The Honeynet Project - R&D for Honeypot/Honeynet Technology and InfoSec Research

Founded in 1999, The Honeynet Project is an international, non-profit (501c3) research organization dedicated to improving the security of the Internet at no cost to the public.

Our achievements are based on the principles of open source and volunteer efforts, with all software or papers created being licensed as open source and made freely available to the community.

We help coordinate the development, deployment, advancement and research findings of honeypot and anti-malware related technologies. With over 45 international chapters, 350 members and 30 open source research projects around around the world, we are a mature, highly diverse and international organization.

Simply put, our goal is to make a difference. We accomplish this via:

Awareness - We raise awareness of the threats and vulnerabilities that exist in the Internet today. Many individuals & organizations do not realize they are a target, nor understand who is attacking them, how, or why. We provide this information, so people can better understand that they are a target, and understand the basic measures they can take to mitigate these threats. This is provided through our Know Your Enemy series of papers.

Tools - For organizations interested in continuing their own research about cyber threats, we provide the tools and techniques we have developed. All tools are specifically licensed open source. Organizations all over the world use our tools.

Information - In addition to raising awareness, we provide details to better secure assets. Historically, information about attackers has been limited to the tools they use. We provide critical additional information, such as their motives in attacking, how they communicate, when they attack systems and their actions after compromising a system. We provide this service through our Know Your Enemy whitepapers and our periodic Scan of the Month challenges.

The Honeynet Project uses GSoC as a incubator for new R&D projects, and to recruit active new members.

lightbulb_outline View ideas list


  • python
  • javascript
  • golang
  • android
  • network stack


  • Security
  • security
  • honeypots
  • deception
  • research
  • malware
comment IRC Channel
mail_outline Contact email

The Honeynet Project 2017 Projects

  • Ziyue Yang
    Android Sandbox Detection and Countermeasure Proposal
    Many Android apps are using sandbox-detection techniques, and here is an example. To make things worse, there are malware using the sandbox-detection...
  • Donika Mirdita
    Automated Malware Relationships Detection Tool
    The increase in volume and diversity of malware attacks has created a difficult situation for security analysts. Now more than ever, automatic...
  • Manohar Reddy
    Building examples services for Holmes processing
    Holmes processing is a platform for large scale malware analysis. To allow for scaling and performance gains, this has required multiple techniques...
  • Yuru Shao
    Conpot improvements
    Conpot is a honeypot that handles a number of protocols (including IPMI, SNMP, BACnet, modbus and s7comm), which are usually used in industrial...
  • M Bilal Arif
    Glutton Enhancement
    Author of glutton have proposed some new functionalities to be added in Glutton, like: Spawn Containers Support of YARA I will make code for those...
  • Christian von Pentz
    Holmes Framework to Automate Advanced Analytics
    In this project I will design and develop a semi-generic interface that enables Holmes Processing to manage the execution of advanced statistical and...
  • Ricardo van Zutphen
    Long term analysis
    Integrating the existing Longcuckoo into the latest version of Cuckoo Sandbox so that Cuckoo Sandbox long term analysis will be available to all...
  • Ujjwal Verma
    Mitmproxy Core
    Project type Improve existing tool Project goal Spend the summer working on mitmproxy's core and its addons! Improving mitmproxy. Adding various...
  • Matthew Shao
    Mitmweb Improve
    Mitmweb is now shipped with our releases, supporting most of the fundamental features. However, some important features have not been brought to...
  • kajoj
    Proposal to the Honeynet Project.
    Hello! Eventually it happened! I am happy to present you my final version of proposal. I have worked on it for last 2 weeks. I did all I could to...
  • Nikolaos Filippakis
    Protocol and adversary identification in Go
    When a client is connecting to a honeypot server, it is usually not legitimate traffic. However, as malware is always trying to be stealthy, the...
  • Ravinder Nehra
    SNARE is a web application honeypot sensor attracting all sort of maliciousness from the Internet. The web page is generated by cloning a real web...