Our Red Team regularly challenges Fortune 500 defenses. Often times, a decent ADCS honeypot could have stopped us.

So we built one.

Blog post: https://www.srlabs.de/blog-post/certiception-the-adcs-honeypot-we-always-wanted

Source code: https://github.com/srlabs/Certiception/

Presentation at @WEareTROOPERS, including a strategic guide to deception: https://github.com/srlabs/Certiception/blob/main/documentation/The_Red_Teamers_Guide_To_Deception.pdf