Commit Graph

15 Commits

Author SHA1 Message Date
CarterPerez-dev 56c2b0233c the hallway is four steps longer at night. i've confirmed this. 2026-06-18 17:40:31 -04:00
CarterPerez-dev 1bb94b08eb feat(ja3-ja4-tls-fingerprinting): M8 SQLite intel store + M9 detection engine
M8: tlsfp-intel crate with seeded fingerprint DB, JA4 fuzzy matcher, prevalence scoring.
M9: six detection rules (known_bad, ua_mismatch, os_mismatch, first_seen, fp_rotation, monoculture) over an observation/alert store (migration v2); --detect on pcap/live plus an intel alerts feed; user_agent plumbed through StreamEvent::HttpRequest.
M10 scaffolding: cybercore frontend, compose/infra/install groundwork (serve not yet wired).
Relicense MIT -> AGPL-3.0; ignore env/node_modules/dist; exclude seed CSVs from whitespace hooks.
2026-06-16 03:06:31 -04:00
CarterPerez-dev ccb1b40a15 feat(hsm-emulator): PKCS#11 HSM emulator in Zig (M0–M7)
Software HSM that compiles to a real Cryptoki (PKCS#11) v2.40 shared
object, loadable by pkcs11-tool / OpenSSL like a smartcard. SoftHSM2-style
three-layer split: C-ABI facade -> typed core state -> crypto + persistence.

- M0  hand-written v2.40 ABI + build-time OASIS cross-check; exports only C_GetFunctionList
- M1  sessions, login, Argon2id PIN, lockout
- M2  objects + find, CKA_PRIVATE gating, persisted token store
- M3  RNG, SHA-2 digest, HMAC, AES-CBC/CBC-PAD/GCM
- M4  ECDSA P-256/P-384 keygen + sign/verify (std.crypto)
- M5  RSA 2048-4096 via libcrypto: PKCS#1 v1.5 / PSS sign-verify, PKCS#1 / OAEP enc-dec
- M6  encrypted-at-rest store: selective AES-256-GCM envelope, master key wrapped under Argon2id(User-PIN)
- M7  hardening (session-secret zeroization, fail-closed relock, heap-leak scrub, ubsan-free ABI) + Docker

Verified three ways: 65/65 unit tests, in-process dlopen smoke, and
cross-process OpenSC pkcs11-tool (token keys survive process restart).

Also excludes vendor/pkcs11 from the trailing-whitespace / end-of-file
pre-commit hooks so the vendored OASIS headers keep their documented
SHA-256 provenance.
2026-06-01 20:35:48 -04:00
CarterPerez-dev 0006ddad3d cracked 2026-05-23 05:01:01 -04:00
CarterPerez-dev 92202b1c16 fix(monitor): pick conflict-free host ports (8432/5432/4432/6432/3432); JWT keygen-on-boot, healthcheck path, baseline migration; ignore frontend/.pnpm-store; pre-commit excludes 2026-05-01 20:13:00 -04:00
CarterPerez-dev c1ec748dda feat: credential enumeration complete 2026-04-04 20:21:19 -04:00
CarterPerez-dev 9397b12a4a add learn folder, move hidden files, update root readme, add learn folder, add clang tidy, and format 2026-02-26 00:38:55 -05:00
CarterPerez-dev 294169a222 feat: Complete Go secrets scanner - Portia 2026-02-22 20:02:38 -05:00
CarterPerez-dev 5c6d8b4904 issue 77 pt3 final lints 2026-02-18 20:17:35 -05:00
CarterPerez-dev 7168174006 issue 77 pt3 golangci 2026-02-18 20:08:20 -05:00
CarterPerez-dev 47432c8ce4 issue 77 pt2 ruff 2026-02-18 19:47:47 -05:00
CarterPerez-dev 95cc222302 issue 77 2026-02-18 18:53:15 -05:00
CarterPerez-dev f83f92545c - Standardize READMEs and add justfiles across all 14 projects
- Add headers, badges, learn module pointers, just command runner tips, and AGPLv3 licenses etc. etc.
- Add missing Justfiles in some projects
- Update pre commit hook and add TODO
2026-02-11 07:01:25 -05:00
CarterPerez-dev 116460f01a yapf 2025-11-12 15:33:54 -05:00
CarterPerez-dev e7a4ea6f92 fix ruff and mypy lint, add pre commit so it doesnt happen again 2025-11-12 15:30:47 -05:00