anti/DECNET
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
219 Commits 4 Branches 2 Tags
1d739578328d8444cc7b68078fd0f075acbdc0f0
Commit Graph

219 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
anti
d139729fa2 docs: revert incorrect roadmap ticks 2026-04-08 00:38:03 -04:00
anti
dd363629ab docs: update roadmap items in DEVELOPMENT.md 2026-04-08 00:35:43 -04:00
anti
c544964f57 feat: migrate dashboard live logs to Server-Sent Events (SSE) 2026-04-08 00:30:31 -04:00
anti
6e19848723 ui: improve mutation feedback and increase timeout for long-running docker ops 2026-04-08 00:22:23 -04:00
anti
e24da92e0f fix: increase timeout for mutate API call to handle slow docker ops 2026-04-08 00:21:16 -04:00
anti
47f0e6da8f fix: correctly iterate over all deckies in _build_deckies_from_ini 2026-04-08 00:19:42 -04:00
anti
18de381a43 feat: implement dynamic decky mutation and fix dot-separated INI sections 2026-04-08 00:16:57 -04:00
anti
1f5c6604d6 feat: integrate API lifecycle with teardown and update dependencies 2026-04-07 23:30:08 -04:00
anti
a9c7ddec2b fix: enforce absolute paths for state and database files 2026-04-07 23:21:16 -04:00
anti
eb4be44c9a feat: add dedicated Decoy Fleet inventory page and API 2026-04-07 23:15:20 -04:00
anti
1a2ad27eca test: add comprehensive property-based fuzzing for all API endpoints 2026-04-07 20:14:53 -04:00
anti
b1f09b9c6a chore: move development docs to development/ and clean up project root 2026-04-07 20:07:56 -04:00
anti
3656a89d60 docs: add comprehensive EVENTS.md detailing all service log events 2026-04-07 20:02:54 -04:00
anti
ba2faba5d5 chore: enforce strict typing and internal naming conventions across web components 2026-04-07 19:56:15 -04:00
anti
950280a97b feat: render structured syslog tags and msg in Dashboard 2026-04-07 15:56:45 -04:00
anti
7bc8d75242 feat: parse RFC 5424 fields and msg directly in backend 2026-04-07 15:56:01 -04:00
anti
5f637b5272 feat: switch to JSON-based log ingestion for higher reliability 2026-04-07 15:47:29 -04:00
anti
6ed92d080f fix: invoke uvicorn via sys.executable to handle sudo PATH restrictions 2026-04-07 15:39:32 -04:00
anti
1b593920cd feat: add --api flag to deploy and new web command for dashboard 2026-04-07 15:32:04 -04:00
anti
bad90dfb75 feat: implement background log ingestion from local file 2026-04-07 15:30:44 -04:00
anti
05e71f6d2e feat: frontend support for mandatory password change and react-router integration 2026-04-07 15:16:11 -04:00
anti
52c26a2891 feat: backend support for mandatory password change on first login 2026-04-07 15:15:03 -04:00
anti
81135cb861 fix: switch to direct bcrypt usage for Python 3.14 compatibility 2026-04-07 15:07:46 -04:00
anti
50e53120df feat: initialize React frontend with minimalistic Matrix theme 2026-04-07 15:05:06 -04:00
anti
697929a127 feat: implement Stats endpoints for web dashboard 2026-04-07 14:58:09 -04:00
anti
b46934db46 feat: implement Logs endpoints for web dashboard 2026-04-07 14:56:25 -04:00
anti
5b990743db feat: implement Auth endpoints for web dashboard 2026-04-07 14:54:36 -04:00
anti
fbb16a960c feat: add web dashboard dependencies to support real-time monitoring 2026-04-07 14:51:37 -04:00
anti
c32ad82d0a Modified README: added more examples to the config.ini section and modified instructions for quick setup. 2026-04-06 11:28:29 -04:00
anti
850a6f2ad7 Finished: CI/CD pipeline. 2026-04-06 11:18:10 -04:00
Samuel P. Vega
d344e4c8bb revert f8a9f8fc64 
revert Added: modified notes. Finished CI/CD pipeline.
 2026-04-06 17:17:31 +02:00
anti
f8a9f8fc64 Added: modified notes. Finished CI/CD pipeline.
All checks were successful
PR Gate / Lint (ruff) (pull_request) Successful in 18s
Details
PR Gate / Test (pytest) (3.11) (pull_request) Successful in 20s
Details
PR Gate / Test (pytest) (3.12) (pull_request) Successful in 22s
Details
2026-04-06 11:10:56 -04:00
anti
a428410c8e Modified README.md: added AI disclosure 2026-04-06 11:09:44 -04:00
anti
e5a6c2d9a7 Skip CI on markdown-only changes
All checks were successful
CI / Lint (ruff) (push) Successful in 16s
Details
CI / Test (pytest) (3.11) (push) Successful in 19s
Details
CI / Test (pytest) (3.12) (push) Successful in 20s
Details
CI / SAST (bandit) (push) Successful in 12s
Details
CI / Dependency audit (pip-audit) (push) Successful in 19s
Details
CI / Open PR to main (push) Successful in 6s
Details
PR Gate / Lint (ruff) (pull_request) Successful in 11s
Details
PR Gate / Test (pytest) (3.11) (pull_request) Successful in 18s
Details
PR Gate / Test (pytest) (3.12) (pull_request) Successful in 20s
Details
2026-04-04 23:07:40 -04:00
anti
ea409650fa Trigger CI: token now has repo:write permission
All checks were successful
CI / Lint (ruff) (push) Successful in 11s
Details
CI / Test (pytest) (3.11) (push) Successful in 18s
Details
CI / Test (pytest) (3.12) (push) Successful in 18s
Details
CI / SAST (bandit) (push) Successful in 11s
Details
CI / Dependency audit (pip-audit) (push) Successful in 19s
Details
CI / Open PR to main (push) Successful in 5s
Details
PR Gate / Lint (ruff) (pull_request) Successful in 10s
