Skip to content

chadi0x/HELL4U

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

xl

😈 HELL4U

The Next-Generation Autonomous AI Deception Platform

Docker React FastAPI PostgreSQL License: MIT

Turn your server into an inescapable labyrinth of digital deception.


Hell4U is a state-of-the-art honeypot and cyber-deception engine designed to actively trap, analyze, and troll malicious actors. Built for security researchers and SOC teams, it exposes fake infrastructure to the public internet while analyzing attacker behavior in real time with an uncensored AI.


⚡ Core Features

  • 🕸️ Multi-Protocol Honeypots: Fully interactive SSH, FTP, Telnet, and HTTP traps.
  • 🗺️ Global Attack Map: Visualize active sessions and incoming attacks in a beautiful, real-time cyber-map.
  • 🧠 Satan AI: An integrated, completely unrestricted AI that analyzes attacker intent, translates payloads, and chats with you about the incoming threats.
  • 🎙️ Voice Mode (SOC Operator): Hear live TTS announcements whenever an attacker connects, escalates privileges, or drops malware.
  • 🦠 Malware Sandbox: Automatically intercepts, hashes, and reverse-engineers dropped files using AI.
  • 🏗️ Fake Infra Builder: Instantly generate hyper-realistic dummy environments (Docker hosts, enterprise networks, startup databases) to fool manual attackers.
  • 🎯 IP Sniper: Generate weaponized tracking links to de-anonymize attackers attempting to phish or exploit your fake HTTP routes.

📸 Dashboard Preview

Screenshot 2026-05-21 at 20 13 52

🚀 Quick Start

Hell4U is fully dockerized and takes less than 60 seconds to deploy.

Prerequisites

  • Docker & Docker Compose (or OrbStack for Mac)
  • git

Installation

  1. Clone the repository:

    git clone https://github.com/chadi0x/hell4u.git
    cd hell4u
  2. Spin up the environment:

    docker compose up -d
  3. Access the platform:


🌐 Exposing the Trap

You don't need to port-forward your router to trap attackers. Hell4U has built-in integration guides for exposing your honeypot globally.

Instant SSH Exposure (Zero Install):

ssh -p 443 -R0:localhost:2222 a.pinggy.io

Instant HTTP Exposure:

cloudflared tunnel --url http://localhost:8080

Check the Exposure Tab in the dashboard for integrations with Ngrok, Serveo, LocalTunnel, and Tailscale.


🏗️ System Architecture

Hell4U is broken down into highly decoupled, microservice-based components:

Component Tech Stack Port Description
Frontend React, Vite, Framer Motion, TailwindCSS 3000 The real-time SOC dashboard.
Backend API FastAPI, SQLAlchemy (Async), PostgreSQL 8000 Core logic, session tracking, and AI integration.
Telemetry Redis Pub/Sub 6379 Handles live WebSocket events between the honeypots and UI.
SSH/Telnet/FTP Engine Python (asyncio), paramiko 2222,23,21 The interactive shell emulator.
HTTP Trap FastAPI 8080 Fake web vulnerabilities and admin panels.
Ollama Llama3 (Local) 11434 The uncensored "Satan AI" model powering malware analysis.

⚠️ Disclaimer

Hell4U is designed for educational, research, and defensive purposes only. By running this software, you agree that you are solely responsible for its use. Do not expose honeypots on production networks without understanding the security implications. All intercepted payloads should be treated as highly dangerous.


Built by chadi0x | Reach The Maker
"Welcome to Hell."

Releases

No releases published

Packages

 
 
 

Contributors