mirror of
https://github.com/cliffe/BreakEscape.git
synced 2026-02-21 11:18:08 +00:00
a75fb6c110
Created 7 comprehensive internal ENTROPY documents organized into 5 categories, providing deep insight into the organization's structure, methods, philosophy, and operations. ## New Fragment Categories: ### 1. Training Materials (2 fragments) **TRAIN_RECRUIT_001: Asset Recruitment Fundamentals** - Complete recruitment methodology manual (3.2, June 2024) - Four vulnerability categories: Financial (75% success), Ideological (45%), Personal (60%), Career (35%) - Seven-stage progressive commitment (Week 1: innocent contact → Week 10: full operational) - Target organization prioritization (Tier 1: Critical infrastructure, Tier 2: Fortune 500, Tier 3: SMB) - OPSEC protocols for recruiters (cover identity, surveillance detection, compartmentalization) - Case studies: NIGHTINGALE (success - Sarah Martinez), CARDINAL (failure - security researcher) - Ethical considerations from The Architect - **Educational Value:** Social engineering, insider threat vectors, recruitment psychology **TRAIN_OPSEC_001: Handler Operational Security** - Golden Rules: You Don't Exist, Trust Is Liability, Assume Surveillance, Compartmentalization Is Sacred - Handler identity management (codenames, separate devices, digital hygiene) - Asset communication protocols (Signal for coordination, dead drops for intel, in-person rare) - Surveillance Detection Routes (SDR) - 60-90min before every meeting - Payment security (cryptocurrency preferred, cash acceptable, wire transfer avoid) - Counter-intelligence awareness (detecting flipped assets) - Capture protocols: "I want a lawyer" (repeat indefinitely) - Burnout recognition and exit procedures - **Educational Value:** Covert operations tradecraft, OPSEC principles, countersurveillance ### 2. Operational Communications (1 fragment) **OPCOM_001: Phase 3 Cell Coordination** - The Architect's final coordination message (June 28, 2025, T-minus 17 days) - Recipients: All 5 cell leaders (ALPHA_PRIME through EPSILON_PRIME) - Cell-specific target assignments: - **ALPHA**: Financial systems (banks, stock exchange, cryptocurrency) - **BETA**: Healthcare (EHR, medical devices, insurance - life-safety protected) - **GAMMA**: Telecommunications (ISP routing, mobile data, DNS) - **DELTA**: Energy grid (SCADA, load balancing, brownouts not blackouts) - **EPSILON**: Transportation/Logistics (airlines, freight, transit) - Operational timeline: July 15, 2025, 00:00-14:00 EST (staggered activation) - Abort criteria: Life safety risk, operational compromise, strategic conditions violated - Success definition: 40% minimum, 70% target, 100% optimal - Strategic restraints: Zero casualties, reversible damage, 72-hour window - **Reveals:** Complete Phase 3 plan, coordination between cells, specific targets ### 3. Cell Protocols (1 fragment) **PROTO_CELL_001: Cell Structure and Operations** - Cell hierarchy: Architect → Cell Leaders → Handlers → Technical Specialists → Support Roles - Typical cell size: 8-15 members (1 leader, 3-5 handlers, 2-3 technical, 2-4 support) - Cell budget: $500K-$1.5M annually (60% asset payments, 15% equipment, 15% infrastructure, 10% stipends) - Weekly operational meetings (rotating safe houses, 90min, phones in Faraday bags) - Burn protocols: Level 1 (individual), Level 2 (cell), Level 3 (network) - Target selection criteria (centralized systems, avoid small business/life-safety) - Asset management (recruitment, tasking, payment, termination) - Inter-cell communication (prohibited except through Architect) - **Educational Value:** Covert organization structure, compartmentalization, operational security ### 4. Strategic Planning (1 fragment) **STRAT_001: Ten-Year Vision (2015-2025)** - Original October 2015 strategic document by The Architect - Updated January 2023 with postscript for cell leaders - **Phase 1 (2015-2018)**: Foundation - Build capabilities, recruit founding members - Goal: 15-20 members across 3 cells, initial tooling - Status: EXCEEDED (5 cells, 60+ members, advanced tools) - **Phase 2 (2018-2022)**: Expansion - Scale operations, recruit 100+ assets - Goal: 5 cells, 100+ assets in critical infrastructure, 20-30 operations - Status: ACHIEVED (Equilibrium.dll on 800+ systems, 25 successful operations) - **Phase 3 (2023-2025)**: Demonstration - Coordinated multi-sector disruption - Activation: July 15, 2025 - Goal: Demonstrate infrastructure fragility at scale - **Phase 4 (2025-2030)**: Options post-Phase 3 (Dissolve, Continue, Go Public, Pivot to Defense) - Strategic philosophy: Why 10 years? Why constraints? Why anonymity? - Risk assessment: Operational, strategic, organizational, moral failures - **Proves:** Everything was intentional, strategic, part of coherent long-term vision ### 5. Technical Documentation (1 fragment) **TECH_TOOL_001: Equilibrium.dll Documentation** - SCADA backdoor malware for power grid load manipulation - Deployment: 847 systems across 47 power utilities (April 2024) - Attack vector: DLL side-loading (version.dll proxy in Siemens WinCC) - Functionality: Intercept load balancing