diff --git a/bin/clean.sh b/bin/clean.sh
index 57ac7536..79f663c9 100755
--- a/bin/clean.sh
+++ b/bin/clean.sh
@@ -20,6 +20,8 @@ echo $(ls $myFOLDER | wc -l)
 fuLOGROTATE () {
   local mySTATUS="/opt/tpot/etc/logrotate/status"
   local myCONF="/opt/tpot/etc/logrotate/logrotate.conf"
+  local myADBHONEYTGZ="/data/adbhoney/downloads.tgz"
+  local myADBHONEYDL="/data/adbhoney/downloads/"
   local myCOWRIETTYLOGS="/data/cowrie/log/tty/"
   local myCOWRIETTYTGZ="/data/cowrie/log/ttylogs.tgz"
   local myCOWRIEDL="/data/cowrie/downloads/"
@@ -45,6 +47,7 @@ chmod 644 /data/nginx/cert -R
 logrotate -f -s $mySTATUS $myCONF
 
 # Compressing some folders first and rotate them later
+if [ "$(fuEMPTY $myADBHONEYDL)" != "0" ]; then tar cvfz $myADBHONEYTGZ $myADBHONEYDL; fi
 if [ "$(fuEMPTY $myCOWRIETTYLOGS)" != "0" ]; then tar cvfz $myCOWRIETTYTGZ $myCOWRIETTYLOGS; fi
 if [ "$(fuEMPTY $myCOWRIEDL)" != "0" ]; then tar cvfz $myCOWRIEDLTGZ $myCOWRIEDL; fi
 if [ "$(fuEMPTY $myDIONAEABI)" != "0" ]; then tar cvfz $myDIONAEABITGZ $myDIONAEABI; fi
@@ -54,21 +57,29 @@ if [ "$(fuEMPTY $myHONEYTRAPDL)" != "0" ]; then tar cvfz $myHONEYTRAPDLTGZ $myHO
 if [ "$(fuEMPTY $myTANNERF)" != "0" ]; then tar cvfz $myTANNERFTGZ $myTANNERF; fi
 
 # Ensure correct permissions and ownership for previously created archives
-chmod 760 $myCOWRIETTYTGZ $myCOWRIEDLTGZ $myDIONAEABITGZ $myDIONAEABINTGZ $myHONEYTRAPATTACKSTGZ $myHONEYTRAPDLTGZ $myTANNERFTGZ
-chown tpot:tpot $myCOWRIETTYTGZ $myCOWRIEDLTGZ $myDIONAEABITGZ $myDIONAEABINTGZ $myHONEYTRAPATTACKSTGZ $myHONEYTRAPDLTGZ $myTANNERFTGZ
+chmod 760 $myADBHONEYTGZ $myCOWRIETTYTGZ $myCOWRIEDLTGZ $myDIONAEABITGZ $myDIONAEABINTGZ $myHONEYTRAPATTACKSTGZ $myHONEYTRAPDLTGZ $myTANNERFTGZ
+chown tpot:tpot $myADBHONEYTGZ $myCOWRIETTYTGZ $myCOWRIEDLTGZ $myDIONAEABITGZ $myDIONAEABINTGZ $myHONEYTRAPATTACKSTGZ $myHONEYTRAPDLTGZ $myTANNERFTGZ
 
 # Need to remove subfolders since too many files cause rm to exit with errors
-rm -rf $myCOWRIETTYLOGS $myCOWRIEDL $myDIONAEABI $myDIONAEABIN $myHONEYTRAPATTACKS $myHONEYTRAPDL $myTANNERF
+rm -rf $myADBHONEYDL $myCOWRIETTYLOGS $myCOWRIEDL $myDIONAEABI $myDIONAEABIN $myHONEYTRAPATTACKS $myHONEYTRAPDL $myTANNERF
 
 # Recreate subfolders with correct permissions and ownership
-mkdir -p $myCOWRIETTYLOGS $myCOWRIEDL $myDIONAEABI $myDIONAEABIN $myHONEYTRAPATTACKS $myHONEYTRAPDL $myTANNERF
-chmod 760 $myCOWRIETTYLOGS $myCOWRIEDL $myDIONAEABI $myDIONAEABIN $myHONEYTRAPATTACKS $myHONEYTRAPDL $myTANNERF
-chown tpot:tpot $myCOWRIETTYLOGS $myCOWRIEDL $myDIONAEABI $myDIONAEABIN $myHONEYTRAPATTACKS $myHONEYTRAPDL $myTANNERF
+mkdir -p $myADBHONEYDL $myCOWRIETTYLOGS $myCOWRIEDL $myDIONAEABI $myDIONAEABIN $myHONEYTRAPATTACKS $myHONEYTRAPDL $myTANNERF
+chmod 760 $myADBHONEYDL $myCOWRIETTYLOGS $myCOWRIEDL $myDIONAEABI $myDIONAEABIN $myHONEYTRAPATTACKS $myHONEYTRAPDL $myTANNERF
+chown tpot:tpot $myADBHONEYDL $myCOWRIETTYLOGS $myCOWRIEDL $myDIONAEABI $myDIONAEABIN $myHONEYTRAPATTACKS $myHONEYTRAPDL $myTANNERF
 
