LobsterHoney Docs
Dashboard

Managing Traps

Viewing, toggling, and understanding your trap deployment.

The Traps page gives you full visibility into your deployed trap endpoints -- which traps are active, what type they are, and how much activity each one has seen.

Trap Overview

At the top of the page, overview stats summarize your trap deployment:

  • Total traps -- how many trap endpoints are configured
  • Active traps -- how many are currently enabled and serving content
  • Total hits -- cumulative trap interactions across all traps
  • Tripwires fired -- high-confidence signals triggered by trap visits

Trap Types

Every trap belongs to one of four categories:

TypeDescriptionExamples
FileTraps disguised as common files.env, .git/config, wp-config.php
ConfigTraps that look like configuration endpoints/api/v1/config, docker-compose.yml
APITraps that simulate API endpoints/api/v1/users, /graphql
PageTraps that resemble web pagesrobots.txt, sitemap.xml, debug pages

Each type targets different agent behaviors. File and config traps catch agents scanning for credentials. API traps catch agents probing for vulnerabilities. Page traps catch agents crawling site structure.

Toggling Traps

Find the trap

Use the search bar or scroll through the trap list. You can filter by type (file, config, api, page) or by site.

Toggle the active switch

Click the toggle to enable or disable a trap. Disabled traps stop serving content and no longer generate detection signals.

Pro plan users can manage individual traps and benefit from maze generation, which automatically selects the optimal set of 12--20 traps for your stack profile. Free plan users have a fixed default set.

Understanding Hit Counts

  • High hit counts on a trap mean agents are finding and interacting with it frequently -- this trap is well-positioned.
  • Zero hits may mean the trap path is not discoverable, or agents are not scanning that part of your infrastructure. Consider linking it from more locations.

Site Filtering

If you protect multiple sites, use the site filter in the navigation bar to view traps for a specific domain. Each site has its own trap deployment, and traps are scoped to the site they were created for.

See Also

  • Trap Types -- deeper coverage of callback tokens, extraction tokens, and canary credentials
  • Beacon Setup -- deploying traps via beacon
  • Proxy Mode -- deploying traps via reverse proxy
Threats CaughtBeacon Setup

Threats Caught

Reading and investigating detected AI agent sessions.

Detection Analytics

Understanding detection trends and analytics in your dashboard.

On this page

Trap OverviewTrap TypesToggling TrapsFind the trapToggle the active switchUnderstanding Hit CountsSite FilteringSee Also