Malin/krawl.es
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Feat/release 1.0.0 (#63)

Browse Source 
* Feat: update Kubernetes manifests for Krawl deployment and improve resource labels

* Feat: update version to 1.0.0 in Helm chart and related files; add timezone to README

* Feat: enhance configuration options for handling malicious IPs and update dashboard secret path

* Fix: standardize boolean value handling in environment configuration
This commit is contained in:
Lorenzo Venerandi
2026-01-29 14:32:10 +01:00
committed by GitHub
parent d3caa99ecc
commit b253828cd7
17 changed files with 211 additions and 636 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@@ -80,3 +80,4 @@ personal-values.yaml
#exports dir (keeping .gitkeep so we have the dir)
/exports/*
/src/exports/*

7
README.md
View File

@@ -109,6 +109,7 @@ services:
- "5000:5000"
environment:
- CONFIG_LOCATION=config.yaml
- TZ="Europe/Rome"
volumes:
- ./config.yaml:/app/config.yaml:ro
- krawl-data:/app/data
@@ -201,9 +202,6 @@ Krawl uses a **configuration hierarchy** in which **environment variables take p
| `KRAWL_CANARY_TOKEN_URL` | External canary token URL | None |
| `KRAWL_CANARY_TOKEN_TRIES` | Requests before showing canary token | `10` |
| `KRAWL_DASHBOARD_SECRET_PATH` | Custom dashboard path | Auto-generated |
| `KRAWL_API_SERVER_URL` | API server URL | None |
| `KRAWL_API_SERVER_PORT` | API server port | `8080` |
| `KRAWL_API_SERVER_PATH` | API server endpoint path | `/api/v2/users` |
| `KRAWL_PROBABILITY_ERROR_CODES` | Error response probability (0-100%) | `0` |
| `KRAWL_DATABASE_PATH` | Database file location | `data/krawl.db` |
| `KRAWL_DATABASE_RETENTION_DAYS` | Days to retain data in database | `30` |
@@ -213,6 +211,9 @@ Krawl uses a **configuration hierarchy** in which **environment variables take p
| `KRAWL_UNEVEN_REQUEST_TIMING_TIME_WINDOW_SECONDS` | Time window for request timing analysis in seconds | `300` |
| `KRAWL_USER_AGENTS_USED_THRESHOLD` | Threshold for detecting multiple user agents | `2` |
| `KRAWL_ATTACK_URLS_THRESHOLD` | Threshold for attack URL detection | `1` |
| `KRAWL_INFINITE_PAGES_FOR_MALICIOUS` | Serve infinite pages to malicious IPs | `true` |
| `KRAWL_MAX_PAGES_LIMIT` | Maximum page limit for crawlers | `250` |
| `KRAWL_BAN_DURATION_SECONDS` | Ban duration in seconds for rate-limited IPs | `600` |
For example

2
config.yaml
View File

@@ -23,7 +23,7 @@ dashboard:
# if set to "null" this will Auto-generates random path if not set
# can be set to "/dashboard" or similar <-- note this MUST include a forward slash
# secret_path: super-secret-dashboard-path
secret_path: null
secret_path: test
database:
path: "data/krawl.db"

6
helm/Chart.yaml
View File

@@ -2,8 +2,8 @@ apiVersion: v2
name: krawl-chart
description: A Helm chart for Krawl honeypot server
type: application
version: 0.2.2
appVersion: 0.2.2
version: 1.0.0
appVersion: 1.0.0
keywords:
- honeypot
- security
@@ -13,4 +13,4 @@ maintainers:
home: https://github.com/blessedrebus/krawl
sources:
- https://github.com/blessedrebus/krawl
icon: https://raw.githubusercontent.com/blessedrebus/krawl/main/docs/images/krawl-logo.png
icon: https://raw.githubusercontent.com/blessedrebus/krawl/main/img/krawl-svg.svg

4
helm/README.md
View File

@@ -17,7 +17,7 @@ Install with default values:
```bash
helm install krawl oci://ghcr.io/blessedrebus/krawl-chart \
--version 0.2.2 \
--version 1.0.0 \
--namespace krawl-system \
--create-namespace
```
@@ -29,6 +29,8 @@ service:
type: LoadBalancer
port: 5000
timezone: "Europe/Rome"
ingress:
enabled: true
className: "traefik"

