anti/DECNET
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Commit Graph

  • 7864c72948 test(ssh): add unit coverage for emit_capture RFC 5424 output anti 2026-04-18 05:37:42 -04:00
  • 47a0480994 feat(web-ui): event-body parser and dashboard/live-logs polish anti 2026-04-18 05:37:31 -04:00
  • 2bf886e18e feat(sniffer): probe ipvlan host iface when macvlan is absent anti 2026-04-18 05:37:20 -04:00
  • 8bdc5b98c9 feat(collector): parse real PROCID and extract IPs from logger kv pairs anti 2026-04-18 05:37:08 -04:00
  • aa39be909a feat(templates): ship syslog_bridge.py to every service template anti 2026-04-18 05:36:56 -04:00
  • 41fd496128 feat(web): attacker artifacts endpoint + UI drawer anti 2026-04-18 05:36:48 -04:00
  • 39dafaf384 feat(ssh-stealth): hide capture artifacts via XOR+gzip entrypoint blob anti 2026-04-18 05:34:50 -04:00
  • b0e00a6cc4 fix(ssh-capture): drop relay FIFO, rsyslog→/proc/1/fd/1 direct anti 2026-04-18 02:12:32 -04:00
  • 2843aafa1a fix(ssh-capture): hide watcher bash argv and sanitize script header anti 2026-04-18 02:06:36 -04:00
  • 766eeb3d83 feat(ssh): add ping/nmap/ca-certificates to base image anti 2026-04-18 01:53:33 -04:00
  • f462835373 feat(ssh-capture): LD_PRELOAD shim to zero inotifywait argv anti 2026-04-18 01:52:30 -04:00
  • e356829234 fix(ssh-capture): drop bash token from journal-relay ps line anti 2026-04-18 01:45:38 -04:00
  • a5d6860124 fix(ssh-capture): collapse duplicate journal-relay bash in ps anti 2026-04-17 23:04:33 -04:00
  • 8dd4c78b33 refactor: strip DECNET tokens from container-visible surface anti 2026-04-17 22:57:53 -04:00
  • 69510fb880 fix(ssh-capture): cloak syslog relay pipe and cat process anti 2026-04-17 22:51:34 -04:00
  • 09d9f8595e fix(ssh-capture): disguise watcher as udev helper in ps output anti 2026-04-17 22:44:47 -04:00
  • bfb3edbd4a fix(ssh-capture): add ss-only attribution fallback anti 2026-04-17 22:36:06 -04:00
  • a773dddd5c feat(ssh): capture attacker-dropped files with session attribution anti 2026-04-17 22:20:05 -04:00
  • edc5c59f93 docs(profiles): archive locust run artifacts under development/profiles anti 2026-04-17 22:05:35 -04:00
  • 1f758a3669 chore(profile): tolerate null/empty frames in walk_self_time anti 2026-04-17 22:04:29 -04:00
  • 6c22f9ba59 fix(deps): add cryptography for asyncmy MySQL auth anti 2026-04-17 22:04:24 -04:00
  • 20fa1f9a63 docs: record single-worker / multi-worker perf baseline anti 2026-04-17 22:03:50 -04:00
  • fb69a06ab3 fix(db): detach session cleanup onto fresh task on cancellation anti 2026-04-17 21:13:43 -04:00
  • 1446f6da94 fix(db): invalidate pool connection when cancelled close fails anti 2026-04-17 21:04:04 -04:00
  • e967aaabfb perf: cache get_user_by_username on the login hot path anti 2026-04-17 20:36:39 -04:00
  • 255c2e5eb7 perf: cache auth user-lookup and admin list_users anti 2026-04-17 19:56:39 -04:00
  • 2dd86fb3bb perf: cache /bounty, /logs/histogram, /deckies; bump /config TTL to 5s anti 2026-04-17 19:30:11 -04:00
  • 3106d03135 perf(db): default pool_pre_ping=false for SQLite anti 2026-04-17 19:11:07 -04:00
  • 3cc5ba36e8 fix(cli): keep FileNotFoundError handling on decnet api anti 2026-04-17 19:09:15 -04:00
  • 6301504c0e perf(api): TTL-cache /stats + unfiltered pagination counts anti 2026-04-17 19:09:15 -04:00
  • de4b64d857 perf(auth): avoid duplicate user lookup in require_role anti 2026-04-17 17:48:42 -04:00
  • b5d7bf818f feat(health): 3-tier status (healthy / degraded / unhealthy) anti 2026-04-17 17:48:42 -04:00
  • 257f780d0f docs(bugs): document SSE /api/v1/stream BrokenPipe storm (BUG-003) anti 2026-04-17 17:48:42 -04:00
