HosTaGe - Low Interaction Mobile Honeypot

HosTaGe is a lightweight, low-interaction, portable, and generic honeypot for mobile devices that aims on the detection of malicious, wireless network environments. As most malware propagate over the network via specific protocols, a low-interaction honeypot located at a mobile device can check wireless networks for actively propagating malware. We envision such honeypots running on all kinds of mobile devices, e.g., smartphones and tablets, to provide a quick assessment on the potential security state of a network.

HosTaGe emulates the following protocols as of the latest version: AMQP, COAP, ECHO, FTP, HTTP, HTTPS, MySQL, MQTT, MODBUS, S7COMM, SNMP, SIP, SMB, SSH, SMTP and TELNET

Download from Play Store!

The stable release of HosTaGe can be installed from Google Play Store. Play Store Link or, Scan the QR code below from your Android device.


The research behind HosTaGe has been published and presented in a number of scientific and industrial conferences. Below you can find some selected papers:

[1] Emmanouil Vasilomanolakis, Shankar Karuppayah, Mathias Fischer, Mihai Plasoianu, Wulf Pfeiffer, Lars Pandikow, Max Mühlhäuser: This Network is Infected: HosTaGe – a Low-Interaction Honeypot for Mobile Devices. [email protected] 2013:43-48

[2] Emmanouil Vasilomanolakis, Shankar Karuppayah, Mathias Fischer, Max Mühlhäuser: HosTaGe: a Mobile Honeypot for Collaborative Defense. ACM SIN 2014:330-333

[3] Emmanouil Vasilomanolakis, Shreyas Srinivasa, Max Mühlhäuser: Did you really hack a nuclear power plant? An industrial control mobile honeypot. IEEE CNS 2015:729-730

[4] Emmanouil Vasilomanolakis, Shreyas Srinivasa, Carlos Garcia Cordero, Max Mühlhäuser: Multi-stage Attack Detection and Signature Generation with ICS Honeypots. IEEE/IFIP [email protected] 2016:1227-1232

Download APK

HosTaGe-v2.2.11.apk Release-Notes(latest)

HosTaGe-v2.1.1.apk Release-Notes

HosTaGe-v2.0.0.apk Release-Notes


The Wiki provides information on getting started and using the app. Wiki for HosTaGe can be found here: Wiki.


Original Authors

Emmanouil Vasilomanolakis - idea, guidance and suggestions during development


Shreyas Srinivasa, lead developer, Aalborg University and Technische Universität Darmstadt (Github - @sastry17)

Eirini Lygerou, GSoC 2020 Developer (Github - @irinil)

Mihai Plasoianu, student developer, Technische Universität Darmstadt

Wulf Pfeiffer, student developer, Technische Universität Darmstadt

Lars Pandikow, student developer, Technische Universität Darmstadt


Shankar Karuppayah, mentoring, developer, Technische Universität Darmstadt

Mathias Fischer, mentoring, Universität Hamburg

Max M체hlh채user, mentoring, Technische Universität Darmstadt

Carlos Garcia Cordero, mentoring, Technische Universität Darmstadt

Features of HoneyRJ were inspiration for this project. http://www.cse.wustl.edu/~jain/cse571-09/ftp/honey/manual.html\

Encryption for the SSH protocol were taken from Ganymed SSH-2 and slightly modified. http://code.google.com/p/ganymed-ssh-2/

GSoC 2020

The project was actively developed with participation in Google Summer of Code 2020. More information about GSoC2020 is here


To access the hpfeeds from hostage please send an access request to [email protected] with your name and organization. Please note that access to the hpfeeds repository is provided only after an internal review.


Please use the Github issues to report any issues or for questions. Slack channel; Email

Disqus Comments