An awesome list of deception technology resources

• Articles
• Communities
• Related Lists
• Research
• Podcasts
• Videos

• Detecting Mimikatz Use On Your Network
• Implementing Honeytokens, Honeynets, and Honeytraps With Zero Budget
• Creating and Deploying Honeypots in Kubernetes
• Honeypot deployment on Linux - OpenCanary
• Setting HoneyTraps with ModSecurity: Adding Fake robots.txt Disallow Entries
• Setting HoneyTraps with ModSecurity: Adding Fake HTML Comments
• Detecting Malice with ModSecurity: HoneyTraps
• How Google set a trap for Pwn2Own exploit team
• Build an easy RDP Honeypot with Raspberry PI 3 and observe the infamous attacks as (BlueKeep) CVE-2019–0708
• Building a real-world web honeypot for CVE-2019–6340 (RCE in Drupal core)
• SSH Honey Keys
• Deception as a {Free} Post-Breach Detection Tool
• DevSecOps: Deception in Depth
• How You Can Set up Honeytokens Using Canarytokens to Detect Intrusions
• Gene Spafford: Challenging the Maxim, “No Security Through Obscurity”
• Introduction to HoneyPy & HoneyDB
• Getting Started With HoneyPy — Part 1
• Getting Started With HoneyPy — Part 2
• Getting Started With HoneyPy — Part 3
• Reflections Upon Deception-Based Security Tactics
• Running A SSH Honeypot With Kippo: Let’s Catch Some Script Kiddies
• Cowrie Honeypot Analysis - 24 hours after installing a fresh Cowrie Honeypot on a Digital Ocean node in Singapore. I have data.
• Early Warning Detectors Using AWS Access Keys as Honeytokens
• Introduction to T-Pot - The all in one honeypot
• Unveiling Patchwork – a targeted attack caught with cyber deception
• “Deception as Detection” or Give Deception a Chance?
• Deploy a fake Bitcoin wallet to save your own
• To Honey or not to Honey

