Right now, as you read this, thousands of bots are silently probing web infrastructure across the internet. They're scraping content for AI training data, scanning for vulnerabilities, brute-forcing login pages, and harvesting credentials — and the vast majority of site operators have no idea it's happening.
We know this because we built a trap and watched.
What we found
We deployed a single Silkbriar node — one container, one IP address — and pointed it at the open internet. Within weeks, the numbers were staggering:
- 6,200+ unique bots found and entered the trap
- 195,000+ pages served to automated crawlers
- 47 GB of bandwidth consumed by bots chasing fake content
- 182+ hours of bot compute time burned on responses designed to waste their resources
These aren't theoretical numbers. They're live, updating in real-time on our site. Every one of those bots thought it had found a real target. Instead, it found an infinite maze of dynamically generated pages, fake credentials, and deliberately slow responses — each one burning the attacker's time and money while giving us full visibility into their behavior.
The problem is worse than you think
Most organizations focus their security budget on firewalls, WAFs, and perimeter defense. But the traffic that makes it through — the scrapers, the AI crawlers, the low-and-slow vulnerability scanners — operates in a blind spot. These bots don't trip traditional alarms. They look like normal HTTP requests. They follow links. They render JavaScript. And they're relentless.
The typical response is to block by user agent or rate limit. But modern bots rotate user agents, distribute across IP ranges, and throttle their own requests to stay under the radar. Blocking them is a game of whack-a-mole. You need a different approach.
What Silkbriar does differently
Instead of trying to keep bots out, Silkbriar invites them in — on our terms.
Detection. Every request is logged with full behavioral fingerprinting. User agents, request patterns, crawl speed, path preferences, header anomalies. Within minutes, Silkbriar can distinguish a legitimate crawler from a vulnerability scanner from an AI training bot.
Trapping. Bots enter an infinite maze of convincing, dynamically generated pages. Every page links to more pages. Fake API endpoints return plausible data. Login forms capture attempted credentials. The deeper they go, the more resources they burn.
Degradation. Responses are engineered to maximize cost for the requester while minimizing ours. Artificially delayed responses waste bot time. Compression bombs punish automated decompression. Every interaction is designed to make scraping your infrastructure a losing proposition.
Intelligence. Silkbriar doesn't just trap bots — it builds a picture of who's targeting you. Which ASNs are the traffic coming from? Are multiple IPs coordinated? What are they looking for? This is the data you need to make informed decisions about your security posture.
Built for real infrastructure
Silkbriar ships as a container. Deploy it on any infrastructure — cloud, VPS, on-prem, or alongside your existing services. It's designed to run quietly, collecting data from day one with minimal configuration.
We're building this for the people who actually manage infrastructure: sysadmins, DevOps engineers, security teams, and self-hosters who want visibility into what's really happening on their networks.
What's next
We're currently in a closed development phase, refining the tooling and building out the intelligence layer. We're looking for early adopters who want to deploy Silkbriar on their own infrastructure and help shape what it becomes.
If you run infrastructure and want to know what's actually hitting it, sign up for early access at silkbriar.com. We'll let you know when it's ready.
Silkbriar is an anti-bot honeypot and scraper intelligence platform. Learn more at silkbriar.com.