Sep 16 2024 12:16 AM
Hi everyone,
i am trying to create some custom deceptions with the help of this blog post:
Stack Your Deception: Stacking MDE Deception Rules with Thinkst Canarytokens · Attack the SOC
The decoys are working (if i ping a host i specified - alerts are raised).
But i cannot find the lures. I created some special lures for high privilege personas and placed them into {HOME}\ and a filepath beneath that.
But i cannot find the files (show hidden is on). Are the folders also created by deception?
It's 5 days now - so time should also not be the problem.
How to troubleshoot?
BR
Stephan
Sep 18 2024 06:01 AM
Sep 18 2024 06:58 AM
Sep 30 2024 04:41 AM
Sep 30 2024 05:16 AM