@blamejs/exceptd-skills 0.16.12 → 0.16.14

package/sbom.cdx.json

@@ -1,23 +1,23 @@
 {
   "bomFormat": "CycloneDX",
   "specVersion": "1.6",
-  "serialNumber": "urn:uuid:13543406-f1b2-4fad-a45a-c25bfd52c7c0",
+  "serialNumber": "urn:uuid:5622cfff-eb09-40f3-8323-05cc99470312",
   "version": 1,
   "metadata": {
-    "timestamp": "2036-04-11T07:17:26.000Z",
+    "timestamp": "2071-10-17T22:47:27.000Z",
     "tools": [
       {
         "vendor": "blamejs",
         "name": "scripts/refresh-sbom.js",
-        "version": "0.16.12"
+        "version": "0.16.14"
       }
     ],
     "component": {
-      "bom-ref": "pkg:npm/@blamejs/exceptd-skills@0.16.12",
+      "bom-ref": "pkg:npm/@blamejs/exceptd-skills@0.16.14",
       "type": "application",
       "name": "@blamejs/exceptd-skills",
-      "version": "0.16.12",
-      "description": "AI security skills grounded in mid-2026 threat reality, not stale framework documentation. 44 skills, 11 catalogs (439 CVEs / 174 CWEs / 805 ATT&CK + ICS / 170 ATLAS / 468 D3FEND / 8888 RFCs), 35 jurisdictions, 10-class catalog gap detector + budget gate, real XML parser + canonical-form diff + content-pattern regression detection, Ed25519-signed.",
+      "version": "0.16.14",
+      "description": "AI security skills grounded in mid-2026 threat reality, not stale framework documentation. 46 skills, 11 catalogs (439 CVEs / 174 CWEs / 805 ATT&CK + ICS / 170 ATLAS / 468 D3FEND / 8888 RFCs), 35 jurisdictions, 10-class catalog gap detector + budget gate, real XML parser + canonical-form diff + content-pattern regression detection, Ed25519-signed.",
       "licenses": [
         {
           "license": {
@@ -25,17 +25,17 @@
           }
         }
       ],
-      "purl": "pkg:npm/%40blamejs/exceptd-skills@0.16.12",
+      "purl": "pkg:npm/%40blamejs/exceptd-skills@0.16.14",
       "hashes": [
         {
           "alg": "SHA-256",
-          "content": "afb482357c7c2294b29c874300c89473a3fa9efb1e63ee223a73a1277e496a57"
+          "content": "75b997d78deb37213ca92f35a1789ecf2853e472e83cfe16ecb9fba5429ec976"
         }
       ],
       "externalReferences": [
         {
           "type": "distribution",
-          "url": "https://www.npmjs.com/package/@blamejs/exceptd-skills/v/0.16.12"
+          "url": "https://www.npmjs.com/package/@blamejs/exceptd-skills/v/0.16.14"
         },
         {
           "type": "vcs",
@@ -54,7 +54,7 @@
       },
       {
         "name": "exceptd:skill:count",
-        "value": "44"
+        "value": "46"
       },
       {
         "name": "exceptd:integrity:method",
@@ -86,11 +86,11 @@
       "hashes": [
         {
           "alg": "SHA-256",
-          "content": "a678ec5b3d67d984a7ace47a2d32315a5139ab3fd2104ee5c4674ec27359c20b"
+          "content": "3977cc99729354d5b7c5cb4e12efe2ed876ad90c0de481b607d861fcb0500c8a"
         },
         {
           "alg": "SHA3-512",
-          "content": "7e6938a7d13765dac67c8f1be801ccc2e0d4a3d8be05c1185ae1d75ba84f56e691cfa47377230c11d772ceb3dec21ac3c85dbcda730a0e61a17585d9dbbadb76"
+          "content": "b266c8daa35183e6c7688a39b5ef89dea5d4eb7a0392d5ab8a9c92a3e30c226a19b5c1b92250079ce6a70dae8e71911ea889be5f057833abbe4267800b86affe"
