<iframe src="//www.googletagmanager.com/ns.html?id=GTM-WJ3T8G" height="0" width="0" style="display:none;visibility:hidden">

honeypot, open source, Apache Struts, StrutsHoneypot

Cymmetria Research releases an open source honeypot for detecting the Apache Struts exploit (CVE 2017-5638)

In the hope of helping the community, Cymmetria Research is releasing an open source honeypot for detecting the Apache Struts exploit (CVE 2017-5638). The exploit is the most recent to plague the Internet and is the largest in scope (even if it doesn't have a logo or a website).

StrutsHoneypot is an Apache 2 mod that allows you to detect or block the exploit. The best and fastest way to get started is to launch it through Docker.

Like our previous open source honeypot, MTPot (for detecting mirai), this honeypot is released under the MIT license for the use of the community.

You can download StrutsHoneypot here:


StrutsHoneypot was written by Nir Krakowski (@nirkrakowksi) and Imri Goldberg (@lorgandon), and you can contact us at research@cymmetria.com with any bugs or requests.

Please consider trying out MazeRunner Community Edition, the free version of our cyber deception platform:



Recent Comments

Larry Seltzer on Weekend break: the 10 best hacking movies


see all

Leave a Reply