The Honeynet Project
The Honeynet Project - R&D for Honeypot/Honeynet Technology and InfoSec Research
Founded in 1999, The Honeynet Project is an international, non-profit (501c3) research organization dedicated to improving the security of the Internet at no cost to the public.
Our achievements are based on the principles of open source and volunteer efforts, with all software or papers created being licensed as open source and made freely available to the community.
We help coordinate the development, deployment, advancement and research findings of honeypot and anti-malware related technologies. With over 45 international chapters, 350 members and 30 open source research projects around around the world, we are a mature, highly diverse and international organization.
Simply put, our goal is to make a difference. We accomplish this via:
Awareness - We raise awareness of the threats and vulnerabilities that exist in the Internet today. Many individuals & organizations do not realize they are a target, nor understand who is attacking them, how, or why. We provide this information, so people can better understand that they are a target, and understand the basic measures they can take to mitigate these threats. This is provided through our Know Your Enemy series of papers.
Tools - For organizations interested in continuing their own research about cyber threats, we provide the tools and techniques we have developed. All tools are specifically licensed open source. Organizations all over the world use our tools.
Information - In addition to raising awareness, we provide details to better secure assets. Historically, information about attackers has been limited to the tools they use. We provide critical additional information, such as their motives in attacking, how they communicate, when they attack systems and their actions after compromising a system. We provide this service through our Know Your Enemy whitepapers and our periodic Scan of the Month challenges.
The Honeynet Project uses GSoC as a incubator for new R&D projects, and to recruit active new members.
The Honeynet Project 2017 Projects
-
Ziyue Yang
Android Sandbox Detection and Countermeasure ProposalMany Android apps are using sandbox-detection techniques, and here is an example. To make things worse, there are malware using the sandbox-detection... -
Donika Mirdita
Automated Malware Relationships Detection ToolThe increase in volume and diversity of malware attacks has created a difficult situation for security analysts. Now more than ever, automatic... -
Manohar Reddy
Building examples services for Holmes processingHolmes processing is a platform for large scale malware analysis. To allow for scaling and performance gains, this has required multiple techniques... -
Yuru Shao
Conpot improvementsConpot is a honeypot that handles a number of protocols (including IPMI, SNMP, BACnet, modbus and s7comm), which are usually used in industrial... -
M Bilal Arif
Glutton EnhancementAuthor of glutton have proposed some new functionalities to be added in Glutton, like: Spawn Containers Support of YARA I will make code for those... -
Christian von Pentz
Holmes Framework to Automate Advanced AnalyticsIn this project I will design and develop a semi-generic interface that enables Holmes Processing to manage the execution of advanced statistical and... -
Ricardo van Zutphen
Long term analysisIntegrating the existing Longcuckoo into the latest version of Cuckoo Sandbox so that Cuckoo Sandbox long term analysis will be available to all... -
Ujjwal Verma
Mitmproxy CoreProject type Improve existing tool Project goal Spend the summer working on mitmproxy's core and its addons! Improving mitmproxy. Adding various... -
Matthew Shao
Mitmweb ImproveMitmweb is now shipped with our releases, supporting most of the fundamental features. However, some important features have not been brought to... -
kajoj
Proposal to the Honeynet Project.Hello! Eventually it happened! I am happy to present you my final version of proposal. I have worked on it for last 2 weeks. I did all I could to... -
Nikolaos Filippakis
Protocol and adversary identification in GoWhen a client is connecting to a honeypot server, it is usually not legitimate traffic. However, as malware is always trying to be stealthy, the... -
Ravinder Nehra
SNARE/TANNERSNARE is a web application honeypot sensor attracting all sort of maliciousness from the Internet. The web page is generated by cloning a real web...