         }
       ]
     },
@@ -116,11 +116,11 @@
       "hashes": [
         {
           "alg": "SHA-256",
-          "content": "7f14a514c54a1e07b4387df550ee57155daba3ffad20c5f256769ec6a27a6ceb"
+          "content": "e8cad4a626166ff00bf36ab3a30c8fcb64d6e376528596da7618cf16d59bd304"
         },
         {
           "alg": "SHA3-512",
-          "content": "2110e331c531aa9fdf64315b2edf910a4111e4a0cf841004f078df6fadde182079320ece4ec48e6540c401c6a9d7def4ffc65ad82015f078929bc3b251e0faea"
+          "content": "ca41dd995ddc421e252dde2493ea9d5f842af93858519b8b78dda57c3cb1643eebb67a52f2d98976c3ea036a135cf1e5f211d51856e6ce7220ad82ada1c8c2a0"
         }
       ]
     },
@@ -176,11 +176,11 @@
       "hashes": [
         {
           "alg": "SHA-256",
-          "content": "12a35979ae7e439ffaf58cbadb801ddcdedb8b99d9526ed652243d4c04380829"
+          "content": "ae7d674b0aa95ee1fc5fc278cf16861801103e814862db686ea8eb332a9d7021"
         },
         {
           "alg": "SHA3-512",
-          "content": "7fc494b284be899216c55c9506a0fc52f341c6044325db994af5b25d1e9003a66ffe5c96741b19356554e6f819bd920bbd17db9299d9a9e6cca68c91ee834870"
+          "content": "e9a36b0d3f778cef44ae2b6e86d70e0bb822cb70a4dc228220bc9f6cc9f670e133938ddcbaf86ac00fdda74538734eedad2888f7c871706eda9c89b5d4f477db"
         }
       ]
     },
@@ -281,11 +281,11 @@
       "hashes": [
         {
           "alg": "SHA-256",
-          "content": "fcbef21c9a6c24523c6c6bcd0ba4166b88cf7f994eb6837362ae9bbdaca0bddd"
+          "content": "401459f17ec5ac70b3cf00423159108a81706fbf2e1fe710f6c03bd1672170ea"
         },
         {
           "alg": "SHA3-512",
-          "content": "ecf8dd551df3f4b2b521d51add250837c6e001e19c6f731c059eb73979f4ed66862a4739d7b66116f4c37c97a728e74925a578ae5c583b7ac1e705b51a7ae687"
+          "content": "ec5e2c793f3ccea0653a63233f4cb1bee81b185f9eef97e69b81ceb18d11f0485091bd872c80b68bc31c76003adf6407167e8a7360a3d33e58dd46f8a6af54fd"
         }
       ]
     },
@@ -341,11 +341,11 @@
       "hashes": [
         {
           "alg": "SHA-256",
-          "content": "bab657546a4b6ae1dea7d2433d96cd48a1fd409f74deffb8b50744c5f3ba76d9"
+          "content": "4762ef6f4d1cfe6eb9abff5f4539037294f18ded6feb3176161a4bb35fe85d32"
         },
         {
           "alg": "SHA3-512",
-          "content": "d697ddb45624f3f7f1444825ce15117f217124175897b9247cfcd425a610d30c48c0f2db0d4dfe42bc2302e4fc5fbc78ddeb56d63b885c23ba77ad4605d948ac"
+          "content": "3b5aa183722335cdb5204d1188413fbaab879ec1f4855981610cafd40127e631ae07437abc6008268a3788d591d39fba83690f1423ca3347a7f2b846692d5be4"
         }
       ]
     },
@@ -454,6 +454,21 @@
         }
       ]
     },
+    {
+      "bom-ref": "file:data/playbooks/audit-log-integrity.json",
+      "type": "file",
+      "name": "data/playbooks/audit-log-integrity.json",
+      "hashes": [
+        {
+          "alg": "SHA-256",
+          "content": "0ed3f7e7eb38c7c6c21335de82fea68a7392de298d7d407fd2ce9f41cd94d87d"
+        },
+        {
+          "alg": "SHA3-512",
+          "content": "2199f512f25067b732318e1aa8bb4418b50800e5bd8c7cd230da991733ca7ebd388429e1ad15a84708ed0e1b958cb0257fe0c44624b90b136ce4ab73ad787949"
