![]() (Reading the full post takes ~30 minutes, reading just the last chapter takes ~10 minutes). Feel free to skip the other chapters and just read the last one. Most of the stuff is already documented on the internet, however, as far as I know the " Fake deceptive BloodHound paths" chapter describes a new technique to trick attackers. This blog post is pretty long you can skip sections, especially if you know already basic honeyuser / honeytoken techniques. ![]() I also want to thank his technical input and proof reading. ![]() That's why more companies should use them. Now the attacker needs to find all traps and triggering just one is enough for the blue team to detect the hack. ), however, with deception techniques this changes. I used this as motivation to investigate ways in Active Directory to trick attackers in getting caught by traps (or the other way around: How I as an attacker can circumvent possible traps / honeytokens from the blue team).ĭeploying deception techniques is in my opinion really important because most of the time the attacker is in advantage (the attacker just needs to find one vulnerability the defenders must find and fix all the attacker can attack when he wants, the defenders must detect attacks at every time. My university tasked me to write about deception (honeypots, honeyusers, honeytokens).
0 Comments
Leave a Reply. |