

HoneyWire
A completely free, open-source distributed deception platform that deploys high-fidelity network canaries in 60 seconds with no persistent background daemons.
Cost / License
- Free
- Open Source (AGPL-3.0)
Platforms
- Self-Hosted
- Docker
Features
- Honeypot
Tags
HoneyWire News & Activities
Recent activities
andreicscs added HoneyWire as alternative to Trapster by Ballpoint
andreicscs added HoneyWire as alternative to Attivo Networks- andreicscs added HoneyWire as alternative to Lupovis.io
andreicscs added HoneyWire as alternative to Labyrinth Deception Platform
HoneyWire information
What is HoneyWire?
HoneyWire is a completely free, open-source alternative to enterprise deception technology (like Thinkst Canary). Designed specifically for self-hosters and security teams, it provides a high-fidelity, zero-noise alert system by deploying lightweight network canaries across your infrastructure.
Instead of sifting through thousands of log events to find a threat, HoneyWire uses a "fake door" approach. Because legitimate users have no reason to interact with these decoys, any interaction triggers an immediate, definitive alert for lateral movement or unauthorized access.
Key Features:
Frictionless Deployment: Go from a fresh Linux box to an active cyber canary in exactly 60 seconds.
Agentless Architecture: HoneyWire uses a point-in-time CLI wizard to deploy hardened, distroless Docker traps. Once the trap is spun up and registered, the setup agent completely exits. There are no persistent background daemons eating up host resources.
Centralized UI: Manage your entire fleet from a single Hub dashboard. Deploy or update sensors remotely, view uptime/health heartbeats, and track threat analytics.
Advanced Alerting & SIEM Integration: Features built-in push notifications (Discord, Slack, Ntfy) and native JSON syslog forwarding to seamlessly integrate with SIEM platforms like Wazuh.
Privacy-First & Self-Hosted: 100% free, AGPLv3 open-source, and built to run entirely on your own hardware.










