hardware-clones-v1.0/
│
├── README.md
│
├── orchestrator/
│   ├── orchestrator.py          # Main daemon - manages clone lifecycle
│   ├── config.yaml              # Threat level, clone count, VPN configs
│   └── requirements.txt         # Python dependencies
│
├── scanner/
│   ├── hardware-scan.py         # Pre-boot hardware enumeration
│   ├── whitelist.db             # SQLite database of approved devices
│   └── hotplug-monitor.py       # Runtime USB/hot-plug interceptor
│
├── generator/
│   ├── clone-generator.py       # Creates synthetic identities from Seed
│   ├── serial-formats.db        # Manufacturer serial logic database
│   ├── device-pool.db           # Global pool of plausible hardware profiles
│   └── model-families.json      # Sibling variation mappings (T480→T470 etc)
│
├── injector/
│   ├── dmi-inject.sh            # Kernel DMI/SMBIOS overrides
│   ├── usb-descriptor-rewrite.py # USB descriptor masking
│   ├── mac-spoof.sh             # MAC address randomization with OUI matching
│   └── temporal-jitter.py       # Clock drift and NTP manipulation
│
├── firewall/
│   ├── nftables-rules.conf      # Raw nftables ruleset (Default Deny)
│   ├── iptables-rules.conf      # Raw iptables ruleset (alternative)
│   ├── pf-rules.conf            # pfSense/OPNsense rules (alternative)
│   ├── vendor-blocklist.txt     # Known vendor telemetry domains/IPs
│   └── dpi-signatures.yaml      # Deep packet inspection patterns
│
├── repository/
│   ├── repo-setup.sh            # Local update repository installer
│   ├── mirror-sync.py           # Sync updates from isolated machine
│   └── repo-whitelist.txt       # Allowed repository endpoints
│
├── ghost-daemon/
│   ├── ghost-devices.py         # Spawns and retires ghost device noise
│   └── ghost-profiles.db        # Pool of ghost device configurations
│
├── telemetry-sim/
│   ├── telemetry-simulator.py   # Dummy "phone home" packet generator
│   └── vendor-patterns.yaml     # Known vendor heartbeat patterns
│
├── hud/
│   ├── hud.py                   # Two-tier HUD daemon (Quick Status + Full Dump)
│   └── hud.conf                 # Output format, refresh intervals, alerts
│
├── maintenance/
│   ├── maintenance-mode.sh      # Boot into whitelist editing mode
│   └── whitelist-add.py         # Add new device to permanent whitelist
│
└── utils/
    ├── verify-image.sh          # Verify microSD/USB integrity before boot
    ├── session-wipe.sh          # RAM and temp data cleanup on shutdown
    └── snap-alert.sh            # Emergency destroy notification + countdown