From Splunk to GitHub to Production: A Static Content Pipeline for Security Reports
Most security dashboards are locked inside the tool that generated them. Splunk, Grafana, whatever — useful internally, invisible...
Going Further: An Unauthenticated MongoDB Honeypot
After taking 41 minutes to get a working MongoDB interface, it seemed even more rewarding to emulate what...
Vibing MongoDB into OpenCanary: Building a MongoDB Honeypot in 41 Minutes
Hot on the heels of MongoBleed—and a recent Darknet Army post highlighting just how many MongoDB deployments still...
The Art of Wasting Hackers’ Time: A Honeypot Experiment
What happens when you turn the tables on automated attackers? The Setup For the past few days, I’ve...
(Another) Day in the Life of an OpenCanary Honeypot
🚨 My 3 OpenCanary honeypots are thriving! 🚨 These little traps are proving to be very popular—if Internet...
What RAR They Searching For?
File and folders targeted by bots Threat actors are no longer just hunting for individual secrets—they’re increasingly targeting...
All Your RAR Are Belong To Us
The Seismic Shift from YML Secrets to Stealing RARs and ZIPs Take Action🔓 Now is the time for...
Honeypot Malware 2024
Observations from running Open Windows Shares on the Internet When the OpenCanary honeypots were initially configured with open...
TOCE’s Top Attacker 2024
Connections Galore from South Korea One OpenCanary was subjected to a massive attack in 2024: over 7 million...
The State of the Internet, 2024
We You Are Under Attack The State of Internet Cyber Threats in 2024 In 2024, three OpenCanary honeypots...