Alternatives and similar repositories for honeyports:

Users that are interested in honeyports are comparing it to the libraries listed below

• adhdproject / gcat
  A PoC backdoor that uses Gmail as a C&C server
  ☆14Updated 4 years ago
• activecm / espy
  Endpoint detection for remote hosts for consumption by RITA and Elasticsearch
  ☆70Updated last year
• nidem / forgedpillow
  A tool to modify timestamps in a packet capture to a user selected date
  ☆31Updated 3 years ago
• activecm / sniffer-template
  Template for building a packet sniffer
  ☆14Updated last year
• activecm / devprof
  Device profile: Define acceptable amounts of traffic for your devices and see a report of outliers.
  ☆16Updated 5 years ago
• corelight / Dashboards-Splunk-DNS-Hunting-Beaconing
  DNS Dashboard for hunting and identifying beaconing
  ☆15Updated 4 years ago
• blacklanternsecurity / sigma-rules
  A collection of Sigma rules organized by MITRE ATT&CK technique
  ☆17Updated 3 years ago
• Security-Onion-Solutions / securityonion-soc
  ☆53Updated last week
• sans-blue-team / sec555-mdwiki-v1
  ☆11Updated 4 years ago
• w8mej / ThreatPlays
  Sharing Threat Hunting runbooks
  ☆25Updated 5 years ago
• Cyb3rWard0g / docker-caldera
  Docker Container to deploy Mitre Caldera Automated Adversary Emulation System
  ☆26Updated 4 years ago
• mitre / training
  A CALDERA plugin
  ☆26Updated 8 months ago
• magicsword-io / LOLBASline
  Baseline a Windows System against LOLBAS
  ☆26Updated 11 months ago
• atc-project / atc-data
  Actionable data for Security Operations
  ☆18Updated 3 years ago
• Resistor52 / terraform-cloud-workstation
  Use Terraform to Provision Your Own Cloud-Based Remote Browsing Workstation
  ☆25Updated 11 months ago
• pan-unit42 / wireshark-tutorial-Dridex-traffic
  pcaps for Wireshark tutorial about examining Dridex infection traffic
  ☆17Updated 4 years ago
• Velocidex / cloudvelo
  An experimental Velociraptor implementation using cloud infrastructure
  ☆25Updated last week
• activecm / threat-hunting-labs
  Collection of walkthroughs on various threat hunting techniques
  ☆75Updated 4 years ago
• intelligence-driven-incident-response / intelligence-product-templates
  Chapter 9: Disseminate
  ☆14Updated 7 years ago
• JPMinty / Detection_Engineering_Signatures
  YARA, SIGMA, SNORT Rules based on Malware Analysis
  ☆16Updated last week
• Shuffle / workflows
  Workflows for Shuffle
  ☆21Updated 2 years ago
• newcontext-oss / opencti-terraform
  Terraform scripts for deploying OpenCTI to AWS, Azure, and GCP
  ☆31Updated last year
• Shuffle / shuffle-docs
  Documentation used for Shuffle
  ☆19Updated 2 weeks ago
• clairmont32 / VirusTotal-Tools
  Submits multiple domains to VirusTotal API
  ☆60Updated 3 years ago
• sansinstitute / slingshot
  SANS Slingshot Linux Distribution
  ☆50Updated 4 years ago
• mitre / human
  Caldera plugin to deploy "humans" to emulate user behavior on systems
  ☆27Updated 11 months ago
• mayhemiclabs / weblabyrinth
  A system that creates a bogus web structure to entrap and delay web scanners
  ☆59Updated 3 years ago
• corelight / raspi-corelight
  Corelight@Home script
  ☆41Updated last year
• cdefid / TheHiveIRPlaybook
  TheHiveIRPlaybook is a collection of TheHive case templates used for Incident Response
  ☆13Updated 4 years ago
• thremulation-station / thremulation-station
  Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.
  ☆38Updated last year