AsterScan⚔ Live Intrusion Log ⚔
The attacks that tried.
The traps that caught them.
Every probe, exfiltration attempt, and credential test against AsterScan is captured by the Kairos Nemesis system. Some attackers take the bait. None walk out clean.
Total intrusions
0
🔓 Credential exfils
0
🎯 Tokens triggered
0
Unique attackers
0
Live intrusion feed
0 events captured · newest first · refresh every 15s
🏴 Most persistent attackers
No data yet.
Severity breakdown
No data.
⚔ How the trap works
The Kairos Nemesis system
Probe detected
Attacker scans for exposed config files (.env, .git/config, wp-config.php, appsettings.json, SQL dumps, admin panels). Nemesis classifies the path + user-agent in real-time and records a strike.
Trap served
We respond with a fully-plausible fake — populated with TRAP markers and two beacon URLs disguised as a Slack webhook and a health-check endpoint. 200ms tar pit added so the scanner burns time on us specifically.
Canary triggered
The moment the attacker (or their buyer) tests the stolen credentials, the beacon URLs ping back. We log the original exfil IP + the current testing IP. After three strikes, the IP gets a sliding-window ban (30 min → 24 h escalation).