Today we find web applications in every environment independent of a company''s size and even in home networks. This fact made web applications also attractive to cyber criminals as there are new attack vectors like Cross Site Scripting, Remote File Inclusions (RFI) and SQL Injections. Such so called web based attacks can be found on every vulnerability statistic because of these attacks are so widespread. Criminals not only break into web applications, they also overtake whole web servers which than can become part of a botnet or even become a command and control server of such. GlastopfNG, is a honeypot specialized on simulating a vulnerable web server/application to become a target of automated or even manual attack. Instead of trying to block these attacks Glastopf tries to get as much information as possible about the attacker and the used attack itself. This gathered information can then be used in different ways to protect real applications in the future against such attacks.