Search

More Filters

Show More
Add Listing
Go Back

beelzebub

0
New
Security & Compliance
Report

Report Abuse

Basic Information

Beelzebub is an advanced, low-code honeypot framework for detecting and analyzing cyber attacks. It uses AI-driven LLM integrations to convincingly simulate high-interaction systems while retaining a low-interaction architecture for safety and manageability. The project is intended for security teams and researchers who need realistic decoy services and automated collection of attacker behavior. Configuration is YAML-based and modular so operators can define services and ports per file. The repository includes example configurations for SSH, HTTP, TCP and a specialized MCP protocol that monitors prompt-injection attempts against LLM agents. Beelzebub is container and orchestration friendly with Docker Compose, Docker images, a Helm chart for Kubernetes, and examples to run the binary built with Go. It also provides observability hooks and guidance for logging and integration with common stacks.

Links

Stars
1354
App URL
https://github.com/mariocandela/beelzebub
Github Repository
https://github.com/mariocandela/beelzebub/blob/main/README.md

Categorization

App Details

Features
Beelzebub provides low-code YAML configuration and modular service definitions so operators can rapidly create honeypots. It integrates LLMs to emulate interactive terminals and services while keeping a safe, low-interaction backend. The framework supports multiple protocols including SSH, HTTP, TCP and MCP, where MCP is used to detect guardrail bypass and collect malicious prompts. It exposes Prometheus metrics and is observability-ready, with ELK stack integration documented. Deployments are supported via Docker Compose, Docker images, Helm and Kubernetes. The repo includes example service files for web and SSH honeypots, LLM provider examples (OpenAI, Ollama), CI and test pipelines, static analysis tools and code coverage tooling to ensure code quality.
Use Cases
Beelzebub helps defenders and researchers detect, analyze and respond to attacker activity by providing realistic decoy services that capture real attacker inputs and tactics. The MCP honeypot accelerates detection of prompt-injection and guardrail bypass attempts and logs genuine malicious prompts for iterative tuning of filters. Built-in metrics allow continuous monitoring of exploit trends and system resilience using objective measurements. Low-code YAML and provided examples reduce setup time and make custom scenarios easy to deploy. Container and Helm support let teams run isolated labs or production-grade honeypots, and integrations with observability and logging stacks simplify forensic analysis. The project also emphasizes testing, CI and static analysis for reliability in security deployments.

Categories

Content Creation (5042)
Monetization & Business (2246)
Development Tools (1407)
Marketing & Social Media (1403)
Education & Career (1380)
Multi-Agent Platforms & Frameworks (1009)
Health & Life (957)
AI Resources (920)
Agents & Automation (778)
Data & Analytics (764)
Productivity Tools (679)
Writing & Editing (666)

Similar Listings

listing image

pentagi

0 (0 review)
listing image

reaper

0 (0 review)
listing image

autobe

0 (0 review)
listing image

wcgw

0 (0 review)
listing image

Sage

0 (0 review)

Featured Listings

Tags

Please fill the required fields*