sssnake/setec_cdm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit — SETEC LABS Manager (Setec_CDM)

Browse Source 
Flask-based VPS management panel with SSH remote command execution.
Includes E2E encrypted SSH tunnel (AES-256-GCM + Go agent), setup wizard,
security hardening tools, DNS management, firewall configs, monitoring,
backup, and .sec patch update system.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
DigiJ
2026-03-13 12:39:02 -07:00
commit 9e839ee826
62 changed files with 14605 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

242
setec-web/security_apps.py Normal file
View File

@@ -0,0 +1,242 @@
# Security tool definitions for the Setec Manager
# Each entry provides check/install/scan/uninstall command strings
# that app.py executes via ssh_run()
SECURITY_APPS = [
{
"name": "ClamAV",
"desc": "Open-source antivirus engine for detecting trojans, viruses, malware",
"cat": "antivirus",
"check": "clamdscan --version 2>/dev/null",
"install": (
"DEBIAN_FRONTEND=noninteractive apt-get update -qq && "
"DEBIAN_FRONTEND=noninteractive apt-get install -y clamav clamav-daemon 2>&1 && "
"systemctl stop clamav-freshclam 2>/dev/null; "
"freshclam 2>&1 && "
"systemctl enable clamav-freshclam 2>&1 && "
"systemctl start clamav-freshclam 2>&1 && "
"systemctl enable clamav-daemon 2>&1 && "
"systemctl start clamav-daemon 2>&1 && "
"echo 'ClamAV installed and running'"
),
"scan": "clamscan -r --bell -i /var/www /home /tmp 2>&1 | tail -30",
"uninstall": (
"systemctl stop clamav-daemon clamav-freshclam 2>/dev/null; "
"systemctl disable clamav-daemon clamav-freshclam 2>/dev/null; "
"apt-get remove -y clamav clamav-daemon clamav-freshclam 2>&1 && "
"apt-get autoremove -y 2>&1 && "
"echo 'ClamAV removed'"
),
},
{
"name": "rkhunter",
"desc": "Rootkit detection tool - scans for rootkits, backdoors, and local exploits",
"cat": "rootkit",
"check": "rkhunter --version 2>/dev/null",
"install": (
"DEBIAN_FRONTEND=noninteractive apt-get update -qq && "
"DEBIAN_FRONTEND=noninteractive apt-get install -y rkhunter 2>&1 && "
"rkhunter --update 2>&1 && "
"rkhunter --propupd 2>&1 && "
"echo 'rkhunter installed and database initialized'"
),
"scan": "rkhunter --check --skip-keypress --report-warnings-only 2>&1",
"uninstall": (
"apt-get remove -y rkhunter 2>&1 && "
"apt-get autoremove -y 2>&1 && "
"echo 'rkhunter removed'"
),
},
{
"name": "chkrootkit",
"desc": "Another rootkit detection tool - checks for signs of rootkits on the system",
"cat": "rootkit",
"check": "chkrootkit -V 2>/dev/null",
"install": (
"DEBIAN_FRONTEND=noninteractive apt-get update -qq && "
"DEBIAN_FRONTEND=noninteractive apt-get install -y chkrootkit 2>&1 && "
"echo 'chkrootkit installed'"
),
"scan": "chkrootkit 2>&1 | grep -v 'not found' | grep -v 'nothing found' | tail -40",
"uninstall": (
"apt-get remove -y chkrootkit 2>&1 && "
"apt-get autoremove -y 2>&1 && "
"echo 'chkrootkit removed'"
),
},
{
"name": "Lynis",
"desc": "Security auditing tool - comprehensive system hardening scanner",
"cat": "audit",
"check": "lynis --version 2>/dev/null",
"install": (
"DEBIAN_FRONTEND=noninteractive apt-get update -qq && "
"DEBIAN_FRONTEND=noninteractive apt-get install -y lynis 2>&1 && "
"echo 'Lynis installed'"
),
"scan": "lynis audit system --quick --no-colors 2>&1 | tail -80",
"uninstall": (
"apt-get remove -y lynis 2>&1 && "
"apt-get autoremove -y 2>&1 && "
"echo 'Lynis removed'"
),
},
{
"name": "OSSEC",
"desc": "Host-based intrusion detection system (HIDS) - log analysis, integrity checking, rootkit detection",
"cat": "ids",
