Date Author Title
2025-03-06Guy BruneauDShield Traffic Analysis using ELK
2025-02-13Guy BruneauDShield SIEM Docker Updates
2025-01-16Jesse La GrewExtracting Practical Observations from Impractical Datasets
2024-12-26Jesse La GrewCapturing Honeypot Data Beyond the Logs
2024-12-09Jesse La GrewCURLing for Crypto on Honeypots
2024-11-06Jesse La Grew[Guest Diary] Insights from August Web Traffic Surge
2024-09-13Jesse La GrewFinding Honeypot Data Clusters Using DBSCAN: Part 2
2024-09-06Jesse La GrewEnrichment Data: Keeping it Fresh
2024-08-16Jesse La Grew[Guest Diary] 7 minutes and 4 steps to a quick win: A write-up on custom tools
2024-07-10Jesse La GrewFinding Honeypot Data Clusters Using DBSCAN: Part 1
2024-04-25Jesse La GrewDoes it matter if iptables isn't running on my honeypot?
2024-03-10Guy BruneauWhat happens when you accidentally leak your AWS API keys? [Guest Diary]
2024-03-07Jesse La Grew[Guest Diary] AWS Deployment Risks - Configuration and Credential File Targeting
2024-03-03Guy BruneauCapturing DShield Packets with a LAN Tap [Guest Diary]
2024-02-25Guy BruneauUtilizing the VirusTotal API to Query Files Uploaded to DShield Honeypot [Guest Diary]
2024-02-18Guy BruneauMirai-Mirai On The Wall... [Guest Diary]
2024-02-03Guy BruneauDShield Sensor Log Collection with Elasticsearch
2024-01-30Johannes UllrichWhat did I say to make you stop talking to me?
2024-01-17Jesse La GrewNumber Usage in Passwords
2023-12-27Guy BruneauUnveiling the Mirai: Insights into Recent DShield Honeypot Activity [Guest Diary]
2023-12-13Guy BruneauT-shooting Terraform for DShield Honeypot in Azure [Guest Diary]
2023-12-10Guy BruneauHoneypots: From the Skeptical Beginner to the Tactical Enthusiast
2023-11-30John BambenekProphetic Post by Intern on CVE-2023-1389 Foreshadows Mirai Botnet Expansion Today
2023-11-27Guy BruneauDecoding the Patterns: Analyzing DShield Honeypot Activity [Guest Diary]
2023-11-20Jesse La GrewOverflowing Web Honeypot Logs
2023-10-15Guy BruneauDomain Name Used as Password Captured by DShield Sensor
2023-09-14Jesse La GrewDShield and qemu Sitting in a Tree: L-O-G-G-I-N-G
2023-09-09Guy Bruneau?Anyone get the ASN of the Truck that Hit Me?!?: Creating a PowerShell Function to Make 3rd Party API Calls for Extending Honeypot Information [Guest Diary]
2023-09-05Jesse La GrewCommon usernames submitted to honeypots
2023-09-02Jesse La GrewWhat is the origin of passwords submitted to honeypots?
2023-08-31Guy BruneauPotential Weaponizing of Honeypot Logs [Guest Diary]
2023-08-12Guy BruneauDShield Sensor Monitoring with a Docker ELK Stack [Guest Diary]
2023-07-23Guy BruneauInstall & Configure Filebeat on Raspberry Pi ARM64 to Parse DShield Sensor Logs
2023-07-13Jesse La GrewDShield Honeypot Maintenance and Data Retention
2023-07-06Jesse La GrewIDS Comparisons with DShield Honeypot Data
2023-06-11Guy BruneauDShield Honeypot Activity for May 2023
2023-05-14Guy BruneauDShield Sensor Update
2023-04-17Jan KoprivaThe strange case of Great honeypot of China
2023-01-31Jesse La GrewDShield Honeypot Setup with pfSense
2022-12-29Jesse La GrewOpening the Door for a Knock: Creating a Custom DShield Listener
2022-12-21Guy BruneauDShield Sensor Setup in Azure
2022-09-12Johannes UllrichVirusTotal Result Comparisons for Honeypot Malware
2022-08-18Johannes UllrichHoneypot Attack Summaries with Python
2022-06-15Johannes UllrichTerraforming Honeypots. Installing DShield Sensors in the Cloud
2022-05-03Johannes UllrichSome Honeypot Updates
2022-03-31Johannes UllrichSpring Vulnerability Update - Exploitation Attempts CVE-2022-22965
2021-01-15Guy BruneauObfuscated DNS Queries
2020-12-04Guy BruneauDetecting Actors Activity with Threat Intel
2020-07-01Jim ClausingSetting up the Dshield honeypot and tcp-honeypot.py
2020-06-28Guy Bruneautcp-honeypot.py Logstash Parser & Dashboard Update
2020-06-25Johannes UllrichTech Tuesday Recap / Recordings: Part 2 (Installing the Honeypot) release.
2020-06-20Tom WebbPi Zero HoneyPot
2020-06-05Remco VerhoefNot so FastCGI!
2020-05-01Jim ClausingAttack traffic on TCP port 9673
2020-01-12Guy BruneauELK Dashboard and Logstash parser for tcp-honeypot Logs
2019-11-03Didier StevensYou Too? "Unusual Activity with Double Base64 Encoding"
2018-11-09Tom WebbPlaying with T-POT
2018-05-27Guy BruneauCapture and Analysis of User Agents
2017-08-03Johannes UllrichUsing a Raspberry Pi honeypot to contribute data to DShield/ISC
2017-07-27Xavier MertensTinyPot, My Small Honeypot
2017-03-12Guy BruneauHoneypot Logs and Tracking a VBE Script
2017-02-21Jim ClausingQuick and dirty generic listener
2016-12-31Xavier MertensOngoing Scans Below the Radar
2016-11-13Guy BruneauBitcoin Miner File Upload via FTP
2016-07-07Johannes UllrichPatchwork: Is it still "Advanced" if all you have to do is Copy/Paste?
2016-06-03Tom ListonMySQL is YourSQL
2016-05-14Guy BruneauINetSim as a Basic Honeypot
2016-04-27Tom WebbKippos Cousin Cowrie
2016-03-15Xavier MertensDockerized DShield SSH Honeypot
2016-03-13Xavier MertensSSH Honeypots (Ab)used as Proxy
2015-04-14Johannes UllrichOdd POST Request To Web Honeypot
2014-07-31Chris MohanA Honeypot for home: Raspberry Pi
2014-06-30Johannes UllrichShould I setup a Honeypot? [SANSFIRE]
2014-05-01Johannes UllrichBusybox Honeypot Fingerprinting and a new DVR scanner
2013-07-25Johannes UllrichA Couple of SSH Brute Force Compromises
2013-07-13Lenny ZeltserDecoy Personas for Safeguarding Online Identity Using Deception
2010-11-05Adrien de BeaupreBot honeypot
2009-10-26Johannes UllrichWeb honeypot Update
2009-09-18Jason LamResults from Webhoneypot project
2009-06-11Jason LamDshield Web Honeypot going beta
2009-03-26Mark HofmanWebhoneypot fun
2009-02-17Jason LamDShield Web Honeypot - Alpha Preview Release
2008-12-01Jason LamCall for volunteers - Web Honeypot Project