+        }
+      ]
+    },
     {
       "bom-ref": "file:data/playbooks/cicd-pipeline-compromise.json",
       "type": "file",
@@ -521,11 +536,11 @@
       "hashes": [
         {
           "alg": "SHA-256",
-          "content": "ece18e05860fdd763645ca246d076ed2fe7e61d738412c6a69a2ce651cd6c1aa"
+          "content": "45d8392bdce3b384d3b88e02b196898ddb65fab44b975a34ab6b14eefdb5f858"
         },
         {
           "alg": "SHA3-512",
-          "content": "f0927574bfc2f0233a617fb93c4ad2cce5287d9a0876ae49f339f646782141f51fd1b452e7e4ec7fd4d6a7bd2d3f5b84012b4051d34a3cd76dea1016cec7886e"
+          "content": "60a616fb7c19a395558b14823b59d59b43ce318a33eca61111602caee349153de0a7a6dff0c3b220ea5e7adb519e9c3ee64c7ab0907d4c60cd112fcb84f3fa74"
         }
       ]
     },
@@ -551,11 +566,11 @@
       "hashes": [
         {
           "alg": "SHA-256",
-          "content": "f1046b23e75c6fbe2526a9f6a1a48d5d49564c81d609dcdce29a2c946422dc0a"
+          "content": "1f5f749e6fbf82fedef78789dd90ead2bb5bb159a2c7723f67f26d977b4f1108"
         },
         {
           "alg": "SHA3-512",
-          "content": "f16c012caf6ade2aa882cece084e40579986c3215d66e7252518df70e18d8067f09192ba592fdd64c69c8fbff4c255ab1b65fff23401701a7f3f4e18806a2612"
+          "content": "6d425bc941f84d430392daad961ddba8f6d8c7fb1082fd8f117c3d3af6c8b8b0ab1e3b96ff86aaa5f8d1b2bc6dae19a517c90d78bafb092a8d70dc990efabfcc"
         }
       ]
     },
@@ -566,11 +581,11 @@
       "hashes": [
         {
           "alg": "SHA-256",
-          "content": "7242ba841addcf2a77a45b9fc2b05452af831bc56ae33edd7ade8f94b3e603b2"
+          "content": "c464fbc4c2b8b49b7279b6c4190c33046cdc659f7c84a5513b4716376bc31134"
         },
         {
           "alg": "SHA3-512",
-          "content": "6fc89a0ee9ae99518ed7c464a8bcd693ff1067d9a4521706cdde5f84b2c4dc1a2968499263e109bc27e5192e622427fb753418fca916569490083e47a3c196c9"
+          "content": "4eb15b793d85e8b835c0960ccdefc79766bd28efe9ad836b67d31c804f85e80ea1751a5d701a9b07742648ccfa920afea23bb72059b00c5218d755631217cbec"
         }
       ]
     },
@@ -671,11 +686,11 @@
       "hashes": [
         {
           "alg": "SHA-256",
-          "content": "7fe2cdf5257f84561a4e88553b3274eb6aab20543affa36d29686b7ba1ef2abb"
+          "content": "544af47dcaf49d0f1d3d5e97cfba7d3af4ff35943b8fab50b96e19463d3bc2f4"
         },
         {
           "alg": "SHA3-512",
-          "content": "e77daa000cb93d3a93604cfa14f6c5f5d0dfdff4f54f5985c74717424e476bb5b550c6a781a79f8847d17a1346e42aeb4ba44b53149889a53fa7d907168fb8f7"
+          "content": "a960542d708e486a45f76c1e38e1a2a8fc8d49cd7e41992f4b7a86432bc42648fb3e2d0d5cbf20b28548be6324b482188c848644425fefb9f9af2338087d055c"
         }
       ]
     },
@@ -694,6 +709,21 @@
         }
       ]
     },
+    {
+      "bom-ref": "file:data/playbooks/network-trust.json",
+      "type": "file",
+      "name": "data/playbooks/network-trust.json",
+      "hashes": [
+        {
+          "alg": "SHA-256",
+          "content": "26d83f6139cf6e3c9b0dafac67058dbe9126986693b31b2d4a89baa9e8f7969a"
+        },
+        {
+          "alg": "SHA3-512",
