Web Honeypots

Honeypots on the Web!

Below are a series of hotlinks and short descriptions of honeypots for web based applications.

  • https://github.com/mushorg/glastopf – “Glastopf is a Python web application honeypot. Remote File Inclusion via a build-in PHP sandbox, Local File Inclusion providing files from a virtual file system and HTML injection via POST requests.” (M. (2016, October 10). Mushorg/glastopf. Retrieved April 20, 2017, from https://github.com/mushorg/glastopf)
  • https://github.com/gfoss/phpmyadmin_honeypot – “A simple and effective phpmyadmin honeypot .” (G. (2015, July 03). Gfoss/phpmyadmin_honeypot. Retrieved April 20, 2017, from https://github.com/gfoss/phpmyadmin_honeypot)
  • https://github.com/schmalle/Servletpot – “An Web Application Honeypot initially based on the ideas from the Glastopf project.” (S. (2013, May 12). Schmalle/Servletpot. Retrieved April 20, 2017, from https://github.com/schmalle/Servletpot)
  • https://github.com/schmalle/Nodepot – “A nodejs web application honeypot designed to run in small environments such as Raspberry PI / Cubietrack.” (S. (2015, August 24). Schmalle/Nodepot. Retrieved April 20, 2017, from https://github.com/schmalle/Nodepot)
  • https://shadowd.zecure.org/overview/introduction/ – “Shadow Daemon is a collection of tools to detect, record and prevent attacks on web applications.” (Buchwald, H. (n.d.). Introduction. Retrieved April 20, 2017, from https://shadowd.zecure.org/overview/introduction/)
  • http://ghh.sourceforge.net/ – “GHH is a “Google Hack” honeypot. It is designed to provide reconaissance against attackers that use search engines as a hacking tool against your resources.” (McGeehan, R. (n.d.). Retrieved April 20, 2017, from http://ghh.sourceforge.net/ )
  • https://github.com/threatstream/shockpot – “Shockpot is a web app honeypot designed to find attackers attempting to exploit the Bash remote code vulnerability, CVE-2014-6271.” (T. (2015, December 17). Threatstream/shockpot. Retrieved April 20, 2017, from https://github.com/threatstream/shockpot)
  • https://github.com/dmpayton/django-admin-honeypot – “django-admin-honeypot is a fake Django admin login screen to log and notify admins of attempted unauthorized access. ” (D. (2016, August 08). Dmpayton/django-admin-honeypot. Retrieved April 20, 2017, from https://github.com/dmpayton/django-admin-honeypot)

https://github.com/bjeborn/basic-auth-pot-“bap is a webservice honeypot that logs HTTP basic authentication credentials in a “parser friendly format”™.”(B. (2015, January 15). Bjeborn/basic-auth-pot. Retrieved April 21, 2017, from https://github.com/bjeborn/basic-auth-pot)