DECNET/tests at 2fc5f1bdc53f7f160f9a964f6785ee0911a23c67 - DECNET - RESACA Chile: Donde la ciberseguridad se chupa una chela.

anti/DECNET

Files

History

anti 2fc5f1bdc5 feat(canary): auto-deregister fingerprint slug after first valid beacon

Once a fingerprint canary's HTTP beacon passes all 4 validation layers
and the trigger row lands, the token is immediately set to state=revoked
and canary.<id>.revoked is published on the bus. The slug lookup is
tightened to only return planted tokens, so subsequent requests to the
same URL silently return the transparent GIF without persisting anything
(stealth posture preserved). Plain http/dns canaries with no
fingerprint_nonce are not affected.

Changes:
- sqlmodel_repo/canary.py: add state == "planted" filter to
  get_canary_token_by_slug so revoked slugs resolve to None
- worker.py: after record_canary_trigger, if parsed_fp survived all
  layers and token has a fingerprint_nonce, call
  update_canary_token_state("revoked") + publish CANARY_REVOKED; errors
  are best-effort (trigger row already landed)
- test_worker_http.py: assert state=revoked in test_fp_valid_nonce_persists;
  new test_fp_deregisters_slug_after_valid_hit (second hit records nothing);
  new test_plain_http_canary_not_deregistered (env_file stays planted)

2026-04-29 17:49:31 -04:00

..

merge: testing → main (reconcile 2-week divergence)

2026-04-28 18:36:00 -04:00

feat(api): per-service config schema endpoint + PUT/POST update+apply for fleet & topology

2026-04-29 11:38:06 -04:00

merge: testing → main (reconcile 2-week divergence)

2026-04-28 18:36:00 -04:00

merge: testing → main (reconcile 2-week divergence)

2026-04-28 18:36:00 -04:00

feat(canary): auto-deregister fingerprint slug after first valid beacon

2026-04-29 17:49:31 -04:00

merge: testing → main (reconcile 2-week divergence)

2026-04-28 18:36:00 -04:00

merge: testing → main (reconcile 2-week divergence)

2026-04-28 18:36:00 -04:00

feat(collector): drop native unix daemon syslog from ingestion

2026-04-28 19:21:39 -04:00

merge: testing → main (reconcile 2-week divergence)

2026-04-28 18:36:00 -04:00

fix(network): accept CAP_NET_ADMIN in lieu of euid==0 for macvlan setup

2026-04-29 11:56:40 -04:00

fix(profiler): aggregate bash PROMPT_COMMAND lines into attacker profile

2026-04-28 19:09:41 -04:00

merge: testing → main (reconcile 2-week divergence)

2026-04-28 18:36:00 -04:00

feat(deckies): generic file drops on fleet + MazeNET deckies

2026-04-28 22:43:34 -04:00

merge: testing → main (reconcile 2-week divergence)

2026-04-28 18:36:00 -04:00

merge: testing → main (reconcile 2-week divergence)

2026-04-28 18:36:00 -04:00

fix(swarm): propagate service mutations to worker agent via shard re-dispatch

2026-04-29 12:51:16 -04:00

merge: testing → main (reconcile 2-week divergence)

2026-04-28 18:36:00 -04:00

fixtures/campaigns

merge: testing → main (reconcile 2-week divergence)

2026-04-28 18:36:00 -04:00

merge: testing → main (reconcile 2-week divergence)

2026-04-28 18:36:00 -04:00

merge: testing → main (reconcile 2-week divergence)

2026-04-28 18:36:00 -04:00

merge: testing → main (reconcile 2-week divergence)

2026-04-28 18:36:00 -04:00

merge: testing → main (reconcile 2-week divergence)

2026-04-28 18:36:00 -04:00

merge: testing → main (reconcile 2-week divergence)

2026-04-28 18:36:00 -04:00

fix(stats): keep TopologyDecky.state in sync with docker so ACTIVE DECKIES counts right

2026-04-29 11:09:32 -04:00

feat(deckies): generic file drops on fleet + MazeNET deckies

2026-04-28 22:43:34 -04:00

merge: testing → main (reconcile 2-week divergence)

2026-04-28 18:36:00 -04:00

merge: testing → main (reconcile 2-week divergence)

2026-04-28 18:36:00 -04:00

merge: testing → main (reconcile 2-week divergence)

2026-04-28 18:36:00 -04:00

feat(realism): wire fingerprint_html/svg through taxonomy + UI

2026-04-29 16:44:03 -04:00

service_testing

merge: testing → main (reconcile 2-week divergence)

2026-04-28 18:36:00 -04:00

feat(services): config schemas for the rest of the registry + textarea base64 transport

2026-04-29 12:23:56 -04:00

merge: testing → main (reconcile 2-week divergence)

2026-04-28 18:36:00 -04:00

merge: testing → main (reconcile 2-week divergence)

2026-04-28 18:36:00 -04:00

merge: testing → main (reconcile 2-week divergence)

2026-04-28 18:36:00 -04:00

merge: testing → main (reconcile 2-week divergence)

2026-04-28 18:36:00 -04:00

feat(mutator): refuse forwards_l3 promotion on non-DMZ deckies

2026-04-29 00:38:51 -04:00

merge: testing → main (reconcile 2-week divergence)

2026-04-28 18:36:00 -04:00

merge: testing → main (reconcile 2-week divergence)

2026-04-28 18:36:00 -04:00

feat(bounty): surface file drops and stored mail in the Vault

2026-04-28 19:42:54 -04:00

merge: testing → main (reconcile 2-week divergence)

2026-04-28 18:36:00 -04:00

__init__.py

fix(tests+mutator): unbreak the docker-shadow test env + let mutator delete from active

2026-04-29 00:24:17 -04:00

conftest.py

merge: testing → main (reconcile 2-week divergence)

2026-04-28 18:36:00 -04:00

mysql_spinup.sh

merge: testing → main (reconcile 2-week divergence)

2026-04-28 18:36:00 -04:00