Details
PR Gate / Test (pytest) (3.11) (pull_request) Successful in 17s
Details
PR Gate / Test (pytest) (3.12) (pull_request) Successful in 18s
Details
2026-04-04 17:54:37 -03:00
anti
d92aa99b81 Add DEVELOPMENT.md for CI/CD pipeline test
All checks were successful
CI / Lint (ruff) (push) Successful in 11s
Details
CI / Test (pytest) (3.11) (push) Successful in 17s
Details
CI / Test (pytest) (3.12) (push) Successful in 19s
Details
CI / SAST (bandit) (push) Successful in 11s
Details
CI / Dependency audit (pip-audit) (push) Successful in 19s
Details
CI / Open PR to main (push) Successful in 4s
Details
2026-04-04 17:51:51 -03:00
anti
fc7fca998f Add API response logging to open-pr step for debugging
All checks were successful
CI / Lint (ruff) (push) Successful in 10s
Details
CI / Test (pytest) (3.11) (push) Successful in 19s
Details
CI / Test (pytest) (3.12) (push) Successful in 18s
Details
CI / SAST (bandit) (push) Successful in 11s
Details
CI / Dependency audit (pip-audit) (push) Successful in 18s
Details
CI / Open PR to main (push) Successful in 3s
Details
2026-04-04 17:47:43 -03:00
anti
ed749a8c31 Merge security jobs into CI workflow so open-pr needs all checks
All checks were successful
CI / Lint (ruff) (push) Successful in 11s
Details
CI / Test (pytest) (3.11) (push) Successful in 18s
Details
CI / Test (pytest) (3.12) (push) Successful in 19s
Details
CI / SAST (bandit) (push) Successful in 12s
Details
CI / Dependency audit (pip-audit) (push) Successful in 18s
Details
CI / Open PR to main (push) Successful in 4s
Details
2026-04-04 17:43:55 -03:00
anti
cf36ebcd84 Auto-open PR to main when CI passes on dev
Some checks failed
CI / Lint (ruff) (push) Successful in 13s
Details
CI / Test (pytest) (3.11) (push) Successful in 19s
Details
CI / Test (pytest) (3.12) (push) Successful in 20s
Details
Security / SAST (bandit) (push) Successful in 12s
Details
CI / Open PR to main (push) Has been cancelled
Details
Security / Dependency audit (pip-audit) (push) Successful in 18s
Details
2026-04-04 17:42:42 -03:00
anti
6a5c6f098e Remove accidentally committed artifacts and update .gitignore
All checks were successful
CI / Lint (ruff) (push) Successful in 11s
Details
CI / Test (pytest) (3.11) (push) Successful in 18s
Details
CI / Test (pytest) (3.12) (push) Successful in 18s
Details
Security / SAST (bandit) (push) Successful in 12s
Details
Security / Dependency audit (pip-audit) (push) Successful in 19s
Details
2026-04-04 17:36:35 -03:00
anti
988732f4f9 Fix all ruff lint errors across decnet/, templates/, and tests/
Some checks failed
CI / Test (pytest) (3.11) (push) Has been cancelled
Details
CI / Test (pytest) (3.12) (push) Has been cancelled
Details
Security / SAST (bandit) (push) Has been cancelled
Details
Security / Dependency audit (pip-audit) (push) Has been cancelled
Details
CI / Lint (ruff) (push) Has been cancelled
Details
2026-04-04 17:36:16 -03:00
anti
4acfa3f779 Fix pip-audit skipping local editable package
Some checks failed
CI / Lint (ruff) (push) Failing after 10s
Details
CI / Test (pytest) (3.11) (push) Successful in 18s
Details
CI / Test (pytest) (3.12) (push) Successful in 19s
Details
Security / SAST (bandit) (push) Successful in 11s
Details
Security / Dependency audit (pip-audit) (push) Successful in 18s
Details
2026-04-04 17:31:16 -03:00
anti
35c67ec34d Fix registry auto-discovery skipping non-service subclasses (CustomService)
Some checks failed
CI / Lint (ruff) (push) Failing after 11s
Details
CI / Test (pytest) (3.11) (push) Successful in 19s
Details
CI / Test (pytest) (3.12) (push) Successful in 18s
Details
Security / SAST (bandit) (push) Successful in 11s
Details
Security / Dependency audit (pip-audit) (push) Successful in 18s
Details
2026-04-04 17:29:30 -03:00
anti
fe7354554f Add bandit, pip-audit and trivy to CI/CD security pipeline
Some checks failed
CI / Lint (ruff) (push) Failing after 10s
Details
CI / Test (pytest) (3.11) (push) Failing after 39s
Details
CI / Test (pytest) (3.12) (push) Failing after 1m4s
Details
Security / SAST (bandit) (push) Successful in 11s
Details
Security / Dependency audit (pip-audit) (push) Successful in 18s
Details
2026-04-04 17:24:43 -03:00
anti
b3b3597011 Add smoke test: verify all modules import cleanly
Some checks failed
CI / Lint (ruff) (push) Failing after 4s
Details
CI / Test (pytest) (3.11) (push) Failing after 3s
Details
CI / Test (pytest) (3.12) (push) Failing after 4s
Details
2026-04-04 17:18:21 -03:00
anti
38b1efa8c0 Add Gitea Actions CI/CD workflows and ruff dependency
Some checks failed
CI / Test (pytest) (3.11) (push) Failing after 3s
Details
CI / Test (pytest) (3.12) (push) Failing after 3s
Details
CI / Lint (ruff) (push) Failing after 1m49s
Details
2026-04-04 17:16:45 -03:00
anti
d7a6aeff86 dev: add pytest as core dependency 2026-04-04 16:29:17 -03:00
anti
bff03d1198 Add cross-decky correlation engine and decnet correlate command 
When the same attacker IP touches multiple deckies, the engine builds a
chronological traversal graph and reports the lateral movement path.

