gandalf/secubox-openwrt

Fork 0

L'appliance de cybersécurité 100% open source qui embarque wizard, profils et App Store sur OpenWrt 24.10. https://secubox.maegia.tv/

Go to file

CyberMind-FR dd18e5c4aa fix(repo): Fix BusyBox ash compatibility in repo-sync Wrap for loop with output redirection in subshell for BusyBox ash compatibility when generating Packages index. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>		2026-03-18 16:43:27 +01:00
.claude	fix(vm): Fix ARM builds by using arch-specific packages	2026-03-17 21:17:46 +01:00
.codex
.gitea/workflows
.github	fix(ci): Sync GHA build workflow with local-build.sh methodology	2026-03-18 12:59:05 +01:00
.secubox-reports
.vscode
acl
build/aarch64_cortex-a72
config	fix(wall): Implement true double buffering to eliminate visual glitches	2026-03-15 11:44:28 +01:00
config-backups
dist/sbom
docs	docs: Add quick-access page with QR codes	2026-03-15 19:12:54 +01:00
DOCS	docs: Add Reverse MWAN WireGuard design specification	2026-02-28 18:07:48 +01:00
EXAMPLES
luci-app-secubox-users
package/secubox	fix(repo): Fix BusyBox ash compatibility in repo-sync	2026-03-18 16:43:27 +01:00
scripts
secubox-tools	feat(repo): Add package repository at repo.secubox.in	2026-03-18 09:10:01 +01:00
site
streamlit-apps/fabricator
templates
.config
.gitignore
AGENTS.md
BETA-RELEASE.md	docs: v1.0.0 Beta Release - Pen Testing & Bug Bounty Ready	2026-03-15 18:45:29 +01:00
CHANGELOG.md
CLAUDE.md
DEBUG_GUIDE.md
decisions
DEPLOY_UPDATES.md
deploy-modules-with-theme.sh
deploy-theme.sh	feat: Integrate global CyberMood theme into core modules	2025-12-28 17:16:37 +01:00
deploy-to-router.sh
dns-secubox-in-config
dns-secubox-in-config-comprehensive
DNS-SECUBOX-IN-SETUP.md
ENHANCEMENTS_V2.md
enrich-catalog.py
KISS-FIRST-TIME-WIZARD.md
Makefile
mkdocs.yml
plugins	refactor secubox app packaging and theme	2025-12-29 21:57:12 +01:00
profiles
PROJECT-STATUS-AND-INNOVATION.md	docs: Update project status for v1.0.0-beta release	2026-03-15 19:05:07 +01:00
README.md	docs: Update project status for v1.0.0-beta release	2026-03-15 19:05:07 +01:00
rpc_reload.sh
RPC_TIMEOUT_FIXES.md	hello	2026-01-04 19:50:25 +01:00
SECURITY.md	docs: v1.0.0 Beta Release - Pen Testing & Bug Bounty Ready	2026-03-15 18:45:29 +01:00
test-direct.js
test-modules-simple.js
TIMEOUT_FIX.md
TODO-ANALYSE.md
WIKI-SETUP-GUIDE.md

README.md

SecuBox - Security Suite for OpenWrt

Version: 1.0.0-beta Last Updated: 2026-03-15 Status: Beta — Ready for Pen Testing & Bug Bounty Modules: 86 LuCI Applications

Overview

SecuBox is a comprehensive security and network management suite for OpenWrt, providing a unified ecosystem of 86 specialized dashboards and tools. The platform implements a Four-Layer Architecture for defense in depth, featuring AI-powered threat analysis, P2P mesh networking, and multi-channel service exposure.

