<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:dc="http://purl.org/dc/elements/1.1/">
  <channel>
    <title>DEV Community: hema omer</title>
    <description>The latest articles on DEV Community by hema omer (@h3ma209).</description>
    <link>https://dev.to/h3ma209</link>
    <image>
      <url>https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F4027229%2F69738fd3-c065-4a4e-9221-f71839195957.png</url>
      <title>DEV Community: hema omer</title>
      <link>https://dev.to/h3ma209</link>
    </image>
    <atom:link rel="self" type="application/rss+xml" href="https://dev.to/feed/h3ma209"/>
    <language>en</language>
    <item>
      <title>I built a honeypot that wastes hackers' time instead of just logging them</title>
      <dc:creator>hema omer</dc:creator>
      <pubDate>Mon, 13 Jul 2026 12:08:47 +0000</pubDate>
      <link>https://dev.to/h3ma209/i-built-a-honeypot-that-wastes-hackers-time-instead-of-just-logging-them-3inj</link>
      <guid>https://dev.to/h3ma209/i-built-a-honeypot-that-wastes-hackers-time-instead-of-just-logging-them-3inj</guid>
      <description>&lt;p&gt;So I made krain-sec — a Go honeypot that pretends to be a fully functional corporate server, a full Krain Security ops console.&lt;/p&gt;

&lt;p&gt;Why I made this?&lt;/p&gt;

&lt;p&gt;Our servers have been getting hit by everything from script kiddies to above-average attackers. Firewalls and enterprise security solutions were expensive and a pain to maintain. &lt;/p&gt;

&lt;p&gt;So I built something lightweight, automated, and easy to deploy instead — for people who can't afford enterprise security products, usually small teams running their own infrastructure.&lt;/p&gt;

&lt;p&gt;What makes it different?&lt;/p&gt;

&lt;p&gt;Most honeypots out there are built to detect and log and usually block and manhunt the attacker. That's it. Krain-sec is built to waste attackers' time and irritate them — endless rabbit-holes, confuse scanners, dead ends that look like real progress.&lt;br&gt;
What's in the box&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;A login page and dashboard that look like the real ops tool&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;A fake admin SSH box with old command history and "emergency" credential files lying around&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;Bait files (canary-token style) that quietly phone home the second someone opens or exfils them&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;A browser-side trick (think WebRTC/fingerprinting) that can leak an attacker's real network info when they load the fake dashboard — still refining how far to take this, open to feedback here&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;A robots.txt / sitemap that basically says "don't look here" (so of course they look)&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;A live board showing who's knocking, what's failing, and what they've touched&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;The idea is simple: make them stay, dig, grab the wrong secrets, and burn time — while you watch.&lt;/p&gt;

&lt;p&gt;Scanners trip the forbidden paths. Humans loot the fake AWS keys. You watch it all light up on the dashboard.&lt;/p&gt;

&lt;p&gt;Running it&lt;br&gt;
Set your env variables, then:&lt;br&gt;
bashmake prod&lt;br&gt;
That's it.&lt;/p&gt;

&lt;p&gt;Try it / contribute&lt;br&gt;
Open source → &lt;a href="//github.com/h3ma209/krain-sec"&gt;Krain-Sec&lt;/a&gt;&lt;br&gt;
Lab / research only. Don't drop this onto a network you don't own, and this isn't meant for hacking back at anyone — just wasting their time and learning what they're after.&lt;/p&gt;

&lt;p&gt;More features are coming. If you run into issues, let me know.&lt;br&gt;
If you've got deception ideas — DNS canaries, Office beacons, Endlessh on port 22 — drop them below. Building in public.&lt;/p&gt;

</description>
      <category>cybersecurity</category>
      <category>go</category>
      <category>security</category>
      <category>showdev</category>
    </item>
  </channel>
</rss>
