Cyber security

DOLOST – Harnessing Cyber Deception For Strategic Security Deployments

Explore the cutting-edge framework ‘DOLOST,’ designed to innovate the field of cyber deception.

This tool automates the deployment of decoys and deceptive environments, enhancing security strategies.

Learn how DOLOST not only creates but also meticulously designs these operations to outsmart and trap potential threats.

Table Of Contents

  • About
  • Installation
  • Usage
  • Examples
  • Contributing
  • License

About

DOLOST is a framework designed to automate the creation and deployment of decoys and deceptive environments in the context of cyber deception operations.

It also guides the design of deception operations with a deep understanding of engagement strategies.

Installation

  1. Ensure Python and Docker are Installed:Make sure you have Python 3.7 or later installed on your system and Docker installed on your Decoy’s host (it could be the same system you are using right now, just keep it in mind for when you configure DOLOST). You can download and install Python from the official Python website and Docker from the official Docker website.
  2. Install DOLOST Using pip:Run the following command to install the project:
# Python 3.7+ required
$ python3 -m venv .venv
$ source .venv/bin/activate
$ pip install DOLOST

3. Final Checks:Ensure that all required dependencies are installed without any errors.

If you encounter any issues during the installation process, refer to the error messages for troubleshooting steps.

Usage

To use the framework you need to start it with a first definition of the Docker client to connect with.

Here you have an example for DOLOST execution:

import DOLOST

# Available Docker Client configuration:
# - from_env: Will try to use the current environment configuration to reach dockerd.
# - tcp: Will use the provided host and port to reach dockerd.
# - tcp_ssl: Will use the provided host and port + the SSL certificates to reach dockerd using TCP+SSL.
# - socket: Will use the provided socket path to reach dockerd.

# For more detailed information, refer to "Configuring Docker Client" in the Documentation.

dc = {'from_env': True}

# Available Verbosity Levels:
# - TRACE: Provides detailed tracing information.
# - DEBUG: Displays debug messages for troubleshooting.
# - INFO: Provides general information about the execution.
# - WARN: Displays warnings for potential issues.
# - ERROR: Indicates errors that occurred during execution.

# Note: Each verbosity level includes all levels above it. For example,
# setting verbosity to DEBUG will also display INFO, WARN, and ERROR messages.

verbosity = "INFO"
    
if __name__ == "__main__":
 DOLOST.start(verbosity=verbosity, docker_client=dc)

Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.

Recent Posts

Cybersecurity – Tools And Their Function

Cybersecurity tools play a critical role in safeguarding digital assets, systems, and networks from malicious…

7 hours ago

MODeflattener – Miasm’s OLLVM Deflattener

MODeflattener is a specialized tool designed to reverse OLLVM's control flow flattening obfuscation through static…

7 hours ago

My Awesome List : Tools And Their Functions

"My Awesome List" is a curated collection of tools, libraries, and resources spanning various domains…

7 hours ago

Chrome Browser Exploitation, Part 3 : Analyzing And Exploiting CVE-2018-17463

CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, allowed attackers to execute arbitrary…

7 hours ago

Chrome Browser Exploitation, Part 1 : Introduction To V8 And JavaScript Internals

The blog post "Chrome Browser Exploitation, Part 1: Introduction to V8 and JavaScript Internals" provides…

7 hours ago

Chrome Browser Exploitation, Part 3: Analyzing and Exploiting CVE-2018-17463

The exploitation of CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, relies on…

10 hours ago