gandalf/secubox-openwrt
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,294 Commits 4 Branches 293 Tags 320 MiB
d43855b3d1
Commit Graph

4 Commits

Author SHA1 Message Date
CyberMind-FR
e58f479cd4 feat(waf): Update WAF scenarios with 2024-2025 CVEs and OWASP threats 
Add detection patterns for latest actively exploited vulnerabilities:
- CVE-2025-55182 (React2Shell, CVSS 10.0)
- CVE-2025-8110 (Gogs RCE), CVE-2025-53770 (SharePoint)
- CVE-2025-52691 (SmarterMail), CVE-2025-40551 (SolarWinds)
- CVE-2024-47575 (FortiManager), CVE-2024-21887 (Ivanti)
- CVE-2024-3400, CVE-2024-0012, CVE-2024-9474 (PAN-OS)

New attack categories based on OWASP Top 10 2025:
- HTTP Request Smuggling (TE.CL/CL.TE conflicts)
- AI/LLM Prompt Injection (ChatML, instruction markers)
- WAF Bypass techniques (Unicode normalization, double encoding)
- Supply Chain attacks (CI/CD poisoning, dependency confusion)
- Extended SSTI (Jinja2, Freemarker, Velocity, Thymeleaf)
- API Abuse (BOLA/IDOR, mass assignment)

CrowdSec scenarios split into 11 separate files for reliability.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-02-12 05:02:57 +01:00
CyberMind-FR
edca533f07 feat(ui): Apply KISS theme with C3BOX sidebar to SecuBox views 
- InterceptoR: Refactor to use shared KissTheme.wrap() module
  - Remove duplicate inline CSS (~200 lines)
  - Use shared theme for sidebar navigation

- IoT Guard: Update to KISS dark theme styling
  - Use KissTheme.wrap() with sidebar
  - Update stat cards to use KISS classes
  - Update device chips and anomaly table styling

- mitmproxy: Add KISS theme wrapper
  - Add KissTheme.wrap() for sidebar navigation
  - Update info card styling to match theme

- System Hub: Update to KISS theme
  - Add KissTheme.wrap() for sidebar navigation
  - Update quick actions to use kiss-btn class
  - Inject KISS-compatible extra styles for cards

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-02-11 12:09:42 +01:00
CyberMind-FR
8e2a4c47de fix(iot-guard): Add default UCI config file 
Add /etc/config/iot-guard with default settings so the Settings
page loads without RPC errors. Includes main config, zone policy,
allowlist, and blocklist sections.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-02-11 11:42:03 +01:00
CyberMind-FR
8ef0c70d0f feat(iot-guard): Add IoT device isolation and security monitoring 
Backend (secubox-iot-guard):
- OUI-based device classification with 100+ IoT vendor prefixes
- 10 device classes: camera, thermostat, lighting, plug, assistant, etc.
- Risk scoring (0-100) with auto-isolation threshold
- Anomaly detection: bandwidth spikes, port scans, time anomalies
- Integration with Client Guardian, MAC Guardian, Vortex Firewall
- iot-guardctl CLI for status/list/scan/isolate/trust/block
- SQLite database for devices, anomalies, cloud dependencies
- Traffic baseline profiles for common device classes

Frontend (luci-app-iot-guard):
- KISS-style overview dashboard with security score
- Device management with isolate/trust/block actions
- Vendor classification rules editor
- Settings form for UCI configuration
- RPCD handler with 11 methods
- Public ACL for unauthenticated dashboard access

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-02-11 10:36:04 +01:00