honeypot-tarpits
@goldenwing-360 · 收录于 1 周前
Lightweight detection techniques that work without a SIEM. Covers fake admin paths, decoy .env files, canary tokens, fake API keys planted in JS bundles, and tarpits that slow automated scanners. Invoke when public services see constant automated probing, when complementing fail2ban and WAF rules, or when high-signal detection is needed on a small budget.
适合你,如果服务器常被自动化扫描,想低成本获得高信号告警
/ 通过 npx 安装 校验哈希
npx oh-my-skill add goldenwing-360/claude-security-skills/honeypot-tarpits/ 通过 bash 安装
curl -fsSL https://oh-my-skill.com/install.sh | bash -s -- goldenwing-360/claude-security-skills/honeypot-tarpits/ 已经装过?验证本机副本,不用重装
npx oh-my-skill verify goldenwing-360/claude-security-skills/honeypot-tarpits安装目标可用 --agent / --scope 或 --to 明确指定;省略时只会在唯一已存在的 agent 目录上自动选择,零命中或多命中会停止并提示。content_hash 缺失或不一致均拒装。
13GitHub stars
~2.1K上下文体积 · 单文件
索引托管
评论
登录即可评论;带「已验证安装」的,是发布者名下有本店的安装或持有记录。
…