+          "content": "c0a3b4f00fc802d7f2a6b4020febce29b0c1ce4838cbb8f871f5750340619b9238c86eec19ee96e2570ea8b634b3978f55f68a54d1faefd8bf479014a55c2917"
+        }
+      ]
+    },
     {
       "bom-ref": "file:data/playbooks/post-quantum-migration.json",
       "type": "file",
@@ -791,11 +821,11 @@
       "hashes": [
         {
           "alg": "SHA-256",
-          "content": "67663610d7fe7fd711dc6dc3a5f6963654263b5f979009faf44e5c60e1135431"
+          "content": "66a1bd01c4cb71d2d71576879afa097000cfe50042bdacb91ec4df235f5a03a1"
         },
         {
           "alg": "SHA3-512",
-          "content": "af609c3248471f5a75cb70f79ffc14042ab8456d78aba70dea4fab7e2ac7a17f42a9997f309db796a372a0fb70a2b6cd6798a13c6c51ced89c5f182c4f1fd0d7"
+          "content": "5dcc55ff361134da75ef806154c2a2f4a93d94bde59895053541ebc2f11ffdf91c8ab324b10b8fcb1fe940b1acbe59e152c571ddf55064d75827347a1366fc9e"
         }
       ]
     },
@@ -1751,11 +1781,11 @@
       "hashes": [
         {
           "alg": "SHA-256",
-          "content": "9eeb36ea9d3971a2ace0626c302df3169ac8bd76052eb05aa5bfee499c067465"
+          "content": "09db01b477338ca265cbb0aabc3627179078221ca1f9ea39581ca343d85d69bf"
         },
         {
           "alg": "SHA3-512",
-          "content": "027cba2f1a06f76c9f4fc9fe41da94c072b9d8e3d7700329b9a63cdbea42f2ac335afc40c1a93244590941751bb0253d3e784c5af6c68f65326038b38746433c"
+          "content": "05c3f35c2a18c73ac6fdac2a321f14a8732008b9ec99baf17f63bf5ac8f6eb116de1143708d98234f5d7de8bc19dc56f8d3640038f230d4cf97991436ff956cb"
         }
       ]
     },
@@ -1766,11 +1796,11 @@
       "hashes": [
         {
           "alg": "SHA-256",
-          "content": "bf05ddf62759f654c02d2564e158a625fdc80cd6b738478dd78de8f93160b48b"
+          "content": "07db9ab37e6e4c5396d7aab836f16660efb5ae38da2ded3cb57b00f6f5be0a05"
         },
         {
           "alg": "SHA3-512",
-          "content": "2d5f2db9aa837306e6d01c5f7bc9157ed7b5df5e5bbb38cbf114c18944385805ceecb2b3900121737a4e14c593be34c26fd9c9689b91a4b61b9e0dec88528e82"
+          "content": "040fc8917e87dbe79e2786608a64583eaf5bec954acb0928d4259afc9e13139f899d17d4015ee740a0ed3a5070daa09490908c3d94d0ba5f84e980dbca539142"
         }
       ]
     },
@@ -1781,11 +1811,11 @@
       "hashes": [
         {
           "alg": "SHA-256",
-          "content": "34034540b65202f0d1f1db35378e311d06086d45b00ebb9f6481bcd916c3df0a"
+          "content": "ea32d11918b9e9429c3ced5e07f667a755a2ad50aee090b71d3aa0196af3accb"
         },
         {
           "alg": "SHA3-512",
-          "content": "e73f9a735b0b672f7bc31d9cf5492cd5bd69c33ccb7c1fb4b22f5ce69594f5512d19c1ffa548e6a014b49a6da00872449d40fd7ca77da25e46ac0ff6f0158de7"
+          "content": "32bf0b27aa27c60d8b87394c0169d606e0fb7a6941dd63fb47a17a576e39afa48912a3c56225dc33c44b8e1dd83e230360c74ef81fa48ce1ef6d1e940d150985"
         }
       ]
     },
@@ -2674,6 +2704,21 @@
         }
       ]
     },
+    {
+      "bom-ref": "file:skills/audit-log-integrity/skill.md",
+      "type": "file",
+      "name": "skills/audit-log-integrity/skill.md",
+      "hashes": [
+        {
+          "alg": "SHA-256",
