Unmasking the True Identity: Unveiling the Secrets of Virtual Private Networks and Proxies

The growing use of VPNs, proxy servers, and Tor browsers has significantly enhanced online privacy and anonymity. However, these technologies are also exploited by cybercriminals to obscure their identities, posing serious cybersecurity threats. Existing detection methods face challenges in accurately tracing the real IP addresses hidden behind these anonymization tools. This study presents a novel approach to unmasking true identities by leveraging honeypots and Canarytokens to track concealed connections. By embedding deceptive tracking mechanisms within decoy systems, we successfully capture the real IP addresses of users attempting to evade detection. Our methodology was rigorously tested across various network environments and payload types, ensuring effectiveness in real-world scenarios. The findings demonstrate the practicality and scalability of using Canarytokens for IP unmasking, providing a non-intrusive, legally compliant solution to combat online anonymity misuse. This research contributes to strengthening cyber threat intelligence, offering actionable insights for law enforcement, cybersecurity professionals, and digital forensics. Future work will focus on enhancing detection accuracy and addressing the advanced evasion tactics used by sophisticated attackers.