https://github.com/chaitin/mimicry
Mimicry is a dynamic deception tool that actively deceives an attacker during exploitation and post-exploitation.
https://github.com/chaitin/mimicry
backdoor blue-team brute-force deception honeypot incident-response security security-tools waf webshell
Last synced: 2 months ago
JSON representation
Mimicry is a dynamic deception tool that actively deceives an attacker during exploitation and post-exploitation.
- Host: GitHub
- URL: https://github.com/chaitin/mimicry
- Owner: chaitin
- Created: 2022-12-07T02:53:16.000Z (over 2 years ago)
- Default Branch: main
- Last Pushed: 2023-06-26T06:33:51.000Z (almost 2 years ago)
- Last Synced: 2025-04-10T03:13:30.349Z (2 months ago)
- Topics: backdoor, blue-team, brute-force, deception, honeypot, incident-response, security, security-tools, waf, webshell
- Language: Dockerfile
- Homepage:
- Size: 28.4 MB
- Stars: 54
- Watchers: 7
- Forks: 8
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Mimicry
![]()
Mimicry
Mimicry is a security tool developed by Chaitin Technology for active deception in exploitation and post-exploitation.
Active deception can live migrate the attacker to the honeypot without awareness. We can achieve a higher security level at a lower cost with Active deception.
English | δΈζζζ‘£
## π Overview
## π₯ Demo
[](https://asciinema.org/a/3WO3x1d4tx4KHb4pwbkBLg5lh)
## πΉοΈ Quick Start
### 1. Make sure docker, docker-compose is installed correctly on the machine
```
docker info
docker-compose version
```
### 2. Install [honeypot service](https://github.com/chaitin/mimicry/tree/main/honeypot)
```
docker-compose build
docker-compose up -d
```
### 3. Deploy [deception tool](https://github.com/chaitin/mimicry/tree/main/tools) on other machines
```
update config.yaml,replace ${honeypot_public_ip} to the public IP of honeypot service
```
### 4. Perform Webshell deceiving
```
./mimicry-tools webshell -c config.yaml -t php -p webshell_path
```## π Advance Usage
| Tool | Description |
|-----------------------------------------------------------|-----------------|
| [Web-Deception](docs/web-deception.md) | Fake vulnerabilities in web applications |
| [Webshell-Deception](docs/webshell-deception.md) | live migrate webshell to the honeypot |
| [Shell-Deception](docs/shell-deception.md) | live migrate ReverseShell/BindShell to the honeypot |
## ποΈ Contact Us
1. You can make bug feedback and feature suggestions directly through GitHub Issues.
2. You can join the discussion group on [Discord](https://discord.gg/KjQGUrG8aJ) .