# AI-Driven Cybersecurity: Deploy Beelzebub + Regolo to Trap Hackers in Minutes 👉[Implement your HoneyPot now](https://dashboard.regolo.ai) Traditional honeypots are brittle—hackers spot static fake services instantly. Meanwhile, real attacks on your AI agents (prompt injection, lateral movement) happen in blind spots because you can't risk running a "real" vulnerable agent in production just to see what happens. Security teams need a way to **safely** observe how attackers interact with LLM-based systems without exposing actual infrastructure or customer data. **Run a Beelzebub Honeypot powered by Regolo in less than 10 minutes. 100% realistic interaction, zero risk to your stack.** ## **Outcome** - **Hyper-realistic Deception:** The LLM hallucinates a consistent, reactive file system or service (SSH, HTTP) so convincing that attackers waste hours dropping payloads into a void. - **Zero-Risk Intel:** Catch prompt injections and malicious commands aimed at your AI agents *before* they hit production. - **Instant Observability:** Logs every keystroke and command directly to your dashboard (or Prometheus/ELK), giving you a "black box" recording of the attack. ## **Prerequisites (Fast)** - **[Regolo API Key](http://dashboard.regolo.ai)**: Get it from the dashboard. - **Docker/Go**: Basic container or Go environment installed. - **Beelzebub**: The open-source framework (free). ## **Step-by-Step (Code Blocks)** ### ****1) Get your Regolo API Key**** Generate a key to give your honeypot a "brain." *Dashboard > API Keys > Create New* ### **2) Clone & Prepare** Download the framework. It’s a single Go binary or Docker container. ``` git clone https://github.com/mariocandela/beelzebub cd beelzebub mkdir -p ./configurations/services-regoloCode language: Bash (bash) ``` Expected output: Project structure ready for your custom configuration. ### **3) Configure the "Trap" (YAML)** Define an SSH service that looks like a vulnerable Ubuntu server, but is actually an LLM hallucination powered by Regolo. *File: ./configurations/services-regolo/ssh-trap.yaml* ``` apiVersion: "v1" protocol: "ssh" address: ":2222" description: "SSH Interactive Trap (Regolo)" commands: - regex: "^(.+)$" plugin: "LLMHoneypot" serverVersion: "OpenSSH" serverName: "ubuntu" # Allow common passwords to let them "win" access easily passwordRegex: "^(root|admin|password|123456)$" deadlineTimeoutSeconds: 6000 plugin: llmProvider: "openai" llmModel: "mistral-small3.2" # Efficient model for chat/terminal simulation host: "https://api.regolo.ai/v1" # Regolo's OpenAI-compatible endpoint openAISecretKey: "YOUR_REGOLO_KEY" systemPrompt: "You are an Ubuntu 20.04 LTS terminal. Respond only with the output of the command the user types. Do not explain. Be realistic."Code language: PHP (php) ``` Expected output: A configuration telling Beelzebub to route all SSH commands to Regolo and print the response as if it were a real terminal. ### **4) Build & Run** Compile the binary and launch it with your new config.​ ``` go build -o beelzebub . ./beelzebub --confCore ./configurations/beelzebub.yaml \ --confServices ./configurations/services-regolo/ ``` Expected output: **\[INFO\] SSH Honeypot listening on :2222** ### **5) Test the Deception** Try to hack yourself. ``` ssh root@localhost -p 2222 # Password: rootCode language: CSS (css) ``` Once inside, type ls -la, pwd, or cat /etc/passwd. Expected output: The LLM generates realistic file listings and command outputs instantly. To the attacker, it feels real. ## **Production-Ready: Docker Deploy** For a persistent deployment that survives reboots and logs data properly. ``` # docker-compose.yml version: '3' services: beelzebub: build: . ports: - "2222:2222" environment: - OPEN_AI_SECRET_KEY=${REGOLO_API_KEY} volumes: - ./configurations/services-regolo:/app/configurations/servicesCode language: YAML (yaml) ``` Command: **docker-compose up -d** ## **Benchmarks & Costs** Why use Regolo for this? | **Feature** | **Regolo (Mistral/Llama)** | **Traditional Honeypot** | |---|---|---| | **Realism** | **High (Generative)**. Adapts to *any* command.[ beelzebub-honeypot](https://beelzebub-honeypot.com/blog/how-to-build-honeypot-with-beelzebub-and-llm/)​ | Low. Fails on unexpected commands. | | **Maintenance** | **Zero**. No VM to reimagine or clean up. | High. Must reset compromised VMs daily. | | **Cost** | **~€0.01 per attacker session**. Pay only for generated text. | Fixed server costs + storage. | | **Risk** | **None**. Attacker is in a text simulation, not a shell. | Moderate. VM escapes are possible. | 👉[Implement your HoneyPot now](https://dashboard.regolo.ai) --- ## **Resources & Community** **Official Documentation:** - [n8n Documentation](https://docs.n8n.io/) - Workflow automation guide - [Regolo Platform](https://regolo.ai) - European LLM provider, Zero Data-Retention and 100% Green **Related Guides:** - [Boost Your Workflows with Regolo AI on n8n](https://regolo.ai/boost-your-workflows-with-regolo-ai-on-n8n/) - [Build Multi-Agent Workflows with crewAI Teams](https://regolo.ai/build-multi-agent-workflows-with-crewai-teams/) **Join the Community:** - [Regolo Discord](https://discord.gg/ZzZvuR2y) - Share your automation builds - [CheshireCat GitHub](https://github.com/cheshire-cat-ai) - Contribute plugins - Follow Us on X[ @regolo\_ai](https://x.com/regolo_ai) - Show your integrations! - Open discussion on our [Subreddit Community](https://www.reddit.com/r/regolo_ai/) --- ## **🚀 Ready to Deploy?** ## [**Get Free Regolo Credits →**](https://dashboard.regolo.ai) --- > *Built with ❤️ by the Regolo team. Questions? support@regolo.ai*