@etcsec-com/etc-collector 1.4.0

package/dist/services/audit/detectors/ad/monitoring.detector.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"monitoring.detector.js","sourceRoot":"","sources":["../../../../../src/services/audit/detectors/ad/monitoring.detector.ts"],"names":[],"mappings":";;AAyCA,wEAkDC;AAKD,wEA2CC;AAKD,0EA2CC;AAKD,0EA2CC;AAMD,4DAkDC;AAMD,wDAmDC;AAMD,gEAkDC;AAMD,4EAwDC;AAaD,0EAqBC;AA9dD,yEAA4E;AAmB5E,SAAgB,8BAA8B,CAC5C,WAAuC,EACvC,MAAuB,EACvB,cAAuB;IAEvB,IAAI,WAAW,EAAE,aAAa,IAAI,WAAW,CAAC,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACvE,MAAM,aAAa,GAAG,WAAW,CAAC,aAAa,CAAC;QAGhD,MAAM,eAAe,GAAG,CAAC,eAAe,EAAE,cAAc,EAAE,OAAO,CAAC,CAAC;QACnE,MAAM,aAAa,GAAG,aAAa,CAAC,IAAI,CACtC,CAAC,CAAC,EAAE,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO,IAAI,CAAC,CAAC,OAAO,CAAC,CAC3F,CAAC;QAEF,OAAO;YACL,IAAI,EAAE,6BAA6B;YACnC,QAAQ,EAAE,MAAM;YAChB,QAAQ,EAAE,YAAY;YACtB,KAAK,EAAE,0BAA0B;YACjC,WAAW,EACT,sIAAsI;YACxI,KAAK,EAAE,aAAa,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YAC5B,gBAAgB,EAAE,cAAc,IAAI,CAAC,aAAa,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS;YACtF,OAAO,EAAE,CAAC,aAAa;gBACrB,CAAC,CAAC;oBACE,cAAc,EACZ,4FAA4F;oBAC9F,iBAAiB,EAAE,eAAe;oBAClC,iBAAiB,EAAE;wBACjB,qBAAqB;wBACrB,mBAAmB;wBACnB,eAAe;wBACf,yBAAyB;qBAC1B;iBACF;gBACH,CAAC,CAAC,SAAS;SACd,CAAC;IACJ,CAAC;IAED,OAAO;QACL,IAAI,EAAE,6BAA6B;QACnC,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,YAAY;QACtB,KAAK,EAAE,mCAAmC;QAC1C,WAAW,EAAE,2EAA2E;QACxF,KAAK,EAAE,CAAC;QACR,OAAO,EAAE;YACP,IAAI,EAAE,uFAAuF;SAC9F;KACF,CAAC;AACJ,CAAC;AAKD,SAAgB,8BAA8B,CAC5C,WAAuC,EACvC,MAAuB,EACvB,cAAuB;IAEvB,IAAI,WAAW,EAAE,aAAa,IAAI,WAAW,CAAC,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACvE,MAAM,aAAa,GAAG,WAAW,CAAC,aAAa,CAAC;QAEhD,MAAM,mBAAmB,GAAG,aAAa,CAAC,IAAI,CAC5C,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,oBAAoB,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO,IAAI,CAAC,CAAC,OAAO,CAAC,CAC7E,CAAC;QAEF,OAAO;YACL,IAAI,EAAE,6BAA6B;YACnC,QAAQ,EAAE,MAAM;YAChB,QAAQ,EAAE,YAAY;YACtB,KAAK,EAAE,gCAAgC;YACvC,WAAW,EACT,sHAAsH;YACxH,KAAK,EAAE,mBAAmB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YAClC,gBAAgB,EAAE,cAAc,IAAI,CAAC,mBAAmB,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS;YAC5F,OAAO,EAAE,CAAC,mBAAmB;gBAC3B,CAAC,CAAC;oBACE,cAAc,EAAE,iEAAiE;oBACjF,iBAAiB,EAAE;wBACjB,+BAA+B;wBAC/B,2CAA2C;wBAC3C,mBAAmB;wBACnB,kBAAkB;qBACnB;iBACF;gBACH,CAAC,CAAC,SAAS;SACd,CAAC;IACJ,CAAC;IAED,OAAO;QACL,IAAI,EAAE,6BAA6B;QACnC,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,YAAY;QACtB,KAAK,EAAE,gDAAgD;QACvD,WAAW,EAAE,6DAA6D;QAC1E,KAAK,EAAE,CAAC;KACT,CAAC;AACJ,CAAC;AAKD,SAAgB,+BAA+B,CAC7C,WAAuC,EACvC,MAAuB,EACvB,cAAuB;IAEvB,IAAI,WAAW,EAAE,aAAa,IAAI,WAAW,CAAC,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACvE,MAAM,aAAa,GAAG,WAAW,CAAC,aAAa,CAAC;QAEhD,MAAM,oBAAoB,GAAG,aAAa,CAAC,IAAI,CAC7C,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO,IAAI,CAAC,CAAC,OAAO,CAAC,CACxE,CAAC;QAEF,OAAO;YACL,IAAI,EAAE,8BAA8B;YACpC,QAAQ,EAAE,MAAM;YAChB,QAAQ,EAAE,YAAY;YACtB,KAAK,EAAE,4BAA4B;YACnC,WAAW,EACT,+GAA+G;YACjH,KAAK,EAAE,oBAAoB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YACnC,gBAAgB,EAAE,cAAc,IAAI,CAAC,oBAAoB,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS;YAC7F,OAAO,EAAE,CAAC,oBAAoB;gBAC5B,CAAC,CAAC;oBACE,cAAc,EAAE,4DAA4D;oBAC5E,iBAAiB,EAAE;wBACjB,eAAe;wBACf,2BAA2B;wBAC3B,wBAAwB;wBACxB,6BAA6B;qBAC9B;iBACF;gBACH,CAAC,CAAC,SAAS;SACd,CAAC;IACJ,CAAC;IAED,OAAO;QACL,IAAI,EAAE,8BAA8B;QACpC,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,YAAY;QACtB,KAAK,EAAE,2CAA2C;QAClD,WAAW,EAAE,wDAAwD;QACrE,KAAK,EAAE,CAAC;KACT,CAAC;AACJ,CAAC;AAKD,SAAgB,+BAA+B,CAC7C,WAAuC,EACvC,MAAuB,EACvB,cAAuB;IAEvB,IAAI,WAAW,EAAE,aAAa,IAAI,WAAW,CAAC,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACvE,MAAM,aAAa,GAAG,WAAW,CAAC,aAAa,CAAC;QAEhD,MAAM,oBAAoB,GAAG,aAAa,CAAC,IAAI,CAC7C,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO,IAAI,CAAC,CAAC,OAAO,CAAC,CACxE,CAAC;QAEF,OAAO;YACL,IAAI,EAAE,8BAA8B;YACpC,QAAQ,EAAE,QAAQ;YAClB,QAAQ,EAAE,YAAY;YACtB,KAAK,EAAE,2BAA2B;YAClC,WAAW,EACT,2FAA2F;YAC7F,KAAK,EAAE,oBAAoB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YACnC,gBAAgB,EAAE,cAAc,IAAI,CAAC,oBAAoB,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS;YAC7F,OAAO,EAAE,CAAC,oBAAoB;gBAC5B,CAAC,CAAC;oBACE,cAAc,EAAE,6DAA6D;oBAC7E,iBAAiB,EAAE;wBACjB,iBAAiB;wBACjB,+BAA+B;wBAC/B,oBAAoB;wBACpB,uBAAuB;qBACxB;iBACF;gBACH,CAAC,CAAC,SAAS;SACd,CAAC;IACJ,CAAC;IAED,OAAO;QACL,IAAI,EAAE,8BAA8B;QACpC,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,YAAY;QACtB,KAAK,EAAE,2CAA2C;QAClD,WAAW,EAAE,wDAAwD;QACrE,KAAK,EAAE,CAAC;KACT,CAAC;AACJ,CAAC;AAMD,SAAgB,wBAAwB,CAAC,KAAe,EAAE,eAAwB;IAChF,MAAM,gBAAgB,GAAG,CAAC,UAAU,EAAE,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;IACjF,MAAM,kBAAkB,GAAG,CAAC,MAAM,EAAE,cAAc,EAAE,WAAW,EAAE,KAAK,EAAE,QAAQ,EAAE,cAAc,CAAC,CAAC;IAGlG,MAAM,SAAS,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;QACnC,MAAM,OAAO,GAAG,CAAC,CAAC,WAAW,CAAC;QAC9B,MAAM,IAAI,GAAG,CAAC,OAAO,OAAO,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC;QACxE,MAAM,IAAI,GAAG,CAAC,CAAC,CAAC,cAAc,IAAI,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC;QACpD,OAAO,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;IAC5E,CAAC,CAAC,CAAC;IAGH,MAAM,cAAc,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;QACxC,MAAM,IAAI,GAAG,CAAC,CAAC,CAAC,cAAc,IAAI,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC;QACpD,MAAM,mBAAmB,GAAG,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;QAC7E,MAAM,aAAa,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC;QACnC,MAAM,SAAS