Mimicry – Security Tool For Active Deception In Exploitation

Mimicry is a security tool developed by Chaitin Technology for active deception in exploitation and post-exploitation.

Active deception can live migrate the attacker to the honeypot without awareness. We can achieve a higher security level at a lower cost with Active deception.

Tool

Web-Deception – Fake vulnerabilities in web applications

Network Architecture

Webshell-Deception – live migrate webshell to the honeypot

Shell-Deception – live migrate ReverseShell/BindShell to the honeypot

Mimicry

Quick Start

Mimicry

1. Make sure docker, docker-compose is installed correctly on the machine

docker info
docker-compose version

2. Install honeypot service

docker-compose build
docker-compose up -d

3. Deploy deception tool on other machines

update config.yaml,replace ${honeypot_public_ip} to the public IP of honeypot service

4. Perform Webshell deceiving

./mimicry-tools webshell -c config.yaml -t php -p webshell_path

Advance Usage of Mimicry

ToolDescription
Web-DeceptionFake vulnerabilities in web applications
Webshell-Deceptionlive migrate webshell to the honeypot
Shell-Deceptionlive migrate ReverseShell/BindShell to the honeypot

Contact Creator

  1. You can make bug feedback and feature suggestions directly through GitHub Issues.
  2. You can join the discussion group on Discord.

For more Scripts click HERE

Download Mimicry