Feat: Update README.md, replace last jetbrains logo

Signed-off-by: Mario Candela <mario.candela.personal@gmail.com>

.github/workflows/ci.yml

@@ -2,13 +2,18 @@ name: CI
 
 on:
   push:
-    branches: [ main ]
+    branches: [ "main" ]
   pull_request:
-    branches: [ main ]
+    branches: [ "main" ]
 
 jobs:
 
   CI:
+    strategy:
+      fail-fast: false
+      matrix:
+        go-version:
+          - "1.24.1"
     runs-on: ubuntu-latest
     steps:
     - uses: actions/checkout@v3
@@ -16,7 +21,7 @@ jobs:
     - name: Set up Go
       uses: actions/setup-go@v3
       with:
-        go-version: 1.20.0
+        go-version: ${{ matrix.go-version }}
 
     - name: Dependencies
       run: go mod download
@@ -35,12 +40,12 @@ jobs:
 
     - name: Quality Gate - Test coverage shall be above threshold
       env:
-        TESTCOVERAGE_THRESHOLD: 65
+        TESTCOVERAGE_THRESHOLD: 80
       run: |
         echo "Quality Gate: checking test coverage is above threshold ..."
         echo "Threshold             : $TESTCOVERAGE_THRESHOLD %"
         # Excluded the concrete strategy from the unit test coverage, because covered by integration tests
-        cat coverage.tmp.out | grep -v "ssh.go" | grep -v "http.go" | grep -v "tcp.go" > coverage.out
+        cat coverage.tmp.out | grep -v "ssh.go" | grep -v "http.go" | grep -v "tcp.go" | grep -v "builder.go" | grep -v "director.go" > coverage.out
         totalCoverage=`go tool cover -func=coverage.out | grep total | grep -Eo '[0-9]+\.[0-9]+'`
         echo "Current test coverage : $totalCoverage %"
         if (( $(echo "$totalCoverage $TESTCOVERAGE_THRESHOLD" | awk '{print ($1 > $2)}') )); then
@@ -53,6 +58,8 @@ jobs:
 
     - name: Upload coverage reports to Codecov
       uses: codecov/codecov-action@v3
+      with:
+        files: ./coverage.out
       env:
         CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
 

.github/workflows/codeql.yml

@@ -26,8 +26,13 @@ jobs:
     - name: Checkout repository
       uses: actions/checkout@v3
 
+    - name: Set up Go
+      uses: actions/setup-go@v3
+      with:
+        go-version: 1.24.1
+
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v2
+      uses: github/codeql-action/init@v3
       with:
         languages: ${{ matrix.language }}
 
@@ -35,6 +40,6 @@ jobs:
       run: go build ./...
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v2
+      uses: github/codeql-action/analyze@v3
       with:
         category: "/language:${{matrix.language}}"

.github/workflows/docker-image.yml

@@ -1,31 +1,32 @@
+---
 name: Docker Hub Image
 
 on:
   push:
     tags:
       - 'v*.*.*'
-
 jobs:
   CD:
     runs-on: ubuntu-latest
     steps:
-      -
-        name: Checkout
+      - name: Checkout
         uses: actions/checkout@v3
-      -
-        name: Login to Docker Hub
+      - name: Login to Docker Hub
         uses: docker/login-action@v2
         with:
           username: ${{ secrets.DOCKER_USER }}
           password: ${{ secrets.DOCKER_ACCESS_TOKEN }}
-      -
-        name: Set up Docker Buildx
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+      - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v2
-      -
-        name: Build and push
+      - name: Build and push
         uses: docker/build-push-action@v4
         with:
           context: .
           file: ./Dockerfile
           push: true
-          tags: m4r10/beelzebub:${{  github.ref_name }}
+          tags: |
+            m4r10/beelzebub:${{  github.ref_name }}
+            m4r10/beelzebub:latest
+          platforms: linux/amd64,linux/arm64

.gitignore

@@ -2,4 +2,5 @@
 .idea
 logs
 .vscode
-.history
+.history
+coverage*.out

Dockerfile

@@ -2,8 +2,7 @@ FROM golang:alpine AS builder
 
 ENV GO111MODULE=on \
     CGO_ENABLED=0 \
-    GOOS=linux \
-    GOARCH=amd64
+    GOOS=linux
 
 RUN apk add git
 
@@ -27,4 +26,4 @@ FROM scratch
 COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
 COPY --from=builder /dist/main /
 
-ENTRYPOINT ["/main"]
+ENTRYPOINT ["/main"]

README.md

@@ -8,13 +8,14 @@
 
 ## Overview
 
-Beelzebub is an advanced honeypot framework designed to provide a highly secure environment for detecting and analyzing cyber attacks. It offers a low code approach for easy implementation and utilizes virtualization techniques powered by OpenAI Generative Pre-trained Transformer.
+Beelzebub is an advanced honeypot framework designed to provide a highly secure environment for detecting and analyzing cyber attacks. It offers a low code approach for easy implementation and uses AI to mimic the behavior of a high-interaction honeypot.
 
 <img src="https://beelzebub.netlify.app/go-beelzebub.png" alt="Beelzebub Logo" width="200"/>
 
-## OpenAI GPT Integration
+## LLM Honeypot
+
+[![asciicast](https://asciinema.org/a/665295.svg)](https://asciinema.org/a/665295)
 
-Learn how to integrate Beelzebub with OpenAI GPT-3 by referring to our comprehensive guide on Medium: [Medium Article](https://medium.com/@mario.candela.personal/how-to-build-a-highly-effective-honeypot-with-beelzebub-and-chatgpt-a2f0f05b3e1)
 
 ## Telegram Bot for Real-Time Attacks
 
@@ -103,7 +104,8 @@ $ make test.dependencies.down
 
 Beelzebub offers a wide range of features to enhance your honeypot environment:
 
-- OpenAI Generative Pre-trained Transformer act as Linux virtualization
+- Support for Ollama
+- Support for OpenAI
 - SSH Honeypot
 - HTTP Honeypot
 - TCP Honeypot
@@ -209,22 +211,66 @@ commands:
 
 #### Example SSH Honeypot
 
-###### Honeypot with GPT-3 on Port 2222
+###### LLM Honeypots
+
+Follow a SSH LLM Honeypot using OpenAI as provider LLM:
 
 ```yaml
 apiVersion: "v1"
 protocol: "ssh"
 address: ":2222"
-description: "SSH interactive ChatGPT"
+description: "SSH interactive OpenAI  GPT-4"
 commands:
   - regex: "^(.+)$"
-    plugin: "OpenAIGPTLinuxTerminal"
+    plugin: "LLMHoneypot"
 serverVersion: "OpenSSH"
 serverName: "ubuntu"
 passwordRegex: "^(root|qwerty|Smoker666|123456|jenkins|minecraft|sinus|alex|postgres|Ly123456)$"
 deadlineTimeoutSeconds: 60
 plugin:
-  openAPIChatGPTSecretKey: "Your OpenAI Secret Key"
+   llmProvider: "openai"
+   llmModel: "gpt-4o" #Models https://platform.openai.com/docs/models
+   openAISecretKey: "sk-proj-123456"
+```
+
+Examples with local Ollama instance using model codellama:7b:
+
+```yaml
+apiVersion: "v1"
+protocol: "ssh"
+address: ":2222"
+description: "SSH Ollama Llama3"
+commands:
+  - regex: "^(.+)$"
+    plugin: "LLMHoneypot"
+serverVersion: "OpenSSH"
+serverName: "ubuntu"
+passwordRegex: "^(root|qwerty|Smoker666|123456|jenkins|minecraft|sinus|alex|postgres|Ly123456)$"
+deadlineTimeoutSeconds: 60
+plugin:
+   llmProvider: "ollama"
+   llmModel: "codellama:7b" #Models https://ollama.com/search
+   host: "http://example.com/api/chat" #default http://localhost:11434/api/chat
+```
+Example with custom prompt:
+
+```yaml
+apiVersion: "v1"
+protocol: "ssh"
+address: ":2222"
+description: "SSH interactive OpenAI  GPT-4"
+commands:
+  - regex: "^(.+)$"
+    plugin: "LLMHoneypot"
+serverVersion: "OpenSSH"
+serverName: "ubuntu"
+passwordRegex: "^(root|qwerty|Smoker666|123456|jenkins|minecraft|sinus|alex|postgres|Ly123456)$"
+deadlineTimeoutSeconds: 60
+plugin:
+   llmProvider: "openai"
+   llmModel: "gpt-4o"
+   openAISecretKey: "sk-proj-123456"
+   prompt: "You will act as an Ubuntu Linux terminal. The user will type commands, and you are to reply with what the terminal should show. Your responses must be contained within a single code block."
 ```
 