,GAAG,CAAC,CAAC,OAAO,CAAC;QAC5B,OAAO,mBAAmB,IAAI,aAAa,IAAI,SAAS,CAAC;IAC3D,CAAC,CAAC,CAAC;IAEH,MAAM,YAAY,GAAG,SAAS,CAAC,MAAM,GAAG,CAAC,IAAI,cAAc,CAAC,MAAM,IAAI,CAAC,CAAC;IAExE,OAAO;QACL,IAAI,EAAE,sBAAsB;QAC5B,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,YAAY;QACtB,KAAK,EAAE,qCAAqC;QAC5C,WAAW,EACT,yHAAyH;QAC3H,KAAK,EAAE,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAC3B,gBAAgB,EAAE,SAAS;QAC3B,OAAO,EAAE,YAAY;YACnB,CAAC,CAAC;gBACE,aAAa,EAAE,SAAS,CAAC,MAAM;gBAC/B,kBAAkB,EAAE,cAAc,CAAC,MAAM;gBACzC,MAAM,EAAE,4BAA4B;aACrC;YACH,CAAC,CAAC;gBACE,cAAc,EACZ,yGAAyG;gBAC3G,QAAQ,EAAE;oBACR,yCAAyC;oBACzC,qCAAqC;oBACrC,2BAA2B;iBAC5B;gBACD,mBAAmB,EACjB,qGAAqG;aACxG;KACN,CAAC;AACJ,CAAC;AAMD,SAAgB,sBAAsB,CACpC,KAAe,EACf,OAAwB,EACxB,cAAuB;IAIvB,MAAM,UAAU,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,KAAK,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC,CAAC;IAGxE,MAAM,qBAAqB,GAAG,kBAAkB,CAAC;IACjD,MAAM,kBAAkB,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;QACjD,MAAM,QAAQ,GAAG,CAAC,CAAC,UAAU,CAAyB,CAAC;QACvD,IAAI,CAAC,QAAQ;YAAE,OAAO,IAAI,CAAC;QAC3B,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,qBAAqB,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;IAC9D,CAAC,CAAC,CAAC;IAGH,MAAM,eAAe,GAAG,kBAAkB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;QAEtD,MAAM,MAAM,GAAG,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC;QACvF,MAAM,YAAY,GAAG,MAAM,GAAG,CAAC,IAAI,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC;QACzD,OAAO,YAAY,GAAG,CAAC,CAAC;IAC1B,CAAC,CAAC,CAAC;IAEH,MAAM,OAAO,GAAG,eAAe,CAAC,MAAM,GAAG,CAAC,CAAC;IAE3C,OAAO;QACL,IAAI,EAAE,oBAAoB;QAC1B,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,YAAY;QACtB,KAAK,EAAE,iCAAiC;QACxC,WAAW,EACT,gGAAgG;QAClG,KAAK,EAAE,eAAe,CAAC,MAAM;QAC7B,gBAAgB,EAAE,cAAc,CAAC,CAAC,CAAC,IAAA,yCAAsB,EAAC,eAAe,CAAC,CAAC,CAAC,CAAC,SAAS;QACtF,OAAO,EAAE,OAAO;YACd,CAAC,CAAC;gBACE,WAAW,EAAE,UAAU,CAAC,MAAM;gBAC9B,kBAAkB,EAAE,kBAAkB,CAAC,MAAM;gBAC7C,sBAAsB,EAAE,eAAe,CAAC,MAAM;gBAC9C,cAAc,EACZ,oFAAoF;gBACtF,KAAK,EAAE;oBACL,gCAAgC;oBAChC,mDAAmD;oBACnD,qDAAqD;iBACtD;aACF;YACH,CAAC,CAAC,SAAS;KACd,CAAC;AACJ,CAAC;AAMD,SAAgB,0BAA0B,CACxC,WAAyC,EACzC,MAAuB,EACvB,cAAuB;IAEvB,MAAM,mBAAmB,GAAG,GAAG,GAAG,IAAI,CAAC;IAEvC,IAAI,WAAW,EAAE,gBAAgB,EAAE,kBAAkB,KAAK,SAAS,EAAE,CAAC;QACpE,MAAM,OAAO,GAAG,WAAW,CAAC,gBAAgB,CAAC,kBAAkB,CAAC;QAChE,MAAM,UAAU,GAAG,OAAO,GAAG,mBAAmB,CAAC;QAEjD,OAAO;YACL,IAAI,EAAE,yBAAyB;YAC/B,QAAQ,EAAE,QAAQ;YAClB,QAAQ,EAAE,YAAY;YACtB,KAAK,EAAE,gCAAgC;YACvC,WAAW,EAAE,sCAAsC,IAAI,CAAC,KAAK,CAAC,OAAO,GAAG,IAAI,CAAC,+EAA+E;YAC5J,KAAK,EAAE,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YACzB,gBAAgB,EAAE,cAAc,IAAI,UAAU,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS;YAClF,OAAO,EAAE,UAAU;gBACjB,CAAC,CAAC;oBACE,aAAa,EAAE,OAAO;oBACtB,aAAa,EAAE,IAAI,CAAC,KAAK,CAAC,OAAO,GAAG,IAAI,CAAC;oBACzC,iBAAiB,EAAE,mBAAmB;oBACtC,iBAAiB,EAAE,IAAI,CAAC,KAAK,CAAC,mBAAmB,GAAG,IAAI,CAAC;oBACzD,cAAc,EAAE,gEAAgE;oBAChF,KAAK,EAAE;wBACL,iDAAiD;wBACjD,8CAA8C;wBAC9C,sDAAsD;qBACvD;iBACF;gBACH,CAAC,CAAC,SAAS;SACd,CAAC;IACJ,CAAC;IAID,OAAO;QACL,IAAI,EAAE,yBAAyB;QAC/B,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,YAAY;QACtB,KAAK,EAAE,yCAAyC;QAChD,WAAW,EAAE,4DAA4D;QACzE,KAAK,EAAE,CAAC;QACR,OAAO,EAAE;YACP,IAAI,EAAE,kFAAkF;YACxF,iBAAiB,EAAE,IAAI,CAAC,KAAK,CAAC,mBAAmB,GAAG,IAAI,CAAC;SAC1D;KACF,CAAC;AACJ,CAAC;AAMD,SAAgB,gCAAgC,CAC9C,KAAe,EACf,MAAiB,EACjB,cAAuB;IAGvB,MAAM,mBAAmB,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE;QAC5C,MAAM,IAAI,GAAG,CAAC,CAAC,CAAC,cAAc,IAAI,CAAC,CAAC,WAAW,IAAI,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC;QACrE,OAAO,IAAI,KAAK,iBAAiB,IAAI,CAAC,CAAC,EAAE,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,oBAAoB,CAAC,CAAC;IACzF,CAAC,CAAC,CAAC;IAGH,MAAM,eAAe,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,KAAK,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC,CAAC;IAG7E,MAAM,mBAAmB,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;QACvD,MAAM,QAAQ,GAAG,CAAC,CAAC,UAAU,CAAyB,CAAC;QACvD,IAAI,CAAC,QAAQ;YAAE,OAAO,IAAI,CAAC;QAG3B,OAAO,CAAC,QAAQ,CAAC,IAAI,CACnB,CAAC,CAAC,EAAE,EAAE,CACJ,CAAC,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,oBAAoB,CAAC;YAC9C,CAAC,mBAAmB,IAAI,CAAC,CAAC,WAAW,EAAE,KAAK,mBAAmB,CAAC,EAAE,CAAC,WAAW,EAAE,CAAC,CACpF,CAAC;IACJ,CAAC,CAAC,CAAC;IAGH,MAAM,WAAW,GAAG,mBAAmB,KAAK,SAAS,CAAC;IACtD,MAAM,gBAAgB,GAAG,mBAAmB,EAAE,MAAM,EAAE,MAAM,IAAI,CAAC,CAAC;IAElE,OAAO;QACL,IAAI,EAAE,+BAA+B;QACrC,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,YAAY;QACtB,KAAK,EAAE,oCAAoC;QAC3C,WAAW,EACT,wIAAwI;QAC1I,KAAK,EAAE,mBAAmB,CAAC,MAAM;QACjC,gBAAgB,EAAE,cAAc,CAAC,CAAC,CAAC,IAAA,yCAAsB,EAAC,mBAAmB,CAAC,CAAC,CAAC,CAAC,SAAS;QAC1F,OAAO,EAAE;YACP,WAAW;YACX,cAAc,EAAE,gBAAgB;YAChC,uBAAuB,EAAE,eAAe,CAAC,MAAM;YAC/C,UAAU,EAAE,mBAAmB,CAAC,MAAM;YACtC,WAAW,EAAE;gBACX,8BAA8B;gBAC9B,sCAAsC;gBACtC,0CAA0C;gBAC1C,gCAAgC;gBAChC,+BAA+B;aAChC;YACD,cAAc,EACZ,gGAAgG;SACnG;KACF,CAAC;AACJ,CAAC;AAaD,SAAgB,+BAA+B,CAC7C,KAAe,EACf,MAAiB,EACjB,MAAuB,EACvB,cAAuB,EACvB,UAAqC,EAAE;IAEvC,MAAM,EAAE,WAAW,GAAG,IAAI,EAAE,GAAG,OAAO,CAAC;IAEvC,OAAO;QAEL,8BAA8B,CAAC,WAAW,EAAE,MAAM,EAAE,cAAc,CAAC;QACnE,8BAA8B,CAAC,WAAW,EAAE,MAAM,EAAE,cAAc,CAAC;QACnE,+BAA+B,CAAC,WAAW,EAAE,MAAM,EAAE,cAAc,CAAC;QACpE,sBAAsB,CAAC,KAAK,EAAE,MAAM,EAAE,cAAc,CAAC;QAErD,+BAA+B,CAAC,WAAW,EAAE,MAAM,EAAE,cAAc,CAAC;QACpE,wBAAwB,CAAC,KAAK,EAAE,cAAc,CAAC;QAC/C,0BAA0B,CAAC,WAAW,EAAE,MAAM,EAAE,cAAc,CAAC;QAC/D,gCAAgC,CAAC,KAAK,EAAE,MAAM,EAAE,cAAc,CAAC;KAChE,CAAC,MAAM,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;AAC3C,CAAC"}

package/dist/services/audit/detectors/ad/network.detector.d.ts

@@ -0,0 +1,39 @@
