Express Honeypot Logo

Express Honeypot

0
Free
Updated 11 March 2025
Honeypots
Honeypot
Lfi
Express
Javascript
Web Server
Security Testing
Visit Website

Express honeypot is a honeypot for remote file inclusion (RFI) and local file inclusion (LFI). The aim of this project is to catch bots and malwares that are scanning websites and try to upload remote files. Those RFI / LFI bots use a list of google dorks in order to search the web for vulnerable websites. Express honeypot uses 310 fake URLs based on RFI LFI dorks and serves them dynamically. Every request to any of the honeypot URLs is logged, and the remote file is downloaded and safely stored. This honeypot is written in JavaScript and uses Express as a web server. A light logs viewer page is available at /beekeeper, but it needs to have more commands. Development is still in progress, but the core architecture won't change, so you are safe to start using it. To use, clone the project and install the dependencies: git clone https://github.com/christophe77/express-honeypot cd express-honeypot yarn install Edit /express/config.js file. Port is the port for the web server. BeekeeperCredentials are the username and password to access /beekeeper URL. RemoteFileSave allows you to choose to save the remote file on your local drive, on dpaste, or on both of them. GoogleVerification is th

FEATURES

EXPLORE BY TAGS

Honeypot

Lfi

Express

Javascript

Web Server

Security Testing

SIMILAR TOOLS

Intelligent HoneyNet Dashboard Logo
Intelligent HoneyNet Dashboard

A comprehensive dashboard for managing and monitoring honeypots with detailed information on attack attempts and connections.

Free
Honeypots
takeover Logo
takeover

A tool for testing subdomain takeover possibilities at a mass scale.

Free
Honeypots
brutesubs Logo
brutesubs

An automation framework for subdomain bruteforcing

Free
Honeypots
Telnet IoT Honeypot Logo
Telnet IoT Honeypot

Python telnet honeypot for catching botnet binaries

Free
Honeypots
ssh-auth-logger Logo
ssh-auth-logger

A low-interaction SSH authentication logging honeypot that logs all authentication attempts in JSON format.

Free
Honeypots
Bifrozt-ansible Logo
Bifrozt-ansible

Ansible role for deploying and managing Bifrozt honeypots

Free
Honeypots
JSONBee Logo
JSONBee

A tool to bypass Content Security Policy (CSP) restrictions

Free
Honeypots
django-kippo Logo
django-kippo

Django App for the SSH Honeypot called 'kippo'

Free
Honeypots
BW-Pot Logo
BW-Pot

A highly interactive honeypot for observing access from attackers by building easily targeted and compromised web applications, forwarding logs to Google BigQuery for accumulation and visualization.

Free
Honeypots

PINNED

Mandos Logo

Mandos

Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.

Consulting
Checkmarx SCA Logo

Checkmarx SCA

A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Application Security
Orca Security Logo

Orca Security

A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

Cloud Security
DryRun Logo

DryRun

A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Application Security
CyberSecTools logoCyberSecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Operated by:

Mandos Cyber • KVK: 97994448

Netherlands • contact@mandos.io

Copyright © 2025 - All rights reserved

LINKS
BlogContact
LEGAL
Terms of servicesPrivacy policy