pduggusa/dugganusa-edge-shield

GitHub: pduggusa/dugganusa-edge-shield

基于 Cloudflare Workers 的边缘威胁情报防护工具，实现零延迟的恶意 IP 拦截、扫描器检测和地理信息增强。

Stars: 3 | Forks: 0

# DugganUSA Edge Shield ### Cloudflare 边缘的企业级威胁情报。免费。开源。 [![MIT License](https://img.shields.io/badge/License-MIT-blue.svg)](LICENSE) [![Cloudflare Workers](https://img.shields.io/badge/Cloudflare-Workers-F38020?logo=cloudflare&logoColor=white)](https://workers.cloudflare.com/) [![IOCs](https://img.shields.io/badge/IOCs-1%2C043%2C509-10b981)](https://analytics.dugganusa.com/api/v1/stix-feed) [![Consumers](https://img.shields.io/badge/Feed%20Consumers-275%2B-818cf8)](https://analytics.dugganusa.com/stix/pricing) [![STIX 2.1](https://img.shields.io/badge/STIX-2.1-4f46e5)](https://analytics.dugganusa.com/api/v1/stix-feed) **1,043,509 个 IOC。46 个国家的 275+ 消费者。30 秒内部署。** Microsoft、AT&T 和 Starlink 已经在拉取我们的订阅源。现在你也可以在边缘端做到了。 [获取免费 API Key](https://analytics.dugganusa.com/stix/register) • [STIX 订阅源](https://analytics.dugganusa.com/api/v1/stix-feed) • [博客](https://www.dugganusa.com) • [AIPM](https://aipmsec.com)

## 功能 ``` Visitor → Cloudflare Edge → Edge Shield → Your Origin │ ├── Scanner? → 418 "We see you. We indexed you." ├── Known IOC? → 403 Blocked └── Clean? → ✅ Pass with geo headers ``` | Layer | What Happens | Latency Added | |:-----:|:-------------|:-------------:| | **Scanner Detection** | Returns 418 to Shodan, Censys, LeakIX, Nuclei, ZMap | **0ms** | | **IOC Blocking** | Blocks IPs from 1M+ threat indicator feed | **0ms** (cached) | | **Geo Enrichment** | Adds city, region, ASN, lat/lon headers to every request | **0ms** | Zero external lookups. Zero latency added. The intelligence lives in Worker memory. ## 快速入门 ``` git clone https://github.com/pduggusa/dugganusa-edge-shield.git cd dugganusa-edge-shield npx wrangler secret put DUGGANUSA_API_KEY # Free: analytics.dugganusa.com/stix/register npx wrangler deploy ``` Add a route in Cloudflare: `*yourdomain.com/*` → `dugganusa-edge-shield` **That's it.** Your site is protected by 1M+ IOCs. ## 源站接收内容 Every request gets enriched headers — for free: ``` X-CF-City: Minneapolis X-CF-Region: Minnesota X-CF-Country: US X-CF-ASN-Org: Comcast Cable Communications X-CF-Latitude: 44.9778 X-CF-Longitude: -93.2650 X-DugganUSA-Shield: active X-DugganUSA-IOCs: 1043509 ``` Build geo dashboards, detect anomalies, log city-level analytics — all from headers your origin already receives. ## 扫描器所见 ``` { "message": "We see you. We indexed you.", "your_ip": "68.183.9.16", "your_asn": "AS14061", "your_org": "DigitalOcean, LLC", "your_city": "Amsterdam", "protected_by": "DugganUSA Edge Shield", "score": "You scored 0/95 on our scanner detection. Congratulations." } ``` **HTTP 418 I'm a Teapot.** Because they deserve it. ## 背后的智能 Edge Shield is powered by the same STIX 2.1 feed that Fortune 500 security teams consume:

| Metric | Value | |:------:|:-----:| | **IOCs Indexed** | 1,043,509 | | **Feed Consumers** | 275+ | | **Countries** | 46 | | **Autonomous Decisions** | 5,764,156 | | **Threats Blocked** | 2,038,293 | | **Adversary Profiles** | 361 | | **Blog Posts** | 1,655 |

We don't just aggregate — we hunt. 18 documented supply chain attacks (Pattern 38). NrodeCodeRAT discovered 43 days before Zscaler. IRGC target analysis on 18 US tech companies. FBI wiretap breach analysis published same-day. ## 定价 The Worker is **free and open source forever.** The intelligence is tiered: | Tier | Price | IOC Refresh | Best For | |:----:|:-----:|:-----------:|:---------| | **Free** | $0/mo | 24h, 48h delayed | Personal sites, blogs, side projects | | **Starter** | $45/mo | 1h, real-time | Small business, startups | | **Professional** | $495/mo | 15m, real-time + cross-index | SOC teams, MSPs | | **Enterprise** | $2,495/mo | 5m, full Medusa Suite | Fortune 500, government |

[**Get Your Free API Key →**](https://analytics.dugganusa.com/stix/register)

## 读取 Geo Headers ``` // Node.js / Express app.use((req, res, next) => { const city = req.headers['x-cf-city']; const region = req.headers['x-cf-region']; const org = req.headers['x-cf-asn-org']; console.log(`${city}, ${region} — ${org}`); next(); }); ``` ``` # Python / Flask @app.before_request def log_geo(): city = request.headers.get('X-CF-City', 'Unknown') region = request.headers.get('X-CF-Region', 'Unknown') print(f"{city}, {region}") ``` ## 隐私 When you use Edge Shield, we see: - API key usage (query count per day) - Which IOC lists you pull We do **NOT** see: - Your visitors - Your traffic - Your origin server - Anything about your site The Worker runs on **YOUR** Cloudflare account. We provide the intelligence. You control everything else.

标签：API 安全, ASN 标签, Censys 检测, DDoS 防护, IOC 阻断, IP 地址批量处理, IP 黑名单, Serverless 安全, Shodan 防御, STIX 2.1, WAF, 企业网络安全, 地理位置分析, 威胁情报, 密码管理, 开发者工具, 扫描器检测, 插件系统, 数据可视化, 流量过滤, 程序员工具, 网络访问控制, 网络边界安全, 自定义脚本, 边缘计算安全, 零延迟安全