From 6935e84deac42c30f828a82ea1d8915daeebceb4 Mon Sep 17 00:00:00 2001 From: Digi J Date: Tue, 3 Mar 2026 13:28:14 -0800 Subject: [PATCH] Delete CHANGELOG.md --- CHANGELOG.md | 187 --------------------------------------------------- 1 file changed, 187 deletions(-) delete mode 100644 CHANGELOG.md diff --git a/CHANGELOG.md b/CHANGELOG.md deleted file mode 100644 index c0b1764..0000000 --- a/CHANGELOG.md +++ /dev/null @@ -1,187 +0,0 @@ -# AUTARCH Changelog - ---- - -## v2.2.0 — 2026-03-03 - -### Full Arsenal Expansion — 16 New Modules - -Phase 2 complete. 16 new security modules with full CLI, Flask routes, and web UI templates. - -#### Offense -- **WiFi Auditing** (`/wifi/`) — aircrack-ng integration: monitor mode, AP scanning, deauth attacks, WPA handshake capture/crack, WPS Pixie-Dust, rogue AP detection, packet capture -- **API Fuzzer** (`/api-fuzzer/`) — OpenAPI/Swagger discovery, parameter fuzzing (SQLi/XSS/traversal/type confusion), auth bypass & IDOR testing, rate limit probing, GraphQL introspection attacks -- **Cloud Security Scanner** (`/cloud/`) — S3/GCS/Azure blob enumeration, exposed service scanning, IMDS metadata SSRF checks, cloud subdomain enumeration -- **C2 Framework** (`/c2/`) — multi-session agent management, Python/PowerShell/Bash payloads, HTTP/HTTPS/DNS beaconing, file transfer, SOCKS pivoting, listener management -- **Web Application Scanner** (`/webscan/`) — directory bruteforce, subdomain enum, SQLi/XSS detection, header analysis, tech fingerprinting, SSL/TLS audit, crawler - -#### Defense -- **Threat Intel Feed** (`/threat-intel/`) — IOC management (IP/domain/hash/URL), STIX/CSV/JSON feed ingestion, VirusTotal & AbuseIPDB API lookups, network correlation, blocklist export (iptables/nginx/snort) -- **Log Correlator** (`/logs/`) — multi-format log parsing (syslog/Apache/JSON), 10 built-in detection rules (SSH brute force, SQLi, XSS, path traversal), threshold alerting, custom rules, timeline view - -#### Counter -- **Steganography** (`/stego/`) — LSB image encoding (PNG/BMP), audio steganography (WAV), document whitespace encoding (zero-width chars), AES-256 pre-encryption, chi-square & RS statistical detection -- **Anti-Forensics** (`/anti-forensics/`) — multi-pass secure file/directory deletion, free space wiping, timestamp manipulation (set/clone/randomize), log clearing, shell history scrubbing, EXIF & PDF metadata stripping - -#### Analyze -- **Password Toolkit** (`/passwords/`) — hash identification & cracking (hashcat/john integration), secure password generation, credential spray testing (SSH/FTP/SMB/HTTP), wordlist management, policy auditing -- **Network Topology Mapper** (`/netmap/`) — ARP/ICMP/TCP host discovery, service enumeration, OS fingerprinting, SVG topology visualization, subnet grouping, scan diffing -- **Reporting Engine** (`/reports/`) — structured pentest reports, CVSS-scored findings, auto-population from scans & dossiers, PDF/HTML/Markdown export, compliance mapping (OWASP/NIST/CIS) -- **BLE Scanner** (`/ble/`) — BLE advertisement scanning via bleak, service & characteristic enumeration, read/write operations, known vulnerability database, RSSI proximity tracking -- **Forensics Toolkit** (`/forensics/`) — disk imaging (dd + hash verification), file carving by magic bytes (15 types), EXIF metadata extraction, filesystem timeline builder, chain of custody logging -- **RFID/NFC Tools** (`/rfid/`) — Proxmark3 integration (LF/HF search, EM410x read/clone/sim, MIFARE dump/clone), libnfc NFC scanning, card database, default MIFARE keys -- **Malware Sandbox** (`/sandbox/`) — sample submission (file upload or path), static analysis (strings, PE/ELF parsing, YARA-like indicators, risk scoring), Docker-based dynamic analysis with behavior logging - -### Build System -- All 16 modules wired into `web/app.py` (blueprint registration), `base.html` (sidebar navigation), `autarch_public.spec` and `setup_msi.py` (hidden imports) -- Sidebar organized by category: Defense, Offense, Counter, Analyze - ---- - -## v2.1.0 — 2026-03-03 - -### DNS-over-TLS (DoT) & DNS-over-HTTPS (DoH) - -- **Full DoT implementation** — encrypted DNS queries over TLS (port 853) with certificate validation -- **Full DoH implementation** — encrypted DNS queries over HTTPS (RFC 8484, wire-format POST) -- **Auto-detection** for known encrypted providers: - - Google DNS (`8.8.8.8`, `8.8.4.4`) — DoT via `dns.google`, DoH via `https://dns.google/dns-query` - - Cloudflare (`1.1.1.1`, `1.0.0.1`) — DoT via `one.one.one.one`, DoH via `https://cloudflare-dns.com/dns-query` - - Quad9 (`9.9.9.9`, `149.112.112.112`) — DoT via `dns.quad9.net`, DoH via `https://dns.quad9.net/dns-query` - - OpenDNS (`208.67.222.222`, `208.67.220.220`) — DoT/DoH via `dns.opendns.com` - - AdGuard (`94.140.14.14`, `94.140.15.15`) — DoT/DoH via `dns.adguard-dns.com` -- **Priority chain**: DoH > DoT > Plain DNS — auto-fallback on failure -- **Encryption test tool** in the Nameserver UI — live test DoT/DoH/Plain against any server with latency reporting -- **Toggle controls** — enable/disable DoT and DoH independently via UI or API -- **API endpoints**: `GET/POST /api/encryption`, `POST /api/encryption/test` - -### Hosts File Support - -- **Hosts-file parser** — `/etc/hosts` style hostname resolution served via DNS -- **Resolution priority**: Hosts file entries checked before zones and cache for fastest local resolution -- **CRUD operations** — add, remove, search individual host entries via UI or API -- **Bulk import** — paste hosts-file format text or load from a file path (e.g., `/etc/hosts`, `C:\Windows\System32\drivers\etc\hosts`) -- **System hosts loader** — one-click button to load the OS hosts file -- **Export** — download current hosts database in standard hosts-file format -- **PTR reverse lookup** — hosts entries support reverse DNS (in-addr.arpa) queries -- **Alias support** — multiple hostnames per IP, matching on primary hostname or any alias -- **Hosts tab** in Nameserver UI — full management table with search, inline add, import/export -- **API endpoints**: `GET/POST/DELETE /api/hosts`, `POST /api/hosts/import`, `GET /api/hosts/export` - -### EZ Intranet Domain (One-Click Local DNS) - -- **One-click intranet domain creation** in the Nameserver UI -- **Auto network detection** — discovers local IP, hostname, gateway, subnet via socket/ARP -- **Host discovery** — scans ARP table for all devices on the network with reverse DNS lookup -- **Editable DNS names** — auto-suggests names for discovered hosts, fully editable before deployment -- **Custom hosts** — add arbitrary hosts not found by network scan -- **Deployment creates**: - - Forward DNS zone with SOA + NS records - - A records for server, hostname, and all selected/custom hosts - - Hosts-file entries for instant resolution - - Reverse DNS zone (PTR records) for reverse lookups -- **Client configuration** — shows copy-paste instructions for Windows (`netsh`) and Linux (`resolv.conf`/`systemd-resolved`) -- **Router DHCP hint** — advises setting the DNS server IP in router DHCP for automatic network-wide deployment -- **API endpoint**: `POST /dns/ez-intranet` - -### Full Configuration UI - -Expanded the Config tab from 5 fields to 18 fields across 5 categories: - -- **Network** — DNS listen address, API listen address, upstream forwarder servers -- **Cache & Performance** — cache TTL, negative cache TTL (NXDOMAIN), SERVFAIL cache TTL, query log max entries, max UDP response size, rate limit (queries/sec/IP), prefetch toggle -- **Security** — query logging, refuse ANY queries (anti-amplification), minimal responses (hide server info), zone transfer ACL (AXFR/IXFR whitelist) -- **Encryption** — DoH enable/disable, DoT enable/disable with priority explanation -- **Hosts** — hosts file path, auto-load on startup toggle - -All settings are live-editable from the dashboard and propagated to the running server without restart. - -### Go DNS Server Changes - -- **`server/resolver.go`** — added `QueryUpstreamDoT()`, `QueryUpstreamDoH()`, `queryUpstreamEncrypted()`, `GetEncryptionStatus()` with TLS 1.2+ minimum, HTTP/2 for DoH, proper SNI for DoT -- **`server/hosts.go`** — new file: `HostsStore` with `LoadFile()`, `LoadFromText()`, `Add()`, `Remove()`, `Lookup()`, `Export()`, PTR support -- **`server/dns.go`** — integrated hosts lookup before zone lookup in query handler; added `GetHosts()`, `GetEncryptionStatus()`, `SetEncryption()`, `GetResolver()` -- **`config/config.go`** — added `HostsFile`, `HostsAutoLoad`, `QueryLogMax`, `NegativeCacheTTL`, `PrefetchEnabled`, `ServFailCacheTTL` -- **`api/router.go`** — added 5 new endpoint groups: hosts CRUD, hosts import/export, encryption status/toggle, encryption test, full config expansion -- **`main.go`** — version bump to 2.1.0 - -### Web Dashboard Changes - -- **`web/templates/dns_nameserver.html`** — added 3 new tabs: Encryption, Hosts, EZ Intranet (13 