StrutsHoneypot is an Apache 2 based honeypot system designed to detect and analyze attacks targeting the Apache Struts framework. The tool includes a separate detection module (apache mod) that can be deployed on Apache 2 servers to identify and optionally block exploitation attempts against the Struts CVE-2017-5638 vulnerability. The honeypot component captures attack data and provides insights into exploitation patterns, while the detection module offers real-time protection capabilities for production environments. StrutsHoneypot also includes support for detecting content disposition filename parsing vulnerabilities, expanding its coverage beyond the primary CVE-2017-5638 exploit. The tool is released under the MIT license, making it freely available for community use and modification.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A plugin repository that extends the Honeycomb honeypot framework with additional features and capabilities for enhanced threat detection and analysis.
A combination of honeypot, monitoring tool, and alerting system for detecting insecure configurations.
An SDN honeypot tool for detecting and analyzing malicious activities in Software-Defined Networking environments.
A low interaction client honeypot that detects malicious websites using signature, anomaly and pattern matching techniques with automated URL collection and JavaScript analysis capabilities.
A honeypot tool to detect and log CVE-2019-19781 scan and exploitation attempts.