DECNET/decnet/net/__init__.py at 0fe9f895d0475b2fa1876790634ca696816dc2aa - DECNET - RESACA Chile: Donde la ciberseguridad se chupa una chela.

anti/DECNET

Files

anti 58ca9075db feat(net): stealth-egress httpx client factory

Outbound calls to 3rd-party services (threat-intel providers, future TI
lookups) MUST NOT advertise 'DECNET' in their user-agent — operators
running honeypots want their reconnaissance dependencies to look like
generic infra. New decnet.net.http.stealth_client() returns a fresh
httpx.AsyncClient with a curl-shaped UA (pinned to a single constant so
future siblings — browser-shaped, Go-shaped — sit next to it cleanly).

Internal egress (webhook → operator's own SIEM, swarm worker → master)
keeps its DECNET-tagged UA; the docstring is explicit about not routing
those through this client.

2026-04-26 04:59:34 -04:00

8 lines

277 B

Python

Raw Blame History

 """Shared network helpers.
 Currently houses :mod:`decnet.net.http` — the canonical stealth-egress
 ``httpx.AsyncClient`` factory for outbound calls to 3rd-party services
 that should NOT see "DECNET" in their access logs (threat-intel
 providers, future TI lookups, etc.).
 """