A honeypot trap involves creating a form with an extra field that is hidden to human visitors but readable by robots. The robot fills out the invisible field and submits the form, leaving you to simply ignore their spammy submission or blacklist their IP. It’s a very simple concept that can be implemented in a few minutes and it just works – add them to your contact and submission forms to help reduce spam. Prerequisites: This version of the bundle requires Symfony 2.1+ Installation: Step 1: Download EoHoneypotBundle using Composer Add EoHoneypotBundle to your project by running the command: $ composer require eo/honeypot-bundle Composer will install the bundle to your project's vendor/eo directory. Step 2: Enable the bundle If you use Symfony Flex - skip this step. Otherwise, enable the bundle in bundles.php: <?php // config/bundles.php <?php return [ // ... Eo\HoneypotBundle\EoHoneypotBundle::class => ['all' => true], ]; Step 3 (optional): Configure bundle to use database To save honeypot catched requests into the database, you have to enable it in your configuration file: All parameters are optional # config/packages/eo
FEATURES
ALTERNATIVES
EvoMaster is an open-source tool that automatically generates system-level test cases for web APIs using AI-driven techniques.
Aqua Security is a CNAPP that provides comprehensive security for cloud native applications across their entire lifecycle, from development to production, in various cloud and container environments.
ffufai is an AI-enhanced wrapper for ffuf that automatically suggests file extensions for web fuzzing based on the target URL and headers.
DerScanner is a comprehensive application security testing platform that combines SAST, DAST, MAST, SCA, and Binary Analysis capabilities with support for on-premises deployment and CI/CD integration.
An API security solution that provides continuous discovery, classification, and protection of APIs across environments while integrating with existing security infrastructure to prevent attacks and business logic abuse.
Detect trojan source attacks that employ unicode bidi attacks to inject malicious code.
Automatically redirect users from www to non-www for a secure connection.
PINNED

Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.

PTJunior
An AI-powered penetration testing platform that autonomously discovers, exploits, and documents vulnerabilities while generating NIST-compliant reports.

CTIChef.com Detection Feeds
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.

ImmuniWeb® Discovery
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.