DDoSPot is a honeypot platform specifically designed to track and monitor UDP-based Distributed Denial of Service (DDoS) attacks. The platform operates through a plugin-based architecture that supports various honeypot services and servers. Each plugin maintains its own dedicated database and log file for data collection and analysis. Key features include: - UDP-based DDoS attack monitoring and tracking - Plugin system for different honeypot services - Individual database management per plugin - Comprehensive logging capabilities - Daily blacklist generation of potential attackers and scanners - Centralized platform for managing multiple honeypot instances The tool enables security professionals to observe DDoS attack patterns, identify malicious IP addresses, and generate threat intelligence through automated blacklist creation. The modular design allows for customization and expansion of monitoring capabilities based on specific network security requirements.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A web-based visualization tool that displays statistics and generates charts from Shockpot honeypot data stored in PostgreSQL databases.
An Apache 2 based honeypot with detection capabilities specifically designed to identify and analyze Struts CVE-2017-5638 exploitation attempts.
A serverless application that creates and monitors fake HTTP endpoints as honeytokens to detect attackers, malicious insiders, and automated threats.
A low interaction honeypot to detect CVE-2018-2636 in Oracle Hospitality Applications.
A low interaction client honeypot that detects malicious websites using signature, anomaly and pattern matching techniques with automated URL collection and JavaScript analysis capabilities.
A low-interaction SSH authentication logging honeypot that logs all authentication attempts in JSON format.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.