DCEPT
A honeytoken-based tripwire for Microsoft's Active Directory to detect privilege escalation attempts
Firewall, Blackhole, and Privatizing Proxy for Trackers, Attackers, Malware, Adware, and Spammers; with On-Demand and On-Access Anti-Virus Scanning. Kernel-level, OS-level, and client-level security for macOS. Built to address a steady stream of attacks visible on snort and server logs, as well as blocks ads, malicious scripts, and conceal information used to track you around the web. After this package was installed, snort and other detections have fallen to a fraction with a few simple blocking actions. This setup is a lot more capable and effective than using a simple adblocking browser add-on. There's a world of difference between ad-filled web pages with and without a filtering proxy server. It's also saved me from inadvertently clicking on phishing links. Proxy features macOS adaptive firewall, Adaptive firewall to brute force attacks, IP blocks updated about twice a day from emergingthreats.net (IP blocks, compromised hosts, Malvertisers) and dshield.org’s top-20, Host blocks updated about twice a day from hphosts.net, HTTPS Inspection using Privoxy, EasyList Tracker and Adblock Rules for Privoxy with adblock2privoxy, Incorporates multiple blocking rules.
A honeytoken-based tripwire for Microsoft's Active Directory to detect privilege escalation attempts
A low interaction Python honeypot designed to mimic various services and ports to attract attackers and log access attempts.
A WebSocket Manipulation Proxy with a user interface to capture, intercept, and send custom messages for WebSocket and Socket.IO communications.
A foundational guide for using deception against computer network adversaries using honeypots to detect adversaries before they accomplish their goals.
An open source, self-hosted implementation of the Tailscale control server.
A Linux command-line tool that allows you to kill in-progress TCP connections based on a filter expression, useful for libnids-based applications that require a full TCP 3-way handshake for TCB creation.