SAFFRON AI is an AI-powered honeypot system that simulates a real user, engages scammers in multi-turn conversations, extracts scam intelligence, and visualizes attack patterns in real time.
SAFFRON AI receives scam messages through an API and responds like a real user. During the interaction, it extracts useful intelligence such as UPI IDs, bank accounts, phone numbers, and phishing links.
Instead of only detecting scams, the system actively engages scammers and gathers actionable data.
Scammer Message
β
Frontend Simulator (React)
β
FastAPI Backend
β
Honeypot Agent (LLM)
β
Intelligence Extraction
β
Risk & Attack Flow Analysis
β
Final Structured Output- Frontend: React (Vite, TypeScript)
- Backend: FastAPI (Python)
- LLM: API-based (Groq)
- Deployment: Vercel (frontend), Render (backend)
- Data Extraction: Regex + heuristic parsing
- Multi-turn scam conversation simulation
- Human-like AI responses
- Real-time intelligence extraction
- Risk scoring and confidence estimation
- Attack flow reconstruction
- Session-based conversation tracking
- UPI IDs
- Bank account numbers
- Phone numbers
- Phishing links
- Suspicious keywords
{
"upiIds": ["jobs.verify@fakebank"],
"bankAccounts": ["1234567890123456"],
"scamType": "Job Scam",
"confidence": 0.99,
"risk": "βΉ50,000 - βΉ2,00,000"
}frontend/
βββ components/
βββ App.tsx
βββ api.ts
backend/
βββ app/
βββ api/
βββ core/
βββ services/
βββ models/cd backend
export GROQ_API_KEY="your_key"
export HONEYPOT_API_KEY="test-secret"
uvicorn app.api.main:app --reloadcd frontend
npm install
npm run devVITE_API_URL=your_backend_url
VITE_API_KEY=your_api_key
VITE_SESSION_ID=your_session_id- A scam message is received
- The AI agent responds like a normal user
- The scammer reveals information
- The system extracts and stores intelligence
- Risk and scam type are calculated
- Final structured output is generated
Handling multi-turn conversations with consistent session state while keeping the UI responsive.
Solved using:
- sessionId-based state management
- separation of UI state and execution control
- controlled async flow instead of uncontrolled polling
- Replace polling with WebSockets
- Add persistent database for intelligence
- Improve extraction using structured LLM outputs
- Add multiple agent personas
SAFFRON AI demonstrates an active approach to fraud detection by engaging scammers and extracting real intelligence instead of only classifying messages.
Built for HCL Γ GUVI Hackathon