+import { ADComputer, ADDomain } from '../../../../types/ad.types';
+import { Finding } from '../../../../types/finding.types';
+interface DnsZone {
+    name: string;
+    dn: string;
+    zoneType?: number;
+    dynamicUpdate?: number;
+    secureSecondaries?: number;
+    [key: string]: unknown;
+}
+interface ADSite {
+    name: string;
+    dn: string;
+    subnets?: string[];
+    servers?: string[];
+    [key: string]: unknown;
+}
+interface ADSubnet {
+    name: string;
+    dn: string;
+    site?: string;
+    location?: string;
+    [key: string]: unknown;
+}
+export declare function detectDnsZoneTransferUnrestricted(dnsZones: DnsZone[], _includeDetails: boolean): Finding;
+export declare function detectDnsDynamicUpdateInsecure(dnsZones: DnsZone[], _includeDetails: boolean): Finding;
+export declare function detectDnsWildcardRecords(_dnsZones: DnsZone[], _includeDetails: boolean): Finding;
+export declare function detectDnssecNotEnabled(domain: ADDomain | null, _includeDetails: boolean): Finding;
+export declare function detectNtpNotConfigured(domainControllers: ADComputer[], includeDetails: boolean): Finding;
+export declare function detectSiteTopologyIssues(sites: ADSite[], _includeDetails: boolean): Finding;
+export declare function detectSubnetMissing(sites: ADSite[], subnets: ADSubnet[], _includeDetails: boolean): Finding;
+export declare function detectSysvolNetlogonPermissions(_domain: ADDomain | null, _includeDetails: boolean): Finding;
+export declare function detectDfsrNotConfigured(domain: ADDomain | null, _includeDetails: boolean): Finding;
+export declare function detectDcBackupOld(domainControllers: ADComputer[], includeDetails: boolean): Finding;
+export declare function detectDcDiskSpaceLow(domainControllers: ADComputer[], _includeDetails: boolean): Finding;
+export declare function detectDcTimeSyncIssue(domainControllers: ADComputer[], includeDetails: boolean): Finding;
+export declare function detectNetworkVulnerabilities(_computers: ADComputer[], domain: ADDomain | null, domainControllers: ADComputer[], dnsZones: DnsZone[] | undefined, sites: ADSite[] | undefined, subnets: ADSubnet[] | undefined, includeDetails: boolean): Finding[];
+export {};
+//# sourceMappingURL=network.detector.d.ts.map

package/dist/services/audit/detectors/ad/network.detector.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"network.detector.d.ts","sourceRoot":"","sources":["../../../../../src/services/audit/detectors/ad/network.detector.ts"],"names":[],"mappings":"AAaA,OAAO,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,4BAA4B,CAAC;AAClE,OAAO,EAAE,OAAO,EAAE,MAAM,iCAAiC,CAAC;AAM1D,UAAU,OAAO;IACf,IAAI,EAAE,MAAM,CAAC;IACb,EAAE,EAAE,MAAM,CAAC;IACX,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB;AAKD,UAAU,MAAM;IACd,IAAI,EAAE,MAAM,CAAC;IACb,EAAE,EAAE,MAAM,CAAC;IACX,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;IACnB,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;IACnB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB;AAKD,UAAU,QAAQ;IAChB,IAAI,EAAE,MAAM,CAAC;IACb,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB;AAWD,wBAAgB,iCAAiC,CAC/C,QAAQ,EAAE,OAAO,EAAE,EACnB,eAAe,EAAE,OAAO,GACvB,OAAO,CAwBT;AAWD,wBAAgB,8BAA8B,CAC5C,QAAQ,EAAE,OAAO,EAAE,EACnB,eAAe,EAAE,OAAO,GACvB,OAAO,CAwBT;AAWD,wBAAgB,wBAAwB,CACtC,SAAS,EAAE,OAAO,EAAE,EACpB,eAAe,EAAE,OAAO,GACvB,OAAO,CAeT;AAWD,wBAAgB,sBAAsB,CACpC,MAAM,EAAE,QAAQ,GAAG,IAAI,EACvB,eAAe,EAAE,OAAO,GACvB,OAAO,CAiBT;AAWD,wBAAgB,sBAAsB,CACpC,iBAAiB,EAAE,UAAU,EAAE,EAC/B,cAAc,EAAE,OAAO,GACtB,OAAO,CAuBT;AAWD,wBAAgB,wBAAwB,CACtC,KAAK,EAAE,MAAM,EAAE,EACf,eAAe,EAAE,OAAO,GACvB,OAAO,CAmBT;AAYD,wBAAgB,mBAAmB,CACjC,KAAK,EAAE,MAAM,EAAE,EACf,OAAO,EAAE,QAAQ,EAAE,EACnB,eAAe,EAAE,OAAO,GACvB,OAAO,CAsBT;AAWD,wBAAgB,+BAA+B,CAC7C,OAAO,EAAE,QAAQ,GAAG,IAAI,EACxB,eAAe,EAAE,OAAO,GACvB,OAAO,CAgBT;AAWD,wBAAgB,uBAAuB,CACrC,MAAM,EAAE,QAAQ,GAAG,IAAI,EACvB,eAAe,EAAE,OAAO,GACvB,OAAO,CAyBT;AAWD,wBAAgB,iBAAiB,CAC/B,iBAAiB,EAAE,UAAU,EAAE,EAC/B,cAAc,EAAE,OAAO,GACtB,OAAO,CA2BT;AAWD,wBAAgB,oBAAoB,CAClC,iBAAiB,EAAE,UAAU,EAAE,EAC/B,eAAe,EAAE,OAAO,GACvB,OAAO,CAiBT;AAWD,wBAAgB,qBAAqB,CACnC,iBAAiB,EAAE,UAAU,EAAE,EAC/B,cAAc,EAAE,OAAO,GACtB,OAAO,CA2BT;AA+BD,wBAAgB,4BAA4B,CAC1C,UAAU,EAAE,UAAU,EAAE,EACxB,MAAM,EAAE,QAAQ,GAAG,IAAI,EACvB,iBAAiB,EAAE,UAAU,EAAE,EAC/B,QAAQ,EAAE,OAAO,EAAE,YAAK,EACxB,KAAK,EAAE,MAAM,EAAE,YAAK,EACpB,OAAO,EAAE,QAAQ,EAAE,YAAK,EACxB,cAAc,EAAE,OAAO,GACtB,OAAO,EAAE,CAuBX"}

package/dist/services/audit/detectors/ad/network.detector.js

@@ -0,0 +1,257 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.detectDnsZoneTransferUnrestricted = detectDnsZoneTransferUnrestricted;
+exports.detectDnsDynamicUpdateInsecure = detectDnsDynamicUpdateInsecure;
+exports.detectDnsWildcardRecords = detectDnsWildcardRecords;
+exports.detectDnssecNotEnabled = detectDnssecNotEnabled;
+exports.detectNtpNotConfigured = detectNtpNotConfigured;
+exports.detectSiteTopologyIssues = detectSiteTopologyIssues;
+exports.detectSubnetMissing = detectSubnetMissing;
+exports.detectSysvolNetlogonPermissions = detectSysvolNetlogonPermissions;
+exports.detectDfsrNotConfigured = detectDfsrNotConfigured;
+exports.detectDcBackupOld = detectDcBackupOld;
+exports.detectDcDiskSpaceLow = detectDcDiskSpaceLow;
+exports.detectDcTimeSyncIssue = detectDcTimeSyncIssue;
+exports.detectNetworkVulnerabilities = detectNetworkVulnerabilities;
+const entity_converter_1 = require("../../../../utils/entity-converter");
+function detectDnsZoneTransferUnrestricted(dnsZones, _includeDetails) {
+    const affected = dnsZones.filter((zone) => zone.secureSecondaries === 2 ||
