Probably one of the smallest and simplest web honeypots out there, requiring a web server running Apache, the ability to change file permissions, basic knowledge of HTML and PHP, and about 30 minutes of free time. For automated alert generation, access to a Log Manager / SIEM is recommended. Installation involves uploading the /phpmyadmin-interactive/ folder to the root of the web directory, changing the folder name to /phpmyadmin/, adjusting permissions on /phpmyadmin/log.txt, ensuring all contents are owned by the 'web user', and adding specific lines to the robots.txt file to prevent indexing.
FEATURES
SIMILAR TOOLS
A low interaction client honeypot that detects malicious websites using signature, anomaly and pattern matching techniques with automated URL collection and JavaScript analysis capabilities.
A low-interaction SSH authentication logging honeypot that logs all authentication attempts in JSON format.
An Apache 2 based honeypot with detection capabilities specifically designed to identify and analyze Struts CVE-2017-5638 exploitation attempts.
A low-interaction honeypot to detect and analyze attempts to exploit the CVE-2017-10271 vulnerability in Oracle WebLogic Server
A Docker-based honeypot network implementation featuring cowrie and dionaea honeypots with centralized event collection, geolocation enrichment, and real-time attack visualization.