DNS – D E C E I V E R . I O

Deceive, Detect, Engage

Fake DNS Server

Goal: To identify attackers attempting to resolve internal domain names or perform DNS tunneling.

Approach: Monitoring queries to the fake DNS server and analyzing attacker behavior.

This element involves setting up a fake DNS server that responds to specific queries with deceptive answers or redirects them to a controlled environment.

Deceptive DNS Responses

Goal: Redirect attacker traffic to a controlled environment by providing deceptive DNS responses.

Approach: Manipulating DNS resolution to redirect traffic.

This element intercepts DNS requests for known malicious domains and returns a deceptive IP address, leading attackers to a honeypot or sinkhole.

Tag: DNS

Fake DNS Server

Deceptive DNS Responses

ORION Detlab: Forging Resilient Detections in the HEFAISTOS Ecosystem

The Maieutic Engine: Birth of a New Detection Engineering Paradigm

The Forge, The Guide, and The Hunter: Unifying Detection Engineering with the Mythological Triad of HEFAISTOS, KEDALION, and ORION

Dendrite: Bridging the Synaptic Gap Between External Intelligence and Internal Defense