-financial-industry/)
- 2018.09 [apriorit] [Honeypots as a Method of Malware Detection](https://www.apriorit.com/dev-blog/568-honeypots-for-malware-detection)
- 2018.09 [hitbsecconf] [#HITBGSEC 2018 COMMSEC: Learning How To Smurf With Honeypots - Emil Tan](https://www.youtube.com/watch?v=g3qDCv0Hy50)
- 2018.09 [infosecinstitute] [What is a Honey Pot?](https://resources.infosecinstitute.com/what-is-a-honey-pot/)
- 2018.09 [4hou] [如何搭建一个开源的蜜罐环境](http://www.4hou.com/technology/13623.html)
- 2018.09 [infosecinstitute] [Hotspot Honeypot](https://resources.infosecinstitute.com/hotspot-honeypot/)
- 2018.08 [secplicity] [What’s the Difference Between Security Deception, Sandboxing and Honeypots?](https://secplicity.org/2018/08/29/whats-the-difference-between-security-deception-sandboxing-and-honeypots/)
- 2018.08 [knownsec] [以太坊蜜罐智能合约分析](http://blog.knownsec.com/2018/08/%e4%bb%a5%e5%a4%aa%e5%9d%8a%e8%9c%9c%e7%bd%90%e6%99%ba%e8%83%bd%e5%90%88%e7%ba%a6%e5%88%86%e6%9e%90/)
- 2018.08 [venus] [一种利用 etherscan.io 缺陷的智能合约蜜罐](https://paper.seebug.org/671/)
- 2018.08 [4hou] [利用蜜罐从恶意网站中找出检测绕过代码](http://www.4hou.com/technology/13029.html)
- 2018.08 [freebuf] [基于Docker的蜜罐平台搭建:T-Pot 17.10](http://www.freebuf.com/sectool/178998.html)
- 2018.08 [sans] [My Honeypot is Trendy, My Honeypot is Unpopular](https://isc.sans.edu/forums/diary/My+Honeypot+is+Trendy+My+Honeypot+is+Unpopular/23950/)
- 2018.08 [stealthbits] [Deploying Pass-the-Hash Honeypots](https://blog.stealthbits.com/deploying-pass-the-hash-honeypots/)
- 2018.07 [freebuf] [如何设置自己的Dionaea蜜罐来收集恶意软件样本](http://www.freebuf.com/articles/system/177577.html)
- 2018.07 [360] [分析一个有趣的蜜罐合约](https://www.anquanke.com/post/id/153109/)
- 2018.07 [stealthbits] [使用蜜罐检测 Pass-the-Hash 攻击](https://blog.stealthbits.com/detecting-pass-the-hash-honeypots/)
- 2018.07 [360] [如何搭建一套自己的蜜罐系统来收集恶意软件样本](https://www.anquanke.com/post/id/151638/)
- 2018.07 [aliyun] [如何搭建自己的蜜罐系统收集恶意软件样本](https://xz.aliyun.com/t/2439)
- 2018.07 [arxiv] [[1807.04114] ThingPot: an interactive Internet-of-Things honeypot](https://arxiv.org/abs/1807.04114)
- 2018.06 [venus] [以太坊蜜罐智能合约分析](https://paper.seebug.org/631/)
- 2018.06 [labs] [Honeypot-based Monitoring of Amplification DDoS Attacks](https://labs.ripe.net/Members/johannes_krupp/honeypot-based-monitoring-of-amplification-ddos-attacks)
- 2018.06 [DemmSec] [Setting Up HoneyPots and Creating a Threat Map](https://www.youtube.com/watch?v=vUj9W0w7MdA)
- 2018.05 [fidelissecurity] [From Honeypots to Active Deception Defenses](https://www.fidelissecurity.com/threatgeek/2018/05/honeypots-active-deception-defenses)
- 2018.04 [arxiv] [[1804.09988] A security approach based on honeypots: Protecting Online Social network from malicious profiles](https://arxiv.org/abs/1804.09988)
- 2018.04 [SecurityBender] [Building a real world web honeypot for CVE-2019–6340 (RCE in Drupal core)](https://medium.com/p/f4240f989c3f)
- 2018.04 [4hou] [蜜罐捕捉恶意软件样本溯源分析](http://www.4hou.com/technology/11012.html)
- 2018.04 [alexkras] [Crunching Honeypot IP Data with Pandas and Python](https://www.alexkras.com/crunching-honeypot-ip-data-with-pandas-and-python/)
- 2018.04 [mradz350] [A Whole Lot of Honey(pots): Cross-Continent Honeypot Analysis](https://medium.com/p/84d4257d532d)
- 2018.03 [sosly] [蜜罐与内网安全从0到1(七)](https://sosly.me/index.php/2018/03/22/jymiguan7/)
- 2018.03 [sosly] [蜜罐与内网安全从0到1(六)](https://sosly.me/index.php/2018/03/21/jymiguan6/)
- 2018.03 [sosly] [蜜罐与内网安全从0到1(五)](https://sosly.me/index.php/2018/03/20/jymiguan5/)
- 2018.03 [infosecaddicts] [Low level of interaction honeypots](https://infosecaddicts.com/low-level-of-interaction-honeypots/)
- 2018.03 [infosecaddicts] [What are the levels of interactions in honeypots?](https://infosecaddicts.com/honeypots-interaction-levels/)
- 2018.02 [HITCON] [[HITCON CMT 2017] R0D205 - Tan Kean Siong - What happened to my 18 months IoT honeypot](https://www.youtube.com/watch?v=xHrxWo8rLdo)
- 2018.01 [aliyun] [蜜罐与内网安全从0到1(五)](https://xz.aliyun.com/t/1955)
- 2018.01 [aliyun] [企业安全建设—模块化蜜罐平台的设计思路与想法](https://xz.aliyun.com/t/1885)
- 2018.01 [4hou] [以溯源为目的蜜罐系统建设](http://www.4hou.com/technology/9687.html)
- 2018.01 [sysdig] [Fishing for Miners – Cryptojacking Honeypots in Kubernetes](https://sysdig.com/blog/detecting-cryptojacking/)
- 2017.12 [freebuf] [腾讯蜜罐系统捕获高危IoT蠕虫Okiru](http://www.freebuf.com/articles/paper/158464.html)
- 2017.12 [alienvault] [Explain How Honeypots Work to Me](https://www.alienvault.com/blogs/security-essentials/explain-how-honeypots-work-to-me)
- 2017.12 [aliyun] [蜜罐与内网安全从0到1(四)](https://xz.aliyun.com/t/1730)
- 2017.11 [sosly] [蜜罐与内网安全从0到1(四)](https://sosly.me/index.php/2017/11/15/jymiguan4/)
- 2017.11 [4hou] [创建AD蜜罐账号居然有防御的功效?](http://www.4hou.com/web/8453.html)
- 2017.10 [zeltser] [Establishing a Decoy Honeypot Persona](https://zeltser.com/the-notion-of-a-honeypot-persona/)
- 2017.10 [aliyun] [蜜罐与内网安全从0到1(三)](https://xz.aliyun.com/t/996)
- 2017.10 [aliyun] [蜜罐与内网安全从0到1(二)](https://xz.aliyun.com/t/997)
- 2017.10 [aliyun] [蜜罐与内网安全从0到1(一)](https://xz.aliyun.com/t/998)
- 2017.10 [Cooper] [Hack.lu 2017 Randori, a low interaction honeypot with a vengeance by Bouke van Laethem](https://www.youtube.com/watch?v=-i1cyxTa8AM)
- 2017.10 [sosly] [蜜罐与内网安全从0到1(三)](https://sosly.me/index.php/2017/10/15/jymiguan3/)
- 2017.10 [executemalware] [Minimalist Honeypots](http://executemalware.com/?p=448)
- 2017.09 [freebuf] [蜜罐背后的影子系统探秘](http://www.freebuf.com/articles/web/147892.html)
- 2017.09 [ixiacom] [From Honeypot to Hacker Toolkit – a Threat Intelligence Story](https://www.ixiacom.com/company/blog/honeypot-hacker-toolkit-%E2%80%93-threat-intelligence-story)
