Skip to content

Changelog

All notable changes to the HYDRA × PDX project.

v3.0 — 2026-04-10

HYDRA

  • 65+ built-in commands — expanded from 39 to 65+ (40 core + 25 network/process/system)
  • 9-step command pipeline — sanitize → guard → expand → split → pipes → classify → execute → mutate → log
  • Side-effect registryapt install now tracked realistically; which, type, and subsequent tool usage work coherently for 25+ packages
  • bot_dropper classification — new SessionClassifier category for wget/curl-to-sh dropper patterns
  • Live classificationclassify_live runs during the session, not just post-hoc; enables response detail adjustment for signal sessions
  • Graceful shutdown — SIGINT/SIGTERM/SIGHUP handling with priority-ordered cleanup callbacks
  • State modulestate.init_state() locks project_root/logs_dir/data_dir/config_path as absolute paths, removing cwd dependency

PDX

  • Pipeline Orchestrator — full automation: one-shot, watch, and auto modes for continuous feedback generation
  • FeedbackEngine — attacker profiling via behavioral clustering, aggregate metric computation, and prompt patch generation
  • LureGenerator — translates metrics into concrete VFS changes (new decoy files, updated credentials, enriched .bash_history)
  • FeedbackStore v1.1.0 — new schema with attacker profiles, aggregate metrics, lure recommendations, and prompt patches
  • Migration systemv1_0_0_to_v1_1_0.py handles feedback.yaml schema upgrades

Documentation

  • Full French translation via mkdocs-static-i18n
  • New pages: Feedback loop, Troubleshooting, FAQ, Changelog, Contributing
  • Corrected builtin count — 39 → 65+ throughout documentation
  • Documented undiscovered features — side-effect registry, 9-step pipeline, bot_dropper classification, graceful shutdown

v2.0 — 2026-04-06

HYDRA

  • PromptGuard — silent prompt injection detection (0.0–1.0 scoring)
  • 3 personas — fintech_trading, crypto_validator, corp_ad
  • Virtual filesystem — Copy-on-Write per session
  • Anti-fingerprinting — SSH banner, cgroup, auth delay, kernel coherence, Kinsing path normalization
  • Session classifier — bot_ephemeral, bot_exec_scanner, bot_recon, likely_human

PDX

  • DataRouter — dual-use classification (defensive + offensive)
  • 7 training generators — SFT, DPO, RAFT, ReAct, CoT, Chain, JS
  • Quality pipeline — deduplication, filtering, curriculum ordering, temporal decay
  • Delta Vector 16D — 16-dimension scoring for each observation
  • Burp Suite bridge — Java extension + Python proxy
  • 4-tier multi-model router — 7B → 32B → Anthropic API → fallback
  • 8 data collectors — NVD, ExploitDB, OWASP, MITRE ATT&CK, Nuclei, CWE, RFC, man pages

Data

  • 3,508 SSH sessions captured over ~3 days
  • 78 signal sessions (2.2%)
  • 8,668 defensive events, 4,910 offensive events
  • 5/5 key MITRE ATT&CK tactics observed

v1.0 — 2026-03-15

  • Initial HYDRA prototype — SSH honeypot with LLM responses
  • Basic PDX pipeline — SFT generation only
  • Single persona
  • No anti-fingerprinting