SecuBox v0.18 - Development Status & Roadmap

📦

GitHub Repository

Open Source • GPLv3 License • Active Development

🔗 https://github.com/CyberMind-FR/secubox-openwrt

Repositories

Stars

35+

Commits (Feb)

v0.18

Current Release

📝

Recent Development Activity

Live commit history from GitHub repository

📅 February 2, 2026

feat waf Add comprehensive CVE detection patterns 94c02c9

chore feed Update build artifacts for mitmproxy v0.5.0-r21 ec31cdb

chore feed Update build artifacts for crowdsec-dashboard v0.7.0-r32 f6ab1fc

fix crowdsec Restore working setup page from settings.js 21f59b6

refactor crowdsec Simplify LuCI interface - KISS setup 6298e8b

feat security Add CVE-2025-15467 detection and mitmproxy threat integration 77e572a

feat mitmproxy Add WAN protection mode for incoming traffic inspection f4b9c91

feat dnsguard Add DNS Guard app and Ollama model suggestions 72f5162

📅 February 1, 2026

feat haproxy Add AdGuard Home detection and improve service discovery 681382c

feat ollama KISS UI rewrite and thermal monitoring 9435cc6

fix wireguard Fix QR code generation in dashboard dcc000c

refactor mitmproxy Move to Security menu e14ef7f

feat metablogizer KISS UI redesign with backend status 1633648

feat streamlit Add instances management and Gitea integration e07fec6

🧩

Component Development Status

Real-time status from latest builds

🛡️ Stable

mitmproxy WAF

v0.5.0-r21

MITM proxy with SSL inspection, 60+ CVE patterns, WAN protection mode, HAProxy integration

🤖 Stable

CrowdSec Dashboard

v0.7.0-r32

LuCI interface with KISS setup, CAPI enrollment, alerts display, country statistics

🔒 Stable

WireGuard Dashboard

v0.4.x

VPN management with QR code generation, peer configuration, mesh networking support

🌐 Beta

DNS Guard

v0.1.x

DNS security with provider lookup, Ollama AI suggestions, threat blocking

🧠 Beta

Ollama Integration

v0.2.x

Local AI models, KISS UI, thermal monitoring, model suggestions

⚖️ Stable

HAProxy Manager

v0.3.x

Load balancer with AdGuard detection, service discovery, failover support

📊 Dev

Streamlit Apps

v0.1.x

Instance management, Gitea integration, dashboard applications

📝 Beta

Metablogizer

v0.2.x

KISS UI redesign, backend status monitoring, hosting integration

🔧 Stable

Network Tweaks

v0.3.x

Network optimization, moved to Network menu, performance tuning

🚨

CVE Detection Engine

60+ vulnerability patterns including CVE-2025-15467

2021

Log4Shell
ProxyShell
VMware vCenter
F5 BIG-IP

2022

Spring4Shell
Spring Cloud
F5 Auth Bypass
ProxyNotShell

2023

MOVEit
Citrix Bleed
Cisco IOS XE
Fortinet SSL

2024

PAN-OS
Ivanti
ScreenConnect
PHP-CGI

2025

CVE-2025-15467
OpenSSL CMS
Ivanti Stack
SonicWall

🗺️

Development Roadmap

From current state to ANSSI certification

v0.18

Feb 2026

● Current

Active Development Release

✓ MITM WAF mitmproxy v0.5.0-r21

✓ CrowdSec Dashboard v0.7.0-r32

✓ 60+ CVE detection patterns

✓ WAN protection mode

✓ P2P Mesh MaaS Federation

✓ WireGuard QR code fix

◐ DNS Guard with Ollama AI

◐ Streamlit Gitea integration

v0.19

Q1 2026

Planned

First Public Release

○ Complete documentation

○ Installation wizard

○ Bug bounty program

○ GitHub Releases automation

○ Pre-built images for Marvell

○ Docker support exploration

v1.0

Q2-Q3 2026

Planned

ANSSI Certification Ready

○ CSPN certification preparation

○ Security audit completion

○ Enterprise support tier

○ Multi-language support

○ Commercial licensing option

○ Partner ecosystem launch

🚀

GitHub Release Best Practices

Recommended workflow for SecuBox releases

Semantic Versioning

Follow SemVer: MAJOR.MINOR.PATCH. Use v0.18.2 format. Increment PATCH for fixes, MINOR for features, MAJOR for breaking changes.

v0.18.2 → v0.18.3 (fix)
v0.18.2 → v0.19.0 (feature)

Tag & Release Creation

Create annotated tags and GitHub releases with comprehensive changelogs.

git tag -a v0.18.2 -m "Release v0.18.2"
git push origin v0.18.2

Release Notes Structure

Group changes by type: Features, Fixes, Security, Breaking Changes. Include commit references.

## 🚀 Features
- feat(waf): CVE detection (#94c02c9)
## 🐛 Bug Fixes
- fix(crowdsec): Setup page (#21f59b6)

Binary Artifacts

Attach pre-built .ipk packages for supported architectures (aarch64_cortex-a53, aarch64_cortex-a72).

secubox-app-mitmproxy_0.5.0-r21_aarch64.ipk
luci-app-crowdsec_0.7.0-r32_all.ipk

Checksums & Signatures

Provide SHA256 checksums and optional GPG signatures for security verification.

sha256sum *.ipk > SHA256SUMS
gpg --sign SHA256SUMS

Feed Integration

Update the custom OpenWrt feed with new package versions and Packages.manifest.

src/gz secubox https://github.com/CyberMind-FR/secubox-openwrt/raw/master/feed