gandalf/secubox-openwrt
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
f4b9c910c5
secubox-openwrt/package/secubox/secubox-app-crowdsec-custom/files
History
CyberMind-FR f4b9c910c5 feat(mitmproxy): Add WAN protection mode for incoming traffic inspection 
Add WAF-like functionality to mitmproxy for protecting services exposed
to the internet. Incoming WAN traffic is redirected through mitmproxy
for threat detection before reaching backend services.

Features:
- WAN protection mode with nftables rules for incoming traffic
- Enhanced bot scanner detection with 50+ scanner signatures
- Behavioral detection for config/admin/backup/shell hunting
- CrowdSec integration with new scenarios for bot scanners
- LuCI interface for WAN protection configuration
- DPI mirror mode support (secondary feature)

New CrowdSec scenarios:
- secubox/mitmproxy-botscan: Detect automated reconnaissance
- secubox/mitmproxy-shell-hunter: Detect shell/backdoor hunting
- secubox/mitmproxy-config-hunter: Detect credential file hunting
- secubox/mitmproxy-suspicious-ua: Detect suspicious user agents

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-02 10:07:40 +01:00
..
acquis.d feat(mitmproxy): Integrate threat detection with CrowdSec for auto-banning 2026-01-31 18:49:14 +01:00
parsers feat(mitmproxy): Add WAN protection mode for incoming traffic inspection 2026-02-02 10:07:40 +01:00
scenarios feat(mitmproxy): Add WAN protection mode for incoming traffic inspection 2026-02-02 10:07:40 +01:00
99-secubox-app-crowdsec-custom feat(crowdsec): Add custom CrowdSec scenarios package for SecuBox 2026-01-22 14:50:36 +01:00