5
helm/templates/configmap.yaml
View File

@@ -10,7 +10,6 @@ data:
server:
port: {{ .Values.config.server.port }}
delay: {{ .Values.config.server.delay }}
timezone: {{ .Values.config.server.timezone | toYaml }}
links:
min_length: {{ .Values.config.links.min_length }}
max_length: {{ .Values.config.links.max_length }}
@@ -23,10 +22,6 @@ data:
token_tries: {{ .Values.config.canary.token_tries }}
dashboard:
secret_path: {{ .Values.config.dashboard.secret_path | toYaml }}
api:
server_url: {{ .Values.config.api.server_url | toYaml }}
server_port: {{ .Values.config.api.server_port }}
server_path: {{ .Values.config.api.server_path | quote }}
database:
path: {{ .Values.config.database.path | quote }}
retention_days: {{ .Values.config.database.retention_days }}

6
helm/values.yaml
View File

@@ -3,7 +3,7 @@ replicaCount: 1
image:
repository: ghcr.io/blessedrebus/krawl
pullPolicy: Always
tag: "0.2.1"
tag: "1.0.0"
imagePullSecrets: []
nameOverride: "krawl"
@@ -84,10 +84,6 @@ config:
token_tries: 10
dashboard:
secret_path: null # Auto-generated if not set, or set to "/my-secret-dashboard"
api:
server_url: null
server_port: 8080
server_path: "/api/v2/users"
database:
path: "data/krawl.db"
retention_days: 30

