Skip to content

v1.6 — Dragon

Choose a tag to compare

View all tags
@hett-patell hett-patell released this 31 May 11:32
· 31 commits to main since this release
v1.6
d75bbf2

What's new

Dragon Theme

Complete visual overhaul of both dashboard pages. Charred obsidian background, blood-red/molten-gold accent palette, Chakra Petch typography, flat panels (no glass-morphism), sharp 3-4px radii, and a 52px sidebar navigation rail with live indicator.

New Dashboard Widgets (Overview tab)

  • Threat Level Gauge — SVG arc gauge (green → gold → red) computed from event volume, actor count, and deploy-intent ratio
  • Attack Geography — top 10 countries with flag emoji and heat-colored bars
  • Top Credentials — most-tried passwords and usernames at a glance
  • Brute-Force Radar — hottest IPs ranked by attempts/hour, gold-to-crimson heat bars
  • Live Attack Timeline — scrolling feed of real-time events, color-coded by kind, polls every 3s

MalwareBazaar Dashboard Integration

  • Red Team tab widget showing upload history, family classification (Mirai, Komari, RedTail, XMRig, Traffmonetizer, etc.), pending counts, and status badges
  • One-click upload from the payload inspector modal — no CLI required
  • New API endpoints: GET /api/intel/bazaar, POST /api/intel/bazaar/upload, GET /api/intel/timeline

Persistent Geo Cache

IP geolocation results are now stored in SQLite (ip_enrichment table with source=geo). Lookups survive server restarts with a 7-day TTL. No more "resolving…" on every page load. Negative misses are memoized in-memory for 5 minutes to avoid hammering the DB.

Performance Optimizations

  • bazaar.Classify() results cached in sync.Map by SHA256 — eliminates disk I/O per row per request
  • ensureEnrichmentTable() DDL hoisted to server init — eliminates 2N round-trips per cold render
  • Geo cache negative-miss memoization prevents redundant DB queries for unresolved IPs

Bug Fixes

  • capPulse/capFade animations now pulse green (matching the capture badge) instead of red
  • Geography widget: fixed 4-child → 3-column grid mismatch causing broken row layout
  • Timeline polling: added active-tab guard to prevent 3s DB hammering from inactive tabs
  • Upload button: "skipped" status now shows amber instead of misleading green checkmark
  • Error responses from bazaar upload endpoint now return proper application/json Content-Type
  • Fixed old palette straggler rgba(255,196,87) in verdict-suspicious badge
  • Added nil guard in timeline handler for defensive safety
  • Pending count query errors are now logged instead of silently swallowed
  • Fixed var(--muted) bug in globe page session rows (was undefined, now uses var(--dim))

Upgrade

Binary drop-in replacement — no migration needed. The geo cache table is created automatically on first use.

# Build
make build
# Or cross-compile for ARM64 VPS
GOOS=linux GOARCH=arm64 go build -o shardlure-arm64 ./cmd/shardlure

# Deploy
sudo cp shardlure-arm64 /usr/local/bin/shardlure
sudo systemctl restart shardlure-live

For one-click MalwareBazaar uploads from the dashboard, set SHARDLURE_BAZAAR_KEY in your systemd unit or environment.

Assets 6
Loading