- 2017.09 [sosly] [蜜罐与内网安全从0到1(二)](https://sosly.me/index.php/2017/09/05/jymiguan2/)
- 2017.08 [freebuf] [基于Paramiko的高交互SSH蜜罐](http://www.freebuf.com/sectool/145527.html)
- 2017.08 [freebuf] [YY安全中心的“蜜罐技术”应用实践](http://www.freebuf.com/articles/network/145691.html)
- 2017.08 [sosly] [蜜罐与内网安全从0到1(一)](https://sosly.me/index.php/2017/08/23/goldenspark1/)
- 2017.08 [trustfoundry] [HoneyPi – An easy honeypot for a Raspberry Pi](https://trustfoundry.net/honeypi-easy-honeypot-raspberry-pi/)
- 2017.08 [ly0n] [Collect Windows malware/threat intelligence with dionaea honeypot / PeStudio](http://ly0n.me/2017/08/17/collect-windows-malwarethreat-intelligence-with-cowrie-honeypot-pestudio/)
- 2017.08 [ly0n] [Collect Windows malware/threat intelligence with dionaea honeypot / PeStudio](https://paumunoz.tech/2017/08/17/collect-windows-malwarethreat-intelligence-with-cowrie-honeypot-pestudio/)
- 2017.08 [ly0n] [Collect Linux malware/threat intelligence with cowrie honeypot](http://ly0n.me/2017/08/16/collect-linux-malwarethreat-intelligence-with-cowrie-honeypot/)
- 2017.08 [ly0n] [Collect Linux malware/threat intelligence with cowrie honeypot](https://paumunoz.tech/2017/08/16/collect-linux-malwarethreat-intelligence-with-cowrie-honeypot/)
- 2017.08 [360] [浅析无线Wifi-Honeypot思路](https://www.anquanke.com/post/id/86601/)
- 2017.08 [sans] [Using a Raspberry Pi honeypot to contribute data to DShield/ISC](https://isc.sans.edu/forums/diary/Using+a+Raspberry+Pi+honeypot+to+contribute+data+to+DShieldISC/22680/)
- 2017.07 [sans] [TinyPot, My Small Honeypot](https://isc.sans.edu/forums/diary/TinyPot+My+Small+Honeypot/22654/)
- 2017.07 [aliyun] [【译】重踏蜜罐可视化之旅](https://xz.aliyun.com/t/116)
- 2017.07 [sosly] [基于MHN开源项目的树莓派蜜罐节点部署实战](https://sosly.me/index.php/2017/07/11/mhndionaea/)
- 2017.07 [executemalware] [蜜罐可视化回顾](http://executemalware.com/?p=355)
- 2017.06 [arxiv] [[1706.08043] Honeypots for employee information security awareness and education training: A conceptual EASY training model](https://arxiv.org/abs/1706.08043)
- 2017.06 [securelist] [Honeypots and the Internet of Things](https://securelist.com/honeypots-and-the-internet-of-things/78751/)
- 2017.06 [SecurityBender] [Building a malware research and honeypot lab from scratch](https://medium.com/p/b0b8763cff37)
- 2017.06 [] [【技术分享】从蜜罐数据到SSH蜜罐的典型攻击分析](http://www.91ri.org/17127.html)
- 2017.06 [360] [从蜜罐数据到SSH蜜罐的典型攻击分析](https://www.anquanke.com/post/id/86195/)
- 2017.05 [jerrygamblin] [Build Your Own Honeypot Network In Under An Hour](https://jerrygamblin.com/2017/05/29/build-your-own-honeypot-network-in-under-an-hour/)
- 2017.05 [benkowlab] [如何创建蜜罐监控 SMB 流量,以及自动自动抓取 WannaCry 样本](https://benkowlab.blogspot.com/2017/05/feedback-on-how-to-build-smb-honeypot.html)
- 2017.05 [n0where] [Low Interaction Honeypot: honeytrap](https://n0where.net/low-interaction-honeypot-honeytrap)
- 2017.05 [freebuf] [构建一个高交互型的难以发现的蜜罐](http://www.freebuf.com/sectool/135032.html)
- 2017.05 [freebuf] [T-Pot多蜜罐平台:让蜜罐实现更简单](http://www.freebuf.com/sectool/134504.html)
- 2017.05 [freebuf] [刚刚当选法国总统的Macron,被曝竞选团队利用“蜜罐账号”欺骗俄罗斯黑客](http://www.freebuf.com/news/134434.html)
- 2017.05 [alienvault] [How Honeypots Work: Things that Go Bump in the Network](https://www.alienvault.com/blogs/security-essentials/how-honeypots-work-things-that-go-bump-in-the-network)
- 2017.05 [n0where] [Multi-Honeypot Platform: T-Pot](https://n0where.net/multi-honeypot-platform)
- 2017.04 [arxiv] [[1704.05357] Enabling an Anatomic View to Investigate Honeypot Systems: A Survey](https://arxiv.org/abs/1704.05357)
- 2017.04 [myonlinesecurity] [Setting up an email honeypot spamtrap, malware, malspam trap.](https://myonlinesecurity.co.uk/setting-up-an-email-honeypot-spamtrap-malware-malspam-trap/)
- 2017.03 [ixiacom] [Apache Struts Honeypot Scanning](https://www.ixiacom.com/company/blog/apache-struts-honeypot-scanning)
- 2017.03 [lightless] [基于docker的蜜罐系统设计](https://lightless.me/archives/docker-honeypot.html)
- 2017.03 [4hou] [Kerberoast攻击检测之服务账户蜜罐](http://www.4hou.com/technology/3764.html)
- 2017.03 [executemalware] [再谈蜜罐](http://executemalware.com/?p=302)
- 2017.03 [freebuf] [Mariadb蜜罐:用改造过的服务端攻击客户端](http://www.freebuf.com/sectool/128947.html)
- 2017.03 [sans] [Honeypot Logs and Tracking a VBE Script](https://isc.sans.edu/forums/diary/Honeypot+Logs+and+Tracking+a+VBE+Script/22177/)
- 2017.03 [korznikov] [sudo.co.il - Nopernik's Attacking Honeypot. ("NAH") или нах!](http://www.korznikov.com/2017/03/sudocoil-noperniks-attacking-honeypot.html)
- 2017.02 [freebuf] [大话蜜罐日志分析](http://www.freebuf.com/articles/web/126340.html)
- 2017.02 [plcscan] [SCADACS-面向工业控制系统的高交互蜜罐](http://plcscan.org/blog/2017/02/towards-highly-interactive-honeypots-for-industrial-control-systems/)
- 2017.02 [adsecurity] [Detecting Kerberoasting Activity Part 2 – Creating a Kerberoast Service Account Honeypot](https://adsecurity.org/?p=3513)
- 2017.01 [cyberisk] [From Honeypot/Honeynet to Deception Solutions](https://www.cyberisk.biz/from-honeypot-honeynet-to-deception-solutions/)
- 2017.01 [dadario] [Docker for Automating Honeypots or Malware Sandboxes](https://dadario.com.br/docker-for-automating-honeypots-or-malware-sandboxes/)
- 2017.01 [secvul] [蜜罐Splunk+Kippo搭建分析(二)](https://secvul.com/topics/538.html)
- 2017.01 [arxiv] [[1701.02446] SIPHON: Towards Scalable High-Interaction Physical Honeypots](https://arxiv.org/abs/1701.02446)
- 2017.01 [freebuf] [蜜罐揭秘真实的Mirai僵尸网络](http://www.freebuf.com/articles/terminal/124717.html)
- 2016.12 [secvul] [蜜罐Kippo详细安装教程使用(一)](https://secvul.com/topics/484.html)
- 2016.12 [covert] [Adventures with Heralding, a Credential Grabbing Honeypot](http://www.covert.io/adventures-with-heralding-a-credential-grabbing-honeypot/)
