History

CyberMind-FR e58f479cd4 feat(waf): Update WAF scenarios with 2024-2025 CVEs and OWASP threats Add detection patterns for latest actively exploited vulnerabilities: - CVE-2025-55182 (React2Shell, CVSS 10.0) - CVE-2025-8110 (Gogs RCE), CVE-2025-53770 (SharePoint) - CVE-2025-52691 (SmarterMail), CVE-2025-40551 (SolarWinds) - CVE-2024-47575 (FortiManager), CVE-2024-21887 (Ivanti) - CVE-2024-3400, CVE-2024-0012, CVE-2024-9474 (PAN-OS) New attack categories based on OWASP Top 10 2025: - HTTP Request Smuggling (TE.CL/CL.TE conflicts) - AI/LLM Prompt Injection (ChatML, instruction markers) - WAF Bypass techniques (Unicode normalization, double encoding) - Supply Chain attacks (CI/CD poisoning, dependency confusion) - Extended SSTI (Jinja2, Freemarker, Velocity, Thymeleaf) - API Abuse (BOLA/IDOR, mass assignment) CrowdSec scenarios split into 11 separate files for reliability. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>		2026-02-12 05:02:57 +01:00
..
htdocs/luci-static/resources
root/usr
Makefile
README.md

LuCI SecuBox Service Exposure Manager

Unified interface for exposing local services via Tor hidden services and HAProxy SSL reverse proxy, with port conflict detection.

Installation

opkg install luci-app-exposure

LuCI menu: SecuBox -> Network -> Service Exposure

Backend: luci.exposure

Method	Description
`scan`	Scan all listening services and ports
`conflicts`	Detect port conflicts between services
`status`	Get exposure manager status
`tor_list`	List Tor hidden services
`ssl_list`	List SSL reverse proxy entries
`get_config`	Get exposure configuration
`fix_port`	Reassign a conflicting service port
`tor_add`	Add a Tor hidden service
`tor_remove`	Remove a Tor hidden service
`ssl_add`	Add an SSL reverse proxy entry
`ssl_remove`	Remove an SSL reverse proxy entry

Apache-2.0