@atlascrew/apparatus 0.9.0

package/dist/app.js

@@ -0,0 +1,525 @@
+import express from "express";
+import pinoHttp from "pino-http";
+import swaggerUi from "swagger-ui-express";
+import compression from "compression";
+import multer from "multer";
+import path from "path";
+import { existsSync } from "fs";
+import { fileURLToPath } from "url";
+import { cfg } from "./config.js";
+import { logger } from "./logger.js";
+import { echoHandler, sseHandler } from "./echoHandler.js";
+import { broadcastRequest } from "./sse-broadcast.js";
+import { register, httpRequestDurationMicroseconds, httpRequestsTotal } from "./metrics.js";
+import { swaggerDocument } from "./swagger.js";
+import { getHistory, clearHistory } from "./history.js";
+import { proxyHandler } from "./proxy.js";
+import { authForgeHandler, authVerifyHandler, jwtDebugHandler, jwtDebugPostHandler } from "./jwt-debug.js";
+import { rateLimitHandler } from "./ratelimit.js";
+import { graphqlHandler } from "./graphql.js";
+import { jwksHandler, tokenMintHandler, oidcDiscoveryHandler } from "./oidc.js";
+import { sinkHandler } from "./sink.js";
+import { dlpHandler } from "./dlp.js";
+import { generatorHandler } from "./generator.js";
+import { sysInfoHandler } from "./sysinfo.js";
+import { dnsHandler, pingHandler } from "./infra-debug.js";
+import { webhookReceiveHandler, webhookListHandler } from "./webhook.js";
+import { eicarHandler, crashHandler, cpuSpikeHandler, getChaosStatus, memorySpikeHandler } from "./chaos.js";
+import { kvHandler } from "./kv.js";
+import { scriptHandler } from "./scripting.js";
+import { pcapHandler, harReplayHandler, livePacketHandler } from "./forensics.js";
+import { clusterAttackHandler, clusterAttackStopHandler, getClusterMembers } from "./cluster.js";
+import { tarpitMiddleware, tarpitListHandler, tarpitReleaseHandler, tarpitTrapHandler } from "./tarpit.js";
+import { blackholeAddHandler, blackholeListHandler, blackholeMiddleware, blackholeReleaseHandler } from "./blackhole.js";
+import { selfHealingMiddleware, getHealthStatus } from "./self-healing.js";
+import { deceptionHandler, deceptionHistoryHandler, deceptionClearHandler } from "./deception.js";
+import { redTeamFuzzerRunHandler, redTeamValidateHandler } from "./redteam.js";
+import { activeShieldMiddleware, sentinelHandler } from "./sentinel.js";
+import { ghostCreateHandler, ghostDeleteHandler, ghostHandler, ghostMockMiddleware, ghostStartHandler, ghostStopHandler, } from "./ghosting.js";
+import { polymorphicRouteMiddleware, mtdHandler } from "./mtd.js";
+import { victimRouter } from "./victim/index.js";
+import { chat } from "./ai/client.js";
+import { autopilotConfigHandler, autopilotKillHandler, autopilotReportsHandler, autopilotStartHandler, autopilotStatusHandler, autopilotStopHandler, } from "./ai/redteam.js";
+import { runEscapeScan } from "./escape/index.js";
+import { triggerSupplyChainAttack } from "./simulator/supply-chain.js";
+import { getGraphHandler, injectMalwareHandler, resetGraphHandler } from "./simulator/dependency-graph.js";
+import { scenarioListHandler, scenarioSaveHandler, scenarioRunHandler, scenarioRunStatusHandler } from "./scenarios.js";
+import { getPersistenceHealth } from "./persistence/status.js";
+import { drillCancelHandler, drillDebriefHandler, drillListHandler, drillMarkDetectedHandler, drillRunHandler, drillStatusHandler, } from "./drills.js";
+import { startDemoLoop, stopDemoLoop, getDemoConfig, updateDemoConfig } from "./demo-mode.js";
+import { startAttackSimulation, stopAttackSimulation, isSimulationRunning } from "./attack-sim.js";
+import { attackerProfileHandler, attackerRegistryHandler } from "./attacker-tracker.js";
+import { readdir } from "fs/promises";
+import { request } from "undici";
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = path.dirname(__filename);
+const upload = multer({ storage: multer.memoryStorage(), limits: { fileSize: 50 * 1024 * 1024 } }); // 50MB limit
+export function createApp() {
+    const app = express();
+    app.set("trust proxy", false);
+    const isTrafficPattern = (value) => {
+        return value === "steady" || value === "sine" || value === "spiky";
+    };
+    const clampNumber = (value, min, max) => Math.max(min, Math.min(max, value));
+    if (cfg.demoMode) {
+        logger.warn("Demo mode enabled: CORS allows all origins. Do not expose this instance to untrusted networks.");
+    }
+    const runningInContainer = Boolean(process.env.KUBERNETES_SERVICE_HOST) || existsSync("/.dockerenv");
+    if (cfg.host === "127.0.0.1" && runningInContainer) {
+        logger.warn("HOST is set to 127.0.0.1 in a containerized environment. Set HOST=0.0.0.0 for external/container networking.");
+    }
+    const safeOrigins = new Set([
+        "http://localhost:8080",
+        "http://localhost:8090",
+        "http://localhost:4173",
+        "http://localhost:5173",
+        "http://localhost:5174",
+        "http://localhost:5175",
+        "http://127.0.0.1:8080",
+        "http://127.0.0.1:8090",
+        "http://127.0.0.1:4173",
+        "http://127.0.0.1:5173",
+        "http://127.0.0.1:5174",
+        "http://127.0.0.1:5175",
+    ]);
+    // 0. CORS (safe localhost defaults, permissive only in demo mode)
+    app.use((req, res, next) => {
+        const origin = req.headers.origin;
+        if (typeof origin === 'string') {
+            // Strict: only allow if origin is present AND matches (or demo mode is on)
+            const isAllowed = cfg.demoMode || safeOrigins.has(origin);
+            if (isAllowed) {
+                res.setHeader("Access-Control-Allow-Origin", origin);
+                res.setHeader("Vary", "Origin");
+                res.setHeader("Access-Control-Allow-Headers", "*");
+                res.setHeader("Access-Control-Allow-Methods", "GET,POST,PUT,PATCH,DELETE,OPTIONS");
+            }
+        }
+        if (req.method === "OPTIONS") {
+            // Always return 204. If not allowed, headers are missing -> browser blocks.
+            return res.sendStatus(204);
+        }
+        next();
+    });
+    // 0.1 Critical Infrastructure (Always accessible)
+    app.get("/healthz", (_req, res) => res.status(200).json({ status: "ok" }));
+    app.get("/health/pro", (_req, res) => res.json(getHealthStatus()));
+    app.get("/sse", sseHandler);
+    app.get("/metrics", async (_req, res) => {
+        try {
+            res.set("Content-Type", register.contentType);
+            res.end(await register.metrics());
+        }
+        catch {
+            res.status(500).json({ error: "Failed to collect metrics" });
+        }
+    });
+    // 0.2 Dashboard Documentation API (Always accessible for help system)
+    app.get("/api/docs-index", (_req, res) => {
+        const docsIndexPath = path.join(__dirname, "dist-dashboard", "docs-index.json");
+        res.sendFile(docsIndexPath, (error) => {
+            if (error && !res.headersSent) {
+                res.status(404).json({ error: "Documentation index not found" });
+            }
+        });
+    });
+    // 0.3 Global Mitigation (Blackhole)
+    // Hard-drop layer intentionally placed before adaptive defenses so blocked
+    // actors cannot consume additional resources deeper in the stack.
