Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
urbanists.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
We're a server for people who like bikes, transit, and walkable cities. Let's get to know each other!

Administered by:

Server stats:

525
active users

urbanists.social: AboutProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.8

#honeypot

2 posts2 participants0 posts today
Public
Sasha the Dancing Flamingo

🦩✨ Sasha’s Step 2: Now With Extra Chaos ✨🦩

So, you built a #honeypot. You watched a few bots faceplant into your fake SSH server. You got a taste of deception and now you're craving MORE.

Let me introduce you to your next obsession: ADHD (Active Defense Harbinger Distribution) from the fine humans at Black Hills InfoSec.

💻 It’s a full Linux distro pre-loaded with tools for:
🎣 Honeypots
🚨 Honeytokens
🪤 Tarpits
🧃 Credential bait
⚠️ And general attacker frustration

ADHD is like a honeypot buffet—with all the weird sauces already installed. Want to frustrate attackers with Endless SSH? Drop them in a Maze. Want to play with Kippo, Glastopf, or Artillery without building from scratch? ADHD says, “Come on in, the traps are fine.”

BUT LISTEN: This is not something you drop on your public-facing VPS or neighbor’s Comcast router. This is #homelab territory only. Sandboxed. Segmented. Safe. (Or Sasha will give you The Look™.)

Download it here:
👉 blackhillsinfosec.com/tools/ad

Flap wisely, my friends.
#Honeypots #CyberDeception #SashaTheDancingFlamingo #InfosecFun @rnbwkat

Black Hills Information Security, Inc. · ADHD
Replied in thread
Public
Paco Hope #resist

@kibcol1049 This is funny because I work in #cybersecurity. The term #honeypot has a totally different meaning for us.

We set up systems we call honeypots to lure in malicious hackers. They look vulnerable, they look like they have juicy data on them. But they actually are not really used for anything but lures. Anything connecting to that system is automatically suspicious because the system serves no other purpose. We are hoping that bad guys try to attack the honeypot so we can identify them; figure out what methods they’re using, and protect ourselves from them.

So the idea of a honeypot being something innocent and good (just popular) is the opposite of how I usually use that word. 😀

Public
RDP Snitch

2025-03-28 RDP #Honeypot IOCs - 181569 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSec

Top IPs:
138.199.24.6 - 91545
156.146.57.110 - 42849
156.146.57.52 - 10716

Top ASNs:
AS60068 - 93561
AS212238 - 64269
AS135161 - 10653

Top Accounts:
hello - 181455
Test - 33
eltons - 15

Top ISPs:
DataCamp Limited - 93561
Datacamp Limited - 64269
GMO-Z.COM PTE. LTD. - 10653

Top Clients:
Unknown - 181569

Top Software:
Unknown - 181569

Top Keyboards:
Unknown - 181569

Top IP Classification:
hosting & proxy - 160374
hosting - 10710
Unknown - 10440

Pastebin links with full 24-hr RDP Honeypot IOC Lists:
pastebin.com/BiF6s8Jh

Pastebin2025-03-28_stats.json - Pastebin.comPastebin.com is the number one paste tool since 2002. Pastebin is a website where you can store text online for a set period of time.
#CyberSec#SOC#Blueteam
Replied in thread
Public
Kevin Karhan :verified:

@signalapp It's not #disinfo when one points out that you demand #PII aka. #PhoneNumbers from Users and that is literally a architectural vulnerability, alongside your #proprietary & #Centralized #Infrastructure.

Not to mention the lack of @torproject / #Tor support with an #OnionService or the willingness to fulfill #cyberfacist "Embargoes" or shilling a #Shitcoin #Scam named #MobileCoin!

  • #KYC is the illicit activity!!!

And don't get me started on the #cyberfacism that is #CloudAct.

  • If you were secure, criminals would've used your platform so hard, it would've been shutdown like #EncroChat and #SkyECC.

I may nit have allvthe.evidence yet, but #Signal stenches like #ANØM: #Honeypot-esque!

Replied in thread
Public
Kevin Karhan :verified:

@alwayscurious @froge @fj #CloudAct alone not, but it's just the tip of the iceberg.

  • I bet you that @signalapp & @Mer__edith will comply with even the most illegal and cyberfacist orders when facing "rubberhose cryptoanalysis", which is a valid and likely risk factor in the #USA...

Again: The only #security is #decentralization!

  • This is why @torproject is still up and running: It cannot be shutdown even when all maintainers are being held at gunpoint.

#Signal is as vulnerable as #EncroChat if it's not a #Honeypot like #ANØM!

Replied in thread
Public *
Kevin Karhan :verified:

@licho @osman provide evidence the code @signalapp released is actually being deployed.

Not to mention pushing a #Shitcoin-#Scam (#MobileCoin) disqualifies #Signal per very design!
youtube.com/watch?v=tJoO2uWrX1M

  • Given the collection of #PII like #PhoneNumbers, the ability to restrict functionality based off those and the fact that #Signal is subject to #CloudAct make it inherently not trustworthy.

And don't even get me started on the fact.it's not sustainable to run it as a #VCmoneyBurningParty!

Same as identifying users: They already got a #PhoneNumber which in many juristictions one can't even obtain without #ID legally, thus making it super easy to i.e. find and locate a user. Even tze cheapest LEAs can force their local M(V)NOs to #SS7 a specific number...

  • All these are unnecessary risks, that could've been avoided, but explicitly don't even get remediated retroactively!

Again: Signal has a #Honeypot stench, and you better learn proper #E2EE, #SelfCustody and #TechLiteracy because corporations can't pull the 5th [Amendment] on your behalf!

YouTubeSignal's Terrible MobileCoin BetrayalBy The Hated One
Public
Kevin Karhan :verified:

@osman If your #OpSec, #InfoSec, #ComSec and/or #ITsec relies on @signalapp and/or @Mer__edith risking jail or worse, you fucked up!

Seriously, to me #Signal stenches #Honeypot like #ANØM & #CryptoAG.

That's why I get people setup with it!

Twitterthaddeus e. grugq on Twitter“I’m gonna tell you a secret about “logless VPNs” — they don’t exist. Noone is going to risk jail for your $5/mo https://t.co/Q2aOQJkG4g”
Public
Niels Heinen

It's just crazy how phpmyadmin mass exploitation remains popular (read: effective) to this day. The only developments I have seen in these exploit attempt is that the list of locations that are checked for phpmyadmin installations gets longer and more creative.

Other than that: pretty boring stuff

#honeypot#dfir#infosec
Continued thread
Public
berlin_radler

@abschleppgruppe@verkehrswende.social @abschleppgruppe@bird.makeup @bacwberlin Der weiße Pferdecontainer wurde ja gestern auf meine Aufforderung an die Truppen der 110 kostenpflichtig um 5 Meter aus dem Kreuzungsbereich nach links versetzt - um dem nächsten PKW Platz zu machen, dessen Besitzy auch gerne mal die Konsequenzen der #Wochendbrigade der @abschleppgruppe@verkehrswende.social am eigenen Geldbeutel erleben wollte😳 ... 110 anruf, VBH- Meldung #honeypot Regensburger @falschparkenber

Replied in thread
Public *
Kevin Karhan :verified:

@truls46 Ein gutes Gegenbeispiel zu @signalapp ist @monocles / #monoclesChat:

Ich denke mal das sollte hinreichend meine Argumebte darlegen.

  • Kernpunkt ist und bleibt: Signal ist bestenfalls gemeingefährlich-inkompetent oder ein #Honeypot!
docs.monocles.eumonocles chat - monocles Documentation
#honeypot
ExploreLive feeds
About