OWASP WASC Distributed Web Honeypots Project

=Main=



{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-
 * valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |

OWASP WASC Distributed Web Honeypots Project
The goal of the OWASP WASC Distributed Web Honeypots Project is to identify emerging attacks against web applications and report them to the community including automated scanning activity, probes, as well as, targeted attacks against specific web apps.

Introduction
The goal of the Distributed Web Honeypot (DWH) Project is to identify emerging attacks against web applications and report them to the community. This may include automated scanning activity, probes, as well as, targeted attacks against specific web sites or applications. The scope of this project has recently been expanded to include deployment of both standard web application honeypots and/or open proxy honeypots. Project participants may choose whether they want to run their honeypot as an open proxy or a stand-alone sensor.

Description
This project fills a need in the web application Defender's community to have detailed data about mass web application scanning attacks such as those being operated by Botnets. This project will provide detailed data about attacks and their origins.

Licensing
The OWASP WASC Distributed Web Honeypots Project is free to use. It is licensed under the Apache 2.0 License.


 * valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |

What is the OWASP WASC Distributed Web Honeypots Project?
The OWASP WASC Distributed Web Honeypots Project provides:


 * Real-time, detailed Web Application Attack Data
 * Threat Reports to the community

Presentation

 * Web Hacking Intelligence Gathering (Prezi)
 * Open Proxy Honeypot Project Update (2007)

Project Leader
Ryan Barnett

Mailing List

 * Sign-up
 * Archive


 * valign="top" style="padding-left:25px;width:200px;" |

Quick Download

 * Link to page/download

News and Events

 * WASC Honeypot Opens Up With Open Source (InternetNews)
 * Researchers eye open-proxy attacks (TechWorld)
 * Malware honeypots wait for '08 (InfoWorld)

In Print
This project can be purchased as a print on demand book from Lulu.com

Classifications

 * }

=FAQs=


 * Q1
 * A1


 * Q2
 * A2

= Acknowledgements =

Volunteers
The OWASP WASC Distributed Web Honeypots Project is developed by a worldwide team of volunteers. The primary contributors to date have been:


 * xxx
 * xxx

Others

 * xxx
 * xxx

= Road Map and Getting Involved = As of February 2014, the priorities are:

The main roadmap item is to solicit more participants to deploy Sensors to collect data. The main deliverables for this project are: 1) Real-world web attack data, 2) Real-time web attack data and 3) Technical details that can be leveraged by the OWASP Defenders community to help protect their websites. Think of this project as somewhat similar to the SANS Dshield project where the community correlates data and can also obtain reputation services for blocking IP addresses, etc...

Involvement in the development and promotion of XXX is actively encouraged! You do not have to be a security expert in order to contribute. Some of the ways you can help:
 * xxx
 * xxx

=Project About=