Syrup is an SSH honeypot implementation written in Go that simulates SSH services to attract and monitor unauthorized access attempts. The tool provides SSH server functionality with configurable user accounts and passwords, allowing security professionals to create realistic decoy environments. It includes a fake shell interface that presents attackers with a simulated command-line environment while recording their activities. Key features include session recording capabilities that capture all shell interactions, virtual filesystem support that creates the appearance of a real system, and comprehensive logging of client activities including SSH key fingerprints. The honeypot supports both SFTP and SCP protocols to provide additional attack vectors for monitoring. Syrup outputs logs in JSON format for easy integration with security information systems and includes built-in ElasticSearch integration for centralized log management and analysis. The command set can be extended to customize the simulated environment based on specific monitoring requirements. The tool is designed to be cross-platform compatible, supporting deployment on Linux, Mac, and Windows systems. It serves as a deception technology solution for detecting reconnaissance activities and understanding attacker behavior patterns in SSH-based attacks.