LSE toolsLSE toolsDockpot (485)Dockpot (485)

Tool and Usage

Project details
Programming languagePython
AuthorAhmad Aabed
Latest releaseNo release found

Project health

This score is calculated by different factors, like project age, last release date, etc.

Why this tool?

Using an SSH honeypot is a good way to learn about common attacks on the SSH service. It can provide insights on the number of scans and probes on the network.

How it works

Dockpot created a Docker container and uses NAT to send SSH connections to it. When the container is no longer used, it destroys the container. When new traffic is coming in, a fresh container is created. Dockpot uses HonSSH, which is its turn is based on the work of the Kippo honeypot.

Usage and audience

Dockpot is commonly used for learning or threat discovery. Target users for this tool are security professionals and system administrators.

Tool review and remarks

The review and analysis of this project resulted in the following remarks for this security tool:


  • + The source code of this software is available


  • - No releases on GitHub available

Author and Maintainers

Dockpot is under development by Ahmad Aabed.


Supported operating systems

Dockpot is known to work on Linux.


Several dependencies are required to use Dockpot.

  • docker-py
  • MySQL
  • PAM
  • pillow
  • pyasn1
  • pycrypto
  • Twisted

Dockpot alternatives

Similar tools to Dockpot:



Cowrie is a honeypot to emulate SSH and telnet services. It can be used to learn attack methods and as an additional layer for security monitoring.



HonSSH is a high-interaction SSH honeypot to collect information about attackers that target the SSH service.


SSH Honeypot

SSH Honeypot is as the name implies a honeypot to emulate the SSH service. It can be used to learn about threats and commands used by attackers.

All Dockpot alternatives

Found an improvement? Help the community by submitting an update.

Related tool information


This tool is categorized as a honeypot and SSH honeypot.