Glastopf Logo

Glastopf

0
Free
Updated 11 March 2025
Honeypots
Honeypot
Web Application Security
Php
File Inclusion
Visit Website

Glastopf is a Python web application honeypot founded by Lukas Rist. General approach: Vulnerability type emulation instead of vulnerability emulation. Once a vulnerability type is emulated, Glastopf can handle unknown attacks of the same type. While implementation may be slower and more complicated, we remain ahead of the attackers until they come up with a new method or discover a new flaw in our implementation. Modular design to add new logging capabilities or attack type handlers. Various database capabilities are already in place. HPFeeds logging is supported for centralized data collection. Popular attack type emulation is already in place: Remote File Inclusion via a build-in PHP sandbox, Local File Inclusion providing files from a virtual file system and HTML injection via POST requests. Adversaries usually use search engines and special crafted search requests to find their victims. In order to attract them, Glastopf provides those keywords (AKA 'dork') and additionally extracts them from requests, extending its attack surface automatically. As a result, the honeypot gets more and more

FEATURES

EXPLORE BY TAGS

Honeypot

Web Application Security

Php

File Inclusion

SIMILAR TOOLS

Ground Control Logo
Ground Control

A collection of scripts for debugging SSRF, blind XSS, and XXE vulnerabilities

Free
Honeypots
OWA Honeypot Logo
OWA Honeypot

A basic Flask-based Outlook Web App (OWA) honeypot for cybersecurity experimentation.

Free
Honeypots
VerySimpleHoneypot Logo
VerySimpleHoneypot

Honeypot for analyzing data with customizable services and logging capabilities.

Free
Honeypots
Gopherus Logo
Gopherus

A tool for exploiting SSRF and gaining RCE in various servers

Free
Honeypots
Troje Logo
Troje

Troje is a honeypot that creates a realistic environment within lxc containers to monitor and record traffic and changes to drives.

Free
Honeypots
HoneyUp Logo
HoneyUp

Uploader honeypot designed to look like poor website security.

Free
Honeypots
assetfinder Logo
assetfinder

Find domains and subdomains related to a given domain

Free
Honeypots
AMT Honeypot Logo
AMT Honeypot

A honeypot for Intel's AMT Firmware Vulnerability CVE-2017-5689

Free
Honeypots
SCADA HoneyNet Project Logo
SCADA HoneyNet Project

Building Honeypots for Industrial Networks using Honeyd and simulating SCADA, DCS, and PLC architectures.

Free
Honeypots

PINNED

Mandos Logo

Mandos

Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.

Consulting
Checkmarx SCA Logo

Checkmarx SCA

A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Application Security
Orca Security Logo

Orca Security

A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

Cloud Security
DryRun Logo

DryRun

A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Application Security
CyberSecTools logoCyberSecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Operated by:

Mandos Cyber • KVK: 97994448

Netherlands • contact@mandos.io

Copyright © 2025 - All rights reserved

LINKS
BlogContact
LEGAL
Terms of servicesPrivacy policy