Where every claim in SecProve
comes from.
A dense reading catalog. Every claim is footnoted. Sort by source, filter by pillar, type, or recency. Built for analysts who want to see what we are standing on.
Mature, widely deployed medium-interaction SSH and Telnet honeypot. Logs attacker commands, captures malware, proxies sessions. The standard reference implementation for SSH-honeypot questions.
Test your knowledge · A19Adversary engagement framework. Maps deception and denial operations to ATT&CK adversary behaviors. The defensive complement to ATT&CK for planning deception operations.
Test your knowledge · A19Cyber-resiliency engineering framework. Covers deception, diversity, dynamic positioning, and other techniques for systems designed to operate through compromise. The systems-engineering view of active defense.
Long-running international research community focused on honeypots and deception research. Source of many open-source honeypot tools (Cowrie, Conpot for ICS).
Test your knowledge · A19Free, lightweight tripwire tokens (DNS, AWS keys, Word docs, Kubeconfig). Trivial to deploy, high signal — any access is suspicious by definition. The standard reference for canary-style deception.
Test your knowledge · A19Ready to test what you've learned?
Our questions are built directly from these resources. Take a quiz and see how your knowledge stacks up.