mattludwigs

mattludwigs

DeceptionRouter - trap scanners, spambots, and crawlers in an infinite number of pointless requests

Hey Elixir friends!

I stumbled across an interesting library in the Python community called spidertrap. It traps scanners, spambots, and crawlers in an infinite loop. This type of tool comes out of the field of cyber deception. Cyber deception is a proactive way to protect against bad actors. A trap like this will likely waste a bad actors time and resources.

I thought this was a cool tool and figured it would be fun to build it specifically for Elixir. So, here is DeceptionRouter.

How it works

DeceptionRouter is a plug router that can be integrated within an existing Phoenix project or any other plug based system. It will generate a list of random strings to make into links for the automated scanner to follow, however, each link leads back to another page of randomly generated links, and so on.

Since many of the scanning tools are automated, the bad actor will probably run it and wait, and wait they will! Even better if they run it on a type of cron job and they aren’t monitoring progress as closely - we can waste their time and resources even more!

Go forth and deceive

It’s always a good time to troll bad actors! I had fun exploring the topic of cyber deception and I hope this library can be the first of many Elixir specific security tooling (yes, please read this as forshadowing :smile:). Please feel free to open pull requests and give feedback.

Thank you!

Hex

https://github.com/mattludwigs/deception-router

Many thanks to spidertrap as the core inspiration!

Most Liked

BartOtten

BartOtten

Like the idea, like the effort you make on adding security libs to Phoenix.

DR, meet Crawly. I wonder if Crawly can be improved by letting them date and see how Crawly behaves :slight_smile:

Where Next?

Popular in Announcing Top

Crowdhailer
The latest release of Ace (0.10.0) includes serving content over HTTP/2. I have started writing a webserver to teach my self more about...
New
tmbb
I’ve been working on two packages (not on hex.pm yet) to build admin interfaces for phoenix apps: bureaucrat - which contains a bunch ...
New
bryanjos
Hi, I just published version 0.23.0 of Elixirscript. https://github.com/bryanjos/elixirscript/blob/master/CHANGELOG.md Most of the chan...
New
woutdp
Hi! I wanted to introduce my latest project LiveSvelte. It allows you to render Svelte inside LiveView with end-to-end reactivity. It’s ...
New
blatyo
The best overview for how things are tied together is this presentation. Modules and functions are pretty well documented at this point, ...
New
mbuhot
Leverage Open Api 3.0 (Swagger) to document, test, validate and explore your Plug and Phoenix APIs. Generate and serve a JSON Open API ...
New
versilov
Could not wait for the missing Elixir ML libraries to appear, so, I wrote one myself, taking https://github.com/sdwolfz/exlearn as a foun...
New
markmark206
simple_feature_flags is a tiny package that lets you turn features on or off based on which environment (e.g. localhost, staging, product...
New
zoltanszogyenyi
Hey everyone :waving_hand: Excited to join this forum - I am one of the founders and current project maintainers of a popular and open-s...
New
trisolaran
Hi! :waving_hand: I would like to present LiveSelect, a little library that I wrote to easily add a dynamic selection input to your LV f...
198 10954 107
New

Other popular topics Top

WestKeys
Currently suffering from paralysis by [HTTP client] analysis. This is rather unusual in Elixirland as there tends to be consensus on the ...
New
albydarned
Hello all! I am typing this post from my new MacBook Pro with the M1 chip. I’m loving it so far, and will probably use it as my daily dr...
New
minhajuddin
I have seen a lot of code which picks the first element from a list using Enum.at(0) instead of List.first. Is there a reason why people ...
New
josevalim
Hi everyone, One of the features added to Elixir early on to help integration with Erlang code was the idea of overridable function defi...
New
Lily
In templates/appointment/index.html.eex: <%= for appointment <- @appointments do %> <tr> <td><%= appoi...
New
gausby
I asked this very same question on twitter and got some interesting feedback, but I thought it would be a good question to ask here as we...
1207 39467 209
New
RisingFromAshes
I’ve read in another post that it may be possible with a router helper - but I couldn’t find an appropriate one, and tbh, I’m still just ...
New
KronicDeth
Elixir plugin for JetBrain’s IntelliJ Platform (including Rubymine) This is a plugin that adds support for Elixir to JetBrains IntelliJ...
289 36352 110
New
shijith.k
I am trying to start a new phoenix project with elixir 1.9, but mix phx.new does not work. It says that ** (Mix) The task "phx.new" could...
New
svb
Hi! Currently I want to submit a form by pressing the Enter key. However, since my input field is of type “textarea” this is just adds a...
New

We're in Beta

About us Mission Statement