+          "content": "72485e8df55dea8df80b675f04f32de2d32b8ee17d5e0aa96e61cd9bcb831193"
+        },
+        {
+          "alg": "SHA3-512",
+          "content": "0acacd972f7e798d3501a4a2149c09031db97c5873e80d26d8eb7b37b9b6be33d102d544f697d01ca2ad88adc29ecebc0b9a3d64b15cde7c25aa562b8bc923fd"
+        }
+      ]
+    },
     {
       "bom-ref": "file:skills/cloud-iam-incident/skill.md",
       "type": "file",
@@ -2959,6 +3004,21 @@
         }
       ]
     },
+    {
+      "bom-ref": "file:skills/network-trust/skill.md",
+      "type": "file",
+      "name": "skills/network-trust/skill.md",
+      "hashes": [
+        {
+          "alg": "SHA-256",
+          "content": "d1c2fd6ce0bd74e508a41a61c8618cc5c979eaea2702ca97003ce46ba8c9dfa8"
+        },
+        {
+          "alg": "SHA3-512",
+          "content": "b1fd259f983b2bad0ce44290f12f6712f786aa8db7ef3fbab9db1c95b3b16fb9a151d7ccfc509e144dc311fa66a11bd0d357a5c57ddb59801ff2221176b7aa0a"
+        }
+      ]
+    },
     {
       "bom-ref": "file:skills/ot-ics-security/skill.md",
       "type": "file",

package/skills/audit-log-integrity/skill.md

@@ -0,0 +1,80 @@
+---
+name: audit-log-integrity
+version: "1.0.0"
+description: Audit-log integrity for mid-2026 — tamper-evident hash-chaining, off-host signing, compliance-mode WORM immutability, legal-hold-vs-retention enforcement, writer/custodian separation, and deception (honeytoken) coverage that resist the privileged attacker most likely to tamper with the trail
+triggers:
+  - audit log integrity
+  - tamper evident logging
+  - hash chain
+  - worm
+  - object lock
+  - immutable storage
+  - legal hold
+  - retention
+  - honeytoken
+  - canary token
+  - break glass
+  - dual control
+  - anti forensics
+  - log deletion
+  - separation of duties
+  - audit trail
+discovery_mode: standalone
+data_deps:
+  - cve-catalog.json
+  - atlas-ttps.json
+  - attack-techniques.json
+  - framework-control-gaps.json
+  - cwe-catalog.json
+  - rfc-references.json
+atlas_refs: []
+attack_refs:
+  - T1070
+  - T1565.001
+  - T1562.008
+framework_gaps:
+  - NIST-800-53-SI-2
+  - ISO-27001-2022-A.8.15
+  - NIS2-Art21-network-security
+  - SOC2-CC7-anomaly-detection
+cwe_refs:
+  - CWE-345
+  - CWE-347
+  - CWE-284
+  - CWE-778
+last_threat_review: "2026-06-02"
+---
+
+# Audit-Log Integrity (Tamper-Evidence, WORM, Deception)
+
+## Threat Context (mid-2026)
+
+An audit trail is a security control only if it survives the attacker who wants it gone. Anti-forensic tampering (T1070 indicator removal) and stored-data manipulation (T1565.001) target precisely the log that would expose an intrusion, and the most capable adversary is a compromised privileged or insider identity. Logging volume is not integrity: a complete log that a sufficiently privileged credential can rewrite, re-chain, or delete is not a trail. The integrity properties that resist this are a hash chain actually verified on read, entries signed with a key held off the log-writing host, compliance-mode (not governance/override) WORM, legal holds that block the retention purge, separation of the log writer from its custodian, and honeytokens that catch the foraging access in the first place.