Website: secubox.maegia.tv Publisher: CyberMind.fr

Four-Layer Architecture

+============================================================+
|              LAYER 4: MESH NETWORKING                       |
|              MirrorNet / P2P Hub / Services Mirrors         |
|  +--------------------------------------------------------+ |
|  |           LAYER 3: AI GATEWAY                          | |
|  |           MCP Server / Threat Analyst / DNS Guard      | |
|  |  +----------------------------------------------------+ | |
|  |  |         LAYER 2: TACTICAL                          | | |
|  |  |         CrowdSec / WAF / Scenarios                 | | |
|  |  |  +------------------------------------------------+ | | |
|  |  |  |       LAYER 1: OPERATIONAL                     | | | |
|  |  |  |       fw4 / DPI / Bouncer / HAProxy            | | | |
|  |  |  +------------------------------------------------+ | | |
|  |  +----------------------------------------------------+ | |
|  +--------------------------------------------------------+ |
+============================================================+

Layer	Function	Time Scale	SecuBox Components
Layer 1	Real-time blocking	ms → seconds	nftables/fw4, netifyd DPI, CrowdSec Bouncer
Layer 2	Pattern correlation	minutes → hours	CrowdSec Agent/LAPI, mitmproxy WAF, Scenarios
Layer 3	AI analysis	minutes → hours	MCP Server, Threat Analyst, DNS Guard
Layer 4	Mesh networking	continuous	P2P Hub, MirrorBox, Services Registry

Key Features

Security

CrowdSec Integration — Real-time threat intelligence, CAPI enrollment, auto-banning
mitmproxy WAF — HTTPS inspection with CVE detection, sensitivity-based auto-ban
Deep Packet Inspection — netifyd/nDPId protocol analysis
MAC Guardian — WiFi MAC spoofing detection with CrowdSec integration
DNS Guard — AI-powered DGA, tunneling, and anomaly detection

AI Gateway

MCP Server — Model Context Protocol for Claude Desktop integration
Threat Analyst — Autonomous AI agent for threat analysis and rule generation
LocalAI — Self-hosted LLM with model management

Mesh Networking

P2P Hub — Decentralized peer discovery with globe visualization
MirrorBox — Distributed service catalog with auto-sync
App Store — P2P package distribution across mesh peers
Master Link — Secure mesh onboarding with dynamic IPK generation

Service Exposure

Punk Exposure — Multi-channel service emancipation (Tor + DNS/SSL + Mesh)
HAProxy — Load balancer with webroot ACME, auto-SSL
Tor Shield — .onion hidden services with split-routing

Media & Content

Jellyfin — LXC media server with setup wizard
Lyrion — Music server with CIFS integration
Zigbee2MQTT — LXC Alpine container for IoT
Domoticz — Home automation with MQTT bridge

SecuBox Modules (86 Total)

Core (6 modules)

Module	Description
luci-app-secubox	Central dashboard/Hub
luci-app-secubox-portal	Unified entry point with tabs
luci-app-secubox-admin	Admin control center
secubox-app-bonus	App store and documentation
luci-app-system-hub	System control with backup
luci-theme-secubox	KISS UI theme

Security (15 modules)

Module	Description
luci-app-crowdsec-dashboard	CrowdSec monitoring
luci-app-security-threats	Unified netifyd + CrowdSec
luci-app-client-guardian	Captive portal, parental controls
luci-app-auth-guardian	OAuth2/OIDC, vouchers
luci-app-exposure	Service exposure manager
luci-app-tor-shield	Tor anonymization
luci-app-mitmproxy	HTTPS inspection WAF
luci-app-mac-guardian	WiFi MAC security
luci-app-dns-guard	AI-powered DNS anomaly
luci-app-waf	Web Application Firewall
luci-app-threat-analyst	AI threat analysis
luci-app-ksm-manager	Key/HSM management
luci-app-master-link	Mesh onboarding
luci-app-routes-status	VHosts route checker
secubox-mcp-server	MCP protocol server

Network (12 modules)

Module	Description
luci-app-haproxy	Load balancer with SSL
luci-app-wireguard-dashboard	WireGuard VPN
luci-app-vhost-manager	Nginx reverse proxy
luci-app-network-modes	Sniffer/AP/Relay/Router
luci-app-network-tweaks	DNS & proxy controls
luci-app-dns-provider	DNS provider API
luci-app-cdn-cache	CDN optimization
luci-app-bandwidth-manager	QoS and quotas
luci-app-traffic-shaper	TC/CAKE shaping
luci-app-mqtt-bridge	USB-to-MQTT IoT
luci-app-media-flow	Streaming detection
luci-app-netdiag	Network diagnostics

