Hey everyone,
I wanted to run high-fidelity network canaries in my homelab, but I couldn't justify enterprise pricing, and I wasn't a fan of managing custom orchestration across all my VMs to make available oss solutions work.
So, I built HoneyWire. It’s a completely free, open-source distributed deception platform.
It uses a point-in-time CLI wizard to deploy hardened, distroless Docker traps. You run the command once, it spins up the decoy, registers it to your centralized Hub dashboard, and the setup agent completely exits. No persistent background daemons.
Features:
Zero-Agent: No ongoing background overhead on your hosts.
Centralized UI: View fleet health, uptime, and lateral movement alerts in dark mode.
Alerting: Built-in push notifications and SIEM forwarding.
Privacy: 100% free, open-source, and strictly zero telemetry.
GitHub Repo: https://github.com/andreicscs/HoneyWire Landing Page: https://honeywire.dev/
Would love to hear your thoughts on the architecture or any feedback if you test it out!
AI Disclosure: As a student and solo developer/maintainer, I used AI as a "junior dev" during project development to help accelerate boilerplate writing and documentation. All core architecture, system structure, and security logic were fully designed and implemented by me.
Ok, so see this AI Disclosure would be helpful in the original post. You're going to get downvoted either way, but at least it's upfront. Don't take it personal, it's just that there is a faction of very vocal anti-AI users here.
My 2p.
I appreciate the feedback and the 2p! I definitely don't take it personally. I completely understand the skepticism around AI in this community, which is why I don't hide it. At the end of the day, the core engine, the distroless container architecture, and the threat model were entirely engineered by me. HoneyWire is fully open-source and transparent, so anyone is welcome to audit the codebase. I also have several other public, non-AI projects on my GitHub if anyone wants to vet my background. But fair point I’ll make sure to be more upfront about using it as a scaffolding tool in future posts
"Artificial Intern" is the right way to use it to code.
I agree! Not all AI usage is bad, it definitely can be if you just copy paste its output or let it "build" on its own, but it can be a great tool if used correctly. At the end of the day the best "harness" for ai is the dev himself.
Awesome. I have bookmarked it in my Projects folder. It does look rather intriguing.
Thanks so much! I'd love to get your feedback if you end up deploying it. I've been staring at this codebase for so long that I'm sure I have some tunnel vision and might be blind to obvious issues. Let me know what you think!