An automated cybersecurity research platform that creates a continuous feedback loop between AI-powered attackers and adaptive honeypots. Project Violet uses autonomous red team operations, LLM-enhanced honeypots, and adaptive reconfiguration to generate labeled attack datasets for defensive security research.
ββββββββββββββββββββββββββββββββ
β main_menu.py β
β Interactive CLI Interface β
ββββββββββββββββ¬ββββββββββββββββ
β
βββββββββββββββββββββββββββΌββββββββββββββββββββββββββ
β β β
βΌ βΌ βΌ
βββββββββββββββββββ ββββββββββββββββββββββ ββββββββββββββββββββββ
β Sangria β β Blue_Lagoon β β Reconfigurator β
β LLM Attacker ββββββΆβ Honeypot Infra ββββββ Adaptive Profiles β
β β β (Cowrie/Docker) β β β
ββββββββββ¬ββββββββββ ββββββββββββββββββββββ ββββββββββββββββββββββ
β β²
βΌ β
βββββββββββββββββββ β
β Purple βββββββββββββββββββββββββββββββββββββββββββββ
β Analysis & β Attack pattern analysis triggers
β MITRE Labels β profile reconfiguration
ββββββββββββββββββββ
Core loop: Deploy honeypot β LLM attacks it β Extract & label sessions β Analyze patterns β Generate new profile β Redeploy
- Docker & Docker Compose
- Python 3.11+
.envfile in the project root:
OPENAI_API_KEY="{your-openai-api-key}"
TOGETHER_AI_SECRET_KEY="{your-togetherai-api-key}"
TOKENIZERS_PARALLELISM=false
pip install -r requirements.txt
python main_menu.pyThe interactive menu provides five workflows:
| Option | Description |
|---|---|
| Start New Experiment | Configure models, reconfiguration method, session count, then run |
| Demo Mode | Showcase honeypot capabilities with scripted SSH sessions |
| Settings | Adjust LLM providers, models, profiles, CHeaT defenses |
| Prepare Experiment Data | Extract structured sessions from raw attack logs |
| Run Purple Analysis | HP comparison, meta analysis, visualizations |
Autonomous LLM-powered red team agent that conducts SSH-based attacks via a Kali Linux container.
- Attack loop (
sangria.py): LLM decides actions, executes commands via pexpect SSH, tracks state - State register (
attack_state.py): Tracks discovered hosts, credentials, files, services; deduplicates commands to prevent loops - MITRE labeling (
llm_tools.py): Each command is labeled with ATT&CK tactics and techniques at execution time - Model-specific tuning (
attacker_prompt.py): Behavioral overrides per model (Llama, DeepSeek, Qwen, GPT) to handle tool-calling differences
Supported models: GPT-4.1, GPT-4.1-Mini, O4-Mini, Llama 3.3 70B, Qwen 3.5 397B, DeepSeek V3/R1, and local models via Ollama/vLLM/LMStudio.
Docker orchestration layer for Cowrie honeypot deployment.
- Container lifecycle (
honeypot_tools.py): Build, start, stop, health-check containers - Compose generation (
compose_generator.py): Generates multi-hop honeynet docker-compose files with correct network topology - Credential chaining (
credential_chain.py): Seeds breadcrumb credentials across hops for realistic lateral movement
Fork of the Beelzebub honeypot with an LLM fallback system. When a command has no built-in handler, the honeypot calls the configured LLM to generate a realistic response, making the honeypot harder to fingerprint.
Dynamically generates new honeypot configurations based on attack patterns.
- Profile system: 16 pre-built JSON profiles (WordPress, database, CI/CD, monitoring, etc.) defining filesystem trees, file contents, and services
- LLM-driven generation (
new_config_pipeline.py): Creates new profiles with lure requirements (breadcrumb credentials, lateral movement targets, privilege escalation paths) - Novelty measurement (
profile_distance.py): Ensures new profiles are sufficiently different from previous ones - Lure enrichment (
lure_agent.py): Injects deceptive breadcrumbs into bash history, config files, SSH known_hosts - Database seeding (
db_seed_generator.py): Generates realistic SQL init scripts for MySQL/PostgreSQL
Reconfiguration triggers:
| Method | Description |
|---|---|
NO_RECONFIG |
Single profile, no adaptation |
BASIC |
Reconfigure every N sessions |
ENTROPY |
Shannon entropy of tactics over sliding window |
T_TEST |
Statistical significance testing on tactic sequences |
Post-attack analysis, MITRE ATT&CK labeling, and visualization.
