Elastichoney is a simple Elasticsearch honeypot designed to catch attackers exploiting RCE vulnerabilities in Elasticsearch. Binary distributions for most major systems are provided in the Releases. For usage, run './elastichoney -h'. Check the blog post for more details. To run Elastichoney using Docker and Docker Compose, follow the provided steps. Licensed under the MIT License.
FEATURES
SIMILAR TOOLS
An open-source Python software for creating honeypots and honeynets securely.
Apache 2 based honeypot for detecting and blocking Struts CVE 2017-5638 exploit with added support for content disposition filename parsing vulnerability.
A low-interaction honeypot to detect and analyze attempts to exploit the CVE-2017-10271 vulnerability in Oracle WebLogic Server
A full featured script to visualize statistics from a Shockpot honeypot, based on Kippo-Graph and utilizing various PHP libraries.
A subset of the Modern Honey Network project set up to run in docker, including hpfeeds broker, cowrie honeypot, and dionaea honeypot.
A honeypot tool to detect and log CVE-2019-19781 scan and exploitation attempts.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.