Difference between revisions of "OWASP WASC Distributed Web Honeypots Project"

From OWASP
Jump to: navigation, search
(Created page with "=Main= <div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">link=</div> {| style="padding: 0;margin:0;margin-top:10px;t...")
 
Line 12: Line 12:
 
==Introduction==
 
==Introduction==
  
Write a short introduction
+
The goal of the Distributed Web Honeypot (DWH) Project is to identify emerging attacks against web applications and report them to the community.  This may include automated scanning activity, probes, as well as, targeted attacks against specific web sites or applications.  The scope of this project has recently been expanded to include deployment of both standard web application honeypots and/or open proxy honeypots.  Project participants may choose whether they want to run their honeypot as an open proxy or a stand-alone sensor.
 
+
 
+
  
 
==Description==
 
==Description==
  
Write a description that is just a few paragraphs long
+
This project fills a need in the web application Defender's community to have detailed data about mass web application scanning attacks such as those being operated by Botnets.  This project will provide detailed data about attacks and their origins.
  
  
Line 32: Line 30:
 
The OWASP WASC Distributed Web Honeypots Project provides:
 
The OWASP WASC Distributed Web Honeypots Project provides:
  
* xxx
+
* Real-time, detailed Web Application Attack Data
* xxx
+
* Threat Reports to the community
 
+
  
 
== Presentation ==
 
== Presentation ==
  
Link to presentation
+
* [http://prezi.com/dvvv2gdpezzz/wasc-projects-overview/ Web Hacking Intelligence Gathering (Prezi)]
 
+
* [http://www.owasp.org/images/c/c5/OWASP-WASCAppSec2007SanJose_WASCOpenProxyHoneyPotUpdate.ppt Open Proxy Honeypot Project Update (2007)]
 
+
  
  
Line 48: Line 44:
  
  
== Related Projects ==
+
== Mailing List ==
 
+
* [https://lists.owasp.org/mailman/listinfo/owasp_wasc_distributed_web_honeypots_project Sign-up]
* [[OWASP_CISO_Survey]]
+
* [http://lists.owasp.org/pipermail/owasp_wasc_distributed_web_honeypots_project/ Archive]
 
+
  
  
Line 63: Line 58:
  
 
== News and Events ==
 
== News and Events ==
* [20 Nov 2013] News 2
+
* [http://www.internetnews.com/security/article.php/3832131/WASC+Honeypot+Opens+Up+With+Open+Source.htm WASC Honeypot Opens Up With Open Source (InternetNews)]
* [30 Sep 2013] News 1
+
* [http://news.techworld.com/security/10663/researchers-eye-open-proxy-attacks/ Researchers eye open-proxy attacks (TechWorld)]
 +
* [http://www.infoworld.com/print/34304 Malware honeypots wait for '08 (InfoWorld)]
  
  

Revision as of 18:25, 24 February 2014

[edit]

OWASP Project Header.jpg

OWASP WASC Distributed Web Honeypots Project

The goal of the OWASP WASC Distributed Web Honeypots Project is to identify emerging attacks against web applications and report them to the community including automated scanning activity, probes, as well as, targeted attacks against specific web apps.

Introduction

The goal of the Distributed Web Honeypot (DWH) Project is to identify emerging attacks against web applications and report them to the community. This may include automated scanning activity, probes, as well as, targeted attacks against specific web sites or applications. The scope of this project has recently been expanded to include deployment of both standard web application honeypots and/or open proxy honeypots. Project participants may choose whether they want to run their honeypot as an open proxy or a stand-alone sensor.

Description

This project fills a need in the web application Defender's community to have detailed data about mass web application scanning attacks such as those being operated by Botnets. This project will provide detailed data about attacks and their origins.


Licensing

The OWASP WASC Distributed Web Honeypots Project is free to use. It is licensed under the Apache 2.0 License.


What is the OWASP WASC Distributed Web Honeypots Project?

The OWASP WASC Distributed Web Honeypots Project provides:

  • Real-time, detailed Web Application Attack Data
  • Threat Reports to the community

Presentation


Project Leader

Ryan Barnett


Mailing List


Quick Download

  • Link to page/download


News and Events


In Print

This project can be purchased as a print on demand book from Lulu.com


Classifications

Owasp-incubator-trans-85.png Owasp-builders-small.png
Owasp-defenders-small.png
Cc-button-y-sa-small.png
Project Type Files TOOL.jpg

Q1
A1
Q2
A2

Volunteers

The OWASP WASC Distributed Web Honeypots Project is developed by a worldwide team of volunteers. The primary contributors to date have been:

  • xxx
  • xxx

Others

  • xxx
  • xxx

As of February 2014, the priorities are:

The main roadmap item is to solicit more participants to deploy Sensors to collect data. The main deliverables for this project are: 1) Real-world web attack data, 2) Real-time web attack data and 3) Technical details that can be leveraged by the OWASP Defenders community to help protect their websites. Think of this project as somewhat similar to the SANS Dshield project where the community correlates data and can also obtain reputation services for blocking IP addresses, etc...

Involvement in the development and promotion of XXX is actively encouraged! You do not have to be a security expert in order to contribute. Some of the ways you can help:

  • xxx
  • xxx


PROJECT INFO
What does this OWASP project offer you?
RELEASE(S) INFO
What releases are available for this project?
what is this project?
Name: OWASP WASC Distributed Web Honeypots Project (home page)
Purpose: The goal of the OWASP WASC Distributed Web Honeypots Project is to identify emerging attacks against web applications and report them to the community including automated scanning activity, probes, as well as, targeted attacks against specific web apps.
License: Apache 2.0 License
who is working on this project?
Project Leader(s):
  • Ryan Barnett @
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: Mailing List Archives
Project Roadmap: View
Key Contacts
  • Contact Ryan Barnett @ to contribute to this project
  • Contact Ryan Barnett @ to review or sponsor this project
  • Contact the GPC to report a problem or concern about this project or to update information.
current release
Not Yet Published
last reviewed release
Not Yet Reviewed


other releases