Back to browse
GitHub Repository

Unprivileged endpoint deception for macOS and Linux workstations. Uses FIFO baits, other local traps, and protected sessions to detect secret collection as it happens.

18 starsGo

Stinger – Catch secret-stealing activity via local traps on macOS/Linux

by 0x4d31·Jul 13, 2026·1 point·0 comments

AI Analysis

●●●BangerWizardryNiche GemBig Brain

FIFO baits catch stealers mid-collection before EDR or canary tokens ever fire.

Strengths
  • FIFO-based baits signal on blocking read without destroying the decoy file.
  • Protected sessions spawn fake HOME environments to trap credential harvesters.
  • Runs entirely unprivileged, avoiding the need for kernel extensions or root access.
Weaknesses
  • Limited to macOS and Linux; Windows users lack FIFO support for this approach.
  • Experimental fanotify backend on Linux may struggle with high-volume file access.
Category
Target Audience

Security engineers and privacy-conscious developers

Similar To

Canary Tokens · Thinkst Canaries · OpenCanary

Post Description

Stinger is an unprivileged endpoint deception tool for macOS and Linux. It uses FIFO baits, other local traps, and protected sessions to detect secret collection as it happens.

Similar Projects

AI/ML●●●Banger

Drive any macOS app in the background without stealing the cursor

Background macOS automation without cursor theft beats VM workarounds.

WizardryZero to OneBold Bet
frabonacci
192432mo ago
AI/ML●●●Banger

Drive any macOS app in the background without stealing the cursor

Background macOS automation without cursor stealing—works on Figma and Blender where AX APIs fail.

WizardrySolve My ProblemZero to One
frabonacci
102mo ago