The number of client-side attacks has grown significantly in the past few years shifting focus on poorly protected vulnerable clients. Just as the most known honeypot technologies enable research into server-side attacks, honeyclients allow the study of client-side attacks.
A complement to honeypots, a honeyclient is a tool designed to mimic the behavior of a user-driven network client application, such as a web browser, and be exploited by an attacker's content.
Thug is a Python low-interaction honeyclient aimed at mimicking the behavior of a web browser in order to detect and emulate malicious contents.
Documentation about Thug installation and usage can be found at http://thug-honeyclient.readthedocs.io/.
Thug is open source and we welcome contributions in all forms!
Thug is free to use for any purpose (even commercial ones). If you use and appreciate Thug, please consider supporting the project with a donation using Paypal.
To run the full test suite using tox, run the command:
toxSince tox builds and installs dependencies from scratch, using pytest for faster testing is recommended:
pytest --cov thugCopyright (C) 2011-2025 Angelo Dell'Aera <angelo.dellaera@honeynet.org>
License: GNU General Public License, version 2
![@dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=64&v=4){kind=small}
