This website uses cookies to improve user experience. By using this website you consent to all cookies in accordance with our terms.



The Honerix infrastructure leverages plugin modules to mimic the behavior of different web applications, trying to push attackers into deploying their malicious payload. This page lists and describes available plugins; by clicking on the plugin name you are redirected to the results for that module.

Tag search

Popular tags

Apache Struts2 Jakarta Multipart parser RCE

Apache Struts2 (2.3.5-2.3.31 and 2.5-2.5.10) RCE on file upload with Jakarta Multipart parser

CVE: CVE-2017-5638


Plugin ID: ffb3ec6a0a9e06a692cee5cb41a1ae77

Generic PHP command execution

A generic PHP code execution plug-in

Plugin ID: e7733d8bb9d29b4e06297bd5a6744e6c

Shellshock Exploit

Shellshock, also known as Bashdoor, is a family of security bugs in the widely used Unix Bash shell, the first of which was disclosed on 24 September 2014.

CVE: CVE-2014-6271


Plugin ID: shoh5iegea0gocuquich6ox3iebeicho

JexBoss detector

Detect exploitation attempts using the JexBoss tool


Plugin ID: cb6ab62591958ca04e5d3994891aad50

JBoss JMX Console CVE 2010-0738 Authentication Bypass

This handler intercepts attempts to deploy a webshell that leverage an authentication bypass vulnerability within the JMX console.

CVE: CVE-2010-0738


Plugin ID: 07ab85560cd0291cf07f625058cd000f


D-Link RCE on DIR-300 and DIR-600

D-Link unauthenticated command execution on DIR-300 and DIR-600 devices


Plugin ID: 2391bb809ecfe8898fe8d1ed8bb4cd02

JBoss Web Console Remote Java Deserialization Exploit

JBoss Web Console Remote Java Deserialization Exploit

Plugin ID: 0ff09ed75f6e28ce1e20e5facf919cce

JBoss Worm

Worm exploiting insecure JBoss settings

CVE: CVE-2010-0738


Plugin ID: 9342be4e03f14af0c0caaee8aca75bc0

PHP-CGI exploit

Detect attempts at exploiting the PHP-CGI vulnerability

CVE: CVE-2012-1823


Plugin ID: 467b271b5f34576f13a4ab3762501b44

WebCalendar 1.2.4 Pre-Auth Remote Code Injection

Remote command execution vulnerability found in WebCalendar, version 1.2.4 or less.

CVE: CVE-2012-1495 , CVE-2012-1496


Plugin ID: wohngaesoonievongahmoomado4choul