SiteSpy

Cybersecurity Counterintelligence for IIS · Recon Early Warning & Canary Monitoring

AI Prompt Architect
Application-level defensive intelligence for IIS

SiteSpy — defensive telemetry that lives inside or alongside your web application

SiteSpy is an autonomous defense layer that analyzes HTTP behavior in real time and automatically instructs your firewall to block hostile traffic before attacks develop.

Stop attackers during the reconnaissance phase. SiteSpy runs alongside your application in the IIS application pool, using in-memory telemetry, embedded honeypots, and behavioral analysis to detect malicious intent before exploitation.

In-memory, real-time telemetry

SiteSpy tracks requests and responses within the IIS app pool, correlating behavior instantly without external collectors — analysis happens where the application runs.

Application-aware classification

Requests are classified by intent — search engines, social referrals, legitimate bots, automation, and reconnaissance — so you can focus on true threats, not noise.

Embedded honeypots & decoys

Decoy endpoints detect enumeration and scripted scanning attempts early, providing high-fidelity signals for automated defenses or human review.

Automatic firewall updates

When thresholds are met, SiteSpy can update Windows Firewall rules based on live application observations — blocking malicious sources before escalation.

Flexible deployment

Run SiteSpy embedded in an existing app, as a stand-alone monitor, or as a distributed telemetry mesh across multiple servers — scale from single sites to enterprise fleets.

Behavior-driven defense

Unlike packet-only tools, SiteSpy detects intent by observing how clients interact with the application — giving defenders time to respond during the mapping phase.

Ready to integrate: SiteSpy was designed to plug into existing IIS applications with minimal code changes and ships with configuration templates for production and stand-alone modes.

Platform Capabilities

  • Monitor connections to IIS application pools
  • Live real-time traffic views with OSINT enrichment
  • Log and annotate suspicious activity
  • Reduce noise by excluding known good bots
  • Export clean CSV logs for investigations
Your IP: 216.73.217.173
User Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)

About This Demo

The SiteSpy Live Log provides real-time visibility into traffic hitting your site.

If reconnaissance activity is detected, early-warning canaries redirect the client to decoy endpoints such as the 404 page, where activity is logged.

▶ Launch Live Demo

Threat Intelligence = Counterintelligence

Reverse reconnaissance against adversaries scanning your infrastructure.

Identify C2 servers, exploit probes, and XSS infrastructure early.

Threat Actors

The Flying Monkeyz HTTP Port Scanner is a reconnaissance-focused HTTP port scanning tool that pairs well with the SiteSpy monitoring platform for defensive counter-intelligence operations. It can be used to investigate IP addresses and cloud-hosted servers observed performing reconnaissance against your environment, sometimes uncovering exposed services, attacker tooling, or public repositories commonly used by threat actors during scanning and attack preparation.

Rick Cable Founder SiteSpy

Rick Cable

Founder — SiteSpy

Rick Cable is a Silicon Valley–raised technologist and former U.S. Navy systems administrator who managed shipboard logistics and financial computing systems and supported classified small-unit operations. He founded SiteSpy to bring operator-level visibility to modern web systems — monitoring not just uptime, but real behavior.

In parallel with his startup work, Rick has built a 21-year career in Healthcare IT at a fast growing healthcare system — from helpdesk and desktop/solution engineering (SCCM, Group Policy, Active Directory) to serving as a senior software developer for the last decade across multiple stacks.

Two lives: For 30+ years Rick has balanced a professional day-job in enterprise Healthcare IT and Military Service with nights and weekends building startups and hacking on technical projects. It’s a career shaped by operational discipline and relentless hands-on engineering.
Navy & Marine Corps Commendation Medal Meritorious Unit Citation Fortune-500 Healthcare IT (21 yrs) Senior Developer (10+ years)
Read Full Founder Story →