 ###### SSH Honeypot on Port 22
@@ -261,8 +307,6 @@ passwordRegex: "^(root|qwerty|Smoker666)$"
 deadlineTimeoutSeconds: 60
 ```
 
-[![asciicast](https://asciinema.org/a/604522.svg)](https://asciinema.org/a/604522)
-
 ## Roadmap
 
 Our future plans for Beelzebub include developing it into a robust PaaS platform.
@@ -278,4 +322,4 @@ Happy hacking!
 Beelzebub is licensed under the [MIT License](LICENSE).
 
 ## Supported by JetBrains
-[![JetBrains Black Box Logo logo](https://resources.jetbrains.com/storage/products/company/brand/logos/jb_square.png)](https://jb.gg/OpenSourceSupport)
+![JetBrains logo](https://resources.jetbrains.com/storage/products/company/brand/logos/jetbrains.png)

builder/builder.go

@@ -3,14 +3,18 @@ package builder
 import (
 	"errors"
 	"fmt"
-	"github.com/mariocandela/beelzebub/v3/parser"
-	"github.com/mariocandela/beelzebub/v3/protocols"
-	"github.com/mariocandela/beelzebub/v3/protocols/strategies"
-	"github.com/mariocandela/beelzebub/v3/tracer"
 	"io"
 	"net/http"
 	"os"
 
+	"github.com/mariocandela/beelzebub/v3/parser"
+	"github.com/mariocandela/beelzebub/v3/plugins"
+	"github.com/mariocandela/beelzebub/v3/protocols"
+	"github.com/mariocandela/beelzebub/v3/protocols/strategies/HTTP"
+	"github.com/mariocandela/beelzebub/v3/protocols/strategies/SSH"
+	"github.com/mariocandela/beelzebub/v3/protocols/strategies/TCP"
+	"github.com/mariocandela/beelzebub/v3/tracer"
+
 	"github.com/prometheus/client_golang/prometheus/promhttp"
 	amqp "github.com/rabbitmq/amqp091-go"
 	log "github.com/sirupsen/logrus"
@@ -105,31 +109,42 @@ Honeypot Framework, happy hacking!`)
 	}()
 
 	// Init Protocol strategies
-	secureShellStrategy := &strategies.SSHStrategy{}
-	hypertextTransferProtocolStrategy := &strategies.HTTPStrategy{}
-	transmissionControlProtocolStrategy := &strategies.TCPStrategy{}
+	secureShellStrategy := &SSH.SSHStrategy{}
+	hypertextTransferProtocolStrategy := &HTTP.HTTPStrategy{}
+	transmissionControlProtocolStrategy := &TCP.TCPStrategy{}
 
 	// Init Tracer strategies, and set the trace strategy default HTTP
 	protocolManager := protocols.InitProtocolManager(b.traceStrategy, hypertextTransferProtocolStrategy)
 
+	if b.beelzebubCoreConfigurations.Core.BeelzebubCloud.Enabled {
+		conf := b.beelzebubCoreConfigurations.Core.BeelzebubCloud
+
+		beelzebubCloud := plugins.InitBeelzebubCloud(conf.URI, conf.AuthToken)
+
+		if honeypotsConfiguration, err := beelzebubCloud.GetHoneypotsConfigurations(); err != nil {
+			return err
+		} else {
+			if len(honeypotsConfiguration) == 0 {
+				return errors.New("no honeypots configuration found")
+			}
+			b.beelzebubServicesConfiguration = honeypotsConfiguration
+		}
+	}
+
 	for _, beelzebubServiceConfiguration := range b.beelzebubServicesConfiguration {
 		switch beelzebubServiceConfiguration.Protocol {
 		case "http":
 			protocolManager.SetProtocolStrategy(hypertextTransferProtocolStrategy)
-			break
 		case "ssh":
 			protocolManager.SetProtocolStrategy(secureShellStrategy)
-			break
 		case "tcp":
 			protocolManager.SetProtocolStrategy(transmissionControlProtocolStrategy)
-			break
 		default:
-			log.Fatalf("Protocol %s not managed", beelzebubServiceConfiguration.Protocol)
-			continue
+			log.Fatalf("protocol %s not managed", beelzebubServiceConfiguration.Protocol)
 		}
 
 		if err := protocolManager.InitService(beelzebubServiceConfiguration); err != nil {
-			return errors.New(fmt.Sprintf("Error during init protocol: %s, %s", beelzebubServiceConfiguration.Protocol, err.Error()))
+			return fmt.Errorf("error during init protocol: %s, %s", beelzebubServiceConfiguration.Protocol, err.Error())
 		}
 	}
 

builder/director.go

@@ -4,6 +4,7 @@ import (
 	"context"
 	"encoding/json"
 	"github.com/mariocandela/beelzebub/v3/parser"
+	"github.com/mariocandela/beelzebub/v3/plugins"
 	"github.com/mariocandela/beelzebub/v3/tracer"
 
 	amqp "github.com/rabbitmq/amqp091-go"
@@ -37,6 +38,10 @@ func (d *Director) BuildBeelzebub(beelzebubCoreConfigurations *parser.BeelzebubC
 		}
 	}
 
+	if beelzebubCoreConfigurations.Core.BeelzebubCloud.Enabled {
+		d.builder.setTraceStrategy(d.beelzebubCloudStrategy)
+	}
+
 	return d.builder.build(), nil
 }
 
@@ -47,6 +52,27 @@ func (d *Director) standardOutStrategy(event tracer.Event) {
 	}).Info("New Event")
 }
 
+func (d *Director) beelzebubCloudStrategy(event tracer.Event) {
+	log.WithFields(log.Fields{
+		"status": event.Status,
+		"event":  event,
+	}).Info("New Event")
+
+	conf := d.builder.beelzebubCoreConfigurations.Core.BeelzebubCloud
+
+	beelzebubCloud := plugins.InitBeelzebubCloud(conf.URI, conf.AuthToken)
+
+	result, err := beelzebubCloud.SendEvent(event)
+	if err != nil {
+		log.Error(err.Error())
+	} else {
+		log.WithFields(log.Fields{
+			"status": result,
+			"event":  event,
+		}).Debug("Event published on beelzebub cloud")
+	}
+}
+
 func (d *Director) rabbitMQTraceStrategy(event tracer.Event) {
 	log.WithFields(log.Fields{
 		"status": event.Status,

configurations/beelzebub.yaml

@@ -11,4 +11,7 @@ core:
   prometheus:
     path: "/metrics"
     port: ":2112"
-
+  beelzebub-cloud:
+    enabled: false
+    uri: ""
+    auth-token: ""

configurations/services/http-80.yaml

@@ -18,41 +18,10 @@ commands:
       - "Server: Apache/2.4.53 (Debian)"
       - "X-Powered-By: PHP/7.4.29"
     statusCode: 200
-  - regex: "^(/wp-login.php|/wp-admin)$"
-    handler:
-      <html>
-        <header>
-          <title>Wordpress 6 test page</title>
-        </header>
-        <body>
-          <form action="" method="post">
-            <label for="uname"><b>Username</b></label>
-            <input type="text" placeholder="Enter Username" name="uname" required>
-
-            <label for="psw"><b>Password</b></label>
-            <input type="password" placeholder="Enter Password" name="psw" required>
-
-            <button type="submit">Login</button>
-          </form>
-        </body>
-      </html>
-    headers:
-      - "Content-Type: text/html"
-      - "Server: Apache/2.4.53 (Debian)"
-      - "X-Powered-By: PHP/7.4.29"
-    statusCode: 200
   - regex: "^.*$"
-    handler:
-      <html>
-        <header>
-          <title>404</title>
-        </header>
-        <body>
-          <h1>Not found!</h1>
-        </body>
-      </html>
-    headers:
-      - "Content-Type: text/html"
-      - "Server: Apache/2.4.53 (Debian)"
-      - "X-Powered-By: PHP/7.4.29"
-    statusCode: 404
+    plugin: "LLMHoneypot"
+    statusCode: 200
+plugin:
+  llmProvider: "openai"
+  llmModel: "gpt-4o"
+  openAISecretKey: "sk-proj-123456"

configurations/services/ssh-2222.yaml

@@ -4,10 +4,12 @@ address: ":2222"
 description: "SSH interactive ChatGPT"
 commands:
   - regex: "^(.+)$"
-    plugin: "OpenAIGPTLinuxTerminal"
+    plugin: "LLMHoneypot"
 serverVersion: "OpenSSH"
 serverName: "ubuntu"
-passwordRegex: "^(root|qwerty|Smoker666|123456|jenkins|minecraft|sinus|alex|postgres|Ly123456)$"
-deadlineTimeoutSeconds: 60
+passwordRegex: "^(root|qwerty|Smoker666|123456|jenkins|minecraft|sinus|alex|postgres|Ly123456|1234)$"
+deadlineTimeoutSeconds: 6000
 plugin:
-  openAPIChatGPTSecretKey: ""
+  llmProvider: "openai"
+  llmModel: "gpt-4o"
+  openAISecretKey: "sk-proj-12345"

docker-compose.yml

@@ -3,17 +3,18 @@ version: "3.9"
 services:
   beelzebub:
     build: .
-    #network_mode: host # Not work on Mac OS
     container_name: beelzebub
     restart: always
-    ports: # Remove me, if you use configuration network_mode: host
+    ports:
       - "22:22"
       - "2222:2222"
       - "8080:8080"
+      - "8081:8081"
       - "80:80"
       - "3306:3306"
-      - "2112:2112" # Prometheus openmetrics
+      - "2112:2112" #Prometheus Open Metrics
     environment:
       RABBITMQ_URI: ${RABBITMQ_URI}
+      OPEN_AI_SECRET_KEY: ${OPEN_AI_SECRET_KEY}
     volumes:
       - "./configurations:/configurations"

go.mod

@@ -1,37 +1,40 @@
 module github.com/mariocandela/beelzebub/v3
 
-go 1.20
+go 1.24
+
+toolchain go1.24.1
 
 require (
-	github.com/gliderlabs/ssh v0.3.6
-	github.com/go-resty/resty/v2 v2.10.0
-	github.com/google/uuid v1.5.0
+	github.com/gliderlabs/ssh v0.3.8
+	github.com/go-resty/resty/v2 v2.16.5
+	github.com/google/uuid v1.6.0
 	github.com/jarcoal/httpmock v1.3.1
 	github.com/melbahja/goph v1.4.0
-	github.com/prometheus/client_golang v1.17.0
-	github.com/rabbitmq/amqp091-go v1.9.0
+	github.com/prometheus/client_golang v1.20.5
+	github.com/rabbitmq/amqp091-go v1.10.0
 	github.com/sirupsen/logrus v1.9.3
-	github.com/stretchr/testify v1.8.4
-	golang.org/x/crypto v0.17.0
+	github.com/stretchr/testify v1.10.0
+	golang.org/x/crypto v0.35.0
+	golang.org/x/term v0.30.0
 	gopkg.in/yaml.v3 v3.0.1
 )
 
 require (
 	github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
-	github.com/cespare/xxhash/v2 v2.2.0 // indirect
+	github.com/cespare/xxhash/v2 v2.3.0 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
-	github.com/golang/protobuf v1.5.3 // indirect
+	github.com/klauspost/compress v1.17.9 // indirect
 	github.com/kr/fs v0.1.0 // indirect
-	github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect
+	github.com/kr/text v0.2.0 // indirect
+	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
 	github.com/pkg/errors v0.9.1 // indirect
 	github.com/pkg/sftp v1.13.5 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
-	github.com/prometheus/client_model v0.4.1-0.20230718164431-9a2bf3000d16 // indirect
-	github.com/prometheus/common v0.44.0 // indirect
-	github.com/prometheus/procfs v0.11.1 // indirect
-	golang.org/x/net v0.17.0 // indirect
-	golang.org/x/sys v0.15.0 // indirect
-	golang.org/x/term v0.15.0 // indirect
-	google.golang.org/protobuf v1.31.0 // indirect
+	github.com/prometheus/client_model v0.6.1 // indirect
+	github.com/prometheus/common v0.55.0 // indirect
+	github.com/prometheus/procfs v0.15.1 // indirect
+	golang.org/x/net v0.36.0 // indirect
+	golang.org/x/sys v0.31.0 // indirect
+	google.golang.org/protobuf v1.34.2 // indirect
 )

go.sum

@@ -2,87 +2,81 @@ github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be h1:9AeTilPcZAjCFI
 github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be/go.mod h1:ySMOLuWl6zY27l47sB3qLNK6tF2fkHG55UZxx8oIVo4=
 github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
 github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw=
-github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44=
-github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
+github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs=
+github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
+github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/gliderlabs/ssh v0.3.6 h1:ZzjlDa05TcFRICb3anf/dSPN3ewz1Zx6CMLPWgkm3b8=
-github.com/gliderlabs/ssh v0.3.6/go.mod h1:zpHEXBstFnQYtGnB8k8kQLol82umzn/2/snG7alWVD8=
-github.com/go-resty/resty/v2 v2.10.0 h1:Qla4W/+TMmv0fOeeRqzEpXPLfTUnR5HZ1+lGs+CkiCo=
-github.com/go-resty/resty/v2 v2.10.0/go.mod h1:iiP/OpA0CkcL3IGt1O0+/SIItFUbkkyw5BGXiVdTu+A=
-github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
-github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
-github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg=
-github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
-github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
-github.com/google/uuid v1.5.0 h1:1p67kYwdtXjb0gL0BPiP1Av9wiZPo5A8z2cWkTZ+eyU=
-github.com/google/uuid v1.5.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/gliderlabs/ssh v0.3.8 h1:a4YXD1V7xMF9g5nTkdfnja3Sxy1PVDCj1Zg4Wb8vY6c=
+github.com/gliderlabs/ssh v0.3.8/go.mod h1:xYoytBv1sV0aL3CavoDuJIQNURXkkfPA/wxQ1pL1fAU=
+github.com/go-resty/resty/v2 v2.16.5 h1:hBKqmWrr7uRc3euHVqmh1HTHcKn99Smr7o5spptdhTM=
+github.com/go-resty/resty/v2 v2.16.5/go.mod h1:hkJtXbA2iKHzJheXYvQ8snQES5ZLGKMwQ07xAwp/fiA=
+github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
+github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
+github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
+github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/jarcoal/httpmock v1.3.1 h1:iUx3whfZWVf3jT01hQTO/Eo5sAYtB2/rqaUuOtpInww=
 github.com/jarcoal/httpmock v1.3.1/go.mod h1:3yb8rc4BI7TCBhFY8ng0gjuLKJNquuDNiPaZjnENuYg=
+github.com/klauspost/compress v1.17.9 h1:6KIumPrER1LHsvBVuDa0r5xaG0Es51mhhB9BQB2qeMA=
+github.com/klauspost/compress v1.17.9/go.mod h1:Di0epgTjJY877eYKx5yC51cX2A2Vl2ibi7bDH9ttBbw=
 github.com/kr/fs v0.1.0 h1:Jskdu9ieNAYnjxsi0LbQp1ulIKZV1LAFgK1tWhpZgl8=
 github.com/kr/fs v0.1.0/go.mod h1:FFnZGqtBN9Gxj7eW1uZ42v5BccTP0vu6NEaFoC2HwRg=
-github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
 github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
-github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
-github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE=
-github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
-github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zkfA9PSy5pEvNWRP0ET0TIVo=
-github.com/matttproud/golang_protobuf_extensions v1.0.4/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4=
+github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
+github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
+github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
+github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc=
+github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw=
 github.com/maxatome/go-testdeep v1.12.0 h1:Ql7Go8Tg0C1D/uMMX59LAoYK7LffeJQ6X2T04nTH68g=
+github.com/maxatome/go-testdeep v1.12.0/go.mod h1:lPZc/HAcJMP92l7yI6TRz1aZN5URwUBUAfUNvrclaNM=
 github.com/melbahja/goph v1.4.0 h1:z0PgDbBFe66lRYl3v5dGb9aFgPy0kotuQ37QOwSQFqs=
 github.com/melbahja/goph v1.4.0/go.mod h1:uG+VfK2Dlhk+O32zFrRlc3kYKTlV6+BtvPWd/kK7U68=
+github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA=
+github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
 github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