- 2016.12 [freebuf] [主动欺骗蜜罐系统Beeswarm简介](http://www.freebuf.com/sectool/122214.html)
- 2016.12 [rapid7] [Introduction to Honeypots](https://blog.rapid7.com/2016/12/06/introduction-to-honeypots/)
- 2016.12 [freebuf] [Splunk+蜜罐+防火墙=简易WAF](http://www.freebuf.com/articles/web/121679.html)
- 2016.11 [robertputt] [Learn from your attackers - SSH HoneyPot](http://robertputt.co.uk/learn-from-your-attackers-ssh-honeypot.html)
- 2016.11 [securityblog] [Active Directory Security Hardening: Domain Admin Honeypot](http://securityblog.gr/3839/windows-ad-security-hardening-honeypot/)
- 2016.11 [arxiv] [[1611.03252] Reduce positive and negative falses from attacks collected from the deployment of distributed honeypot network](https://arxiv.org/abs/1611.03252)
- 2016.11 [n0where] [Low Interaction Honeypot: HoneyPy](https://n0where.net/low-interaction-honeypot-honeypy)
- 2016.11 [freebuf] [使用各种扫描工具的你,不但踩了“蜜罐”可能还要被团灭了](http://www.freebuf.com/articles/network/116922.html)
- 2016.10 [govolution] [The first 15 days of a password honeypot](https://govolution.wordpress.com/2016/10/24/the-first-15-days-of-a-password-honeypot/)
- 2016.10 [freebuf] [sudo-snooper:一款伪装成sudo命令的“蜜罐”脚本](http://www.freebuf.com/sectool/116942.html)
- 2016.10 [freebuf] [注意了,使用Sqlmap的你可能踩中了“蜜罐”](http://www.freebuf.com/sectool/116706.html)
- 2016.10 [360] [A quick stats on the 608,083 Mirai IPs that hit our honeypots in the past 2.5 months](http://blog.netlab.360.com/a-quick-stats-on-the-608-083-mirai-ips-that-hit-our-honeypots-in-the-past-2-5-months/)
- 2016.10 [hackers] [SCADA Hacking: Testing and Monitoring our SCADA HoneyPot](https://www.hackers-arise.com/single-post/2016/10/14/SCADA-Hacking-Testing-and-Monitoring-our-SCADA-HoneyPot)
- 2016.10 [sans] [Checking my honeypot day](https://isc.sans.edu/forums/diary/Checking+my+honeypot+day/21561/)
- 2016.09 [hackers] [SCADA Hacking: Building a SCADA Honeypot](https://www.hackers-arise.com/single-post/2016/09/22/SCADA-Hacking-Building-a-SCADA-Honeypot)
- 2016.09 [360] [解剖一次真正的 Linux 入侵(第一部分)︰ 运行SSH MiTM 蜜罐](https://www.anquanke.com/post/id/84611/)
- 2016.09 [angelalonso] [Anatomy of a Real Linux Intrusion Part I: Running a MiTM SSH honeypot](http://blog.angelalonso.es/2016/09/anatomy-of-real-linux-intrusion-part-i.html)
- 2016.09 [freebuf] [sshhipot:一款高交互的SSH蜜罐](http://www.freebuf.com/sectool/113594.html)
- 2016.09 [freebuf] [蜜罐系统设计的一些想法](http://www.freebuf.com/articles/system/113031.html)
- 2016.08 [freebuf] [Cowrie蜜罐部署教程](http://www.freebuf.com/articles/network/112065.html)
- 2016.08 [executemalware] [Adding An SSH Honeypot](http://executemalware.com/?p=240)
- 2016.08 [arxiv] [[1608.06249] A Survey on Honeypot Software and Data Analysis](https://arxiv.org/abs/1608.06249)
- 2016.08 [jerrygamblin] [Honeyfiles from my SSHoneypots](https://jerrygamblin.com/2016/08/17/honeyfiles-from-my-sshoneypot/)
- 2016.08 [polaris] [Dionaea:基于Docker的蜜罐系统](http://polaris-lab.com/index.php/archives/7/)
- 2016.08 [freebuf] [网络蜜罐技术探讨](http://www.freebuf.com/articles/network/111155.html)
- 2016.08 [jerrygamblin] [SSHoneypot*](https://jerrygamblin.com/2016/08/01/sshoneypot/)
- 2016.07 [bruteforcelab] [Honeypots workshop at Defcon 24](https://bruteforcelab.com/honeypots-workshop-defcon-24.html)
- 2016.07 [freebuf] [为什么这么多创业公司都在做“蜜罐”?也许这篇文章能告诉你](http://www.freebuf.com/articles/database/109322.html)
- 2016.07 [executemalware] [DionaeaFR – A Window Into Your Honeypot](http://executemalware.com/?p=151)
- 2016.07 [securityblog] [Honeypot Linux distribution](http://securityblog.gr/3522/honeypot-linux-distribution/)
- 2016.07 [securityblog] [SSH Honeypot](http://securityblog.gr/3509/ssh-honeypot/)
- 2016.07 [executemalware] [Let The Malware Come to You – Dionaea Honeypot](http://executemalware.com/?p=129)
- 2016.06 [joshrendek] [Building honeypots and analyzing linux malware](https://joshrendek.com/2016/06/building-honeypots-and-analyzing-linux-malware/)
- 2016.05 [] [工控系统蜜罐建设与协议仿真技术分享](http://www.91ri.org/15850.html)
- 2016.05 [freebuf] [如何用蜜罐追踪黑客(第一集)](http://www.freebuf.com/articles/network/105158.html)
- 2016.05 [freebuf] [如何用Canarytokens搭建蜜罐并检测可疑入侵](http://www.freebuf.com/sectool/104901.html)
- 2016.05 [hackingarticles] [Detect Hacker in Network using kfsensor Honeypot](http://www.hackingarticles.in/detect-hacker-network-using-kfsensor-honeypot/)
- 2016.05 [zeltser] [Experimenting with Honeypots Using The Modern Honey Network](https://zeltser.com/modern-honey-network-experiments/)
- 2016.05 [logrhythm] [Using LogRhythm as a File Integrity Monitoring Honeypot](https://logrhythm.com/blog/using-logrhythm-as-a-file-integrity-monitoring-honeypot/)
- 2016.05 [sans] [INetSim as a Basic Honeypot](https://isc.sans.edu/forums/diary/INetSim+as+a+Basic+Honeypot/21055/)
- 2016.05 [troyhunt] [Understanding firewalls, intrusion detection systems and honeypots with Pluralsight](https://www.troyhunt.com/getting-to-grips-with-firewalls-intrusion-detection-systems-and-honeypots-with-pluralsight/)
- 2016.05 [blackmoreops] [Setup honeypot in Kali Linux](https://www.blackmoreops.com/2016/05/06/setup-honeypot-in-kali-linux/)
- 2016.04 [HackersOnBoard] [32C3 - Breaking Honeypots for Fun and Profit](https://www.youtube.com/watch?v=Ecohko8PDaM)
- 2016.03 [arxiv] [[1603.07433] Characterizing Honeypot-Captured Cyber Attacks: Statistical Framework and Case Study](https://arxiv.org/abs/1603.07433)
- 2016.03 [sans] [Dockerized DShield SSH Honeypot](https://isc.sans.edu/forums/diary/Dockerized+DShield+SSH+Honeypot/20845/)
- 2016.03 [sans] [SSH Honeypots (Ab)used as Proxy](https://isc.sans.edu/forums/diary/SSH+Honeypots+Abused+as+Proxy/20837/)
