DECNET/tests at a6c7cfdf66a6126c6313522e1a2d1ed3dedf03a0 - DECNET - RESACA Chile: Donde la ciberseguridad se chupa una chela.

anti/DECNET

Files

History

anti a6c7cfdf66 fix: normalize SSH bash CMD lines to service=ssh, event_type=command

The SSH honeypot logs commands via PROMPT_COMMAND logger as:
  <14>1 ... bash - - -  CMD uid=0 pwd=/root cmd=ls
These lines had service=bash and event_type=-, so the attacker worker
never recognized them as commands. Both the collector and correlation
parsers now detect the CMD pattern and normalize to service=ssh,
event_type=command, with uid/pwd/command in fields.

2026-04-14 01:54:36 -04:00

..

fix: auth redirect, SSE reconnect, stats polling removal, active decky count, schemathesis health check

2026-04-13 18:33:32 -04:00

feat: add HTTPS honeypot service template

2026-04-14 00:57:38 -04:00

service_testing

fix: reject empty HELO/EHLO with 501 per RFC 5321

2026-04-14 00:30:46 -04:00

__init__.py

Add 20 honeypot services: email, DB, ICS, cloud, IoT, network protocols

2026-04-03 23:07:44 -03:00

conftest.py

Refactor: implemented Repository Factory and Async Mutator Engine. Decoupled storage logic and enforced Dependency Injection across CLI and Web API. Updated documentation.

2026-04-12 07:48:17 -04:00

test_api_attackers.py

feat: paginated commands endpoint for attacker profiles

2026-04-14 01:45:19 -04:00

test_archetypes.py

refactor: separate engine, collector, mutator, and fleet into independent subpackages

2026-04-12 00:26:22 -04:00

test_attacker_worker.py

feat: attacker profiles — UUID model, API routes, list/detail frontend

2026-04-13 22:35:13 -04:00

test_base_repo.py

feat: paginated commands endpoint for attacker profiles

2026-04-14 01:45:19 -04:00

test_build.py

refactor: separate engine, collector, mutator, and fleet into independent subpackages

2026-04-12 00:26:22 -04:00

test_cli_service_pool.py

refactor: separate engine, collector, mutator, and fleet into independent subpackages

2026-04-12 00:26:22 -04:00

test_cli.py

fix: teardown --all now kills collector processes

2026-04-14 00:17:57 -04:00

test_collector.py

fix: normalize SSH bash CMD lines to service=ssh, event_type=command

2026-04-14 01:54:36 -04:00

test_composer.py

fix(telnet): replace Cowrie with real busybox telnetd + rsyslog logging

2026-04-12 00:34:45 -04:00

test_config.py

fix: align tests with model validation and API error reporting

2026-04-13 01:43:52 -04:00

test_correlation.py

fix: normalize SSH bash CMD lines to service=ssh, event_type=command

2026-04-14 01:54:36 -04:00

test_custom_service.py

Implement ICS/SCADA and IMAP Bait features

2026-04-10 01:50:08 -04:00

test_decnet.db-shm

fix: stabilize test suite by ensuring proper test DB isolation and initialization

2026-04-09 02:31:14 -04:00

test_decnet.db-wal

fix: stabilize test suite by ensuring proper test DB isolation and initialization

2026-04-09 02:31:14 -04:00

test_deployer.py

chore: fix unused imports in tests and update development roadmap

2026-04-12 03:46:23 -04:00

test_file_handler.py

Add RFC 5424 syslog logging to all service templates

2026-04-04 04:31:00 -03:00

test_fingerprinting.py

feat: JA4/JA4S/JA4L fingerprints, TLS session resumption, certificate extraction

2026-04-13 23:20:37 -04:00

test_fleet.py

fix: align tests with model validation and API error reporting

2026-04-13 01:43:52 -04:00

test_ingester.py

chore: fix unused imports in tests and update development roadmap

2026-04-12 03:46:23 -04:00

test_ini_loader.py

Fix all ruff lint errors across decnet/, templates/, and tests/

2026-04-04 17:36:16 -03:00

test_ini_spaces.py

fix: stabilize test suite by ensuring proper test DB isolation and initialization

2026-04-09 02:31:14 -04:00

test_ini_validation.py

feat: add server-side validation for web-based INI deployments

2026-04-08 01:04:59 -04:00

test_log_file_mount.py

feat: replace bind-mount log pipeline with Docker log streaming

2026-04-10 00:14:14 -04:00

test_logging_forwarder.py

Implement ICS/SCADA and IMAP Bait features

2026-04-10 01:50:08 -04:00

test_logging.py

feat: add component-aware RFC 5424 application logging system

2026-04-13 07:39:01 -04:00

test_mutator.py

Refactor: implemented Repository Factory and Async Mutator Engine. Decoupled storage logic and enforced Dependency Injection across CLI and Web API. Updated documentation.

2026-04-12 07:48:17 -04:00

test_network.py

test: expand coverage 64%→76%; add BUGS.md for Gemini migration issues

2026-04-09 12:55:52 -04:00

test_os_fingerprint.py

refactor: separate engine, collector, mutator, and fleet into independent subpackages

2026-04-12 00:26:22 -04:00

test_services.py

fix(telnet): replace Cowrie with real busybox telnetd + rsyslog logging

2026-04-12 00:34:45 -04:00

test_smtp_relay.py

Refactor: implemented Repository Factory and Async Mutator Engine. Decoupled storage logic and enforced Dependency Injection across CLI and Web API. Updated documentation.

2026-04-12 07:48:17 -04:00

test_sniffer_ja3.py

feat: JA4/JA4S/JA4L fingerprints, TLS session resumption, certificate extraction

2026-04-13 23:20:37 -04:00

test_ssh.py

fix: resolve all ruff lint errors and SQLite UNIQUE constraint issue

2026-04-12 02:17:50 -04:00

test_syslog_formatter.py

Fix all ruff lint errors across decnet/, templates/, and tests/

2026-04-04 17:36:16 -03:00

test_web_api.py

feat: Phase 1 — JA3/JA3S sniffer, Attacker model, profile worker

2026-04-13 20:22:08 -04:00