<2-3 sentences summarising what the project addresses and solves, the target audience, and the benefit.> Krawl is a cloud-native web deception server and anti-crawler designed to detect, delay, and analyze malicious attackers and automated scanners. It generates realistic fake web applications with decoy data and AI-generated HTML to attract and identify suspicious activity, helping to distinguish malicious behavior from legitimate crawlers. Targeted at security professionals, it provides a robust platform for understanding and mitigating web-based threats.

How It Works

Krawl employs multi-layered deception: spider traps with infinite random links, fake login pages (WordPress, phpMyAdmin), and honeypot paths advertised in robots.txt to exhaust crawlers. Fake credentials and canary token integration offer external alerts. It injects random server headers and errors to mimic real servers. A key differentiator is AI-generated deception pages, creating unique, plausible honeypot content on demand using OpenRouter or OpenAI models. Krawl also analyzes traffic patterns, HTTP methods, and request timing to build IP reputation scores, classifying IPs as attackers, bad crawlers, or regular users for automated mitigation.

Quick Start & Requirements

• Primary Install: Docker (standalone/scalable), Docker Compose, Kubernetes (Helm chart), or Python 3.13+ with uvicorn.
• Prerequisites: Standalone mode is dependency-free. Scalable mode requires PostgreSQL (v16+ recommended) and Redis. Python mode needs Python 3.13+ and requirements.txt. AI generation requires an Open