 github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pkg/sftp v1.13.5 h1:a3RLUqkyjYRtBTZJZ1VRrKbN3zhuPLlUc3sphVz81go=
 github.com/pkg/sftp v1.13.5/go.mod h1:wHDZ0IZX6JcBYRK1TH9bcVq8G7TLpVHYIGJRFnmPfxg=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
-github.com/prometheus/client_golang v1.17.0 h1:rl2sfwZMtSthVU752MqfjQozy7blglC+1SOtjMAMh+Q=
-github.com/prometheus/client_golang v1.17.0/go.mod h1:VeL+gMmOAxkS2IqfCq0ZmHSL+LjWfWDUmp1mBz9JgUY=
-github.com/prometheus/client_model v0.4.1-0.20230718164431-9a2bf3000d16 h1:v7DLqVdK4VrYkVD5diGdl4sxJurKJEMnODWRJlxV9oM=
-github.com/prometheus/client_model v0.4.1-0.20230718164431-9a2bf3000d16/go.mod h1:oMQmHW1/JoDwqLtg57MGgP/Fb1CJEYF2imWWhWtMkYU=
-github.com/prometheus/common v0.44.0 h1:+5BrQJwiBB9xsMygAB3TNvpQKOwlkc25LbISbrdOOfY=
-github.com/prometheus/common v0.44.0/go.mod h1:ofAIvZbQ1e/nugmZGz4/qCb9Ap1VoSTIO7x0VV9VvuY=
-github.com/prometheus/procfs v0.11.1 h1:xRC8Iq1yyca5ypa9n1EZnWZkt7dwcoRPQwX/5gwaUuI=
-github.com/prometheus/procfs v0.11.1/go.mod h1:eesXgaPo1q7lBpVMoMy0ZOFTth9hBn4W/y0/p/ScXhY=
-github.com/rabbitmq/amqp091-go v1.9.0 h1:qrQtyzB4H8BQgEuJwhmVQqVHB9O4+MNDJCCAcpc3Aoo=
-github.com/rabbitmq/amqp091-go v1.9.0/go.mod h1:+jPrT9iY2eLjRaMSRHUhc3z14E/l85kv/f+6luSD3pc=
+github.com/prometheus/client_golang v1.20.5 h1:cxppBPuYhUnsO6yo/aoRol4L7q7UFfdm+bR9r+8l63Y=
+github.com/prometheus/client_golang v1.20.5/go.mod h1:PIEt8X02hGcP8JWbeHyeZ53Y/jReSnHgO035n//V5WE=
+github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E=
+github.com/prometheus/client_model v0.6.1/go.mod h1:OrxVMOVHjw3lKMa8+x6HeMGkHMQyHDk9E3jmP2AmGiY=
+github.com/prometheus/common v0.55.0 h1:KEi6DK7lXW/m7Ig5i47x0vRzuBsHuvJdi5ee6Y3G1dc=
+github.com/prometheus/common v0.55.0/go.mod h1:2SECS4xJG1kd8XF9IcM1gMX6510RAEL65zxzNImwdc8=
+github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0learggepc=
+github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk=
+github.com/rabbitmq/amqp091-go v1.10.0 h1:STpn5XsHlHGcecLmMFCtg7mqq0RnD+zFr4uzukfVhBw=
+github.com/rabbitmq/amqp091-go v1.10.0/go.mod h1:Hy4jKW5kQART1u+JkDTF9YYOQUHXqMuhrgxOEeS7G4o=
 github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ=
+github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog=
 github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ=
 github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
-github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
-github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
-github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
-github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
-github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
+github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA=
+github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
 github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
-go.uber.org/goleak v1.2.1 h1:NBol2c7O1ZokfZ0LEU9K6Whx/KnwvepVetCUhtKja4A=
-go.uber.org/goleak v1.2.1/go.mod h1:qlT2yGI9QafXHhZZLxlSuNsMw3FFLxBr+tBRlmO1xH4=
+go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto=
+go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
 golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58=
-golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4=
-golang.org/x/crypto v0.17.0 h1:r8bRNjWL3GshPW3gkd+RpvzWrZAwPS49OmTGZ/uhM4k=
-golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4=
+golang.org/x/crypto v0.35.0 h1:b15kiHdrGCHrP6LvwaQ3c03kgNhhiMgvlhxHQhmg2Xs=
+golang.org/x/crypto v0.35.0/go.mod h1:dy7dXNW32cAb/6/PRuTNsix8T+vJAqvuIy5Bli/x0YQ=
 golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
-golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
 golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
-golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
-golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM=
-golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE=
-golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/net v0.36.0 h1:vWF2fRbw4qslQsQzgFqZff+BItCvGFQqKzKIzx1rmoA=
+golang.org/x/net v0.36.0/go.mod h1:bFmbeoIPfrw4sMHNhb4J9f6+tPziuGjq7Jk/38fxi1I=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -92,39 +86,29 @@ golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc=
-golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.31.0 h1:ioabZlmFYtWhL+TRYpcnNlLwhyxaM9kWTDEmfnprqik=
+golang.org/x/sys v0.31.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
-golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo=
-golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U=
-golang.org/x/term v0.15.0 h1:y/Oo/a/q3IXu26lQgl04j/gjuBDOBlx7X6Om1j2CPW4=
-golang.org/x/term v0.15.0/go.mod h1:BDl952bC7+uMoWR75FIrCDx79TPU9oHkTZ9yRbYOrX0=
+golang.org/x/term v0.30.0 h1:PQ39fJZ+mfadBm0y5WlL4vlM7Sx1Hgf13sMIY2+QS9Y=
+golang.org/x/term v0.30.0/go.mod h1:NYYFdzHoI5wRh/h5tDMdMqCqPJZEuNqVR5xJLd/n67g=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
 golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
-golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
-golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
-golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4=
-golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
+golang.org/x/time v0.6.0 h1:eTDhh4ZXt5Qf0augr54TN6suAUudPcawVZeIAPU7D4U=
+golang.org/x/time v0.6.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
-golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
-google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
-google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8=
-google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
+google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg=
+google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
-gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
+gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

historystore/history_store.go

@@ -0,0 +1,82 @@
+package historystore
+
+import (
+	"sync"
+	"time"
+
+	"github.com/mariocandela/beelzebub/v3/plugins"
+)
+
+var (
+	MaxHistoryAge   = 60 * time.Minute
+	CleanerInterval = 1 * time.Minute
+)
+
+// HistoryStore is a thread-safe structure for storing Messages used to build LLM Context.
+type HistoryStore struct {
+	sync.RWMutex
+	sessions map[string]HistoryEvent
+}
+
+// HistoryEvent is a container for storing messages
+type HistoryEvent struct {
+	LastSeen time.Time
+	Messages []plugins.Message
+}
+
+// NewHistoryStore returns a prepared HistoryStore
+func NewHistoryStore() *HistoryStore {
+	return &HistoryStore{
+		sessions: make(map[string]HistoryEvent),
+	}
+}
+
+// HasKey returns true if the supplied key exists in the map.
+func (hs *HistoryStore) HasKey(key string) bool {
+	hs.RLock()
+	defer hs.RUnlock()
+	_, ok := hs.sessions[key]
+	return ok
+}
+
+// Query returns the value stored at the map
+func (hs *HistoryStore) Query(key string) []plugins.Message {
+	hs.RLock()
+	defer hs.RUnlock()
+	return hs.sessions[key].Messages
+}
+
+// Append will add the slice of Mesages to the entry for the key.
+// If the map has not yet been initalised, then a new map is created.
+func (hs *HistoryStore) Append(key string, message ...plugins.Message) {
+	hs.Lock()
+	defer hs.Unlock()
+	// In the unexpected case that the map has not yet been initalised, create it.
+	if hs.sessions == nil {
+		hs.sessions = make(map[string]HistoryEvent)
+	}
+	e, ok := hs.sessions[key]
+	if !ok {
+		e = HistoryEvent{}
+	}
+	e.LastSeen = time.Now()
+	e.Messages = append(e.Messages, message...)
+	hs.sessions[key] = e
+}
+
+// HistoryCleaner is a function that will periodically remove records from the HistoryStore
+// that are older than MaxHistoryAge.
+func (hs *HistoryStore) HistoryCleaner() {
+	cleanerTicker := time.NewTicker(CleanerInterval)
+	go func() {
+		for range cleanerTicker.C {
+			hs.Lock()
+			for k, v := range hs.sessions {
+				if time.Since(v.LastSeen) > MaxHistoryAge {
+					delete(hs.sessions, k)
+				}
+			}
+			hs.Unlock()
+		}
+	}()
+}

historystore/history_store_test.go

@@ -0,0 +1,66 @@
+package historystore
+
+import (
+	"testing"
+	"time"
+
+	"github.com/mariocandela/beelzebub/v3/plugins"
+	"github.com/stretchr/testify/assert"
+)
+
+func TestNewHistoryStore(t *testing.T) {
+	hs := NewHistoryStore()
+	assert.NotNil(t, hs)
+	assert.NotNil(t, hs.sessions)
+}
+
+func TestHasKey(t *testing.T) {
+	hs := NewHistoryStore()
+	hs.sessions["testKey"] = HistoryEvent{Messages: []plugins.Message{}}
+	assert.True(t, hs.HasKey("testKey"))
+	assert.False(t, hs.HasKey("nonExistentKey"))
+}
+
+func TestQuery(t *testing.T) {
+	hs := NewHistoryStore()
+	expectedMessages := []plugins.Message{{Role: "user", Content: "Hello"}}
+	hs.sessions["testKey"] = HistoryEvent{Messages: expectedMessages}
+	actualMessages := hs.Query("testKey")
+	assert.Equal(t, expectedMessages, actualMessages)
+}
+
+func TestAppend(t *testing.T) {
+	hs := NewHistoryStore()
+	message1 := plugins.Message{Role: "user", Content: "Hello"}
+	message2 := plugins.Message{Role: "assistant", Content: "Hi"}
+	hs.Append("testKey", message1)
+	assert.Equal(t, []plugins.Message{message1}, hs.sessions["testKey"].Messages)
+	hs.Append("testKey", message2)
+	assert.Equal(t, []plugins.Message{message1, message2}, hs.sessions["testKey"].Messages)
+}
+
+func TestAppendNilSessions(t *testing.T) {
+	hs := &HistoryStore{}
+	message1 := plugins.Message{Role: "user", Content: "Hello"}
+	hs.Append("testKey", message1)
+	assert.NotNil(t, hs.sessions)
+	assert.Equal(t, []plugins.Message{message1}, hs.sessions["testKey"].Messages)
+}
+
+func TestHistoryCleaner(t *testing.T) {
+	hs := NewHistoryStore()
+	hs.Append("testKey", plugins.Message{Role: "user", Content: "Hello"})
+	hs.Append("testKey2", plugins.Message{Role: "user", Content: "Hello"})
+
+	// Make key older than MaxHistoryAge
+	e := hs.sessions["testKey"]
+	e.LastSeen = time.Now().Add(-MaxHistoryAge * 2)
+	hs.sessions["testKey"] = e
+
+	CleanerInterval = 5 * time.Second // Override for the test.
+	hs.HistoryCleaner()
+	time.Sleep(CleanerInterval + (1 * time.Second))
+
+	assert.False(t, hs.HasKey("testKey"))
+	assert.True(t, hs.HasKey("testKey2"))
+}

integration_test/integration_test.go

@@ -67,8 +67,11 @@ func (suite *IntegrationTestSuite) TestInvokeHTTPHoneypot() {
 	response, err := resty.New().R().
 		Get(suite.httpHoneypotHost + "/index.php")
 
+	response.Header().Del("Date")
+
 	suite.Require().NoError(err)
 	suite.Equal(http.StatusOK, response.StatusCode())
+	suite.Equal(http.Header{"Content-Length": []string{"15"}, "Content-Type": []string{"text/html"}, "Server": []string{"Apache/2.4.53 (Debian)"}, "X-Powered-By": []string{"PHP/7.4.29"}}, response.Header())
 	suite.Equal("mocked response", string(response.Body()))
 
 	response, err = resty.New().R().

main.go

@@ -2,6 +2,8 @@ package main
 
 import (
 	"flag"
+	"runtime/debug"
+
 	"github.com/mariocandela/beelzebub/v3/builder"
 	"github.com/mariocandela/beelzebub/v3/parser"
 
@@ -13,12 +15,20 @@ func main() {
 		quit                            = make(chan struct{})
 		configurationsCorePath          string
 		configurationsServicesDirectory string
+		memLimitMiB                     int
 	)
 
 	flag.StringVar(&configurationsCorePath, "confCore", "./configurations/beelzebub.yaml", "Provide the path of configurations core")
 	flag.StringVar(&configurationsServicesDirectory, "confServices", "./configurations/services/", "Directory config services")
+	flag.IntVar(&memLimitMiB, "memLimitMiB", 100, "Process Memory in MiB (default 100, set to -1 to use system default)")
 	flag.Parse()
 
+	if memLimitMiB > 0 {
+		// SetMemoryLimit takes an int64 value for the number of bytes.
+		// bytes value = MiB value * 1024 * 1024
+		debug.SetMemoryLimit(int64(memLimitMiB * 1024 * 1024))
+	}
+
 	parser := parser.Init(configurationsCorePath, configurationsServicesDirectory)
 
 	coreConfigurations, err := parser.ReadConfigurationsCore()

parser/configurations_parser.go

@@ -5,6 +5,7 @@ import (
 	"fmt"
 	"os"
 	"path/filepath"
+	"regexp"
 	"strings"
 
 	log "github.com/sirupsen/logrus"
@@ -14,9 +15,10 @@ import (
 // BeelzebubCoreConfigurations is the struct that contains the configurations of the core
 type BeelzebubCoreConfigurations struct {
 	Core struct {
-		Logging    Logging    `yaml:"logging"`
-		Tracings   Tracings   `yaml:"tracings"`
-		Prometheus Prometheus `yaml:"prometheus"`
+		Logging        Logging        `yaml:"logging"`
+		Tracings       Tracings       `yaml:"tracings"`
+		Prometheus     Prometheus     `yaml:"prometheus"`
+		BeelzebubCloud BeelzebubCloud `yaml:"beelzebub-cloud"`
 	}
 }
 
@@ -33,6 +35,11 @@ type Tracings struct {
 	RabbitMQ `yaml:"rabbit-mq"`
 }
 
+type BeelzebubCloud struct {
+	Enabled   bool   `yaml:"enabled"`
+	URI       string `yaml:"uri"`
+	AuthToken string `yaml:"auth-token"`
+}
 type RabbitMQ struct {
 	Enabled bool   `yaml:"enabled"`
 	URI     string `yaml:"uri"`
@@ -43,7 +50,11 @@ type Prometheus struct {
 }
 
 type Plugin struct {
-	OpenAPIChatGPTSecretKey string `yaml:"openAPIChatGPTSecretKey"`
+	OpenAISecretKey string `yaml:"openAISecretKey"`
+	Host            string `yaml:"host"`
+	LLMModel        string `yaml:"llmModel"`
+	LLMProvider     string `yaml:"llmProvider"`
+	Prompt          string `yaml:"prompt"`
 }
 
 // BeelzebubServiceConfiguration is the struct that contains the configurations of the honeypot service
@@ -52,6 +63,7 @@ type BeelzebubServiceConfiguration struct {
 	Protocol               string    `yaml:"protocol"`
 	Address                string    `yaml:"address"`
 	Commands               []Command `yaml:"commands"`
+	FallbackCommand        Command   `yaml:"fallbackCommand"`
 	ServerVersion          string    `yaml:"serverVersion"`
 	ServerName             string    `yaml:"serverName"`
 	DeadlineTimeoutSeconds int       `yaml:"deadlineTimeoutSeconds"`
@@ -59,15 +71,19 @@ type BeelzebubServiceConfiguration struct {
 	Description            string    `yaml:"description"`