436
kubernetes/krawl-all-in-one-deploy.yaml
View File

@@ -4,18 +4,58 @@ kind: Namespace
metadata:
name: krawl-system
---
# Source: krawl-chart/templates/network-policy.yaml
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: krawl
namespace: krawl-system
labels:
app.kubernetes.io/name: krawl
app.kubernetes.io/instance: krawl
app.kubernetes.io/version: "1.0.0"
spec:
podSelector:
matchLabels:
app.kubernetes.io/name: krawl
app.kubernetes.io/instance: krawl
policyTypes:
- Ingress
- Egress
ingress:
- from:
- podSelector: {}
- namespaceSelector: {}
- ipBlock:
cidr: 0.0.0.0/0
ports:
- port: 5000
protocol: TCP
egress:
- ports:
- protocol: TCP
- protocol: UDP
to:
- namespaceSelector: {}
- ipBlock:
cidr: 0.0.0.0/0
---
# Source: krawl-chart/templates/configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: krawl-config
namespace: krawl-system
labels:
app.kubernetes.io/name: krawl
app.kubernetes.io/instance: krawl
app.kubernetes.io/version: "1.0.0"
data:
config.yaml: |
# Krawl Honeypot Configuration
server:
port: 5000
delay: 100
timezone: null
links:
min_length: 5
max_length: 15
@@ -28,10 +68,6 @@ data:
token_tries: 10
dashboard:
secret_path: null
api:
server_url: null
server_port: 8080
server_path: "/api/v2/users"
database:
path: "data/krawl.db"
retention_days: 30
@@ -49,231 +85,30 @@ data:
max_pages_limit: 250
ban_duration_seconds: 600
---
# Source: krawl-chart/templates/wordlists-configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: krawl-wordlists
namespace: krawl-system
labels:
app.kubernetes.io/name: krawl
app.kubernetes.io/instance: krawl
app.kubernetes.io/version: "1.0.0"
data:
wordlists.json: |
{
"usernames": {
"prefixes": [
"admin",
"user",
"developer",
"root",
"system",
"db",
"api",
"service",
"deploy",
"test",
"prod",
"backup",
"monitor",
"jenkins",
"webapp"
],
"suffixes": [
"",
"_prod",
"_dev",
"_test",
"123",
"2024",
"_backup",
"_admin",
"01",
"02",
"_user",
"_service",
"_api"
]
},
"passwords": {
"prefixes": [
"P@ssw0rd",
"Passw0rd",
"Admin",
"Secret",
"Welcome",
"System",
"Database",
"Secure",
"Master",
"Root"
],
"simple": [
"test",
"demo",
"temp",
"change",
"password",
"admin",
"letmein",
"welcome",
"default",
"sample"
]
},
"emails": {
"domains": [
"example.com",
"company.com",
"localhost.com",
"test.com",
"domain.com",
"corporate.com",
"internal.net",
"enterprise.com",
"business.org"
]
},
"api_keys": {
"prefixes": [
"sk_live_",
"sk_test_",
"api_",
"key_",
"token_",
"access_",
"secret_",
"prod_",
""
]
},
"databases": {
"names": [
"production",
"prod_db",
"main_db",
"app_database",
"users_db",
"customer_data",
"analytics",
"staging_db",
"dev_database",
"wordpress",
"ecommerce",
"crm_db",
"inventory"
],
"hosts": [
"localhost",
"db.internal",
"mysql.local",
"postgres.internal",
"127.0.0.1",
"db-server-01",
"database.prod",
"sql.company.com"
]
},
"applications": {
"names": [
"WebApp",
"API Gateway",
"Dashboard",
"Admin Panel",
"CMS",
"Portal",
"Manager",
"Console",
"Control Panel",
"Backend"
]
},
"users": {
"roles": [
"Administrator",
"Developer",
"Manager",
"User",
"Guest",
"Moderator",
"Editor",
"Viewer",
"Analyst",
"Support"
]
},
"directory_listing": {
"files": [
"admin.txt",
"test.exe",
"backup.sql",
"database.sql",
"db_backup.sql",
"dump.sql",
"config.php",
"credentials.txt",
"passwords.txt",
"users.csv",
".env",
"id_rsa",
"id_rsa.pub",
"private_key.pem",
"api_keys.json",
"secrets.yaml",
"admin_notes.txt",
"settings.ini",
"database.yml",
"wp-config.php",
".htaccess",
"server.key",
"cert.pem",
"shadow.bak",
"passwd.old"
],
"directories": [
"uploads/",
"backups/",
"logs/",
"temp/",
"cache/",
"private/",
"config/",
"admin/",
"database/",
"backup/",
"old/",
"archive/",
".git/",
"keys/",
"credentials/"
]
},
"error_codes": [
400,
401,
403,
404,
500,
502,
503
],
"server_headers": [
"Apache/2.2.22 (Ubuntu)",
"nginx/1.18.0",
"Microsoft-IIS/10.0",
"LiteSpeed",
"Caddy",
"Gunicorn/20.0.4",
"uvicorn/0.13.4",
"Express",
"Flask/1.1.2",
"Django/3.1"
]
}
{"api_keys":{"prefixes":["sk_live_","sk_test_","api_","key_","token_","access_","secret_","prod_",""]},"applications":{"names":["WebApp","API Gateway","Dashboard","Admin Panel","CMS","Portal","Manager","Console","Control Panel","Backend"]},"databases":{"hosts":["localhost","db.internal","mysql.local","postgres.internal","127.0.0.1","db-server-01","database.prod","sql.company.com"],"names":["production","prod_db","main_db","app_database","users_db","customer_data","analytics","staging_db","dev_database","wordpress","ecommerce","crm_db","inventory"]},"directory_listing":{"directories":["uploads/","backups/","logs/","temp/","cache/","private/","config/","admin/","database/","backup/","old/","archive/",".git/","keys/","credentials/"],"files":["admin.txt","test.exe","backup.sql","database.sql","db_backup.sql","dump.sql","config.php","credentials.txt","passwords.txt","users.csv",".env","id_rsa","id_rsa.pub","private_key.pem","api_keys.json","secrets.yaml","admin_notes.txt","settings.ini","database.yml","wp-config.php",".htaccess","server.key","cert.pem","shadow.bak","passwd.old"]},"emails":{"domains":["example.com","company.com","localhost.com","test.com","domain.com","corporate.com","internal.net","enterprise.com","business.org"]},"error_codes":[400,401,403,404,500,502,503],"passwords":{"prefixes":["P@ssw0rd","Passw0rd","Admin","Secret","Welcome","System","Database","Secure","Master","Root"],"simple":["test","demo","temp","change","password","admin","letmein","welcome","default","sample"]},"server_headers":["Apache/2.2.22 (Ubuntu)","nginx/1.18.0","Microsoft-IIS/10.0","LiteSpeed","Caddy","Gunicorn/20.0.4","uvicorn/0.13.4","Express","Flask/1.1.2","Django/3.1"],"usernames":{"prefixes":["admin","user","developer","root","system","db","api","service","deploy","test","prod","backup","monitor","jenkins","webapp"],"suffixes":["","_prod","_dev","_test","123","2024","_backup","_admin","01","02","_user","_service","_api"]},"users":{"roles":["Administrator","Developer","Manager","User","Guest","Moderator","Editor","Viewer","Analyst","Support"]}}
---
# Source: krawl-chart/templates/pvc.yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: krawl-db
namespace: krawl-system
labels:
app: krawl-server
app.kubernetes.io/name: krawl
app.kubernetes.io/instance: krawl
app.kubernetes.io/version: "1.0.0"
spec:
accessModes:
- ReadWriteOnce
@@ -281,30 +116,61 @@ spec:
requests:
storage: 1Gi
---
# Source: krawl-chart/templates/service.yaml
apiVersion: v1
kind: Service
metadata:
name: krawl
namespace: krawl-system
labels:
app.kubernetes.io/name: krawl
app.kubernetes.io/instance: krawl
app.kubernetes.io/version: "1.0.0"
spec:
type: LoadBalancer
externalTrafficPolicy: Local
sessionAffinity: ClientIP
sessionAffinityConfig:
clientIP:
timeoutSeconds: 10800
ports:
- port: 5000
targetPort: http
protocol: TCP
name: http
selector:
app.kubernetes.io/name: krawl
app.kubernetes.io/instance: krawl
---
# Source: krawl-chart/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: krawl-server
name: krawl
namespace: krawl-system
labels:
app: krawl-server
app.kubernetes.io/name: krawl
app.kubernetes.io/instance: krawl
app.kubernetes.io/version: "1.0.0"
spec:
replicas: 1
selector:
matchLabels:
app: krawl-server
app.kubernetes.io/name: krawl
app.kubernetes.io/instance: krawl
template:
metadata:
labels:
app: krawl-server
app.kubernetes.io/name: krawl
app.kubernetes.io/instance: krawl
spec:
containers:
- name: krawl
image: ghcr.io/blessedrebus/krawl:latest
- name: krawl-chart
image: "ghcr.io/blessedrebus/krawl:1.0.0"
imagePullPolicy: Always
ports:
- containerPort: 5000
name: http
- name: http
containerPort: 5000
protocol: TCP
env:
- name: CONFIG_LOCATION
@@ -321,12 +187,12 @@ spec:
- name: database
mountPath: /app/data
resources:
requests:
memory: "64Mi"
cpu: "100m"
limits:
memory: "256Mi"
cpu: "500m"
limits:
cpu: 500m
memory: 256Mi
requests:
cpu: 100m
memory: 64Mi
volumes:
- name: config
configMap:
@@ -338,104 +204,26 @@ spec:
persistentVolumeClaim:
claimName: krawl-db
---
apiVersion: v1
kind: Service
metadata:
name: krawl-server
namespace: krawl-system
labels:
app: krawl-server
spec:
type: LoadBalancer
externalTrafficPolicy: Local
sessionAffinity: ClientIP
sessionAffinityConfig:
clientIP:
timeoutSeconds: 10800
ports:
- port: 5000
targetPort: 5000
protocol: TCP
name: http
selector:
app: krawl-server
---
# Source: krawl-chart/templates/ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: krawl-ingress
name: krawl
namespace: krawl-system
labels:
app.kubernetes.io/name: krawl
app.kubernetes.io/instance: krawl
app.kubernetes.io/version: "1.0.0"
spec:
ingressClassName: traefik
rules:
- host: krawl.example.com # Change to your domain
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: krawl-server
port:
number: 5000
# tls:
# - hosts:
# - krawl.example.com
# secretName: krawl-tls
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: krawl-network-policy
namespace: krawl-system
spec:
podSelector:
matchLabels:
app: krawl-server
policyTypes:
- Ingress
- Egress
ingress:
- from:
- podSelector: {}
- namespaceSelector: {}
- ipBlock:
cidr: 0.0.0.0/0
ports:
- protocol: TCP
port: 5000
egress:
- to:
- namespaceSelector: {}
- ipBlock:
cidr: 0.0.0.0/0
ports:
- protocol: TCP
- protocol: UDP
---
# Optional: HorizontalPodAutoscaler for auto-scaling
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: krawl-hpa
namespace: krawl-system
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: krawl-server
minReplicas: 1
maxReplicas: 5
metrics:
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: 70
- type: Resource
resource:
name: memory
target:
type: Utilization
averageUtilization: 80
- host: "krawl.example.com"
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: krawl
port:
number: 5000

