Honeypot Intelligence & Threat Analysis
Monitoring real-world SSH attacks, capturing malware samples, and documenting threat actor tactics from honeypot deployments.
This site documents findings from SSH honeypots deployed to capture and analyze real-world attack traffic. Using Cowrie and other tools, I monitor attacker behavior, collect malware samples, and track emerging threat campaigns.
All data is sanitized before publishing — IP addresses are partially redacted and sensitive payloads are anonymized. File hashes are shared to aid threat intelligence research.