LLM Honeypots: The Perfect Use for LLMs | Alec ArmbrusterAlec wrote, on July 13, 2026:<br>LLM Honeypots: The Perfect Use for LLMs
Huh? Honeypots?<br>So if you don’t know what a honeypot is: it’s a trap. It pretends to be a bunch of different vulnerable services, like a web, SSH, TCP server, in order to lure attackers in and collect data about them: which creds did they use to auth, which commands they run, what files they read, etc.<br>Crap, I can’t help but make an analogy here.<br>It’s like erecting a huge, realistic fake bank building on the corner of Main Street and Park Avenue. You fill it with fake prop money, thousands of real cameras and microphones, and then wait for someone to rob it, so you can scientifically analyze how the robbers carry out their heist and build a good defense against future attacks.<br>In most cases, honeypots benefit the entire world, because they reveal, in real time, attacks being carried out on the public internet. Plus, it’s really fun to operate honeypots if you’re into collecting juicy data.<br>In the past, we’ve had to hard-code each honeypot’s paths to make it convincing. That approach was brittle… one unexpected command or request would instantly reveal the honeypot’s true identity.<br>LLM Honeypots<br>But, then came the LLMs. It takes one viewing of Adel Karimi’s highly slept-on DEF CON 32 presentation on their LLM honeypot, Galah to realize a perfect use for LLMs is as honeypots.<br>Over the past few weekends, I’ve been jamming on my own hybrid-LLM honeypot, honeyprompt, written in TypeScript and Deno, meant to be easily extended by web developers, portable across platforms and easy to deploy in Docker. You can spin it up locally in seconds, so try it out and let me know what you think!
A (real) instance of a payload being executed on a honeyprompt honeypot, with Gemma 4 crafting a realistic SSH command response.Limitations<br>I have a few challenges ahead of me with this project:<br>Caching LLM responses to reduce latency, since a slow reply is one of the easiest ways for an attacker to spot the honeypot.<br>Generic vendor sink integrations to send the data to central server(s) for analysis.<br>Battle-testing honeyprompt against real-world attacks.<br>Thanks for taking the time to read this and learn about LLM honeypots!