Ideas, code snippets, links, etc related to actively defending applications (particularly web apps), and deceptive programming. This idea was expanded from my DerbyCon 2017 talk of the same name, due to some great post-talk feedback I received.
I don't claim to be a pioneer in this area, or to have invented it. The idea hit me during an internal web application test, when a tool I was using failed with odd results. Turns out, the tool in question was unable to properly parse a server-side redirect from a default.aspx webpage to the actual starting page.
So I thought, how can I undermine an attacker in the reconnaissance phase? If an attacker gets false/misleading data early on, logic suggests this would taint the entire attack process, rendering an attack much less effective. In order to do web app active defense properly, we must first have a good understanding of how the web attack process works.
Attackers are sneaky; we as defenders can be sneaky too!
Open an issue for ideas, suggestions, etc. I'm happy to give credit! :) I'll be posting stuff in the issues area, or in the main active defense repo...depends on fit