+    app.use(blackholeMiddleware);
+    // 1. Moving Target Defense (Hide everything if active)
+    app.use(polymorphicRouteMiddleware);
+    // 2. Self-Healing & QoS
+    app.use(selfHealingMiddleware);
+    // 2. Deception Engine (Misinformation wins)
+    app.use(async (req, res, next) => {
+        try {
+            const trapped = await deceptionHandler(req, res);
+            if (trapped || res.headersSent)
+                return;
+            next();
+        }
+        catch (error) {
+            next(error); // Pass to Express error handler
+        }
+    });
+    // 3. Tarpit Defense (Honeypot)
+    app.use(tarpitMiddleware);
+    app.use((req, res, next) => {
+        req._startAt = Date.now();
+        // Metrics: end timer on response finish
+        const end = httpRequestDurationMicroseconds.startTimer();
+        res.on("finish", () => {
+            const route = req.route ? req.route.path : req.path;
+            const status = res.statusCode;
+            httpRequestsTotal.inc({
+                method: req.method,
+                route: route,
+                status_code: status,
+            });
+            end({
+                method: req.method,
+                route: route,
+                status_code: status,
+            });
+            // Global Traffic Broadcast for Dashboard
+            // We only broadcast if it's NOT the SSE stream itself to avoid loops
+            if (route !== "/sse") {
+                broadcastRequest({
+                    method: req.method,
+                    path: req.path,
+                    status: res.statusCode,
+                    ip: req.ip,
+                    timestamp: new Date().toISOString(),
+                    latencyMs: Date.now() - (req._startAt || Date.now())
+                });
+            }
+        });
+        next();
+    });
+    if (cfg.enableCompression) {
+        app.use(compression());
+    }
+    app.use(pinoHttp({ logger }));
+    app.use(express.json({ limit: cfg.bodyLimit, strict: false }));
+    app.use(express.urlencoded({ extended: true, limit: cfg.bodyLimit }));
+    app.use(express.raw({ type: "application/octet-stream", limit: cfg.bodyLimit }));
+    app.use(express.text({ type: "*/*", limit: cfg.bodyLimit }));
+    // 1.5 Active Shield (Virtual Patching) - Moved here to access parsed body
+    app.use(activeShieldMiddleware);
+    // Security Gate for Dangerous Endpoints
+    const securityGate = (req, res, next) => {
+        const directIp = req.socket.remoteAddress;
+        if (!directIp) {
+            return res.status(403).json({ error: "Access denied: Unknown source." });
+        }
+        const isLocal = directIp === "127.0.0.1" ||
+            directIp === "::1" ||
+            directIp === "::ffff:127.0.0.1" ||
+            directIp.startsWith("::ffff:127.");
+        if (!cfg.demoMode && !isLocal) {
+            return res.status(403).json({ error: "Access denied. Enable demo mode or use localhost." });
+        }
+        next();
+    };
+    // Protect dangerous endpoints
+    app.use("/api/simulator", securityGate);
+    app.use("/api/redteam/autopilot", securityGate);
+    app.use("/_sensor", securityGate);
+    app.use("/proxy", securityGate);
+    // Virtual Ghost endpoints should be resolved before route handlers.
+    app.use(ghostMockMiddleware);
+    // Scenario Engine
+    app.get("/scenarios", securityGate, scenarioListHandler);
+    app.post("/scenarios", securityGate, scenarioSaveHandler);
+    app.post("/scenarios/:id/run", securityGate, scenarioRunHandler);
+    app.get("/scenarios/:id/status", securityGate, scenarioRunStatusHandler);
+    // Breach Protocol Drill Engine
+    app.get("/drills", securityGate, drillListHandler);
+    app.post("/drills/:id/run", securityGate, drillRunHandler);
+    app.get("/drills/:id/status", securityGate, drillStatusHandler);
+    app.post("/drills/:id/mark-detected", securityGate, drillMarkDetectedHandler);
+    app.post("/drills/:id/cancel", securityGate, drillCancelHandler);
+    app.get("/drills/:id/debrief", securityGate, drillDebriefHandler);
+    // Attacker Fingerprinting
+    app.get("/api/attackers", securityGate, attackerRegistryHandler);
+    app.get("/api/attackers/:ip", securityGate, attackerProfileHandler);
+    // Swagger Documentation
+    app.use("/docs", swaggerUi.serve, swaggerUi.setup(swaggerDocument));
+    // Demo Mode & Integrations Control (Dashboard parity)
+    app.get("/_sensor/demo", (_req, res) => {
+        res.json({ success: true, ...getDemoConfig(), attack_sim: isSimulationRunning() });
+    });
+    app.all("/_sensor/demo/toggle", (_req, res) => {
+        const config = getDemoConfig();
+        if (config.enabled) {
+            stopDemoLoop();
+        }
+        else {
+            startDemoLoop();
+        }
+        res.json({ success: true, ...getDemoConfig(), attack_sim: isSimulationRunning() });
+    });
+    app.post("/_sensor/demo/attack-sim/toggle", securityGate, (req, res) => {
+        if (isSimulationRunning()) {
+            stopAttackSimulation();
+        }
+        else {
+            const rawInterval = Number(req.body.intervalMs);
+            const intervalMs = Math.max(500, Math.min(30000, Number.isFinite(rawInterval) ? rawInterval : 2000));
+            // Determine base URL dynamically (respecting the host header for container setups)
+            const protocol = req.protocol;
+            const host = req.get("host") || `localhost:${cfg.portHttp1}`;
+            const baseUrl = `${protocol}://${host}`;
+            startAttackSimulation(baseUrl, intervalMs);
+        }
+        res.json({ success: true, attack_sim: isSimulationRunning() });
+    });
+    app.put("/_sensor/demo/config", (req, res) => {
+        const body = req.body;
+        if (!body || typeof body !== 'object') {
+            return res.status(400).json({ error: "Invalid payload" });
+        }
+        const updates = {};
+        const { intensity, errorRate, latencyBase, attackFrequency, pattern, targetPath } = body;
+        if (Number.isFinite(intensity))
+            updates.intensity = clampNumber(Number(intensity), 0, 100);
+        if (Number.isFinite(errorRate))
+            updates.errorRate = clampNumber(Number(errorRate), 0, 100);
+        if (Number.isFinite(latencyBase))
+            updates.latencyBase = clampNumber(Number(latencyBase), 0, 30000);
+        if (Number.isFinite(attackFrequency))
+            updates.attackFrequency = clampNumber(Number(attackFrequency), 0, 100);
+        if (isTrafficPattern(pattern))
+            updates.pattern = pattern;
+        if (typeof targetPath === 'string' && targetPath.startsWith('/'))
+            updates.targetPath = targetPath;
+        if (targetPath === null)
+            updates.targetPath = targetPath;
+        updateDemoConfig(updates);
+        res.json({ success: true, ...getDemoConfig() });
+    });
+    app.get("/_sensor/config/integrations", (_req, res) => {
+        res.json({
+            success: true,
+            data: {
+                tunnel_url: cfg.tunnelUrl,
+                tunnel_api_key: cfg.tunnelApiKey,
+                apparatus_url: `http://localhost:${cfg.portHttp1}`
+            }
+        });
+    });
+    app.put("/_sensor/config/integrations", (req, res) => {
