DCEPT Logo

DCEPT

0
Free
Updated 11 March 2025
Network Security
Honeytoken
Endpoint Security
Memory Analysis
Privilege Escalation
Incident Response
Visit Website

There are three components to DCEPT. The first is an agent written in C# that caches honeytokens in memory on the endpoints. The tokens themselves are pieces of information intentionally littered on system so they can be discovered by an intruder. In the case of DCEPT, the honeytokens are credentials that would only be known by a someone extracting them from memory. A logon attempt using these faux credentials would mean someone was inside the network and is attempting privilege escalation to domain administrator. The goal of this project was to provide a free, simple, honeytoken deployment tool as well as educate administrators about the nature of these attacks. We encourage contributors to build on what we have done and welcome feedback. Has DCEPT helped your organization spot an intrusion before it was too late? We would like to hear from you. More information about this research project can be found here: https://www.secureworks.com/blog/dcept

FEATURES

EXPLORE BY TAGS

Honeytoken

Endpoint Security

Memory Analysis

Privilege Escalation

Incident Response

SIMILAR TOOLS

Portlurker Logo
Portlurker

Port listener / honeypot in Rust with protocol guessing, safe string display and rudimentary SQLite logging.

Free
Network Security
Tor Detect Middleware Logo
Tor Detect Middleware

Express middleware for detecting and redirecting Tor or Surface users.

Free
Network Security
Charles Web Debugging Proxy Logo
Charles Web Debugging Proxy

An HTTP proxy, monitor, and reverse proxy tool for viewing HTTP and SSL/HTTPS traffic.

Free
Network Security
DShield Docker Logo
DShield Docker

A Docker container that starts a SSH honeypot and reports statistics to the SANS ISC DShield project

Free
Network Security
netripper Logo
netripper

Smart traffic sniffing tool for penetration testers

Free
Network Security
Safing Portmaster Logo
Safing Portmaster

Safing Portmaster is an open-source application firewall that monitors network connections, blocks trackers system-wide, and allows custom filtering rules at both global and per-application levels.

Free
Network Security
Scilla Logo
Scilla

An information gathering tool for DNS, subdomains, ports, and directories enumeration.

Free
Network Security
CC2ASN Logo
CC2ASN

A lookup service for AS-numbers and prefixes by country

Free
Network Security
Netcap Logo
Netcap

Netcap efficiently converts network packets into structured audit records for machine learning algorithms, using Protocol Buffers for encoding.

Free
Network Security

PINNED

Mandos Logo

Mandos

Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.

Consulting
Checkmarx SCA Logo

Checkmarx SCA

A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Application Security
Orca Security Logo

Orca Security

A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

Cloud Security
DryRun Logo

DryRun

A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Application Security
CyberSecTools logoCyberSecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Operated by:

Mandos Cyber • KVK: 97994448

Netherlands • contact@mandos.io

Copyright © 2025 - All rights reserved

LINKS
BlogContact
LEGAL
Terms of servicesPrivacy policy