10
kubernetes/manifests/configmap.yaml
View File

@@ -1,15 +1,19 @@
# Source: krawl-chart/templates/configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: krawl-config
namespace: krawl-system
labels:
app.kubernetes.io/name: krawl
app.kubernetes.io/instance: krawl
app.kubernetes.io/version: "1.0.0"
data:
config.yaml: |
# Krawl Honeypot Configuration
server:
port: 5000
delay: 100
timezone: null
links:
min_length: 5
max_length: 15
@@ -22,10 +26,6 @@ data:
token_tries: 10
dashboard:
secret_path: null
api:
server_url: null
server_port: 8080
server_path: "/api/v2/users"
database:
path: "data/krawl.db"
retention_days: 30

33
kubernetes/manifests/deployment.yaml
View File

@@ -1,27 +1,32 @@
# Source: krawl-chart/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: krawl-server
name: krawl
namespace: krawl-system
labels:
app: krawl-server
app.kubernetes.io/name: krawl
app.kubernetes.io/instance: krawl
app.kubernetes.io/version: "1.0.0"
spec:
replicas: 1
selector:
matchLabels:
app: krawl-server
app.kubernetes.io/name: krawl
app.kubernetes.io/instance: krawl
template:
metadata:
labels:
app: krawl-server
app.kubernetes.io/name: krawl
app.kubernetes.io/instance: krawl
spec:
containers:
- name: krawl
image: ghcr.io/blessedrebus/krawl:latest
- name: krawl-chart
image: "ghcr.io/blessedrebus/krawl:1.0.0"
imagePullPolicy: Always
ports:
- containerPort: 5000
name: http
- name: http
containerPort: 5000
protocol: TCP
env:
- name: CONFIG_LOCATION
@@ -38,12 +43,12 @@ spec:
- name: database
mountPath: /app/data
resources:
requests:
memory: "64Mi"
cpu: "100m"
limits:
memory: "256Mi"
cpu: "500m"
limits:
cpu: 500m
memory: 256Mi
requests:
cpu: 100m
memory: 64Mi
volumes:
- name: config
configMap:

26
kubernetes/manifests/hpa.yaml
View File

@@ -1,26 +0,0 @@
# Optional: HorizontalPodAutoscaler for auto-scaling
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: krawl-hpa
namespace: krawl-system
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: krawl-server
minReplicas: 1
maxReplicas: 5
metrics:
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: 70
- type: Resource
resource:
name: memory
target:
type: Utilization
averageUtilization: 80

31
kubernetes/manifests/ingress.yaml
View File

@@ -1,22 +1,23 @@
# Source: krawl-chart/templates/ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: krawl-ingress
name: krawl
namespace: krawl-system
labels:
app.kubernetes.io/name: krawl
app.kubernetes.io/instance: krawl
app.kubernetes.io/version: "1.0.0"
spec:
ingressClassName: traefik
rules:
- host: krawl.example.com # Change to your domain
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: krawl-server
port:
number: 5000
# tls:
# - hosts:
# - krawl.example.com
# secretName: krawl-tls
- host: "krawl.example.com"
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: krawl
port:
number: 5000