+        const { tunnel_url, tunnel_api_key } = req.body;
+        if (tunnel_url !== undefined)
+            cfg.tunnelUrl = tunnel_url;
+        if (tunnel_api_key !== undefined)
+            cfg.tunnelApiKey = tunnel_api_key;
+        logger.info("Apparatus Integrations configuration updated from dashboard");
+        res.json({ success: true, message: "Integrations configuration updated" });
+    });
+    // Request History
+    app.get("/history", (_req, res) => res.json(getHistory()));
+    app.delete("/history", (_req, res) => {
+        clearHistory();
+        res.sendStatus(204);
+    });
+    // Visual Dashboard - React App
+    const dashboardPath = path.join(__dirname, "dist-dashboard");
+    // Serve static files with SVG MIME type support
+    app.use("/dashboard", express.static(dashboardPath, {
+        setHeaders: (res, path) => {
+            if (path.endsWith('.svg')) {
+                res.setHeader('Content-Type', 'image/svg+xml');
+            }
+        }
+    }));
+    app.get("/autopilot", (_req, res) => res.redirect("/dashboard/autopilot"));
+    // SPA Fallback for Dashboard
+    app.get("/dashboard/*", (_req, res) => {
+        res.sendFile(path.join(dashboardPath, "index.html"));
+    });
+    // Serve Static Assets
+    app.use("/assets", express.static(path.join(process.cwd(), "assets"), {
+        setHeaders: (res, path) => {
+            if (path.endsWith('.svg')) {
+                res.setHeader('Content-Type', 'image/svg+xml');
+            }
+        }
+    }));
+    // Debugging Tools
+    app.get("/debug/jwt", jwtDebugHandler);
+    app.post("/debug/jwt", jwtDebugPostHandler);
+    app.get("/ratelimit", rateLimitHandler);
+    app.get("/sysinfo", sysInfoHandler);
+    app.get("/dns", dnsHandler);
+    app.get("/ping", pingHandler);
+    app.all("/hooks/:id", webhookReceiveHandler);
+    app.get("/hooks/:id/inspect", webhookListHandler);
+    // Modern API Features (GraphQL & OIDC)
+    app.all("/graphql", graphqlHandler);
+    app.get("/.well-known/jwks.json", jwksHandler);
+    app.get("/.well-known/openid-configuration", oidcDiscoveryHandler);
+    app.all("/auth/token", tokenMintHandler);
+    app.post("/auth/forge", securityGate, authForgeHandler);
+    app.post("/auth/verify", securityGate, authVerifyHandler);
+    // Bandwidth Tests
+    app.post("/sink", sinkHandler);
+    app.get("/generate", generatorHandler);
+    app.get("/dlp", dlpHandler);
+    // Security & Chaos
+    app.get("/malicious", eicarHandler);
+    app.post("/chaos/crash", crashHandler);
+    app.all("/chaos/cpu", cpuSpikeHandler); // Allow GET (old) and POST (new)
+    app.all("/chaos/memory", memorySpikeHandler); // Allow GET (old) and POST (new)
+    app.get("/chaos/status", securityGate, (_req, res) => {
+        res.json(getChaosStatus());
+    });
+    // Advanced Logic
+    app.all("/kv/:key", kvHandler);
+    app.post("/script", scriptHandler);
+    // Network Forensics
+    app.get("/capture.pcap", pcapHandler);
+    app.get("/api/forensics/live", securityGate, livePacketHandler);
+    app.post("/replay", harReplayHandler);
+    // Distributed Cluster
+    app.post("/cluster/attack", securityGate, clusterAttackHandler);
+    app.post("/cluster/attack/stop", securityGate, clusterAttackStopHandler);
+    app.get("/cluster/members", (_req, res) => res.json(getClusterMembers()));
+    // Advanced Defense & Offense
+    app.get("/redteam/validate", securityGate, redTeamValidateHandler);
+    app.post("/api/redteam/fuzzer/run", securityGate, redTeamFuzzerRunHandler);
+    app.get("/api/redteam/autopilot/config", securityGate, autopilotConfigHandler);
+    app.post("/api/redteam/autopilot/start", securityGate, autopilotStartHandler);
+    app.post("/api/redteam/autopilot/stop", securityGate, autopilotStopHandler);
+    app.post("/api/redteam/autopilot/kill", securityGate, autopilotKillHandler);
+    app.get("/api/redteam/autopilot/status", securityGate, autopilotStatusHandler);
+    app.get("/api/redteam/autopilot/reports", securityGate, autopilotReportsHandler);
+    app.all("/sentinel/rules", sentinelHandler);
+    app.get("/ghosts", securityGate, ghostHandler);
+    app.post("/ghosts", securityGate, ghostCreateHandler);
+    app.delete("/ghosts/:id", securityGate, ghostDeleteHandler);
+    app.post("/ghosts/start", securityGate, ghostStartHandler);
+    app.post("/ghosts/stop", securityGate, ghostStopHandler);
+    app.all("/mtd", mtdHandler);
+    // Tarpit Monitor API
+    app.get("/blackhole", securityGate, blackholeListHandler);
+    app.post("/blackhole", securityGate, blackholeAddHandler);
+    app.post("/blackhole/release", securityGate, blackholeReleaseHandler);
+    app.get("/tarpit", securityGate, tarpitListHandler);
+    app.post("/tarpit/trap", securityGate, tarpitTrapHandler);
+    app.post("/tarpit/release", securityGate, tarpitReleaseHandler);
+    app.get("/admin/persistence/health", securityGate, (_req, res) => {
+        res.json(getPersistenceHealth());
+    });
+    // Deception History API
+    app.get("/deception/history", deceptionHistoryHandler);
+    app.delete("/deception/history", deceptionClearHandler);
+    // The Victim (Vulnerable App)
+    app.use("/victim", victimRouter);
+    // Proxy / SSRF Test
+    app.all("/proxy", proxyHandler);
+    // AI Chat API
+    app.post("/api/ai/chat", async (req, res) => {
+        try {
+            const { sessionId, system, message } = req.body;
+            const response = await chat(sessionId || "default", system || "You are a helpful assistant.", message);
+            res.json({ response });
+        }
+        catch (err) {
+            logger.error({ error: err.message }, "AI Chat Error");
+            res.status(500).json({ error: err.message });
+        }
+    });
+    // Lab Integration Endpoints
+    app.get("/api/lab/k6/scenarios", securityGate, async (_req, res) => {
+        try {
+            if (!cfg.k6ScenariosPath)
+                return res.json({ success: true, scenarios: [] });
+            const files = (await readdir(cfg.k6ScenariosPath))
+                .filter(f => f.endsWith('.js'))
+                .map(f => ({ name: f, path: f }));
+            res.json({ success: true, scenarios: files });
+        }
+        catch (e) {
+            logger.error({ error: e }, "Failed to list k6 scenarios");
+            res.status(500).json({ error: "Failed to list k6 scenarios" });
+        }
+    });
+    app.get("/api/lab/nuclei/templates", securityGate, async (_req, res) => {
+        try {
+            if (!cfg.nucleiTemplatesPath)
+                return res.json({ success: true, templates: [] });
+            const files = (await readdir(cfg.nucleiTemplatesPath))
+                .filter(f => f.endsWith('.yaml') || f.endsWith('.yml'))
+                .map(f => ({ name: f, path: f }));
+            res.json({ success: true, templates: files });
+        }
+        catch (e) {
+            logger.error({ error: e }, "Failed to list nuclei templates");
+            res.status(500).json({ error: "Failed to list nuclei templates" });
+        }
+    });
+    // Infrastructure Status Proxies
+    app.get("/api/infra/status", securityGate, (_req, res) => {
+        // Status checks are primarily configuration-based manifests