"check": "/var/ossec/bin/ossec-control status 2>/dev/null",
"install": (
"DEBIAN_FRONTEND=noninteractive apt-get update -qq && "
"DEBIAN_FRONTEND=noninteractive apt-get install -y build-essential make gcc libevent-dev zlib1g-dev "
"libssl-dev libpcre2-dev wget 2>&1 && "
"cd /tmp && "
"wget -q https://github.com/ossec/ossec-hids/archive/refs/tags/3.7.0.tar.gz -O ossec-3.7.0.tar.gz 2>&1 && "
"tar xzf ossec-3.7.0.tar.gz 2>&1 && "
"cd ossec-hids-3.7.0 && "
"echo -e '\\nlocal\\n\\n/var/log/syslog\\n/var/log/auth.log\\n\\n\\n\\n\\n' "
"| ./install.sh 2>&1 && "
"/var/ossec/bin/ossec-control start 2>&1 && "
"rm -rf /tmp/ossec-3.7.0.tar.gz /tmp/ossec-hids-3.7.0 && "
"echo 'OSSEC HIDS installed in local mode and started'"
),
"scan": (
"/var/ossec/bin/ossec-control status 2>&1 && "
"echo '' && echo '=== RECENT ALERTS ===' && "
"tail -30 /var/ossec/logs/alerts/alerts.log 2>/dev/null || echo 'No alerts yet'"
),
"uninstall": (
"/var/ossec/bin/ossec-control stop 2>/dev/null; "
"rm -rf /var/ossec 2>&1 && "
"userdel ossec 2>/dev/null; userdel ossecm 2>/dev/null; userdel ossecr 2>/dev/null; "
"groupdel ossec 2>/dev/null; "
"echo 'OSSEC removed'"
),
},
{
"name": "ModSecurity",
"desc": "Web Application Firewall (WAF) for Nginx - OWASP Core Rule Set",
"cat": "waf",
"check": "nginx -V 2>&1 | grep -i modsecurity",
"install": (
"DEBIAN_FRONTEND=noninteractive apt-get update -qq && "
"DEBIAN_FRONTEND=noninteractive apt-get install -y libmodsecurity3 libmodsecurity-dev "
"nginx-module-modsecurity 2>&1 || "
"DEBIAN_FRONTEND=noninteractive apt-get install -y libmodsecurity3 2>&1 && "
"mkdir -p /etc/nginx/modsec && "
"cp /etc/modsecurity/modsecurity.conf-recommended /etc/nginx/modsec/modsecurity.conf 2>/dev/null || "
"wget -q https://raw.githubusercontent.com/owasp-modsecurity/ModSecurity/v3/master/modsecurity.conf-recommended "
"-O /etc/nginx/modsec/modsecurity.conf 2>&1 && "
"sed -i 's/SecRuleEngine DetectionOnly/SecRuleEngine On/' /etc/nginx/modsec/modsecurity.conf && "
"sed -i 's|SecAuditLog /var/log/modsec_audit.log|SecAuditLog /var/log/modsec_audit.log|' "
"/etc/nginx/modsec/modsecurity.conf && "
"cd /etc/nginx/modsec && "
"git clone --depth 1 https://github.com/coreruleset/coreruleset.git owasp-crs 2>&1 && "
"cp owasp-crs/crs-setup.conf.example owasp-crs/crs-setup.conf && "
"cat > /etc/nginx/modsec/main.conf << 'MODSECEOF'\n"
"Include /etc/nginx/modsec/modsecurity.conf\n"
"Include /etc/nginx/modsec/owasp-crs/crs-setup.conf\n"
"Include /etc/nginx/modsec/owasp-crs/rules/*.conf\n"
"MODSECEOF\n"
"echo 'ModSecurity installed with OWASP CRS. Add modsecurity on; modsecurity_rules_file /etc/nginx/modsec/main.conf; to your nginx server blocks.'"
),
"scan": "tail -30 /var/log/modsec_audit.log 2>/dev/null || echo 'No ModSecurity logs yet'",
"uninstall": (
"rm -rf /etc/nginx/modsec 2>&1 && "
"apt-get remove -y libmodsecurity3 nginx-module-modsecurity 2>/dev/null; "
"apt-get autoremove -y 2>&1 && "
"echo 'ModSecurity removed - remember to remove modsecurity directives from nginx configs'"
),
},
{
"name": "AIDE",
"desc": "Advanced Intrusion Detection Environment - file integrity monitoring",
"cat": "integrity",
"check": "aide --version 2>/dev/null",
"install": (
"DEBIAN_FRONTEND=noninteractive apt-get update -qq && "
"DEBIAN_FRONTEND=noninteractive apt-get install -y aide 2>&1 && "
"aideinit 2>&1 && "
"cp /var/lib/aide/aide.db.new /var/lib/aide/aide.db 2>/dev/null || "
"cp /var/lib/aide/aide.db.new.gz /var/lib/aide/aide.db.gz 2>/dev/null && "
"echo 'AIDE installed and database initialized. Run scan to check for changes.'"
