MCP ConfigsMay 14, 2026·2 min read

Beelzebub — LLM Deception Runtime (MCP Honeypot)

Beelzebub deploys LLM-powered decoys across SSH/HTTP/TCP/TELNET/MCP; verified 1,989★ and ships Docker Compose, Helm, and a structured CLI.

Agent ready

Safe staging for this asset

This asset is staged first. The copied prompt tells the agent to inspect the staged files and ask before activating scripts, MCP config, or global config.

Stage only · 17/100Policy: stage
Agent surface
Any MCP/CLI agent
Kind
Mcp Config
Install
Stage only
Trust
Trust: Established
Entrypoint
Asset
Safe staging command
npx -y tokrepo@latest install 1c7efabc-889b-530c-93fd-62bbe5736356 --target codex

Stages files first; activation requires review of the staged README and plan.

Intro

Beelzebub deploys LLM-powered decoys across SSH/HTTP/TCP/TELNET/MCP; verified 1,989★ and ships Docker Compose, Helm, and a structured CLI.

Best for: Security teams building realistic decoys and testing prompt-injection / tool-call attack surfaces

Works with: Docker Compose, Go build, or Kubernetes via Helm; optional OpenAI/Ollama backends

Setup time: 10-25 minutes

Key facts (verified)

  • GitHub: 1989 stars · 190 forks · pushed 2026-05-13.
  • License: GPL-3.0 · owner avatar + repo URL verified via GitHub API.
  • README-backed entrypoint: docker compose up -d.

Main

  • Start with Docker Compose to validate the runtime loop, then switch to Helm once you know which deception services you want in production.

  • Treat YAML configuration as versioned security content: iterate decoy behaviors and replay incidents with comparable configs.

  • Use the CLI to validate config before rollouts, and test prompt-injection payloads only in a controlled lab.

Source-backed notes

  • README describes multi-protocol decoy services including SSH, HTTP, TCP, TELNET, and MCP.
  • README provides launch paths: Docker Compose, local Go build (./beelzebub run), and Kubernetes via Helm.
  • README documents a structured CLI and flags for config paths and memory limits.

FAQ

  • Is this only a honeypot?: No — README positions it as an active deception runtime with LLM-backed interactions.
  • Can I start without Kubernetes?: Yes — Docker Compose is the quickest validation; Helm is for scaling and operations.
  • What’s a safe first test?: Run a minimal config and test injection payloads in a controlled environment before exposure.
🙏

Source & Thanks

Source: https://github.com/beelzebub-labs/beelzebub > License: GPL-3.0 > GitHub stars: 1989 · forks: 190

Discussion

Sign in to join the discussion.
No comments yet. Be the first to share your thoughts.