Skip to content

Akshayshahi900/SaffronAI

Folders and files

NameName
Last commit message
Last commit date

Latest commit

οΏ½οΏ½

History

112 Commits
 
 
 
 
 
 
 
 

Repository files navigation

πŸ›‘οΈ SAFFRON AI β€” Agentic Scam Honeypot Simulator

SAFFRON AI is an AI-powered honeypot system that simulates a real user, engages scammers in multi-turn conversations, extracts scam intelligence, and visualizes attack patterns in real time.


🌐 Live Demo

https://saffron-ai.vercel.app


πŸš€ Overview

SAFFRON AI receives scam messages through an API and responds like a real user. During the interaction, it extracts useful intelligence such as UPI IDs, bank accounts, phone numbers, and phishing links.

Instead of only detecting scams, the system actively engages scammers and gathers actionable data.


🧠 System Flow

Scammer Message
      ↓
Frontend Simulator (React)
      ↓
FastAPI Backend
      ↓
Honeypot Agent (LLM)
      ↓
Intelligence Extraction
      ↓
Risk & Attack Flow Analysis
      ↓
Final Structured Output

βš™οΈ Tech Stack

  • Frontend: React (Vite, TypeScript)
  • Backend: FastAPI (Python)
  • LLM: API-based (Groq)
  • Deployment: Vercel (frontend), Render (backend)
  • Data Extraction: Regex + heuristic parsing

πŸ”₯ Features

  • Multi-turn scam conversation simulation
  • Human-like AI responses
  • Real-time intelligence extraction
  • Risk scoring and confidence estimation
  • Attack flow reconstruction
  • Session-based conversation tracking

πŸ“Š Extracted Intelligence

  • UPI IDs
  • Bank account numbers
  • Phone numbers
  • Phishing links
  • Suspicious keywords

πŸ§ͺ Example Output

{
  "upiIds": ["jobs.verify@fakebank"],
  "bankAccounts": ["1234567890123456"],
  "scamType": "Job Scam",
  "confidence": 0.99,
  "risk": "β‚Ή50,000 - β‚Ή2,00,000"
}

🧱 Project Structure

frontend/
  β”œβ”€β”€ components/
  β”œβ”€β”€ App.tsx
  β”œβ”€β”€ api.ts

backend/
  └── app/
      β”œβ”€β”€ api/
      β”œβ”€β”€ core/
      β”œβ”€β”€ services/
      β”œβ”€β”€ models/

πŸ§ͺ Run Locally

Backend

cd backend
export GROQ_API_KEY="your_key"
export HONEYPOT_API_KEY="test-secret"

uvicorn app.api.main:app --reload

Frontend

cd frontend
npm install
npm run dev

⚠️ Environment Variables

VITE_API_URL=your_backend_url
VITE_API_KEY=your_api_key
VITE_SESSION_ID=your_session_id

βš™οΈ How It Works

  1. A scam message is received
  2. The AI agent responds like a normal user
  3. The scammer reveals information
  4. The system extracts and stores intelligence
  5. Risk and scam type are calculated
  6. Final structured output is generated

🧩 Key Technical Challenge

Handling multi-turn conversations with consistent session state while keeping the UI responsive.

Solved using:

  • sessionId-based state management
  • separation of UI state and execution control
  • controlled async flow instead of uncontrolled polling

πŸš€ Future Improvements

  • Replace polling with WebSockets
  • Add persistent database for intelligence
  • Improve extraction using structured LLM outputs
  • Add multiple agent personas

🏁 Summary

SAFFRON AI demonstrates an active approach to fraud detection by engaging scammers and extracting real intelligence instead of only classifying messages.


πŸ‘¨β€πŸ’» Author

Built for HCL Γ— GUVI Hackathon

About

Agentic scam honeypot API that engages scam callers using LLM conversations to extract behavioral intelligence and detect fraud patterns.

Topics

Resources

Stars

Watchers

Forks

Packages

 
 
 

Contributors