Elastichoney is a simple Elasticsearch honeypot designed to catch attackers exploiting RCE vulnerabilities in Elasticsearch. Binary distributions for most major systems are provided in the Releases. For usage, run './elastichoney -h'. Check the blog post for more details. To run Elastichoney using Docker and Docker Compose, follow the provided steps. Licensed under the MIT License.
FEATURES
SIMILAR TOOLS
An Apache 2 based honeypot with detection capabilities specifically designed to identify and analyze Struts CVE-2017-5638 exploitation attempts.
A plugin repository that extends the Honeycomb honeypot framework with additional features and capabilities for enhanced threat detection and analysis.
A combination of honeypot, monitoring tool, and alerting system for detecting insecure configurations.
A low interaction honeypot to detect CVE-2018-2636 in Oracle Hospitality Applications.
A honeypot tool to detect and log CVE-2019-19781 scan and exploitation attempts.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.