HoneyDB API


Access current threat information via the HoneyDB API. The API provides data on active bad hosts, honeypot interaction details, stats, historical data, and various helper endpoints for additional context.

Terms and Conditions

HoneyDB is a community-driven honeypot data aggregation platform. HoneyDB collects and publishes honeypot data via its platform API. Registered HoneyDB users can access the API free of charge for non-commercial uses.

Cases that involve commercialization require a commercial, non-free license. Examples include Managed/Software-as-a-Service services, distributing HoneyDB data as a commercial product, or using/distributing HoneyDB data as a value-added service/product.

For more information about commercial licensing, see our commercial plan offerings - Click here.

HoneyDB makes no guarantees as to the availability of its services (website and APIs). In addition, all information is provided "as is" and HoneyDB disclaims all warranties. All access to the server is logged.

Request Limits

In an effort to provide a stable service, an API request limit needs to be enforced to manage server load. For all non-enterprise and non-commercial users, the request limit is 1500 requests per month. When your account exceeds the request limit, the API will respond with a status code of 429 (Too Many Requests).

If you require more than 1500 requests per month, please see enterprise and commercial plans for more information.

API query responses include two headers to provide usage status:
  • honeydb-qpm-consumed - The number of queries you have submitted for the month.
  • honeydb-qpm-remaining - The number of queries you have remaining for the month.

API Clients

Postman - Documentation and import API spec:



HoneyDB API Python library and CLI tool:



SIEM / Threat Intel Platforms for HoneyDB:

Logstash Logo Logstash - GEM Package (Github)

Splunk Logo Splunk - Splunk App (Github)

ThreatQ Logo ThreatQuotient - HoneyDB CDF


Below are some API clients that have been developed by the community to interact with HoneyDB APIs.:

  • Mimir - OSINT Threat Intel Interface
  • Data Pull Script - Simple bash script to run the more popular curl commands for HoneyDB



API ID Key

API Secret Key