CyberMinds Task Knowledge: #108 CTF-04 Suspicious User-Agent Beaconing

Issue: https://github.com/Cyber-Minds/CyberMinds/issues/108 Owner: @entyX Due: 2026-04-24

Objective

Deliver intermediate detection challenge for beacon-like callback behavior.

Recommended Build Plan

1. Create access-log fixtures with periodic callback signatures.
2. Require user-agent + interval analysis output.
3. Add deterministic checker for suspected beacon source list.

Security And Safety

• No real endpoints or identifiable user traces in fixtures.
• Avoid payload strings that could be misused as offensive examples.
• Protect checker from regex denial-of-service patterns.

Quality Checks

• Ensure expected outputs survive log-order permutation where appropriate.
• Confirm low-noise signal in true-positive detection.