CDaaS (Cyber Deception-as-a-Service) is a modular deception framework designed to detect and mislead attackers using honeypots, honeyfiles, and DNS sinkhole traps — providing real-time logging and centralized visibility via a React-based dashboard.
CDaaS is built to simulate high-value assets inside an enterprise network to deceive, detect, and delay attackers. It offers a centralized control plane to manage all deception assets such as:
- Honeyfiles (fake documents that trigger alerts when accessed)
- Honeypot Web Login (decoy web login portal)
- DNS Sinkhole (detect malicious domain queries)
- Centralized Log Dashboard (React + Flask for real-time event monitoring)
- Provide lightweight deception capabilities for SMEs and scalable architecture for enterprise networks.
- Deliver actionable intelligence by tracking attacker interactions with decoy assets.
- Demonstrate how deception can proactively enhance threat detection beyond signature-based defense.
[User] → [React Frontend Dashboard] → [Flask Backend API] ↳ [SQLite / PostgreSQL Logs DB] ↳ [Honeypot / Honeyfile / DNS Sinkhole Modules]
| Module | Description |
|---|---|
| 🕵️♂️ Honeypot Web Login | Fake authentication page that logs attacker credentials & IPs |
| 📂 Honeyfiles | Generates decoy documents (.txt/.csv) — triggers alerts when opened or modified |
| 🌐 DNS Sinkhole | Captures malicious domain queries from infected hosts |
| 📊 Log Dashboard | React UI with filters, live refresh, export (CSV), and detailed event modal |
| ⚙️ API Backend | RESTful Flask API for asset management and log storage |
| Layer | Technology |
|---|---|
| Frontend | React.js, React-Bootstrap |
| Backend | Python (Flask, SQLite / PostgreSQL) |
| Deception Modules | Watchdog (Honeyfile monitoring), Custom Flask endpoints |
| Networking | DNS Sinkhole Simulation |
| Other Tools | Axios, Bootstrap, Requests, Python-Logging |
⚙️ Installation 1️⃣ Clone the Repository git clone https://github.com/Masontysom/CDaaS.git cd CDaaS
2️⃣ Backend Setup cd backend pip install -r requirements.txt python backend.py
3️⃣ Frontend Setup cd frontend npm install npm start
The app runs on:
Frontend → http://localhost:3000
Backend → http://localhost:5000