+        // In a real implementation, these would query the running server instances
+        res.json({
+            success: true,
+            servers: [
+                { name: "HTTP/1.1", protocol: "tcp", port: cfg.portHttp1, status: "active" },
+                { name: "HTTP/2 TLS", protocol: "tcp", port: cfg.portHttp2, status: "active" },
+                { name: "HTTP/2 Cleartext (h2c)", protocol: "tcp", port: cfg.portHttp1 + 1, status: cfg.enableH2C ? "active" : "disabled" },
+                { name: "gRPC", protocol: "tcp", port: cfg.portGrpc, status: "active" },
+                { name: "WebSocket", protocol: "ws", port: cfg.portHttp1, path: "/ws", status: "active" },
+                { name: "Redis Mock", protocol: "tcp", port: cfg.portRedis, status: "active" },
+                { name: "MQTT Broker", protocol: "tcp", port: cfg.portMqtt, status: "active" },
+                { name: "SMTP Receiver", protocol: "tcp", port: cfg.portSmtp, status: "active" },
+                { name: "Syslog Receiver", protocol: "udp", port: cfg.portSyslog, status: "active" },
+                { name: "Syslog Alt", protocol: "udp", port: cfg.portSyslogAlt, status: "active" },
+                { name: "ICAP Server", protocol: "tcp", port: cfg.portIcap, status: "active" },
+                { name: "TCP Echo", protocol: "tcp", port: cfg.portTcp, status: "active" },
+                { name: "UDP Echo", protocol: "udp", port: cfg.portUdp, status: "active" },
+                { name: "Bad SSL", protocol: "tcp", port: cfg.portBadSsl, status: "active" },
+            ]
+        });
+    });
+    app.get("/api/infra/imposter", async (_req, res) => {
+        try {
+            const { statusCode, body } = await request("http://127.0.0.1:16925/health");
+            if (statusCode === 200) {
+                const data = await body.json();
+                res.json(data);
+            }
+            else {
+                res.status(502).json({ status: "error", code: statusCode });
+            }
+        }
+        catch (e) {
+            res.status(502).json({ status: "down", error: e.message });
+        }
+    });
+    app.get("/api/infra/sidecar", async (_req, res) => {
+        try {
+            // Check sidecar by hitting its healthz which proxies to us
+            const { statusCode } = await request("http://127.0.0.1:8081/healthz");
+            if (statusCode === 200) {
+                res.json({ status: "ok", role: "Toxic Sidecar" });
+            }
+            else {
+                res.status(502).json({ status: "error", code: statusCode });
+            }
+        }
+        catch (e) {
+            res.status(502).json({ status: "down", error: e.message });
+        }
+    });
+    // Supply Chain Simulator
+    app.post("/api/simulator/supply-chain", async (req, res) => {
+        try {
+            const logs = await triggerSupplyChainAttack(req.body.target);
+            res.json({ logs });
+        }
+        catch (e) {
+            res.status(500).json({ error: e.message });
+        }
+    });
+    app.get("/api/simulator/dependencies", securityGate, getGraphHandler);
+    app.post("/api/simulator/dependencies/infect", securityGate, injectMalwareHandler);
+    app.post("/api/simulator/dependencies/reset", securityGate, resetGraphHandler);
+    // Escape Artist API
+    app.post("/api/escape/scan", async (req, res) => {
+        try {
+            const results = await runEscapeScan(req.body);
+            res.json(results);
+        }
+        catch (err) {
+            logger.error({ error: err.message }, "Escape Scan Error");
+            res.status(500).json({ error: err.message });
+        }
+    });
+    // Handle multipart uploads on any route
+    app.all("*", upload.any(), echoHandler);
+    return app;
+}
+//# sourceMappingURL=app.js.map

package/dist/app.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"app.js","sourceRoot":"","sources":["../src/app.ts"],"names":[],"mappings":"AAAA,OAAO,OAAoB,MAAM,SAAS,CAAC;AAC3C,OAAO,QAAQ,MAAM,WAAW,CAAC;AACjC,OAAO,SAAS,MAAM,oBAAoB,CAAC;AAC3C,OAAO,WAAW,MAAM,aAAa,CAAC;AACtC,OAAO,MAAM,MAAM,QAAQ,CAAC;AAC5B,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,UAAU,EAAE,MAAM,IAAI,CAAC;AAChC,OAAO,EAAE,aAAa,EAAE,MAAM,KAAK,CAAC;AACpC,OAAO,EAAE,GAAG,EAAE,MAAM,aAAa,CAAC;AAClC,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AACrC,OAAO,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAC3D,OAAO,EAAkB,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AACtE,OAAO,EAAE,QAAQ,EAAE,+BAA+B,EAAE,iBAAiB,EAAE,MAAM,cAAc,CAAC;AAC5F,OAAO,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AAC/C,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC;AACxD,OAAO,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAC1C,OAAO,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,eAAe,EAAE,mBAAmB,EAAE,MAAM,gBAAgB,CAAC;AAC3G,OAAO,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AAClD,OAAO,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAC9C,OAAO,EAAE,WAAW,EAAE,gBAAgB,EAAE,oBAAoB,EAAE,MAAM,WAAW,CAAC;AAChF,OAAO,EAAE,WAAW,EAAE,MAAM,WAAW,CAAC;AACxC,OAAO,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AACtC,OAAO,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AAClD,OAAO,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAC9C,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAC3D,OAAO,EAAE,qBAAqB,EAAE,kBAAkB,EAAE,MAAM,cAAc,CAAC;AACzE,OAAO,EAAE,YAAY,EAAE,YAAY,EAAE,eAAe,EAAE,cAAc,EAAE,kBAAkB,EAAE,MAAM,YAAY,CAAC;AAC7G,OAAO,EAAE,SAAS,EAAE,MAAM,SAAS,CAAC;AACpC,OAAO,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAC/C,OAAO,EAAE,WAAW,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,MAAM,gBAAgB,CAAC;AAClF,OAAO,EAAE,oBAAoB,EAAE,wBAAwB,EAAE,iBAAiB,EAAE,MAAM,cAAc,CAAC;AACjG,OAAO,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,oBAAoB,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAC;AAC3G,OAAO,EAAE,mBAAmB,EAAE,oBAAoB,EAAE,mBAAmB,EAAE,uBAAuB,EAAE,MAAM,gBAAgB,CAAC;AACzH,OAAO,EAAE,qBAAqB,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AAC3E,OAAO,EAAE,gBAAgB,EAAE,uBAAuB,EAAE,qBAAqB,EAAE,MAAM,gBAAgB,CAAC;AAClG,OAAO,EAAE,uBAAuB,EAAE,sBAAsB,EAAE,MAAM,cAAc,CAAC;AAC/E,OAAO,EAAE,sBAAsB,EAAE,eAAe,EAAE,MAAM,eAAe,CAAC;AACxE,OAAO,EACH,kBAAkB,EAClB,kBAAkB,EAClB,YAAY,EACZ,mBAAmB,EACnB,iBAAiB,EACjB,gBAAgB,GACnB,MAAM,eAAe,CAAC;AACvB,OAAO,EAAE,0BAA0B,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AAClE,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AACjD,OAAO,EAAE,IAAI,EAAE,MAAM,gBAAgB,CAAC;AACtC,OAAO,EACH,sBAAsB,EACtB,oBAAoB,EACpB,uBAAuB,EACvB,qBAAqB,EACrB,sBAAsB,EACtB,oBAAoB,GACvB,MAAM,iBAAiB,CAAC;AACzB,OAAO,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAClD,OAAO,EAAE,wBAAwB,EAAE,MAAM,6BAA6B,CAAC;AACvE,OAAO,EAAE,eAAe,EAAE,oBAAoB,EAAE,iBAAiB,EAAE,MAAM,iCAAiC,CAAC;AAC3G,OAAO,EAAE,mBAAmB,EAAE,mBAAmB,EAAE,kBAAkB,EAAE,wBAAwB,EAAE,MAAM,gBAAgB,CAAC;AACxH,OAAO,EAAE,oBAAoB,EAAE,MAAM,yBAAyB,CAAC;AAC/D,OAAO,EACH,kBAAkB,EAClB,mBAAmB,EACnB,gBAAgB,EAChB,wBAAwB,EACxB,eAAe,EACf,kBAAkB,GACrB,MAAM,aAAa,CAAC;AACrB,OAAO,EAAE,aAAa,EAAE,YAAY,EAAE,aAAa,EAAE,gBAAgB,EAAmB,MAAM,gBAAgB,CAAC;AAC/G,OAAO,EAAE,qBAAqB,EAAE,oBAAoB,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAC;AACnG,OAAO,EAAE,sBAAsB,EAAE,uBAAuB,EAAE,MAAM,uBAAuB,CAAC;AAExF,OAAO,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AACtC,OAAO,EAAE,OAAO,EAAE,MAAM,QAAQ,CAAC;AAEjC,MAAM,UAAU,