DPI (2 modules)

Module	Description
luci-app-ndpid	nDPId deep packet inspection
luci-app-netifyd	netifyd flow monitoring

P2P Mesh (4 modules)

Module	Description
luci-app-p2p	P2P Hub with MirrorBox
luci-app-service-registry	Service catalog
luci-app-device-intel	Device intelligence
secubox-content-pkg	Content distribution

AI/LLM (4 modules)

Module	Description
luci-app-localai	LocalAI v3.9.0
luci-app-ollama	Ollama LLM
luci-app-glances	System monitoring
luci-app-netdata-dashboard	Netdata real-time

Media (7 modules)

Module	Description
luci-app-jellyfin	Media server (LXC)
luci-app-lyrion	Music server
luci-app-zigbee2mqtt	Zigbee gateway (LXC)
luci-app-domoticz	Home automation (LXC)
luci-app-ksmbd	SMB/CIFS shares
luci-app-smbfs	Remote mount manager
luci-app-magicmirror2	Smart display

Content Platforms (6 modules)

Module	Description
luci-app-gitea	Git platform
luci-app-hexojs	Static site generator
luci-app-metablogizer	Metabolizer CMS
luci-app-streamlit	Streamlit apps
luci-app-picobrew	PicoBrew server
luci-app-jitsi	Video conferencing

Remote Access (3 modules)

Module	Description
luci-app-rustdesk	RustDesk relay
luci-app-guacamole	Clientless desktop
luci-app-simplex	SimpleX Chat

Plus 27 additional supporting packages...

Supported Architectures

Architecture	Targets	Example Devices
ARM64	aarch64-cortex-a53/a72, mediatek-filogic, rockchip-armv8	MOCHAbin, NanoPi R4S/R5S, GL.iNet MT3000, Raspberry Pi 4
ARM32	arm-cortex-a7/a9-neon, qualcomm-ipq40xx	Turris Omnia, Google WiFi
MIPS	mips-24kc, mipsel-24kc	TP-Link Archer, Xiaomi
x86	x86-64	PC, VMs, Docker, Proxmox

Installation

From Pre-built Packages

opkg update
opkg install luci-app-secubox-portal_*.ipk
opkg install luci-app-crowdsec-dashboard_*.ipk

Build from Source

# Clone into OpenWrt SDK
cd ~/openwrt-sdk/package/
git clone https://github.com/CyberMind-FR/secubox-openwrt.git secubox

# Build
make package/secubox/luci-app-secubox-portal/compile V=s

Add as Feed

src-git secubox https://github.com/CyberMind-FR/secubox-openwrt.git

MCP Integration (Claude Desktop)

SecuBox includes an MCP server for AI integration:

{
  "mcpServers": {
    "secubox": {
      "command": "ssh",
      "args": ["root@192.168.255.1", "/usr/bin/secubox-mcp"]
    }
  }
}

Available tools: crowdsec.alerts, crowdsec.decisions, waf.logs, dns.queries, network.flows, system.metrics, wireguard.status, ai.analyze_threats, ai.cve_lookup, ai.suggest_waf_rules

Roadmap

Version	Status	Focus
v0.17	Released	Core Mesh, 38 modules
v0.18	Released	P2P Hub, AI Gateway, 86 modules
v0.19	Released	Full P2P intelligence
v1.0	Beta	Pen testing, bug bounty, ANSSI prep
v1.1	Planned	ANSSI certification, GA release

Beta Release

See BETA-RELEASE.md for security testing guidelines and bug bounty scope.

Default Credentials (VM Appliance)

Username: root
Password: c3box (change on first login!)

License

Author

Gandalf - CyberMind.fr

Ex Tenebris, Lux Securitas

Made in France