Serverless Trap Honeyλ is a serverless framework-based application that creates and monitors fake HTTP endpoints for deception purposes. The tool automatically generates URL honeytokens that can be strategically placed in various locations including email inboxes, documents, browser history, or embedded as hidden links in web pages. These honeytokens serve as breadcrumbs to lure attackers toward monitored traps, enabling detection of human attackers, malicious insiders, content scrapers, and malicious bots. The application utilizes the Cymon API v2 for threat intelligence integration and operates on a pay-what-you-use model across multiple cloud providers. Built on the Serverless framework, it supports deployment on Amazon Web Services (AWS), Microsoft Azure, IBM OpenWhisk, and Google Cloud, though it has been primarily tested on AWS. The tool provides automated monitoring capabilities to alert when honeytokens are accessed, indicating potential security threats or unauthorized activity.
FEATURES
SIMILAR TOOLS
A low-interaction honeypot to detect and analyze attempts to exploit the CVE-2017-10271 vulnerability in Oracle WebLogic Server
A low-interaction SSH authentication logging honeypot that logs all authentication attempts in JSON format.
A web-based visualization tool that displays statistics and generates charts from Shockpot honeypot data stored in PostgreSQL databases.
A plugin repository that extends the Honeycomb honeypot framework with additional features and capabilities for enhanced threat detection and analysis.
A combination of honeypot, monitoring tool, and alerting system for detecting insecure configurations.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.