Holy fuck

[Chungmaster1337]

There will be multiple moving parts here. I am going to build the virtualization stack as a seperate electron app to get it off the ground and mitigate deep rabit holes of "whos fucking what isnt doing something"

The end goal is to merge two codebases:

->PageWatch - Front end security analysis toolkit. Comprehensive browsing session exploratory utility, DATABASE OBJECTIVE, powered by typescript/node/vue/css/html - and hopefully assloads of publicly available APIS some day soon and juicy external datasets for rich realtime analysis.

->Enterprise Appliance Environment - Hypervisor (embeded in the main electron process)
We are going to manipulate the absolute FUCK out of electron to achieve this

--> Eminent Storage Authority
(owns its own hardware - ideally the host OS would have Bare Minimum awareness as electron has full filesystem access), the objective is to keep some dumb ass fucking autoplay setting from triggering what could potentially be ransomware sitting in a flat file in an indexable folder. And also to mitigate interference from the Host OS in our ideally (unrestrained) navigation to deep dark places.

--> Database Engines: My Vision
SQLite Database(s) - Retention rules based on multiple factors
Dwell time - Risk Factor - Relevance - File Size
Ultimately governed over by the existence of a token belonging ONLY to its parent session row in pgsql
This token - Will forge the relationship between the SQLite and PostgreSQL databases.
Standardized Encryption on every SQLite database file | The keys will be stored in PostgreSQL with parent. PostgreSQL Database - singular - Retention is permanent AS it relates to chronological completeness.
instead of architecting tables soley on Type logic, we will use the 'goal' of chronological validation as our rule:
Browser.Table (DOM/WINDOW/DOCUMENT/OBJECT) (any other metadata as it relates to ux vs user intent)
TCPStream.Table (DOM/WINDOW/DOCUMENT/OBJECT) (any other metadata as it relates to ux vs user intent)
Session.Table (Browser.Table/TCPStream.Table/OSIModel.table/SQLite.Vault.ForeignKey)
SQLite.Vault (ForeignKey/local.FilePath/EncryptionKey/BurnonExit(boolean))
OSIModel.Table (Protocol driven, important for sanity check/UTC.Record)
Since we are decrypting the TLS stream in real time we can do some really cool shit.

• capture each datapoint from the perspective of the browser
• capture each datapoint from the firewalls perspective
• notify the user on "discrepancy"
  • Auto-Init_Heightened_Awareness - "Gather everything we can, compare it to everything we have"

---> [[[ OPNSense virtual appliance] A.K.A the forensic browsers only way in or out of its container]

----> (Drivers) Here is my vision...

VWAN0 "internet"----> VBRIDGE0 "router" -----> FBL0 "local network" -----> (I'm guessing a service worker, or in this case maybe run it as a plugin) ---> the network stack is going to give us VERY valuable data for postgres

we can probably handle this much more efficently than an operating system. We could just dupe and dump all packets into blobs that belong to electron, as electron is going to be assigning the session token to the browser anyway we dont have to worry about figuring out what row in the browser.table they belong to. And sort/store traffic metadata that we have Types for in PostgreSQL for that row, if we haven't solved this problem yet, lets also call the OSI model a standards for developing Types relating to the network stack data we are trying to collect.

---> [DOM/WINDOW/DOCUMENT/OBJECT (enter Browser.Table from PostgreSQL)] + high level integration of domain/endpoint/address traversal (We have to figure out how to get this from OPNSense using api's or log ingestion] This is essentially our entry and exit point for realtime TLS Decryption
(happening in OPNSense ----> routing to PostgreSQL in TLSStream.Table)
to engage the HTML as if it were a NOC, configurable dialog and context containers (transparent) built in overlays (we could dynamically attach the overlays to the CSS logic that we are storing for the specific session to litterally point to the data that the dialoge overlays are trying to address ]

--> 0auth/Federated Identity
(We are going to steal OPNSense's auth framework, embed it in the electron service and divvy out session/state/token access to whatever needs it in the enterprise appliance enviornment)----> IntegrationTarget/ForensicDataRectifyer
and have one fully functioning coalesced user desktop model at the end of it.

• I will build the virtualization stack

• Then I will remove the auth workflow from the the stack, and introduce it into PageWatch as session/state management