deepforkcyber.com
AI Honeypot · Threat Intelligence
Loading…
events observed
campaigns tracked
countries
networks

🎣 Credential-trap funnel

We plant fake cloud credentials. Attackers harvest them — and use them in the wild. This is the bait working, end to end.

planted
harvested
used out-of-band
distinct validators
harvest→use rate

Key uses over time

What attackers do with stolen keys

No out-of-band API actions recorded in this window.

Tracked campaigns

CampaignClassEventsCountriesFirst seen

Attack mix

Events per day

Top source countries

Top source networks

Credential-spray corpus

spray attempts
distinct sources

Usernames sprayed against the trap — only generic, well-known logins are published.

Password shapes

Structure of the sprayed passwords — never the values. “Target-domain derived” means mutated from the victim’s own domain.