anti/DECNET
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
a773dddd5c1114f36e6728a20c050ed421851a32
DECNET/decnet
History
anti a773dddd5c feat(ssh): capture attacker-dropped files with session attribution 
inotifywait watches writable paths in the SSH decky and mirrors any
file close_write/moved_to into a per-decky host-mounted quarantine dir.
Each artifact carries a .meta.json with attacker attribution resolved
by walking the writer PID's PPid chain to the sshd session leader,
then cross-referencing ss and utmp for source IP/user/login time.
Also emits an RFC 5424 syslog line per capture for SIEM correlation.
2026-04-17 22:20:05 -04:00
..
collector
fix: resolve all ruff and bandit lint/security issues
2026-04-16 01:04:57 -04:00
correlation
feat: complete OTEL tracing across all services with pipeline bridge and docs
2026-04-16 00:58:08 -04:00
engine
feat: complete OTEL tracing across all services with pipeline bridge and docs
2026-04-16 00:58:08 -04:00
logging
fix: logging handler must not crash its caller on reopen failure
2026-04-17 14:01:36 -04:00
mutator
feat: complete OTEL tracing across all services with pipeline bridge and docs
2026-04-16 00:58:08 -04:00
prober
fix: resolve all ruff and bandit lint/security issues
2026-04-16 01:04:57 -04:00
profiler
chores: cleanup; added: viteconfig
2026-04-16 02:09:30 -04:00
services
feat(ssh): capture attacker-dropped files with session attribution
2026-04-17 22:20:05 -04:00
sniffer
fix: resolve all ruff and bandit lint/security issues
2026-04-16 01:04:57 -04:00
web
fix(db): detach session cleanup onto fresh task on cancellation
2026-04-17 21:13:43 -04:00
__init__.py
Initial commit: DECNET honeypot/deception network framework
2026-04-03 18:56:25 -03:00
archetypes.py
refactor(ssh): consolidate real_ssh into ssh, remove duplication
2026-04-11 19:51:41 -04:00
cli.py
fix(cli): keep FileNotFoundError handling on decnet api
2026-04-17 19:09:15 -04:00
composer.py
feat: fleet-wide MACVLAN sniffer microservice
2026-04-14 15:02:34 -04:00
config.py
fix: RotatingFileHandler reopens on external deletion/rotation
2026-04-17 13:42:15 -04:00
custom_service.py
Add per-service customization, stealth hardening, and BYOS support
2026-04-04 04:08:27 -03:00
distros.py
fix: stabilize tests with synchronous DB init and handle Bandit security findings
2026-04-09 01:33:15 -04:00
env.py
feat(db): bulk add_logs for one-commit ingestion batches
2026-04-17 16:23:09 -04:00
fleet.py
feat: fleet-wide MACVLAN sniffer microservice
2026-04-14 15:02:34 -04:00
ini_loader.py
fix: align tests with model validation and API error reporting
2026-04-13 01:43:52 -04:00
models.py
fix: align tests with model validation and API error reporting
2026-04-13 01:43:52 -04:00
network.py
fix: stabilize tests with synchronous DB init and handle Bandit security findings
2026-04-09 01:33:15 -04:00
os_fingerprint.py
feat(os_fingerprint): Phase 2 — add icmp_ratelimit + icmp_ratemask sysctls
2026-04-10 16:41:23 -04:00
privdrop.py
fix: chown log files to sudo-invoking user so non-root API can append
2026-04-17 13:39:09 -04:00
telemetry.py
fix: resolve all ruff and bandit lint/security issues
2026-04-16 01:04:57 -04:00