Express Honeypot Logo

Express Honeypot

0
Free
Updated 11 March 2025
Honeypots
Honeypot
Lfi
Express
Javascript
Web Server
Security Testing
Visit Website

Express honeypot is a honeypot for remote file inclusion (RFI) and local file inclusion (LFI). The aim of this project is to catch bots and malwares that are scanning websites and try to upload remote files. Those RFI / LFI bots use a list of google dorks in order to search the web for vulnerable websites. Express honeypot uses 310 fake URLs based on RFI LFI dorks and serves them dynamically. Every request to any of the honeypot URLs is logged, and the remote file is downloaded and safely stored. This honeypot is written in JavaScript and uses Express as a web server. A light logs viewer page is available at /beekeeper, but it needs to have more commands. Development is still in progress, but the core architecture won't change, so you are safe to start using it. To use, clone the project and install the dependencies: git clone https://github.com/christophe77/express-honeypot cd express-honeypot yarn install Edit /express/config.js file. Port is the port for the web server. BeekeeperCredentials are the username and password to access /beekeeper URL. RemoteFileSave allows you to choose to save the remote file on your local drive, on dpaste, or on both of them. GoogleVerification is th

FEATURES

EXPLORE BY TAGS

Honeypot

Lfi

Express

Javascript

Web Server

Security Testing

SIMILAR TOOLS

IMAP-Honey Logo
IMAP-Honey

IMAP-Honey is a honeypot tool for IMAP and SMTP protocols with support for logging to console or syslog.

Free
Honeypots
honeydet Logo
honeydet

A signature-based, multi-step, high interaction honeypot detection tool with support for various detection methods and protocols.

Free
Honeypots
Elastichoney Logo
Elastichoney

A simple Elasticsearch honeypot to catch attackers exploiting RCE vulnerabilities.

Free
Honeypots
hived Logo
hived

Hived is a honeypot tool for deceiving attackers and gathering information.

Free
Honeypots
Shockpot-Frontend Logo
Shockpot-Frontend

A full featured script to visualize statistics from a Shockpot honeypot, based on Kippo-Graph and utilizing various PHP libraries.

Free
Honeypots
Dionaea Honeypot on EC2 in 20 minutes Logo
Dionaea Honeypot on EC2 in 20 minutes

A tutorial on setting up Dionaea on an EC2 instance in 20 minutes

Free
Honeypots
SMTP Honeypot Logo
SMTP Honeypot

SMTP honeypot tool with configurable response messages, email storage, and automatic information extraction.

Free
Honeypots
SNARE Logo
SNARE

A web application honeypot sensor attracting malicious traffic from the Internet

Free
Honeypots
Glastopf Analytics Logo
Glastopf Analytics

A Python web application honeypot that provides simple statistics for the Glastopf.

Free
Honeypots

PINNED

Mandos Logo

Mandos

Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.

Consulting
Checkmarx SCA Logo

Checkmarx SCA

A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Application Security
Orca Security Logo

Orca Security

A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

Cloud Security
DryRun Logo

DryRun

A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Application Security
CyberSecTools logoCyberSecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Operated by:

Mandos Cyber • KVK: 97994448

Netherlands • contact@mandos.io

VAT: NL005301434B12

Copyright © 2025 - All rights reserved

LINKS
BlogContact
LEGAL
Terms of servicesPrivacy policy