Glastopf is a web application honeypot project lead by Lukas Rist a.k.a glaslos of the Honeynet Project. The Glastopf project started in the year 2009. It is a simple and minimalistic web server written in Python that records information of web-based application attacks like Structured Query Language Injection (SQLI), Remote Code Execution (RCE), Local File Inclusion (LFI), Remote File Inclusion (RFI), and many more, because it emulates web application vulnerabilities tricking attackers or scanners that it is a vulnerable web server.
Here are some snippets of the README file for this project in order to understand this web application honeypot better:
The adversaries usually use search engines and special crafted search requests to find their victims. In order to attract them, Glastopf provide those keywords (aka dork) and extracts them also from request and extends its attack surface automatically. So over time and with a growing number of attacks, the honeypot gets more and more attractive. In the feature we will make the SQL injection emulator pubic, provide IP profiling for crawler recognition and intelligent dork selection.
Glastopf has also hpfeeds, which is a central logger of the project that reports the events, but it can actually be turned off under the glastopf.cfg configuration file….
Each Friday is PiDay here at Adafruit, be sure to check out our posts, tutorials and new Raspberry Pi related products. Have you tried the new “Adafruit Raspberry Pi Educational Linux Distro” ? It’s our tweaked distribution for teaching electronics using the Raspberry Pi. But wait, there’s more! Try our new Raspberry Pi WebIDE! The easiest way to learn programming on a Raspberry Pi.
We now have Raspberry Pi Model B with 512MB RAM in stock and shipping now!Related