commands, create rolling brownouts - C2 infrastructure: Domain fronting via CloudFlare (maintenance-updates.scada-systems.com) - Anti-detection: AV evasion, SIEM evasion, mimics Windows Update traffic - Bypass lists (ABSOLUTE): Hospitals, emergency services, critical infrastructure (never affected) - Phase 3 activation: July 15, 2025, 06:00 EST - Constraints: Max 2-hour brownout per zone, equipment protection maintained, remote kill switch - Self-destruct: July 20, 2025 (delete all traces) - **Educational Value:** SCADA vulnerabilities, DLL side-loading, C2 infrastructure, ethical constraints in malware ### 6. Ideology (1 fragment) **IDEOLOGY_001: On Inevitability Manifesto** - The Architect's philosophical treatise (March 2016, updated January 2023) - **Chapter 1**: Entropy and Systems - Thermodynamics, fragility of centralization - **Chapter 2**: The Illusion of Security - Security theater vs. actual security - **Chapter 3**: Why We Are Not Terrorists - Constraints, no violence, no demands - Zero casualties requirement, reversible damage, institutional targets, no political demands - **Chapter 4**: The Moral Calculus - Utilitarianism (justified), Deontology (unjustified), Virtue Ethics (depends on execution) - **Chapter 5**: What Comes After - 3 scenarios (Society learns, ignores, overreacts) - **Chapter 6**: To Those Who Join - What members are signing up for (prison risk, moral weight, stress) - The Architect's 2023 postscript: Doubt is constant, but conviction remains - **Reveals:** ENTROPY's genuine ideological motivation, ethical struggles, principled approach (even if misguided) ### 7. README Documentation **README_ORGANIZATIONAL_LORE.md** - Comprehensive guide to all 7 organizational fragments - Discovery and player integration recommendations - Cross-references (internal ENTROPY docs, existing LORE fragments, evidence templates) - Educational value mapped to CyBOK domains - Fragment statistics (50,000 words total) - Narrative themes (complexity, fragility/resilience, means/ends, human cost) - Usage guidelines for game developers - Recommended discovery order for progressive revelation ## Organizational Structure Revealed: **ENTROPY Network:** - 5 operational cells: ALPHA, BETA, GAMMA, DELTA, EPSILON - Each cell: 8-15 members - 60+ total members, 120+ recruited assets - Centralized leadership: The Architect - Distributed operations: Cell autonomy within strategic framework **Operational Capabilities:** - Asset recruitment (4 vulnerability types, proven methods) - Infrastructure compromise (financial, healthcare, telecom, energy, transportation) - Advanced malware (Equilibrium.dll + others referenced) - Secure communications (Signal, dead drops, PGP) - Financial infrastructure (cryptocurrency, shell companies) **Ethical Framework:** - Zero casualty constraint (absolute requirement) - Reversible damage only (72-hour demonstration window) - Institutional targets (not individuals) - Bypass lists for life-safety systems - Members can exit safely ## Cross-References: **Links to existing LORE:** - Sarah Martinez = NIGHTINGALE case study in TRAIN_RECRUIT_001 - Operation Glass House = references in multiple training docs - Phase 3 directive = expanded detail in OPCOM_001 - The Architect's philosophy = IDEOLOGY_001 manifesto **Links to evidence templates:** - TEMPLATE_001-006 identify specific assets - Organizational LORE shows recruitment and management methods - Combined: Complete picture of ENTROPY operations ## Educational Value (CyBOK): **Training Materials:** - Social engineering principles and insider threat recruitment - Operational security for covert activities - Psychological profiling and vulnerability exploitation **Operational Communications:** - Critical infrastructure protection priorities - Coordinated attack response - Multi-sector incident coordination **Cell Protocols:** - Organizational compartmentalization - Covert communication methods - Counterintelligence awareness **Strategic Planning:** - Long-term adversary planning - Strategic vs. tactical threat analysis - Risk assessment methodologies **Technical Documentation:** - SCADA security vulnerabilities - Malware analysis (DLL side-loading, C2 infrastructure) - Anti-forensics and detection evasion **Ideology:** - Threat actor psychology and motivation - Hacktivism vs. terrorism distinctions - Ethical hacking debates ## Gameplay Integration: **Progressive Revelation:** - Early: Training materials, cell protocols (structure) - Mid: Operational comms, technical docs (capabilities) - Late: Strategic planning, ideology (philosophy) **Mission Design:** - Phase 3 deadline creates urgency (July 15, 2025) - Cell targets enable focused counter-ops - Technical docs provide defensive intelligence **Moral Complexity:** - ENTROPY presented as principled antagonists - Genuine ideological motivation (not pure malice) - Ethical constraints (zero casualties, reversible damage) - Players must grapple: Are they entirely wrong? All fragments maintain narrative consistency, educational alignment with CyBOK security domains, and interconnected storytelling across the ENTROPY universe.
