Mimicry is a security tool developed by Chaitin Technology for active deception in exploitation and post-exploitation.
Active deception can live migrate the attacker to the honeypot without awareness. We can achieve a higher security level at a lower cost with Active deception.
Tool
Web-Deception – Fake vulnerabilities in web applications
Network Architecture
Webshell-Deception – live migrate webshell to the honeypot
Shell-Deception – live migrate ReverseShell/BindShell to the honeypot
Quick Start
Mimicry
1. Make sure docker, docker-compose is installed correctly on the machine
docker info
docker-compose version
2. Install honeypot service
docker-compose build
docker-compose up -d
3. Deploy deception tool on other machines
update config.yaml,replace ${honeypot_public_ip} to the public IP of honeypot service
4. Perform Webshell deceiving
./mimicry-tools webshell -c config.yaml -t php -p webshell_path
Advance Usage of Mimicry
Tool | Description |
---|---|
Web-Deception | Fake vulnerabilities in web applications |
Webshell-Deception | live migrate webshell to the honeypot |
Shell-Deception | live migrate ReverseShell/BindShell to the honeypot |
Contact Creator
- You can make bug feedback and feature suggestions directly through GitHub Issues.
- You can join the discussion group on Discord.
For more Scripts click HERE