mattludwigs

mattludwigs

DeceptionRouter - trap scanners, spambots, and crawlers in an infinite number of pointless requests

Hey Elixir friends!

I stumbled across an interesting library in the Python community called spidertrap. It traps scanners, spambots, and crawlers in an infinite loop. This type of tool comes out of the field of cyber deception. Cyber deception is a proactive way to protect against bad actors. A trap like this will likely waste a bad actors time and resources.

I thought this was a cool tool and figured it would be fun to build it specifically for Elixir. So, here is DeceptionRouter.

How it works

DeceptionRouter is a plug router that can be integrated within an existing Phoenix project or any other plug based system. It will generate a list of random strings to make into links for the automated scanner to follow, however, each link leads back to another page of randomly generated links, and so on.

Since many of the scanning tools are automated, the bad actor will probably run it and wait, and wait they will! Even better if they run it on a type of cron job and they aren’t monitoring progress as closely - we can waste their time and resources even more!

Go forth and deceive

It’s always a good time to troll bad actors! I had fun exploring the topic of cyber deception and I hope this library can be the first of many Elixir specific security tooling (yes, please read this as forshadowing :smile:). Please feel free to open pull requests and give feedback.

Thank you!

Hex

https://github.com/mattludwigs/deception-router

Many thanks to spidertrap as the core inspiration!

Most Liked

BartOtten

BartOtten

Like the idea, like the effort you make on adding security libs to Phoenix.

DR, meet Crawly. I wonder if Crawly can be improved by letting them date and see how Crawly behaves :slight_smile:

Where Next?

Popular in Announcing Top

jakub-zawislak
Hi everyone, I’m coming from the Symfony (PHP) framework. I like Phoenix, but it has a one thing that was build much better in the Symfo...
New
asiniy
Hey there! I wrote a download elixir package which does exactly what its name about - an easy way to download files. I saw solutions ab...
New
treble37
Just looking for a little feedback on a tiny helper library I built - Sometimes I find the need to convert maps with atom keys to maps w...
New
michalmuskala
Hello everybody. I have just released Jason - a new JSON library. You might be wondering, why do we need a new library? The primary foc...
New
tmbb
I’ve been working on two packages (not on hex.pm yet) to build admin interfaces for phoenix apps: bureaucrat - which contains a bunch ...
New
sorentwo
Hello! tl;dr Announcing Oban, an Ecto based job processing library with a focus on reliability and historical observability. After spen...
985 43487 311
New
ahamez
Hi everyone, I’ve been working on this protobuf library for 3 years. We use it in the company I work for, EasyMile, to communicate with ...
New
Qqwy
TypeCheck: Fast and flexible runtime type-checking for your Elixir projects. Core ideas Type- and function specifications are const...
336 14482 100
New
kevinlang
Hey all, We have made an Ecto3 Adapter for SQLite3, ecto_sqlite3! We have successfully on-boarded the full suite of integration tests (...
New
woutdp
Hi! I wanted to introduce my latest project LiveSvelte. It allows you to render Svelte inside LiveView with end-to-end reactivity. It’s ...
New

Other popular topics Top

Qqwy
Update: How to use the Blogs & Podcasts section You can post links to your blog posts or podcasts either in one of the Official Blog...
3271 127089 1222
New
JeremM34
Hello, how can I check the Phoenix version ? Thanks !
New
josevalim
Hi everyone, One of the features added to Elixir early on to help integration with Erlang code was the idea of overridable function defi...
New
chrismccord
As promised, the first release candidate of Phoenix 1.3.0 is out! This release focuses on code generators with improved project structure...
New
AstonJ
We’ve put together this wiki for Phoenix LiveView - please feel free to add any info you feel is worth including. What is Phoenix LiveV...
New
fireproofsocks
Forgive me if this is obvious, but how does one delete a database record WITHOUT selecting it first? Ecto.Repo — Ecto v3.14.0 has exampl...
New
aesmail
Hello guys, I have finally made it. I created an admin interface for a framework. It’s been on my todo list for years and with the curre...
New
saif
Hello everyone, Long time lurker first time poster here. I’ve recently begun working on Elixir full-time again! :raised_hands: It’s been...
New
JorisKok
I have a server on AWS, and was running a load test using artillery. When looking at the Phoenix dashboard I see the Ports going to 100% ...
New
jason.o
In the code below, if the create action is not set to accept “extra_key” as an input, it errors out with a message shown above. Is there ...
New

Latest on Elixir Forum

We're in Beta

About us Mission Statement