44
kubernetes/manifests/network-policy.yaml
View File

@@ -1,29 +1,35 @@
# Source: krawl-chart/templates/network-policy.yaml
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: krawl-network-policy
name: krawl
namespace: krawl-system
labels:
app.kubernetes.io/name: krawl
app.kubernetes.io/instance: krawl
app.kubernetes.io/version: "1.0.0"
spec:
podSelector:
matchLabels:
app: krawl-server
app.kubernetes.io/name: krawl
app.kubernetes.io/instance: krawl
policyTypes:
- Ingress
- Egress
- Ingress
- Egress
ingress:
- from:
- podSelector: {}
- namespaceSelector: {}
- ipBlock:
cidr: 0.0.0.0/0
ports:
- protocol: TCP
port: 5000
- from:
- podSelector: {}
- namespaceSelector: {}
- ipBlock:
cidr: 0.0.0.0/0
ports:
- port: 5000
protocol: TCP
egress:
- to:
- namespaceSelector: {}
- ipBlock:
cidr: 0.0.0.0/0
ports:
- protocol: TCP
- protocol: UDP
- ports:
- protocol: TCP
- protocol: UDP
to:
- namespaceSelector: {}
- ipBlock:
cidr: 0.0.0.0/0

5
kubernetes/manifests/pvc.yaml
View File

@@ -1,10 +1,13 @@
# Source: krawl-chart/templates/pvc.yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: krawl-db
namespace: krawl-system
labels:
app: krawl-server
app.kubernetes.io/name: krawl
app.kubernetes.io/instance: krawl
app.kubernetes.io/version: "1.0.0"
spec:
accessModes:
- ReadWriteOnce

12
kubernetes/manifests/service.yaml
View File

@@ -1,10 +1,13 @@
# Source: krawl-chart/templates/service.yaml
apiVersion: v1
kind: Service
metadata:
name: krawl-server
name: krawl
namespace: krawl-system
labels:
app: krawl-server
app.kubernetes.io/name: krawl
app.kubernetes.io/instance: krawl
app.kubernetes.io/version: "1.0.0"
spec:
type: LoadBalancer
externalTrafficPolicy: Local
@@ -14,8 +17,9 @@ spec:
timeoutSeconds: 10800
ports:
- port: 5000
targetPort: 5000
targetPort: http
protocol: TCP
name: http
selector:
app: krawl-server
app.kubernetes.io/name: krawl
app.kubernetes.io/instance: krawl

