Self-Hosted Deception And Decoy Platforms

OpenCanary is a network service simulator and honeypot designed for network intrusion detection. It functions as a security decoy that creates fake server personalities and open ports to identify unauthorized users scanning a private network. The system uses deception technology to mimic various server protocols, luring attackers into revealing their presence and activity. When a simulated service is accessed, it acts as an intrusion alerting gateway, transmitting notifications via email or webhooks. The project covers internal network monitoring and intrusion source tracking to identify the

T-Pot is a multi-honeypot platform and threat intelligence framework that deploys a collection of containerized decoy services to capture attacker behavior and network telemetry. It functions as a Docker-based deception system, simulating vulnerable network environments to gather intelligence on threat actors. The system features a distributed sensor network using a hub-and-spoke architecture, allowing remote sensors to transmit logs back to a central management hub. It integrates large language models to create a dynamic deception engine capable of adaptive interactions with attackers. The

T-Pot is a multi-honeypot orchestration platform and threat intelligence collector. It utilizes a Docker-based security sandbox to deploy and manage a collection of diverse decoy services that simulate vulnerable targets to lure attackers and record their activity. The system features a distributed sensor network where remote nodes capture attack logs and transmit them via encrypted communication to a central hub. This central hub employs an analytics stack to transform raw logs into geographic maps and interactive dashboards for adversary behavior visualization. To increase the realism of si