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAClD,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;AAE3C,MAAM,MAAM,GAAG,MAAM,CAAC,EAAE,OAAO,EAAE,MAAM,CAAC,aAAa,EAAE,EAAE,MAAM,EAAE,EAAE,QAAQ,EAAE,EAAE,GAAG,IAAI,GAAG,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa;AAEjH,MAAM,UAAU,SAAS;IACrB,MAAM,GAAG,GAAG,OAAO,EAAE,CAAC;IACtB,GAAG,CAAC,GAAG,CAAC,aAAa,EAAE,KAAK,CAAC,CAAC;IAC9B,MAAM,gBAAgB,GAAG,CAAC,KAAc,EAAkC,EAAE;QACxE,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,MAAM,IAAI,KAAK,KAAK,OAAO,CAAC;IACvE,CAAC,CAAC;IACF,MAAM,WAAW,GAAG,CAAC,KAAa,EAAE,GAAW,EAAE,GAAW,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC,CAAC;IAErG,IAAI,GAAG,CAAC,QAAQ,EAAE,CAAC;QACf,MAAM,CAAC,IAAI,CAAC,gGAAgG,CAAC,CAAC;IAClH,CAAC;IAED,MAAM,kBAAkB,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC,IAAI,UAAU,CAAC,aAAa,CAAC,CAAC;IACrG,IAAI,GAAG,CAAC,IAAI,KAAK,WAAW,IAAI,kBAAkB,EAAE,CAAC;QACjD,MAAM,CAAC,IAAI,CAAC,8GAA8G,CAAC,CAAC;IAChI,CAAC;IAED,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC;QACxB,uBAAuB;QACvB,uBAAuB;QACvB,uBAAuB;QACvB,uBAAuB;QACvB,uBAAuB;QACvB,uBAAuB;QACvB,uBAAuB;QACvB,uBAAuB;QACvB,uBAAuB;QACvB,uBAAuB;QACvB,uBAAuB;QACvB,uBAAuB;KAC1B,CAAC,CAAC;IAEH,kEAAkE;IAClE,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QACvB,MAAM,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC;QAElC,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;YAC7B,2EAA2E;YAC3E,MAAM,SAAS,GAAG,GAAG,CAAC,QAAQ,IAAI,WAAW,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;YAE1D,IAAI,SAAS,EAAE,CAAC;gBACZ,GAAG,CAAC,SAAS,CAAC,6BAA6B,EAAE,MAAM,CAAC,CAAC;gBACrD,GAAG,CAAC,SAAS,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;gBAChC,GAAG,CAAC,SAAS,CAAC,8BAA8B,EAAE,GAAG,CAAC,CAAC;gBACnD,GAAG,CAAC,SAAS,CAAC,8BAA8B,EAAE,mCAAmC,CAAC,CAAC;YACvF,CAAC;QACL,CAAC;QAED,IAAI,GAAG,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;YAC3B,4EAA4E;YAC5E,OAAO,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;QAC/B,CAAC;QAED,IAAI,EAAE,CAAC;IACX,CAAC,CAAC,CAAC;IAEH,kDAAkD;IAClD,GAAG,CAAC,GAAG,CAAC,UAAU,EAAE,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;IAC3E,GAAG,CAAC,GAAG,CAAC,aAAa,EAAE,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC,CAAC,CAAC;IACnE,GAAG,CAAC,GAAG,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;IAC5B,GAAG,CAAC,GAAG,CAAC,UAAU,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,EAAE,EAAE;QACpC,IAAI,CAAC;YACD,GAAG,CAAC,GAAG,CAAC,cAAc,EAAE,QAAQ,CAAC,WAAW,CAAC,CAAC;YAC9C,GAAG,CAAC,GAAG,CAAC,MAAM,QAAQ,CAAC,OAAO,EAAE,CAAC,CAAC;QACtC,CAAC;QAAC,MAAM,CAAC;YACL,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,2BAA2B,EAAE,CAAC,CAAC;QACjE,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,sEAAsE;IACtE,GAAG,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE;QACrC,MAAM,aAAa,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,gBAAgB,EAAE,iBAAiB,CAAC,CAAC;QAChF,GAAG,CAAC,QAAQ,CAAC,aAAa,EAAE,CAAC,KAAK,EAAE,EAAE;YAClC,IAAI,KAAK,IAAI,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC;gBAC5B,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,+BAA+B,EAAE,CAAC,CAAC;YACrE,CAAC;QACL,CAAC,CAAC,CAAC;IACP,CAAC,CAAC,CAAC;IAEH,oCAAoC;IACpC,2EAA2E;IAC3E,kEAAkE;IAClE,GAAG,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;IAE7B,uDAAuD;IACvD,GAAG,CAAC,GAAG,CAAC,0BAA0B,CAAC,CAAC;IAEpC,wBAAwB;IACxB,GAAG,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAC;IAE/B,4CAA4C;IAC5C,GAAG,CAAC,GAAG,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QAC7B,IAAI,CAAC;YACD,MAAM,OAAO,GAAG,MAAM,gBAAgB,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;YACjD,IAAI,OAAO,IAAI,GAAG,CAAC,WAAW;gBAAE,OAAO;YACvC,IAAI,EAAE,CAAC;QACX,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACb,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,gCAAgC;QACjD,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,+BAA+B;IAC/B,GAAG,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;IAE1B,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QACtB,GAAW,CAAC,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAEnC,wCAAwC;QACxC,MAAM,GAAG,GAAG,+BAA+B,CAAC,UAAU,EAAE,CAAC;QACzD,GAAG,CAAC,EAAE,CAAC,QAAQ,EAAE,GAAG,EAAE;YAClB,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC;YACpD,MAAM,MAAM,GAAG,GAAG,CAAC,UAAU,CAAC;YAE9B,iBAAiB,CAAC,GAAG,CAAC;gBAClB,MAAM,EAAE,GAAG,CAAC,MAAM;gBAClB,KAAK,EAAE,KAAK;gBACZ,WAAW,EAAE,MAAM;aACtB,CAAC,CAAC;YAEH,GAAG,CAAC;gBACA,MAAM,EAAE,GAAG,CAAC,MAAM;gBAClB,KAAK,EAAE,KAAK;gBACZ,WAAW,EAAE,MAAM;aACtB,CAAC,CAAC;YAEH,yCAAyC;YACzC,qEAAqE;YACrE,IAAI,KAAK,KAAK,MAAM,EAAE,CAAC;gBACnB,gBAAgB,CAAC;oBACb,MAAM,EAAE,GAAG,CAAC,MAAM;oBAClB,IAAI,EAAE,GAAG,CAAC,IAAI;oBACd,MAAM,EAAE,GAAG,CAAC,UAAU;oBACtB,EAAE,EAAE,GAAG,CAAC,EAAE;oBACV,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;oBACnC,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,CAAE,GAAW,CAAC,QAAQ,IAAI,IAAI,CAAC,GAAG,EAAE,CAAC;iBAChE,CAAC,CAAC;YACP,CAAC;QACL,CAAC,CAAC,CAAC;QAEH,IAAI,EAAE,CAAC;IACX,CAAC,CAAC,CAAC;IAEH,IAAI,GAAG,CAAC,iBAAiB,EAAE,CAAC;QACxB,GAAG,CAAC,GAAG,CAAC,WAAW,EAAuC,CAAC,CAAC;IAChE,CAAC;IAED,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC;IAE9B,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,GAAG,CAAC,SAAS,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC;IAC/D,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC;IACtE,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,IAAI,EAAE,0BAA0B,EAAE,KAAK,EAAE,GAAG,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC;IACjF,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,EAAE,GAAG,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC;IAE7D,0EAA0E;IAC1E,GAAG,CAAC,GAAG,CAAC,sBAAsB,CAAC,CAAC;IAEhC,wCAAwC;IACxC,MAAM,YAAY,GAAG,CAAC,GAAoB,EAAE,GAAqB,EAAE,IAA0B,EAAE,EAAE;QAC7F,MAAM,QAAQ,GAAG,GAAG,CAAC,MAAM,CAAC,aAAa,CAAC;QAE1C,IAAI,CAAC,QAAQ,EAAE,CAAC;YACZ,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,gCAAgC,EAAE,CAAC,CAAC;QAC7E,CAAC;QAED,MAAM,OAAO,GACT,QAAQ,KAAK,WAAW;YACxB,QAAQ,KAAK,KAAK;YAClB,QAAQ,KAAK,kBAAkB;YAC/B,QAAQ,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;QAEvC,IAAI,CAAC,GAAG,CAAC,QAAQ,IAAI,CAAC,OAAO,EAAE,CAAC;YAC5B,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,mDAAmD,EAAE,CAAC,CAAC;QAChG,CAAC;QACD,IAAI,EAAE,CAAC;IACX,CAAC,CAAC;IAEF,8BAA8B;IAC9B,GAAG,CAAC,GAAG,CAAC,gBAAgB,EAAE,YAAY,CAAC,CAAC;IACxC,GAAG,CAAC,GAAG,CAAC,wBAAwB,EAAE,YAAY,CAAC,CAAC;IAChD,GAAG,CAAC,GAAG,CAAC,UAAU,EAAE,YAAY,CAAC,CAAC;IAClC,GAAG,CAAC,GAAG,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;IAEhC,oEAAoE;IACpE,GAAG,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;IAE7B,kBAAkB;IAClB,GAAG,CAAC,GAAG,CAAC,YAAY,EAAE,YAAY,EAAE,mBAAmB,CAAC,CAAC;IACzD,GAAG,CAAC,IAAI,CAAC,YAAY,EAAE,YAAY,EAAE,mBAAmB,CAAC,CAAC;IAC1D,GAAG,CAAC,IAAI,CAAC,oBAAoB,EAAE,YAAY,EAAE,kBAAkB,CAAC,CAAC;IACjE,GAAG,CAAC,GAAG,CAAC,uBAAuB,EAAE,YAAY,EAAE,wBAAwB,CAAC,CAAC;IAEzE,+BAA+B;IAC/B,GAAG,CAAC,GAAG,CAAC,SAAS,EAAE,YAAY,EAAE,gBAAgB,CAAC,CAAC;IACnD,GAAG,CAAC,IAAI,CAAC,iBAAiB,EAAE,YAAY,EAAE,eAAe,CAAC,CAAC;IAC3D,GAAG,CAAC,GAAG,CAAC,oBAAoB,EAAE,YAAY,EAAE,kBAAkB,CAAC,CAAC;IAChE,GAAG,CAAC,IAAI,CAAC,2BAA2B,EAAE,YAAY,EAAE,wBAAwB,CAAC,CAAC;IAC9E,GAAG,CAAC,IAAI,CAAC,oBAAoB,EAAE,YAAY,EAAE,kBAAkB,CAAC,CAAC;IACjE,GAAG,CAAC,GAAG,CAAC,qBAAqB,EAAE,YAAY,EAAE,mBAAmB,CAAC,CAAC;IAElE,0BAA0B;IAC1B,GAAG,CAAC,GAAG,CAAC,gBAAgB,EAAE,YAAY,EAAE,uBAAuB,CAAC,CAAC;IACjE,GAAG,CAAC,GAAG,CAAC,oBAAoB,EAAE,YAAY,EAAE,sBAAsB,CAAC,CAAC;IAEpE,wBAAwB;IACxB,GAAG,CAAC,GAAG,CAAC,OAAO,EAAE,SAAS,CAAC,KAA4C,EAAE,SAAS,CAAC,KAAK,CAAC,eAAe,CAAsC,CAAC,CAAC;IAEhJ,sDAAsD;IACtD,GAAG,CAAC,GAAG,CAAC,eAAe,EAAE,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE;QACnC,GAAG,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,aAAa,EAAE,EAAE,UAAU,EAAE,mBAAmB,EAAE,EAAE,CAAC,CAAC;IACvF,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,GAAG,CAAC,sBAAsB,EAAE,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE;QAC1C,MAAM,MAAM,GAAG,aAAa,EAAE,CAAC;QAC/B,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;YACjB,YAAY,EAAE,CAAC;QACnB,CAAC;aAAM,CAAC;YACJ,aAAa,EAAE,CAAC;QACpB,CAAC;QACD,GAAG,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,aAAa,EAAE,EAAE,UAAU,EAAE,mBAAmB,EAAE,EAAE,CAAC,CAAC;IACvF,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,IAAI,CAAC,iCAAiC,EAAE,YAAY,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;QACnE,IAAI,mBAAmB,EAAE,EAAE,CAAC;YACxB,oBAAoB,EAAE,CAAC;QAC3B,CAAC;aAAM,CAAC;YACJ,MAAM,WAAW,GAAG,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YAChD,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,GAAG,CAAC,KAAK,EAAE,MAAM,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;YAErG,mFAAmF;YACnF,MAAM,QAAQ,GAAG,GAAG,CAAC,QAAQ,CAAC;YAC9B,MAAM,IAAI,GAAG,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,aAAa,GAAG,CAAC,SAAS,EAAE,CAAC;YAC7D,MAAM,OAAO,GAAG,GAAG,QAAQ,MAAM,IAAI,EAAE,CAAC;YAExC,qBAAqB,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;QAC/C,CAAC;QACD,GAAG,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,mBAAmB,EAAE,EAAE,CAAC,CAAC;IACnE,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,GAAG,CAAC,sBAAsB,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;QACzC,MAAM,IAAI,GAAG,GAAG,CAAC,IAAI,CAAC;QACtB,IAAI,CAAC,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;YACnC,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,iBAAiB,EAAE,CAAC,CAAC;QAC/D,CAAC;QAED,MAAM,OAAO,GAAwB,EAAE,CAAC;QACxC,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,WAAW,EAAE,eAAe,EAAE,OAAO,EAAE,UAAU,EAAE,GAAG,IAAI,CAAC;QAEzF,IAAI,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC;YAAE,OAAO,CAAC,SAAS,GAAG,WAAW,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC;QAC3F,IAAI,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC;YAAE,OAAO,CAAC,SAAS,GAAG,WAAW,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC;QAC3F,IAAI,MAAM,CAAC,QAAQ,CAAC,WAAW,CAAC;YAAE,OAAO,CAAC,WAAW,GAAG,WAAW,CAAC,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC;QACnG,IAAI,MAAM,CAAC,QAAQ,CAAC,eAAe,CAAC;YAAE,OAAO,CAAC,eAAe,GAAG,WAAW,CAAC,MAAM,CAAC,eAAe,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC;QAC7G,IAAI,gBAAgB,CAAC,OAAO,CAAC;YAAE,OAAO,CAAC,OAAO,GAAG,OAAO,CAAC;QACzD,IAAI,OAAO,UAAU,KAAK,QAAQ,IAAI,UAAU,CAAC,UAAU,CAAC,GAAG,CAAC;YAAE,OAAO,CAAC,UAAU,GAAG,UAAU,CAAC;QAClG,IAAI,UAAU,KAAK,IAAI;YAAE,OAAO,CAAC,UAAU,GAAG,UAAU,CAAC;QAEzD,gBAAgB,CAAC,OAAO,CAAC,CAAC;QAC1B,GAAG,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,aAAa,EAAE,EAAE,CAAC,CAAC;IACpD,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,GAAG,CAAC,8BAA8B,EAAE,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE;QAClD,GAAG,CAAC,IAAI,CAAC;YACL,OAAO,EAAE,IAAI;YACb,IAAI,EAAE;gBACF,UAAU,EAAE,GAAG,CAAC,SAAS;gBACzB,cAAc,EAAE,GAAG,CAAC,YAAY;gBAChC,aAAa,EAAE,oBAAoB,GAAG,CAAC,SAAS,EAAE;aACrD;SACJ,CAAC,CAAC;IACP,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,GAAG,CAAC,8BAA8B,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;QACjD,MAAM,EAAE,UAAU,EAAE,cAAc,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC;QAChD,IAAI,UAAU,KAAK,SAAS;YAAE,GAAG,CAAC,SAAS,GAAG,UAAU,CAAC;QACzD,IAAI,cAAc,KAAK,SAAS;YAAE,GAAG,CAAC,YAAY,GAAG,cAAc,CAAC;QAEpE,MAAM,CAAC,IAAI,CAAC,6DAA6D,CAAC,CAAC;QAC3E,GAAG,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,oCAAoC,EAAE,CAAC,CAAC;IAC/E,CAAC,CAAC,CAAC;IAEH,kBAAkB;IAClB,GAAG,CAAC,GAAG,CAAC,UAAU,EAAE,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC;IAC3D,GAAG,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE;QACjC,YAAY,EAAE,CAAC;QACf,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;IACxB,CAAC,CAAC,CAAC;IAEH,+BAA+B;IAC/B,MAAM,aAAa,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,gBAAgB,CAAC,CAAC;IAE7D,gDAAgD;IAChD,GAAG,CAAC,GAAG,CAAC,YAAY,EAAE,OAAO,CAAC,MAAM,CAAC,aAAa,EAAE;QAChD,UAAU,EAAE,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE;YACtB,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;gBACxB,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,eAAe,CAAC,CAAC;YACnD,CAAC;QACL,CAAC;KACJ,CAAC,CAAC,CAAC;IAEJ,GAAG,CAAC,GAAG,CAAC,YAAY,EAAE,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,QAAQ,CAAC,sBAAsB,CAAC,CAAC,CAAC;IAE3E,6BAA6B;IAC7B,GAAG,CAAC,GAAG,CAAC,cAAc,EAAE,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE;QAClC,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,YAAY,CAAC,CAAC,CAAC;IACzD,CAAC,CAAC,CAAC;IAEH,sBAAsB;IACtB,GAAG,CAAC,GAAG,CAAC,SAAS,EAAE,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,QAAQ,CAAC,EAAE;QAClE,UAAU,EAAE,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE;YACtB,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;gBACxB,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,eAAe,CAAC,CAAC;YACnD,CAAC;QACL,CAAC;KACJ,CAAC,CAAC,CAAC;IAEJ,kBAAkB;IAClB,GAAG,CAAC,GAAG,CAAC,YAAY,EAAE,eAAe,CAAC,CAAC;IACvC,GAAG,CAAC,IAAI,CAAC,YAAY,EAAE,mBAAmB,CAAC,CAAC;IAC5C,GAAG,CAAC,GAAG,CAAC,YAAY,EAAE,gBAAgB,CAAC,CAAC;IACxC,GAAG,CAAC,GAAG,CAAC,UAAU,EAAE,cAAc,CAAC,CAAC;IACpC,GAAG,CAAC,GAAG,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;IAC5B,GAAG,CAAC,GAAG,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;IAC9B,GAAG,CAAC,GAAG,CAAC,YAAY,EAAE,qBAAqB,CAAC,CAAC;IAC7C,GAAG,CAAC,GAAG,CAAC,oBAAoB,EAAE,kBAAkB,CAAC,CAAC;IAElD,uCAAuC;IACvC,GAAG,CAAC,GAAG,CAAC,UAAU,EAAE,cAAmD,CAAC,CAAC;IACzE,GAAG,CAAC,GAAG,CAAC,wBAAwB,EAAE,WAAW,CAAC,CAAC;IAC/C,GAAG,CAAC,GAAG,CAAC,mCAAmC,EAAE,oBAAoB,CAAC,CAAC;IACnE,GAAG,CAAC,GAAG,CAAC,aAAa,EAAE,gBAAgB,CAAC,CAAC;IACzC,GAAG,CAAC,IAAI,CAAC,aAAa,EAAE,YAAY,EAAE,gBAAgB,CAAC,CAAC;IACxD,GAAG,CAAC,IAAI,CAAC,cAAc,EAAE,YAAY,EAAE,iBAAiB,CAAC,CAAC;IAE1D,kBAAkB;IAClB,GAAG,CAAC,IAAI,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;IAC/B,GAAG,CAAC,GAAG,CAAC,WAAW,EAAE,gBAAgB,CAAC,CAAC;IACvC,GAAG,CAAC,GAAG,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;IAE5B,mBAAmB;IACnB,GAAG,CAAC,GAAG,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC;IACpC,GAAG,CAAC,IAAI,CAAC,cAAc,EAAE,YAAY,CAAC,CAAC;IACvC,GAAG,CAAC,GAAG,CAAC,YAAY,EAAE,eAAe,CAAC,CAAC,CAAC,iCAAiC;IACzE,GAAG,CAAC,GAAG,CAAC,eAAe,EAAE,kBAAkB,CAAC,CAAC,CAAC,iCAAiC;IAC/E,GAAG,CAAC,GAAG,CAAC,eAAe,EAAE,YAAY,EAAE,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE;QACjD,GAAG,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC,CAAC;IAC/B,CAAC,CAAC,CAAC;IAEH,iBAAiB;IACjB,GAAG,CAAC,GAAG,CAAC,UAAU,EAAE,SAAS,CAAC,CAAC;IAC/B,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,aAAa,CAAC,CAAC;IAEnC,oBAAoB;IACpB,GAAG,CAAC,GAAG,CAAC,eAAe,EAAE,WAAW,CAAC,CAAC;IACtC,GAAG,CAAC,GAAG,CAAC,qBAAqB,EAAE,YAAY,EAAE,iBAAiB,CAAC,CAAC;IAChE,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,gBAAgB,CAAC,CAAC;IAEtC,sBAAsB;IACtB,GAAG,CAAC,IAAI,CAAC,iBAAiB,EAAE,YAAY,EAAE,oBAAoB,CAAC,CAAC;IAChE,GAAG,CAAC,IAAI,CAAC,sBAAsB,EAAE,YAAY,EAAE,wBAAwB,CAAC,CAAC;IACzE,GAAG,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC,CAAC,CAAC;IAE1E,6BAA6B;IAC7B,GAAG,CAAC,GAAG,CAAC,mBAAmB,EAAE,YAAY,EAAE,sBAAsB,CAAC,CAAC;IACnE,GAAG,CAAC,IAAI,CAAC,yBAAyB,EAAE,YAAY,EAAE,uBAAuB,CAAC,CAAC;IAC3E,GAAG,CAAC,GAAG,CAAC,+BAA+B,EAAE,YAAY,EAAE,sBAAsB,CAAC,CAAC;IAC/E,GAAG,CAAC,IAAI,CAAC,8BAA8B,EAAE,YAAY,EAAE,qBAAqB,CAAC,CAAC;IAC9E,GAAG,CAAC,IAAI,CAAC,6BAA6B,EAAE,YAAY,EAAE,oBAAoB,CAAC,CAAC;IAC5E,GAAG,CAAC,IAAI,CAAC,6BAA6B,EAAE,YAAY,EAAE,oBAAoB,CAAC,CAAC;IAC5E,GAAG,CAAC,GAAG,CAAC,+BAA+B,EAAE,YAAY,EAAE,sBAAsB,CAAC,CAAC;IAC/E,GAAG,CAAC,GAAG,CAAC,gCAAgC,EAAE,YAAY,EAAE,uBAAuB,CAAC,CAAC;IACjF,GAAG,CAAC,GAAG,CAAC,iBAAiB,EAAE,eAAe,CAAC,CAAC;IAC5C,GAAG,CAAC,GAAG,CAAC,SAAS,EAAE,YAAY,EAAE,YAAY,CAAC,CAAC;IAC/C,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,YAAY,EAAE,kBAAkB,CAAC,CAAC;IACtD,GAAG,CAAC,MAAM,CAAC,aAAa,EAAE,YAAY,EAAE,kBAAkB,CAAC,CAAC;IAC5D,GAAG,CAAC,IAAI,CAAC,eAAe,EAAE,YAAY,EAAE,iBAAiB,CAAC,CAAC;IAC3D,GAAG,CAAC,IAAI,CAAC,cAAc,EAAE,YAAY,EAAE,gBAAgB,CAAC,CAAC;IACzD,GAAG,CAAC,GAAG,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;IAE5B,qBAAqB;IACrB,GAAG,CAAC,GAAG,CAAC,YAAY,EAAE,YAAY,EAAE,oBAAoB,CAAC,CAAC;IAC1D,GAAG,CAAC,IAAI,CAAC,YAAY,EAAE,YAAY,EAAE,mBAAmB,CAAC,CAAC;IAC1D,GAAG,CAAC,IAAI,CAAC,oBAAoB,EAAE,YAAY,EAAE,uBAAuB,CAAC,CAAC;IACtE,GAAG,CAAC,GAAG,CAAC,SAAS,EAAE,YAAY,EAAE,iBAAiB,CAAC,CAAC;IACpD,GAAG,CAAC,IAAI,CAAC,cAAc,EAAE,YAAY,EAAE,iBAAiB,CAAC,CAAC;IAC1D,GAAG,CAAC,IAAI,CAAC,iBAAiB,EAAE,YAAY,EAAE,oBAAoB,CAAC,CAAC;IAChE,GAAG,CAAC,GAAG,CAAC,2BAA2B,EAAE,YAAY,EAAE,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE;QAC7D,GAAG,CAAC,IAAI,CAAC,oBAAoB,EAAE,CAAC,CAAC;IACrC,CAAC,CAAC,CAAC;IAEH,wBAAwB;IACxB,GAAG,CAAC,GAAG,CAAC,oBAAoB,EAAE,uBAAuB,CAAC,CAAC;IACvD,GAAG,CAAC,MAAM,CAAC,oBAAoB,EAAE,qBAAqB,CAAC,CAAC;IAExD,8BAA8B;IAC9B,GAAG,CAAC,GAAG,CAAC,SAAS,EAAE,YAAY,CAAC,CAAC;IAEjC,oBAAoB;IACpB,GAAG,CAAC,GAAG,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;IAEhC,cAAc;IACd,GAAG,CAAC,IAAI,CAAC,cAAc,EAAE,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE;QACxC,IAAI,CAAC;YACD,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC;YAChD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,SAAS,IAAI,SAAS,EAAE,MAAM,IAAI,8BAA8B,EAAE,OAAO,CAAC,CAAC;YACvG,GAAG,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC;QAC3B,CAAC;QAAC,OAAO,GAAQ,EAAE,CAAC;YAChB,MAAM,CAAC,KAAK,CAAC,EAAE,KAAK,EAAE,GAAG,CAAC,OAAO,EAAE,EAAE,eAAe,CAAC,CAAC;YACtD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;QACjD,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,4BAA4B;IAC5B,GAAG,CAAC,GAAG,CAAC,uBAAuB,EAAE,YAAY,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,EAAE,EAAE;QAC/D,IAAI,CAAC;YACD,IAAI,CAAC,GAAG,CAAC,eAAe;gBAAE,OAAO,GAAG,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,EAAE,EAAE,CAAC,CAAC;YAC5E,MAAM,KAAK,GAAG,CAAC,MAAM,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;iBAC7C,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;iBAC9B,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;YACtC,GAAG,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC,CAAC;QAClD,CAAC;QAAC,OAAO,CAAU,EAAE,CAAC;YAClB,MAAM,CAAC,KAAK,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE,6BAA6B,CAAC,CAAC;YAC1D,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,6BAA6B,EAAE,CAAC,CAAC;QACnE,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,GAAG,CAAC,2BAA2B,EAAE,YAAY,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,EAAE,EAAE;QACnE,IAAI,CAAC;YACD,IAAI,CAAC,GAAG,CAAC,mBAAmB;gBAAE,OAAO,GAAG,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,EAAE,EAAE,CAAC,CAAC;YAChF,MAAM,KAAK,GAAG,CAAC,MAAM,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;iBACjD,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;iBACtD,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;YACtC,GAAG,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC,CAAC;QAClD,CAAC;QAAC,OAAO,CAAU,EAAE,CAAC;YAClB,MAAM,CAAC,KAAK,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE,iCAAiC,CAAC,CAAC;YAC9D,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,iCAAiC,EAAE,CAAC,CAAC;QACvE,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,gCAAgC;IAChC,GAAG,CAAC,GAAG,CAAC,mBAAmB,EAAE,YAAY,EAAE,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE;QACrD,4DAA4D;QAC5D,2EAA2E;QAC3E,GAAG,CAAC,IAAI,CAAC;YACL,OAAO,EAAE,IAAI;YACb,OAAO,EAAE;gBACL,EAAE,IAAI,EAAE,UAAU,EAAE,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,CAAC,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE;gBAC5E,EAAE,IAAI,EAAE,YAAY,EAAE,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,CAAC,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE;gBAC9E,EAAE,IAAI,EAAE,wBAAwB,EAAE,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,CAAC,SAAS,GAAG,CAAC,EAAE,MAAM,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,UAAU,EAAE;gBAC3H,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE;gBACvE,EAAE,IAAI,EAAE,WAAW,EAAE,QAAQ,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,CAAC,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE;gBACzF,EAAE,IAAI,EAAE,YAAY,EAAE,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,CAAC,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE;gBAC9E,EAAE,IAAI,EAAE,aAAa,EAAE,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE;gBAC9E,EAAE,IAAI,EAAE,eAAe,EAAE,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE;gBAChF,EAAE,IAAI,EAAE,iBAAiB,EAAE,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE;gBACpF,EAAE,IAAI,EAAE,YAAY,EAAE,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,CAAC,aAAa,EAAE,MAAM,EAAE,QAAQ,EAAE;gBAClF,EAAE,IAAI,EAAE,aAAa,EAAE,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE;gBAC9E,EAAE,IAAI,EAAE,UAAU,EAAE,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,CAAC,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE;gBAC1E,EAAE,IAAI,EAAE,UAAU,EAAE,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,CAAC,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE;gBAC1E,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE;aAC/E;SACJ,CAAC,CAAC;IACP,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,GAAG,CAAC,qBAAqB,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,EAAE,EAAE;QAC/C,IAAI,CAAC;YACD,MAAM,EAAE,UAAU,EAAE,IAAI,EAAE,GAAG,MAAM,OAAO,CAAC,+BAA+B,CAAC,CAAC;YAC5E,IAAI,UAAU,KAAK,GAAG,EAAE,CAAC;gBACrB,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;gBAC/B,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACnB,CAAC;iBAAM,CAAC;gBACJ,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC,CAAC;YAChE,CAAC;QACL,CAAC;QAAC,OAAO,CAAM,EAAE,CAAC;YACd,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;QAC/D,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,GAAG,CAAC,oBAAoB,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,EAAE,EAAE;QAC9C,IAAI,CAAC;YACD,2DAA2D;YAC3D,MAAM,EAAE,UAAU,EAAE,GAAG,MAAM,OAAO,CAAC,+BAA+B,CAAC,CAAC;YACtE,IAAI,UAAU,KAAK,GAAG,EAAE,CAAC;gBACrB,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,eAAe,EAAE,CAAC,CAAC;YACtD,CAAC;iBAAM,CAAC;gBACJ,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC,CAAC;YAChE,CAAC;QACL,CAAC;QAAC,OAAO,CAAM,EAAE,CAAC;YACd,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;QAC/D,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,yBAAyB;IACzB,GAAG,CAAC,IAAI,CAAC,6BAA6B,EAAE,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE;QACvD,IAAI,CAAC;YACD,MAAM,IAAI,GAAG,MAAM,wBAAwB,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YAC7D,GAAG,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC;QACvB,CAAC;QAAC,OAAO,CAAM,EAAE,CAAC;YACd,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;QAC/C,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,GAAG,CAAC,6BAA6B,EAAE,YAAY,EAAE,eAAe,CAAC,CAAC;IACtE,GAAG,CAAC,IAAI,CAAC,oCAAoC,EAAE,YAAY,EAAE,oBAAoB,CAAC,CAAC;IACnF,GAAG,CAAC,IAAI,CAAC,mCAAmC,EAAE,YAAY,EAAE,iBAAiB,CAAC,CAAC;IAE/E,oBAAoB;IACpB,GAAG,CAAC,IAAI,CAAC,kBAAkB,EAAE,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE;QAC5C,IAAI,CAAC;YACD,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;YAC9C,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACtB,CAAC;QAAC,OAAO,GAAQ,EAAE,CAAC;YAChB,MAAM,CAAC,KAAK,CAAC,EAAE,KAAK,EAAE,GAAG,CAAC,OAAO,EAAE,EAAE,mBAAmB,CAAC,CAAC;YAC1D,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;QACjD,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,wCAAwC;IACxC,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,MAAM,CAAC,GAAG,EAAuC,EAAE,WAAW,CAAC,CAAC;IAE7E,OAAO,GAAG,CAAC;AACf,CAAC"}

