HoneyAgent Hive

They came to hack us. They left as our data scientists.

Comment

Inspiration

  • AI agents are talking to each other—and attackers know it. Traditional honeypots protect servers and networks, but nothing protects agent-to-agent communication. We asked: what if the agents themselves were the trap? What if every fake agent an attacker talks to makes our defenses smarter?

What it does

  • HoneyAgent Hive deploys decoy AI agents alongside real ones. Attackers can't tell which is which. When they probe, real agents check Auth0 credentials and reject. Honeypots play along—offering fake credentials, fake access, fake victories. Meanwhile, we capture behavioral fingerprints, map tactics to MITRE ATT&CK, and store attack patterns in S3 Vectors. Every attack teaches the swarm.

How we built it

  • AWS Strands SDK — 3-line agent creation with custom prompts
  • Auth0 M2M + FGA — Identity verification and fine-grained routing decisions
  • S3 Vectors — Behavioral fingerprint storage and similarity matching
  • TinyFish AgentQL — Semantic intent matching for natural honeypot responses
  • Cline CLI — Generates diverse honeypot code variations (different personas = harder to detect)
  • SvelteKit — Real-time demo dashboard with SSE streaming
  • Tonic Fabric — Generates fake credentials ## Challenges we ran into
    • Making honeypots convincing without being dangerous. They need to sound helpful enough to keep attackers engaged, but can't leak real info. We also struggled with the "attacker's view" problem—ensuring our traps look identical to real agents from the outside while being obviously different to defenders. ## Accomplishments that we're proud of
    • The live demo runs real agent-to-agent combat—no scripts, no fake responses. Attack agent vs honeypot agent, both making decisions in real-time. And our fallback-first architecture means the demo never crashes, even when services fail. ## What we learned
    • Deception is harder than detection. It's easy to block an attacker; it's hard to keep them talking long enough to fingerprint them. We also learned that identity is the perfect routing mechanism—no valid token means automatic honeypot, no rules needed.

Built With

Share this project:

Updates