 # Run logrotate again to account for previously created archives - DO NOT FORCE HERE!
 logrotate -s $mySTATUS $myCONF
 }
 
+# Let's create a function to clean up and prepare honeytrap data
+fuADBHONEY () {
+  if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/adbhoney/*; fi
+  mkdir -p /data/adbhoney/log/ /data/adbhoney/downloads/
+  chmod 760 /data/adbhoney/ -R
+  chown tpot:tpot /data/adbhoney/ -R
+}
+
 # Let's create a function to clean up and prepare ciscoasa data
 fuCISCOASA () {
   if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/ciscoasa/*; fi
@@ -237,6 +248,7 @@ if [ "$myPERSISTENCE" = "on" ];
     fuLOGROTATE
   else
     echo "Cleaning up and preparing data folders."
+    fuADBHONEY
     fuCISCOASA
     fuCONPOT
     fuCOWRIE
diff --git a/docker/adbhoney/Dockerfile b/docker/adbhoney/Dockerfile
new file mode 100644
index 00000000..500b45fd
--- /dev/null
+++ b/docker/adbhoney/Dockerfile
@@ -0,0 +1,31 @@
+FROM alpine 
+
+# Install packages
+RUN apk -U --no-cache add \
+            git \
+            libcap \
+            python \
+            python-dev && \
+
+# Install adbhoney from git
+    git clone --depth=1 https://github.com/huuck/ADBHoney /opt/adbhoney && \
+    sed -i 's/dst_ip/dest_ip/' /opt/adbhoney/main.py && \
+    sed -i 's/dst_port/dest_port/' /opt/adbhoney/main.py && \
+
+# Setup user, groups and configs
+    addgroup -g 2000 adbhoney && \
+    adduser -S -H -s /bin/ash -u 2000 -D -g 2000 adbhoney && \
+    chown -R adbhoney:adbhoney /opt/adbhoney && \
+    setcap cap_net_bind_service=+ep /usr/bin/python2.7 && \
+
+# Clean up
+    apk del --purge git \
+                    python-dev && \
+    rm -rf /root/* && \
+    rm -rf /var/cache/apk/*
+
+# Set workdir and start adbhoney
+STOPSIGNAL SIGINT
+USER adbhoney:adbhoney
+WORKDIR /opt/adbhoney/
+CMD nohup /usr/bin/python main.py -l log/adbhoney.log -j log/adbhoney.json -d dl/
diff --git a/docker/adbhoney/docker-compose.yml b/docker/adbhoney/docker-compose.yml
new file mode 100644
index 00000000..e38d692a
--- /dev/null
+++ b/docker/adbhoney/docker-compose.yml
@@ -0,0 +1,21 @@
+version: '2.3'
+
+networks:
+  adbhoney_local:
+
+services:
+
+# Adbhoney service
+  adbhoney:
+    build: .
+    container_name: adbhoney
+    restart: always
+    networks:
+     - adbhoney_local
+    ports:
+     - "5555:5555"
+    image: "dtagdevsec/adbhoney:1811"
+    read_only: true
+    volumes:
+     - /data/adbhoney/log:/opt/adbhoney/log
+     - /data/adbhoney/downloads:/opt/adbhoney/dl
diff --git a/docker/elk/logstash/dist/logstash.conf b/docker/elk/logstash/dist/logstash.conf
index a8c9a717..c7b13916 100644
--- a/docker/elk/logstash/dist/logstash.conf
+++ b/docker/elk/logstash/dist/logstash.conf
@@ -15,6 +15,13 @@ input {
     type => "P0f"
   }
 
+# Adbhoney
+  file {
+    path => ["/data/adbhoney/log/adbhoney.json"]
+    codec => json
+    type => "Adbhoney"
+  }
+
 # Ciscoasa
   file {
     path => ["/data/ciscoasa/log/ciscoasa.log"]
@@ -143,6 +150,14 @@ filter {
     }
   }
 
+# Adbhoney
+  if [type] == "Adbhoney" {
+    date {
+      match => [ "timestamp", "ISO8601" ]
+      remove_field => ["unixtime"]
+    }
+  }
+
 # Ciscoasa
   if [type] == "Ciscoasa" {
     kv {
@@ -372,7 +387,7 @@ if "_grokparsefailure" in [tags] { drop {} }
   }
 