- 2016.02 [rapid7] [The yellow brick road to machine learning with honeypot data: Our lessons learned](https://blog.rapid7.com/2016/02/29/the-yellow-brick-road-to-machine-learning-with-honeypot-data-our-lessons-learned/)
- 2016.02 [scusec] [蜜罐中常用协议——HPFEEDS协议](http://das.scusec.org/2016/02/19/hpfeeds/)
- 2016.02 [mwrinfosecurity] [Hunting With Honeypots](https://www.mwrinfosecurity.com/our-thinking/hunting-with-honeypots/)
- 2016.02 [deepsec] [DeepSec Video: Building a Better Honeypot Network](http://blog.deepsec.net/deepsec-video-building-a-better-honeypot-network/)
- 2016.01 [360] [通过部署蜜罐捕捉0DAY(第一部分)](https://www.anquanke.com/post/id/83257/)
- 2016.01 [rapid7] [12 Days of HaXmas: Beginner Threat Intelligence with Honeypots](https://blog.rapid7.com/2016/01/05/12-days-of-haxmas-beginner-threat-intelligence-with-honeypots/)
- 2015.12 [securityblog] [Glastopf – Web Application Honeypot](http://securityblog.gr/3117/glastopf-web-application-honeypot/)
- 2015.12 [bruteforcelab] [BSidesSLC 2015 — Security Onions and Honey Potz — Ethan Dodge](https://bruteforcelab.com/bsidesslc-2015-security-onions-and-honey-potz-ethan-dodge.html)
- 2015.12 [securityblog] [Conpot ICS-SCADA honeypot](http://securityblog.gr/3080/conpot-ics-scada-honeypot/)
- 2015.12 [sans] [First Exploit Attempts For Juniper Backdoor Against Honeypot](https://isc.sans.edu/forums/diary/First+Exploit+Attempts+For+Juniper+Backdoor+Against+Honeypot/20525/)
- 2015.12 [securityblog] [A Simple Elasticsearch Honeypot](http://securityblog.gr/3052/a-simple-elasticsearch-honeypot/)
- 2015.11 [freebuf] [点亮我的攻击地图:树莓派蜜罐节点部署实战](http://www.freebuf.com/articles/terminal/84405.html)
- 2015.10 [arxiv] [[1510.03892] Honeypot-powered Malware Reverse Engineering](https://arxiv.org/abs/1510.03892)
- 2015.10 [cybrary] [The Twisted Security Honey Pot Network](https://www.cybrary.it/2015/10/the-twisted-security-honey-pot-network/)
- 2015.09 [deepsec] [DeepSec 2015 Talk: Building a Better Honeypot Network – Josh Pyorre (OpenDNS)](http://blog.deepsec.net/deepsec-2015-talk-building-a-better-honeypot-network-josh-pyorre-opendns/)
- 2015.09 [privacy] [No Budget Threat Intelligence 2: Setting up Cheap Honeypots](http://privacy-pc.com/articles/no-budget-threat-intelligence-2-setting-up-cheap-honeypots.html)
- 2015.09 [trendmicro] [Ashley Madison, Why Do Our Honeypots Have Accounts On Your Website?](https://blog.trendmicro.com/trendlabs-security-intelligence/ashley-madison-why-do-our-honeypots-have-accounts-on-your-website/)
- 2015.08 [endgame] [Hunting for Honeypot Attackers: A Data Scientist’s Adventure](https://www.endgame.com/blog/technical-blog/hunting-honeypot-attackers-data-scientist-s-adventure)
- 2015.08 [forsec] [Compromising a honeypot network through the Kippo password when logstash exec is used](https://forsec.nl/2015/08/compromising-a-honeypot-network-through-the-kippo-password-when-logstash-exec-is-used/)
- 2015.08 [freebuf] [由蜜罐引发的物联网安全小谈](http://www.freebuf.com/news/75577.html)
- 2015.08 [arxiv] [[1508.05002] HoneyMesh: Preventing Distributed Denial of Service Attacks using Virtualized Honeypots](https://arxiv.org/abs/1508.05002)
- 2015.08 [sans] [What Was Old is New Again: Honeypots!](https://isc.sans.edu/forums/diary/What+Was+Old+is+New+Again+Honeypots/20017/)
- 2015.08 [freebuf] [GasPots蜜罐发现,伊朗和叙利亚网军意图攻击自动化加油站](http://www.freebuf.com/news/74292.html)
- 2015.08 [bruteforcelab] [Honeypots workshop at Defcon 23!](https://bruteforcelab.com/honeypots-workshop-at-defcon-23.html)
- 2015.07 [bruteforcelab] [Honeypots workshop at BSidesLV 2015!](https://bruteforcelab.com/honeypots-workshop-at-bsideslv-2015.html)
- 2015.07 [unlogic] [Honeypotting with Dionaea and Raspi](http://unlogic.co.uk/2015/07/16/Honeypotting%20with%20Dionaea%20and%20Raspi/index.html)
- 2015.07 [unlogic] [Honeypotting with Dionaea and Raspi](https://www.unlogic.co.uk/2015/07/16/honeypotting-with-dionaea-and-raspi/)
- 2015.07 [arxiv] [[1507.03117] Apate - A Linux Kernel Module for High Interaction Honeypots](https://arxiv.org/abs/1507.03117)
- 2015.07 [n0where] [Cowrie SSH Honeypot](https://n0where.net/cowrie-ssh-honeypot)
- 2015.07 [freebuf] [交互式SSH蜜罐 – Cowrie](http://www.freebuf.com/sectool/71528.html)
- 2015.06 [pentestpartners] [Shiva, the spam honeypot. Tips and tricks for getting it up and running.](https://www.pentestpartners.com/security-blog/shiva-the-spam-honeypot-tips-and-tricks-for-getting-it-up-and-running/)
- 2015.05 [trustwave] [[Honeypot Alert] Fritz!Box – Remote Command Execution Exploit Attempt](https://www.trustwave.com/Resources/SpiderLabs-Blog/-Honeypot-Alert--Fritz!Box-%E2%80%93-Remote-Command-Execution-Exploit-Attempt/)
- 2015.05 [pentestpartners] [Honeypots; a usage guide](https://www.pentestpartners.com/security-blog/honeypots-a-usage-guide/)
- 2015.04 [sans] [Odd POST Request To Web Honeypot](https://isc.sans.edu/forums/diary/Odd+POST+Request+To+Web+Honeypot/19573/)
- 2015.03 [trustwave] [OWASP/WASC Distributed Web Honeypots Project Re-Launch - Seeking Participants](https://www.trustwave.com/Resources/SpiderLabs-Blog/OWASP/WASC-Distributed-Web-Honeypots-Project-Re-Launch---Seeking-Participants/)
- 2015.03 [bruteforcelab] [Honeypots for Active Defense: A Practical Guide to Deploying Honeynets Within the Enterprise](https://bruteforcelab.com/honeypots-for-active-defense-a-practical-guide-to-deploying-honeynets-within-the-enterprise.html)
- 2015.03 [securityintelligence] [Analyzing Queries on a Honeypot Name Server for Better DNS Log Quality](https://securityintelligence.com/analyzing-queries-on-a-honeypot-name-server-for-better-dns-log-quality/)
- 2015.02 [zeltser] [Specialized Honeypots for SSH, Web and Malware Attacks](https://zeltser.com/honeypots-for-malware-ssh-web-attacks/)
