Catalog of dev studios, SSH daemons, and packet/file-handling apps — overlaid with live handshake observation. Recipes below are scoped to your device fingerprint.
| Visibility | Studio | Process | Port | Touches | Live | Notes |
|---|---|---|---|---|---|---|
| LOOPBACK SSH | ssh-agent | ssh-agent | unix/tcp | 📁 files | — | Local key cache (Unix socket). Holds private keys in memory; never bind to a public port. |
| LOOPBACK RF studio | GNU Radio Companion (ZMQ) | gnuradio-companion | 1234/tcp | 📁 files📡 packets | — | ZMQ source/sink for SDR flowgraphs. Streams I/Q packets. |
| LOOPBACK Web dev | Next.js / Node dev | node | 3000/tcp | 📁 files📡 packets | — | Common dev port. Loopback unless 0.0.0.0. |
| LOOPBACK Media | OBS Studio (WebSocket) | obs | 4455/tcp | 📁 files📡 packets | — | Scene/source control. Loopback by default; password-protected. |
| LOOPBACK Web dev | Vite dev server | node | 5173/tcp | 📁 files📡 packets | — | HMR WebSocket + module graph. Loopback by default; --host exposes it. |
| LOOPBACK IDE | VS Code Server | node | 8000/tcp | 📁 files📡 packets | — | Remote-SSH / code-server. Serves your workspace files over HTTP/WebSocket. |
| LOOPBACK IDE | Cursor IDE | cursor | 8765/tcp | 📁 files📡 packets | — | Local RPC for AI completions and file indexing. |
| LOOPBACK IDE | Jupyter notebook | jupyter | 8888/tcp | 📁 files📡 packets | — | Notebook kernel + WebSocket. Loopback unless --ip=0.0.0.0. |
| LOOPBACK DNA studio | SnapGene (file watch) | snapgene | 9001/tcp | 📁 files | — | Local sequence file watcher. |
| LOOPBACK IDE | JetBrains IDE (IntelliJ/PyCharm) | idea | 63342/tcp | 📁 files | — | Built-in HTTP server for previews + LSP. Loopback by default. |
| PRIVATE RF studio | SoapySDR remote | SoapySDRServer | 1350/tcp | 📡 packets | — | Remote SDR control + samples. Private/VPN only. |
| PRIVATE Container | Docker daemon (TLS) | dockerd | 2376/tcp | 📁 files📡 packets | — | TLS-protected Docker API. |
| PRIVATE Database | PostgreSQL | postgres | 5432/tcp | 📁 files📡 packets | — | Should be private. Reads/writes WAL + heap files. |
| PRIVATE Database | Redis | redis-server | 6379/tcp | 📁 files📡 packets | — | RDB/AOF on disk. Public Redis = full RCE — keep private. |
| PRIVATE Container | Kubernetes API server | kube-apiserver | 6443/tcp | 📁 files📡 packets | — | Cluster control plane. Private/VPC only. |
| PUBLIC SSH | OpenSSH server | sshd | 22/tcp | 📁 files📡 packets | — | Encrypted shell + SCP/SFTP file transfer + port forwarding. Public if exposed to LAN/WAN. |
| PUBLIC DNA studio | Benchling sync agent | benchling-agent | 443/tcp | 📁 files📡 packets | — | Outbound HTTPS to Benchling. Carries plasmid + sequence files. |
| PUBLIC Messaging | MQTT broker | mosquitto | 1883/tcp | 📡 packets | — | Pub/sub for IoT. Often public for sensors. TLS variant on 8883. |
| PUBLIC Container | Docker daemon (TCP) | dockerd | 2375/tcp | 📁 files📡 packets | — | UNENCRYPTED Docker API. If public, attacker can spawn containers — always use 2376 with TLS. |
| PUBLIC IDE | VS Code Live Share | code | 5990/tcp | 📁 files📡 packets | — | Real-time collaborative editing. Tunnels file ops + cursor packets to peers. |
| PUBLIC VPN | WireGuard | wireguard | 51820/udp | 📡 packets | — | Encrypted UDP tunnel. |
| PUBLIC Remote shell | Mosh (mobile shell) | mosh-server | 60001/udp | 📡 packets | — | Roaming UDP shell. Range 60000-61000. Public to allow client roaming. |
All recipes are pre-filled with your device fingerprint (loading)…so OS-BOT and the bounty pipeline can attribute results to this machine.
curl 'https://YOUR-APP/api/os-bot?q=which+studios+are+listening+on+my+device&fp=YOUR_FP'
curl -X POST 'https://YOUR-APP/api/os-bot' \
-H 'Content-Type: application/json' \
-d '{"messages":[{"role":"user","content":"/mint sshd exposed publicly σ=5"}],"device_fingerprint":"YOUR_FP"}'curl -X POST 'https://YOUR-APP/api/probe' \
-H 'Content-Type: application/json' \
-d '{"target":"https://example.com"}'ssh -N -L 8080:localhost:443 -o ServerAliveInterval=30 user@your-bastion.example
ssh -N -R 5173:localhost:5173 user@your-bastion.example
ssh-keygen -t ed25519 -C "osbot-fp-(loading)" -f ~/.ssh/osbot_(loading)
curl -fsSL 'https://YOUR-APP/api/toolkit.installer.sh' | bash
curl 'https://YOUR-APP/api/osbot-corpus'
⚠ This is a CATALOG with live handshake correlation — not a host-OS port scan. Browsers cannot read your real socket table; ask OS-BOT or run ss -tulpn on the host for ground truth.