Python low-interaction honeyclient
Latest commit cff4114 Oct 18, 2018



version badge travis badge Code Health codefactor badge codecov badge

The number of client-side attacks has grown significantly in the past few years shifting focus on poorly protected vulnerable clients. Just as the most known honeypot technologies enable research into server-side attacks, honeyclients allow the study of client-side attacks.

A complement to honeypots, a honeyclient is a tool designed to mimic the behavior of a user-driven network client application, such as a web browser, and be exploited by an attacker's content.

Thug is a Python low-interaction honeyclient aimed at mimicing the behavior of a web browser in order to detect and emulate malicious contents.


docs badge

Documentation about Thug installation and usage can be found at


Thug is open source and we welcome contributions in all forms. If you would like to work on a large contribution please discuss the same with the maintainers of the project.

Thug is free to use for any purpose (even commercial ones). If you use and appreciate Thug, consider supporting the project with a donation using Paypal (details at


To run the full test suite using tox, type this command:


Since tox builds and installs the dependencies from scratch, we recommend using pytest for faster testing:

pytest --cov thug

To test individual test files or folders:

cd tests/Java
pytest --cov thug.Java.lang


Thanks to JetBrains for free PyCharm licenses!

License information

Copyright (C) 2011-2018 Angelo Dell'Aera <>

License: GNU General Public License, version 2