Honeypot Python Packages

mockssh

Mock an SSH server and define all commands it supports (Python, Twisted)

wagtail-honeypot

Protect your forms with a honeypot field

pyrdp-mitm

RDP monster-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact

cyanide-honeypot

Cyanide is an advanced open-source honeypot framework for cybersecurity. It emulates SSH/Telnet to lure attackers and analyze their tactics.

decoyshield

Web-layer counter-recon honeypot against agentic LLM attackers - drops invisible-to-human, visible-to-LLM payloads into HTTP responses to halt, stall, or fingerprint AI-driven penetration scans.

django-antispam

Spam protection tools for django applications.

honeypots

30 different honeypots in one package! (dhcp, dns, elastic, ftp, http proxy, https proxy, http, https, imap, ipp, irc, ldap, memcache, mssql, mysql, ntp, oracle, pjl, pop3, postgres, rdp, redis, sip, smb, smtp, snmp, socks5, ssh, telnet, vnc)

heralding

Credentials catching honeypot.

cowrie

Cowrie SSH/Telnet Honeypot.

acrawriter

Database security suite. Database proxy with field-level encryption, search through encrypted data, SQL injections prevention, intrusion detection, honeypots. Supports client-side and proxy-side ("transparent") encryption. SQL, NoSQL.

cyanide-framework

Cyanide is an advanced open-source honeypot framework for cybersecurity. It emulates SSH/Telnet to lure attackers and analyze their tactics.

dolost

Deceptive Operations: Lure, Observe, and Secure Tool

oubliette-shield

AI LLM Firewall -- Runtime defense for LLM applications against prompt injection, jailbreak, and adversarial attacks

httpbl

Python client library for the project-honeypot.org Http:BL API

webeye

Webeye is a Powerful package for making ethical hacking tools easier

fakeshell

Fakeshellは仮想的なシェル環境を提供するパッケージです。

honeymcp

A Deception Security Layer for MCP Servers. It injects "ghost tools" (fake security-sensitive tools) that act as honeypots.

honeycomb-framework

An extensible honeypot framework

agent-trap

Counter-recon honeypot against agentic LLM attackers (PentestGPT/AutoGPT/LangChain). Six deploy modes: Flask drop-in, WSGI/ASGI middleware (Django/FastAPI), callable Python primitives, decoyshield CLI, edge configs (nginx/Caddy/Cloudflare), and Node.js npm package (Express/Fastify). Invisible-to-human, visible-to-LLM bait halts AI scans.

django-amnesia-honeywords

Amnesia honeywords implementation for Django — breach detection without a separate honeychecker.

demonhunter

Distributed Honeypot

buda

Behavioral User-driven Deceptive Activities Framework

patron-it-opencanary

Modular and decentralised honeypot

flask-honeypot

Flask-Honeypot: Advanced Modular Security Honeypot System