Uncategorized

• Uncategorized

  • Poison Records - poison-records-demo).
  • secret memory access “honeypot”
  • Discussion on Hacker News
  • Honeypot framework - interaction honeypots. (code) [HASH](https://github.com/DataDog/hash).
  • Active Defense - source cloud protection. (code) [Cloud Active Defense](https://github.com/SAP/cloud-active-defense).
  • Credit Card Canarytokens
  • building a nation-scale evidence base - scale deception deployment.
  • LLM Agent Honeypot - 2025) - a live experiment tracking AI-assisted attack activity in the wild.
  • HoneyBee threat research - source honeypot deployment tooling for misconfiguration and exploitation detection.
  • deploying MCP honeypots
  • Building a Military Honeypot - Penn State’s effort to build deceptive camera and network environments for military use.
  • Deel/Rippling lawsuit - a public case where an insider was detected via a honeypot Slack channel.
  • security update on a GitHub workflow issue
  • improving active defense to empower customers - scale honeypot system.
  • canary tokens “unsung heroes” write-up
  • Canary Credentials in the wild
  • cyber deception trials - wide product trials.
  • mapping deception with BloodHound OpenGraph
  • synthetic data for cyber deception and honeypots
  • a hacktivist attack targeting OT/ICS
  • Demystifying Deception Technology: A Survey - survey of deception taxonomies, deployment models, and evaluation gaps.
  • Deception Techniques in Computer Security: A Research Perspective - broad survey of deception methods and research directions.
  • The Tularosa Study: An Experimental Design and Implementation to Quantify the Effectiveness of Cyber Deception - HICSS study with 130+ red teamers, manipulating deception presence and awareness while tracking cognitive and physiological effects.
  • When Announcing Deception Technology Can Change Attacker Decisions - study on how disclosure of deception influences attacker behavior.
  • Prospect Theoretic Hypothesis Testing-based Cyber Deception - study on using prospect theory to shape deception during reconnaissance.
  • Towards bio-inspired cyber-deception: a case study of SSH and Telnet honeypots - evaluates bio-inspired deception strategies in Cowrie SSH/Telnet honeypots.
  • Koney: A Cyber Deception Orchestration Framework for Kubernetes - orchestrates deception assets across Kubernetes clusters.
  • Applying game theory to deception - models attacker-defender dynamics using game-theoretic approaches.
  • Database Deception using Large Language Models - applies LLMs to create deceptive database artifacts.
  • A Descriptive Model for Modelling Attacker Decision-Making in Cyber-Deception - proposes a model of attacker engagement decisions under deception cues.
  • Agentic AI for Cyber Resilience: A New Security Paradigm and Its System-Theoretic Foundations - argues for agentic resilience with cyber deception case studies.
  • SoK: Honeypots & LLMs, More Than the Sum of Their Parts? - systematizes LLM-powered honeypot research and evaluation trends.
  • HoneyTrap: Deceiving Large Language Model Attackers to Honeypot Traps with Resilient Multi-Agent Defense - proposes a deceptive LLM defense framework with multi-agent coordination, plus a progressive jailbreak dataset and new metrics for measuring misdirection and attacker cost.
  • Evaluating Deception and Moving Target Defense with Network Attack Simulation
  • Honeyquest
  • Knocking on Admin’s Door: Protecting Critical Web Applications with Deception
  • SCANTRAP: Protecting Content Management Systems from Vulnerability Scanners with Cyber Deception and Obfuscation
  • Birding Guide - Detect attackers without breaking the bank
  • Taxonomy and terminology - terminology and definitions for cyber deception.
  • Deception & Operations Planning Frameworks - ShmooCon talk on a physical deception operation.
  • Applying Deception to the Attack Lifecycle - Tim Pappa and Skylar Simmons (Walmart) on using deception across the attacker journey.
  • Sweet Deception: Mastering AWS Honey Tokens to Detect and Outsmart Attackers - Nick Frichette.
  • Continuous Integration / Continuous Deception: Trying my luck as a malicious maintainer - Benedikt Haußner.
  • Turning The Tables: Using Cyber Deception To Hunt Phishers At Scale - BSides Exeter.
  • Counter Deception: Defending Yourself in a World Full of Lies - DEF CON 32 (August 2024), Tom Cross and Greg Conti.
  • Mirage: Cyber Deception Against Autonomous Cyber Attacks - Black Hat USA 2024, Ron Alford and Michael Kouremetis.
  • Active Defense & Deception (AD&D) - Active conference, most recent event in 2025.
  • Honeynet Workshops - Active conference, most recent event in 2025.
  • /r/cyber_deception
  • The Honeynet Project
  • MITRE Engage™
  • Engage
  • MITRE D3FEND™
  • D3FEND
  • Deception-as-Detection
  • awesome-honeypots - A thorough and fairly regularly updated list of open source honeypots.
  • Measuring the Efficacy of Cyber Deception - examines how to measure cyber deception effectiveness by reviewing existing evaluation approaches and proposing new metrics and frameworks to assess deceptive tactics in modern, AI-augmented threat environments.
  • preventing supply chain attacks with honeytokens
  • Q-Cowrie: Reinforcement Learning for Adaptive Honeypot Deception - presents “Q-Cowrie,” a reinforcement learning-enhanced Cowrie honeypot that models attacker decisions with an MDP and adapts responses during attacker interaction.
  • Q-Cowrie: Reinforcement Learning for Adaptive Honeypot Deception - presents “Q-Cowrie,” a reinforcement learning-enhanced Cowrie honeypot that models attacker decisions with an MDP and adapts responses during attacker interaction.
  • Deception and Detection: Why Artificial Intelligence Empowers Cyber Defense over Offense - argues that AI automation benefits cyber defense more than offense, widening an offense-defense automation gap as stakes increase.
  • Q-Cowrie: Reinforcement Learning for Adaptive Honeypot Deception - presents “Q-Cowrie,” a reinforcement learning-enhanced Cowrie honeypot that models attacker decisions with an MDP and adapts responses during attacker interaction.
  • security update on a GitHub workflow issue
  • canary tokens “unsung heroes” write-up
  • Q-Cowrie: Reinforcement Learning for Adaptive Honeypot Deception - presents “Q-Cowrie,” a reinforcement learning-enhanced Cowrie honeypot that models attacker decisions with an MDP and adapts responses during attacker interaction.