We where glad to announce yet another tool during our annual workshop in San Francisco. Glaspot is the third version of the web application honeypot Glastopf and it come with some very powerful new features:
In the next three months we are working on even more exciting new features and a much stronger integration into our web thread analysis platform.
Additionally Phani Vadrevu got accepted as a Google Summer of Code student to help us with additional improvements like request classification based on attacker profiling, hardening the internal sandbox and extending the attack surface. Details can be found in his project description: Glastopf Improvements.
How you could integrate the honeypot in a web threat oriented attack analysis framework is described in a recent presentation by Lukas Rist: Feasible Solution for the Web Threat Jigsaw.
As usual code and documentation can be found in our repository.