216
kubernetes/manifests/wordlists-configmap.yaml
View File

@@ -1,217 +1,13 @@
# Source: krawl-chart/templates/wordlists-configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: krawl-wordlists
namespace: krawl-system
labels:
app.kubernetes.io/name: krawl
app.kubernetes.io/instance: krawl
app.kubernetes.io/version: "1.0.0"
data:
wordlists.json: |
{
"usernames": {
"prefixes": [
"admin",
"user",
"developer",
"root",
"system",
"db",
"api",
"service",
"deploy",
"test",
"prod",
"backup",
"monitor",
"jenkins",
"webapp"
],
"suffixes": [
"",
"_prod",
"_dev",
"_test",
"123",
"2024",
"_backup",
"_admin",
"01",
"02",
"_user",
"_service",
"_api"
]
},
"passwords": {
"prefixes": [
"P@ssw0rd",
"Passw0rd",
"Admin",
"Secret",
"Welcome",
"System",
"Database",
"Secure",
"Master",
"Root"
],
"simple": [
"test",
"demo",
"temp",
"change",
"password",
"admin",
"letmein",
"welcome",
"default",
"sample"
]
},
"emails": {
"domains": [
"example.com",
"company.com",
"localhost.com",
"test.com",
"domain.com",
"corporate.com",
"internal.net",
"enterprise.com",
"business.org"
]
},
"api_keys": {
"prefixes": [
"sk_live_",
"sk_test_",
"api_",
"key_",
"token_",
"access_",
"secret_",
"prod_",
""
]
},
"databases": {
"names": [
"production",
"prod_db",
"main_db",
"app_database",
"users_db",
"customer_data",
"analytics",
"staging_db",
"dev_database",
"wordpress",
"ecommerce",
"crm_db",
"inventory"
],
"hosts": [
"localhost",
"db.internal",
"mysql.local",
"postgres.internal",
"127.0.0.1",
"db-server-01",
"database.prod",
"sql.company.com"
]
},
"applications": {
"names": [
"WebApp",
"API Gateway",
"Dashboard",
"Admin Panel",
"CMS",
"Portal",
"Manager",
"Console",
"Control Panel",
"Backend"
]
},
"users": {
"roles": [
"Administrator",
"Developer",
"Manager",
"User",
"Guest",
"Moderator",
"Editor",
"Viewer",
"Analyst",
"Support"
]
},
"directory_listing": {
"files": [
"admin.txt",
"test.exe",
"backup.sql",
"database.sql",
"db_backup.sql",
"dump.sql",
"config.php",
"credentials.txt",
"passwords.txt",
"users.csv",
".env",
"id_rsa",
"id_rsa.pub",
"private_key.pem",
"api_keys.json",
"secrets.yaml",
"admin_notes.txt",
"settings.ini",
"database.yml",
"wp-config.php",
".htaccess",
"server.key",
"cert.pem",
"shadow.bak",
"passwd.old"
],
"directories": [
"uploads/",
"backups/",
"logs/",
"temp/",
"cache/",
"private/",
"config/",
"admin/",
"database/",
"backup/",
"old/",
"archive/",
".git/",
"keys/",
"credentials/"
]
},
"error_codes": [
400,
401,
403,
404,
500,
502,
503
],
"server_headers": [
"Apache/2.2.22 (Ubuntu)",
"nginx/1.18.0",
"Microsoft-IIS/10.0",
"LiteSpeed",
"Caddy",
"Gunicorn/20.0.4",
"uvicorn/0.13.4",
"Express",
"Flask/1.1.2",
"Django/3.1"
]
}
{"api_keys":{"prefixes":["sk_live_","sk_test_","api_","key_","token_","access_","secret_","prod_",""]},"applications":{"names":["WebApp","API Gateway","Dashboard","Admin Panel","CMS","Portal","Manager","Console","Control Panel","Backend"]},"databases":{"hosts":["localhost","db.internal","mysql.local","postgres.internal","127.0.0.1","db-server-01","database.prod","sql.company.com"],"names":["production","prod_db","main_db","app_database","users_db","customer_data","analytics","staging_db","dev_database","wordpress","ecommerce","crm_db","inventory"]},"directory_listing":{"directories":["uploads/","backups/","logs/","temp/","cache/","private/","config/","admin/","database/","backup/","old/","archive/",".git/","keys/","credentials/"],"files":["admin.txt","test.exe","backup.sql","database.sql","db_backup.sql","dump.sql","config.php","credentials.txt","passwords.txt","users.csv",".env","id_rsa","id_rsa.pub","private_key.pem","api_keys.json","secrets.yaml","admin_notes.txt","settings.ini","database.yml","wp-config.php",".htaccess","server.key","cert.pem","shadow.bak","passwd.old"]},"emails":{"domains":["example.com","company.com","localhost.com","test.com","domain.com","corporate.com","internal.net","enterprise.com","business.org"]},"error_codes":[400,401,403,404,500,502,503],"passwords":{"prefixes":["P@ssw0rd","Passw0rd","Admin","Secret","Welcome","System","Database","Secure","Master","Root"],"simple":["test","demo","temp","change","password","admin","letmein","welcome","default","sample"]},"server_headers":["Apache/2.2.22 (Ubuntu)","nginx/1.18.0","Microsoft-IIS/10.0","LiteSpeed","Caddy","Gunicorn/20.0.4","uvicorn/0.13.4","Express","Flask/1.1.2","Django/3.1"],"usernames":{"prefixes":["admin","user","developer","root","system","db","api","service","deploy","test","prod","backup","monitor","jenkins","webapp"],"suffixes":["","_prod","_dev","_test","123","2024","_backup","_admin","01","02","_user","_service","_api"]},"users":{"roles":["Administrator","Developer","Manager","User","Guest","Moderator","Editor","Viewer","Analyst","Support"]}}

3
src/config.py
View File

@@ -232,6 +232,9 @@ def override_config_from_env(config: Config = None):
setattr(config, field, int(env_value))
elif field_type == float:
setattr(config, field, float(env_value))
elif field_type == bool:
# Handle boolean values (case-insensitive: true/false, yes/no, 1/0)
setattr(config, field, env_value.lower() in ("true", "yes", "1"))
elif field_type == Tuple[int, int]:
parts = env_value.split(",")
if len(parts) == 2: