Uphill Security

Endless

2026-06-23

Honeypot Data

This is an overview of my small honeypot network. It is still work in progress!

Goals #

personal threat intel feed
gathering threat intel first-hand
sharing information for research and blocklists
fully automated process
multi-service data (varations to avoid detection)

Current State #

6 honeypots all over the world, 10-20 is the goal
multiple hosting providers
SSH-honeypot - connections and credentials
half-automated onboarding with Ansible
manually updated Git-repo with data

Ideas #

HTTP-honeypot like WordPress or common Firewall frontends
TCP-port scan detection
Telnet, FTP, SMB, etc.
sharing data with services like AbuseIPDB
providing data myself

The Data #

Currently, I push the data maybe daily to the Git repo - I want to automate the process at some point.

Link to the Git Repo - git git.uphillsecurity.com

More Posts

We are live again. 2025-11-08