Honeypots are a proactive mechanism to lure attackers into a pretentious setup. Until recently, honeypots have been applauded for discovering new attacks, attacker behavior patterns, and other findings related to the defensive mechanism. However, the presented work discussed how attackers could turn the honeypot mechanism into an offensive tool. The results are gathered from Cowrie – an open-source honeypot setup. The script is written to read commands executed by attackers from the Cowrie play log. In addition, the attack analysis documented attempts made by attackers to use honeypot resources for crypto mining. Along with exposing crypto-mining attempts made by attackers, the authors further analysed the log with custom written malware parser and IP address parser. The malware parser analysed details from all the files generated by the malware scanner. In addition, the IP parser did IP backtracing by analysing IPs in harmless, suspicious, and malicious categories