Advanced Honeypot framework.
Type Name Latest commit message Commit time
Failed to load latest commit information.
cmd cmd: remove unused argument May 21, 2018
config config: warn if no logging backend Aug 13, 2018
director Fix WithConfig instances Aug 1, 2018
event add experimental jax3 support Jul 10, 2018
listener Merge branch 'fix-263' of i… Nov 7, 2018
messages add application global messaging bus for comm between components Nov 7, 2018
protocol Initial commit Oct 26, 2017
pushers Merge branch 'fix-withconfig' of… Nov 7, 2018
scripts Enable metalinter and fix most warnings Apr 21, 2018
server fix bug in udp service registration Nov 7, 2018
services telnet-lua: add log_event method Nov 16, 2018
sniffer Initial commit Oct 26, 2017
storage storage: fix multiple namespace issues Jul 15, 2018
utils general: fixed misspell errors Oct 27, 2017
vendor add lua support for telnet Nov 16, 2018
web Fix WithConfig instances Aug 1, 2018
.gitignore Initial commit Oct 26, 2017
.gometalinter.json gometalinter: updated config to reflect the settings in Travis Jul 1, 2018
.travis.yml services/ldap: new server. removed go 1.9 from travis Jul 3, 2018 documentation: added contributing guidelines, based on Minios Oct 27, 2017
Dockerfile use config from other repository, fixes #433 Oct 25, 2018
Gopkg.lock add lua support for telnet Nov 16, 2018
Gopkg.toml bump netstack to latest version Jun 27, 2018
LICENSE Initial commit Oct 26, 2017 add google group to readme Jul 29, 2018 honeytrap: updated docker build Dec 8, 2017
lock.json Initial commit Oct 26, 2017
main.go honeytrap: improved error handling Nov 1, 2017

Honeytrap Gitter Go Report Card Build Status codecov Docker pulls

Honeytrap is an extensible and opensource system for running, monitoring and managing honeypots.


  • Combine multiple services to one honeypot, eg a LAMP server
  • Honeytrap Agent will download the configuration from the Honeytrap Server
  • Use the Honeytrap Agent to redirect traffic out of the network to a seperate network
  • Deploy a large amount agents while having one Honeytrap Server, configuration will be downloaded automatically and logging centralized
  • Payload detection to determine which service should handle the request, one port can handle multiple protocols
  • Monitor lateral movement within your network with the Sensor listener. The sensor will complete the handshake (in case of tcp), and store the payload
  • Create high interaction honeypots using the LXC or remote hosts directors, traffic will be man-in-the-middle proxied, while information will be extracted
  • Extend honeytrap with existing honeypots (like cowrie or glutton), while using the logging and listening framework of Honeytrap
  • Advanced logging system with filtering and logging to Elasticsearch, Kafka, Splunk, Raven, File or Console
  • Services are easily extensible and will extract as much information as possible
  • Low- to high interaction Honeypots, where connections will be upgraded seamless to high interaction

To start using Honeytrap

See our documentation on


Join the honeytrap-users mailing list to discuss all things Honeytrap.


DutchSec’s mission is to safeguard the evolution of technology and therewith humanity. By delivering groundbreaking and solid, yet affordable security solutions we make sure no people, companies or institutes are harmed while using technology. We aim to make cyber security available for everyone.

Our team consists of boundary pushing cyber crime experts, grey hat hackers and developers specialized in big data, machine learning, data- and context driven security. By building open source and custom-made security tooling we protect and defend data, both offensively and proactively.

We work on the front line of security development and explore undiscovered grounds to fulfill our social (and corporate) responsibility. We are driven by the power of shared knowledge and constant learning, and hope to instigate critical thinking in all who use technology in order to increase worldwide safety. We therefore stimulate an open culture, without competition or rivalry, for our own team, as well as our clients.Security is what we do, safety is what you get.

Copyright and license

Code and documentation copyright 2017 DutchSec.

Code released under Affero General Public License.