The Honeynet Project
The Honeynet Project - R&D for Honeypot/Honeynet Technology and InfoSec Research
Founded in 1999, The Honeynet Project is an international, non-profit (501c3) research organization dedicated to improving the security of the Internet at no cost to the public.
Our achievements are based on the principles of open source and volunteer efforts, with all software or papers created being licensed as open source and made freely available to the community.
We help coordinate the development, deployment, advancement and analyze the findings of honeypot and anti-malware related technologies. With over 45 international chapters, 350 members and 30 open source research projects around around the world, we are a mature, highly diverse and international organization.
Simply put, our goal is to make a difference. We accomplish this via:
Awareness - We raise awareness of the threats and vulnerabilities that exist in the Internet today. Many individuals & organizations do not realize they are a target, nor understand who is attacking them, how, or why. We provide this information, so people can better understand that they are a target, and understand the basic measures they can take to mitigate these threats. This is provided through our Know Your Enemy series of papers.
Tools - For organizations interested in continuing their own research about cyber threats, we provide the tools and techniques we have developed. All tools are specifically licensed open source. Organizations all over the world use our tools.
Information - In addition to raising awareness, we provide details to better secure assets. Historically, information about attackers has been limited to the tools they use. We provide critical additional intelligence, such as their motives in attacking, how they communicate, when they attack systems and their actions after compromising a system. We provide this service through our Know Your Enemy whitepapers and our periodic Scan of the Month challenges.
The Honeynet Project uses GSoC as a incubator for new R&D projects, and to recruit active new members.
The Honeynet Project 2019 Projects
Adding (Updating) macOS support to Cuckoo SandBoxCuckoo Sandbox is a malware analysis platform which performs basic static file analysis to in-depth dynamic analysis of binaries. Even though macOS...
Adding Privilege escalation functionality to the monkeyNew non-destructive privilege escalation exploits likerunc container escape (CVE-2019-5736) and Dirty sock (CVE-2019-7304) and Dirty cow ...
Heralding: RDP and VNC implementationHeralding is essentially a credentials Honeypot. It can log credentials(username & password) for many protocols, but some protocols do not transmit...
Implementing behavioral analysis for AndroidBeing an open-source operating system, Android is more vulnerable to attacks. This project is about adding support for automated malware analysis of...
Injecting function-calls to Linux through a hypervisorThis project is of type Improving an existing tool that includes cleaning up the existing codebase and adding the process injection support for Linux.
Operating System Fuzzing With a Hypervisor: OSFuzzFuzzing has been a very useful technique to find bugs and vulnerabilities. Fuzzing operating systems however has been problematic when the operating...
Operating-system fuzzing with a hypervisorThis project deals with extending DRAKVUF for fuzzing the operating system using hypervisor and libinjector in DRAKVUF. libinjector will be used to...
SNARE/TANNER: ImprovementsThe aim is of the project is to improve SNARE/TANNER over the summer. The major goals of the project are - Implement new emulators to support...
SSH Proxy for CowrieThis project’s objective is to add an SSH proxy for the Cowrie (https://www.cowrie.org/) honeypot. Currently, Cowrie emulates an SSH server using...