+        zone.secureSecondaries === undefined);
+    return {
+        type: 'DNS_ZONE_TRANSFER_UNRESTRICTED',
+        severity: 'high',
+        category: 'network',
+        title: 'DNS Zone Transfer Unrestricted',
+        description: 'DNS zones allowing zone transfers to any server. Attackers can enumerate DNS records to map internal network topology.',
+        count: affected.length,
+        affectedEntities: affected.map((z) => z.name),
+        details: {
+            zones: affected.map((z) => ({
+                name: z.name,
+                dn: z.dn,
+                secureSecondaries: z.secureSecondaries,
+            })),
+        },
+    };
+}
+function detectDnsDynamicUpdateInsecure(dnsZones, _includeDetails) {
+    const affected = dnsZones.filter((zone) => zone.dynamicUpdate === 1 ||
+        zone.dynamicUpdate === 3);
+    return {
+        type: 'DNS_DYNAMIC_UPDATE_INSECURE',
+        severity: 'high',
+        category: 'network',
+        title: 'DNS Dynamic Update Insecure',
+        description: 'DNS zones allowing non-secure dynamic updates. Attackers can inject malicious DNS records without authentication.',
+        count: affected.length,
+        affectedEntities: affected.map((z) => z.name),
+        details: {
+            zones: affected.map((z) => ({
+                name: z.name,
+                dn: z.dn,
+                dynamicUpdate: z.dynamicUpdate,
+            })),
+        },
+    };
+}
+function detectDnsWildcardRecords(_dnsZones, _includeDetails) {
+    const affected = [];
+    return {
+        type: 'DNS_WILDCARD_RECORDS',
+        severity: 'medium',
+        category: 'network',
+        title: 'DNS Wildcard Records Detected',
+        description: 'Wildcard DNS records (*.domain) can be exploited for MITM attacks. Review and remove unnecessary wildcards.',
+        count: affected.length,
+        affectedEntities: affected.map((z) => z.name),
+    };
+}
+function detectDnssecNotEnabled(domain, _includeDetails) {
+    const dnssecEnabled = domain && domain['msDS-TrustForestTrustInfo'] !== undefined;
+    return {
+        type: 'DNSSEC_NOT_ENABLED',
+        severity: 'medium',
+        category: 'network',
+        title: 'DNSSEC Not Enabled',
+        description: 'DNSSEC is not enabled for the domain. DNS responses can be spoofed, enabling cache poisoning and MITM attacks.',
+        count: dnssecEnabled ? 0 : 1,
+        details: {
+            recommendation: 'Enable DNSSEC signing on Active Directory-integrated DNS zones.',
+        },
+    };
+}
+function detectNtpNotConfigured(domainControllers, includeDetails) {
+    const hasSingleDc = domainControllers.length <= 1;
+    return {
+        type: 'NTP_NOT_CONFIGURED',
+        severity: 'medium',
+        category: 'network',
+        title: 'NTP Configuration Review Needed',
+        description: 'Time synchronization configuration should be reviewed. The PDC Emulator must be configured as the authoritative time source to prevent Kerberos authentication issues.',
+        count: hasSingleDc ? 0 : 1,
+        affectedEntities: includeDetails
+            ? (0, entity_converter_1.toAffectedComputerEntities)(domainControllers)
+            : undefined,
+        details: {
+            dcCount: domainControllers.length,
+            recommendation: 'Configure PDC Emulator as authoritative time source. Other DCs should sync from PDC.',
+        },
+    };
+}
+function detectSiteTopologyIssues(sites, _includeDetails) {
+    const sitesWithoutDc = sites.filter((site) => !site.servers || site.servers.length === 0);
+    return {
+        type: 'SITE_TOPOLOGY_ISSUES',
+        severity: 'medium',
+        category: 'network',
+        title: 'AD Site Topology Issues',
+        description: 'Sites without domain controllers cause clients to authenticate against remote DCs, increasing latency and WAN traffic.',
+        count: sitesWithoutDc.length,
+        affectedEntities: sitesWithoutDc.map((s) => s.name),
+        details: {
+            sitesWithoutDc: sitesWithoutDc.map((s) => s.name),
+        },
+    };
+}
+function detectSubnetMissing(sites, subnets, _includeDetails) {
+    const sitesWithoutSubnets = sites.filter((site) => {
+        const siteSubnets = subnets.filter((sub) => sub.site === site.dn);
+        return siteSubnets.length === 0;
+    });
+    return {
+        type: 'SUBNET_MISSING',
+        severity: 'low',
+        category: 'network',
+        title: 'AD Sites Missing Subnets',
+        description: 'Sites without subnet definitions. Clients in undefined subnets will select DCs randomly, potentially crossing WAN links.',
+        count: sitesWithoutSubnets.length,
+        affectedEntities: sitesWithoutSubnets.map((s) => s.name),
+        details: {
+            totalSites: sites.length,
+            totalSubnets: subnets.length,
+            sitesWithoutSubnets: sitesWithoutSubnets.map((s) => s.name),
+        },
+    };
+}
+function detectSysvolNetlogonPermissions(_domain, _includeDetails) {
+    return {
+        type: 'SYSVOL_NETLOGON_PERMISSIONS',
+        severity: 'high',
+        category: 'network',
+        title: 'SYSVOL/NETLOGON Permissions Review',
+        description: 'SYSVOL and NETLOGON share permissions should be audited. Weak permissions allow attackers to modify logon scripts and GPOs.',
+        count: 0,
+        details: {
+            recommendation: 'Review SYSVOL and NETLOGON share permissions. Only Domain Admins should have write access.',
+        },