• /r/honeypot
• The Honeynet Project
• BruteForce Lab

• awesome-honeypots

• Purdue University - Deception Group

• University of New Haven - Deception in Defense of Information Systems

• 2019
  • General-Sum Cyber Deception Games under Partial AttackerValuation Information
  • HackIT: A Human-in-the-loop Simulation Tool for Realistic Cyber Deception Experiments
  • Deception-As-Defense Framework for Cyber-Physical Systems
  • Learning and Planning in Feature Deception Games
  • HoneyDOC: An Efficient Honeypot Architecture Enabling All-Round Design
  • Using Camouflaged Cyber Simulationsas a Model to Ensure Validity in Cybersecurity Experimentation
  • A Survey On Honeypots, Honeynets And Their Applications On Smart Grid
  • Analysis of threats on a VoIP Based PBX Honeypot
  • Prevalence of IoT Protocols in Telescope and Honeypot Measurements
  • Counting Outdated Honeypots: Legal and Useful
  • Game Theory for Adaptive Defensive Cyber Deception
  • DorkPot: A Honeypot-based Analysis of GoogleDorks
  • Buckler:Intrusion Detection and Prevention using Honeypot
  • Detect Me If You... Oh Wait.An Internet-Wide View of Self-Revealing Honeypots
  • From Cyber-Security Deception To Manipulation and Gratification Through Gamification
  • Honeypot boulevard: understanding malicious activity via decoy accounts
  • The Tularosa Study: An Experimental Design and Implementation to Quantify the Effectiveness of Cyber Deception
  • How deception can change cyber security defences
  • VIRTUALIZED INTELLIGENT HONEYPOT AGENT
  • Game Theory for Cyber Deception: A Tutorial
• 2018
  • Cloxy: A Context-aware Deception-as-a-ServiceReverse Proxy for Web Services
  • Deception Techniques in Computer Security: A Research Perspective
  • Demystifying Deception Technology:A Survey
  • Defending Web Servers with Feints, Distraction and Obfuscation
  • Strategic Defense and Attack in Deception Based Network Security
  • Bitter Harvest: Systematically Fingerprinting Low- and Medium-interaction Honeypots at Internet Scale
  • A SPL Framework for Adaptive Deception-based Defense
  • Chaff Bugs: Deterring Attackers by Making Software Buggier
  • U-PoT: A Honeypot Framework for UPnP-Based IoT Devices
  • HoneyThing: A New Honeypot Design for CPE Devices
  • Efficiency and Security of Docker Based Honeypot Systems
  • An Application of Jeeves for Honeypot Sanitization
  • Cloud security using self-acting spontaneous honeypots
  • HONEY POT AS A SERVICE IN CLOUD
  • A Survey of Game-Theoretic Approaches to Modeling Honeypots
  • Web Deception towards Moving Target Defense
• 2017
  • A New Approach to Detecting Ransomware with Deception
  • Active defence through deceptive IPS
  • Deception strategies for web application security: application-layer approaches and a testing platform
  • Evaluation of Deception-Based Web Attacks Detection
  • HoneyIo4: the construction of a virtual, low-interaction IoT Honeypot
  • Honey-Copy-A Concept and Prototype of a Generic Honeypot System
  • Deception using an SSH honeypot
  • Picky Attackers: Quantifying the Role of System Properties on Intruder Behavior
  • Weems: An extensible HTTP honeypot
  • Understanding Security Flaws of IoT Protocols through Honeypot Technologies
  • HONEYPHY: A PHYSICS-AWARE CPS HONEYPOT FRAMEWORK
  • Designing a smartphone honeypot system using performance counters
  • Enhancing Honeypot Deception Capability Through Network Service Fingerprinting
  • Enabling an Anatomic View to Investigate Honeypot Systems: A Survey
  • Review on Honeypot Security
  • A Virtual Honeypot Framework for Server Configuration Using IDS For Login Authentications
  • Automating the Generation of Enticing Text Content for High-Interaction Honeyfiles
  • Towards Deployment Strategies for Deception Systems
  • Outlier Detection in Secure Shell Honeypot using Particle Swarm Optimization Technique
  • Evaluation of Low-Interaction Honeypots on the University Network
• 2016
  • Designing Adaptive Deception Strategies
  • Design and Implementation of a Real-Time Honeypot System for the Detection and Prevention of Systems Attacks
  • Active defence using an operational technology honeypot
  • SIMULATION OF INDUSTRIAL CONTROL SYSTEM FIELD DEVICES FOR CYBER SECURITY
  • Deception-Based Game Theoretical Approach to Mitigate DoS Attacks
  • MobiPot: Understanding Mobile Telephony Threats with Honeycards
  • Gathering threat intelligence through computer network deception
  • An improved tarpit for network deception
  • Bandits for Cybersecurity: Adaptive Intrusion Detection Using Honeypots
  • Honeypot Architectures for IPv6 Networks
  • Deceptive Cyber Defense for IIoT
  • A Survey on Honeypot Software and Data Analysis
• 2015
  • Deception by Design: Evidence-Based Signaling Games for Network Defense
  • Experiences with Honey-Patching in Active Cyber Security Education
  • Using Deception to Enhance Security: A Taxonomy, Model, and Novel Uses
  • Toward an Insider Threat Detection Framework Using Honey Permissions
  • Weaving Tangled Webs: Offense, Defense, and Deception in Cyberspace
  • Denial and Deception in Cyber Defense
  • Fox in the Trap: Thwarting Masqueraders via Automated Decoy Document Deployment
  • Hyhoneydv6: A hybrid Honeypot Architecture for IPv6 Networks
  • Deception in Dynamic Web Application Honeypots: Case of Glastopf
  • IoTPOT: Analysing the Rise of IoT Compromises
• 2014
  • From Patches to Honey-Patches: Lightweight Attacker Misdirection, Deception, and Disinformation
  • Changing the game: The art of deceiving sophisticated attackers
  • Implementing a CBR Recommender for Honeypot Configuration using jCOLIBRI
  • INTERCEPT: High-interaction Server-type Honeypot basedon Live Migration
  • Building a Honeypot to Research Cyber-Attack Techniques
• 2013
  • Detecting Targeted Attacks by Multilayer Deception
  • Improving Security Using Deception
  • Bait and Snitch: Defending Computer Systems with Decoys
  • Canary Files: Generating Fake Files to Detect Critical Data Loss from Complex Computer Networks
  • Honeywords: Making Password-Cracking Detectable
  • A Technique for Presenting a Deceptive Dynamic Network Topology
  • Self-adaptive SSH Honeypot Model Capable of Reasoning
  • Design and Implementation of a Medium Interaction Honeypot
  • A Framework for Intrusion Deception on Web Servers
  • Patterns and Patter - An Investigation into SSH Activity Using Kippo Honeypots
• 2012
  • A Deception Framework for Survivability Against Next Generation Cyber Attacks
  • A Security Mechanism for Web Servers Based on Deception
  • A Survey: Recent Advances and Future Trends in Honeypot Research
• 2010
  • AHA - Adaptive Honeypot Alternative
  • Honeyware: a web-based low interaction client honeypot
• 2009
  • Using Honeypots to Analyse Anomalous Internet Activities
  • Deception used for Cyber Defense of Control Systems
• 2008
  • Virtual honeynet with simulated user activity
  • An Integrated Honeypot Framework for Proactive Detection, Characterization and Redirection of DDoS Attacks at ISP level
• 2007
  • Intrusion deception in defense of computer systems
• 2006
  • Defensive Computer-Security Deception Operations: Processes, Principles and Techniques
  • Using deception to hide things from hackers: Processes, principles, and techniques
  • Testing and validation of a dynamic honeypot system
  • Advanced Honeypot-based Intrusion Detection
  • Honeypots: How do you know when you are inside one?
• 2004
  • Honeyfiles: Deceptive files for intrusion detection
• 2003
  • Honeytokens: The Other Honeypot
  • Honeypots: Catching the Insider Threat
  • Deception Techniques Using Honeypots
• 2002
  • Delaying-type responses for use by software decoys
  • Software Decoys: Intrusion Detection and Countermeasures