 	Banner                 string    `yaml:"banner"`
 	Plugin                 Plugin    `yaml:"plugin"`
+	TLSCertPath            string    `yaml:"tlsCertPath"`
+	TLSKeyPath             string    `yaml:"tlsKeyPath"`
 }
 
 // Command is the struct that contains the configurations of the commands
 type Command struct {
-	Regex      string   `yaml:"regex"`
-	Handler    string   `yaml:"handler"`
-	Headers    []string `yaml:"headers"`
-	StatusCode int      `yaml:"statusCode"`
-	Plugin     string   `yaml:"plugin"`
+	RegexStr   string         `yaml:"regex"`
+	Regex      *regexp.Regexp `yaml:"-"` // This field is parsed, not stored in the config itself.
+	Handler    string         `yaml:"handler"`
+	Headers    []string       `yaml:"headers"`
+	StatusCode int            `yaml:"statusCode"`
+	Plugin     string         `yaml:"plugin"`
+	Name       string         `yaml:"name"`
 }
 
 type configurationsParser struct {
@@ -127,12 +143,29 @@ func (bp configurationsParser) ReadConfigurationsServices() ([]BeelzebubServiceC
 			return nil, fmt.Errorf("in file %s: %v", filePath, err)
 		}
 		log.Debug(beelzebubServiceConfiguration)
+		if err := beelzebubServiceConfiguration.CompileCommandRegex(); err != nil {
+			return nil, fmt.Errorf("in file %s: invalid regex: %v", filePath, err)
+		}
 		servicesConfiguration = append(servicesConfiguration, *beelzebubServiceConfiguration)
 	}
 
 	return servicesConfiguration, nil
 }
 
+// CompileCommandRegex is the method that compiles the regular expression for each configured Command.
+func (c *BeelzebubServiceConfiguration) CompileCommandRegex() error {
+	for i, command := range c.Commands {
+		if command.RegexStr != "" {
+			rex, err := regexp.Compile(command.RegexStr)
+			if err != nil {
+				return err
+			}
+			c.Commands[i].Regex = rex
+		}
+	}
+	return nil
+}
+
 func gelAllFilesNameByDirName(dirName string) ([]string, error) {
 	files, err := os.ReadDir(dirName)
 	if err != nil {

parser/configurations_parser_test.go

@@ -3,6 +3,7 @@ package parser
 import (
 	"errors"
 	"os"
+	"regexp"
 	"testing"
 
 	"github.com/stretchr/testify/assert"
@@ -19,7 +20,11 @@ core:
   tracings:
     rabbit-mq:
       enabled: true
-      uri: "amqp://user:password@localhost/"`)
+      uri: "amqp://user:password@localhost/"
+  beelzebub-cloud:
+    enabled: true
+    uri: "amqp://user:password@localhost/"
+    auth-token: "iejfdjsl-aosdajosoidaj-dunfkjnfkjsdnkn"`)
 	return configurationsCoreBytes, nil
 }
 
@@ -45,11 +50,28 @@ func mockReadfilebytesBeelzebubServiceConfiguration(filePath string) ([]byte, er
 apiVersion: "v1"
 protocol: "http"
 address: ":8080"
+tlsCertPath: "/tmp/cert.crt"
+tlsKeyPath: "/tmp/cert.key"
 commands:
   - regex: "wp-admin"
     handler: "login"
     headers:
-      - "Content-Type: text/html"`)
+      - "Content-Type: text/html"
+  - name: "wp-admin"
+    regex: "wp-admin"
+    handler: "login"
+    headers:
+      - "Content-Type: text/html"
+fallbackCommand:
+  handler: "404 Not Found!"
+  statusCode: 404
+plugin:
+  openAISecretKey: "qwerty"
+  llmModel: "llama3"
+  llmProvider: "ollama"
+  host: "localhost:1563"
+  prompt: "hello world"
+`)
 	return beelzebubServiceConfiguration, nil
 }
 
@@ -85,6 +107,9 @@ func TestReadConfigurationsCoreValid(t *testing.T) {
 	assert.Equal(t, coreConfigurations.Core.Logging.LogsPath, "./logs")
 	assert.Equal(t, coreConfigurations.Core.Tracings.RabbitMQ.Enabled, true)
 	assert.Equal(t, coreConfigurations.Core.Tracings.RabbitMQ.URI, "amqp://user:password@localhost/")
+	assert.Equal(t, coreConfigurations.Core.BeelzebubCloud.Enabled, true)
+	assert.Equal(t, coreConfigurations.Core.BeelzebubCloud.URI, "amqp://user:password@localhost/")
+	assert.Equal(t, coreConfigurations.Core.BeelzebubCloud.AuthToken, "iejfdjsl-aosdajosoidaj-dunfkjnfkjsdnkn")
 }
 
 func TestReadConfigurationsServicesFail(t *testing.T) {
@@ -105,19 +130,30 @@ func TestReadConfigurationsServicesValid(t *testing.T) {
 	configurationsParser.gelAllFilesNameByDirNameDependency = mockReadDirValid
 
 	beelzebubServicesConfiguration, err := configurationsParser.ReadConfigurationsServices()
+	assert.Nil(t, err)
 
 	firstBeelzebubServiceConfiguration := beelzebubServicesConfiguration[0]
 
-	assert.Nil(t, err)
 	assert.Equal(t, firstBeelzebubServiceConfiguration.Protocol, "http")
 	assert.Equal(t, firstBeelzebubServiceConfiguration.ApiVersion, "v1")
 	assert.Equal(t, firstBeelzebubServiceConfiguration.Address, ":8080")
-	assert.Equal(t, len(firstBeelzebubServiceConfiguration.Commands), 1)
-	assert.Equal(t, len(firstBeelzebubServiceConfiguration.Commands), 1)
-	assert.Equal(t, firstBeelzebubServiceConfiguration.Commands[0].Regex, "wp-admin")
+	assert.Equal(t, len(firstBeelzebubServiceConfiguration.Commands), 2)
+	assert.Equal(t, len(firstBeelzebubServiceConfiguration.Commands), 2)
+	assert.Equal(t, firstBeelzebubServiceConfiguration.Commands[0].RegexStr, "wp-admin")
+	assert.Equal(t, firstBeelzebubServiceConfiguration.Commands[0].Regex.String(), "wp-admin")
 	assert.Equal(t, firstBeelzebubServiceConfiguration.Commands[0].Handler, "login")
 	assert.Equal(t, len(firstBeelzebubServiceConfiguration.Commands[0].Headers), 1)
 	assert.Equal(t, firstBeelzebubServiceConfiguration.Commands[0].Headers[0], "Content-Type: text/html")
+	assert.Equal(t, firstBeelzebubServiceConfiguration.Commands[1].Name, "wp-admin")
+	assert.Equal(t, firstBeelzebubServiceConfiguration.FallbackCommand.Handler, "404 Not Found!")
+	assert.Equal(t, firstBeelzebubServiceConfiguration.FallbackCommand.StatusCode, 404)
+	assert.Equal(t, firstBeelzebubServiceConfiguration.Plugin.OpenAISecretKey, "qwerty")
+	assert.Equal(t, firstBeelzebubServiceConfiguration.Plugin.LLMModel, "llama3")
+	assert.Equal(t, firstBeelzebubServiceConfiguration.Plugin.LLMProvider, "ollama")
+	assert.Equal(t, firstBeelzebubServiceConfiguration.Plugin.Host, "localhost:1563")
+	assert.Equal(t, firstBeelzebubServiceConfiguration.Plugin.Prompt, "hello world")
+	assert.Equal(t, firstBeelzebubServiceConfiguration.TLSCertPath, "/tmp/cert.crt")
+	assert.Equal(t, firstBeelzebubServiceConfiguration.TLSKeyPath, "/tmp/cert.key")
 }
 
 func TestGelAllFilesNameByDirName(t *testing.T) {
@@ -153,7 +189,8 @@ func TestGelAllFilesNameByDirNameError(t *testing.T) {
 	files, err := gelAllFilesNameByDirName("nosuchfile")
 
 	assert.Nil(t, files)
-	assert.Equal(t, "open nosuchfile: no such file or directory", err.Error())
+	// Windows and Linux return slightly different error strings, but share a common prefix, so check for that.
+	assert.Contains(t, err.Error(), "open nosuchfile: ")
 }
 
 func TestReadFileBytesByFilePath(t *testing.T) {
@@ -170,3 +207,79 @@ func TestReadFileBytesByFilePath(t *testing.T) {
 
 	assert.Equal(t, "", string(bytes))
 }
+
+func TestCompileCommandRegex(t *testing.T) {
+	tests := []struct {
+		name          string
+		config        BeelzebubServiceConfiguration
+		expectedError bool
+	}{
+		{
+			name: "Valid Regex",
+			config: BeelzebubServiceConfiguration{
+				Commands: []Command{
+					{RegexStr: "^/api/v1/.*$"},
+					{RegexStr: "wp-admin"},
+				},
+			},
+			expectedError: false,
+		},
+		{
+			name: "Empty Regex",
+			config: BeelzebubServiceConfiguration{
+				Commands: []Command{
+					{RegexStr: ""},
+					{RegexStr: ""},
+				},
+			},
+			expectedError: false,
+		},
+		{
+			name: "Invalid Regex",
+			config: BeelzebubServiceConfiguration{
+				Commands: []Command{
+					{RegexStr: "["},
+				},
+			},
+			expectedError: true,
+		},
+		{
+			name: "Mixed valid and Invalid Regex",
+			config: BeelzebubServiceConfiguration{
+				Commands: []Command{
+					{RegexStr: "^/api/v1/.*$"},
+					{RegexStr: "["},
+					{RegexStr: "test"},
+				},
+			},
+			expectedError: true,
+		},
+		{
+			name:          "No commands",
+			config:        BeelzebubServiceConfiguration{},
+			expectedError: false,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			err := tt.config.CompileCommandRegex()
+
+			if tt.expectedError {
+				assert.Error(t, err)
+			} else {
+				assert.NoError(t, err)
+				for _, command := range tt.config.Commands {
+					if command.RegexStr != "" {
+						assert.NotNil(t, command.Regex)
+						_, err := regexp.Compile(command.RegexStr)
+						assert.NoError(t, err)
+
+					} else {
+						assert.Nil(t, command.Regex)
+					}
+				}
+			}
+		})
+	}
+}

plugins/beelzebub-cloud.go

@@ -0,0 +1,104 @@
+package plugins
+
+import (
+	"encoding/json"
+	"errors"
+	"fmt"
+
+	"github.com/go-resty/resty/v2"
+	"github.com/mariocandela/beelzebub/v3/parser"
+	"github.com/mariocandela/beelzebub/v3/tracer"
+	log "github.com/sirupsen/logrus"
+	"gopkg.in/yaml.v3"
+)
+
+type beelzebubCloud struct {
+	URI       string
+	AuthToken string
+	client    *resty.Client
+}
+
+type HoneypotConfigResponseDTO struct {
+	ID            string `json:"id"`
+	Config        string `json:"config"`
+	TokenID       string `json:"tokenId"`
+	LastUpdatedOn string `json:"lastUpdatedOn"`
+}
+
+func InitBeelzebubCloud(uri, authToken string) *beelzebubCloud {
+	return &beelzebubCloud{
+		URI:       uri,
+		AuthToken: authToken,
+		client:    resty.New(),
+	}
+}
+
+func (beelzebubCloud *beelzebubCloud) SendEvent(event tracer.Event) (bool, error) {
+	requestJson, err := json.Marshal(event)
+	if err != nil {
+		return false, err
+	}
+
+	if beelzebubCloud.AuthToken == "" {
+		return false, errors.New("authToken is empty")
+	}
+
+	response, err := beelzebubCloud.client.R().
+		SetHeader("Content-Type", "application/json").
+		SetBody(requestJson).
+		SetHeader("Authorization", beelzebubCloud.AuthToken).
+		SetResult(&tracer.Event{}).
+		Post(fmt.Sprintf("%s/events", beelzebubCloud.URI))
+
+	log.Debug(response)
+
+	if err != nil {
+		return false, err
+	}
+
+	return response.StatusCode() == 200, nil
+}
+
+func (beelzebubCloud *beelzebubCloud) GetHoneypotsConfigurations() ([]parser.BeelzebubServiceConfiguration, error) {
+	if beelzebubCloud.AuthToken == "" {
+		return nil, errors.New("authToken is empty")
+	}
+
+	response, err := beelzebubCloud.client.R().
+		SetHeader("Content-Type", "application/json").
+		SetHeader("Authorization", beelzebubCloud.AuthToken).
+		SetResult([]HoneypotConfigResponseDTO{}).
+		Get(fmt.Sprintf("%s/honeypots", beelzebubCloud.URI))
+
+	if err != nil {
+		return nil, err
+	}
+
+	if response.StatusCode() != 200 {
+		return nil, errors.New(fmt.Sprintf("Response code: %v, error: %s", response.StatusCode(), string(response.Body())))
+	}
+
+	var honeypotsConfig []HoneypotConfigResponseDTO
+
+	if err = json.Unmarshal(response.Body(), &honeypotsConfig); err != nil {
+		return nil, err
+	}
+
+	var servicesConfiguration = make([]parser.BeelzebubServiceConfiguration, 0)
+
+	for _, honeypotConfig := range honeypotsConfig {
+		var honeypotsConfig parser.BeelzebubServiceConfiguration
+
+		if err = yaml.Unmarshal([]byte(honeypotConfig.Config), &honeypotsConfig); err != nil {
+			return nil, err
+		}
+		if err := honeypotsConfig.CompileCommandRegex(); err != nil {
+			return nil, fmt.Errorf("unable to load service config from cloud: invalid regex: %v", err)
+		}
+		servicesConfiguration = append(servicesConfiguration, honeypotsConfig)
+	}
+
+	log.Debug(servicesConfiguration)
+
+	return servicesConfiguration, nil
+}

plugins/beelzebub-cloud_test.go

@@ -0,0 +1,233 @@
+package plugins
+
+import (
+	"fmt"
+	"net/http"
+	"regexp"
+	"testing"
+
+	"github.com/go-resty/resty/v2"
+	"github.com/jarcoal/httpmock"
+	"github.com/mariocandela/beelzebub/v3/parser"
+	"github.com/mariocandela/beelzebub/v3/tracer"
+	"github.com/stretchr/testify/assert"
+)
+
+func TestBuildSendEventFailValidation(t *testing.T) {
+	beelzebubCloud := InitBeelzebubCloud("", "")
+
+	_, err := beelzebubCloud.SendEvent(tracer.Event{})
+
+	assert.Equal(t, "authToken is empty", err.Error())
+}
+
+func TestBuildSendEventWithResults(t *testing.T) {
+	client := resty.New()
+	httpmock.ActivateNonDefault(client.GetClient())
+	defer httpmock.DeactivateAndReset()
+
+	uri := "localhost:8081"
+
+	// Given
+	httpmock.RegisterResponder("POST", fmt.Sprintf("%s/events", uri),
+		func(req *http.Request) (*http.Response, error) {
+			resp, err := httpmock.NewJsonResponse(200, &tracer.Event{})
+			if err != nil {
+				return httpmock.NewStringResponse(500, ""), nil
+			}
+			return resp, nil
+		},
+	)
+
+	beelzebubCloud := InitBeelzebubCloud(uri, "sdjdnklfjndslkjanfk")
+	beelzebubCloud.client = client
+
+	//When
+	result, err := beelzebubCloud.SendEvent(tracer.Event{})
+
+	//Then
+	assert.Equal(t, true, result)
+	assert.Nil(t, err)
+}
+
+func TestBuildSendEventErro(t *testing.T) {
+	client := resty.New()
+	httpmock.ActivateNonDefault(client.GetClient())
+	defer httpmock.DeactivateAndReset()
+
+	uri := "localhost:8081/events"
+
+	// Given
+	httpmock.RegisterResponder("POST", uri,
+		func(req *http.Request) (*http.Response, error) {
+			return httpmock.NewStringResponse(500, ""), nil
+		},
+	)
+
+	beelzebubCloud := InitBeelzebubCloud(uri, "sdjdnklfjndslkjanfk")
+	beelzebubCloud.client = client
+
+	//When
+	result, _ := beelzebubCloud.SendEvent(tracer.Event{})
+
+	//Then
+	assert.Equal(t, false, result)
+}
+
+func TestGetHoneypotsConfigurationsWithResults(t *testing.T) {
+	client := resty.New()
+	httpmock.ActivateNonDefault(client.GetClient())
+	defer httpmock.DeactivateAndReset()
+
+	uri := "localhost:8081"
+
+	// Given
+	httpmock.RegisterResponder("GET", fmt.Sprintf("%s/honeypots", uri),
+		func(req *http.Request) (*http.Response, error) {
+			resp, err := httpmock.NewJsonResponse(200, &[]HoneypotConfigResponseDTO{
+				{
+					ID:      "123456",
+					Config:  "apiVersion: \"v1\"\nprotocol: \"ssh\"\naddress: \":2222\"\ndescription: \"SSH interactive ChatGPT\"\ncommands:\n  - regex: \"^(.+)$\"\n    plugin: \"LLMHoneypot\"\nserverVersion: \"OpenSSH\"\nserverName: \"ubuntu\"\npasswordRegex: \"^(root|qwerty|Smoker666|123456|jenkins|minecraft|sinus|alex|postgres|Ly123456)$\"\ndeadlineTimeoutSeconds: 60\nplugin:\n  llmModel: \"gpt-4o\"\n  openAISecretKey: \"1234\"\n",
