gandalf/secubox-openwrt
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
07705f458c
secubox-openwrt/package/secubox/secubox-app-crowdsec-custom/files/scenarios
History
CyberMind-FR c69ae43961 feat(interceptor,ddos): Add Insider WAF pillar and DDoS hardening profile 
InterceptoR Insider WAF (6th pillar):
- RPCD: get_insider_waf_status() tracking LAN client threats
- Dashboard: 🔒 Insider WAF card with threat stats
- CrowdSec scenarios for insider threats:
  - C2 beacon, exfiltration, DNS tunneling, lateral movement
  - Cryptominer, IoT botnet, suspicious TLDs, high volume

DDoS Protection Hardening:
- Config Advisor: 8 DDoS checks (SYN cookies, conntrack, RP filter,
  ICMP rate, CrowdSec http-dos, HAProxy maxconn, mitmproxy WAF, Vortex)
- ANSSI rules: New "ddos" category with remediation steps
- Documentation: DOCS/DDOS-PROTECTION.md with full guide

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-12 10:46:16 +01:00
..
secubox-auth-bruteforce.yaml feat(crowdsec): Add custom CrowdSec scenarios package for SecuBox 2026-01-22 14:50:36 +01:00
secubox-gitea-bruteforce.yaml feat(crowdsec+haproxy): Dashboard refactor, custom parsers & scenarios 2026-01-27 11:16:17 +01:00
secubox-haproxy-bruteforce.yaml feat(crowdsec+haproxy): Dashboard refactor, custom parsers & scenarios 2026-01-27 11:16:17 +01:00
secubox-http-bruteforce.yaml feat(crowdsec): Add custom CrowdSec scenarios package for SecuBox 2026-01-22 14:50:36 +01:00
secubox-insider-threats.yaml feat(interceptor,ddos): Add Insider WAF pillar and DDoS hardening profile 2026-02-12 10:46:16 +01:00
secubox-mitmproxy-threats.yaml feat(mitmproxy): Add WAN protection mode for incoming traffic inspection 2026-02-02 10:07:40 +01:00
secubox-streamlit-bruteforce.yaml feat(crowdsec+haproxy): Dashboard refactor, custom parsers & scenarios 2026-01-27 11:16:17 +01:00
secubox-webapp-bruteforce.yaml feat(crowdsec+haproxy): Dashboard refactor, custom parsers & scenarios 2026-01-27 11:16:17 +01:00