  • a10aee282f perf(ingester): batch log writes into bulk commits anti 2026-04-17 16:37:34 -04:00
  • 11b9e85874 feat(db): bulk add_logs for one-commit ingestion batches anti 2026-04-17 16:23:09 -04:00
  • 45039bd621 fix(cache): lazy-init TTL cache locks to survive event-loop turnover anti 2026-04-17 16:23:00 -04:00
  • 4ea1c2ff4f fix(health): move Docker client+ping off the event loop anti 2026-04-17 15:43:51 -04:00
  • bb8d782e42 fix(cli): kill uvicorn worker tree on Ctrl+C anti 2026-04-17 15:32:08 -04:00
  • 342916ca63 feat(cli): expose --workers on decnet api anti 2026-04-17 15:22:45 -04:00
  • d3f4bbb62b perf(locust): skip change-password in on_start when not required anti 2026-04-17 15:15:59 -04:00
  • 32340bea0d perf: migrate hot-path JSON serialization to orjson anti 2026-04-17 15:07:28 -04:00
  • f1e14280c0 perf: 1s TTL cache for /health DB probe and /config state reads anti 2026-04-17 15:05:18 -04:00
  • 931f33fb06 perf: cache Docker daemon ping in /health (5s TTL) anti 2026-04-17 15:01:53 -04:00
  • 467511e997 db: switch MySQL driver to asyncmy, env-tune pool, serialize DDL anti 2026-04-17 15:01:49 -04:00
  • 3945e72e11 perf: run bcrypt on a thread so it doesn't block the event loop anti 2026-04-17 14:52:22 -04:00
  • bd406090a7 fix: re-seed admin password when still unfinalized (must_change_password=True) anti 2026-04-17 14:49:13 -04:00
  • e22d057e68 added: scripts/profile/aggregate_requests.py — roll up pyinstrument request profiles anti 2026-04-17 14:48:59 -04:00
  • cb12e7c475 fix: logging handler must not crash its caller on reopen failure anti 2026-04-17 14:01:36 -04:00
  • c29ca977fd added: scripts/profile/classify_usage.py — classify memray usage_over_time.csv anti 2026-04-17 13:54:37 -04:00
  • bf4afac70f fix: RotatingFileHandler reopens on external deletion/rotation anti 2026-04-17 13:42:15 -04:00
  • 4b15b7eb35 fix: chown log files to sudo-invoking user so non-root API can append anti 2026-04-17 13:39:09 -04:00
  • 140d2fbaad fix: gate embedded sniffer behind DECNET_EMBED_SNIFFER (default off) anti 2026-04-17 13:35:43 -04:00
  • 064c8760b6 fix: memray run needs --trace-python-allocators for frame attribution anti 2026-04-17 13:24:55 -04:00
  • 6572c5cbaf added: scripts/profile/view.sh — auto-pick newest artifact and open viewer anti 2026-04-17 13:20:05 -04:00
  • ba448bae13 docs: py-spy 0.4.1 lacks Python 3.14 support; wrapper aborts early anti 2026-04-17 13:17:23 -04:00
  • 1a18377b0a fix: mysql url builder tests expect asyncmy, not aiomysql anti 2026-04-17 13:13:36 -04:00
  • 319c1dbb61 added: profiling toolchain (py-spy, pyinstrument, pytest-benchmark, memray, snakeviz) anti 2026-04-17 13:13:00 -04:00
  • c1d8102253 modified: DEVELOPMENT roadmap. one step closer to v1 anti 2026-04-16 11:39:07 -04:00
  • 49f3002c94 added: docs; modified: .gitignore anti 2026-04-16 02:10:38 -04:00
  • 9b59f8672e chores: cleanup; added: viteconfig anti 2026-04-16 02:09:30 -04:00
  • 296979003d fix: pytest -m live works without extra flags anti 2026-04-16 01:55:38 -04:00
  • 89099b903d fix: resolve schemathesis and live test failures anti 2026-04-16 01:39:04 -04:00
  • 29578d9d99 fix: resolve all ruff and bandit lint/security issues anti 2026-04-16 01:04:57 -04:00
  • 70d8ffc607 feat: complete OTEL tracing across all services with pipeline bridge and docs anti 2026-04-16 00:58:08 -04:00
  • 04db13afae feat: cross-stage trace propagation and granular per-event spans anti 2026-04-15 23:52:13 -04:00
  • d1a88e75bd fix: dynamic TracedRepository proxy + disable tracing in test suite anti 2026-04-15 23:46:46 -04:00
  • 65ddb0b359 feat: add OpenTelemetry distributed tracing across all DECNET services anti 2026-04-15 23:23:13 -04:00