- 2015.02 [zeltser] [Honeypots as Part of a Modern IT Infrastructure](https://zeltser.com/honeypots-it-infrastructure/)
- 2015.02 [bsidesljubljana] [Talk: Uncovering secret connections among online attackers using network theory and custom honeypots (Pedram Hayati)](https://0x7df.bsidesljubljana.si/uncovering-secret-connections-among-online-attackers-using-network-theory-and-custom-honeypots-pedram-hayati/trackback/index.html)
- 2015.02 [] [蜜罐快速搭建 [Dionaea]](http://www.91ri.org/12248.html)
- 2015.01 [quequero] [Inside a Kippo honeypot: how the billgates botnet spreads](https://quequero.org/2015/01/ssh-kippo-honeypot-4-months-operation-summary/)
- 2015.01 [n0where] [Honeypot Deployment Made Easy: Beeswarm](https://n0where.net/honeypot-deployment-made-easy-beeswarm)
- 2015.01 [logrhythm] [Kippo Honeypot: Log Replay Automation](https://logrhythm.com/blog/kippo-honeypot-log-replay-automation/)
- 2014.12 [trustwave] [[Honeypot Alert] Wordpress Wp Symposium 14.11 - Unauthenticated Shell Upload Exploit Attempt](https://www.trustwave.com/Resources/SpiderLabs-Blog/-Honeypot-Alert--Wordpress-Wp-Symposium-14-11---Unauthenticated-Shell-Upload-Exploit-Attempt/)
- 2014.12 [sans] [Honey Pot Entertainment - SSH](https://isc.sans.edu/forums/diary/Honey+Pot+Entertainment+SSH/19121/)
- 2014.12 [n0where] [CONPOT ICS SCADA Honeypot](https://n0where.net/conpot-ics-scada-honeypot)
- 2014.12 [vanimpe] [Using ELK as a dashboard for honeypots](https://www.vanimpe.eu/2014/12/13/using-elk-dashboard-honeypots/)
- 2014.11 [it] [[Research] SSH Honeypot (honey.it-securityguard.com)](https://blog.it-securityguard.com/research-ssh-honeypot-honey-it-securityguard-com/)
- 2014.11 [sans] [Lessons Learn from attacks on Kippo honeypots](https://isc.sans.edu/forums/diary/Lessons+Learn+from+attacks+on+Kippo+honeypots/18935/)
- 2014.10 [bruteforcelab] [s06 Bringing PWNED To You Interesting Honeypot Trends Elliott Brink](https://bruteforcelab.com/s06-bringing-pwned-interesting-honeypot-trends-elliott-brink.html)
- 2014.10 [holisticinfosec] [toolsmith: HoneyDrive - Honeypots in a Box](https://holisticinfosec.blogspot.com/2014/10/toolsmith-honeydrive-honeypots-in-box.html)
- 2014.09 [trustwave] [[Honeypot Alert] New Bot Malware (BoSSaBoTv2) Attacking Web Servers Discovered](https://www.trustwave.com/Resources/SpiderLabs-Blog/-Honeypot-Alert--New-Bot-Malware-(BoSSaBoTv2)-Attacking-Web-Servers-Discovered/)
- 2014.09 [plcscan] [工控系统蜜罐建设与协议仿真技术分享](http://plcscan.org/blog/2014/09/icsscada-honeypot-and-ics-protocol-simulation-technology/)
- 2014.09 [arxiv] [[1409.2097] Paying for Likes? Understanding Facebook Like Fraud Using Honeypots](https://arxiv.org/abs/1409.2097)
- 2014.08 [toolswatch] [[New Tool] HoneyDrive v3 Royal Jelly – Honeypot Linux Distro Released](http://www.toolswatch.org/2014/08/new-tool-honeydrive-v3-royal-jelly-honeypot-linux-distro-released/)
- 2014.08 [freebuf] [Linux蜜罐系统HoneyDrive 3版本发布](http://www.freebuf.com/sectool/40865.html)
- 2014.08 [itgeekchronicles] [HoneyMalt – Maltego for Honeypots](https://itgeekchronicles.co.uk/2014/08/13/honeymalt-maltego-for-honeypots/)
- 2014.08 [bruteforcelab] [Adding ElasticSearch support to Kippo SSH honeypot](https://bruteforcelab.com/adding-elasticsearch-support-kippo-ssh-honeypot.html)
- 2014.08 [n0where] [Honeypot Linux Distro: HoneyDrive](https://n0where.net/honeypot-linux-distro-honeydrive)
- 2014.08 [n0where] [Modern Honeypot Network](https://n0where.net/modern-honeypot-network)
- 2014.07 [sans] [A Honeypot for home: Raspberry Pi](https://isc.sans.edu/forums/diary/A+Honeypot+for+home+Raspberry+Pi/18463/)
- 2014.07 [trustwave] [[Honeypot Alert] Wordpress XML-RPC Brute Force Scanning](https://www.trustwave.com/Resources/SpiderLabs-Blog/-Honeypot-Alert--Wordpress-XML-RPC-Brute-Force-Scanning/)
- 2014.07 [bruteforcelab] [Honeypots workshop at BSidesLV 2014!](https://bruteforcelab.com/honeypots-workshop-bsideslv-2014.html)
- 2014.07 [vanimpe] [Install DionaeaFR web frontend to Dionaea honeypot on Ubuntu](https://www.vanimpe.eu/2014/07/04/install-dionaeafr-web-frontend-dionaea-ubuntu/)
- 2014.06 [sans] [Should I setup a Honeypot? [SANSFIRE]](https://isc.sans.edu/forums/diary/Should+I+setup+a+Honeypot+SANSFIRE/18323/)
- 2014.05 [trustwave] [[Honeypot Alert] Open Flash Charts File Upload Attacks](https://www.trustwave.com/Resources/SpiderLabs-Blog/-Honeypot-Alert--Open-Flash-Charts-File-Upload-Attacks/)
- 2014.05 [sans] [Busybox Honeypot Fingerprinting and a new DVR scanner](https://isc.sans.edu/forums/diary/Busybox+Honeypot+Fingerprinting+and+a+new+DVR+scanner/18055/)
- 2014.04 [checkmarx] [The Honeypot Sting: Hacking the Hackers](https://www.checkmarx.com/2014/04/16/the-honeypot-sting/)
- 2014.03 [trustwave] [[Honeypot Alert] JCE Joomla Extension Attacks](https://www.trustwave.com/Resources/SpiderLabs-Blog/-Honeypot-Alert--JCE-Joomla-Extension-Attacks/)
- 2014.02 [bruteforcelab] [HonSSH – A high interaction honeypot solution for Linux based systems](https://bruteforcelab.com/honssh-high-interaction-honeypot-solution-linux-based-systems.html)
- 2014.02 [trendmicro] [Details Behind the NBC Honeypots: Part 2](http://blog.trendmicro.com/russia-experience-part-2/)
- 2013.12 [bruteforcelab] [Vagrant configuration for Dionaea malware honeypot](https://bruteforcelab.com/vagrant-configuration-dionaea-malware-honeypot.html)
- 2013.11 [trendmicro] [Trend Micro to Present Honeypot Findings at the 125th Annual NARUC Meeting](http://blog.trendmicro.com/trend-micro-present-honeypot-findings-125th-annual-naruc-meeting/)
- 2013.11 [sans] [Setting up Honeypots](https://isc.sans.edu/forums/diary/Setting+up+Honeypots/17015/)
- 2013.10 [] [详细部署dionaea低交互式蜜罐和记录分析(一)](http://www.91ri.org/7527.html)