decnet/correlation/
  parser.py   — RFC 5424 line → LogEvent; handles src_ip + src field variants
  graph.py    — AttackerTraversal / TraversalHop data types with path/duration
  engine.py   — CorrelationEngine: ingest(), traversals(), report_table/json,
                traversal_syslog_lines() (emits WARNING-severity RFC 5424)
  __init__.py — public API re-exports

decnet/cli.py — `decnet correlate` command (--log-file, --min-deckies,
                --output table|json|syslog, --emit-syslog)

tests/test_correlation.py — 49 tests: parser, graph, engine, reporting

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-04 13:53:30 -03:00
anti
7aff040579 Add deaddeck: real interactive SSH entry-point machine 
Introduces the 'real_ssh' service plugin backed by a genuine OpenSSH
server (not cowrie), and the 'deaddeck' archetype that uses it. The
container ships with a lived-in Linux environment and a deliberately
weak root:admin credential to invite exploitation.

- templates/real_ssh/: Dockerfile + entrypoint (configurable via env)
- decnet/services/real_ssh.py: BaseService plugin, service_cfg supports
  password and hostname overrides
- decnet/archetypes.py: deaddeck archetype added
- tests/test_real_ssh.py: 17 tests covering registration, compose
  fragment structure, overrides, and archetype

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-04 13:42:19 -03:00
anti
9219bf432b Fix: remove net.core.rmem_default from windows sysctl profile 
net.core.rmem_default is a global (non-namespaced) kernel sysctl.
Docker's OCI runtime rejects it at container start with "permission denied"
unless the container runs --privileged. Drop it from the windows profile;
TTL=128 and tcp_syn_retries=2 are sufficient for nmap TTL-based detection.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-04 13:34:51 -03:00