HoneyAI – AI-powered honeypot replacing Cowrie/OpenCanary/Galah with one process (github.com)

HoneyAI has launched as an all-in-one, AI-driven honeypot designed to efficiently replace existing solutions like Cowrie, Galah, and OpenCanary with a single Node.js service. Powered by a local large language model (LLM) from Ollama, HoneyAI proactively intercepts attackers across a wide array of protocols, including HTTP, SSH, FTP, and more. Instead of utilizing static responses, it generates dynamic, contextually relevant traps based on the nature of the attack, offering customizable bait such as fake database dumps or SSH keys. This real-time adaptability positions HoneyAI as a robust defensive tool in cybersecurity. The launch of HoneyAI is significant for the AI and machine learning community as it integrates advanced natural language processing capabilities into cybersecurity tools, enhancing their effectiveness against increasingly sophisticated cyber threats. By utilizing local LLMs, it not only maintains faster response times but also increases privacy and control over data. Key technical features include automatic reporting to multiple threat intelligence platforms and customizable deployment options via Docker, ensuring ease of setup. This combination of AI capabilities and practical deployment makes HoneyAI a noteworthy advancement in the cybersecurity landscape.