- 2013.10 [] [详细部署dionaea低交互式蜜罐和记录分析(二)](http://www.91ri.org/7528.html)
- 2013.10 [sans] [CSAM: Web Honeypot Logs](https://isc.sans.edu/forums/diary/CSAM+Web+Honeypot+Logs/16718/)
- 2013.09 [pediy] [[原创]Windows下的无线热点蜜罐](https://bbs.pediy.com/thread-179529.htm)
- 2013.09 [freebuf] [Dionaea低交互式蜜罐部署详解](http://www.freebuf.com/articles/system/12696.html)
- 2013.09 [bruteforcelab] [Honeypot Workshop @ BruCON 2013](https://bruteforcelab.com/honeypot-workshop-brucon-2013.html)
- 2013.08 [trustwave] [[Honeypot Alert] Probes for Apache Struts 2.X OGNL Vulnerability](https://www.trustwave.com/Resources/SpiderLabs-Blog/-Honeypot-Alert--Probes-for-Apache-Struts-2-X-OGNL-Vulnerability/)
- 2013.08 [freebuf] [SSH蜜罐工具 – HonSSH](http://www.freebuf.com/sectool/11777.html)
- 2013.07 [n0where] [Raspberry Pi HoneyPot](https://n0where.net/raspberry-pi-honeypot)
- 2013.06 [trustwave] [[Honeypot Alert] Inside the Attacker's Toolbox: Webshell Usage Logging](https://www.trustwave.com/Resources/SpiderLabs-Blog/-Honeypot-Alert--Inside-the-Attacker-s-Toolbox--Webshell-Usage-Logging/)
- 2013.06 [trustwave] [[Honeypot Alert] Active Exploits Attempts for Plesk Vulnerability](https://www.trustwave.com/Resources/SpiderLabs-Blog/-Honeypot-Alert--Active-Exploits-Attempts-for-Plesk-Vulnerability/)
- 2013.05 [troyhunt] [Talking with Scott Hanselman on honeypots, pineapples and SSL](https://www.troyhunt.com/talking-with-scott-hanselman-on/)
- 2013.05 [sans] [Digital Forensics Case Leads: First ICS HoneyPot, IEF EnScripts, Android Forensics, Unit 61398 - The APT1 guys, CALEA Act and more...](https://digital-forensics.sans.org/blog/2013/05/26/digital-forensics-case-leads-first-ics-honeypot-ief-enscripts-android-forensics-unit-61398-the-apt1-guys-calea-act-and-more)
- 2013.05 [itgeekchronicles] [Honeypot: Kippo Pi](https://itgeekchronicles.co.uk/2013/05/14/honeypot-kippo-pi/)
- 2013.05 [bruteforcelab] [Kippo SSH Honeypot Series](https://bruteforcelab.com/kippo-ssh-honeypot-series.html)
- 2013.04 [privacy] [Employ Bees to Protect Your Servers: Honeypots That Bite Back](http://privacy-pc.com/interviews/employ-bees-to-protect-your-servers-honeypots-that-bite-back.html)
- 2013.04 [securelist] [The Winnti honeypot – luring intruders](https://securelist.com/the-winnti-honeypot-luring-intruders/35623/)
- 2013.03 [freebuf] [HTTP(S)中间人流量分析&蜜罐工具—HoneyProxy](http://www.freebuf.com/sectool/8073.html)
- 2013.03 [freebuf] [趋势科技搭建工控蜜罐系统](http://www.freebuf.com/news/7833.html)
- 2013.03 [arxiv] [[1303.3071] Nepenthes Honeypots based Botnet Detection](https://arxiv.org/abs/1303.3071)
- 2013.03 [freebuf] [伪造DNS/DHCP/HTTP服务器的蜜罐工具—Ghost Phisher](http://www.freebuf.com/sectool/7603.html)
- 2013.02 [bruteforcelab] [TekTip ep21 – Drive Traffic to your Honeypot](https://bruteforcelab.com/tektip-ep21-drive-traffic-to-your-honeypot.html)
- 2013.02 [trustwave] [[Honeypot Alert] User-Agent Field PHP Injection Attacks](https://www.trustwave.com/Resources/SpiderLabs-Blog/-Honeypot-Alert--User-Agent-Field-PHP-Injection-Attacks/)
- 2013.01 [arxiv] [[1301.7257] Design, Implementation, and Operation of a Mobile Honeypot](https://arxiv.org/abs/1301.7257)
- 2013.01 [trustwave] [[Honeypot Alert] Active Probes for Ruby on Rails XML Vulns](https://www.trustwave.com/Resources/SpiderLabs-Blog/-Honeypot-Alert--Active-Probes-for-Ruby-on-Rails-XML-Vulns/)
- 2013.01 [bruteforcelab] [How to install Thug Python client honeypot](https://bruteforcelab.com/how-to-install-thug-python-client-honeypot.html)
- 2013.01 [bruteforcelab] [HoneyDrive review by a honeypot enthusiast](https://bruteforcelab.com/honeydrive-review-by-a-honeypot-enthusiast.html)
- 2013.01 [bruteforcelab] [SSH honeypot workshop @ BSides London 2013](https://bruteforcelab.com/ssh-honeypot-workshop-bsides-london-2013.html)
- 2013.01 [bruteforcelab] [GÉANT: Experiences with IDS and Honeypots](https://bruteforcelab.com/geant-experiences-with-ids-and-honeypots.html)
- 2013.01 [bruteforcelab] [dork.db for Glastopf web honeypot](https://bruteforcelab.com/dork-db-for-glastopf-web-honeypot.html)
- 2012.12 [trustwave] [Setting HoneyTraps with ModSecurity: Project Honeypot Integration](https://www.trustwave.com/Resources/SpiderLabs-Blog/Setting-HoneyTraps-with-ModSecurity--Project-Honeypot-Integration/)
- 2012.12 [sans] [ISC Feature of the Week: Webhoneypot: Web Server Log Project](https://isc.sans.edu/forums/diary/ISC+Feature+of+the+Week+Webhoneypot+Web+Server+Log+Project/14710/)
- 2012.12 [trustwave] [[Honeypot Alert] Turning Local File Inclusion into Reflected Code Execution](https://www.trustwave.com/Resources/SpiderLabs-Blog/-Honeypot-Alert--Turning-Local-File-Inclusion-into-Reflected-Code-Execution/)
- 2012.12 [trustwave] [[Honeypot Alert] SQL Injection Scanning Detected in WordPress Error Logs](https://www.trustwave.com/Resources/SpiderLabs-Blog/-Honeypot-Alert--SQL-Injection-Scanning-Detected-in-WordPress-Error-Logs/)
- 2012.12 [trustwave] [[Honeypot Alert] SQL Injection Scanning Targeting Joomla Plugins](https://www.trustwave.com/Resources/SpiderLabs-Blog/-Honeypot-Alert--SQL-Injection-Scanning-Targeting-Joomla-Plugins/)
- 2012.11 [trustwave] [[Honeypot Alert] User-Agent Field XSS Attacks](https://www.trustwave.com/Resources/SpiderLabs-Blog/-Honeypot-Alert--User-Agent-Field-XSS-Attacks/)
- 2012.11 [cert] [ENISA publikuje raport CERT Polska o honeypotach](https://www.cert.pl/en/news/single/enisa-publikuje-raport-cert-polska-o-honeypotach/)
- 2012.11 [freebuf] [Wifi蜜罐](http://www.freebuf.com/sectool/6162.html)
- 2012.10 [bruteforcelab] [TekTip – Ep11 – Kippo SSH Honeypot](https://bruteforcelab.com/tektip-ep11-kippo-ssh-honeypot.html)