tabs total) -- **`web/templates/dns_service.html`** — expanded Config tab with all 18 settings in categorized layout -- **`web/routes/dns_service.py`** — added 8 new routes: hosts CRUD, hosts import/export, encryption status/toggle/test, EZ intranet deploy - ---- - -## v2.0.0 — 2026-03-03 - -### Go DNS/Nameserver Service - -- **Full recursive DNS resolver** from IANA root hints — no upstream dependency -- **13 root server** iterative resolution with delegation chain following -- **CNAME chain following** across zone boundaries -- **Authoritative zone hosting** with JSON-backed zone storage -- **Record types**: A, AAAA, CNAME, MX, TXT, NS, SRV, PTR, SOA -- **DNSSEC toggle** per zone -- **DNS caching** with configurable TTL and automatic cleanup -- **Query logging** with ring buffer (configurable size) -- **Analytics**: top domains, query type distribution, per-client query counts -- **Blocklist**: exact match + wildcard parent domain matching, bulk import (hosts-file format) -- **Conditional forwarding**: zone-specific upstream server rules -- **Root health check**: concurrent ping of all 13 IANA root servers with latency measurement -- **Benchmark tool**: multi-domain latency testing with min/avg/max statistics -- **Zone import/export**: BIND zone file format support -- **Zone cloning**: duplicate zone with all records -- **Bulk record operations**: add multiple records in a single request -- **Mail record auto-setup**: one-click MX + SPF + DKIM + DMARC creation -- **Security hardening**: refuse ANY (anti-amplification), minimal responses, AXFR/IXFR blocking, rate limiting, max UDP size (1232 bytes for safe MTU) -- **REST API**: 30+ endpoints with token auth and CORS - -### Nameserver Web UI (10 tabs) - -- **Query** — DNS query tester against local NS or system resolver -- **Query Log** — auto-refreshing query history with filtering -- **Analytics** — top domains (bar charts), query type distribution, client stats, NS cache viewer -- **Cache** — searchable cache viewer with per-entry and full flush -- **Blocklist** — add/remove/search domains, bulk import in hosts-file format -- **Forwarding** — conditional forwarding rule management -- **Root Health** — concurrent check of all 13 root servers with latency bars -- **Benchmark** — multi-domain latency testing with visual results -- **Delegation** — NS delegation record generator with glue record instructions -- **Build** — Go binary compilation controls and instructions - -### DNS Zone Manager Web UI (7 tabs) - -- **Zones** — create/delete/clone zones -- **Records** — full CRUD with bulk add (JSON), filtering by type/search, column sorting -- **EZ-Local** — network auto-scan intranet domain setup with ARP host discovery -- **Reverse Proxy** — DDNS, nginx/Caddy/Apache config generation, UPnP port forwarding -- **Import/Export** — BIND zone file backup/restore with inline editor -- **Templates** — quick-setup for web server, mail server, PTR, subdomain delegation -- **Config** — full server configuration panel - -### Gone Fishing Mail Server Enhancements - -- **Landing pages** — 4 built-in phishing templates (Office 365, Google, Generic, VPN) + custom HTML editor -- **Credential capture** — form POST interception on unauthenticated endpoints with IP/UA/referer logging -- **DKIM signing** — OpenSSL RSA 2048-bit keypair generation and DNS record instructions -- **DNS auto-setup** — automatic MX/SPF/DKIM/DMARC record creation via DNS service integration -- **Email evasion** — Unicode homoglyphs (30% swap), zero-width character insertion (15%), HTML entity encoding (20%) -- **Header manipulation** — random X-Mailer, X-Priority, custom headers, spoofed Received chain generation -- **CSV import/export** — bulk target import and credential capture export -- **Campaign management** — per-campaign tracking, export, and capture association - -### IP Capture & Redirect Service - -- **Stealthy link tracking** — fast 302 redirect with IP/UA/headers capture -- **Realistic URL disguise** — article-style paths that look like real news URLs -- **GeoIP lookup** on captured IPs -- **Dossier integration** — add captures to existing OSINT dossiers -- **Management UI** — create/manage links, view captures with filtering, export - -### SYN Flood Module - -- **TCP SYN flood** attack tool with configurable parameters -- **Multi-threaded** packet generation -- **Port targeting** — single port, range, or random -- **Source IP spoofing** options