# Beelzebub — LLM Deception Runtime (MCP Honeypot) > Beelzebub deploys LLM-powered decoys across SSH/HTTP/TCP/TELNET/MCP; verified 1,989★ and ships Docker Compose, Helm, and a structured CLI. ## Install Merge the JSON below into your `.mcp.json`: ## Quick Use ```bash git clone https://github.com/beelzebub-labs/beelzebub && cd beelzebub docker compose build docker compose up -d # Alternative (Go): go build -o beelzebub . && ./beelzebub run ``` ## Intro Beelzebub deploys LLM-powered decoys across SSH/HTTP/TCP/TELNET/MCP; verified 1,989★ and ships Docker Compose, Helm, and a structured CLI. **Best for:** Security teams building realistic decoys and testing prompt-injection / tool-call attack surfaces **Works with:** Docker Compose, Go build, or Kubernetes via Helm; optional OpenAI/Ollama backends **Setup time:** 10-25 minutes ### Key facts (verified) - GitHub: 1989 stars · 190 forks · pushed 2026-05-13. - License: GPL-3.0 · owner avatar + repo URL verified via GitHub API. - README-backed entrypoint: `docker compose up -d`. ## Main - Start with Docker Compose to validate the runtime loop, then switch to Helm once you know which deception services you want in production. - Treat YAML configuration as versioned security content: iterate decoy behaviors and replay incidents with comparable configs. - Use the CLI to validate config before rollouts, and test prompt-injection payloads only in a controlled lab. ### Source-backed notes - README describes multi-protocol decoy services including SSH, HTTP, TCP, TELNET, and MCP. - README provides launch paths: Docker Compose, local Go build (`./beelzebub run`), and Kubernetes via Helm. - README documents a structured CLI and flags for config paths and memory limits. ### FAQ - **Is this only a honeypot?**: No — README positions it as an active deception runtime with LLM-backed interactions. - **Can I start without Kubernetes?**: Yes — Docker Compose is the quickest validation; Helm is for scaling and operations. - **What’s a safe first test?**: Run a minimal config and test injection payloads in a controlled environment before exposure. ## Source & Thanks > Source: https://github.com/beelzebub-labs/beelzebub > License: GPL-3.0 > GitHub stars: 1989 · forks: 190 --- ## Quick Use ```bash git clone https://github.com/beelzebub-labs/beelzebub && cd beelzebub docker compose build docker compose up -d # Alternative (Go): go build -o beelzebub . && ./beelzebub run ``` ## Intro Beelzebub 可在 SSH/HTTP/TCP/TELNET/MCP 上部署 LLM 驱动的诱骗服务;已验证 1,989★,并提供 Docker Compose、Helm 与结构化 CLI。 **Best for:** 需要真实诱骗与验证提示词注入/工具调用攻击面的安全团队 **Works with:** Docker Compose、Go 构建或 Helm 上 K8s;可选 OpenAI/Ollama 等后端 **Setup time:** 10-25 minutes ### Key facts (verified) - GitHub:1989 stars · 190 forks;最近更新 2026-05-13。 - 许可证:GPL-3.0;作者头像与仓库链接均已通过 GitHub API 复核。 - README 中可对照的入口命令:`docker compose up -d`。 ## Main - 先用 Docker Compose 跑通闭环;确定生产要跑哪些 deception services 后,再迁移到 Helm/K8s。 - 把 YAML 配置当作版本化的安全内容:迭代 decoy 行为,并用可对比配置复盘事件。 - 用 CLI 在发布前校验配置;提示词注入 payload 建议只在受控环境中测试。 ### Source-backed notes - README 明确覆盖多协议诱骗服务:SSH、HTTP、TCP、TELNET 与 MCP。 - README 给出启动方式:Docker Compose、Go 本地构建(`./beelzebub run`)以及 Helm 上 Kubernetes。 - README 展示结构化 CLI:可指定配置路径与内存限制等参数。 ### FAQ - **它只是蜜罐吗?**:不止。README 将其定位为主动式 deception runtime,LLM 可生成更真实的交互。 - **不使用 Kubernetes 可以吗?**:可以。Docker Compose 适合先验证;规模化运维再考虑 Helm/K8s。 - **最安全的起步测试是什么?**:先用最小配置跑通,再在受控环境测试注入 payload,避免直接暴露。 ## Source & Thanks > Source: https://github.com/beelzebub-labs/beelzebub > License: GPL-3.0 > GitHub stars: 1989 · forks: 190 --- Source: https://tokrepo.com/en/workflows/beelzebub-llm-deception-runtime-mcp-honeypot Author: MCP Hub