Manuka by SpaceRaccoon
Manuka is an open-source intelligence (OSINT) honeypot designed to monitor reconnaissance attempts by threat actors during the early stages of the cyber kill chain. The tool creates a simulated environment consisting of staged OSINT sources, including social media profiles and leaked credentials, to attract and track adversary interest. It focuses specifically on detecting threats at Stage 1 (Reconnaissance) of the cyber kill chain, providing visibility into pre-attack activities that traditional network-focused honeypots typically miss. Manuka aligns with MITRE's PRE-ATT&CK framework and generates actionable intelligence for blue teams by monitoring signs of adversary reconnaissance. The platform tracks various OSINT-based attack vectors, such as exposed corporate meetings, therapy sessions, and educational content that can be discovered through simple web searches. The honeypot generates early-warning signals for defenders by detecting when threat actors are gathering intelligence about an organization through publicly available sources. This approach helps security teams identify potential threats before attackers progress to more advanced stages of the attack lifecycle. Manuka provides real-time insights into reconnaissance activities, enabling organizations to understand how adversaries might be profiling their digital footprint and exposed assets through open-source intelligence gathering techniques.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A low-interaction honeypot to detect and analyze attempts to exploit the CVE-2017-10271 vulnerability in Oracle WebLogic Server
An Apache 2 based honeypot with detection capabilities specifically designed to identify and analyze Struts CVE-2017-5638 exploitation attempts.
A plugin repository that extends the Honeycomb honeypot framework with additional features and capabilities for enhanced threat detection and analysis.
A combination of honeypot, monitoring tool, and alerting system for detecting insecure configurations.
A honeypot tool to detect and log CVE-2019-19781 scan and exploitation attempts.
A WordPress plugin that logs failed login attempts to help monitor unauthorized access attempts on WordPress websites.
PINNED
Proton Pass is a cross-platform password manager that provides encrypted storage, password generation, and security monitoring features with integrated 2FA and dark web monitoring capabilities.
NordVPN is a commercial VPN service that encrypts internet connections and hides IP addresses through a global network of servers, featuring integrated threat protection and multi-device support.
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.