This website uses cookies to improve user experience. By using this website you consent to all cookies in accordance with our terms.



Honerix is a distributed honeypot to detect and monitor web-based attacks. The infrastructure is made of a central server, plus several probe systems. Probes simulate vulnerable web applications to push attackers into exhibiting their malicious behavior; observed attacks are then recorded, together with possible payload resources.

How does it work?

Every Honerix probe system runs several different plugin modules, and each one simulates a specific web application. According to the HTTP request submitted by the attacker, the Honerix probe chooses which plug-it is better suited to serve the request, and uses it to generate a response to be returned to the attacker. Such a specific response could in turn stimulate the attacker into performing additional requests, or drop some malicious resources.