Cyber-threats has grown fast during the last decades. The heterogeneity of protocols, the increasing number of devices continuously connected to the Internet and the presence of unknown vulnerabilities hidden in systems are just some of the aspects that make the attackable surface wider. Cyber-defensive strategies are able to react to an amount of threats, but they often need knowledge about attackers nature to be designed properly. For this reason, collecting information about malicious users intentions has become one major activity in the cyber-security field. In this thesis, we focused on one of the possible mechanisms able to collect insights about attacker patterns and behaviour: the honeypot.