+    };
+}
+function detectDfsrNotConfigured(domain, _includeDetails) {
+    const domainLevel = domain?.domainFunctionalLevel ?? 0;
+    const potentialFrsUse = domainLevel <= 2;
+    return {
+        type: 'DFSR_NOT_CONFIGURED',
+        severity: potentialFrsUse ? 'medium' : 'low',
+        category: 'network',
+        title: 'DFSR Migration Status',
+        description: 'FRS (File Replication Service) is deprecated. SYSVOL should be replicated using DFSR (DFS Replication) for better reliability.',
+        count: potentialFrsUse ? 1 : 0,
+        details: {
+            domainFunctionalLevel: domainLevel,
+            domainFunctionalLevelName: getDomainLevelName(domainLevel),
+            potentialFrsUse,
+            recommendation: potentialFrsUse
+                ? 'Migrate SYSVOL replication from FRS to DFSR using dfsrmig.exe'
+                : 'Verify DFSR health with dcdiag /e /test:dfsrevent',
+        },
+    };
+}
+function detectDcBackupOld(domainControllers, includeDetails) {
+    const now = new Date();
+    const thirtyDaysAgo = new Date(now.getTime() - 30 * 24 * 60 * 60 * 1000);
+    const possiblyUnbackedUp = domainControllers.filter((dc) => {
+        const pwdLastSet = dc.passwordLastSet;
+        return pwdLastSet && pwdLastSet < thirtyDaysAgo;
+    });
+    return {
+        type: 'DC_BACKUP_OLD',
+        severity: 'medium',
+        category: 'network',
+        title: 'Domain Controller Backup Review',
+        description: 'Domain controllers should be backed up regularly. Tombstone lifetime is 180 days - DCs offline longer than this cannot rejoin.',
+        count: possiblyUnbackedUp.length,
+        affectedEntities: includeDetails
+            ? (0, entity_converter_1.toAffectedComputerEntities)(possiblyUnbackedUp)
+            : undefined,
+        details: {
+            recommendation: 'Verify Windows Server Backup or third-party backup solution is configured on all DCs.',
+        },
+    };
+}
+function detectDcDiskSpaceLow(domainControllers, _includeDetails) {
+    return {
+        type: 'DC_DISK_SPACE_LOW',
+        severity: 'medium',
+        category: 'network',
+        title: 'DC Disk Space Monitoring',
+        description: 'Domain controller disk space should be monitored. Low disk space can cause AD database corruption and replication failures.',
+        count: 0,
+        details: {
+            dcCount: domainControllers.length,
+            recommendation: 'Monitor DC disk space. NTDS.dit location should have at least 20% free space.',
+        },
+    };
+}
+function detectDcTimeSyncIssue(domainControllers, includeDetails) {
+    const now = new Date();
+    const sevenDaysAgo = new Date(now.getTime() - 7 * 24 * 60 * 60 * 1000);
+    const possibleTimeSyncIssues = domainControllers.filter((dc) => {
+        const lastLogon = dc.lastLogon;
+        return lastLogon && lastLogon < sevenDaysAgo;
+    });
+    return {
+        type: 'DC_TIME_SYNC_ISSUE',
+        severity: 'high',
+        category: 'network',
+        title: 'DC Time Synchronization Review',
+        description: 'Domain controllers with potential time sync issues detected. Kerberos requires time difference < 5 minutes.',
+        count: possibleTimeSyncIssues.length,
+        affectedEntities: includeDetails
+            ? (0, entity_converter_1.toAffectedComputerEntities)(possibleTimeSyncIssues)
+            : undefined,
+        details: {
+            possibleIssues: possibleTimeSyncIssues.map((dc) => dc.sAMAccountName),
+            recommendation: 'Run "w32tm /query /status" on each DC to verify time configuration.',
+        },
+    };
+}
+function getDomainLevelName(level) {
+    const levels = {
+        0: 'Windows 2000',
+        1: 'Windows Server 2003 Interim',
+        2: 'Windows Server 2003',
+        3: 'Windows Server 2008',
+        4: 'Windows Server 2008 R2',
+        5: 'Windows Server 2012',
+        6: 'Windows Server 2012 R2',
+        7: 'Windows Server 2016',
+    };
+    return levels[level] || `Unknown (${level})`;
+}
+function detectNetworkVulnerabilities(_computers, domain, domainControllers, dnsZones = [], sites = [], subnets = [], includeDetails) {
+    const findings = [];
+    findings.push(detectDnsZoneTransferUnrestricted(dnsZones, includeDetails));
+    findings.push(detectDnsDynamicUpdateInsecure(dnsZones, includeDetails));
+    findings.push(detectDnsWildcardRecords(dnsZones, includeDetails));
+    findings.push(detectDnssecNotEnabled(domain, includeDetails));
+    findings.push(detectNtpNotConfigured(domainControllers, includeDetails));
+    findings.push(detectSiteTopologyIssues(sites, includeDetails));
+    findings.push(detectSubnetMissing(sites, subnets, includeDetails));
+    findings.push(detectSysvolNetlogonPermissions(domain, includeDetails));
+    findings.push(detectDfsrNotConfigured(domain, includeDetails));
+    findings.push(detectDcBackupOld(domainControllers, includeDetails));
+    findings.push(detectDcDiskSpaceLow(domainControllers, includeDetails));
+    findings.push(detectDcTimeSyncIssue(domainControllers, includeDetails));
+    return findings.filter((f) => f.count > 0);
+}
+//# sourceMappingURL=network.detector.js.map

