VeilGate is a deception reverse proxy aimed at detecting and deceiving AI pentest agents, developed by a practitioner wh

VeilGate- Deception Reverse Proxy In my day job, I run AI pentest agents against real targets like banks, fintechs, and secured production stacks with paid WAFs. I also deal with multilayer infrastructure and dedicated security teams. Despite these defenses, I keep finding high and critical vulnerabilities using just an LLM agent loop, a few open-source tools, MCP servers, and Burp Suite.

The volume of traffic is increasing quickly. Agent-driven activity in web logs has shifted from occasional noise to a constant background presence. Tools like PentestGPT, CAI, Strix, and HexStrike allow you to set up fully autonomous agents against any target for under a dollar an hour of API cost. Most teams haven’t noticed this change because their tools weren’t designed to detect it.

This repetition started to concern me. Despite all the paid WAFs, the rules, and the layered infrastructure, I could still guide an AI agent through a secured target and find critical issues. So what is the actual defense?

The realization that changed my perspective: blocking doesn’t work. A 403 error is simply a signal in an LLM's context window. The agent sees "defended here," updates its model, and pivots in milliseconds. Every block provides free information that shows the attacker where your weaknesses are.

That’s why I created VeilGate as a deception proxy, not just another blocker. It sits in front of your app and operates in modes such as `observe`, `challenge`, `tarpit`, or `auto`. Each request is scored based