+
+## Framework Lag Declaration
+
+Organisational logging controls require that events are recorded, protected, and monitored — and stop there. ISO 27001 A.8.15 (logging) is commonly attested by "we log and protect logs" without verifying hash-chain continuity, independent signing, or immutability against a privileged attacker. SOC 2 CC7 monitoring is satisfied by the presence of logs and alerts. NIS2 Art.21 names monitoring for essential services but not the integrity model. None require the audit trail be immutable to the very identity most likely to tamper with it. A clean "we log and monitor" audit is therefore NON-EVIDENCE for audit-log integrity; it confirms log presence and alerting, not verified-chain continuity, off-host signing, compliance-WORM, or writer/custodian separation.
+
+## TTP Mapping
+
+The audit-log integrity failures map to MITRE ATT&CK: **T1070 (Indicator Removal)** for deleting/rotating/truncating the trail, defeated by compliance-WORM + writer/custodian separation + honeytokens; **T1565.001 (Stored Data Manipulation)** for rewriting entries, defeated by verified hash-chaining + off-host signing; and **T1562.008 (Disable or Modify Cloud Logs / abuse of privileged access)** for break-glass misuse, defeated by dual control + independent alerting. The weakness classes are CWE-345 (insufficient verification of data authenticity — unverified chain), CWE-347 (improper signature verification — co-located/absent signing), CWE-284 (improper access control — governance-WORM, writer-can-delete), and CWE-778 (insufficient logging/detection — absent or untriaged honeytokens).
+
+## Exploit Availability Matrix
+
+These are posture gaps exploited from a privileged or insider position, so the "exploit" is the absent control, not a published CVE. Rewriting a hash chain that is never verified, or recomputing it after editing history, requires only write access. Deleting from governance-mode WORM requires the admin credential the mode explicitly trusts. Purging records under an advisory-only legal hold requires nothing beyond the normal lifecycle job. The real-world priority is set by whether a single compromised identity can rewrite or delete the system-of-record trail without detection, and whether any external anchor or honeytoken would surface the tampering after the fact.
+
+## Analysis Procedure
+
+1. Identify the system-of-record audit trail (not just ephemeral operational logs). 2. Confirm the hash chain is VERIFIED on read/replay/export and fails closed on a break. 3. Confirm entries/checkpoints are signed with a key held off the log-writing host (separate identity / KMS / HSM). 4. Confirm the store is compliance-mode immutable (no role, including root, can delete before expiry) and that legal holds gate the retention purge. 5. Confirm the writing identity is append-only and a separate custodian holds delete rights. 6. Confirm honeytokens are seeded on high-value surfaces and a trip is alerted + triaged, and that break-glass requires dual control + audit. Run the `audit-log-integrity` playbook to execute these as detect indicators with false-positive checks, then score by whether one compromised identity can erase the trail undetected.
+
+## Output Format
+
+Report per integrity property (chain verification, signing, WORM mode, legal-hold gate, writer/custodian separation, deception), marking each enforced / missing / inconclusive (visibility gap). For every missing property, state whether a single compromised privileged or application identity could rewrite or delete the system-of-record trail undetected, and whether any external anchor or honeytoken would catch it. Distinguish a control enforced externally (external WORM/notary, KMS-held key) from an absent one. Provide the prioritised remediation (verify chain + sign off-host, compliance-WORM + hold gate, separate writer from custodian, deploy + triage honeytokens, dual-control break-glass) and the negative validation tests that prove each fix (chain-break detected, privileged delete refused, hold blocks purge) plus a functional test that legitimate writes still chain, sign, and verify.
+
+## Compliance Theater Check
+
+The recurring theater is "we log everything, so we have an audit trail," "our storage is immutable/WORM," and "records under legal hold are preserved." Logging volume is not integrity; "immutable" without naming the mode hides governance-mode reversibility; a hold flag that does not gate the purge preserves nothing. The distinguishing test: verify the chain is checked on read, the signing key is off-host, the WORM mode is compliance (root/admin cannot delete before expiry), and the purge job honors the hold. If a single privileged identity can rewrite or delete the trail undetected, the logging is not an audit trail and the assurance is paper.
