apunkt/gomcp
1
0
Fork 0
mirror of https://github.com/syntrex-lab/gomcp.git synced 2026-05-09 03:22:37 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

initial: Syntrex extraction from sentinel-community (615 files)

Browse source
This commit is contained in:
DmitrL-dev 2026-03-11 15:12:02 +10:00
commit 2c50c993b1
175 changed files with 32396 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

158
internal/domain/mimicry/euphemism.go Normal file
View file

@ -0,0 +1,158 @@
// Package mimicry provides semantic text transformation for OPSEC (v3.8 Strike Force).
// The Euphemism Engine translates security/offensive terminology into corporate-safe
// equivalents before Oracle verification, then reverse-translates responses for
// the Architect to see real terms.
package mimicry
import (
"sort"
"strings"
"sync"
)
// EuphemismEngine performs bidirectional semantic translation (v3.8).
// Forward: offensive → corporate (before Oracle/LLM).
// Reverse: corporate → offensive (after Oracle/LLM, for Architect view).
type EuphemismEngine struct {
mu sync.RWMutex
forward map[string]string // offensive → corporate
reverse map[string]string // corporate → offensive
}
// NewEuphemismEngine creates an engine with the default semantic map.
func NewEuphemismEngine() *EuphemismEngine {
e := &EuphemismEngine{
forward: make(map[string]string),
reverse: make(map[string]string),
}
for offensive, corporate := range defaultSemanticMap {
e.forward[strings.ToLower(offensive)] = corporate
e.reverse[strings.ToLower(corporate)] = offensive
}
return e
}
// TranslateToCorporate converts offensive terms to corporate-safe equivalents.
func (e *EuphemismEngine) TranslateToCorporate(text string) string {
e.mu.RLock()
defer e.mu.RUnlock()
return e.replaceAll(text, e.forward)
}
// TranslateToOffensive converts corporate terms back to real offensive terms.
func (e *EuphemismEngine) TranslateToOffensive(text string) string {
e.mu.RLock()
defer e.mu.RUnlock()
return e.replaceAll(text, e.reverse)
}
// AddMapping adds a custom term mapping.
func (e *EuphemismEngine) AddMapping(offensive, corporate string) {
e.mu.Lock()
defer e.mu.Unlock()
e.forward[strings.ToLower(offensive)] = corporate
e.reverse[strings.ToLower(corporate)] = offensive
}
// MapSize returns the number of mappings.
func (e *EuphemismEngine) MapSize() int {
e.mu.RLock()
defer e.mu.RUnlock()
return len(e.forward)
}
func (e *EuphemismEngine) replaceAll(text string, dict map[string]string) string {
// Sort keys by length descending — longer terms must match first
// (e.g., "reverse shell" before "shell").
keys := make([]string, 0, len(dict))
for k := range dict {
keys = append(keys, k)
}
sort.Slice(keys, func(i, j int) bool {
return len(keys[i]) > len(keys[j])
})
result := text
lower := strings.ToLower(result)
for _, from := range keys {
if strings.Contains(lower, from) {
result = caseInsensitiveReplace(result, from, dict[from])
lower = strings.ToLower(result)
}
}
return result
}
func caseInsensitiveReplace(s, old, replacement string) string {
lower := strings.ToLower(s)
idx := strings.Index(lower, old)
if idx < 0 {
return s
}
return s[:idx] + replacement + caseInsensitiveReplace(s[idx+len(old):], old, replacement)
}
// defaultSemanticMap contains 50+ offensive → corporate translations.
var defaultSemanticMap = map[string]string{
// Core offensive terms
"exploit": "compliance verification script",
"attack": "security hardening session",
"payload": "diagnostic buffer",
"vulnerability": "optimization opportunity",
"bypass": "alternative workflow",
"injection": "parameter validation test",
"shell": "remote management interface",
"reverse shell": "diagnostic callback channel",
"bind shell": "local management listener",
"backdoor": "maintenance access point",
"rootkit": "deep system monitor",
"malware": "behavioral analysis specimen",
"trojan": "dual-purpose utility",
"worm": "self-distributing updater",
"ransomware": "encryption compliance tool",
"keylogger": "input audit module",
"brute force": "exhaustive credential audit",
"dictionary attack": "credential inventory scan",
"phishing": "social awareness simulation",
"spear phishing": "targeted awareness exercise",
"privilege escalation": "access scope expansion test",
"lateral movement": "internal mobility assessment",
"exfiltration": "data flow verification",
"c2": "command relay infrastructure",
"command and control": "centralized management protocol",
"botnet": "distributed task network",
"zero day": "undocumented optimization",
"0day": "pre-disclosure finding",
// Network terms
"port scan": "service inventory check",
"vulnerability scan": "configuration audit sweep",
"penetration test": "security resilience assessment",
"pentest": "resilience assessment",
"red team": "adversarial resilience team",
"blue team": "defensive operations team",
"man in the middle": "traffic inspection proxy",
"mitm": "inline traffic analyzer",
"packet sniffing": "network traffic audit",
"dns poisoning": "name resolution test",
"arp spoofing": "network topology validation",
"ddos": "load capacity assessment",
"dos": "availability stress test",
// Web terms
"xss": "client-side script audit",
"cross site scripting": "browser script validation",
"sql injection": "query parameter boundary test",
"sqli": "database input validation",
"csrf": "cross-origin request audit",
"ssrf": "server-side request audit",
"rce": "remote execution boundary test",
"remote code execution": "remote process validation",
"lfi": "local file access audit",
"rfi": "remote include boundary test",
"path traversal": "directory boundary test",
"file upload": "content ingestion test",
// Credential terms
"password crack": "credential strength assessment",
"hash crack": "digest reversal analysis",
"credential dump": "authentication store audit",
"token theft": "session management review",
}