),
"scan": "aide --check 2>&1 | tail -40",
"uninstall": (
"apt-get remove -y aide 2>&1 && "
"apt-get autoremove -y 2>&1 && "
"rm -rf /var/lib/aide 2>/dev/null; "
"echo 'AIDE removed'"
),
},
{
"name": "Cowrie",
"desc": "SSH/Telnet honeypot - logs brute force attacks and attacker shell interactions",
"cat": "honeypot",
"check": "systemctl is-active cowrie 2>/dev/null",
"install": (
"DEBIAN_FRONTEND=noninteractive apt-get update -qq && "
"DEBIAN_FRONTEND=noninteractive apt-get install -y git python3-venv python3-dev "
"libssl-dev libffi-dev build-essential 2>&1 && "
"id cowrie >/dev/null 2>&1 || useradd -r -m -d /opt/cowrie -s /bin/bash cowrie && "
"cd /opt/cowrie && "
"if [ ! -d /opt/cowrie/cowrie-git ]; then "
" sudo -u cowrie git clone https://github.com/cowrie/cowrie.git cowrie-git 2>&1; "
"fi && "
"cd /opt/cowrie/cowrie-git && "
"sudo -u cowrie python3 -m venv cowrie-env 2>&1 && "
"sudo -u cowrie ./cowrie-env/bin/pip install --upgrade pip 2>&1 && "
"sudo -u cowrie ./cowrie-env/bin/pip install -r requirements.txt 2>&1 && "
"sudo -u cowrie cp etc/cowrie.cfg.dist etc/cowrie.cfg && "
"sudo -u cowrie sed -i 's/^#\\?listen_endpoints = tcp:2222/listen_endpoints = tcp:2222/' etc/cowrie.cfg && "
"cat > /etc/systemd/system/cowrie.service << 'COWRIEEOF'\n"
"[Unit]\n"
"Description=Cowrie SSH/Telnet Honeypot\n"
"After=network.target\n"
"\n"
"[Service]\n"
"Type=simple\n"
"User=cowrie\n"
"Group=cowrie\n"
"WorkingDirectory=/opt/cowrie/cowrie-git\n"
"ExecStart=/opt/cowrie/cowrie-git/cowrie-env/bin/python /opt/cowrie/cowrie-git/bin/cowrie start -n\n"
"Restart=on-failure\n"
"\n"
"[Install]\n"
"WantedBy=multi-user.target\n"
"COWRIEEOF\n"
"systemctl daemon-reload 2>&1 && "
"systemctl enable cowrie 2>&1 && "
"systemctl start cowrie 2>&1 && "
"echo 'Cowrie honeypot installed and listening on port 2222. "
"Consider redirecting port 22 traffic with: iptables -t nat -A PREROUTING -p tcp --dport 22 -j REDIRECT --to-port 2222'"
),
"scan": (
"echo '=== COWRIE STATUS ===' && "
"systemctl status cowrie --no-pager 2>&1 | head -10 && "
"echo '' && echo '=== RECENT HONEYPOT ACTIVITY ===' && "
"tail -50 /opt/cowrie/cowrie-git/var/log/cowrie/cowrie.log 2>/dev/null || "
"tail -50 /opt/cowrie/var/log/cowrie/cowrie.log 2>/dev/null || "
"echo 'No honeypot logs yet'"
),
"uninstall": (
"systemctl stop cowrie 2>/dev/null; "
"systemctl disable cowrie 2>/dev/null; "
"rm -f /etc/systemd/system/cowrie.service && "
"systemctl daemon-reload 2>&1 && "
"rm -rf /opt/cowrie 2>&1 && "
"userdel -r cowrie 2>/dev/null; "
"echo 'Cowrie removed'"
),
},
]
CATEGORIES = {
"antivirus": "Antivirus",
"rootkit": "Rootkit Detection",
"audit": "Security Auditing",
"ids": "Intrusion Detection",
"waf": "Web Application Firewall",
"integrity": "File Integrity",
"honeypot": "Honeypot",
}