diff --git a/pkgs/servers/confluencepot/default.nix b/pkgs/servers/confluencepot/default.nix
new file mode 100644
index 000000000000..242e2b93d7ad
--- /dev/null
+++ b/pkgs/servers/confluencepot/default.nix
@@ -0,0 +1,44 @@
+{ lib
+, stdenv
+, buildGoModule
+, fetchFromGitHub
+}:
+
+buildGoModule rec {
+  pname = "confluencepot";
+  version = "1.0.0";
+
+  src = fetchFromGitHub {
+    owner = "SIFalcon";
+    repo = "confluencePot";
+    rev = "v${version}";
+    hash = "sha256-jIbL6prOUII8o9FghIYa80BytJ9SSuyj/TZmAxwAbJk=";
+  };
+
+  vendorSha256 = "sha256-nzPHx+c369T4h9KETqMurxZK3LsJAhwBaunkcWIW3Ps=";
+
+  postPatch = ''
+    substituteInPlace confluencePot.go \
+      --replace "confluence.html" "$out/share/confluence.html"
+  '';
+
+  postInstall = lib.optionalString (!stdenv.isDarwin) ''
+    mv $out/bin/confluencePot $out/bin/${pname}
+  '';
+
+  preFixup = ''
+    # Install HTML file
+    install -vD confluence.html -t $out/share
+  '';
+
+  meta = with lib; {
+    description = "Honeypot for the Atlassian Confluence OGNL injection vulnerability";
+    homepage = "https://github.com/SIFalcon/confluencePot";
+    longDescription = ''
+      ConfluencePot is a simple honeypot for the Atlassian Confluence unauthenticated
+      and remote OGNL injection vulnerability (CVE-2022-26134).
+    '';
+    license = with licenses; [ agpl3Plus ];
+    maintainers = with maintainers; [ fab ];
+  };
+}
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index 76d16b9519df..10ca4fd036b1 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -15308,6 +15308,8 @@ with pkgs;
 
   corundum = callPackage ../development/tools/corundum { };
 
+  confluencepot = callPackage ../servers/confluencepot {};
+
   confluent-platform = callPackage ../servers/confluent-platform {};
 
   ctags = callPackage ../development/tools/misc/ctags { };