HoneyPeople is a cyber deception tool developed in collaboration with University of Trento.

HoneyPeople is a tool developed to interact with phishing/malicious emails in order to waste attacker’s time and gather valuable intelligence guiding the attacker in a sandboxed environment. HoneyPeople leverages Artificial Intelligence (AI) to emulate employees of a fictitious company or business unit; each employee can be customized to have a different personality and role.

Moreover, each employee can be configured with one or more computing machines (laptops, servers, etc.) on which they carry out their business activities; these machines are also used to make the user capable of interacting with malicious links and payloads contained in emails, thus not limiting to responding to the emails.

HoneyPeople has also been used as part of a Capture The Flag (CTF) competition, where participants were asked to use Social Engineering to gather access to the environment, giving a “breath of fresh air” to the competition. HoneyPeople has also been used as an educational tool allowing students to impersonate the attacker in order to make them aware about phishing campaigns, techniques employed and its consequences.

Ongoing developments aim to make the environment dynamic, allowing users to perform their business activities, making the environment more realistic and resembling a real company or business unit.

The code of HoneyPeople is available on GitLab.