oubliettesecurity/oubliette-trap
GitHub: oubliettesecurity/oubliette-trap
AI Agent欺骗平台,通过动态蜜罐与指纹识别解决自主AI威胁的诱捕与分析问题。
Stars: 0 | Forks: 0
# Oubliette
AI Agent Deception Platform -- honeypots, fingerprinting, and intelligence for autonomous AI threats.
Shield defends. Dungeon attacks. **Oubliette traps.**
## 它做什么
Oubliette deploys realistic honeypot MCP servers that attract, contain, fingerprint, and extract intelligence from AI agents. Unlike static honeypots, Oubliette generates **interconnected fake environments** where every response references shared state -- making the deception resistant to fingerprinting by sophisticated agents.
- **Deception Layer** -- 15+ honey tools per profile forming coherent fake infrastructure
- **Fingerprinting Engine** -- passive behavioral analysis + active probes classify agents as LLM, script, human, or compromised
- **Intelligence Layer** -- events persisted to SQLite, exportable as STIX 2.1, CEF, or JSON
## 快速开始
```
pip install oubliette-trap
# 启动蜜罐(Claude Code 的 stdio 传输)
oubliette serve
# 网络可访问的蜜罐
oubliette serve --transport sse --port 8080
# 启用主动指纹探测探针
oubliette serve --profile default --active-probes
# 导出收集的情报
oubliette export --format stix --output agents.json
oubliette export --format cef --output events.log
```
### 使用 Claude Code
Add to your MCP config:
```
{
"mcpServers": {
"oubliette": {
"command": "oubliette",
"args": ["serve"]
}
}
}
```
## 工作原理
1. Agent discovers the honeypot via MCP server listing
2. Agent calls honey tools (list_services, get_credentials, etc.)
3. Responses form a coherent fake environment with planted breadcrumbs
4. Fingerprinting engine classifies the agent type from behavioral signals
5. Optional active probes (instruction traps, canary tokens) confirm LLM agents
6. All interactions persisted and exportable as threat intelligence
## 由谁构建
[Oubliette Security](https://oubliettesecurity.com) -- AI security, cyber deception, and red teaming for defense applications.
## 许可证
Apache 2.0
标签:AI代理检测, AI安全, C2日志可视化, CEF, Chat Copilot, Homebrew安装, honeypot, JSON导出, LLM探测, MCP服务器, SQLite, STIX 2.1, 主动探针, 人工智能威胁, 共享状态, 威胁情报, 底层分析, 开发者工具, 开源安全工具, 指纹识别, 数据展示, 欺骗平台, 欺骗抵抗, 红队, 网络安全, 自主AI威胁, 蜜罐, 证书利用, 逆向工具, 逆向工程平台, 隐私保护, 面包屑