-
Notifications
You must be signed in to change notification settings - Fork 0
ContextDiagram
The Context Diagram represents the WISETrap system as a single high-level process interacting with external entities.
WISETrap is a web-based credential honeypot designed to detect unauthorized access attempts by exposing a decoy login interface and a trap file located at:
https://honeypot.wise.local/login.txt
When this file is accessed, the system treats it as a suspicious event and triggers logging and alert mechanisms.
- Attempts to access the system
- Visits /login.txt or login page
- May try to exploit leaked credentials
- Receives security alerts
- Monitors system logs
- Analyzes attack patterns
- Stores:
- IP Address
- Timestamp
- Requested URL
- User Agent (optional)
- Sends real-time alerts to administrator
- Contains attack details (IP, time, endpoint)
- Attacker → WISETrap System: HTTP Request / Access attempt
- WISETrap System → Database: Store logs (IP, Timestamp, Request Data)
- WISETrap System → Email Service: Send alert notification
- Email Service → Administrator: Security alert message
When a user accesses the trap endpoint /login.txt:
- The system detects the request
- It logs the attacker’s IP address and timestamp
- The event is stored in the database
- An email alert is sent to the administrator immediately

This diagram shows how WISETrap acts as a deception-based security system where external attackers interact with a fake login environment and all activities are logged and reported to the administrator.
The purpose of WISETrap is to detect and log unauthorized access attempts using deception-based security techniques (Honeypot methodology), allowing administrators to analyze attacker behavior in real time.