secubox-openwrt

History

CyberMind-FR f4b9c910c5 feat(mitmproxy): Add WAN protection mode for incoming traffic inspection Add WAF-like functionality to mitmproxy for protecting services exposed to the internet. Incoming WAN traffic is redirected through mitmproxy for threat detection before reaching backend services. Features: - WAN protection mode with nftables rules for incoming traffic - Enhanced bot scanner detection with 50+ scanner signatures - Behavioral detection for config/admin/backup/shell hunting - CrowdSec integration with new scenarios for bot scanners - LuCI interface for WAN protection configuration - DPI mirror mode support (secondary feature) New CrowdSec scenarios: - secubox/mitmproxy-botscan: Detect automated reconnaissance - secubox/mitmproxy-shell-hunter: Detect shell/backdoor hunting - secubox/mitmproxy-config-hunter: Detect credential file hunting - secubox/mitmproxy-suspicious-ua: Detect suspicious user agents Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-02-02 10:07:40 +01:00
..
settings.js	feat(mitmproxy): Add WAN protection mode for incoming traffic inspection	2026-02-02 10:07:40 +01:00
status.js	fix(mitmproxy): Fix alerts display by reading from correct log path	2026-01-31 18:37:21 +01:00

CyberMind-FR f4b9c910c5 feat(mitmproxy): Add WAN protection mode for incoming traffic inspection

Add WAF-like functionality to mitmproxy for protecting services exposed
to the internet. Incoming WAN traffic is redirected through mitmproxy
for threat detection before reaching backend services.

Features:
- WAN protection mode with nftables rules for incoming traffic
- Enhanced bot scanner detection with 50+ scanner signatures
- Behavioral detection for config/admin/backup/shell hunting
- CrowdSec integration with new scenarios for bot scanners
- LuCI interface for WAN protection configuration
- DPI mirror mode support (secondary feature)

New CrowdSec scenarios:
- secubox/mitmproxy-botscan: Detect automated reconnaissance
- secubox/mitmproxy-shell-hunter: Detect shell/backdoor hunting
- secubox/mitmproxy-config-hunter: Detect credential file hunting
- secubox/mitmproxy-suspicious-ua: Detect suspicious user agents

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

2026-02-02 10:07:40 +01:00

settings.js

feat(mitmproxy): Add WAN protection mode for incoming traffic inspection

2026-02-02 10:07:40 +01:00

status.js

fix(mitmproxy): Fix alerts display by reading from correct log path

2026-01-31 18:37:21 +01:00