This project is designed to create deceptive webpages to deceive and redirect attackers away from real websites. The deceptive webpages are generated by cloning real websites, specifically their login pages. For further reading material on the tool development, please visit our blog. Getting Started The project is composed of two tools: - Web Cloner: Responsible for cloning real websites and creating the deceptive webpage. - Deceptive Web server: Responsible for serving the cloned webpages, and reporting to a syslog server upon requests. Operating System The project was designed and tested on an Ubuntu 16.04 machine. Prerequisites - pip install requests - apt install gir1.2-webkit2-3.0 python-gi python-gi-cairo python3-gi python3-gi-cairo gir1.2-gtk-3.0 How to use How to use the Web Cloner: usage: WebCloner.py [-h] [-o OUTPUT_DIRECTORY] website_url positional arguments: website_url: The URL path to the web page you desire to clone optional arguments: -h, --help: show this help message and exit -o OUTPUT_DIRECTORY, --output-directory OUTPUT_DIRECTORY: Setting the output directory for the cloned webpage How to run the Deceptive web server: usage: TrapServer.py [-h] [--webroot-directory W
This tool is not verified yet and doesn't have listed features.
Did you submit the verified tool? Sign in to add features.
Are you the author? Claim the tool by clicking the icon above. After claiming, you can add features.
Provides breach and attack simulation products for security control validation, offering three different products to meet the needs of organizations of various sizes and maturity levels.
A minimalistic Java library for representing threat model data in a normalized way and automating threat intelligence extraction.
YARA signature and IOC database for LOKI and THOR Lite scanners with high quality rules and IOCs.
The FASTEST Way to Consume Threat Intelligence and make it actionable.
eCrimeLabs provides a SOAR platform for threat detection and response, integrated with MISP.
IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol, with a focus on incident handling automation and threat intelligence processing.