+
+## Defensive Countermeasure Mapping
+
+Map findings to MITRE D3FEND: verified hash-chaining and off-host signing realise Message Authentication and Log Integrity (countering T1565.001); compliance-mode WORM and writer/custodian separation realise File Access Pattern Analysis and Access Modeling against deletion (countering T1070); dual-control + alerting on break-glass realises Administrative Account Monitoring (countering T1562.008); honeytokens realise Decoy Object / Connected Honeynet detection (high-fidelity evidence of the foraging access). Pair an external WORM/notary anchor with the on-host chain so even host compromise cannot rewrite history unobserved. The residual risk after these controls is multi-party collusion or compromise of the signing key / WORM authority itself, accepted at the CISO level with key-management oversight.

package/skills/network-trust/skill.md

@@ -0,0 +1,81 @@
+---
+name: network-trust
+version: "1.0.0"
+description: Network-layer trust and adversary-in-the-middle resistance for mid-2026 — DNSSEC validation, DANE/TLSA pinning, TSIG, mTLS private-CA pinning, RFC 9421 HTTP message signatures, DNS-rebinding/SSRF guarding, and authenticated time (NTS) and its effect on certificate validity and TOTP
+triggers:
+  - network trust
+  - adversary in the middle
+  - aitm
+  - dnssec
+  - dane
+  - tlsa
+  - tsig
+  - mtls pinning
+  - certificate pinning
+  - http message signature
+  - rfc 9421
+  - dns rebinding
+  - nts
+  - authenticated time
+  - ntp spoofing
+  - public suffix list
+  - name resolution trust
+discovery_mode: standalone
+data_deps:
+  - cve-catalog.json
+  - atlas-ttps.json
+  - attack-techniques.json
+  - framework-control-gaps.json
+  - cwe-catalog.json
+  - rfc-references.json
+atlas_refs: []
+attack_refs:
+  - T1557
+  - T1071.004
+  - T1556
+framework_gaps:
+  - NIST-800-53-SC-8
+  - ISO-27001-2022-A.8.21
+  - NIS2-Art21-network-security
+  - UK-CAF-B4
+cwe_refs:
+  - CWE-345
+  - CWE-918
+  - CWE-290
+  - CWE-347
+last_threat_review: "2026-06-02"
+---
+
+# Network-Layer Trust (AiTM Resistance)
+
+## Threat Context (mid-2026)
+
+Below the application, TLS authenticates a certificate against a CA bundle — not the specific peer you intended to reach, and not the DNS answer or the clock that got you there. Adversary-in-the-middle attacks exploit the trust-anchor validation TLS does not perform: forge a DNS answer where DNSSEC is not validated; present a mis-issued-but-CA-valid certificate where DANE/TLSA or an mTLS CA pin is not checked; shift an unauthenticated clock to revive an expired certificate or a TOTP window; or rebind a name from a public to an internal address. The DNSSEC validation surface itself carries availability risk (KeyTrap CVE-2023-50387, NSEC3 CVE-2023-50868). These are validation-posture gaps, not cryptographic-primitive weaknesses.
+
+## Framework Lag Declaration
+
+Organisational network controls equate TLS with peer authenticity and assume DNS and time are trustworthy. NIST 800-53 SC-8 (transmission integrity) is satisfied by TLS to a CA bundle and does not require DANE pinning, DNSSEC, or authenticated time. ISO 27001 A.8.21 (security of network services) is met with TLS + a CA bundle. NIS2 Art.21 names network security of essential services but not the DNS/time/transport trust-anchor posture that AiTM exploits. A clean "we use TLS and a validating resolver and NTP" audit is therefore NON-EVIDENCE for network-trust posture; it confirms encryption and a CA bundle, not end-to-end DNSSEC validation, peer pinning, or authenticated time.
+
+## TTP Mapping
+
+The network-trust failures map to MITRE ATT&CK: **T1557 (Adversary-in-the-Middle)** for mis-issued-certificate acceptance (no DANE/mTLS pin), DNS-rebinding SSRF, and clock-shift cert revival; **T1071.004 (Application Layer Protocol: DNS)** for forged answers accepted without DNSSEC and unauthenticated zone transfer/update without TSIG; and **T1556 (Modify Authentication Process)** for unverified HTTP message signatures and PSL-driven cookie-boundary confusion, plus the TOTP-window impact of time-shift. The weakness classes are CWE-345 (insufficient verification of data authenticity), CWE-918 (SSRF via DNS rebinding), CWE-290 (authentication bypass by spoofing), and CWE-347 (improper signature/certificate verification).
