Live Statistics

HoneyMap surfaces →

Aggregate across the OpenA2A honeypot network.Last updated: 5/11/2026, 17:20:00 UTC

All metrics are measured events from deployed honeypots. No seeded, demo, or synthetic values are shown on this page.

Total Interactions

136,424

Every request to any honeypot page — visits, file fetches, canary hits

Unique Agents

25,597

Distinct agent fingerprints seen across all interactions

Payload Callbacks

1,760

Agent fetched the canary URL in an injected payload, proving it followed the instruction

Canary Triggers

Agent executed a secondary beacon beyond the initial canary fetch — deeper compromise signal, rarely fires

Attack Success Rate

1.3%(1,760 / 136,424)

1.3% of agents followed injected instructions

Canary Trigger Rate

0.0%(3 / 136,424)

0.0% of agents attempted data exfiltration

Interactions by Attack Category

13 categories

Attack-surface categories only. Research article pageviews (article-*) are excluded from this rollup.

Category	Interactions	Distribution
#1pwnagent-finance	376
#2pwnagent-ci	315
#3pwnagent-docs	315
#4prompt-injection	312
#5pwnagent-api	249
pwnagent-medical	209
data-exfiltration	120
jailbreak	117
context-manipulation	112
context-window	106
capability-abuse	73
mcp-exploitation	69
a2a-attack	68

View full leaderboard →

Sector Compromise Rates

Cross-site traffic attributed to a sector by URL path. Compare these rates across sectors — each is measured the same way.

Sector data requires agent interactions on sector pages (/sectors/healthcare, /sectors/finance, /sectors/devops).

Honeypot Verticals

One card per honeypot's self-declared vertical. The security vertical reflects agentpwn.com itself — its high rate is a selection effect from deliberate testing, not wild capture.

Wild VEIL sites have been live for ~1 month but receive almost entirely commodity-scanner background traffic (WordPress / PHP exploit probes). No AI-agent activity has been observed on any wild site yet. Cards below show whether each vertical has any confirmed agent compromise — raw request totals are not displayed because they are dominated by bot noise.

agentpwn.com

testbed

95.0%

1,299 of 1,368 interactions on this trap resulted in compromise

1,299 callbacks

How This Data Is Collected

When AI agents browse agentpwn.com, each page contains hidden injection payloads. If an agent follows the injection, it is instructed to call back to our API with the attack details. This data feeds into the OpenA2A threat intelligence ecosystem.

Privacy: IP addresses are hashed before storage. No PII is collected. User-Agent strings are the primary identifier.

Feedback loop: Interactions feed into new HMA scanner checks, DVAA lab scenarios, and threat matrix evidence. The ecosystem gets smarter with every visit.