A web-based security tool for tracking and monitoring honeytoken access events. Built with C++ backend and modern web frontend.

• Real-time Event Monitoring: Track honeytoken access events in real-time
• Hot Token Detection: Identify most-abused honeytokens using doubly linked lists
• Alert Management: Queue-based alert system for SOC teams
• Incident Response: Stack-based action tracking with undo capability
• Statistics Dashboard: Visual charts for token type statistics
• Token Search: Fast BST-based lookup for individual token details

• Backend: C++ HTTP server using cpp-httplib
• Frontend: Vanilla JavaScript with modern UI
• Data Structures: Custom implementations (no STL containers for core DSA)
  • Binary Search Tree (BST) for token lookup
  • Singly Linked Lists for access history
  • Doubly Linked Lists for hot tokens
  • Circular Linked Lists for live feed
  • Stack for incident actions
  • Queue for alerts
  • Arrays for type counters

• C++11 compatible compiler (GCC, Clang, or MSVC)
• CMake 3.10 or higher
• Docker (for containerized deployment)
• Vercel CLI (for frontend deployment)

1. Build the project:

cd backend mkdir build cd build cmake .. make

2. Run the server:

./honeytracker [port] # Default port is 8080

3. The server will:
   • Start on http://localhost:8080
   • Serve the frontend from ../frontend
   • Provide API endpoints at /api/*

The frontend is served automatically by the backend server. Just open:

http://localhost:8080 

You can ingest log data via the API:

curl -X POST http://localhost:8080/api/ingest \ -H "Content-Type: text/plain" \ -d "2025-11-19T10:23:11Z alice 10.0.0.5 db_token_1 READ2025-11-19T10:23:15Z bob 203.0.113.8 admin_share_7 WRITE2025-11-19T10:24:01Z evil 45.12.33.9 fake_api_key_3 EXFILTRATE"

1. Build the Docker image:

docker build -t honeytracker .

2. Run the container:

docker run -p 8080:8080 honeytracker

docker-compose up

The backend will be available at http://localhost:8080

1. Install Vercel CLI:

npm i -g vercel

2. Deploy frontend:

vercel

3. Set environment variable in Vercel dashboard:
   • Go to your project settings → Environment Variables
   • Add BACKEND_API_URL with your backend API URL (e.g., https://your-backend.railway.app)
   • Redeploy after adding the variable

Note: For Vercel, you can also add a meta tag in index.html:

<metaname="backend-api-url" content="https://your-backend-url.com">

Or set it via JavaScript before the API client loads:

<script>window.BACKEND_API_URL='https://your-backend-url.com';</script>

The C++ backend can be deployed on:

• Railway: Connect GitHub repo, set Dockerfile path
• Render: Connect GitHub repo, use Docker deployment
• Fly.io: Use flyctl to deploy Docker container
• Any VPS: Run Docker container directly

• PORT: Server port (default: 8080)
• CORS_ORIGIN: Allowed CORS origins (default: *)

• POST /api/ingest - Submit log lines for processing
• GET /api/live-feed - Get last N events
• GET /api/hot-tokens - Get hot honeytokens list
• GET /api/alerts - Get pending alerts
• GET /api/type-counters - Get token type statistics
• GET /api/token/:tokenId - Get token details
• POST /api/action - Record incident action
• POST /api/action/undo - Undo last action
• POST /api/alert/process - Process next alert
• GET /api/stats - Overall statistics

Each log line should follow this format:

timestamp user ip tokenId action 

Example:

2025-11-19T10:23:11Z alice 10.0.0.5 db_token_1 READ 2025-11-19T10:23:15Z bob 203.0.113.8 admin_share_7 WRITE 2025-11-19T10:24:01Z evil 45.12.33.9 fake_api_key_3 EXFILTRATE 

. ├── backend/ │ ├── main.cpp # Server entry point │ ├── server.h/cpp # HTTP server │ ├── api_handlers.h/cpp # API endpoints │ ├── HoneyTracker.h/cpp # Core tracker logic │ ├── DataStructures.h/cpp # All DSA implementations │ ├── Config.h/cpp # Configuration │ ├── httplib.h # HTTP library │ └── CMakeLists.txt # Build config ├── frontend/ │ ├── index.html # Main page │ ├── css/ │ │ └── styles.css # Styling │ └── js/ │ ├── main.js # App controller │ ├── api.js # API client │ ├── liveFeed.js # Live feed module │ ├── hotTokens.js # Hot tokens module │ ├── alerts.js # Alerts module │ ├── actions.js # Actions module │ ├── stats.js # Statistics module │ └── tokenDetails.js # Token details module ├── Dockerfile # Docker configuration ├── docker-compose.yml # Docker Compose config ├── vercel.json # Vercel configuration └── README.md # This file 

MIT License