icon-deception.svg
Deception

Supported Deception Features for Landmine Agent and Agentless Installers

The landmine agent and agentless installers support the following modules.

Defense Evasion and Privilege Escalation

ModulesFeatures/Browsers/Software/File DecoysLandmine AgentLandmine Agentless
WindowsmacOSLinuxWindowsmacOSLinux
Defense EvasionFake Security ProcessYesNoNoNoNoNo
Privilege EscalationMITM DetectionYesYesYesNoNoNo
Brute Force DetectionYesNoNoNoNoNo
Kerberoast DetectionYesNoNoNoNoNo
In Memory Credential DetectionYesNoNoNoNoNo

Cloud, Browser, and Session Lures

ModulesFeatures/Browsers/Software/File DecoysLandmine AgentLandmine Agentless
WindowsmacOSLinuxWindowsmacOSLinux
Cloud LuresAmazon Web Services (AWS) Identity Access Management (IAM)YesYesYesYesYesYes
Browser LuresChromeYesYesYesYesYesYes
FirefoxYesNoNoYesNoNo
Internet ExplorerYesNoNoYesNoNo
Session LuresDbVisualizerYesNoNoYesNoNo
Network DrivesYesNoNoYesNoNo
FileZillaYesYesYesYesYesYes
PuTTYYesNoNoYesNoNo
Remote Desktop Protocol (RDP)YesNoNoYesNoNo
Squirrel DBYesNoNoYesNoNo
Windows CredentialsYesNoNoYesNoNo
WinSCP SessionYesNoNoYesNoNo
KeyChain (MySQL, PostgreSQL, MongoDB)NoNoNoNoNoNo
KeyChain (HTTP, FTP, SMB, SSH, Telnet)NoYesNoNoYesNo
/etc/hosts FileNoYesYesNoNoNo
Bash HistoryNoYesYesNoYesYes
SSH ConfigNoYesYesNoYesYes

File Decoys

ModulesFeatures/Browsers/Software/File DecoysLandmine AgentLandmine Agentless
WindowsmacOSLinuxWindowsmacOSLinux
File DecoysCustom File DecoysYesNoNoNoNoNo
Credential File DecoysYesNoNoNoYesYes
Preconfigured File Dataset DecoysYesNoNoNoNoNo

Advance Deception Capabilities

ModulesFeatures/Browsers/Software/File DecoysLandmine AgentLandmine Agentless
WindowsmacOSLinuxWindowsmacOSLinux
Advanced Deception CapabilitiesPsExec DetectionYesNoNoNoNoNo
Ransomware DetectionYesNoNoNoNoNo
TriageYesNoNoNoNoNo

Related Articles
About Landmine Agent and AgentlessObtaining the Agent Registration TokenSupported Deception Features for Landmine Agent and Agentless InstallersDownloading Landmine AgentsInstalling a Landmine Agent on WindowsInstalling Landmine Agents on Windows Using MECM or SCCMInstalling a Landmine Agent Using an Active Directory Group Policy ObjectInstalling a Landmine Agent on LinuxInstalling a Landmine Agent on macOS