anti/DECNET
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
9e3473b370e3c9cf0e39c99f0e501685168aa21e
DECNET/decnet/templates
History
anti 9e3473b370 feat(dns): full-subdomain entropy check catches short-label exfil 
_is_tunneling now returns str|None (the detection method) instead of bool.
Two new tunables _QNAME_TOTAL_LEN_THRESHOLD=50 and _QNAME_ENTROPY_THRESHOLD=3.5
catch attackers who split a high-entropy payload across multiple short labels.
tunnel_method field added to tunneling_suspect events for downstream correlation.
2026-05-21 22:06:14 -04:00
..
_caddy_modules/decnetfp
fix(pr3): adapt to quic-go v0.59.0 API — drop H3App, capture h3 SETTINGS via http3.Settingser
2026-05-10 03:43:34 -04:00
_shared
fix(types): P0 mypy — explicit binascii import, drop dead or None in ntlmssp
2026-05-01 00:09:00 -04:00
conpot
feat(fingerprint): extend syslog_bridge with HTTP/3 and JA4H fingerprinting emission
2026-05-10 22:27:22 -04:00
cowrie
chore(infra): pin Docker base images by digest (DEBT-023)
2026-05-03 04:38:39 -04:00
dns
feat(dns): full-subdomain entropy check catches short-label exfil
2026-05-21 22:06:14 -04:00
docker_api
feat(fingerprint): extend syslog_bridge with HTTP/3 and JA4H fingerprinting emission
2026-05-10 22:27:22 -04:00
elasticsearch
feat(fingerprint): extend syslog_bridge with HTTP/3 and JA4H fingerprinting emission
2026-05-10 22:27:22 -04:00
ftp
feat(fingerprint): extend syslog_bridge with HTTP/3 and JA4H fingerprinting emission
2026-05-10 22:27:22 -04:00
http
fix(pr3): adapt to quic-go v0.59.0 API — drop H3App, capture h3 SETTINGS via http3.Settingser
2026-05-10 03:43:34 -04:00
https
fix(https-template): wire TLS_CERT/TLS_KEY into make_server ssl_context
2026-05-10 22:39:24 -04:00
imap
fix(lint): prefix unused params with _ to silence vulture 80% findings
2026-05-17 20:08:54 -04:00
k8s
feat(fingerprint): extend syslog_bridge with HTTP/3 and JA4H fingerprinting emission
2026-05-10 22:27:22 -04:00
ldap
feat(fingerprint): extend syslog_bridge with HTTP/3 and JA4H fingerprinting emission
2026-05-10 22:27:22 -04:00
llmnr
feat(fingerprint): extend syslog_bridge with HTTP/3 and JA4H fingerprinting emission
2026-05-10 22:27:22 -04:00
mongodb
feat(fingerprint): extend syslog_bridge with HTTP/3 and JA4H fingerprinting emission
2026-05-10 22:27:22 -04:00
mqtt
feat(fingerprint): extend syslog_bridge with HTTP/3 and JA4H fingerprinting emission
2026-05-10 22:27:22 -04:00
mssql
feat(fingerprint): extend syslog_bridge with HTTP/3 and JA4H fingerprinting emission
2026-05-10 22:27:22 -04:00
mysql
feat(fingerprint): extend syslog_bridge with HTTP/3 and JA4H fingerprinting emission
2026-05-10 22:27:22 -04:00
pop3
feat(fingerprint): extend syslog_bridge with HTTP/3 and JA4H fingerprinting emission
2026-05-10 22:27:22 -04:00
postgres
feat(fingerprint): extend syslog_bridge with HTTP/3 and JA4H fingerprinting emission
2026-05-10 22:27:22 -04:00
rdp
feat(fingerprint): extend syslog_bridge with HTTP/3 and JA4H fingerprinting emission
2026-05-10 22:27:22 -04:00
redis
feat(fingerprint): extend syslog_bridge with HTTP/3 and JA4H fingerprinting emission
2026-05-10 22:27:22 -04:00
sip
feat(fingerprint): extend syslog_bridge with HTTP/3 and JA4H fingerprinting emission
2026-05-10 22:27:22 -04:00
smb
feat(fingerprint): extend syslog_bridge with HTTP/3 and JA4H fingerprinting emission
2026-05-10 22:27:22 -04:00
smtp
feat(fingerprint): extend syslog_bridge with HTTP/3 and JA4H fingerprinting emission
2026-05-10 22:27:22 -04:00
sniffer
fix(sniffer): add missing syslog_bridge.py to template build context
2026-05-20 22:22:47 -04:00
snmp
feat(fingerprint): extend syslog_bridge with HTTP/3 and JA4H fingerprinting emission
2026-05-10 22:27:22 -04:00
ssh
feat(fingerprint): extend syslog_bridge with HTTP/3 and JA4H fingerprinting emission
2026-05-10 22:27:22 -04:00
telnet
feat(fingerprint): extend syslog_bridge with HTTP/3 and JA4H fingerprinting emission
2026-05-10 22:27:22 -04:00
tftp
feat(fingerprint): extend syslog_bridge with HTTP/3 and JA4H fingerprinting emission
2026-05-10 22:27:22 -04:00
vnc
feat(fingerprint): extend syslog_bridge with HTTP/3 and JA4H fingerprinting emission
2026-05-10 22:27:22 -04:00
instance_seed.py
merge: testing → main (reconcile 2-week divergence)
2026-04-28 18:36:00 -04:00
syslog_bridge.py
feat(pr3): canonical wire-order header capture for h1/h2 + H3App for SETTINGS
2026-05-10 03:29:00 -04:00