open source

Cymmetria releases honeypot for Cisco ASA vulnerability (CVE-2018-0101)

Cymmetria has just released a honeypot for the detection of the Cisco ASA vulnerability that was recently made public: CVE-2018-0101 (Score: 10) Vulnerable: Cisco ASA 5500, ASA 5500-X The honeypot will detect exploitation attempts against SSL VPN and will capture data sent to an IKE listener that now holds the suspicious payload   The honeypot …

Cymmetria releases honeypot for Cisco ASA vulnerability (CVE-2018-0101)Read More »

Cymmetria releases honeypots for two Oracle vulnerabilities (CVE-2017-10271, CVE-2018-2636)

Cymmetria has just released honeypots for the detection of two Oracle vulnerabilities that were recently made public: CVE-2017-10271 (Score: 7.5) Vulnerable: Oracle WebLogic 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0, 12.2.1.2.0 The honeypot will detect the reported RCE vulnerability by detecting the exploitation attempt, but will not allow commands to run or, as seen in the in-the-wild exploit, to …

Cymmetria releases honeypots for two Oracle vulnerabilities (CVE-2017-10271, CVE-2018-2636)Read More »

StrutsHoneypot updated for Apache Struts content-disposition vulnerability

With an exploit now in-the-wild for the Apache Struts content-disposition vulnerability, Cymmetria Research is releasing an updated version of StrutsHoneypot. This exploit has been a bit more complex to develop for, and StrutsHoneypot will only detect it, not block. PHP does not easily allow for handling of raw data when posting multipart data. You can …

StrutsHoneypot updated for Apache Struts content-disposition vulnerabilityRead More »

Cymmetria Research releases an open source honeypot for detecting the Apache Struts exploit (CVE 2017-5638)

In the hope of helping the community, Cymmetria Research is releasing an open source honeypot for detecting the Apache Struts exploit (CVE 2017-5638). The exploit is the most recent to plague the Internet and is the largest in scope (even if it doesn’t have a logo or a website).   StrutsHoneypot is an Apache 2 mod …

Cymmetria Research releases an open source honeypot for detecting the Apache Struts exploit (CVE 2017-5638)Read More »

Scroll to Top