c544964f57
feat: migrate dashboard live logs to Server-Sent Events (SSE)
2026-04-08 00:30:31 -04:00
6e19848723
ui: improve mutation feedback and increase timeout for long-running docker ops
2026-04-08 00:22:23 -04:00
e24da92e0f
fix: increase timeout for mutate API call to handle slow docker ops
2026-04-08 00:21:16 -04:00
47f0e6da8f
fix: correctly iterate over all deckies in _build_deckies_from_ini
2026-04-08 00:19:42 -04:00
18de381a43
feat: implement dynamic decky mutation and fix dot-separated INI sections
2026-04-08 00:16:57 -04:00
1f5c6604d6
feat: integrate API lifecycle with teardown and update dependencies
2026-04-07 23:30:08 -04:00
a9c7ddec2b
fix: enforce absolute paths for state and database files
2026-04-07 23:21:16 -04:00
eb4be44c9a
feat: add dedicated Decoy Fleet inventory page and API
2026-04-07 23:15:20 -04:00
1a2ad27eca
test: add comprehensive property-based fuzzing for all API endpoints
2026-04-07 20:14:53 -04:00
b1f09b9c6a
chore: move development docs to development/ and clean up project root
2026-04-07 20:07:56 -04:00
3656a89d60
docs: add comprehensive EVENTS.md detailing all service log events
2026-04-07 20:02:54 -04:00
ba2faba5d5
chore: enforce strict typing and internal naming conventions across web components
2026-04-07 19:56:15 -04:00
950280a97b
feat: render structured syslog tags and msg in Dashboard
2026-04-07 15:56:45 -04:00
7bc8d75242
feat: parse RFC 5424 fields and msg directly in backend
2026-04-07 15:56:01 -04:00
5f637b5272
feat: switch to JSON-based log ingestion for higher reliability
2026-04-07 15:47:29 -04:00
6ed92d080f
fix: invoke uvicorn via sys.executable to handle sudo PATH restrictions
2026-04-07 15:39:32 -04:00
1b593920cd
feat: add --api flag to deploy and new web command for dashboard
2026-04-07 15:32:04 -04:00
bad90dfb75
feat: implement background log ingestion from local file
2026-04-07 15:30:44 -04:00
05e71f6d2e
feat: frontend support for mandatory password change and react-router integration
2026-04-07 15:16:11 -04:00
52c26a2891
feat: backend support for mandatory password change on first login
2026-04-07 15:15:03 -04:00
81135cb861
fix: switch to direct bcrypt usage for Python 3.14 compatibility
2026-04-07 15:07:46 -04:00
50e53120df
feat: initialize React frontend with minimalistic Matrix theme
2026-04-07 15:05:06 -04:00
697929a127
feat: implement Stats endpoints for web dashboard
2026-04-07 14:58:09 -04:00
b46934db46
feat: implement Logs endpoints for web dashboard
2026-04-07 14:56:25 -04:00
5b990743db
feat: implement Auth endpoints for web dashboard
2026-04-07 14:54:36 -04:00
fbb16a960c
feat: add web dashboard dependencies to support real-time monitoring
2026-04-07 14:51:37 -04:00
c32ad82d0a
Modified README: added more examples to the config.ini section and modified instructions for quick setup.
2026-04-06 11:28:29 -04:00
850a6f2ad7
Finished: CI/CD pipeline.
2026-04-06 11:18:10 -04:00
d344e4c8bb
revert f8a9f8fc64
...
revert Added: modified notes. Finished CI/CD pipeline.
2026-04-06 17:17:31 +02:00
f8a9f8fc64
Added: modified notes. Finished CI/CD pipeline.
