HFish is a distributed honeypot system and network intrusion detection tool designed to deploy decoy services and nodes to detect and analyze attacker behavior. It functions as a deceptive asset orchestrator that simulates enterprise services and configures custom baits to lure network intruders. The system utilizes a server-client architecture to manage distributed nodes across different platforms, allowing for centralized control of telemetry collection and decoy deployment. It incorporates cloud-based traffic routing to redirect suspicious network activity into managed decoy environments f
T-Pot is a multi-honeypot platform and threat intelligence framework that deploys a collection of containerized decoy services to capture attacker behavior and network telemetry. It functions as a Docker-based deception system, simulating vulnerable network environments to gather intelligence on threat actors. The system features a distributed sensor network using a hub-and-spoke architecture, allowing remote sensors to transmit logs back to a central management hub. It integrates large language models to create a dynamic deception engine capable of adaptive interactions with attackers. The
Reverse engineering and pentesting for Android applications