Documentation

Get started in minutes

Everything you need to deploy, configure, and monitor ShadowGuard.

terminal

❯ npm install -g shadowguard

❯ shadowguard init --domain yourdomain.com

❯ shadowguard deploy

❯ █

Three commands. That's it. ShadowGuard deploys honeypots, tarpits, and digital breadcrumbs across your infrastructure and starts scoring threats immediately.

Getting Started

Installation, first deployment, and configuration basics.

Core Concepts

Honeypots, tarpits, breadcrumbs, SGIS, and threat lifecycle.

API Reference

REST API, WebSocket events, and webhook integrations.

CLI Reference

All CLI commands, flags, and configuration options.

Integrations

SIEM, Slack, PagerDuty, and custom webhooks.

Self-Hosting

Docker deployment, Kubernetes, and custom infrastructure.

Configuration

One file. Full control.

Define your entire deception layer in a single YAML config.

shadowguard.config.yml

yaml

1# shadowguard.config.yml2domain: api.example.com3honeypots:4  count: 55  types: [api, admin, database]6tarpits:7  enabled: true8  delay_ms: 30009breadcrumbs:10  aws_keys: true11  db_strings: true12  api_tokens: true13sgis:14  threshold: 0.715  alerts: [slack, email]

Can't find what you need?

Open an issue on GitHub or join our Discord to get help from the team and community.

GitHub Issues Discord