+					TokenID: "1234567",
+				},
+			})
+			if err != nil {
+				return httpmock.NewStringResponse(500, ""), nil
+			}
+			return resp, nil
+		},
+	)
+
+	beelzebubCloud := InitBeelzebubCloud(uri, "sdjdnklfjndslkjanfk")
+	beelzebubCloud.client = client
+
+	//When
+	result, err := beelzebubCloud.GetHoneypotsConfigurations()
+
+	//Then
+	assert.Equal(t, &[]parser.BeelzebubServiceConfiguration{
+		{
+			ApiVersion:  "v1",
+			Protocol:    "ssh",
+			Address:     ":2222",
+			Description: "SSH interactive ChatGPT",
+			Commands: []parser.Command{
+				{
+					RegexStr: "^(.+)$",
+					Regex:    regexp.MustCompile("^(.+)$"),
+					Plugin:   "LLMHoneypot",
+				},
+			},
+			ServerVersion:          "OpenSSH",
+			ServerName:             "ubuntu",
+			PasswordRegex:          "^(root|qwerty|Smoker666|123456|jenkins|minecraft|sinus|alex|postgres|Ly123456)$",
+			DeadlineTimeoutSeconds: 60,
+			Plugin: parser.Plugin{
+				LLMModel:        "gpt-4o",
+				OpenAISecretKey: "1234",
+			},
+		},
+	}, &result)
+	assert.Nil(t, err)
+}
+
+func TestGetHoneypotsConfigurationsWithErrorValidation(t *testing.T) {
+	//Given
+	beelzebubCloud := InitBeelzebubCloud("", "")
+
+	//When
+	result, err := beelzebubCloud.GetHoneypotsConfigurations()
+
+	//Then
+	assert.Nil(t, result)
+	assert.Equal(t, "authToken is empty", err.Error())
+}
+
+func TestGetHoneypotsConfigurationsWithErrorAPI(t *testing.T) {
+	client := resty.New()
+	httpmock.ActivateNonDefault(client.GetClient())
+	defer httpmock.DeactivateAndReset()
+
+	uri := "localhost:8081"
+
+	// Given
+	httpmock.RegisterResponder("GET", fmt.Sprintf("%s/honeypots", uri),
+		func(req *http.Request) (*http.Response, error) {
+			return httpmock.NewStringResponse(500, ""), nil
+		},
+	)
+
+	beelzebubCloud := InitBeelzebubCloud(uri, "sdjdnklfjndslkjanfk")
+	beelzebubCloud.client = client
+
+	//When
+	result, err := beelzebubCloud.GetHoneypotsConfigurations()
+
+	//Then
+	assert.Nil(t, result)
+	assert.Equal(t, "Response code: 500, error: ", err.Error())
+}
+
+func TestGetHoneypotsConfigurationsWithErrorUnmarshal(t *testing.T) {
+	client := resty.New()
+	httpmock.ActivateNonDefault(client.GetClient())
+	defer httpmock.DeactivateAndReset()
+
+	uri := "localhost:8081"
+
+	// Given
+	httpmock.RegisterResponder("GET", fmt.Sprintf("%s/honeypots", uri),
+		func(req *http.Request) (*http.Response, error) {
+			resp, err := httpmock.NewJsonResponse(200, "error")
+			if err != nil {
+				return httpmock.NewStringResponse(500, ""), nil
+			}
+			return resp, nil
+		},
+	)
+
+	beelzebubCloud := InitBeelzebubCloud(uri, "sdjdnklfjndslkjanfk")
+	beelzebubCloud.client = client
+
+	//When
+	result, err := beelzebubCloud.GetHoneypotsConfigurations()
+
+	//Then
+	assert.Nil(t, result)
+	assert.Equal(t, "json: cannot unmarshal string into Go value of type []plugins.HoneypotConfigResponseDTO", err.Error())
+}
+
+func TestGetHoneypotsConfigurationsWithErrorDeserializeYaml(t *testing.T) {
+	client := resty.New()
+	httpmock.ActivateNonDefault(client.GetClient())
+	defer httpmock.DeactivateAndReset()
+
+	uri := "localhost:8081"
+
+	// Given
+	httpmock.RegisterResponder("GET", fmt.Sprintf("%s/honeypots", uri),
+		func(req *http.Request) (*http.Response, error) {
+			resp, err := httpmock.NewJsonResponse(200, &[]HoneypotConfigResponseDTO{
+				{
+					ID:      "123456",
+					Config:  "error",
+					TokenID: "1234567",
+				},
+			})
+			if err != nil {
+				return httpmock.NewStringResponse(500, ""), nil
+			}
+			return resp, nil
+		},
+	)
+
+	beelzebubCloud := InitBeelzebubCloud(uri, "sdjdnklfjndslkjanfk")
+	beelzebubCloud.client = client
+
+	//When
+	result, err := beelzebubCloud.GetHoneypotsConfigurations()
+
+	//Then
+	assert.Nil(t, result)
+	assert.Equal(t, "yaml: unmarshal errors:\n  line 1: cannot unmarshal !!str `error` into parser.BeelzebubServiceConfiguration", err.Error())
+}

plugins/llm-integration.go

@@ -0,0 +1,252 @@
+package plugins
+
+import (
+	"encoding/json"
+	"errors"
+	"fmt"
+	"github.com/go-resty/resty/v2"
+	"github.com/mariocandela/beelzebub/v3/tracer"
+	log "github.com/sirupsen/logrus"
+	"os"
+	"regexp"
+	"strings"
+)
+
+const (
+	systemPromptVirtualizeLinuxTerminal = "You will act as an Ubuntu Linux terminal. The user will type commands, and you are to reply with what the terminal should show. Your responses must be contained within a single code block. Do not provide note. Do not provide explanations or type commands unless explicitly instructed by the user. Your entire response/output is going to consist of a simple text with \n for new line, and you will NOT wrap it within string md markers"
+	systemPromptVirtualizeHTTPServer    = "You will act as an unsecure HTTP Server with multiple vulnerability like aws and git credentials stored into root http directory. The user will send HTTP requests, and you are to reply with what the server should show. Do not provide explanations or type commands unless explicitly instructed by the user."
+	LLMPluginName                       = "LLMHoneypot"
+	openAIEndpoint                      = "https://api.openai.com/v1/chat/completions"
+	ollamaEndpoint                      = "http://localhost:11434/api/chat"
+)
+
+type LLMHoneypot struct {
+	Histories    []Message
+	OpenAIKey    string
+	client       *resty.Client
+	Protocol     tracer.Protocol
+	Provider     LLMProvider
+	Model        string
+	Host         string
+	CustomPrompt string
+}
+
+type Choice struct {
+	Message      Message `json:"message"`
+	Index        int     `json:"index"`
+	FinishReason string  `json:"finish_reason"`
+}
+
+type Response struct {
+	ID      string   `json:"id"`
+	Object  string   `json:"object"`
+	Created int      `json:"created"`
+	Model   string   `json:"model"`
+	Choices []Choice `json:"choices"`
+	Message Message  `json:"message"`
+	Usage   struct {
+		PromptTokens     int `json:"prompt_tokens"`
+		CompletionTokens int `json:"completion_tokens"`
+		TotalTokens      int `json:"total_tokens"`
+	} `json:"usage"`
+}
+
+type Request struct {
+	Model    string    `json:"model"`
+	Messages []Message `json:"messages"`
+	Stream   bool      `json:"stream"`
+}
+
+type Message struct {
+	Role    string `json:"role"`
+	Content string `json:"content"`
+}
+
+type Role int
+
+const (
+	SYSTEM Role = iota
+	USER
+	ASSISTANT
+)
+
+func (role Role) String() string {
+	return [...]string{"system", "user", "assistant"}[role]
+}
+
+type LLMProvider int
+
+const (
+	Ollama LLMProvider = iota
+	OpenAI
+)
+
+func FromStringToLLMProvider(llmProvider string) (LLMProvider, error) {
+	switch strings.ToLower(llmProvider) {
+	case "ollama":
+		return Ollama, nil
+	case "openai":
+		return OpenAI, nil
+	default:
+		return -1, fmt.Errorf("provider %s not found, valid providers: ollama, openai", llmProvider)
+	}
+}
+
+func InitLLMHoneypot(config LLMHoneypot) *LLMHoneypot {
+	// Inject the dependencies
+	config.client = resty.New()
+
+	if os.Getenv("OPEN_AI_SECRET_KEY") != "" {
+		config.OpenAIKey = os.Getenv("OPEN_AI_SECRET_KEY")
+	}
+
+	return &config
+}
+
+func (llmHoneypot *LLMHoneypot) buildPrompt(command string) ([]Message, error) {
+	var messages []Message
+	var prompt string
+
+	switch llmHoneypot.Protocol {
+	case tracer.SSH:
+		prompt = systemPromptVirtualizeLinuxTerminal
+		if llmHoneypot.CustomPrompt != "" {
+			prompt = llmHoneypot.CustomPrompt
+		}
+		messages = append(messages, Message{
+			Role:    SYSTEM.String(),
+			Content: prompt,
+		})
+		messages = append(messages, Message{
+			Role:    USER.String(),
+			Content: "pwd",
+		})
+		messages = append(messages, Message{
+			Role:    ASSISTANT.String(),
+			Content: "/home/user",
+		})
+		for _, history := range llmHoneypot.Histories {
+			messages = append(messages, history)
+		}
+	case tracer.HTTP:
+		prompt = systemPromptVirtualizeHTTPServer
+		if llmHoneypot.CustomPrompt != "" {
+			prompt = llmHoneypot.CustomPrompt
+		}
+		messages = append(messages, Message{
+			Role:    SYSTEM.String(),
+			Content: prompt,
+		})
+		messages = append(messages, Message{
+			Role:    USER.String(),
+			Content: "GET /index.html",
+		})
+		messages = append(messages, Message{
+			Role:    ASSISTANT.String(),
+			Content: "<html><body>Hello, World!</body></html>",
+		})
+	default:
+		return nil, errors.New("no prompt for protocol selected")
+	}
+	messages = append(messages, Message{
+		Role:    USER.String(),
+		Content: command,
+	})
+
+	return messages, nil
+}
+
+func (llmHoneypot *LLMHoneypot) openAICaller(messages []Message) (string, error) {
+	var err error
+
+	requestJson, err := json.Marshal(Request{
+		Model:    llmHoneypot.Model,
+		Messages: messages,
+		Stream:   false,
+	})
+	if err != nil {
+		return "", err
+	}
+
+	if llmHoneypot.OpenAIKey == "" {
+		return "", errors.New("openAIKey is empty")
+	}
+
+	if llmHoneypot.Host == "" {
+		llmHoneypot.Host = openAIEndpoint
+	}
+
+	log.Debug(string(requestJson))
+	response, err := llmHoneypot.client.R().
+		SetHeader("Content-Type", "application/json").
+		SetBody(requestJson).
+		SetAuthToken(llmHoneypot.OpenAIKey).
+		SetResult(&Response{}).
+		Post(llmHoneypot.Host)
+
+	if err != nil {
+		return "", err
+	}
+	log.Debug(response)
+	if len(response.Result().(*Response).Choices) == 0 {
+		return "", errors.New("no choices")
+	}
+
+	return removeQuotes(response.Result().(*Response).Choices[0].Message.Content), nil
+}
+
+func (llmHoneypot *LLMHoneypot) ollamaCaller(messages []Message) (string, error) {
+	var err error
+
+	requestJson, err := json.Marshal(Request{
+		Model:    llmHoneypot.Model,
+		Messages: messages,
+		Stream:   false,
+	})
+	if err != nil {
+		return "", err
+	}
+
+	if llmHoneypot.Host == "" {
+		llmHoneypot.Host = ollamaEndpoint
+	}
+
+	log.Debug(string(requestJson))
+	response, err := llmHoneypot.client.R().
+		SetHeader("Content-Type", "application/json").
+		SetBody(requestJson).
+		SetResult(&Response{}).
+		Post(llmHoneypot.Host)
+
+	if err != nil {
+		return "", err
+	}
+	log.Debug(response)
+
+	return removeQuotes(response.Result().(*Response).Message.Content), nil
+}
+
+func (llmHoneypot *LLMHoneypot) ExecuteModel(command string) (string, error) {
+	var err error
+	var prompt []Message
+
+	prompt, err = llmHoneypot.buildPrompt(command)
+
+	if err != nil {
+		return "", err
+	}
+
+	switch llmHoneypot.Provider {
+	case Ollama:
+		return llmHoneypot.ollamaCaller(prompt)
+	case OpenAI:
+		return llmHoneypot.openAICaller(prompt)
+	default:
+		return "", fmt.Errorf("provider %d not found, valid providers: ollama, openai", llmHoneypot.Provider)
+	}
+}
+
+func removeQuotes(content string) string {
+	regex := regexp.MustCompile("(```( *)?([a-z]*)?(\\n)?)")
+	return regex.ReplaceAllString(content, "")
+}

plugins/llm-integration_test.go

@@ -0,0 +1,500 @@
+package plugins
+
+import (
+	"github.com/go-resty/resty/v2"
+	"github.com/jarcoal/httpmock"
+	"github.com/mariocandela/beelzebub/v3/tracer"
+	"github.com/stretchr/testify/assert"
+	"net/http"
+	"os"
+	"testing"
+)
+
+const SystemPromptLen = 4
+
+func TestBuildPromptEmptyHistory(t *testing.T) {
+	//Given
+	var histories []Message
+	command := "pwd"
+
+	honeypot := LLMHoneypot{
+		Histories: histories,
+		Protocol:  tracer.SSH,
+	}
+
+	//When
+	prompt, err := honeypot.buildPrompt(command)
+
+	//Then
+	assert.Nil(t, err)
+	assert.Equal(t, SystemPromptLen, len(prompt))
+}
+
+func TestBuildPromptWithHistory(t *testing.T) {
+	//Given
+	var histories = []Message{
+		{
+			Role:    "cat hello.txt",
+			Content: "world",
+		},
+	}
+
+	command := "pwd"
+
+	honeypot := LLMHoneypot{
+		Histories: histories,
+		Protocol:  tracer.SSH,
+	}
+
+	//When
+	prompt, err := honeypot.buildPrompt(command)
+
+	//Then
+	assert.Nil(t, err)
+	assert.Equal(t, SystemPromptLen+1, len(prompt))
+}
+
+func TestBuildPromptWithCustomPrompt(t *testing.T) {
+	//Given
+	var histories = []Message{
+		{
+			Role:    "cat hello.txt",
+			Content: "world",
+		},
+	}
+
+	command := "pwd"
+
+	honeypot := LLMHoneypot{
+		Histories:    histories,
+		Protocol:     tracer.SSH,
+		CustomPrompt: "act as calculator",
+	}
+
+	//When
+	prompt, err := honeypot.buildPrompt(command)
+
+	//Then
+	assert.Nil(t, err)
+	assert.Equal(t, prompt[0].Content, "act as calculator")
+	assert.Equal(t, prompt[0].Role, SYSTEM.String())
+}
+
+func TestBuildExecuteModelFailValidation(t *testing.T) {
+
+	llmHoneypot := LLMHoneypot{
+		Histories: make([]Message, 0),
+		OpenAIKey: "",
+		Protocol:  tracer.SSH,
+		Model:     "gpt-4o",
+		Provider:  OpenAI,
+	}
+
+	openAIGPTVirtualTerminal := InitLLMHoneypot(llmHoneypot)
+
+	_, err := openAIGPTVirtualTerminal.ExecuteModel("test")
+
+	assert.Equal(t, "openAIKey is empty", err.Error())
+}
+
+func TestBuildExecuteModelOpenAISecretKeyFromEnv(t *testing.T) {
+
+	llmHoneypot := LLMHoneypot{
+		Histories: make([]Message, 0),
+		OpenAIKey: "",
+		Protocol:  tracer.SSH,
+		Model:     "gpt-4o",
+		Provider:  OpenAI,
+	}
+
+	os.Setenv("OPEN_AI_SECRET_KEY", "sdjdnklfjndslkjanfk")
+
+	openAIGPTVirtualTerminal := InitLLMHoneypot(llmHoneypot)
+
+	assert.Equal(t, "sdjdnklfjndslkjanfk", openAIGPTVirtualTerminal.OpenAIKey)
+
+}
+
+func TestBuildExecuteModelWithCustomPrompt(t *testing.T) {
+	client := resty.New()
+	httpmock.ActivateNonDefault(client.GetClient())
+	defer httpmock.DeactivateAndReset()
+
+	// Given
+	httpmock.RegisterMatcherResponder("POST", openAIEndpoint,
+		httpmock.BodyContainsString("hello world"),
+		func(req *http.Request) (*http.Response, error) {
+			resp, err := httpmock.NewJsonResponse(200, &Response{
+				Choices: []Choice{
+					{
+						Message: Message{
+							Role:    SYSTEM.String(),
+							Content: "[default]\nregion = us-west-2\noutput = json",
+						},
+					},
+				},
+			})
+			if err != nil {
+				return httpmock.NewStringResponse(500, ""), nil
+			}
+			return resp, nil
+		},
+	)
+
+	llmHoneypot := LLMHoneypot{
