gandalf/secubox-openwrt
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,396 Commits 4 Branches 293 Tags 320 MiB
bc3be1709b
Commit Graph

4 Commits

Author SHA1 Message Date
CyberMind-FR
2607bfb911 refactor(luci-app-secubox): KISS UI regeneration for all core views 
Rewrote 5 core SecuBox LuCI views with KISS pattern:
- modules.js: 565→280 lines, filter tabs, module cards
- monitoring.js: 442→245 lines, SVG charts, 5s polling
- alerts.js: 451→255 lines, timeline, severity filters
- settings.js: 540→220 lines, UCI form with chips
- services.js: 1334→410 lines, provider status, health checks

Total: 3332→1410 lines (~58% reduction)

Changes:
- Removed legacy deps: SecuNav, Theme, Cascade, SbHeader
- Inline CSS with dark mode via prefers-color-scheme
- KissTheme.wrap() for consistent navigation
- Self-contained views with no external CSS dependencies

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-02-21 12:24:07 +01:00
CyberMind-FR
e58f479cd4 feat(waf): Update WAF scenarios with 2024-2025 CVEs and OWASP threats 
Add detection patterns for latest actively exploited vulnerabilities:
- CVE-2025-55182 (React2Shell, CVSS 10.0)
- CVE-2025-8110 (Gogs RCE), CVE-2025-53770 (SharePoint)
- CVE-2025-52691 (SmarterMail), CVE-2025-40551 (SolarWinds)
- CVE-2024-47575 (FortiManager), CVE-2024-21887 (Ivanti)
- CVE-2024-3400, CVE-2024-0012, CVE-2024-9474 (PAN-OS)

New attack categories based on OWASP Top 10 2025:
- HTTP Request Smuggling (TE.CL/CL.TE conflicts)
- AI/LLM Prompt Injection (ChatML, instruction markers)
- WAF Bypass techniques (Unicode normalization, double encoding)
- Supply Chain attacks (CI/CD poisoning, dependency confusion)
- Extended SSTI (Jinja2, Freemarker, Velocity, Thymeleaf)
- API Abuse (BOLA/IDOR, mass assignment)

CrowdSec scenarios split into 11 separate files for reliability.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-02-12 05:02:57 +01:00
CyberMind-FR
8f6eeede06 feat(crowdsec): Add console enrollment & integrate SecuBox theme 
- Add Console Enrollment section to settings with persistent key storage
- Integrate CrowdSec CSS with SecuBox global theme variables (--cyber-*)
- Fix modules.js install button and add installModule function
- Map cs-*, soc-*, sh-* CSS variables to SecuBox theme for consistency

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-31 05:34:31 +01:00
CyberMind-FR
675b2d164e feat: Portal service detection, nDPId compat layer, CrowdSec/Netifyd packages 
Portal (luci-app-secubox-portal):
- Fix service status showing 0/9 by checking if init scripts exist
- Only count installed services in status display
- Use pgrep fallback when init script status fails

nDPId Dashboard (luci-app-ndpid):
- Add default /etc/config/ndpid configuration
- Add /etc/init.d/ndpid-compat init script
- Enable compat service in postinst for app detection
- Fix Makefile to install init script and config

CrowdSec Dashboard:
- Add CLAUDE.md with OpenWrt-specific guidelines (pgrep without -x)
- CSS fixes for hiding LuCI left menu in all views
- LAPI repair improvements with retry logic

New Packages:
- secubox-app-crowdsec: OpenWrt-native CrowdSec package
- secubox-app-netifyd: Netifyd DPI integration
- luci-app-secubox: Core SecuBox hub
- luci-theme-secubox: Custom theme

Removed:
- luci-app-secubox-crowdsec (replaced by crowdsec-dashboard)
- secubox-crowdsec-setup (functionality moved to dashboard)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-10 13:51:40 +01:00