Break Escape: Cyber-Physical Security Learning Framework
Break Escape is an escape room-inspired games-based learning framework that simulates cyber-physical security challenges. Break Escape creates immersive experiences where learners engage with both physical and digital security mechanisms within narrative-driven scenarios explicitly mapped to the Cyber Security Body of Knowledge (CyBOK). The game is inspired by retro top-down games, dungeon crawlers, escape rooms, and cyber security challenges.
Note: Break Escape is currently in development. Please report any issues or feedback via GitHub.
Live Demo -- Early Beta Playtesting
You can try Break Escape directly from your browser by visiting: https://hacktivity.co.uk/break-escape-beta/scenario_select.html
You’ll choose from scenarios, each offering its own set of puzzles and challenges, ranging from cryptography to physical security.
After playing, please fill out a short survey. Your insights will be instrumental in improving the game and understanding the benefits. https://forms.gle/kiVgNUBSHu2KjcJt8
Features
- Immersive Learning Environment: Top-down 2D game environment accessible through web browsers
- Cyber-Physical Security Challenges: Simulations of various security mechanisms:
- Key-based locks (with physical keys and lockpicking mini-game)
- PIN code systems
- Password-protected interfaces
- Biometric authentication (fingerprints that can be dusted and spoofed)
- Bluetooth proximity detection
- CyberChef Integration: Embedded cryptographic tools for encryption and data analysis
- CyBOK Mapping: Each scenario is explicitly mapped to relevant Cyber Security Body of Knowledge areas
- Multiple Scenarios: Various pre-built scenarios focusing on different security aspects:
- "CEO Exfil Investigation" - Corporate espionage and data exfiltration
- "Captain Meow's Disappearance" - Encoding and cryptography
- "Encoding and Encryption Lab" - Basic cryptographic principles
- "Asymmetric Encryption with RSA" - Public key cryptography
- "Symmetric Encryption with AES" - Block ciphers and encryption modes
- "Biometric Security Breach" - Fingerprint authentication
Technical Implementation
Break Escape is implemented using:
- Phaser.js: Core game engine
- JavaScript/HTML5: Front-end implementation
- JSON: Scenario specification format
Installation
Break Escape is a web-based application and requires a web server to run. You can:
Option 1: Use the hosted version
Visit the live demo at https://hacktivity.co.uk/break-escape-beta/scenario_select.html
Option 2: Use Python's built-in HTTP server
-
Clone the repository:
git clone https://github.com/yourusername/break-escape.git cd break-escape -
Start a local web server:
python3 -m http.server -
Open your web browser and navigate to:
http://localhost:8000
Option 3: Deploy to a web server
- Upload all files to your web server directory
- Access through your domain
Usage
Start Break Escape:
- Open Break Escape in your web browser
- Choose a scenario based on your learning objectives or difficulty preference
Play the game:
- When you start a scenario, you will be given a brief of the scenario.
- You can navigate through the virtual environment using mouse clicks.
- Interact with objects by clicking on them.
- Collect items into your inventory to use later.
- Solve puzzles and progress through rooms to complete the scenario.
After playing, please fill out a short survey. https://forms.gle/kiVgNUBSHu2KjcJt8
Game Controls
- Mouse Click: Move character, interact with objects
- Inventory: Click collected items to use them
- Notes Panel: Access important information you've discovered
- Bluetooth Scanner: Detect nearby Bluetooth devices (when available)
- Biometrics Panel: View collected fingerprint samples (when available)
Scenario Design
Break Escape features a flexible JSON-based scenario specification format that enables educators to create custom scenarios without programming knowledge. The scenario structure includes:
- Rooms with connections, objects, and optional locks
- Objects with properties like takeable, readable, observations, and lock requirements
- Special object types for fingerprint collection, cryptographic analysis, and more
For detailed information on creating your own scenarios, refer to README_scenario_design.md.
License
Break Escape is dual licensed:
- AGPL (GNU Affero General Public License)
- Open Government Licence
Acknowledgements
Break Escape was developed as an educational tool to address the "reflection gap" identified in many existing cyber security games by requiring players to actively apply security knowledge rather than merely encountering security terminology during gameplay.
The project integrates CyberChef, an open-source web application for encryption and data analysis, allowing learners to interact with genuine cryptographic tools within the game environment.
Special thanks to the Cyber Security Body of Knowledge (CyBOK) for providing the knowledge framework that Break Escape scenarios are mapped to.
This project is supported by a Cyber Security Body of Knowledge (CyBOK) resources around CyBOK 1.1 grant (2024-2025).
For questions, contributions, or more information, please open an issue on the project repository.