+		Histories:    make([]Message, 0),
+		OpenAIKey:    "sdjdnklfjndslkjanfk",
+		Protocol:     tracer.HTTP,
+		Model:        "gpt-4o",
+		Provider:     OpenAI,
+		CustomPrompt: "hello world",
+	}
+
+	openAIGPTVirtualTerminal := InitLLMHoneypot(llmHoneypot)
+	openAIGPTVirtualTerminal.client = client
+
+	//When
+	str, err := openAIGPTVirtualTerminal.ExecuteModel("GET /.aws/credentials")
+
+	//Then
+	assert.Nil(t, err)
+	assert.Equal(t, "[default]\nregion = us-west-2\noutput = json", str)
+}
+
+func TestBuildExecuteModelFailValidationStrategyType(t *testing.T) {
+
+	llmHoneypot := LLMHoneypot{
+		Histories: make([]Message, 0),
+		OpenAIKey: "",
+		Protocol:  tracer.TCP,
+		Model:     "gpt-4o",
+		Provider:  OpenAI,
+	}
+
+	openAIGPTVirtualTerminal := InitLLMHoneypot(llmHoneypot)
+
+	_, err := openAIGPTVirtualTerminal.ExecuteModel("test")
+
+	assert.Equal(t, "no prompt for protocol selected", err.Error())
+}
+
+func TestBuildExecuteModelFailValidationModelType(t *testing.T) {
+	// Given
+	llmHoneypot := LLMHoneypot{
+		Histories: make([]Message, 0),
+		Protocol:  tracer.SSH,
+		Model:     "llama3",
+		Provider:  5,
+	}
+
+	openAIGPTVirtualTerminal := InitLLMHoneypot(llmHoneypot)
+
+	//When
+	_, err := openAIGPTVirtualTerminal.ExecuteModel("ls")
+
+	//Then
+	assert.Errorf(t, err, "no model selected")
+}
+
+func TestBuildExecuteModelSSHWithResultsOpenAI(t *testing.T) {
+	client := resty.New()
+	httpmock.ActivateNonDefault(client.GetClient())
+	defer httpmock.DeactivateAndReset()
+
+	// Given
+	httpmock.RegisterResponder("POST", openAIEndpoint,
+		func(req *http.Request) (*http.Response, error) {
+			resp, err := httpmock.NewJsonResponse(200, &Response{
+				Choices: []Choice{
+					{
+						Message: Message{
+							Role:    SYSTEM.String(),
+							Content: "prova.txt",
+						},
+					},
+				},
+			})
+			if err != nil {
+				return httpmock.NewStringResponse(500, ""), nil
+			}
+			return resp, nil
+		},
+	)
+
+	llmHoneypot := LLMHoneypot{
+		Histories: make([]Message, 0),
+		OpenAIKey: "sdjdnklfjndslkjanfk",
+		Protocol:  tracer.SSH,
+		Model:     "gpt-4o",
+		Provider:  OpenAI,
+	}
+
+	openAIGPTVirtualTerminal := InitLLMHoneypot(llmHoneypot)
+	openAIGPTVirtualTerminal.client = client
+
+	//When
+	str, err := openAIGPTVirtualTerminal.ExecuteModel("ls")
+
+	//Then
+	assert.Nil(t, err)
+	assert.Equal(t, "prova.txt", str)
+}
+
+func TestBuildExecuteModelSSHWithResultsLLama(t *testing.T) {
+	client := resty.New()
+	httpmock.ActivateNonDefault(client.GetClient())
+	defer httpmock.DeactivateAndReset()
+
+	// Given
+	httpmock.RegisterResponder("POST", ollamaEndpoint,
+		func(req *http.Request) (*http.Response, error) {
+			resp, err := httpmock.NewJsonResponse(200, &Response{
+				Message: Message{
+					Role:    SYSTEM.String(),
+					Content: "prova.txt",
+				},
+			})
+			if err != nil {
+				return httpmock.NewStringResponse(500, ""), nil
+			}
+			return resp, nil
+		},
+	)
+
+	llmHoneypot := LLMHoneypot{
+		Histories: make([]Message, 0),
+		Protocol:  tracer.SSH,
+		Model:     "llama3",
+		Provider:  Ollama,
+	}
+
+	openAIGPTVirtualTerminal := InitLLMHoneypot(llmHoneypot)
+	openAIGPTVirtualTerminal.client = client
+
+	//When
+	str, err := openAIGPTVirtualTerminal.ExecuteModel("ls")
+
+	//Then
+	assert.Nil(t, err)
+	assert.Equal(t, "prova.txt", str)
+}
+
+func TestBuildExecuteModelSSHWithoutResults(t *testing.T) {
+	client := resty.New()
+	httpmock.ActivateNonDefault(client.GetClient())
+	defer httpmock.DeactivateAndReset()
+
+	// Given
+	httpmock.RegisterResponder("POST", openAIEndpoint,
+		func(req *http.Request) (*http.Response, error) {
+			resp, err := httpmock.NewJsonResponse(200, &Response{
+				Choices: []Choice{},
+			})
+			if err != nil {
+				return httpmock.NewStringResponse(500, ""), nil
+			}
+			return resp, nil
+		},
+	)
+
+	llmHoneypot := LLMHoneypot{
+		Histories: make([]Message, 0),
+		OpenAIKey: "sdjdnklfjndslkjanfk",
+		Protocol:  tracer.SSH,
+		Model:     "gpt-4o",
+		Provider:  OpenAI,
+	}
+
+	openAIGPTVirtualTerminal := InitLLMHoneypot(llmHoneypot)
+	openAIGPTVirtualTerminal.client = client
+
+	//When
+	_, err := openAIGPTVirtualTerminal.ExecuteModel("ls")
+
+	//Then
+	assert.Equal(t, "no choices", err.Error())
+}
+
+func TestBuildExecuteModelHTTPWithResults(t *testing.T) {
+	client := resty.New()
+	httpmock.ActivateNonDefault(client.GetClient())
+	defer httpmock.DeactivateAndReset()
+
+	// Given
+	httpmock.RegisterResponder("POST", openAIEndpoint,
+		func(req *http.Request) (*http.Response, error) {
+			resp, err := httpmock.NewJsonResponse(200, &Response{
+				Choices: []Choice{
+					{
+						Message: Message{
+							Role:    SYSTEM.String(),
+							Content: "[default]\nregion = us-west-2\noutput = json",
+						},
+					},
+				},
+			})
+			if err != nil {
+				return httpmock.NewStringResponse(500, ""), nil
+			}
+			return resp, nil
+		},
+	)
+
+	llmHoneypot := LLMHoneypot{
+		Histories: make([]Message, 0),
+		OpenAIKey: "sdjdnklfjndslkjanfk",
+		Protocol:  tracer.HTTP,
+		Model:     "gpt-4o",
+		Provider:  OpenAI,
+	}
+
+	openAIGPTVirtualTerminal := InitLLMHoneypot(llmHoneypot)
+	openAIGPTVirtualTerminal.client = client
+
+	//When
+	str, err := openAIGPTVirtualTerminal.ExecuteModel("GET /.aws/credentials")
+
+	//Then
+	assert.Nil(t, err)
+	assert.Equal(t, "[default]\nregion = us-west-2\noutput = json", str)
+}
+
+func TestBuildExecuteModelHTTPWithoutResults(t *testing.T) {
+	client := resty.New()
+	httpmock.ActivateNonDefault(client.GetClient())
+	defer httpmock.DeactivateAndReset()
+
+	// Given
+	httpmock.RegisterResponder("POST", openAIEndpoint,
+		func(req *http.Request) (*http.Response, error) {
+			resp, err := httpmock.NewJsonResponse(200, &Response{
+				Choices: []Choice{},
+			})
+			if err != nil {
+				return httpmock.NewStringResponse(500, ""), nil
+			}
+			return resp, nil
+		},
+	)
+
+	llmHoneypot := LLMHoneypot{
+		Histories: make([]Message, 0),
+		OpenAIKey: "sdjdnklfjndslkjanfk",
+		Protocol:  tracer.HTTP,
+		Model:     "gpt-4o",
+		Provider:  OpenAI,
+	}
+
+	openAIGPTVirtualTerminal := InitLLMHoneypot(llmHoneypot)
+	openAIGPTVirtualTerminal.client = client
+
+	//When
+	_, err := openAIGPTVirtualTerminal.ExecuteModel("GET /.aws/credentials")
+
+	//Then
+	assert.Equal(t, "no choices", err.Error())
+}
+
+func TestFromString(t *testing.T) {
+	model, err := FromStringToLLMProvider("openai")
+	assert.Nil(t, err)
+	assert.Equal(t, OpenAI, model)
+
+	model, err = FromStringToLLMProvider("ollama")
+	assert.Nil(t, err)
+	assert.Equal(t, Ollama, model)
+
+	model, err = FromStringToLLMProvider("beelzebub-model")
+	assert.Errorf(t, err, "provider beelzebub-model not found")
+}
+
+func TestBuildExecuteModelSSHWithoutPlaintextSection(t *testing.T) {
+	client := resty.New()
+	httpmock.ActivateNonDefault(client.GetClient())
+	defer httpmock.DeactivateAndReset()
+
+	// Given
+	httpmock.RegisterResponder("POST", ollamaEndpoint,
+		func(req *http.Request) (*http.Response, error) {
+			resp, err := httpmock.NewJsonResponse(200, &Response{
+				Message: Message{
+					Role:    SYSTEM.String(),
+					Content: "```plaintext\n```\n",
+				},
+			})
+			if err != nil {
+				return httpmock.NewStringResponse(500, ""), nil
+			}
+			return resp, nil
+		},
+	)
+
+	llmHoneypot := LLMHoneypot{
+		Histories: make([]Message, 0),
+		Protocol:  tracer.SSH,
+		Model:     "llama3",
+	}
+
+	openAIGPTVirtualTerminal := InitLLMHoneypot(llmHoneypot)
+	openAIGPTVirtualTerminal.client = client
+
+	//When
+	str, err := openAIGPTVirtualTerminal.ExecuteModel("ls")
+
+	//Then
+	assert.Nil(t, err)
+	assert.Equal(t, "", str)
+}
+
+func TestBuildExecuteModelSSHWithoutQuotesSection(t *testing.T) {
+	client := resty.New()
+	httpmock.ActivateNonDefault(client.GetClient())
+	defer httpmock.DeactivateAndReset()
+
+	// Given
+	httpmock.RegisterResponder("POST", ollamaEndpoint,
+		func(req *http.Request) (*http.Response, error) {
+			resp, err := httpmock.NewJsonResponse(200, &Response{
+				Message: Message{
+					Role:    SYSTEM.String(),
+					Content: "```\n```\n",
+				},
+			})
+			if err != nil {
+				return httpmock.NewStringResponse(500, ""), nil
+			}
+			return resp, nil
+		},
+	)
+
+	llmHoneypot := LLMHoneypot{
+		Histories: make([]Message, 0),
+		Protocol:  tracer.SSH,
+		Model:     "llama3",
+		Provider:  Ollama,
+	}
+
+	openAIGPTVirtualTerminal := InitLLMHoneypot(llmHoneypot)
+	openAIGPTVirtualTerminal.client = client
+
+	//When
+	str, err := openAIGPTVirtualTerminal.ExecuteModel("ls")
+
+	//Then
+	assert.Nil(t, err)
+	assert.Equal(t, "", str)
+}
+
+func TestRemoveQuotes(t *testing.T) {
+	plaintext := "```plaintext\n```"
+	bash := "```bash\n```"
+	onlyQuotes := "```\n```"
+	complexText := "```plaintext\ntop - 10:30:48 up 1 day,  4:30,  2 users,  load average: 0.15, 0.10, 0.08\nTasks: 198 total,   1 running, 197 sleeping,   0 stopped,   0 zombie\n```"
+	complexText2 := "```\ntop - 15:06:59 up 10 days,  3:17,  1 user,  load average: 0.10, 0.09, 0.08\nTasks: 285 total\n```"
+
+	assert.Equal(t, "", removeQuotes(plaintext))
+	assert.Equal(t, "", removeQuotes(bash))
+	assert.Equal(t, "", removeQuotes(onlyQuotes))
+	assert.Equal(t, "top - 10:30:48 up 1 day,  4:30,  2 users,  load average: 0.15, 0.10, 0.08\nTasks: 198 total,   1 running, 197 sleeping,   0 stopped,   0 zombie\n", removeQuotes(complexText))
+	assert.Equal(t, "top - 15:06:59 up 10 days,  3:17,  1 user,  load average: 0.10, 0.09, 0.08\nTasks: 285 total\n", removeQuotes(complexText2))
+}

plugins/openai-gpt.go

@@ -1,119 +0,0 @@
-package plugins
-
-import (
-	"encoding/json"
-	"errors"
-	"fmt"
-	"strings"
-
-	log "github.com/sirupsen/logrus"
-
-	"github.com/go-resty/resty/v2"
-)
-
-const (
-	// Reference: https://www.engraved.blog/building-a-virtual-machine-inside/
-	promptVirtualizeLinuxTerminal = "I want you to act as a Linux terminal. I will type commands and you will reply with what the terminal should show. I want you to only reply with the terminal output inside one unique code block, and nothing else. Do no write explanations. Do not type commands unless I instruct you to do so.\n\nA:pwd\n\nQ:/home/user\n\n"
-	ChatGPTPluginName             = "OpenAIGPTLinuxTerminal"
-	openAIGPTEndpoint             = "https://api.openai.com/v1/completions"
-)
-
-type History struct {
-	Input, Output string
-}
-
-type openAIGPTVirtualTerminal struct {
-	Histories []History
-	openAIKey string
-	client    *resty.Client
-}
-
-type Choice struct {
-	Text         string      `json:"text"`
-	Index        int         `json:"index"`
-	Logprobs     interface{} `json:"logprobs"`
-	FinishReason string      `json:"finish_reason"`
-}
-
-type gptResponse struct {
-	ID      string   `json:"id"`
-	Object  string   `json:"object"`
-	Created int      `json:"created"`
-	Model   string   `json:"model"`
-	Choices []Choice `json:"choices"`
-	Usage   struct {
-		PromptTokens     int `json:"prompt_tokens"`
-		CompletionTokens int `json:"completion_tokens"`
-		TotalTokens      int `json:"total_tokens"`
-	} `json:"usage"`
-}
-
-type gptRequest struct {
-	Model            string   `json:"model"`
-	Prompt           string   `json:"prompt"`
-	Temperature      int      `json:"temperature"`
-	MaxTokens        int      `json:"max_tokens"`
-	TopP             int      `json:"top_p"`
-	FrequencyPenalty int      `json:"frequency_penalty"`
-	PresencePenalty  int      `json:"presence_penalty"`
-	Stop             []string `json:"stop"`
-}
-
-func Init(history []History, openAIKey string) *openAIGPTVirtualTerminal {
-	return &openAIGPTVirtualTerminal{
-		Histories: history,
-		openAIKey: openAIKey,
-		client:    resty.New(),
-	}
-}
-
-func buildPrompt(histories []History, command string) string {
-	var sb strings.Builder
-
-	sb.WriteString(promptVirtualizeLinuxTerminal)
-
-	for _, history := range histories {
-		sb.WriteString(fmt.Sprintf("A:%s\n\nQ:%s\n\n", history.Input, history.Output))
-	}
-	// Append command to evaluate
-	sb.WriteString(fmt.Sprintf("A:%s\n\nQ:", command))
-
-	return sb.String()
-}
-
-func (openAIGPTVirtualTerminal *openAIGPTVirtualTerminal) GetCompletions(command string) (string, error) {
-	requestJson, err := json.Marshal(gptRequest{
-		Model:            "text-davinci-003",
-		Prompt:           buildPrompt(openAIGPTVirtualTerminal.Histories, command),
-		Temperature:      0,
-		MaxTokens:        100,
-		TopP:             1,
-		FrequencyPenalty: 0,
-		PresencePenalty:  0,
-		Stop:             []string{"\n"},
-	})
-	if err != nil {
-		return "", err
-	}
-
-	if openAIGPTVirtualTerminal.openAIKey == "" {
-		return "", errors.New("openAIKey is empty")
-	}
-
-	response, err := openAIGPTVirtualTerminal.client.R().
-		SetHeader("Content-Type", "application/json").
-		SetBody(requestJson).
-		SetAuthToken(openAIGPTVirtualTerminal.openAIKey).
-		SetResult(&gptResponse{}).
-		Post(openAIGPTEndpoint)
-
-	if err != nil {
-		return "", err
-	}
-	log.Debug(response)
-	if len(response.Result().(*gptResponse).Choices) == 0 {
-		return "", errors.New("no choices")
-	}
-
-	return response.Result().(*gptResponse).Choices[0].Text, nil
-}

plugins/openai-gpt_test.go

@@ -1,116 +0,0 @@
-package plugins
-
-import (
-	"github.com/go-resty/resty/v2"
-	"github.com/jarcoal/httpmock"
-	"github.com/stretchr/testify/assert"
-	"net/http"
-	"testing"
-)
-
-func TestBuildPromptEmptyHistory(t *testing.T) {
-	//Given
-	var histories []History
-	command := "pwd"
-
-	//When
-	prompt := buildPrompt(histories, command)
-
-	//Then
-	assert.Equal(t,
-		"I want you to act as a Linux terminal. I will type commands and you will reply with what the terminal should show. I want you to only reply with the terminal output inside one unique code block, and nothing else. Do no write explanations. Do not type commands unless I instruct you to do so.\n\nA:pwd\n\nQ:/home/user\n\nA:pwd\n\nQ:",
-		prompt)
-}
-
-func TestBuildPromptWithHistory(t *testing.T) {
