gandalf/secubox-openwrt
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,537 Commits 4 Branches 293 Tags 320 MiB
master
Commit Graph

10 Commits

Author SHA1 Message Date
CyberMind-FR
9048f6b53b style(ndpid): Migrate dashboard and flows views to KISS theme 
- Remove old secubox-theme and secubox-portal/header dependencies
- Remove external dashboard.css stylesheet
- Replace ndpid/api with direct RPC declarations
- Use KISS classes (kiss-card, kiss-stat, kiss-table, kiss-badge, kiss-btn)
- Add consistent navigation tabs
- Add poll toggle for auto-refresh control
- Use CSS variables (--kiss-blue, --kiss-green, --kiss-muted, etc.)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-02-12 13:51:36 +01:00
CyberMind-FR
e58f479cd4 feat(waf): Update WAF scenarios with 2024-2025 CVEs and OWASP threats 
Add detection patterns for latest actively exploited vulnerabilities:
- CVE-2025-55182 (React2Shell, CVSS 10.0)
- CVE-2025-8110 (Gogs RCE), CVE-2025-53770 (SharePoint)
- CVE-2025-52691 (SmarterMail), CVE-2025-40551 (SolarWinds)
- CVE-2024-47575 (FortiManager), CVE-2024-21887 (Ivanti)
- CVE-2024-3400, CVE-2024-0012, CVE-2024-9474 (PAN-OS)

New attack categories based on OWASP Top 10 2025:
- HTTP Request Smuggling (TE.CL/CL.TE conflicts)
- AI/LLM Prompt Injection (ChatML, instruction markers)
- WAF Bypass techniques (Unicode normalization, double encoding)
- Supply Chain attacks (CI/CD poisoning, dependency confusion)
- Extended SSTI (Jinja2, Freemarker, Velocity, Thymeleaf)
- API Abuse (BOLA/IDOR, mass assignment)

CrowdSec scenarios split into 11 separate files for reliability.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-02-12 05:02:57 +01:00
CyberMind-FR
db3a41928e fix(luci): Fix require syntax in all LuCI views - use slashes instead of dots 
All 'require module.submodule' directives changed to 'require module/submodule'
to match LuCI's module loading convention.

Affected packages:
- luci-app-auth-guardian
- luci-app-glances
- luci-app-localai
- luci-app-magicmirror2
- luci-app-mitmproxy
- luci-app-mmpm
- luci-app-mqtt-bridge
- luci-app-ndpid
- luci-app-network-modes
- luci-app-secubox-admin
- luci-app-secubox-portal
- luci-app-wireguard-dashboard

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-21 17:15:21 +01:00
CyberMind-FR
4bb638a2ec fix: Dark theme for internal navigation bars in nDPId and Netifyd 
- Change nav bar background from rgba(255,255,255,0.05) to solid #141419
- Add subtle border for visual separation
- Ensures proper dark theme appearance for navigation tabs

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-09 16:15:27 +01:00
CyberMind-FR
fbbcd86e62 feat: Add internal navigation and dark theming to nDPId and Netifyd apps 
- Add internal navigation bars to nDPId (Dashboard, Flows, Settings)
- Add internal navigation bars to Netifyd (Dashboard, Flows, Devices, Applications, Settings)
- Complete dark theme CSS for Netifyd with LuCI element overrides
- Add CSS loading to all Netifyd views
- Version bumps: luci-app-ndpid 1.1.1, luci-app-secubox-netifyd 1.2.1

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-09 16:10:14 +01:00
CyberMind-FR
9e1b841d98 feat: Add SecuBox portal header to nDPId views 
Add unified SecuBox header navigation to all 3 nDPId views:
- dashboard.js, flows.js, settings.js

Pattern: Wrap view content with secubox-page-wrapper and prepend
SbHeader.render() to hide LuCI sidebar when in portal context.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-09 15:58:43 +01:00
CyberMind-FR
50bd0c872e feat: Enhance monitoring page layout and fix nDPId detailed flows 
Monitoring page:
- Move Current Statistics card above histogram charts
- Replace Network Throughput with System Load chart
- Fix API field mapping (usage_percent vs percent)
- Parse load from cpu.load string format

nDPId app:
- Add get_detailed_flows and get_categories RPCD methods
- Fix subshell variable scope bug in RPCD script
- Add interface scanning from /sys/class/net
- Update ACL permissions for new methods
- Enhance flows.js with Array.isArray data handling

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-09 12:43:01 +01:00
CyberMind-FR
66f4f32655 fix: Handle null response in nDPId settings view 
- Add catch() handler for getInterfaces() API call
- Provide fallback interface list if API returns null
- Bump release to r2

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-09 10:12:51 +01:00
CyberMind-FR
c9af2b9980 fix: Use baseclass.extend() for nDPId API module 
LuCI JavaScript modules must use baseclass.extend() pattern instead
of returning plain objects. This fixes the "factory yields invalid
constructor" error.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-09 09:40:37 +01:00
CyberMind-FR
e4a553a6d5 feat: Add nDPId package for lightweight DPI (alternative to netifyd) 
- Add secubox-app-ndpid: nDPId daemon with bundled libndpi 5.x
- Add luci-app-ndpid: LuCI web interface for nDPId management
- Add migration documentation from netifyd to nDPId
- Uses git dev branch for latest libndpi API compatibility
- Builds nDPId + nDPIsrvd event broker for microservice architecture

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-09 09:32:23 +01:00