Serverless Trap Honeyλ
Serverless Trap Honeyλ is a serverless framework-based application that creates and monitors fake HTTP endpoints for deception purposes. The tool automatically generates URL honeytokens that can be strategically placed in various locations including email inboxes, documents, browser history, or embedded as hidden links in web pages. These honeytokens serve as breadcrumbs to lure attackers toward monitored traps, enabling detection of human attackers, malicious insiders, content scrapers, and malicious bots. The application utilizes the Cymon API v2 for threat intelligence integration and operates on a pay-what-you-use model across multiple cloud providers. Built on the Serverless framework, it supports deployment on Amazon Web Services (AWS), Microsoft Azure, IBM OpenWhisk, and Google Cloud, though it has been primarily tested on AWS. The tool provides automated monitoring capabilities to alert when honeytokens are accessed, indicating potential security threats or unauthorized activity.
FEATURES
SIMILAR TOOLS
A low-interaction honeypot to detect and analyze attempts to exploit the CVE-2017-10271 vulnerability in Oracle WebLogic Server
A low-interaction SSH authentication logging honeypot that logs all authentication attempts in JSON format.
A web-based visualization tool that displays statistics and generates charts from Shockpot honeypot data stored in PostgreSQL databases.
A plugin repository that extends the Honeycomb honeypot framework with additional features and capabilities for enhanced threat detection and analysis.
A combination of honeypot, monitoring tool, and alerting system for detecting insecure configurations.
PINNED
Proton Pass is a cross-platform password manager that provides encrypted storage, password generation, and security monitoring features with integrated 2FA and dark web monitoring capabilities.
NordVPN is a commercial VPN service that encrypts internet connections and hides IP addresses through a global network of servers, featuring integrated threat protection and multi-device support.
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.