api-decooyy/decoy-api.js

A plug-and-play security gateway that detects malicious traffic and redirects it to a decoy API

// decoy-api.js
const express = require('express');
const app = express();
const PORT = process.env.PORT || 8081;

// Enable JSON parsing
app.use(express.json());

// Log all requests to this decoy
app.use((req, res, next) => {
  console.log(`[DECOY] Received request: ${req.method} ${req.url}`);
  console.log(`[DECOY] Headers: ${JSON.stringify(req.headers)}`);
  console.log(`[DECOY] Body: ${JSON.stringify(req.body)}`);
  next();
});

// Generic response for all routes
app.all('*', (req, res) => {
  // Simulate a slight delay to make it look real
  setTimeout(() => {
    // Return fake data that looks legitimate
    res.json({
      status: "success",
      data: {
        id: Math.floor(Math.random() * 1000),
        name: "Resource " + Math.floor(Math.random() * 100),
        timestamp: new Date().toISOString(),
        metadata: {
          version: "1.0.3",
          server: "production-3",
          region: "us-east-1"
        }
      },
      message: "Operation completed successfully"
    });
  }, 200 + Math.random() * 300);
});

// Start the decoy server
app.listen(PORT, () => {
  console.log(`Decoy API running on port ${PORT}`);
});