smart-honeypot PHP Script
PHP Script demonstrating a smart honey pot. Gettings Started Download the latest release. Choose one of the forms: simple-form.php, hardened-form.php or bootstrap-form.php (simple-form.php is intended as a simple way to understand the script only. It is not intended for use in production.) Set the contants Set the $salt. I recommend http://www.sethcardoza.com/tools/random-password-generator/ as a quick tool to get some random stuff to put in there. Set $recipients to a comma-separated list of emails (as accepted by PHP mail function) Set $senderName. This will be included in the from address of the email. Set $sender. This is the email address where the form originates. Typically something like noreply@example.com. Set $subject. This is the email subject. Modify the form to include the fields you need. action defaults to the current script address method should remain set at post. Changing this will cause the form not to send emails. fields is an array of inputs (and form elements) that you would like in your form. You can use the following form elements: text, url, email, number, phone/tel, checkbox, file, textarea, select, and submit The last form input should always
FEATURES
ALTERNATIVES
StaDynA is a system supporting security app analysis in the presence of dynamic code update features.
An Outlook add-in for reporting suspicious emails to security teams and tracking user behavior during awareness campaigns.
MARA is a Mobile Application Reverse engineering and Analysis Framework with various features for testing mobile applications against OWASP mobile security threats.
Rspamd is an advanced spam filtering system and email processing framework with comprehensive features like Lua API and asynchronous network API.
Hashcat is a fast and advanced password recovery utility that supports various attack modes and hashing algorithms, and is open-source and community-driven.
Android security virtual machine with updated tools and frameworks for reverse engineering and malware analysis.
A free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing, utilizing Message Query Language (MQL) for behavior description.
Comprehensive manual for mobile app security testing and reverse engineering with technical processes for verifying controls.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
CTIChef.com Detection Feeds
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
OSINTLeak
OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.
ImmuniWeb® Discovery
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.