Home » Osint Blog » MANUKA-A modular, scalable OSINT honeypot targeting pre-attack reconnaissance techniques

MANUKA-A modular, scalable OSINT honeypot targeting pre-attack reconnaissance techniques

Description

Manuka is an Open-source intelligence (OSINT) honeypot that monitors reconnaissance attempts by threat actors and generates actionable intelligence for Blue Teamers. It creates a simulated environment consisting of staged OSINT sources, such as social media profiles and leaked credentials, and tracks signs of adversary interest, closely aligning to MITRE’s PRE-ATT&CK framework. Manuka gives Blue Teams additional visibility of the pre-attack reconnaissance phase and generates early-warning signals for defenders.

Although they vary in scale and sophistication, most traditional honeypots focus on networks. These honeypots uncover attackers at Stage 2 (Weaponization) to 7 (Actions on Objectives) of the cyber kill chain, with the assumption that attackers are already probing the network.

Manuka conducts OSINT threat detection at Stage 1 (Reconnaissance) of the cyber kill chain. Despite investing millions of dollars into network defenses, organisations can be easily compromised through a single Google search. One recent example is hackers exposing corporate meetings, therapy sessions, and college classes through Zoom calls left on the open Web. Enterprises need to detect these OSINT threats on their perimeter but lack the tools to do so.

Manuka is built to scale. Users can easily add new listener modules and plug them into the Dockerized environment. They can coordinate multiple campaigns and honeypots simultaneously to broaden the honeypot surface. Furthermore, users can quickly customize and deploy Manuka to match different use cases. Manuka’s data is designed to be easily ported to other third-party analysis and visualization tools in an organization’s workflow.

Designing an OSINT honeypot presents a novel challenge due to the complexity and wide range of OSINT techniques. However, such a tool would allow Blue Teamers to “shift left” in their cyber threat intelligence strategy.

The dashboard

Tool design

Architecture

Manuka is built on the following key terms and processes.

Sources: Possible OSINT vectors such as social media profiles, exposed credentials, and leaked source code.
Listeners: Servers that monitor sources for interactions with attackers.
Hits: Indicators of interest such as attempted logins with leaked credentials and connections on social media.
Honeypots: Groups of sources and listeners that are organized into a single Campaign which analyzes and tracks hits over time.

System design

The framework itself consists of several Docker containers which can be deployed on a single host.

manuka-server: Central Golang server that performs CRUD operations and ingests hits from listeners.
manuka-listener: Modular Golang server that can perform different listener roles.
manuka-client: React dashboard for Blue Team to manage Manuka’s resources.

These containers are orchestrated through a single docker-compose command.

See full description of Manuka features in the documentation.

Posted by: @ESPYER

The Thrilling Adventure of Digital Sleuthing with IRBIS

May 24, 2023 No Comments

In the rapidly expanding digital world, IRBIS stands out as a revolutionary online platform for gathering digital intelligence. It offers a host of powerful tools, including deep web searches, facial recognition, and social media analysis, making the process of uncovering hidden insights on the internet simple yet efficient. What sets IRBIS apart is its use of proxy server technology, exemplified by providers like Oxylabs.io. This feature enhances privacy, speed, and access to geo-blocked content, making IRBIS an invaluable tool for both professionals and tech enthusiasts. Using IRBIS is akin to becoming a digital detective, equipped with a cutting-edge toolkit that makes the exploration of the online world an exhilarating experience.

Unveiling the Power of Facial Recognition

May 17, 2023 No Comments

Discover how the advanced facial recognition technology of Botodetective can revolutionize online investigations. With the ability to search for information about individuals using just their face picture, Botodetective offers a powerful tool for uncovering online presence and conducting thorough investigations. Dive into the world of AI-driven facial recognition and explore how this innovative technology is reshaping the landscape of online investigations. Unleash the potential of Botodetective and unlock a wealth of information with just a simple face picture. Stay ahead of the game and gain valuable insights into individuals’ online activities. Upgrade your investigative capabilities today with Botodetective’s facial recognition feature.

Mystic Faces Revealed: Crack the Code of the Unknown with Facial Photo Search

May 14, 2023 No Comments

Unleash the Epic Secrets: Master the Art of Discovery with Irbis.espysys.com

Are you curious to delve deeper into the lives of the people you encounter? With Irbis.espysys.com, you have the ultimate tool at your fingertips. This eye-catching article introduces the power of Irbis.espysys.com, an innovative platform that allows you to gather information about others based on phone numbers, names, email addresses, and even photos.

Discover the thrill of uncovering hidden truths about your date or satisfying your curiosity about someone you’ve crossed paths with on the street. Dive into the world of Irbis and witness its advanced facial recognition technology that can identify individuals and provide valuable insights.

Learn how to responsibly navigate this powerful tool and respect the privacy of others as you unlock the secrets that lie beneath the surface. Explore a world of endless possibilities, backed by a secure and encrypted environment.

Join us on this exciting journey and let Irbis.espysys.com become your guide in unraveling the mysteries that surround us. Unleash the epic secrets and master the art of discovery today!

The Atypical OSINT Guide

May 10, 2023 No Comments

This article explores the OffcierCia non-typical OSINT guide on GitHub, which is a library of materials for learning how to conduct open source intelligence (OSINT) investigations. The guide is intended for bored professionals and provides a wide range of unusual OSINT techniques and tools. The article covers the various sections of the guide, including immersive and gamified learning, training and practicing, external data, and more. It also includes a disclaimer that all information is for educational purposes only and based on public sources. The article aims to inform readers about this valuable resource for improving their OSINT skills.

Revolutionize Your Instagram Game with AutoGPT-Social

May 7, 2023 No Comments

Introducing AutoGPT-Social, an AI-powered tool designed to revolutionize your Instagram content strategy. By automatically generating eye-catching images, captions, and hashtags, this innovative bot optimizes posting schedules based on real-time feedback to maximize engagement. With customizable post frequency settings and automatic hashtag discovery, AutoGPT-Social simplifies content creation, helping you attract likes and followers with ease. To get started, visit the project’s GitHub page: https://github.com/WillReynolds5/AutoGPT-Social. Please use the bot responsibly and at your own risk.

#AutoGPTSocial #InstagramGrowth #AIContentGenerator #MaximizeEngagement

Is Your Date Who They Say They Are?

April 27, 2023 No Comments

This article highlights the importance of background checks not just for employers, but for individuals as well. It explains how background checks can be helpful for online dating, childcare, and renting out property. The article also mentions ClearCheck.io, a website that offers background check services with an easy-to-use platform and informative blog. The article emphasizes that conducting a background check can provide peace of mind and help make informed decisions about the people in your life.

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

PORT SECURITY CENTER

OSINT GEO PROFILER

OSINT MASS PROFILER

PUBLIC OPINION CENTER

SIMULATED INTERACTIONS

CORPORATE INTELLIGENCE

LAW ENFORCEMENT

NATIONAL SECURITY

MARITIME INTELLIGENCE

PUBLIC SAFETY