- HP Comparison (
hp_comparison_cli.py): Compare session lengths across experiments - Meta Analysis (
meta_analysis_cli.py): MITRE tactic distributions, honeypot deceptiveness metrics - Visualizations (
run_analysis.py): Session length distributions, entropy over time, technique frequency - CHeaT detection (
cheat_detector.py): Detects attacker defenses against honeypots (unicode honeytokens, canary URLs, prompt injection, tool traps) - Session correlation (
session_correlator.py): Correlates multi-hop attack sessions
Proactive countermeasures against LLM-based attackers:
| Defense | Description |
|---|---|
| Unicode honeytokens | Credentials with zero-width Unicode characters |
| Canary URLs | Honey links planted in files and history |
| Prompt traps | Payloads in file contents to disrupt attacker LLM |
| Tool traps | Fake CVEs and false-positive tool outputs |
Project Violet supports multi-hop honeynets where the attacker must discover and pivot between hosts:
Kali (attacker)
β SSH
Hop 1: WordPress Server + MySQL
β credentials in config files
Hop 2: Database Server + PostgreSQL
β credentials in CI/CD configs
Hop 3: CI/CD Runner
Each hop runs an independent Cowrie instance on a separate Docker network. Credential breadcrumbs and /etc/hosts entries guide the attacker to the next hop.
Configure in config.py:
honeynet_enabled = True
chain_profiles = [wordpress_server, database_server, cicd_runner]
chain_db_enabled = [True, True, False]All settings are managed through config.py (or interactively via the menu):
# LLM providers: openai | togetherai | ollama | vllm | lmstudio | custom
llm_provider = "togetherai"
# Models for each component
llm_model_sangria = LLMModel.QWEN_3_5_397B
llm_model_honeypot = LLMModel.QWEN_3_5_397B
llm_model_reconfig = LLMModel.LLAMA_3_3_70B
# Reconfiguration strategy
reconfig_method = ReconfigCriteria.ENTROPY
# Session parameters
num_of_sessions = 400
max_session_length = 200
# CHeaT defenses
cheat_enabled = True
cheat_unicode_honeytokens = True
cheat_canary_urls = False
cheat_prompt_traps = Falselogs/
βββ {EXPERIMENT_NAME}/
β βββ metadata.json
β βββ sessions.json # Honeypot-visible commands
β βββ omni_sessions.json # All attacker commands
β βββ meta_analysis/
β β βββ tactic_distribution.csv
β β βββ honeypot_deceptiveness.csv
β βββ analysis_plots/
β β βββ session_length_*.png
β β βββ mitre_distribution_*.png
β β βββ entropy_*.png
β βββ hp_config_{N}/
β βββ honeypot_config.json
β βββ sessions.json
β βββ tokens_used.json
β βββ full_logs/
β βββ attack_{N}.json
βββ hp_comparison/
βββ session_length_statistics.csv
βββ session_length_comparison_boxplot.png
Honeypot profiles contain realistic-looking secrets (API keys, tokens) that trigger GitHub push protection. These are managed with a sanitize/restore workflow:
# Before committing β replace secrets with placeholders
./scripts/restore_lure_secrets.sh --sanitize
# After checkout β restore realistic secrets for deployment
./scripts/restore_lure_secrets.shSecret mappings are stored in scripts/.lure_secrets (gitignored). See the script for details.
# Run all tests
pytest
# Run by category
pytest -m unit
pytest -m integration
pytest -m statisticalβββ Sangria/ # LLM-powered autonomous attacker
βββ Blue_Lagoon/ # Honeypot Docker orchestration
βββ Cowrie/ # Modified Beelzebub honeypot with LLM fallback
βββ Reconfigurator/ # Adaptive profile generation & lure enrichment
β βββ profiles/ # 16 pre-built honeypot filesystem profiles
βββ Purple/ # Analysis, MITRE labeling, CHeaT detection
βββ Utils/ # Shared utilities (LLM client, JSON, caching)
βββ Tests/ # Unit, integration, and statistical tests
βββ scripts/ # Deployment and automation tools
βββ docs/ # Implementation plans and architecture guides
β βββ done/ # Completed plans
β βββ doing/ # In-progress work
β βββ upcoming/ # Planned features
β βββ how-it-works/ # Architecture documentation
βββ main_menu.py # Interactive CLI entry point
βββ main.py # Core orchestration engine
βββ demo.py # Demo mode with scripted attacks
βββ config.py # Centralized configuration
βββ docker-compose.yml # Container definitions
Permission errors with Docker
- Add your user to the docker group:
sudo usermod -aG docker $USER - Log out and back in for changes to take effect
Lure secrets blocking push
- Run
./scripts/restore_lure_secrets.sh --sanitizebefore committing - If new secret patterns are added to profiles, add mappings to
scripts/.lure_secrets
Cowrie not responding
- Check container health:
docker ps - View logs:
docker-compose logs cowrie - Ensure the profile JSON is valid:
python -m Reconfigurator.validate_config <profile.json>