- 2012.10 [arxiv] [[1210.4517] Gaming the Game: Honeypot Venues Against Cheaters in Location-based Social Networks](https://arxiv.org/abs/1210.4517)
- 2012.09 [freebuf] [FBI用蜜罐抓住试图为军方购买敏感材料的中国商人](http://www.freebuf.com/news/5821.html)
- 2012.08 [brindi] [DOM XSS Honeypot](http://brindi.si/g/blog/dom-xss-honeypot.html)
- 2012.07 [freebuf] [蜜罐系统 – Artillery 0.5.1 alpha发布](http://www.freebuf.com/sectool/4832.html)
- 2012.06 [freebuf] [如何在VPS上搭建远程桌面蜜罐](http://www.freebuf.com/articles/4728.html)
- 2012.06 [trustwave] [[Honeypot Alert] PHP-CGI Vuln Targeted For Database Dumping](https://www.trustwave.com/Resources/SpiderLabs-Blog/-Honeypot-Alert--PHP-CGI-Vuln-Targeted-For-Database-Dumping/)
- 2012.05 [trustwave] [[Honeypot Alert] Inside the Attacker's Toolbox: Botnet Credit Card Validation Scripts](https://www.trustwave.com/Resources/SpiderLabs-Blog/-Honeypot-Alert--Inside-the-Attacker-s-Toolbox--Botnet-Credit-Card-Validation-Scripts/)
- 2012.05 [trustwave] [[Honeypot Alert] Inside the Attacker's Toolbox: Botnet Web Attack Scripts](https://www.trustwave.com/Resources/SpiderLabs-Blog/-Honeypot-Alert--Inside-the-Attacker-s-Toolbox--Botnet-Web-Attack-Scripts/)
- 2012.05 [trustwave] [[Honeypot Alert] (UPDATE) Active Exploit Attempts for PHP-CGI Vuln](https://www.trustwave.com/Resources/SpiderLabs-Blog/-Honeypot-Alert--(UPDATE)-Active-Exploit-Attempts-for-PHP-CGI-Vuln/)
- 2012.04 [trustwave] [[Honeypot Alert] PhpMyAdmin setup.php RFI Attacks Detected](https://www.trustwave.com/Resources/SpiderLabs-Blog/-Honeypot-Alert--PhpMyAdmin-setup-php-RFI-Attacks-Detected/)
- 2012.04 [trustwave] [[Honeypot Alert] Joomla com_s5clanroster Local File Inclusion Attacks](https://www.trustwave.com/Resources/SpiderLabs-Blog/-Honeypot-Alert--Joomla-com_s5clanroster-Local-File-Inclusion-Attacks/)
- 2012.04 [trustwave] [[Honeypot Alert] Zeroboard now_connect() Remote Code Execution Attacks](https://www.trustwave.com/Resources/SpiderLabs-Blog/-Honeypot-Alert--Zeroboard-now_connect()-Remote-Code-Execution-Attacks/)
- 2012.03 [bruteforcelab] [Ωραίο SSH honeypot, αλλά για το σπιτάκι!](https://bruteforcelab.com/%cf%89%cf%81%ce%b1%ce%af%ce%bf-ssh-honeypot-%ce%b1%ce%bb%ce%bb%ce%ac-%ce%b3%ce%b9%ce%b1-%cf%84%ce%bf-%cf%83%cf%80%ce%b9%cf%84%ce%ac%ce%ba%ce%b9.html)
- 2012.03 [trustwave] [[Honeypot Alert] Large Scale LFI Attack From Brazillian Domains](https://www.trustwave.com/Resources/SpiderLabs-Blog/-Honeypot-Alert--Large-Scale-LFI-Attack-From-Brazillian-Domains/)
- 2012.03 [trustwave] [[Honeypot Alert] Zen Cart 'admin/sqlpatch.php' SQL Injection Attacks](https://www.trustwave.com/Resources/SpiderLabs-Blog/-Honeypot-Alert--Zen-Cart--admin/sqlpatch-php--SQL-Injection-Attacks/)
- 2012.03 [trustwave] [[Honeypot Alert] Status Report for February 2012](https://www.trustwave.com/Resources/SpiderLabs-Blog/-Honeypot-Alert--Status-Report-for-February-2012/)
- 2012.03 [trustwave] [[Honeypot Alert] More WordPress is_human Plugin Remote Command Injection Attack Detected](https://www.trustwave.com/Resources/SpiderLabs-Blog/-Honeypot-Alert--More-WordPress-is_human-Plugin-Remote-Command-Injection-Attack-Detected/)
- 2012.02 [trustwave] [[Honeypot Alert] phpMyAdmin Code Injection Attacks for Botnet Recruitment](https://www.trustwave.com/Resources/SpiderLabs-Blog/-Honeypot-Alert--phpMyAdmin-Code-Injection-Attacks-for-Botnet-Recruitment/)
- 2012.02 [trustwave] [WASC Distributed Web Honeypots Project Update](https://www.trustwave.com/Resources/SpiderLabs-Blog/WASC-Distributed-Web-Honeypots-Project-Update/)
- 2012.02 [trustwave] [[Honeypot Alert] Status Report for January 2012](https://www.trustwave.com/Resources/SpiderLabs-Blog/-Honeypot-Alert--Status-Report-for-January-2012/)
- 2012.02 [bruteforcelab] [The Last HOPE: Ghetto IDS and Honeypots for the Home User](https://bruteforcelab.com/the-last-hope-ghetto-ids-and-honeypots-for-the-home-user.html)
- 2012.01 [trustwave] [[Honeypot Alert] Simple Page Options Module for Joomla! Local File Inclusion Attack Detected](https://www.trustwave.com/Resources/SpiderLabs-Blog/-Honeypot-Alert--Simple-Page-Options-Module-for-Joomla!-Local-File-Inclusion-Attack-Detected/)
- 2012.01 [trustwave] [[Honeypot Alert] phpMyAdmin Superglobal Session Manipulation Attack Detected](https://www.trustwave.com/Resources/SpiderLabs-Blog/-Honeypot-Alert--phpMyAdmin-Superglobal-Session-Manipulation-Attack-Detected/)
- 2012.01 [trustwave] [[Honeypot Alert] Is-human Wordpress Plugin Remote Command Execution Attack Detected](https://www.trustwave.com/Resources/SpiderLabs-Blog/-Honeypot-Alert--Is-human-Wordpress-Plugin-Remote-Command-Execution-Attack-Detected/)
- 2012.01 [trustwave] [[Honeypot Alert] Extensive 'setup.php" Scanning Detected](https://www.trustwave.com/Resources/SpiderLabs-Blog/-Honeypot-Alert--Extensive--setup-php--Scanning-Detected/)
- 2012.01 [bruteforcelab] [Kojoney SSH Honeypot, installation (CentOS) and configuration](https://bruteforcelab.com/kojoney-ssh-honeypot-installation-centos-and-configuration.html)
- 2012.01 [trustwave] [[Honeypot Alert] Multiple Local File Inclusion Attacks](https://www.trustwave.com/Resources/SpiderLabs-Blog/-Honeypot-Alert--Multiple-Local-File-Inclusion-Attacks/)
- 2012.01 [bruteforcelab] [Starting with Dionaea malware honeypot](https://bruteforcelab.com/starting-with-dionaea-malware-honeypot.html)
- 2011.12 [trustwave] [[Honeypot Alert] phpThumb() 'fltr[]' Parameter Command Injection Detected](https://www.trustwave.com/Resources/SpiderLabs-Blog/-Honeypot-Alert--phpThumb()--fltr----Parameter-Command-Injection-Detected/)
- 2011.12 [trustwave] [[Honeypot Alert] Plone and Zope Remote Command Execution Detected](https://www.trustwave.com/Resources/SpiderLabs-Blog/-Honeypot-Alert--Plone-and-Zope-Remote-Command-Execution-Detected/)
