DirTrap

The DirTrap, also known as the Directory Trap, is a simple HackTrap that notifies you whenever someone browses a Windows directory using Windows Explorer. DirTrap also works with network shares, and requires no additional software.

Simply download the Zip file directory browseand extract it’s contents. The Zip file contains the directory structure you need. You can actually use both the Zip file and it’s contents as two HackTraps. Whenever the directory is browsed using Windows Explorer an alert will be generated. This means that anytime the Zip file is extracted, it’s contents are automatically browsed and an alert is also triggered. That is why the Zip file and it’s contents both serve as HackTraps.

directory trip
There are a few ways you can use DirTrap. I usually start by renaming the Zip file to something more identifiable such as Financials or Passwords. The goal is to entice prying eyes into opening the folder or extracting the Zip file, so the more attractive the name, the better. Once you’ve got it named you can place the extracted directory and the Zip file onto a network share(s), on a local computer, wherever you’d like. When you’ve got it where you want it, you can then add additional files to the directory, which could help to further entice would- be wrong doers. This is optional.

Again, whenever someone opens the directory in Explorer or extracts the Zip file; you will receive a notification.

As an example,

  • I downloaded the Zip file and extracted the folder to my desktop.
  • I then renamed the folder to “Top Secret” and added some dummy files to the directory.
  • I then copied that directory to our accounting folder and a cloud service.

Now, when an intruder takes the bait and opens my Top Secret folder; I will get an email alert!

More Examples

Some other places we suggest placing a DirTrap would include:

  • At the root of a main shared folder.
  • In any sensitive folders such as HR, Accounting, and Legal
  • In cloud folders like Box, Dropbox, OneDrive, and GoogleDrive.

For additional recommended reading, please visit our Need to Know page.