In the hope of helping the community, Cymmetria Research is releasing an open source honeypot for detecting the Apache Struts exploit (CVE 2017-5638). The exploit is the most recent to plague the Internet and is the largest in scope (even if it doesn't have a logo or a website).
StrutsHoneypot is an Apache 2 mod that allows you to detect or block the exploit. The best and fastest way to get started is to launch it through Docker.
Like our previous open source honeypot, MTPot (for detecting mirai), this honeypot is released under the MIT license for the use of the community.
You can download StrutsHoneypot here:
StrutsHoneypot was written by Nir Krakowski (@nirkrakowksi) and Imri Goldberg (@lorgandon), and you can contact us at firstname.lastname@example.org with any bugs or requests.
Please consider trying out MazeRunner Community Edition, the free version of our cyber deception platform: