HN Showcase
Back to browse
Knock-Knock v2 – Visualizing bot attacks in multi-protocol Technicolor

Knock-Knock v2 – Visualizing bot attacks in multi-protocol Technicolor

by djkurlander·Apr 26, 2026·3 points·3 comments
Visit ProjectView on HN

AI Analysis

●●SolidEye CandyRabbit Hole

Retro terminal aesthetic displays live bot credentials, but GreyNoise does threat intel better.

Strengths
  • Multi-protocol feed showing actual usernames and passwords from global honeypot sensors.
  • Globe visualization with heat mapping creates genuinely engaging threat intelligence display.
  • Protocol filtering across SSH, RDP, TNET, FTP, SMB, SIP, HTTP, SMTP in one dashboard.
Weaknesses
  • Visualization tool only—doesn't block attacks or integrate with existing security stacks.
  • GreyNoise and Shodan already provide similar honeypot data with more actionable features.
Category
Security
Target Audience

Security researchers, sysadmins, threat intelligence enthusiasts

Similar To

GreyNoise · Shodan · Censys

Similar Projects

Security●●Solid

Laravel middleware that logs attacks-injection, XSS, bots, never blocks

Passive threat detection middleware for Laravel—zero risk since it never blocks, 130+ patterns logged locally.

Solve My ProblemDark Horse
jay123anta
213mo ago
SecurityMid

Endlessh Fisher – Turn SSH tarpit bots into collectible fish

It turns trapped SSH bots into collectible fish with species tied to trap duration, a live aquarium view, achievements, leaderboards and a read-only REST API — a delightful gamification of honeypot telemetry. Nice practical details too: privacy-friendly default hashing, optional on-click IP lookups (Shodan/AbuseIPDB), and a Docker Compose entrypoint that runs migrations and seeds automatically; just remember this is purely a visualization layer — you still need endlessh-go and InfluxDB.

Niche GemRabbit Hole
darkwolfcave
313mo ago