The HoneyLabs MCP server for querying telemetry just got added to the Awesome MCP Servers repo! https://github.com/punkpeye/awesome-mcp-servers/blob/main/README.md#-security π
| Website | https://honeylabs.net |
HoneyLabs
@honeylabs
- 12 Followers
- 65 Following
- 10 Posts
HoneyLabs runs a fleet of open-source internet-facing honeypot sensors and ships the events into a public, query-ready dataset. Right now we have over 13 million events across SSH, HTTP, TLS, and raw-TCP probes.
hrbrmstr πΊπ¦ π¬π± π¨π¦It's no eqiv of prev built work (yet) but I cobbled together a slice of what @ntkramer & I built into for our dearly departed agent & a new "kevlar-agent" will be updating a weekly "Bulletproof Hosting Watch" post (first one: https://git.sr.ht/~hrbrmstr/gists/tree/main/item/kevlar/2026-06-08) that's made from @honeylabs and @censys data on bulletproof hoster activity and exposed services.
IoCs are published w/each prose π. The one for today is https://git.sr.ht/~hrbrmstr/gists/tree/main/item/kevlar/2026-06-08/iocs
If you're a defender & not poking at HoneyLabs, you're missing out.
Just added HTTP Header search!
Try it yourself: https://honeylabs.net/lookup/185.177.72.30
Read more about it: https://honeylabs.net/blog/what-attackers-hide-in-forwarding-headers
Just added ASN Emissions Index (AEI). A leaderboard that ranks networks by how much probes they send to the Honeylabs honeypots.
https://honeylabs.net/asn-index
#ThreatIntel #IOCs #OSINT #BlueTeam #InfoSec #CyberSecurity #MCP #Golang #Python #Automation
Added Campaigns to HoneyLabs: it ranks client fingerprints by how concentrated they are across networks and ports. First thing it surfaced was an SSH botnet on one Vietnamese ISP, on its own.
https://honeylabs.net/blog/mapping-operations-by-fingerprint-concentration
1,001 IPs, 64 countries, one operation: mapping a botnet by its back end
What scanners are actually trying against AI infrastructure
