anti/DECNET
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
c2f7622fbbd818423bae7ef1e896a86f22a57e7f
DECNET/decnet/services
History
anti 3dc5b509f6 feat: Phase 1 — JA3/JA3S sniffer, Attacker model, profile worker 
Add passive TLS fingerprinting via a sniffer container on the MACVLAN
interface, plus the Attacker table and periodic rebuild worker that
correlates per-IP profiles from Log + Bounty + CorrelationEngine.

- templates/sniffer/: Scapy sniffer with pure-Python TLS parser;
  emits tls_client_hello / tls_session RFC 5424 lines with ja3, ja3s,
  sni, alpn, raw_ciphers, raw_extensions; GREASE filtered per RFC 8701
- decnet/services/sniffer.py: service plugin (no ports, NET_RAW/NET_ADMIN)
- decnet/web/db/models.py: Attacker SQLModel table + AttackersResponse
- decnet/web/db/repository.py: 5 new abstract methods
- decnet/web/db/sqlite/repository.py: implement all 5 (upsert, pagination,
  sort by recent/active/traversals, bounty grouping)
- decnet/web/attacker_worker.py: 30s periodic rebuild via CorrelationEngine;
  extracts commands from log fields, merges fingerprint bounties
- decnet/web/api.py: wire attacker_profile_worker into lifespan
- decnet/web/ingester.py: extract JA3 bounty (fingerprint_type=ja3)
- development/DEVELOPMENT.md: full attacker intelligence collection roadmap
- pyproject.toml: scapy>=2.6.1 added to dev deps
- tests: test_sniffer_ja3.py (40+ vectors), test_attacker_worker.py,
  test_base_repo.py / test_web_api.py updated for new surface
2026-04-13 20:22:08 -04:00
..
__init__.py
Initial commit: DECNET honeypot/deception network framework
2026-04-03 18:56:25 -03:00
base.py
Add per-service customization, stealth hardening, and BYOS support
2026-04-04 04:08:27 -03:00
conpot.py
fix(conpot): use honeynet/conpot:latest base, run as conpot user
2026-04-11 03:32:11 -04:00
docker_api.py
Add per-service customization, stealth hardening, and BYOS support
2026-04-04 04:08:27 -03:00
elasticsearch.py
Add per-service customization, stealth hardening, and BYOS support
2026-04-04 04:08:27 -03:00
ftp.py
Add per-service customization, stealth hardening, and BYOS support
2026-04-04 04:08:27 -03:00
http.py
Add per-service customization, stealth hardening, and BYOS support
2026-04-04 04:08:27 -03:00
imap.py
Add per-service customization, stealth hardening, and BYOS support
2026-04-04 04:08:27 -03:00
k8s.py
Add per-service customization, stealth hardening, and BYOS support
2026-04-04 04:08:27 -03:00
ldap.py
Add per-service customization, stealth hardening, and BYOS support
2026-04-04 04:08:27 -03:00
llmnr.py
Add per-service customization, stealth hardening, and BYOS support
2026-04-04 04:08:27 -03:00
mongodb.py
Add per-service customization, stealth hardening, and BYOS support
2026-04-04 04:08:27 -03:00
mqtt.py
Add per-service customization, stealth hardening, and BYOS support
2026-04-04 04:08:27 -03:00
mssql.py
Add per-service customization, stealth hardening, and BYOS support
2026-04-04 04:08:27 -03:00
mysql.py
Add per-service customization, stealth hardening, and BYOS support
2026-04-04 04:08:27 -03:00
pop3.py
Add per-service customization, stealth hardening, and BYOS support
2026-04-04 04:08:27 -03:00
postgres.py
Add per-service customization, stealth hardening, and BYOS support
2026-04-04 04:08:27 -03:00
rdp.py
Add per-service customization, stealth hardening, and BYOS support
2026-04-04 04:08:27 -03:00
redis.py
Add per-service customization, stealth hardening, and BYOS support
2026-04-04 04:08:27 -03:00
registry.py
Fix registry auto-discovery skipping non-service subclasses (CustomService)
2026-04-04 17:29:30 -03:00
sip.py
Add per-service customization, stealth hardening, and BYOS support
2026-04-04 04:08:27 -03:00
smb.py
Add per-service customization, stealth hardening, and BYOS support
2026-04-04 04:08:27 -03:00
smtp_relay.py
feat: add smtp_relay service; add service_testing/ init
2026-04-10 01:09:15 -04:00
smtp.py
Add per-service customization, stealth hardening, and BYOS support
2026-04-04 04:08:27 -03:00
sniffer.py
feat: Phase 1 — JA3/JA3S sniffer, Attacker model, profile worker
2026-04-13 20:22:08 -04:00
snmp.py
Add per-service customization, stealth hardening, and BYOS support
2026-04-04 04:08:27 -03:00
ssh.py
refactor(ssh): consolidate real_ssh into ssh, remove duplication
2026-04-11 19:51:41 -04:00
telnet.py
fix(telnet): replace Cowrie with real busybox telnetd + rsyslog logging
2026-04-12 00:34:45 -04:00
tftp.py
Add per-service customization, stealth hardening, and BYOS support
2026-04-04 04:08:27 -03:00
vnc.py
Add per-service customization, stealth hardening, and BYOS support
2026-04-04 04:08:27 -03:00