 # Add T-Pot hostname and external IP
-  if [type] == "Ciscoasa" or [type] == "ConPot" or [type] == "Cowrie" or [type] == "Dionaea" or [type] == "ElasticPot" or [type] == "Glastopf" or [type] == "Glutton" or [type] == "Honeytrap" or [type] == "Heralding" or [type] == "Mailoney" or [type] == "Medpot" or [type] == "P0f" or [type] == "Rdpy" or [type] == "Suricata" or [type] == "Tanner" {
+  if [type] == "Adbhoney" or [type] == "Ciscoasa" or [type] == "ConPot" or [type] == "Cowrie" or [type] == "Dionaea" or [type] == "ElasticPot" or [type] == "Glastopf" or [type] == "Glutton" or [type] == "Honeytrap" or [type] == "Heralding" or [type] == "Mailoney" or [type] == "Medpot" or [type] == "P0f" or [type] == "Rdpy" or [type] == "Suricata" or [type] == "Tanner" {
     mutate {
       add_field => {
         "t-pot_ip_ext" => "${MY_EXTIP}"
diff --git a/etc/compose/nextgen.yml b/etc/compose/nextgen.yml
index fc7e87c4..370a9a64 100644
--- a/etc/compose/nextgen.yml
+++ b/etc/compose/nextgen.yml
@@ -3,6 +3,7 @@
 version: '2.3'
 
 networks:
+  adbhoney_local:
   conpot_local_IEC104:
   conpot_local_guardian_ast:
   conpot_local_ipmi:
@@ -24,6 +25,20 @@ services:
 #### Honeypots
 ##################
 
+# Adbhoney service
+  adbhoney:
+    container_name: adbhoney
+    restart: always
+    networks:
+     - adbhoney_local
+    ports:
+     - "5555:5555"
+    image: "dtagdevsec/adbhoney:1811"
+    read_only: true
+    volumes:
+     - /data/adbhoney/log:/opt/adbhoney/log
+     - /data/adbhoney/downloads:/opt/adbhoney/dl
+
 # Ciscoasa service
   ciscoasa:
     container_name: ciscoasa
diff --git a/etc/logrotate/logrotate.conf b/etc/logrotate/logrotate.conf
index a09bbcdc..5d2b44c1 100644
--- a/etc/logrotate/logrotate.conf
+++ b/etc/logrotate/logrotate.conf
@@ -1,3 +1,6 @@
+/data/adbhoney/log/*.json
+/data/adbhoney/log/*.log
+/data/adbhoney/downloads.tgz
 /data/ciscoasa/log/ciscoasa.log
 /data/conpot/log/conpot*.json
 /data/conpot/log/conpot*.log
diff --git a/iso/installer/install.sh b/iso/installer/install.sh
index 453f5007..c828c35f 100755
--- a/iso/installer/install.sh
+++ b/iso/installer/install.sh
@@ -694,7 +694,8 @@ myCRONJOBS="
 echo "$myCRONJOBS" 2>&1 | tee -a /etc/crontab | dialog --title "[ Adding cronjobs ]" $myPROGRESSBOXCONF
 
 # Let's create some files and folders
-mkdir -p /data/ciscoasa/log \
+mkdir -p /data/adbhoney/downloads /data/adbhoney/log \
+         /data/ciscoasa/log \
 	 /data/conpot/log \
          /data/cowrie/log/tty/ /data/cowrie/downloads/ /data/cowrie/keys/ /data/cowrie/misc/ \
          /data/dionaea/log /data/dionaea/bistreams /data/dionaea/binaries /data/dionaea/rtp /data/dionaea/roots/ftp /data/dionaea/roots/tftp /data/dionaea/roots/www /data/dionaea/roots/upnp \
diff --git a/update.sh b/update.sh
index a954bd9d..25f90131 100755
--- a/update.sh
+++ b/update.sh
@@ -202,7 +202,8 @@ echo "Port 64295" >> /etc/ssh/sshd_config
 echo
 
 ### Ensure creation of T-Pot related folders, just in case
-mkdir -p /data/ciscoasa/log \
+mkdir -p /data/adbhoney/downloads /data/adbhoney/log \
+         /data/ciscoasa/log \
          /data/conpot/log \
          /data/cowrie/log/tty/ /data/cowrie/downloads/ /data/cowrie/keys/ /data/cowrie/misc/ \
          /data/dionaea/log /data/dionaea/bistreams /data/dionaea/binaries /data/dionaea/rtp /data/dionaea/roots/ftp /data/dionaea/roots/tftp /data/dionaea/roots/www /data/dionaea/roots/upnp \