HoneyDB API
Access current threat information via the HoneyDB API. The API provides data on active bad hosts, honeypot interaction details, stats, historical data, and various helper endpoints for additional context.
Terms and Conditions
HoneyDB is a community-driven honeypot data aggregation platform. HoneyDB collects and publishes honeypot data via its platform API. Registered HoneyDB users can access the API free of charge for non-commercial uses.
Cases that involve commercialization require a commercial, non-free license. Examples include Managed/Software-as-a-Service services, distributing HoneyDB data as a commercial product, or using/distributing HoneyDB data as a value-added service/product.
For more information about commercial licensing, see our commercial plan offerings - Click here.
HoneyDB makes no guarantees as to the availability of its services (website and APIs). In addition, all information is provided "as is" and HoneyDB disclaims all warranties. All access to the server is logged.
Request Limits
In an effort to provide a stable service, an API request limit needs to be enforced to manage server load. For all non-enterprise and non-commercial users, the request limit is 1500 requests per month. When your account exceeds the request limit, the API will respond with a status code of 429 (Too Many Requests).
If you require more than 1500 requests per month, please see enterprise and commercial plans for more information.
- honeydb-qpm-consumed - The number of queries you have submitted for the month.
- honeydb-qpm-remaining - The number of queries you have remaining for the month.
Documentation
API Clients
Postman hosted API docs
Logstash - 
Splunk - 
ThreatQuotient - Below are some API clients that have been developed by the community to interact with HoneyDB APIs.:
- Mimir - OSINT Threat Intel Interface
- Data Pull Script - Simple bash script to run the more popular curl commands for HoneyDB