feat(api): GET /credential-reuse list + detail endpoints
Read-only routes for the credential-reuse findings produced by the correlator. Mirrors the /credentials route shape: JWT-gated via require_viewer, paginated with optional secret_kind / min_target_count filters, and a 404-on-missing detail route. No POST/PUT/PATCH (and no body parsing) so no 400 contract is documented.
This commit is contained in:
@@ -6,6 +6,7 @@ from .logs.api_get_logs import router as logs_router
|
||||
from .logs.api_get_histogram import router as histogram_router
|
||||
from .bounty.api_get_bounties import router as bounty_router
|
||||
from .credentials.api_get_credentials import router as credentials_router
|
||||
from .credential_reuse.api_get_credential_reuse import router as credential_reuse_router
|
||||
from .stats.api_get_stats import router as stats_router
|
||||
from .fleet.api_get_deckies import router as get_deckies_router
|
||||
from .fleet.api_mutate_decky import router as mutate_decky_router
|
||||
@@ -63,6 +64,9 @@ api_router.include_router(bounty_router)
|
||||
# Credentials (deduped attacker auth attempts)
|
||||
api_router.include_router(credentials_router)
|
||||
|
||||
# Credential reuse findings (cross-decky/cross-service same-secret hits)
|
||||
api_router.include_router(credential_reuse_router)
|
||||
|
||||
# Fleet Management
|
||||
api_router.include_router(get_deckies_router)
|
||||
api_router.include_router(mutate_decky_router)
|
||||
|
||||
Reference in New Issue
Block a user