An awesome list of resources on deception-based computer security with honeypots and honeytokens.
NOTE - The original list has been archived due to many of the links being broken or the linked resources not being available.
- 🎮 Valve used secret memory access “honeypot” to detect 40K Dota 2 cheaters.
- Discussion on hacker news on potential implementation techniques.
- 👿 Deception Engineering: exploring the use of Windows Service Canaries against ransomware.
- KilledProcessCanary Code Repository.
- ☠️ Explain Like I'm Five: Poison Records (Honeypots for Database Tables).
- Acra Poison Records Demo Code Repository.
- 💳 It’s Baaack… Credit Card Canarytokens are now on your Consoles.
- 🍯 Introducing HASH: The HTTP Agnostic Software Honeypot framework for creating HTTP low-interaction honeypots.
- HASH Code Repository.
- ☁️ Cloud Active Defense: Open-source cloud protection
- Cloud Active Defense Code Repository.
- MITRE Engage™
- Engage Data Repository.
- MITRE D3FEND™
- D3FEND Software Repositories.
- Deception-as-Detection
- Evaluating Deception and Moving Target Defense with Network Attack Simulation
- Honeyquest
- Knocking on Admin’s Door: Protecting Critical Web Applications with Deception
- SCANTRAP: Protecting Content Management Systems from Vulnerability Scanners with Cyber Deception and Obfuscation
- DFK IN - Cyber Resilience and Security
- Purdue University - Deception Group
- UK National Cyber Deception Laboratory