nahakubuilder/honeydany
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
22185904beeae11fa131521b2cd1b05ebdae2b95
honeydany/app.db
T

88 lines
88 KiB
Plaintext
Raw Normal View History

change detection rules default to alert only
2025-09-28 15:32:12 +01:00
SQLite format 3@ 
added authentication and API
2025-09-28 15:28:39 +01:00
ø¢ ¿
º Ñ
š ¥ 0µ4¤ øsBÇ·Tù¢U1qindexidx_users_usernameusersCREATE INDEX idx_users_username ON users(username)Y/uindexidx_api_keys_hashapi_keysCREATE INDEX idx_api_keys_hash ON api_keys(key_hash)a5indexidx_sessions_expiressessionsCREATE INDEX idx_sessions_expires ON sessions(expires_at)X1qindexidx_sessions_tokensessionsCREATE INDEX idx_sessions_token ON sessions(token)ƒ3†9tableapi_keysapi_keysCREATE TABLE api_keys (
id INTEGER PRIMARY KEY AUTOINCREMENT,
name TEXT NOT NULL,
key_value TEXT NOT NULL UNIQUE,
key_hash TEXT NOT NULL,
user_id INTEGER NOT NULL,
permissions TEXT DEFAULT '[]',
active BOOLEAN DEFAULT 1,
expires_at DATETIME,
created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
last_used DATETIME,
FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE
)/Cindexsqlite_autoindex_api_keys_1api_keysG
„atablesessionssessionsCREATE TABLE sessions (
id TEXT PRIMARY KEY,
user_id INTEGER NOT NULL,
token TEXT NOT NULL UNIQUE,
expires_at DATETIME NOT NULL,
created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
ip_address TEXT,
user_agent TEXT,
FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE
)/Cindexsqlite_autoindex_sessions_2sessions/Cindexsqlite_autoindex_sessions_1sessionsb …#tableusersusers CREATE TABLE users (
id INTEGER PRIMARY KEY AUTOINCREMENT,
username TEXT NOT NULL UNIQUE,
password TEXT NOT NULL,
email TEXT,
role TEXT NOT NULL DEFAULT 'user',
active BOOLEAN DEFAULT 1,
created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
updated_at DATETIME DEFAULT CURRENT_TIMESTAMP,
last_login DATETIME
)) =indexsqlite_autoindex_users_1users

E##indexidx_ip_analysis_threat_scoreip_analysis CREATE INDEX idx_ip_analysis_threat_score ON ip_analysis(threat_score DESC)y C'indexidx_threat_events_last_seenthreat_events
CREATE INDEX idx_threat_events_last_seen ON threat_events(last_seen)s?'
indexidx_threat_events_servicethreat_events CREATE INDEX idx_threat_events_service ON threat_events(service)c5'yindexidx_threat_events_ipthreat_eventsCREATE INDEX idx_threat_events_ip ON threat_events(ip)ƒ
##…atableip_analysisip_analysisCREATE TABLE ip_analysis (
ip TEXT PRIMARY KEY,
total_connections INTEGER DEFAULT 0,
total_auth_attempts INTEGER DEFAULT 0,
services TEXT, -- JSON array
threat_score INTEGER DEFAULT 0,
is_blocked BOOLEAN DEFAULT 0,
first_seen DATETIME,
last_seen DATETIME,
geo_location TEXT, -- JSON
updated_at DATETIME DEFAULT CURRENT_TIMESTAMP
)5I#indexsqlite_autoindex_ip_analysis_1ip_analysisƒf'' tablethreat_eventsthreat_eventsCREATE TABLE threat_events (
id INTEGER PRIMARY KEY AUTOINCREMENT,
ip TEXT NOT NULL,
service TEXT NOT NULL,
event_type TEXT NOT NULL,
severity TEXT NOT NULL,
count INTEGER DEFAULT 1,
first_seen DATETIME NOT NULL,
last_seen DATETIME NOT NULL,
details TEXT, -- JSON
rule_id INTEGER,
blocked BOOLEAN DEFAULT 0,
created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
FOREIGN KEY (rule_id) REFERENCES threat_rules(id)
)P++Ytablesqlite_sequencesqlite_sequenceCREATE TABLE sqlite_sequence(name,seq)ƒ0%%†#tablethreat_rulesthreat_rulesCREATE TABLE threat_rules (
id INTEGER PRIMARY KEY AUTOINCREMENT,
name TEXT NOT NULL UNIQUE,
description TEXT,
service TEXT NOT NULL,
condition TEXT NOT NULL,
change detection rules default to alert only
2025-09-28 15:32:12 +01:00
threshold INTEGER NOT NULL,
time_window INTEGER NOT NULL,
added authentication and API
2025-09-28 15:28:39 +01:00
action TEXT NOT NULL,
enabled BOOLEAN DEFAULT 1,
created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
updated_at DATETIME DEFAULT CURRENT_TIMESTAMP
change detection rules default to alert only
2025-09-28 15:32:12 +01:00
)7K%indexsqlite_autoindex_threat_rules_1threat_rules
}w +K' 33FTP Brute ForceDetect FTP brute force attemptsftpauth_attempts<alert2025-09-28 14:31:422025-09-28 14:31:42 %g/ 33Port ScannerDetect port scanning across multiple services*service_diversityalert2025-09-28 14:31:422025-09-28 14:31:42 'Y- 33HTTP ScanningDetect HTTP scanning/crawling behaviorhttpconnection_count2alert2025-09-28 14:31:422025-09-28 14:31:42w +K' 33SSH Brute ForceDetect SSH brute force
ÛÊí+FTP Brute Force%Port Scanner'HTTP Scanning+ SSH Brute Force





÷÷ admin
added authentication and API
2025-09-28 15:28:39 +01:00
M
Reference in New Issue Copy Permalink