• Active Deception as a Methodology for Cybersecurity

• Advanced Deception Technology Through Behavioral Biometrics
• Applied Deception Beyond the Honeypot: Moving Past 101
• Honeypots, Deception, and Frankenstein
• Honeypots 2.0: A New ‘Twist’ on Defending Enterprise Networks with Dynamic Deception at Scale
• SANS Webcast: Opening a can of Active Defense and Cyber Deception to confuse and frustrate attackers
• Deceptive Defense: Beyond Honeypots
• Honeypots for Active Defense A Practical Guide to Deploying Honeynets Within the Enterprise
• The matrix has you: Protecting Linux using deception
• Using Honeypots for Network Security Monitoring
• Remote detection of low & medium interaction honeypots
• honeyHoax - A Centralised Honeypot
• Deception for the Cyber Defender: To Err is Human; to Deceive, Divine
• Paravirtualized Honeypot Deployment for the Analysis of Malicious Activity
• Deploying Honeypots To Gather Actionable Threat Intelligence
• Honeypot Your Database
• Forging Trusts for Deception in Active Directory
• HoneyPy & HoneyDB
• Leveraging Deception Techniques for Strong Detection
• Breaking Honeypots for Fun & Profit
• Honeywords - Detectable Password Theft
• IoT Honeypots
• IoTCandyJar: Towards an Intelligent-Interaction Honeypot for IoT Devices
• The KGB, the Computer, and Me (Complete)
• No Budget Threat Intelligence - Tracking Malware Campaigns on the Cheap
• Running a SCADA honeypot
• Visibility, Control, and Containment: Hunting Maturity through Cyber Deception
• Drawing the Foul: Operation of a DDoS Honeypot
• GlastopfNG - A web attack honeypot
• A Framework For Fingerprinting ICS Honeypot
• Building a Better Honeypot Network
• Global Honeypot Trends - Adventures with Kippo!
• Learning How To Smurf With Honeypots
• Powergrid Honeypot
• Stories from a 15 days SMB Honeypot
• Medical Devices: Pwnage and Honeypots
• Honeypots and tokens in modern networks
• Honey(pot) flavored hunt for cyber enemy
• Hey, You Got Your SQL In My Honeypot!
• AT&T ThreatTraq: Passwords in the Honeypot
• Low-Interaction Virtual Honeypot Fingerprinting
• Smart Contract Honeypots for Profit (and probably fun)
• Deceptacon: Wi-Fi Deception < $5
• Application Honeypot Threat Intelligence
• Deploying ICS Honeypots to Deceive and Thwart Adversaries
• Where Do The Phishers Live:Collecting Phishers' Geographic Locations from Honeypots
• PLC for Home Automation and How It Is as Hackable as a Honeypot
• How to Build SPAM Honeypots
• Bring Back the Honeypots
• Vaccination - An Anti-Honeypot Approach
• T-Pot: Automated Honeypot Deployment
• Running a Honeypot | AT&T ThreatTraq Bits
• Ghetto IDS and Honeypots for the Home User
• Honeypot That Can Bite: Reverse Penetration
• Thug: a new low-interaction honeyclient
• Hacking Back: Proactive Threat Intelligence With Honeypots For Active Defense
• Honey Haven: Creating Research HoneyPots In the Cloud
• Lessons Learned from Building and Running MHN the Worlds Largest Crowdsourced Honeynet
• Would You Like Some Honey With That?
• Honey In The Age Of Cyber
• Wolves amongst Sheep - Defeating Targeted Attacks with Deception
• Bringing PWNED To You Interesting Honeypot Trends
• ICS Honeypot Deployment Strategies and Technologies
• Security Onions and Honey Potz
• Cyber Counter Intelligence: An attacker-based approach
• Real Eyes, Realize, Real Lies: Beating Deception Technologies
• Whiteboard Wednesday: Attacker Deception - Honeypots
• The Devil Does Not Exist - The Role of Deception in Cyber
• Bitcoin Honeypots
• Your Active Directory Active Defense ADAD Primer
• Tangled Web: Defense in Deception
• BHIS Webcast: Tracking attackers. Why attribution matters and how to do it
• Active Cyber Network Defense with Denial and Deception
• Traps of Gold
• Live Coding: Python Honeypot
• Building a Web Attacker Dashboard with ModSecurity and BeEF
• OpenCanary: a new Python-based honeypot
• Randori, a low interaction honeypot with a vengeance
• Canarytokens - Honeypots Made Easy
• Coding Live Stream 2: Let's Deploy an SSH Honeypot
• Coding Live Stream 5: Let's Analyze Our Honeypot Traffic With PacketTotal
• Building Honeypots to Monitor DDoS
• Cymmetria: Writing honeypots
• Honeypot project - Kippo Setup and walk-through
• Game of Hacks: The Mother of All Honeypots
• Effortless, Agentless Breach Detection in the Enterprise: Token all the Things!