gandalf/secubox-openwrt
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,309 Commits 4 Branches 293 Tags 320 MiB
ed0c95f8da
Commit Graph

5 Commits

Author SHA1 Message Date
CyberMind-FR
e58f479cd4 feat(waf): Update WAF scenarios with 2024-2025 CVEs and OWASP threats 
Add detection patterns for latest actively exploited vulnerabilities:
- CVE-2025-55182 (React2Shell, CVSS 10.0)
- CVE-2025-8110 (Gogs RCE), CVE-2025-53770 (SharePoint)
- CVE-2025-52691 (SmarterMail), CVE-2025-40551 (SolarWinds)
- CVE-2024-47575 (FortiManager), CVE-2024-21887 (Ivanti)
- CVE-2024-3400, CVE-2024-0012, CVE-2024-9474 (PAN-OS)

New attack categories based on OWASP Top 10 2025:
- HTTP Request Smuggling (TE.CL/CL.TE conflicts)
- AI/LLM Prompt Injection (ChatML, instruction markers)
- WAF Bypass techniques (Unicode normalization, double encoding)
- Supply Chain attacks (CI/CD poisoning, dependency confusion)
- Extended SSTI (Jinja2, Freemarker, Velocity, Thymeleaf)
- API Abuse (BOLA/IDOR, mass assignment)

CrowdSec scenarios split into 11 separate files for reliability.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-02-12 05:02:57 +01:00
CyberMind-FR
c5e22fd08d refactor(nav): Unify navigation component with auto-theme initialization 
SecuNav.renderTabs() now automatically initializes theme and loads CSS,
eliminating boilerplate from views. Added renderCompactTabs() for nested
modules and renderBreadcrumb() for back-navigation.

Updated module navs: cdn-cache, client-guardian, crowdsec-dashboard,
media-flow, mqtt-bridge, system-hub. Removed ~1000 lines of duplicate CSS.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-02-05 03:42:32 +01:00
CyberMind-FR
9acab29c34 feat(v0.17): P2P Mesh Recovery, MITM Analytics, Swiss Army Knife 
Major features:
- P2P Mesh distributed recovery infrastructure with blockchain catalog
- MITM analytics proxy for external access monitoring (IP, country, scans)
- SecuBox Swiss unified CLI tool for management & recovery
- Python remote management console (secubox-console)
- Multi-theme landing page generator (mirrorbox, cyberpunk, minimal, terminal, light)
- Service Registry enhancements with health check and network diagnostics
- Services page modernization with Service Registry API integration

New components:
- secubox-swiss: Swiss Army Knife unified management tool
- secubox-mesh: P2P mesh networking and sync
- secubox-recover: Snapshot, profiles, rollback, reborn scripts
- secubox-console: Python remote management app
- secubox_analytics.py: MITM traffic analysis addon

Fixes:
- Service Registry ACL permissions for secubox services page
- Port status display (firewall_open detection)
- RPC response handling for list_services

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-30 19:46:28 +01:00
CyberMind-FR
906bf6f549 feat: Add HTTP health checks, portal speedtest, and fix cert detection 
- metablogizer: Add HTTP health checks for backend (uhttpd) and frontend (HAProxy)
- metablogizer: Fix BusyBox-compatible certificate expiry detection using openssl checkend
- secubox-portal: Add speed test widget with ping/download/upload measurement
- tor-shield: Fix settings save ensuring UCI sections exist
- cdn-cache: UI improvements and restructure
- streamlit: Fix port conflict (sappix now uses 8503)
- secubox-core: Add proxy mode detection
- security-threats: Dashboard improvements
- haproxy: Init.d and Makefile updates

PKG_RELEASE bumps:
- luci-app-cdn-cache: 3
- luci-app-metablogizer: 2
- luci-app-secubox-portal: 2
- luci-app-secubox-security-threats: 2
- luci-app-secubox: 4
- luci-app-streamlit: 9
- luci-app-tor-shield: 2
- secubox-app-haproxy: 23
- secubox-core: 6

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-30 19:46:26 +01:00
CyberMind-FR
31a87c5d7a feat(structure): reorganize luci-app packages into package/secubox/ + appstore migration 
Major structural reorganization and feature additions:

## Folder Reorganization
- Move 17 luci-app-* packages to package/secubox/ (except luci-app-secubox core hub)
- Update all tooling to support new structure:
  - secubox-tools/quick-deploy.sh: search both locations
  - secubox-tools/validate-modules.sh: validate both directories
  - secubox-tools/fix-permissions.sh: fix permissions in both locations
  - .github/workflows/test-validate.yml: build from both paths
- Update README.md links to new package/secubox/ paths

## AppStore Migration (Complete)
- Add catalog entries for all remaining luci-app packages:
  - network-tweaks.json: Network optimization tools
  - secubox-bonus.json: Documentation & demos hub
- Total: 24 apps in AppStore catalog (22 existing + 2 new)
- New category: 'documentation' for docs/demos/tutorials

## VHost Manager v2.0 Enhancements
- Add profile activation system for Internal Services and Redirects
- Implement createVHost() API wrapper for template-based deployment
- Fix Virtual Hosts view rendering with proper LuCI patterns
- Fix RPCD backend shell script errors (remove invalid local declarations)
- Extend backend validation for nginx return directives (redirect support)
- Add section_id parameter for named VHost profiles
- Add Remove button to Redirects page for feature parity
- Update README to v2.0 with comprehensive feature documentation

## Network Tweaks Dashboard
- Close button added to component details modal

Files changed: 340+ (336 renames with preserved git history)
Packages affected: 19 luci-app, 2 secubox-app, 1 theme, 4 tools

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-01-01 14:59:38 +01:00