- 2011.12 [trustwave] [[Honeypot Alert] User Agent Field Arbitrary PHP Code Execution](https://www.trustwave.com/Resources/SpiderLabs-Blog/-Honeypot-Alert--User-Agent-Field-Arbitrary-PHP-Code-Execution/)
- 2011.12 [trustwave] [[Honeypot Alert] phpAlbum PHP Code Execution Attacks](https://www.trustwave.com/Resources/SpiderLabs-Blog/-Honeypot-Alert--phpAlbum-PHP-Code-Execution-Attacks/)
- 2011.12 [trustwave] [[Honeypot Alert] SQL Injection Scanning Update - Filter Evasions Detected](https://www.trustwave.com/Resources/SpiderLabs-Blog/-Honeypot-Alert--SQL-Injection-Scanning-Update---Filter-Evasions-Detected/)
- 2011.12 [trustwave] [[Honeypot Alert] Awstats Command Injection Scanning Detected](https://www.trustwave.com/Resources/SpiderLabs-Blog/-Honeypot-Alert--Awstats-Command-Injection-Scanning-Detected/)
- 2011.12 [trustwave] [[Honeypot Alert] WordPress/Joomla/Mambo SQL Injection Scanning Detected](https://www.trustwave.com/Resources/SpiderLabs-Blog/-Honeypot-Alert--WordPress/Joomla/Mambo-SQL-Injection-Scanning-Detected/)
- 2011.12 [bruteforcelab] [Installing Kippo SSH Honeypot on Ubuntu](https://bruteforcelab.com/installing-kippo-ssh-honeypot-on-ubuntu.html)
- 2011.11 [trustwave] [[Honeypot Alert] Mass Joomla Component LFI Attacks Identified](https://www.trustwave.com/Resources/SpiderLabs-Blog/-Honeypot-Alert--Mass-Joomla-Component-LFI-Attacks-Identified/)
- 2011.11 [trustwave] [[Honeypot Alert] WordPress Timthumb Attacks Rising](https://www.trustwave.com/Resources/SpiderLabs-Blog/-Honeypot-Alert--WordPress-Timthumb-Attacks-Rising/)
- 2011.06 [publicintelligence] [(U//LES) LulzSec Release: FBI Botnet Owners Distribute Law Enforcement Honeypot IP List](https://publicintelligence.net/ules-lulzsec-release-fbi-botnet-owners-distribute-law-enforcement-honeypot-ip-list/)
- 2011.04 [toolswatch] [Honeypot New Tool Streams v0.1.0 released](http://www.toolswatch.org/2011/04/honeypot-new-tool-streams-v0-1-0-released/)
- 2011.02 [toolswatch] [Artemisa VoIP/SIP Honeypot v1.0.90 released!](http://www.toolswatch.org/2011/02/artemisa-voipsip-honeypot-v1-0-90-released/)
- 2011.01 [corelan] [The Honeypot Incident – How strong is your UF (Reversing FU)](https://www.corelan.be/index.php/2011/01/31/the-honeypot-incident-how-strong-is-your-uf-reversing-fu/)
- 2010.03 [mckeay] [Mykonos: WAF, IPS or honeypot?](http://www.mckeay.net/2010/03/15/mykonos-waf-ips-or-honeypot/)
- 2009.12 [virusbulletin] [Project Honey Pot 'celebrates' billionth spam message](https://www.virusbulletin.com/blog/2009/12/project-honey-pot-celebrates-billionth-spam-message/)
- 2009.12 [arxiv] [[0912.2293] Detection and Prevention of New and Unknown Malware using Honeypots](https://arxiv.org/abs/0912.2293)
- 2009.10 [sans] [Web honeypot Update](https://isc.sans.edu/forums/diary/Web+honeypot+Update/7456/)
- 2009.09 [sans] [Results from Webhoneypot project](https://isc.sans.edu/forums/diary/Results+from+Webhoneypot+project/7150/)
- 2009.06 [arxiv] [[0906.5031] Intrusion Detection System Using Advanced Honeypots](https://arxiv.org/abs/0906.5031)
- 2009.06 [sans] [Dshield Web Honeypot going beta](https://isc.sans.edu/forums/diary/Dshield+Web+Honeypot+going+beta/6559/)
- 2009.03 [sans] [Webhoneypot fun](https://isc.sans.edu/forums/diary/Webhoneypot+fun/6070/)
- 2009.02 [sans] [DShield Web Honeypot - Alpha Preview Release](https://isc.sans.edu/forums/diary/DShield+Web+Honeypot+Alpha+Preview+Release/5881/)
- 2008.12 [sans] [Call for volunteers - Web Honeypot Project](https://isc.sans.edu/forums/diary/Call+for+volunteers+Web+Honeypot+Project/5413/)
- 2008.02 [vanimpe] [Spam Honeypots](https://www.vanimpe.eu/2008/02/15/spam-honeypots/)
- 2007.11 [trustwave] [WASC Distributed Open Proxy Honeypot: Blind SQL Injection Attempt (Update)](https://www.trustwave.com/Resources/SpiderLabs-Blog/WASC-Distributed-Open-Proxy-Honeypot--Blind-SQL-Injection-Attempt-(Update)/)
- 2007.10 [evilcodecave] [Potting the HoneyPot #1](https://evilcodecave.wordpress.com/2007/10/15/potting-the-honeypot-1/)
- 2007.09 [haxx] [Form Submit Honeypot by Mistake](https://daniel.haxx.se/blog/2007/09/11/form-submit-honeypot-by-mistake/)
- 2007.05 [jeremiahgrossman] [Report available for WASCs Distributed Open Proxy Honeypot Project](http://blog.jeremiahgrossman.com/2007/05/report-available-for-wascs-distributed.html)
- 2007.04 [arxiv] [[0704.0861] Empirical analysis and statistical modeling of attack processes based on honeypots](https://arxiv.org/abs/0704.0861)
- 2007.04 [arxiv] [[0704.0858] Lessons Learned from the deployment of a high-interaction honeypot](https://arxiv.org/abs/0704.0858)
- 2006.11 [sans] [Honeypot Mirroring .edu domains under .eu / Active Threat](https://isc.sans.edu/forums/diary/Honeypot+Mirroring+edu+domains+under+eu+Active+Threat/1866/)
- 2005.12 [sans] [Evolutions in the honeypot/honeynet arena](https://isc.sans.edu/forums/diary/Evolutions+in+the+honeypothoneynet+arena/967/)
- 2005.11 [trendmicro] [New MS Advisory: Memory Allocation Denial of Service Via RPC And Update on the Bot Honeypot](https://blog.trendmicro.com/trendlabs-security-intelligence/new-ms-advisory3a-memory-allocation-denial-of-service-via-rpc-and-update-on-the-bot-honeypot/)
- 2005.01 [devco] [Spam Honeypots](https://www.devco.net/archives/2005/01/14/spam_honeypots.php)
- 2004.11 [sans] [SSH Honeypot Capture, Follow The Bouncing Malware (Part III)](https://isc.sans.edu/forums/diary/SSH+Honeypot+Capture+Follow+The+Bouncing+Malware+Part+III/355/)
- 1.11 [sans] [What Keeps My Honeypot Busy These Days](https://isc.sans.edu/forums/diary/What+Keeps+My+Honeypot+Busy+These+Days/21995/)

# 贡献
内容为系统自动导出, 有任何问题请提issue