Show HN: Stinger – Catch secret-stealing activity via local traps on macOS/Linux
Category: security
Tags: deception, endpoint-security, infostealer-detection
Score: 7.3/10 (Innovation: 7, Technical: 8, Documentation: 8, Utility: 6)
Stinger is an experimental endpoint deception tool that places decoy resources on macOS and Linux workstations to detect secret-stealing activity by malicious packages, extensions, or infostealers. It uses FIFOs, fanotify, and protected sessions to catch local interaction with traps before credentials are exfiltrated, addressing a gap in personal workstation security where EDR is absent. Its combination of unprivileged watch modes and configurable bait packs makes it a novel approach to early threat detection.
Target audience: security engineers, devops, power users
Repository: https://github.com/0x4D31/stinger · Go · Apache-2.0 · 12 stars
View on Hacker News