  • b437bc8eec fix: use unbuffered reads in proxy for SSE streaming anti 2026-04-15 23:03:03 -04:00
  • a1ca5d699b fix: use dedicated thread pools for collector and sniffer workers anti 2026-04-15 22:57:03 -04:00
  • e9d151734d feat: deduplicate bounties on (bounty_type, attacker_ip, payload) anti 2026-04-15 18:02:52 -04:00
  • 0ab97d0ade docs: document decnet domain models and fleet transformation anti 2026-04-15 18:01:27 -04:00
  • 60de16be84 docs: document decnet collector worker anti 2026-04-15 17:56:24 -04:00
  • 82ec7f3117 fix: gate embedded profiler behind DECNET_EMBED_PROFILER to prevent dual-instance cursor conflict anti 2026-04-15 17:49:18 -04:00
  • 11d749f13d fix: wire prober tcpfp_fingerprint events into sniffer_rollup for OS/hop detection anti 2026-04-15 17:36:40 -04:00
  • a4798946c1 fix: add remote_addr to IP field lookup so http/https/k8s events are attributed correctly anti 2026-04-15 17:23:33 -04:00
  • d869eb3d23 docs: document decnet engine orchestrator anti 2026-04-15 17:13:13 -04:00
  • 89887ec6fd fix: serialize HTTP headers as JSON so tool detection and bounty extraction work anti 2026-04-15 17:03:52 -04:00
  • 02e73a19d5 fix: promote TCP-fingerprinted nmap to tool_guesses (detects -sC sans HTTP) anti 2026-04-15 16:44:45 -04:00
  • b3efd646f6 feat: replace tool attribution stat with dedicated DETECTED TOOLS block anti 2026-04-15 16:37:54 -04:00
  • 2ec64ef2ef fix: rename BEHAVIOR label to ATTACK PATTERN for clarity anti 2026-04-15 16:36:19 -04:00
  • e67624452e feat: centralize microservice logging to DECNET_SYSTEM_LOGS (default: decnet.system.log) anti 2026-04-15 16:23:28 -04:00
  • e05b632e56 feat: update AttackerDetail UI for new behavior classes and multi-tool badges anti 2026-04-15 15:49:03 -04:00
  • c8f05df4d9 feat: overhaul behavioral profiler — multi-tool detection, improved classification, TTL OS fallback anti 2026-04-15 15:47:02 -04:00
  • 935a9a58d2 fix: reopen collector log handles after deletion or log rotation anti 2026-04-15 14:04:54 -04:00
  • 63efe6c7ba fix: persist ingester position and profiler cursor across restarts anti 2026-04-15 13:58:12 -04:00
  • 314e6c6388 fix: remove event-loop-blocking cold start; unify profiler to cursor-based incremental anti 2026-04-15 13:46:42 -04:00
  • 12aa98a83c fix: migrate TEXT→MEDIUMTEXT for attacker/state columns on MySQL anti 2026-04-15 12:59:54 -04:00
  • 7dbc71d664 test: add profiler behavioral analysis and RBAC endpoint tests anti 2026-04-15 12:51:38 -04:00
  • dae3687089 test: add fingerprinting and TCP analysis tests anti 2026-04-15 12:51:35 -04:00
  • 187194786f test: add MySQL backend integration tests anti 2026-04-15 12:51:33 -04:00
  • 9de320421e test: add repository factory and CLI db-reset tests anti 2026-04-15 12:51:29 -04:00
  • dd4e2aad91 test: update existing test suites for refactored codebase anti 2026-04-15 12:51:26 -04:00
  • 7d10b78d50 chore: update templates and development documentation anti 2026-04-15 12:51:22 -04:00
  • ddfb232590 feat: add behavioral profiler for attacker pattern analysis anti 2026-04-15 12:51:19 -04:00
  • d7da3a7fc7 feat: add advanced OS fingerprinting via p0f integration anti 2026-04-15 12:51:17 -04:00
  • 947efe7bd1 feat: add configuration management API endpoints anti 2026-04-15 12:51:14 -04:00
  • c603531fd2 feat: add MySQL backend support for DECNET database anti 2026-04-15 12:51:11 -04:00
  • a78126b1ba feat: enhance UI components with config management and RBAC gating anti 2026-04-15 12:51:08 -04:00
  • 0ee23b8700 refactor: enforce RBAC decorators on all API endpoints anti 2026-04-15 12:51:05 -04:00
  • 0952a0b71e refactor: enhance CLI with improved service registration and deployment anti 2026-04-15 12:50:53 -04:00