Comment on HoneyWire: Open-source, zero-agent cyber canaries for your homelab (Thinkst/OpenCanary alternative)
andreicscs@lemmy.world 3 days agoThat’s exactly how it works. You deploy these low-interaction decoys (traps) across your internal network to act as tripwires. Since legitimate users have no reason to touch them, any interaction is a high-fidelity alert indicating a potential breach or lateral movement. Right now, you can spin up a few different types of traps, like a network scan detector that sits completely quietly and triggers an alert if it detects a port or network scan hitting that specific node, or a Web Router Login Page, that looks like a legacy admin interface and instantly alerts you if someone tries to brute-force or log in. The best part about HoneyWire’s architecture is that developing new sensors is the easiest part, so the ecosystem is designed to be highly extensible as the community grows.
That’s very interesting. Thanks.
Now for the burning question on everyone’s mind…was this vibe coded, or AI assisted in any way? I don’t outright reject AI assisted projects, but of course my concerns are always security. Also, what is the depth of your experience coding?
Thanks
andreicscs@lemmy.world 3 days ago
No issue that’s a completely fair question, yes AI was used as an accelerator for writing boilerplate code, scaffolding the initial UI layout, and helping me structure the documentation. However, the core security logic, container architecture, and threat model were entirely designed and verified by me. I have about 8-9 years of software development experience. While HoneyWire is my first major public release, it’s the culmination of years of building internal tools, network utilities, and lab environments.
Because security is the primary focus, I deliberately designed the architecture to minimize risks. I highly encourage you to review the source code on GitHub, I’d be happy to receive feedback about the architecture or any threat-modeling critiques!