Registry – D E C E I V E R . I O

Deceive, Detect, Engage

Honeycomb Registry Hive

Create a decoy registry hive containing fabricated registry keys and values that mimic legitimate system configurations but contain misleading or deceptive information. Monitor access to this hive to identify attackers attempting to gather system information or modify registry settings.

Deceptive Windows Registry Keys

Goal: To identify attackers attempting to enumerate or modify sensitive registry keys.

Approach: Monitoring access to the deceptive registry keys and analyzing attacker behavior.

This element involves creating deceptive registry keys that mimic legitimate keys but contain misleading or deceptive information.

Attackers who attempt to access or modify the deceptive registry keys will be identified and their actions will be logged. This information can be used to improve defenses and make it more difficult for attackers to gather information about the system or modify its configuration.

Tag: Registry

Honeycomb Registry Hive

Deceptive Windows Registry Keys

ORION Detlab: Forging Resilient Detections in the HEFAISTOS Ecosystem

The Maieutic Engine: Birth of a New Detection Engineering Paradigm

The Forge, The Guide, and The Hunter: Unifying Detection Engineering with the Mythological Triad of HEFAISTOS, KEDALION, and ORION

Dendrite: Bridging the Synaptic Gap Between External Intelligence and Internal Defense