-	//Given
-	var histories = []History{
-		{
-			Input:  "cat hello.txt",
-			Output: "world",
-		},
-		{
-			Input:  "echo 1234",
-			Output: "1234",
-		},
-	}
-
-	command := "pwd"
-
-	//When
-	prompt := buildPrompt(histories, command)
-
-	//Then
-	assert.Equal(t,
-		"I want you to act as a Linux terminal. I will type commands and you will reply with what the terminal should show. I want you to only reply with the terminal output inside one unique code block, and nothing else. Do no write explanations. Do not type commands unless I instruct you to do so.\n\nA:pwd\n\nQ:/home/user\n\nA:cat hello.txt\n\nQ:world\n\nA:echo 1234\n\nQ:1234\n\nA:pwd\n\nQ:",
-		prompt)
-}
-
-func TestBuildGetCompletionsFailValidation(t *testing.T) {
-	openAIGPTVirtualTerminal := Init(make([]History, 0), "")
-
-	_, err := openAIGPTVirtualTerminal.GetCompletions("test")
-
-	assert.Equal(t, "openAIKey is empty", err.Error())
-}
-
-func TestBuildGetCompletionsWithResults(t *testing.T) {
-	client := resty.New()
-	httpmock.ActivateNonDefault(client.GetClient())
-	defer httpmock.DeactivateAndReset()
-
-	// Given
-	httpmock.RegisterResponder("POST", openAIGPTEndpoint,
-		func(req *http.Request) (*http.Response, error) {
-			resp, err := httpmock.NewJsonResponse(200, &gptResponse{
-				Choices: []Choice{
-					{
-						Text: "prova.txt",
-					},
-				},
-			})
-			if err != nil {
-				return httpmock.NewStringResponse(500, ""), nil
-			}
-			return resp, nil
-		},
-	)
-
-	openAIGPTVirtualTerminal := Init(make([]History, 0), "sdjdnklfjndslkjanfk")
-	openAIGPTVirtualTerminal.client = client
-
-	//When
-	str, err := openAIGPTVirtualTerminal.GetCompletions("ls")
-
-	//Then
-	assert.Nil(t, err)
-	assert.Equal(t, "prova.txt", str)
-}
-
-func TestBuildGetCompletionsWithoutResults(t *testing.T) {
-	client := resty.New()
-	httpmock.ActivateNonDefault(client.GetClient())
-	defer httpmock.DeactivateAndReset()
-
-	// Given
-	httpmock.RegisterResponder("POST", openAIGPTEndpoint,
-		func(req *http.Request) (*http.Response, error) {
-			resp, err := httpmock.NewJsonResponse(200, &gptResponse{
-				Choices: []Choice{},
-			})
-			if err != nil {
-				return httpmock.NewStringResponse(500, ""), nil
-			}
-			return resp, nil
-		},
-	)
-
-	openAIGPTVirtualTerminal := Init(make([]History, 0), "sdjdnklfjndslkjanfk")
-	openAIGPTVirtualTerminal.client = client
-
-	//When
-	_, err := openAIGPTVirtualTerminal.GetCompletions("ls")
-
-	//Then
-	assert.Equal(t, "no choices", err.Error())
-}

protocols/strategies/HTTP/http.go

@@ -0,0 +1,179 @@
+package HTTP
+
+import (
+	"fmt"
+	"io"
+	"net"
+	"net/http"
+	"strings"
+
+	"github.com/mariocandela/beelzebub/v3/parser"
+	"github.com/mariocandela/beelzebub/v3/plugins"
+	"github.com/mariocandela/beelzebub/v3/tracer"
+
+	"github.com/google/uuid"
+	log "github.com/sirupsen/logrus"
+)
+
+type HTTPStrategy struct{}
+
+type httpResponse struct {
+	StatusCode int
+	Headers    []string
+	Body       string
+}
+
+func (httpStrategy HTTPStrategy) Init(servConf parser.BeelzebubServiceConfiguration, tr tracer.Tracer) error {
+	serverMux := http.NewServeMux()
+
+	serverMux.HandleFunc("/", func(responseWriter http.ResponseWriter, request *http.Request) {
+		var matched bool
+		var resp httpResponse
+		var err error
+		for _, command := range servConf.Commands {
+			var err error
+			matched = command.Regex.MatchString(request.RequestURI)
+			if matched {
+				resp, err = buildHTTPResponse(servConf, tr, command, request)
+				if err != nil {
+					log.Errorf("error building http response: %s: %v", request.RequestURI, err)
+					resp.StatusCode = 500
+					resp.Body = "500 Internal Server Error"
+				}
+				break
+			}
+		}
+		// If none of the main commands matched, and we have a fallback command configured, process it here.
+		// The regexp is ignored for fallback commands, as they are catch-all for any request.
+		if !matched {
+			command := servConf.FallbackCommand
+			if command.Handler != "" || command.Plugin != "" {
+				resp, err = buildHTTPResponse(servConf, tr, command, request)
+				if err != nil {
+					log.Errorf("error building http response: %s: %v", request.RequestURI, err)
+					resp.StatusCode = 500
+					resp.Body = "500 Internal Server Error"
+				}
+			}
+		}
+		setResponseHeaders(responseWriter, resp.Headers, resp.StatusCode)
+		fmt.Fprint(responseWriter, resp.Body)
+
+	})
+	go func() {
+		var err error
+		// Launch a TLS supporting server if we are supplied a TLS Key and Certificate.
+		// If relative paths are supplied, they are relative to the CWD of the binary.
+		// The can be self-signed, only the client will validate this (or not).
+		if servConf.TLSKeyPath != "" && servConf.TLSCertPath != "" {
+			err = http.ListenAndServeTLS(servConf.Address, servConf.TLSCertPath, servConf.TLSKeyPath, serverMux)
+		} else {
+			err = http.ListenAndServe(servConf.Address, serverMux)
+		}
+		if err != nil {
+			log.Errorf("error during init HTTP Protocol: %v", err)
+			return
+		}
+	}()
+
+	log.WithFields(log.Fields{
+		"port":     servConf.Address,
+		"commands": len(servConf.Commands),
+	}).Infof("Init service: %s", servConf.Description)
+	return nil
+}
+
+func buildHTTPResponse(servConf parser.BeelzebubServiceConfiguration, tr tracer.Tracer, command parser.Command, request *http.Request) (httpResponse, error) {
+	resp := httpResponse{
+		Body:       command.Handler,
+		Headers:    command.Headers,
+		StatusCode: command.StatusCode,
+	}
+	traceRequest(request, tr, command, servConf.Description)
+
+	if command.Plugin == plugins.LLMPluginName {
+		llmProvider, err := plugins.FromStringToLLMProvider(servConf.Plugin.LLMProvider)
+		if err != nil {
+			log.Errorf("error: %v", err)
+			resp.Body = "404 Not Found!"
+			return resp, err
+		}
+
+		llmHoneypot := plugins.LLMHoneypot{
+			Histories:    make([]plugins.Message, 0),
+			OpenAIKey:    servConf.Plugin.OpenAISecretKey,
+			Protocol:     tracer.HTTP,
+			Host:         servConf.Plugin.Host,
+			Model:        servConf.Plugin.LLMModel,
+			Provider:     llmProvider,
+			CustomPrompt: servConf.Plugin.Prompt,
+		}
+		llmHoneypotInstance := plugins.InitLLMHoneypot(llmHoneypot)
+		command := fmt.Sprintf("%s %s", request.Method, request.RequestURI)
+
+		completions, err := llmHoneypotInstance.ExecuteModel(command)
+		if err != nil {
+			resp.Body = "404 Not Found!"
+			return resp, fmt.Errorf("ExecuteModel error: %s, %v", command, err)
+		}
+		resp.Body = completions
+	}
+	return resp, nil
+}
+
+func traceRequest(request *http.Request, tr tracer.Tracer, command parser.Command, HoneypotDescription string) {
+	bodyBytes, err := io.ReadAll(request.Body)
+	body := ""
+	if err == nil {
+		body = string(bodyBytes)
+	}
+	host, port, _ := net.SplitHostPort(request.RemoteAddr)
+
+	event := tracer.Event{
+		Msg:             "HTTP New request",
+		RequestURI:      request.RequestURI,
+		Protocol:        tracer.HTTP.String(),
+		HTTPMethod:      request.Method,
+		Body:            body,
+		HostHTTPRequest: request.Host,
+		UserAgent:       request.UserAgent(),
+		Cookies:         mapCookiesToString(request.Cookies()),
+		Headers:         request.Header,
+		Status:          tracer.Stateless.String(),
+		RemoteAddr:      request.RemoteAddr,
+		SourceIp:        host,
+		SourcePort:      port,
+		ID:              uuid.New().String(),
+		Description:     HoneypotDescription,
+		Handler:         command.Name,
+	}
+	// Capture the TLS details from the request, if provided.
+	if request.TLS != nil {
+		event.Msg = "HTTPS New Request"
+		event.TLSServerName = request.TLS.ServerName
+	}
+	tr.TraceEvent(event)
+}
+
+func mapCookiesToString(cookies []*http.Cookie) string {
+	cookiesString := ""
+
+	for _, cookie := range cookies {
+		cookiesString += cookie.String()
+	}
+
+	return cookiesString
+}
+
+func setResponseHeaders(responseWriter http.ResponseWriter, headers []string, statusCode int) {
+	for _, headerStr := range headers {
+		keyValue := strings.Split(headerStr, ":")
+		if len(keyValue) > 1 {
+			responseWriter.Header().Add(keyValue[0], keyValue[1])
+		}
+	}
+	// http.StatusText(statusCode): empty string if the code is unknown.
+	if len(http.StatusText(statusCode)) > 0 {
+		responseWriter.WriteHeader(statusCode)
+	}
+}

protocols/strategies/SSH/ssh.go

@@ -0,0 +1,225 @@
+package SSH
+
+import (
+	"fmt"
+	"net"
+	"regexp"
+	"strings"
+	"time"
+
+	"github.com/mariocandela/beelzebub/v3/historystore"
+	"github.com/mariocandela/beelzebub/v3/parser"
+	"github.com/mariocandela/beelzebub/v3/plugins"
+	"github.com/mariocandela/beelzebub/v3/tracer"
+
+	"github.com/gliderlabs/ssh"
+	"github.com/google/uuid"
+	log "github.com/sirupsen/logrus"
+	"golang.org/x/term"
+)
+
+type SSHStrategy struct {
+	Sessions *historystore.HistoryStore
+}
+
+func (sshStrategy *SSHStrategy) Init(servConf parser.BeelzebubServiceConfiguration, tr tracer.Tracer) error {
+	if sshStrategy.Sessions == nil {
+		sshStrategy.Sessions = historystore.NewHistoryStore()
+	}
+	go sshStrategy.Sessions.HistoryCleaner()
+	go func() {
+		server := &ssh.Server{
+			Addr:        servConf.Address,
+			MaxTimeout:  time.Duration(servConf.DeadlineTimeoutSeconds) * time.Second,
+			IdleTimeout: time.Duration(servConf.DeadlineTimeoutSeconds) * time.Second,
+			Version:     servConf.ServerVersion,
+			Handler: func(sess ssh.Session) {
+				uuidSession := uuid.New()
+
+				host, port, _ := net.SplitHostPort(sess.RemoteAddr().String())
+				sessionKey := "SSH" + host + sess.User()
+
+				// Inline SSH command
+				if sess.RawCommand() != "" {
+					var histories []plugins.Message
+					if sshStrategy.Sessions.HasKey(sessionKey) {
+						histories = sshStrategy.Sessions.Query(sessionKey)
+					}
+					for _, command := range servConf.Commands {
+						if command.Regex.MatchString(sess.RawCommand()) {
+							commandOutput := command.Handler
+							if command.Plugin == plugins.LLMPluginName {
+								llmProvider, err := plugins.FromStringToLLMProvider(servConf.Plugin.LLMProvider)
+								if err != nil {
+									log.Errorf("error: %s", err.Error())
+									commandOutput = "command not found"
+									llmProvider = plugins.OpenAI
+								}
+								llmHoneypot := plugins.LLMHoneypot{
+									Histories:    histories,
+									OpenAIKey:    servConf.Plugin.OpenAISecretKey,
+									Protocol:     tracer.SSH,
+									Host:         servConf.Plugin.Host,
+									Model:        servConf.Plugin.LLMModel,
+									Provider:     llmProvider,
+									CustomPrompt: servConf.Plugin.Prompt,
+								}
+								llmHoneypotInstance := plugins.InitLLMHoneypot(llmHoneypot)
+								if commandOutput, err = llmHoneypotInstance.ExecuteModel(sess.RawCommand()); err != nil {
+									log.Errorf("error ExecuteModel: %s, %s", sess.RawCommand(), err.Error())
+									commandOutput = "command not found"
+								}
+							}
+							var newEntries []plugins.Message
+							newEntries = append(newEntries, plugins.Message{Role: plugins.USER.String(), Content: sess.RawCommand()})
+							newEntries = append(newEntries, plugins.Message{Role: plugins.ASSISTANT.String(), Content: commandOutput})
+							// Append the new entries to the store.
+							sshStrategy.Sessions.Append(sessionKey, newEntries...)
+
+							sess.Write(append([]byte(commandOutput), '\n'))
+
+							tr.TraceEvent(tracer.Event{
+								Msg:           "SSH Raw Command",
+								Protocol:      tracer.SSH.String(),
+								RemoteAddr:    sess.RemoteAddr().String(),
+								SourceIp:      host,
+								SourcePort:    port,
+								Status:        tracer.Start.String(),
+								ID:            uuidSession.String(),
+								Environ:       strings.Join(sess.Environ(), ","),
+								User:          sess.User(),
+								Description:   servConf.Description,
+								Command:       sess.RawCommand(),
+								CommandOutput: commandOutput,
+								Handler:       command.Name,
+							})
+							return
+						}
+					}
+				}
+
+				tr.TraceEvent(tracer.Event{
+					Msg:         "New SSH Terminal Session",
+					Protocol:    tracer.SSH.String(),
+					RemoteAddr:  sess.RemoteAddr().String(),
+					SourceIp:    host,
+					SourcePort:  port,
+					Status:      tracer.Start.String(),
+					ID:          uuidSession.String(),
+					Environ:     strings.Join(sess.Environ(), ","),
+					User:        sess.User(),
+					Description: servConf.Description,
+				})
+
+				terminal := term.NewTerminal(sess, buildPrompt(sess.User(), servConf.ServerName))
+				var histories []plugins.Message
+				if sshStrategy.Sessions.HasKey(sessionKey) {
+					histories = sshStrategy.Sessions.Query(sessionKey)
+				}
+
+				for {
+					commandInput, err := terminal.ReadLine()
+					if err != nil {
+						break
+					}
+					if commandInput == "exit" {
+						break
+					}
+					for _, command := range servConf.Commands {
+						if command.Regex.MatchString(commandInput) {
+							commandOutput := command.Handler
+							if command.Plugin == plugins.LLMPluginName {
+								llmProvider, err := plugins.FromStringToLLMProvider(servConf.Plugin.LLMProvider)
+								if err != nil {
+									log.Errorf("error: %s, fallback OpenAI", err.Error())
+									llmProvider = plugins.OpenAI
+								}
+								llmHoneypot := plugins.LLMHoneypot{
+									Histories:    histories,
+									OpenAIKey:    servConf.Plugin.OpenAISecretKey,
+									Protocol:     tracer.SSH,
+									Host:         servConf.Plugin.Host,
+									Model:        servConf.Plugin.LLMModel,
+									Provider:     llmProvider,
+									CustomPrompt: servConf.Plugin.Prompt,
+								}
+								llmHoneypotInstance := plugins.InitLLMHoneypot(llmHoneypot)
+								if commandOutput, err = llmHoneypotInstance.ExecuteModel(commandInput); err != nil {
+									log.Errorf("error ExecuteModel: %s, %s", commandInput, err.Error())
+									commandOutput = "command not found"
+								}
+							}
+							var newEntries []plugins.Message
