The Honeynet Project - R&D for Honeypot/Honeynet Technology and InfoSec Research

Founded in 1999, The Honeynet Project is an international, non-profit (501c3) research organization dedicated to improving the security of the Internet at no cost to the public.

Our achievements are based on the principles of open source and volunteer efforts, with all software or papers created being licensed as open source and made freely available to the community.

We help coordinate the development, deployment, advancement and research findings of honeypot and anti-malware related technologies. With over 45 international chapters, 250 members and over 30 open source research projects around around the world, we are a mature, highly diverse and international organization.

Simply put, our goal is to make a difference. We accomplish this via:

Awareness - We raise awareness of the threats and vulnerabilities that exist in the Internet today. Many individuals & organizations do not realize they are a target, nor understand who is attacking them, how, or why. We provide this information, so people can better understand that they are a target, and understand the basic measures they can take to mitigate these threats. This is provided through our Know Your Enemy series of papers.

Tools - For organizations interested in continuing their own research about cyber threats, we provide the tools and techniques we have developed. All tools are specifically licensed open source. Organizations all over the world use our tools.

Information - In addition to raising awareness, we provide details to better secure assets. Historically, information about attackers has been limited to the tools they use. We provide critical additional information, such as their motives in attacking, how they communicate, when they attack systems and their actions after compromising a system. We provide this service through our Know Your Enemy whitepapers and our periodic Scan of the Month challenges.

The Honeynet Project uses GSoC as a incubator for new R&D projects, and to recruit active new members.

lightbulb_outline View ideas list


  • python
  • golang
  • honeypot
  • machine learning
  • networking


  • Security
  • honeynets
  • honeypots
  • deception
  • research
  • malware
comment IRC Channel
mail_outline Contact email

The Honeynet Project 2020 Projects

  • Armin Huremagic
    Analytical malware classification
    The Cuckoo sandbox is currently undergoing a complete redesign and the goal of the project is to build a proof of concept module that uses an...
  • Shreya Malviya
    Enhance detection capabilities: Improve the MITRE ATT&CK coverage in Monkey by adding post-breach actions
    As of now, Monkey covers 24 attack techniques from the MITRE ATT&CK matrix. This project aims at increasing the number of techniques by adding 11 new...
  • Yannan
    Expanding Clang-Tidy to include AUTOSAR compliance
    Clang-tidy is one of the best linters for C++. It currently provides static analysis for several groups of checks, including Google and Android...
  • Irini Lygerou
    HosTaGe: a mobile honeypot
    Adding new features including New Protocols Simulation and Systems Simulation. Also support for hpfeeds integration and use on Unrooted devices....
  • mzfr
    Improve cloning & serving functionality for Snare
    In this project, my focus will be on improving the snare's ability to clone and serve the pages. Also, I will add support for serving pages with TLS....
  • Martin Plattner
    Improving the usability of mitmproxy with new features
    I propose three independent projects that improve the usability of mitmproxy for new and existing users. The first project aims to improve the...
  • Arnab Dutta
    libmicrovmi – full bindings to Xen and KVM
    Today the VMI ecosystem is made of a multitude of applications, targeting one hypervisor or emulator, with their own semantic library, which makes...
  • felix b
    LibVMI as a Unikraft Application
    Virtual Machine Introspection applications often execute on the same privilege level as the hypervisor, which can have disastrous security...
  • Eshaan Bansal
    New Web Interface for IntelOwl & Adding New Analyzers
    Intel Owl is an Open Source Intelligence, or OSINT solution to get threat intelligence data about a specific file, an IP or a domain from a single...
  • Christopher Pelloux
    Svmidbg: developing a Stealthy Hypervisor based VM Introspection Debugger
    Svmidbg will be a debugger using virtual machine introspection (VMI) that tries to be stealthy by leveraging hypervisor technologies to create...
  • Aman Ahuja
    Tenjint Orchestration framework
    Tenjint is a framework for VM Introspection developed in Python. The project aims at providing user with a Web API for the submission of samples to...