Express Honeypot

Free

Honeypots

Visit WebsiteVisit Website

Express honeypot is a honeypot for remote file inclusion (RFI) and local file inclusion (LFI). The aim of this project is to catch bots and malwares that are scanning websites and try to upload remote files. Those RFI / LFI bots use a list of google dorks in order to search the web for vulnerable websites. Express honeypot uses 310 fake URLs based on RFI LFI dorks and serves them dynamically. Every request to any of the honeypot URLs is logged, and the remote file is downloaded and safely stored. This honeypot is written in JavaScript and uses Express as a web server. A light logs viewer page is available at /beekeeper, but it needs to have more commands. Development is still in progress, but the core architecture won't change, so you are safe to start using it. To use, clone the project and install the dependencies: git clone https://github.com/christophe77/express-honeypot cd express-honeypot yarn install Edit /express/config.js file. Port is the port for the web server. BeekeeperCredentials are the username and password to access /beekeeper URL. RemoteFileSave allows you to choose to save the remote file on your local drive, on dpaste, or on both of them. GoogleVerification is th

FEATURES

The author has not provided features for this tool yet. If you are the author, please sign in or claim the tool to add features by clicking the icon above.

ALTERNATIVES

Bifrozt

High interaction honeypot solution for Linux systems with data control and integrity features.

Free

Honeypots

Tracebit

A security platform that automates the deployment and management of security canaries across cloud infrastructure to detect potential intrusions and unauthorized access.

Commercial

Honeypots

Galah

Galah is an LLM-powered web honeypot that mimics various web applications by dynamically responding to HTTP requests.

Free

Honeypots

modpot

A modular web application honeypot framework with automation and logging capabilities.

Free

Honeypots

honeydet

A signature-based, multi-step, high interaction honeypot detection tool with support for various detection methods and protocols.

Free

Honeypots

oxml_xxe

A tool for embedding XXE/XML exploits into different filetypes

Free

Honeypots

Blacknet

Blacknet is a low interaction SSH multi-head honeypot system with logging capabilities.

Free

Honeypots

T-Pot 17.10

Multi-honeypot platform with various honeypots and monitoring tools.

Free

Honeypots

PINNED

InfoSecHired

An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.

Commercial

Resources

Mandos Brief Newsletter

A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.

Free

Resources

System Two Security

An AI-powered platform that automates threat hunting and analysis by processing cyber threat intelligence and generating customized hunt packages for SOC teams.

Commercial

Security Operations

Aikido Security

Aikido is an all-in-one security platform that combines multiple security scanning and management functions for cloud-native applications and infrastructure.

Commercial

Application Security

Permiso

Permiso is an Identity Threat Detection and Response platform that provides comprehensive visibility and protection for identities across multiple cloud environments.

Commercial

IAM

Wiz

Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.

Commercial

Cloud Security

Adversa AI

Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.

Commercial

AI Security