package/dist/attack-sim.js

@@ -0,0 +1,69 @@
+import { broadcastRequest } from "./sse-broadcast.js";
+import { logger } from "./logger.js";
+import { request } from "undici";
+let simInterval = null;
+const IPS = [
+    "192.168.1.10", "10.0.0.5", "172.16.0.23", "203.0.113.42", "198.51.100.12",
+    "45.33.1.1", "185.220.1.1", "103.253.1.1"
+];
+// Ported from demo-targets attack-simulator.sh
+const ATTACKS = [
+    { name: "sqli_classic", path: "/api/v1/users?id=1' OR '1'='1", method: "GET" },
+    { name: "sqli_union", path: "/api/v1/users?id=1 UNION SELECT NULL,username,password FROM users--", method: "GET" },
+    { name: "xss_reflected", path: "/search?q=<script>alert('XSS')</script>", method: "GET" },
+    { name: "xss_img", path: "/search?q=<img src=x onerror=alert(document.cookie)>", method: "GET" },
+    { name: "traversal_basic", path: "/files?file=../../../../etc/passwd", method: "GET" },
+    { name: "cmdi_shell", path: "/ping?host=127.0.0.1;cat /etc/passwd", method: "GET" },
+    { name: "auth_nosql", path: "/api/login", method: "POST", body: { "username": { "$ne": null }, "password": { "$ne": null } } },
+    { name: "biz_price_negative", path: "/api/cart/add", method: "POST", body: { "item_id": 123, "quantity": -5 } },
+    { name: "api_ssrf", path: "/api/fetch?url=http://169.254.169.254/latest/meta-data/", method: "GET" },
+    { name: "path_env", path: "/.env", method: "GET" }
+];
+export function startAttackSimulation(baseUrl, intervalMs = 2000) {
+    if (simInterval)
+        return;
+    logger.info({ baseUrl, intervalMs }, "Starting Attack Simulation");
+    simInterval = setInterval(async () => {
+        const attack = ATTACKS[Math.floor(Math.random() * ATTACKS.length)];
+        const ip = IPS[Math.floor(Math.random() * IPS.length)];
+        const targetUrl = `${baseUrl}${attack.path}`;
+        try {
+            const start = Date.now();
+            const res = await request(targetUrl, {
+                method: attack.method,
+                headers: {
+                    "X-Real-IP": ip,
+                    "X-Forwarded-For": ip,
+                    "User-Agent": "Mozilla/5.0 (Apparatus Attack Simulator)"
+                },
+                body: attack.body ? JSON.stringify(attack.body) : undefined
+            });
+            const duration = Date.now() - start;
+            // Broadcast to dashboard
+            broadcastRequest({
+                method: attack.method,
+                path: attack.path,
+                status: res.statusCode,
+                ip: ip,
+                timestamp: new Date().toISOString(),
+                latencyMs: duration,
+                attackName: attack.name
+            });
+            logger.debug({ attack: attack.name, status: res.statusCode }, "Attack Simulation: Request sent");
+        }
+        catch (error) {
+            logger.error({ error: error.message }, "Attack Simulation: Error");
+        }
+    }, intervalMs);
+}
+export function stopAttackSimulation() {
+    if (simInterval) {
+        clearInterval(simInterval);
+        simInterval = null;
+        logger.info("Attack Simulation stopped");
+    }
+}
+export function isSimulationRunning() {
+    return simInterval !== null;
+}
+//# sourceMappingURL=attack-sim.js.map

package/dist/attack-sim.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"attack-sim.js","sourceRoot":"","sources":["../src/attack-sim.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAsB,MAAM,oBAAoB,CAAC;AAC1E,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AACrC,OAAO,EAAE,OAAO,EAAE,MAAM,QAAQ,CAAC;AAEjC,IAAI,WAAW,GAA0B,IAAI,CAAC;AAE9C,MAAM,GAAG,GAAG;IACR,cAAc,EAAE,UAAU,EAAE,aAAa,EAAE,cAAc,EAAE,eAAe;IAC1E,WAAW,EAAE,aAAa,EAAE,aAAa;CAC5C,CAAC;AAEF,+CAA+C;AAC/C,MAAM,OAAO,GAAG;IACZ,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,EAAE,+BAA+B,EAAE,MAAM,EAAE,KAAK,EAAE;IAC9E,EAAE,IAAI,EAAE,YAAY,EAAE,IAAI,EAAE,qEAAqE,EAAE,MAAM,EAAE,KAAK,EAAE;IAClH,EAAE,IAAI,EAAE,eAAe,EAAE,IAAI,EAAE,yCAAyC,EAAE,MAAM,EAAE,KAAK,EAAE;IACzF,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,sDAAsD,EAAE,MAAM,EAAE,KAAK,EAAE;IAChG,EAAE,IAAI,EAAE,iBAAiB,EAAE,IAAI,EAAE,oCAAoC,EAAE,MAAM,EAAE,KAAK,EAAE;IACtF,EAAE,IAAI,EAAE,YAAY,EAAE,IAAI,EAAE,sCAAsC,EAAE,MAAM,EAAE,KAAK,EAAE;IACnF,EAAE,IAAI,EAAE,YAAY,EAAE,IAAI,EAAE,YAAY,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,UAAU,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE,UAAU,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE,EAAE;IAC9H,EAAE,IAAI,EAAE,oBAAoB,EAAE,IAAI,EAAE,eAAe,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,SAAS,EAAE,GAAG,EAAE,UAAU,EAAE,CAAC,CAAC,EAAE,EAAE;IAC/G,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI,EAAE,yDAAyD,EAAE,MAAM,EAAE,KAAK,EAAE;IACpG,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE;CACrD,CAAC;AAEF,MAAM,UAAU,qBAAqB,CAAC,OAAe,EAAE,aAAqB,IAAI;IAC5E,IAAI,WAAW;QAAE,OAAO;IAExB,MAAM,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,UAAU,EAAE,EAAE,4BAA4B,CAAC,CAAC;IAEnE,WAAW,GAAG,WAAW,CAAC,KAAK,IAAI,EAAE;QACjC,MAAM,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC;QACnE,MAAM,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC;QACvD,MAAM,SAAS,GAAG,GAAG,OAAO,GAAG,MAAM,CAAC,IAAI,EAAE,CAAC;QAE7C,IAAI,CAAC;YACD,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YACzB,MAAM,GAAG,GAAG,MAAM,OAAO,CAAC,SAAS,EAAE;gBACjC,MAAM,EAAE,MAAM,CAAC,MAAa;gBAC5B,OAAO,EAAE;oBACL,WAAW,EAAE,EAAE;oBACf,iBAAiB,EAAE,EAAE;oBACrB,YAAY,EAAE,0CAA0C;iBAC3D;gBACD,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS;aAC9D,CAAC,CAAC;YAEH,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC;YAEpC,yBAAyB;YACzB,gBAAgB,CAAC;gBACb,MAAM,EAAE,MAAM,CAAC,MAAM;gBACrB,IAAI,EAAE,MAAM,CAAC,IAAI;gBACjB,MAAM,EAAE,GAAG,CAAC,UAAU;gBACtB,EAAE,EAAE,EAAE;gBACN,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACnC,SAAS,EAAE,QAAQ;gBACnB,UAAU,EAAE,MAAM,CAAC,IAAI;aAC1B,CAAC,CAAC;YAEH,MAAM,CAAC,KAAK,CAAC,EAAE,MAAM,EAAE,MAAM,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,CAAC,UAAU,EAAE,EAAE,iCAAiC,CAAC,CAAC;QAErG,CAAC;QAAC,OAAO,KAAU,EAAE,CAAC;YAClB,MAAM,CAAC,KAAK,CAAC,EAAE,KAAK,EAAE,KAAK,CAAC,OAAO,EAAE,EAAE,0BAA0B,CAAC,CAAC;QACvE,CAAC;IACL,CAAC,EAAE,UAAU,CAAC,CAAC;AACnB,CAAC;AAED,MAAM,UAAU,oBAAoB;IAChC,IAAI,WAAW,EAAE,CAAC;QACd,aAAa,CAAC,WAAW,CAAC,CAAC;QAC3B,WAAW,GAAG,IAAI,CAAC;QACnB,MAAM,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC;IAC7C,CAAC;AACL,CAAC;AAED,MAAM,UAAU,mBAAmB;IAC/B,OAAO,WAAW,KAAK,IAAI,CAAC;AAChC,CAAC"}