PR Gate / Lint (ruff) (pull_request) Successful in 18s
PR Gate / Test (pytest) (3.11) (pull_request) Successful in 20s
PR Gate / Test (pytest) (3.12) (pull_request) Successful in 22s
2026-04-06 11:10:56 -04:00
a428410c8e
Modified README.md: added AI disclosure
2026-04-06 11:09:44 -04:00
e5a6c2d9a7
Skip CI on markdown-only changes
CI / Lint (ruff) (push) Successful in 16s
CI / Test (pytest) (3.11) (push) Successful in 19s
CI / Test (pytest) (3.12) (push) Successful in 20s
CI / SAST (bandit) (push) Successful in 12s
CI / Dependency audit (pip-audit) (push) Successful in 19s
CI / Open PR to main (push) Successful in 6s
PR Gate / Lint (ruff) (pull_request) Successful in 11s
PR Gate / Test (pytest) (3.11) (pull_request) Successful in 18s
PR Gate / Test (pytest) (3.12) (pull_request) Successful in 20s
2026-04-04 23:07:40 -04:00
ea409650fa
Trigger CI: token now has repo:write permission
CI / Lint (ruff) (push) Successful in 11s
CI / Test (pytest) (3.11) (push) Successful in 18s
CI / Test (pytest) (3.12) (push) Successful in 18s
CI / SAST (bandit) (push) Successful in 11s
CI / Dependency audit (pip-audit) (push) Successful in 19s
CI / Open PR to main (push) Successful in 5s
PR Gate / Lint (ruff) (pull_request) Successful in 10s
PR Gate / Test (pytest) (3.11) (pull_request) Successful in 17s
PR Gate / Test (pytest) (3.12) (pull_request) Successful in 18s
2026-04-04 17:54:37 -03:00
d92aa99b81
Add DEVELOPMENT.md for CI/CD pipeline test
CI / Lint (ruff) (push) Successful in 11s
CI / Test (pytest) (3.11) (push) Successful in 17s
CI / Test (pytest) (3.12) (push) Successful in 19s
CI / SAST (bandit) (push) Successful in 11s
CI / Dependency audit (pip-audit) (push) Successful in 19s
CI / Open PR to main (push) Successful in 4s
2026-04-04 17:51:51 -03:00
fc7fca998f
Add API response logging to open-pr step for debugging
CI / Lint (ruff) (push) Successful in 10s
CI / Test (pytest) (3.11) (push) Successful in 19s
CI / Test (pytest) (3.12) (push) Successful in 18s
CI / SAST (bandit) (push) Successful in 11s
CI / Dependency audit (pip-audit) (push) Successful in 18s
CI / Open PR to main (push) Successful in 3s
2026-04-04 17:47:43 -03:00
ed749a8c31
Merge security jobs into CI workflow so open-pr needs all checks
CI / Lint (ruff) (push) Successful in 11s
CI / Test (pytest) (3.11) (push) Successful in 18s
CI / Test (pytest) (3.12) (push) Successful in 19s
CI / SAST (bandit) (push) Successful in 12s
CI / Dependency audit (pip-audit) (push) Successful in 18s
CI / Open PR to main (push) Successful in 4s
2026-04-04 17:43:55 -03:00
cf36ebcd84
Auto-open PR to main when CI passes on dev
CI / Lint (ruff) (push) Successful in 13s
CI / Test (pytest) (3.11) (push) Successful in 19s
CI / Test (pytest) (3.12) (push) Successful in 20s
Security / SAST (bandit) (push) Successful in 12s
CI / Open PR to main (push) Has been cancelled
Security / Dependency audit (pip-audit) (push) Successful in 18s
2026-04-04 17:42:42 -03:00
6a5c6f098e
Remove accidentally committed artifacts and update .gitignore
CI / Lint (ruff) (push) Successful in 11s
CI / Test (pytest) (3.11) (push) Successful in 18s
CI / Test (pytest) (3.12) (push) Successful in 18s
Security / SAST (bandit) (push) Successful in 12s
Security / Dependency audit (pip-audit) (push) Successful in 19s
2026-04-04 17:36:35 -03:00
988732f4f9
Fix all ruff lint errors across decnet/, templates/, and tests/
CI / Test (pytest) (3.11) (push) Has been cancelled
CI / Test (pytest) (3.12) (push) Has been cancelled
Security / SAST (bandit) (push) Has been cancelled
Security / Dependency audit (pip-audit) (push) Has been cancelled
CI / Lint (ruff) (push) Has been cancelled
2026-04-04 17:36:16 -03:00
4acfa3f779
Fix pip-audit skipping local editable package
CI / Lint (ruff) (push) Failing after 10s
CI / Test (pytest) (3.11) (push) Successful in 18s
CI / Test (pytest) (3.12) (push) Successful in 19s
Security / SAST (bandit) (push) Successful in 11s
Security / Dependency audit (pip-audit) (push) Successful in 18s
2026-04-04 17:31:16 -03:00
35c67ec34d
Fix registry auto-discovery skipping non-service subclasses (CustomService)
CI / Lint (ruff) (push) Failing after 11s
CI / Test (pytest) (3.11) (push) Successful in 19s
CI / Test (pytest) (3.12) (push) Successful in 18s
