rene/shieldx
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
shieldx/.env.example
Rene Fichtmueller 1c4c034483 feat: ShieldX v0.3.0 — UnicodeScanner (L5), DNS Covert Channel rules, ATLAS v5.4 mappings 
- Layer 4 EntropyScanner: Shannon entropy, Base32/Base64 detection, CVE-2025-55284
  ping/nslookup exfil, EchoLeak markdown pattern, DNS tunneling (iodine/dnscat)
- Layer 5 UnicodeScanner: ASCII Smuggling (U+E0000 Tags Block), Variant Selectors,
  Zero-Width steganography, CamoLeak image-ordering (CVE-2025-53773), homoglyphs,
  BiDi override, high-entropy URL params
- 30 DNS covert channel rules (dns-001 to dns-030)
- ATLASMapper: 29 techniques (ATLAS v5.4.0 Feb 2026), added AML.T0062 (Agent Tool
  Invocation), AML.TA0015 (C2 tactic), memory poisoning, multi-agent trust,
  CamoLeak, Unicode steganography mappings
- Rule count: 72 → 102
- Build: tsup 316ms, zero TypeScript errors
2026-03-31 16:32:16 +02:00

37 lines
1009 B
Plaintext
Raw Permalink Blame History

# ============================================================
# ShieldX Configuration
# ============================================================
# Database (PostgreSQL 17 + pgvector)
DATABASE_URL=postgresql://shieldx:shieldx_dev_password@localhost:5432/shieldx
DATABASE_POOL_SIZE=10
# Ollama (local LLM — for embeddings + guard model)
OLLAMA_ENDPOINT=http://localhost:11434
OLLAMA_EMBEDDING_MODEL=nomic-embed-text
OLLAMA_GUARD_MODEL=llama3.2
# Anthropic (optional — for API-based detection)
ANTHROPIC_API_KEY=
# Logging
SHIELDX_LOG_LEVEL=info
# Community / Federated Sync (opt-in, default OFF)
SHIELDX_COMMUNITY_SYNC=false
SHIELDX_COMMUNITY_SYNC_URL=
# Canary Tokens
SHIELDX_CANARY_SECRET=change-this-to-a-random-32-char-string
# Webhooks (optional — for incident notifications)
SHIELDX_WEBHOOK_URL=
SHIELDX_WEBHOOK_SECRET=
# Feature Flags
SHIELDX_ENABLE_PPA=true
SHIELDX_ENABLE_BEHAVIORAL=true
SHIELDX_ENABLE_MCP_GUARD=true
SHIELDX_ENABLE_SELF_CONSCIOUSNESS=false
SHIELDX_PPA_LEVEL=medium
Reference in New Issue View Git Blame Copy Permalink