+							newEntries = append(newEntries, plugins.Message{Role: plugins.USER.String(), Content: commandInput})
+							newEntries = append(newEntries, plugins.Message{Role: plugins.ASSISTANT.String(), Content: commandOutput})
+							// Stash the new entries to the store, and update the history for this running session.
+							sshStrategy.Sessions.Append(sessionKey, newEntries...)
+							histories = append(histories, newEntries...)
+
+							terminal.Write(append([]byte(commandOutput), '\n'))
+
+							tr.TraceEvent(tracer.Event{
+								Msg:           "SSH Terminal Session Interaction",
+								RemoteAddr:    sess.RemoteAddr().String(),
+								SourceIp:      host,
+								SourcePort:    port,
+								Status:        tracer.Interaction.String(),
+								Command:       commandInput,
+								CommandOutput: commandOutput,
+								ID:            uuidSession.String(),
+								Protocol:      tracer.SSH.String(),
+								Description:   servConf.Description,
+								Handler:       command.Name,
+							})
+							break // Inner range over commands.
+						}
+					}
+				}
+
+				tr.TraceEvent(tracer.Event{
+					Msg:      "End SSH Session",
+					Status:   tracer.End.String(),
+					ID:       uuidSession.String(),
+					Protocol: tracer.SSH.String(),
+				})
+			},
+			PasswordHandler: func(ctx ssh.Context, password string) bool {
+				host, port, _ := net.SplitHostPort(ctx.RemoteAddr().String())
+
+				tr.TraceEvent(tracer.Event{
+					Msg:         "New SSH Login Attempt",
+					Protocol:    tracer.SSH.String(),
+					Status:      tracer.Stateless.String(),
+					User:        ctx.User(),
+					Password:    password,
+					Client:      ctx.ClientVersion(),
+					RemoteAddr:  ctx.RemoteAddr().String(),
+					SourceIp:    host,
+					SourcePort:  port,
+					ID:          uuid.New().String(),
+					Description: servConf.Description,
+				})
+				matched, err := regexp.MatchString(servConf.PasswordRegex, password)
+				if err != nil {
+					log.Errorf("error regex: %s, %s", servConf.PasswordRegex, err.Error())
+					return false
+				}
+				return matched
+			},
+		}
+		err := server.ListenAndServe()
+		if err != nil {
+			log.Errorf("error during init SSH Protocol: %s", err.Error())
+		}
+	}()
+
+	log.WithFields(log.Fields{
+		"port":     servConf.Address,
+		"commands": len(servConf.Commands),
+	}).Infof("GetInstance service %s", servConf.Protocol)
+	return nil
+}
+
+func buildPrompt(user string, serverName string) string {
+	return fmt.Sprintf("%s@%s:~$ ", user, serverName)
+}

protocols/strategies/TCP/tcp.go

@@ -1,12 +1,13 @@
-package strategies
+package TCP
 
 import (
 	"fmt"
-	"github.com/mariocandela/beelzebub/v3/parser"
-	"github.com/mariocandela/beelzebub/v3/tracer"
 	"net"
 	"time"
 
+	"github.com/mariocandela/beelzebub/v3/parser"
+	"github.com/mariocandela/beelzebub/v3/tracer"
+
 	"github.com/google/uuid"
 	log "github.com/sirupsen/logrus"
 )
@@ -14,8 +15,8 @@ import (
 type TCPStrategy struct {
 }
 
-func (tcpStrategy *TCPStrategy) Init(beelzebubServiceConfiguration parser.BeelzebubServiceConfiguration, tr tracer.Tracer) error {
-	listen, err := net.Listen("tcp", beelzebubServiceConfiguration.Address)
+func (tcpStrategy *TCPStrategy) Init(servConf parser.BeelzebubServiceConfiguration, tr tracer.Tracer) error {
+	listen, err := net.Listen("tcp", servConf.Address)
 	if err != nil {
 		log.Errorf("Error during init TCP Protocol: %s", err.Error())
 		return err
@@ -25,8 +26,8 @@ func (tcpStrategy *TCPStrategy) Init(beelzebubServiceConfiguration parser.Beelze
 		for {
 			if conn, err := listen.Accept(); err == nil {
 				go func() {
-					conn.SetDeadline(time.Now().Add(time.Duration(beelzebubServiceConfiguration.DeadlineTimeoutSeconds) * time.Second))
-					conn.Write([]byte(fmt.Sprintf("%s\n", beelzebubServiceConfiguration.Banner)))
+					conn.SetDeadline(time.Now().Add(time.Duration(servConf.DeadlineTimeoutSeconds) * time.Second))
+					conn.Write(fmt.Appendf([]byte{}, "%s\n", servConf.Banner))
 
 					buffer := make([]byte, 1024)
 					command := ""
@@ -35,14 +36,18 @@ func (tcpStrategy *TCPStrategy) Init(beelzebubServiceConfiguration parser.Beelze
 						command = string(buffer[:n])
 					}
 
+					host, port, _ := net.SplitHostPort(conn.RemoteAddr().String())
+
 					tr.TraceEvent(tracer.Event{
 						Msg:         "New TCP attempt",
 						Protocol:    tracer.TCP.String(),
 						Command:     command,
 						Status:      tracer.Stateless.String(),
 						RemoteAddr:  conn.RemoteAddr().String(),
+						SourceIp:    host,
+						SourcePort:  port,
 						ID:          uuid.New().String(),
-						Description: beelzebubServiceConfiguration.Description,
+						Description: servConf.Description,
 					})
 					conn.Close()
 				}()
@@ -51,8 +56,8 @@ func (tcpStrategy *TCPStrategy) Init(beelzebubServiceConfiguration parser.Beelze
 	}()
 
 	log.WithFields(log.Fields{
-		"port":   beelzebubServiceConfiguration.Address,
-		"banner": beelzebubServiceConfiguration.Banner,
-	}).Infof("Init service %s", beelzebubServiceConfiguration.Protocol)
+		"port":   servConf.Address,
+		"banner": servConf.Banner,
+	}).Infof("Init service %s", servConf.Protocol)
 	return nil
 }

protocols/strategies/http.go

@@ -1,111 +0,0 @@
-package strategies
-
-import (
-	"fmt"
-	"github.com/mariocandela/beelzebub/v3/parser"
-	"github.com/mariocandela/beelzebub/v3/tracer"
-	"io"
-	"net/http"
-	"regexp"
-	"strings"
-
-	"github.com/google/uuid"
-	log "github.com/sirupsen/logrus"
-)
-
-type HTTPStrategy struct {
-	beelzebubServiceConfiguration parser.BeelzebubServiceConfiguration
-}
-
-func (httpStrategy HTTPStrategy) Init(beelzebubServiceConfiguration parser.BeelzebubServiceConfiguration, tr tracer.Tracer) error {
-	httpStrategy.beelzebubServiceConfiguration = beelzebubServiceConfiguration
-	serverMux := http.NewServeMux()
-
-	serverMux.HandleFunc("/", func(responseWriter http.ResponseWriter, request *http.Request) {
-		traceRequest(request, tr, beelzebubServiceConfiguration.Description)
-		for _, command := range httpStrategy.beelzebubServiceConfiguration.Commands {
-			matched, err := regexp.MatchString(command.Regex, request.RequestURI)
-			if err != nil {
-				log.Errorf("Error regex: %s, %s", command.Regex, err.Error())
-				continue
-			}
-
-			if matched {
-				setResponseHeaders(responseWriter, command.Headers, command.StatusCode)
-				fmt.Fprintf(responseWriter, command.Handler)
-				break
-			}
-		}
-	})
-	go func() {
-		err := http.ListenAndServe(httpStrategy.beelzebubServiceConfiguration.Address, serverMux)
-		if err != nil {
-			log.Errorf("Error during init HTTP Protocol: %s", err.Error())
-			return
-		}
-	}()
-
-	log.WithFields(log.Fields{
-		"port":     beelzebubServiceConfiguration.Address,
-		"commands": len(beelzebubServiceConfiguration.Commands),
-	}).Infof("Init service: %s", beelzebubServiceConfiguration.Description)
-	return nil
-}
-
-func traceRequest(request *http.Request, tr tracer.Tracer, HoneypotDescription string) {
-	bodyBytes, err := io.ReadAll(request.Body)
-	body := ""
-	if err == nil {
-		body = string(bodyBytes)
-	}
-	tr.TraceEvent(tracer.Event{
-		Msg:             "HTTP New request",
-		RequestURI:      request.RequestURI,
-		Protocol:        tracer.HTTP.String(),
-		HTTPMethod:      request.Method,
-		Body:            body,
-		HostHTTPRequest: request.Host,
-		UserAgent:       request.UserAgent(),
-		Cookies:         mapCookiesToString(request.Cookies()),
-		Headers:         mapHeaderToString(request.Header),
-		Status:          tracer.Stateless.String(),
-		RemoteAddr:      request.RemoteAddr,
-		ID:              uuid.New().String(),
-		Description:     HoneypotDescription,
-	})
-}
-
-func mapHeaderToString(headers http.Header) string {
-	headersString := ""
-
-	for key := range headers {
-		for _, values := range headers[key] {
-			headersString += fmt.Sprintf("[Key: %s, values: %s],", key, values)
-		}
-	}
-
-	return headersString
-}
-
-func mapCookiesToString(cookies []*http.Cookie) string {
-	cookiesString := ""
-
-	for _, cookie := range cookies {
-		cookiesString += cookie.String()
-	}
-
-	return cookiesString
-}
-
-func setResponseHeaders(responseWriter http.ResponseWriter, headers []string, statusCode int) {
-	for _, headerStr := range headers {
-		keyValue := strings.Split(headerStr, ":")
-		if len(keyValue) > 1 {
-			responseWriter.Header().Add(keyValue[0], keyValue[1])
-		}
-	}
-	// http.StatusText(statusCode): empty string if the code is unknown.
-	if len(http.StatusText(statusCode)) > 0 {
-		responseWriter.WriteHeader(statusCode)
-	}
-}

protocols/strategies/ssh.go

@@ -1,133 +0,0 @@
-package strategies
-
-import (
-	"fmt"
-	"github.com/mariocandela/beelzebub/v3/parser"
-	"github.com/mariocandela/beelzebub/v3/plugins"
-	"github.com/mariocandela/beelzebub/v3/tracer"
-	"regexp"
-
-	"strings"
-	"time"
-
-	"github.com/gliderlabs/ssh"
-	"github.com/google/uuid"
-	log "github.com/sirupsen/logrus"
-	"golang.org/x/crypto/ssh/terminal"
-)
-
-type SSHStrategy struct {
-}
-
-func (sshStrategy *SSHStrategy) Init(beelzebubServiceConfiguration parser.BeelzebubServiceConfiguration, tr tracer.Tracer) error {
-	go func() {
-		server := &ssh.Server{
-			Addr:        beelzebubServiceConfiguration.Address,
-			MaxTimeout:  time.Duration(beelzebubServiceConfiguration.DeadlineTimeoutSeconds) * time.Second,
-			IdleTimeout: time.Duration(beelzebubServiceConfiguration.DeadlineTimeoutSeconds) * time.Second,
-			Version:     beelzebubServiceConfiguration.ServerVersion,
-			Handler: func(sess ssh.Session) {
-				uuidSession := uuid.New()
-
-				tr.TraceEvent(tracer.Event{
-					Msg:         "New SSH Session",
-					Protocol:    tracer.SSH.String(),
-					RemoteAddr:  sess.RemoteAddr().String(),
-					Status:      tracer.Start.String(),
-					ID:          uuidSession.String(),
-					Environ:     strings.Join(sess.Environ(), ","),
-					User:        sess.User(),
-					Description: beelzebubServiceConfiguration.Description,
-					Command:     sess.RawCommand(),
-				})
-
-				term := terminal.NewTerminal(sess, buildPrompt(sess.User(), beelzebubServiceConfiguration.ServerName))
-				var histories []plugins.History
-				for {
-					commandInput, err := term.ReadLine()
-					if err != nil {
-						break
-					}
-
-					if commandInput == "exit" {
-						break
-					}
-					for _, command := range beelzebubServiceConfiguration.Commands {
-						matched, err := regexp.MatchString(command.Regex, commandInput)
-						if err != nil {
-							log.Errorf("Error regex: %s, %s", command.Regex, err.Error())
-							continue
-						}
-
-						if matched {
-							commandOutput := command.Handler
-
-							if command.Plugin == plugins.ChatGPTPluginName {
-								openAIGPTVirtualTerminal := plugins.Init(histories, beelzebubServiceConfiguration.Plugin.OpenAPIChatGPTSecretKey)
-
-								if commandOutput, err = openAIGPTVirtualTerminal.GetCompletions(commandInput); err != nil {
-									log.Errorf("Error GetCompletions: %s, %s", commandInput, err.Error())
-									commandOutput = "command not found"
-								}
-							}
-
-							histories = append(histories, plugins.History{Input: commandInput, Output: commandOutput})
-
-							term.Write(append([]byte(commandOutput), '\n'))
-
-							tr.TraceEvent(tracer.Event{
-								Msg:           "New SSH Terminal Session",
-								RemoteAddr:    sess.RemoteAddr().String(),
-								Status:        tracer.Interaction.String(),
-								Command:       commandInput,
-								CommandOutput: commandOutput,
-								ID:            uuidSession.String(),
-								Protocol:      tracer.SSH.String(),
-								Description:   beelzebubServiceConfiguration.Description,
-							})
-							break
-						}
-					}
-				}
-				tr.TraceEvent(tracer.Event{
-					Msg:    "End SSH Session",
-					Status: tracer.End.String(),
-					ID:     uuidSession.String(),
-				})
-			},
-			PasswordHandler: func(ctx ssh.Context, password string) bool {
-				tr.TraceEvent(tracer.Event{
-					Msg:         "New SSH attempt",
-					Protocol:    tracer.SSH.String(),
-					Status:      tracer.Stateless.String(),
-					User:        ctx.User(),
-					Password:    password,
-					Client:      ctx.ClientVersion(),
-					RemoteAddr:  ctx.RemoteAddr().String(),
-					ID:          uuid.New().String(),
-					Description: beelzebubServiceConfiguration.Description,
-				})
-				matched, err := regexp.MatchString(beelzebubServiceConfiguration.PasswordRegex, password)
-				if err != nil {
-					log.Errorf("Error regex: %s, %s", beelzebubServiceConfiguration.PasswordRegex, err.Error())
-					return false
-				}
-				return matched
-			},
-		}
-		err := server.ListenAndServe()
-		if err != nil {
-			log.Errorf("Error during init SSH Protocol: %s", err.Error())
-		}
-	}()
-
-	log.WithFields(log.Fields{
-		"port":     beelzebubServiceConfiguration.Address,
-		"commands": len(beelzebubServiceConfiguration.Commands),
-	}).Infof("GetInstance service %s", beelzebubServiceConfiguration.Protocol)
-	return nil
-}
-
-func buildPrompt(user string, serverName string) string {
-	return fmt.Sprintf("%s@%s:~$ ", user, serverName)
-}

tracer/tracer.go

@@ -2,12 +2,12 @@
 package tracer
 
 import (
-	log "github.com/sirupsen/logrus"
 	"sync"
 	"time"
 
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/prometheus/client_golang/prometheus/promauto"
+	log "github.com/sirupsen/logrus"
 )
 
 // Workers is the number of workers that will
@@ -26,7 +26,7 @@ type Event struct {
 	User            string
 	Password        string
 	Client          string
-	Headers         string
+	Headers         map[string][]string
 	Cookies         string
 	UserAgent       string
 	HostHTTPRequest string
@@ -34,6 +34,10 @@ type Event struct {
 	HTTPMethod      string
 	RequestURI      string
 	Description     string
+	SourceIp        string
+	SourcePort      string
+	TLSServerName   string
+	Handler         string
 }
 
 type (