Security / SAST (bandit) (push) Successful in 11s
Security / Dependency audit (pip-audit) (push) Successful in 18s
2026-04-04 17:29:30 -03:00
fe7354554f
Add bandit, pip-audit and trivy to CI/CD security pipeline
CI / Lint (ruff) (push) Failing after 10s
CI / Test (pytest) (3.11) (push) Failing after 39s
CI / Test (pytest) (3.12) (push) Failing after 1m4s
Security / SAST (bandit) (push) Successful in 11s
Security / Dependency audit (pip-audit) (push) Successful in 18s
2026-04-04 17:24:43 -03:00
b3b3597011
Add smoke test: verify all modules import cleanly
CI / Lint (ruff) (push) Failing after 4s
CI / Test (pytest) (3.11) (push) Failing after 3s
CI / Test (pytest) (3.12) (push) Failing after 4s
2026-04-04 17:18:21 -03:00
38b1efa8c0
Add Gitea Actions CI/CD workflows and ruff dependency
CI / Test (pytest) (3.11) (push) Failing after 3s
CI / Test (pytest) (3.12) (push) Failing after 3s
CI / Lint (ruff) (push) Failing after 1m49s
2026-04-04 17:16:45 -03:00
d7a6aeff86
dev: add pytest as core dependency
2026-04-04 16:29:17 -03:00
bff03d1198
Add cross-decky correlation engine and decnet correlate command
...
When the same attacker IP touches multiple deckies, the engine builds a
chronological traversal graph and reports the lateral movement path.
decnet/correlation/
parser.py — RFC 5424 line → LogEvent; handles src_ip + src field variants
graph.py — AttackerTraversal / TraversalHop data types with path/duration
engine.py — CorrelationEngine: ingest(), traversals(), report_table/json,
traversal_syslog_lines() (emits WARNING-severity RFC 5424)
__init__.py — public API re-exports
decnet/cli.py — `decnet correlate` command (--log-file, --min-deckies,
--output table|json|syslog, --emit-syslog)
tests/test_correlation.py — 49 tests: parser, graph, engine, reporting
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-04-04 13:53:30 -03:00
7aff040579
Add deaddeck: real interactive SSH entry-point machine
...
Introduces the 'real_ssh' service plugin backed by a genuine OpenSSH
server (not cowrie), and the 'deaddeck' archetype that uses it. The
container ships with a lived-in Linux environment and a deliberately
weak root:admin credential to invite exploitation.
- templates/real_ssh/: Dockerfile + entrypoint (configurable via env)
- decnet/services/real_ssh.py: BaseService plugin, service_cfg supports
password and hostname overrides
- decnet/archetypes.py: deaddeck archetype added
- tests/test_real_ssh.py: 17 tests covering registration, compose
fragment structure, overrides, and archetype
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-04-04 13:42:19 -03:00
9219bf432b
Fix: remove net.core.rmem_default from windows sysctl profile
...
net.core.rmem_default is a global (non-namespaced) kernel sysctl.
Docker's OCI runtime rejects it at container start with "permission denied"
unless the container runs --privileged. Drop it from the windows profile;
TTL=128 and tcp_syn_retries=2 are sufficient for nmap TTL-based detection.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-04-04 13:34:51 -03:00
d75f2afe90
Add comprehensive README.md
...
Covers how it works, requirements, installation, quick start, full CLI
reference, archetypes table, services table, OS fingerprint spoofing,
distro profiles, INI config file format with field reference, logging,
network drivers (MACVLAN vs IPvlan), architecture overview, plugin
authoring guide, and test suite summary.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-04-04 13:29:53 -03:00
086643ef5a
Expose nmap_os in INI loader and update test-full.ini
...
- ini_loader.py: DeckySpec gains nmap_os field; load_ini parses nmap_os=
(also accepts nmap-os= hyphen alias) and propagates it to amount-expanded deckies
- cli.py: _build_deckies_from_ini resolves nmap_os with priority:
explicit INI key > archetype default > "linux"
- test-full.ini: every decky now carries nmap_os=; [windows-workstation]
gains archetype= so its OS family is set correctly; decky-winbox/fileserv/
ldapdc → windows, decky-iot → embedded, decky-legacy → bsd, rest → linux
- tests/test_ini_loader.py: 7 new tests covering nmap_os parsing, defaults,
hyphen alias, and amount= expansion propagation
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-04-04 13:23:45 -03:00