package/dist/services/audit/detectors/ad/network.detector.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"network.detector.js","sourceRoot":"","sources":["../../../../../src/services/audit/detectors/ad/network.detector.ts"],"names":[],"mappings":";;AA4DA,8EA2BC;AAWD,wEA2BC;AAWD,4DAkBC;AAWD,wDAoBC;AAWD,wDA0BC;AAWD,4DAsBC;AAYD,kDA0BC;AAWD,0EAmBC;AAWD,0DA4BC;AAWD,8CA8BC;AAWD,oDAoBC;AAWD,sDA8BC;AA+BD,oEA+BC;AA1gBD,yEAAgF;AA6ChF,SAAgB,iCAAiC,CAC/C,QAAmB,EACnB,eAAwB;IAExB,MAAM,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAC9B,CAAC,IAAI,EAAE,EAAE,CACP,IAAI,CAAC,iBAAiB,KAAK,CAAC;QAC5B,IAAI,CAAC,iBAAiB,KAAK,SAAS,CACvC,CAAC;IAEF,OAAO;QACL,IAAI,EAAE,gCAAgC;QACtC,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,gCAAgC;QACvC,WAAW,EACT,wHAAwH;QAC1H,KAAK,EAAE,QAAQ,CAAC,MAAM;QACtB,gBAAgB,EAAE,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;QAC7C,OAAO,EAAE;YACP,KAAK,EAAE,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;gBAC1B,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,EAAE,EAAE,CAAC,CAAC,EAAE;gBACR,iBAAiB,EAAE,CAAC,CAAC,iBAAiB;aACvC,CAAC,CAAC;SACJ;KACF,CAAC;AACJ,CAAC;AAWD,SAAgB,8BAA8B,CAC5C,QAAmB,EACnB,eAAwB;IAExB,MAAM,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAC9B,CAAC,IAAI,EAAE,EAAE,CACP,IAAI,CAAC,aAAa,KAAK,CAAC;QACxB,IAAI,CAAC,aAAa,KAAK,CAAC,CAC3B,CAAC;IAEF,OAAO;QACL,IAAI,EAAE,6BAA6B;QACnC,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,6BAA6B;QACpC,WAAW,EACT,mHAAmH;QACrH,KAAK,EAAE,QAAQ,CAAC,MAAM;QACtB,gBAAgB,EAAE,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;QAC7C,OAAO,EAAE;YACP,KAAK,EAAE,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;gBAC1B,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,EAAE,EAAE,CAAC,CAAC,EAAE;gBACR,aAAa,EAAE,CAAC,CAAC,aAAa;aAC/B,CAAC,CAAC;SACJ;KACF,CAAC;AACJ,CAAC;AAWD,SAAgB,wBAAwB,CACtC,SAAoB,EACpB,eAAwB;IAIxB,MAAM,QAAQ,GAAc,EAAE,CAAC;IAE/B,OAAO;QACL,IAAI,EAAE,sBAAsB;QAC5B,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,+BAA+B;QACtC,WAAW,EACT,6GAA6G;QAC/G,KAAK,EAAE,QAAQ,CAAC,MAAM;QACtB,gBAAgB,EAAE,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;KAC9C,CAAC;AACJ,CAAC;AAWD,SAAgB,sBAAsB,CACpC,MAAuB,EACvB,eAAwB;IAIxB,MAAM,aAAa,GAAG,MAAM,IAAI,MAAM,CAAC,2BAA2B,CAAC,KAAK,SAAS,CAAC;IAElF,OAAO;QACL,IAAI,EAAE,oBAAoB;QAC1B,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,oBAAoB;QAC3B,WAAW,EACT,gHAAgH;QAClH,KAAK,EAAE,aAAa,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAC5B,OAAO,EAAE;YACP,cAAc,EAAE,iEAAiE;SAClF;KACF,CAAC;AACJ,CAAC;AAWD,SAAgB,sBAAsB,CACpC,iBAA+B,EAC/B,cAAuB;IAKvB,MAAM,WAAW,GAAG,iBAAiB,CAAC,MAAM,IAAI,CAAC,CAAC;IAElD,OAAO;QACL,IAAI,EAAE,oBAAoB;QAC1B,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,iCAAiC;QACxC,WAAW,EACT,wKAAwK;QAC1K,KAAK,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAC1B,gBAAgB,EAAE,cAAc;YAC9B,CAAC,CAAC,IAAA,6CAA0B,EAAC,iBAAiB,CAAC;YAC/C,CAAC,CAAC,SAAS;QACb,OAAO,EAAE;YACP,OAAO,EAAE,iBAAiB,CAAC,MAAM;YACjC,cAAc,EACZ,sFAAsF;SACzF;KACF,CAAC;AACJ,CAAC;AAWD,SAAgB,wBAAwB,CACtC,KAAe,EACf,eAAwB;IAGxB,MAAM,cAAc,GAAG,KAAK,CAAC,MAAM,CACjC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,OAAO,IAAI,IAAI,CAAC,OAAO,CAAC,MAAM,KAAK,CAAC,CACrD,CAAC;IAEF,OAAO;QACL,IAAI,EAAE,sBAAsB;QAC5B,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,yBAAyB;QAChC,WAAW,EACT,wHAAwH;QAC1H,KAAK,EAAE,cAAc,CAAC,MAAM;QAC5B,gBAAgB,EAAE,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;QACnD,OAAO,EAAE;YACP,cAAc,EAAE,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;SAClD;KACF,CAAC;AACJ,CAAC;AAYD,SAAgB,mBAAmB,CACjC,KAAe,EACf,OAAmB,EACnB,eAAwB;IAGxB,MAAM,mBAAmB,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE;QAChD,MAAM,WAAW,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,KAAK,IAAI,CAAC,EAAE,CAAC,CAAC;QAClE,OAAO,WAAW,CAAC,MAAM,KAAK,CAAC,CAAC;IAClC,CAAC,CAAC,CAAC;IAEH,OAAO;QACL,IAAI,EAAE,gBAAgB;QACtB,QAAQ,EAAE,KAAK;QACf,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,0BAA0B;QACjC,WAAW,EACT,0HAA0H;QAC5H,KAAK,EAAE,mBAAmB,CAAC,MAAM;QACjC,gBAAgB,EAAE,mBAAmB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;QACxD,OAAO,EAAE;YACP,UAAU,EAAE,KAAK,CAAC,MAAM;YACxB,YAAY,EAAE,OAAO,CAAC,MAAM;YAC5B,mBAAmB,EAAE,mBAAmB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;SAC5D;KACF,CAAC;AACJ,CAAC;AAWD,SAAgB,+BAA+B,CAC7C,OAAwB,EACxB,eAAwB;IAIxB,OAAO;QACL,IAAI,EAAE,6BAA6B;QACnC,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,oCAAoC;QAC3C,WAAW,EACT,6HAA6H;QAC/H,KAAK,EAAE,CAAC;QACR,OAAO,EAAE;YACP,cAAc,EACZ,4FAA4F;SAC/F;KACF,CAAC;AACJ,CAAC;AAWD,SAAgB,uBAAuB,CACrC,MAAuB,EACvB,eAAwB;IAGxB,MAAM,WAAW,GAAG,MAAM,EAAE,qBAAqB,IAAI,CAAC,CAAC;IAIvD,MAAM,eAAe,GAAG,WAAW,IAAI,CAAC,CAAC;IAEzC,OAAO;QACL,IAAI,EAAE,qBAAqB;QAC3B,QAAQ,EAAE,eAAe,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,KAAK;QAC5C,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,uBAAuB;QAC9B,WAAW,EACT,gIAAgI;QAClI,KAAK,EAAE,eAAe,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9B,OAAO,EAAE;YACP,qBAAqB,EAAE,WAAW;YAClC,yBAAyB,EAAE,kBAAkB,CAAC,WAAW,CAAC;YAC1D,eAAe;YACf,cAAc,EAAE,eAAe;gBAC7B,CAAC,CAAC,+DAA+D;gBACjE,CAAC,CAAC,mDAAmD;SACxD;KACF,CAAC;AACJ,CAAC;AAWD,SAAgB,iBAAiB,CAC/B,iBAA+B,EAC/B,cAAuB;IAGvB,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;IACvB,MAAM,aAAa,GAAG,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IAEzE,MAAM,kBAAkB,GAAG,iBAAiB,CAAC,MAAM,CAAC,CAAC,EAAE,EAAE,EAAE;QAEzD,MAAM,UAAU,GAAG,EAAE,CAAC,eAAe,CAAC;QACtC,OAAO,UAAU,IAAI,UAAU,GAAG,aAAa,CAAC;IAClD,CAAC,CAAC,CAAC;IAEH,OAAO;QACL,IAAI,EAAE,eAAe;QACrB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,iCAAiC;QACxC,WAAW,EACT,gIAAgI;QAClI,KAAK,EAAE,kBAAkB,CAAC,MAAM;QAChC,gBAAgB,EAAE,cAAc;YAC9B,CAAC,CAAC,IAAA,6CAA0B,EAAC,kBAAkB,CAAC;YAChD,CAAC,CAAC,SAAS;QACb,OAAO,EAAE;YACP,cAAc,EACZ,uFAAuF;SAC1F;KACF,CAAC;AACJ,CAAC;AAWD,SAAgB,oBAAoB,CAClC,iBAA+B,EAC/B,eAAwB;IAIxB,OAAO;QACL,IAAI,EAAE,mBAAmB;QACzB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,0BAA0B;QACjC,WAAW,EACT,6HAA6H;QAC/H,KAAK,EAAE,CAAC;QACR,OAAO,EAAE;YACP,OAAO,EAAE,iBAAiB,CAAC,MAAM;YACjC,cAAc,EACZ,+EAA+E;SAClF;KACF,CAAC;AACJ,CAAC;AAWD,SAAgB,qBAAqB,CACnC,iBAA+B,EAC/B,cAAuB;IAGvB,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;IACvB,MAAM,YAAY,GAAG,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IAEvE,MAAM,sBAAsB,GAAG,iBAAiB,CAAC,MAAM,CAAC,CAAC,EAAE,EAAE,EAAE;QAC7D,MAAM,SAAS,GAAG,EAAE,CAAC,SAAS,CAAC;QAC/B,OAAO,SAAS,IAAI,SAAS,GAAG,YAAY,CAAC;IAC/C,CAAC,CAAC,CAAC;IAEH,OAAO;QACL,IAAI,EAAE,oBAAoB;QAC1B,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,gCAAgC;QACvC,WAAW,EACT,6GAA6G;QAC/G,KAAK,EAAE,sBAAsB,CAAC,MAAM;QACpC,gBAAgB,EAAE,cAAc;YAC9B,CAAC,CAAC,IAAA,6CAA0B,EAAC,sBAAsB,CAAC;YACpD,CAAC,CAAC,SAAS;QACb,OAAO,EAAE;YACP,cAAc,EAAE,sBAAsB,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,cAAc,CAAC;YACrE,cAAc,EACZ,qEAAqE;SACxE;KACF,CAAC;AACJ,CAAC;AAKD,SAAS,kBAAkB,CAAC,KAAa;IACvC,MAAM,MAAM,GAA2B;QACrC,CAAC,EAAE,cAAc;QACjB,CAAC,EAAE,6BAA6B;QAChC,CAAC,EAAE,qBAAqB;QACxB,CAAC,EAAE,qBAAqB;QACxB,CAAC,EAAE,wBAAwB;QAC3B,CAAC,EAAE,qBAAqB;QACxB,CAAC,EAAE,wBAAwB;QAC3B,CAAC,EAAE,qBAAqB;KACzB,CAAC;IACF,OAAO,MAAM,CAAC,KAAK,CAAC,IAAI,YAAY,KAAK,GAAG,CAAC;AAC/C,CAAC;AAcD,SAAgB,4BAA4B,CAC1C,UAAwB,EACxB,MAAuB,EACvB,iBAA+B,EAC/B,WAAsB,EAAE,EACxB,QAAkB,EAAE,EACpB,UAAsB,EAAE,EACxB,cAAuB;IAEvB,MAAM,QAAQ,GAAc,EAAE,CAAC;IAG/B,QAAQ,CAAC,IAAI,CAAC,iCAAiC,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC,CAAC;IAC3E,QAAQ,CAAC,IAAI,CAAC,8BAA8B,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC,CAAC;IACxE,QAAQ,CAAC,IAAI,CAAC,wBAAwB,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC,CAAC;IAClE,QAAQ,CAAC,IAAI,CAAC,sBAAsB,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC,CAAC;IAG9D,QAAQ,CAAC,IAAI,CAAC,sBAAsB,CAAC,iBAAiB,EAAE,cAAc,CAAC,CAAC,CAAC;IACzE,QAAQ,CAAC,IAAI,CAAC,wBAAwB,CAAC,KAAK,EAAE,cAAc,CAAC,CAAC,CAAC;IAC/D,QAAQ,CAAC,IAAI,CAAC,mBAAmB,CAAC,KAAK,EAAE,OAAO,EAAE,cAAc,CAAC,CAAC,CAAC;IACnE,QAAQ,CAAC,IAAI,CAAC,+BAA+B,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC,CAAC;IAGvE,QAAQ,CAAC,IAAI,CAAC,uBAAuB,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC,CAAC;IAC/D,QAAQ,CAAC,IAAI,CAAC,iBAAiB,CAAC,iBAAiB,EAAE,cAAc,CAAC,CAAC,CAAC;IACpE,QAAQ,CAAC,IAAI,CAAC,oBAAoB,CAAC,iBAAiB,EAAE,cAAc,CAAC,CAAC,CAAC;IACvE,QAAQ,CAAC,IAAI,CAAC,qBAAqB,CAAC,iBAAiB,EAAE,cAAc,CAAC,CAAC,CAAC;IAGxE,OAAO,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;AAC7C,CAAC"}

package/dist/services/audit/detectors/ad/password.detector.d.ts

@@ -0,0 +1,14 @@
+import { ADUser } from '../../../../types/ad.types';
+import { Finding } from '../../../../types/finding.types';
+export declare function detectPasswordNotRequired(users: ADUser[], includeDetails: boolean): Finding;
+export declare function detectReversibleEncryption(users: ADUser[], includeDetails: boolean): Finding;
+export declare function detectPasswordNeverExpires(users: ADUser[], includeDetails: boolean): Finding;
+export declare function detectPasswordVeryOld(users: ADUser[], includeDetails: boolean): Finding;
+export declare function detectPasswordInDescription(users: ADUser[], includeDetails: boolean): Finding;
+export declare function detectUserCannotChangePassword(users: ADUser[], includeDetails: boolean): Finding;
+export declare function detectUnixUserPassword(users: ADUser[], includeDetails: boolean): Finding;
+export declare function detectPasswordCleartextStorage(users: ADUser[], includeDetails: boolean): Finding;
+export declare function detectPasswordCommonPatterns(users: ADUser[], includeDetails: boolean): Finding;
+export declare function detectPasswordDictAttackRisk(users: ADUser[], includeDetails: boolean): Finding;
+export declare function detectPasswordVulnerabilities(users: ADUser[], includeDetails: boolean): Finding[];
+//# sourceMappingURL=password.detector.d.ts.map

package/dist/services/audit/detectors/ad/password.detector.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"password.detector.d.ts","sourceRoot":"","sources":["../../../../../src/services/audit/detectors/ad/password.detector.ts"],"names":[],"mappings":"AAoBA,OAAO,EAAE,MAAM,EAAE,MAAM,4BAA4B,CAAC;AACpD,OAAO,EAAE,OAAO,EAAE,MAAM,iCAAiC,CAAC;AAM1D,wBAAgB,yBAAyB,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE,cAAc,EAAE,OAAO,GAAG,OAAO,CAe3F;AAKD,wBAAgB,0BAA0B,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE,cAAc,EAAE,OAAO,GAAG,OAAO,CAe5F;AAKD,wBAAgB,0BAA0B,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE,cAAc,EAAE,OAAO,GAAG,OAAO,CAe5F;AAKD,wBAAgB,qBAAqB,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE,cAAc,EAAE,OAAO,GAAG,OAAO,CAkBvF;AAKD,wBAAgB,2BAA2B,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE,cAAc,EAAE,OAAO,GAAG,OAAO,CAyB7F;AAKD,wBAAgB,8BAA8B,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE,cAAc,EAAE,OAAO,GAAG,OAAO,CAehG;AAKD,wBAAgB,sBAAsB,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE,cAAc,EAAE,OAAO,GAAG,OAAO,CAexF;AAYD,wBAAgB,8BAA8B,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE,cAAc,EAAE,OAAO,GAAG,OAAO,CA4BhG;AAWD,wBAAgB,4BAA4B,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE,cAAc,EAAE,OAAO,GAAG,OAAO,CAwC9F;AAWD,wBAAgB,4BAA4B,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE,cAAc,EAAE,OAAO,GAAG,OAAO,CA2B9F;AAKD,wBAAgB,6BAA6B,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE,cAAc,EAAE,OAAO,GAAG,OAAO,EAAE,CAcjG"}

package/dist/services/audit/detectors/ad/password.detector.js

@@ -0,0 +1,235 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.detectPasswordNotRequired = detectPasswordNotRequired;
+exports.detectReversibleEncryption = detectReversibleEncryption;