+
+## Exploit Availability Matrix
+
+These are posture gaps, so weaponisation is low-cost given an on-path or DNS-influencing position. DNS forgery and cache poisoning have commodity tooling; the DNSSEC validation surface's own DoS (KeyTrap / NSEC3) is catalogued with public analysis. DNS rebinding has public frameworks. A mis-issued or compromised-CA certificate is a recurring real-world event that DANE/mTLS pinning is designed to contain. Unauthenticated NTP is steerable by any on-path attacker. None require a novel exploit; the exploit is the absent validation. Real-world priority is driven by whether the unvalidated anchor sits on an internet-facing authentication, credential, or payment path, and by how many trust decisions ride on it.
+
+## Analysis Procedure
+
+1. Inventory the paths whose security depends on DNS authenticity, peer-certificate identity, accurate time, or request-signature integrity. 2. Confirm the application path validates DNSSEC end-to-end (or trusts a validated upstream over DoT/DoH) and guards DNS rebinding (pin resolved IP, refuse private ranges). 3. Confirm DANE/TLSA is checked on capable peers and that mTLS pins the expected private CA / SPKI rather than the full public bundle. 4. Confirm time is authenticated (NTS or an authenticated source) and treated as a trust input for cert-validity and TOTP. 5. Confirm TSIG on zone operations and adequately-scoped RFC 9421 message-signature verification. 6. Confirm the Public Suffix List is current. Run the `network-trust` playbook to execute these as detect indicators with false-positive checks, then score by reachability and the number of trust decisions affected.
+
+## Output Format
+
+Report per trust anchor (DNS, peer certificate, time, message signature), marking each enforced / missing / inconclusive (visibility gap). For every missing check, state whether the path is internet-facing and which trust decisions (peer auth, name resolution, cert validity, TOTP) depend on it. Distinguish a genuinely-not-in-scope anchor (no DANE-capable peer, no authoritative zone, fixed pinned IP) from an unvalidated one. Provide the prioritised remediation (validate DNSSEC + guard rebinding, pin peer certificates via DANE/mTLS, authenticate time, require TSIG + verify message signatures, refresh the PSL) and the negative validation tests that prove each fix (forged DNS rejected, mis-issued cert rejected, time-shift cannot revive a cert) plus a functional test that legitimate traffic still flows.
+
+## Compliance Theater Check
+
+The recurring theater is "we use TLS everywhere, so the peer is authenticated," "we use a DNSSEC-validating resolver," and "time sync is handled." TLS authenticates against a CA bundle, not the expected peer; a validating resolver upstream is moot if the application accepts any answer over an unauthenticated hop; unauthenticated NTP is attacker-steerable. The distinguishing test: confirm the application path checks DANE/TLSA (or pins the mTLS CA), trusts the AD flag / validates DNSSEC end-to-end, and uses authenticated time. If a forged DNS answer, a mis-issued certificate, or a time shift would be accepted, TLS did not make the network trustworthy and the assurance is paper.
+
+## Defensive Countermeasure Mapping
+
+Map findings to MITRE D3FEND: DNSSEC validation and DNS-rebinding guarding realise DNS Traffic Analysis and Resolution-Trust enforcement (countering T1071.004/T1557); DANE/TLSA and mTLS CA pinning realise Certificate Pinning and Public Key Infrastructure validation (countering T1557 mis-issuance); authenticated time (NTS) realises System Time Integrity (countering clock-shift cert/TOTP abuse); RFC 9421 message-signature verification realises Message Authentication (countering T1556). Pair DANE with DNSSEC (TLSA without DNSSEC is meaningless) and treat the clock as a security input. The residual risk after validation is compromise of the trust anchor itself (signing key, pinned CA, time authority), addressed by key-management and monitoring, accepted at the CISO level.