+exports.detectPasswordNeverExpires = detectPasswordNeverExpires;
+exports.detectPasswordVeryOld = detectPasswordVeryOld;
+exports.detectPasswordInDescription = detectPasswordInDescription;
+exports.detectUserCannotChangePassword = detectUserCannotChangePassword;
+exports.detectUnixUserPassword = detectUnixUserPassword;
+exports.detectPasswordCleartextStorage = detectPasswordCleartextStorage;
+exports.detectPasswordCommonPatterns = detectPasswordCommonPatterns;
+exports.detectPasswordDictAttackRisk = detectPasswordDictAttackRisk;
+exports.detectPasswordVulnerabilities = detectPasswordVulnerabilities;
+const entity_converter_1 = require("../../../../utils/entity-converter");
+function detectPasswordNotRequired(users, includeDetails) {
+    const affected = users.filter((u) => {
+        if (!u.userAccountControl)
+            return false;
+        return (u.userAccountControl & 0x20) !== 0;
+    });
+    return {
+        type: 'PASSWORD_NOT_REQUIRED',
+        severity: 'critical',
+        category: 'passwords',
+        title: 'Password Not Required',
+        description: 'User accounts that do not require a password (UAC flag 0x20). Attackers can authenticate without credentials.',
+        count: affected.length,
+        affectedEntities: includeDetails ? (0, entity_converter_1.toAffectedUserEntities)(affected) : undefined,
+    };
+}
+function detectReversibleEncryption(users, includeDetails) {
+    const affected = users.filter((u) => {
+        if (!u.userAccountControl)
+            return false;
+        return (u.userAccountControl & 0x80) !== 0;
+    });
+    return {
+        type: 'REVERSIBLE_ENCRYPTION',
+        severity: 'critical',
+        category: 'passwords',
+        title: 'Reversible Encryption',
+        description: 'Passwords stored with reversible encryption (UAC flag 0x80). Equivalent to storing passwords in cleartext.',
+        count: affected.length,
+        affectedEntities: includeDetails ? (0, entity_converter_1.toAffectedUserEntities)(affected) : undefined,
+    };
+}
+function detectPasswordNeverExpires(users, includeDetails) {
+    const affected = users.filter((u) => {
+        if (!u.userAccountControl)
+            return false;
+        return (u.userAccountControl & 0x10000) !== 0;
+    });
+    return {
+        type: 'PASSWORD_NEVER_EXPIRES',
+        severity: 'critical',
+        category: 'passwords',
+        title: 'Password Never Expires',
+        description: 'User accounts with passwords set to never expire (UAC flag 0x10000). Old passwords increase breach risk.',
+        count: affected.length,
+        affectedEntities: includeDetails ? (0, entity_converter_1.toAffectedUserEntities)(affected) : undefined,
+    };
+}
+function detectPasswordVeryOld(users, includeDetails) {
+    const now = Date.now();
+    const oneYearAgo = now - 365 * 24 * 60 * 60 * 1000;
+    const affected = users.filter((u) => {
+        if (!u.passwordLastSet)
+            return false;
+        return u.passwordLastSet.getTime() < oneYearAgo;
+    });
+    return {
+        type: 'PASSWORD_VERY_OLD',
+        severity: 'medium',
+        category: 'passwords',
+        title: 'Password Very Old',
+        description: 'User accounts with passwords older than 365 days. Increases risk of credential compromise.',
+        count: affected.length,
+        affectedEntities: includeDetails ? (0, entity_converter_1.toAffectedUserEntities)(affected) : undefined,
+    };
+}
+function detectPasswordInDescription(users, includeDetails) {
+    const passwordPatterns = [
+        /password\s*[:=]\s*\S+/i,
+        /pwd\s*[:=]\s*\S+/i,
+        /pass\s*[:=]\s*\S+/i,
+        /motdepasse\s*[:=]\s*\S+/i,
+        /\bP@ssw0rd\b/i,
+        /\bPassword123\b/i,
+    ];
+    const affected = users.filter((u) => {
+        const description = (0, entity_converter_1.ldapAttrToString)(u['description']);
+        if (!description)
+            return false;
+        return passwordPatterns.some((pattern) => pattern.test(description));
+    });
+    return {
+        type: 'PASSWORD_IN_DESCRIPTION',
+        severity: 'high',
+        category: 'passwords',
+        title: 'Password in Description',
+        description: 'User accounts with passwords or password-like strings in the description field. Cleartext credential exposure.',
+        count: affected.length,
+        affectedEntities: includeDetails ? (0, entity_converter_1.toAffectedUserEntities)(affected) : undefined,
+    };
+}
+function detectUserCannotChangePassword(users, includeDetails) {
+    const affected = users.filter((u) => {
+        if (!u.userAccountControl)
+            return false;
+        return (u.userAccountControl & 0x40) !== 0;
+    });
+    return {
+        type: 'USER_CANNOT_CHANGE_PASSWORD',
+        severity: 'medium',
+        category: 'passwords',
+        title: 'User Cannot Change Password',
+        description: 'User accounts forbidden from changing their own password (UAC flag 0x40). Prevents password rotation.',
+        count: affected.length,
+        affectedEntities: includeDetails ? (0, entity_converter_1.toAffectedUserEntities)(affected) : undefined,
+    };
+}
+function detectUnixUserPassword(users, includeDetails) {
+    const affected = users.filter((u) => {
+        return 'unixUserPassword' in u || 'userPassword' in u;
+    });
+    return {
+        type: 'UNIX_USER_PASSWORD',
+        severity: 'critical',
+        category: 'passwords',
+        title: 'Unix User Password',
+        description: 'User accounts with Unix password attributes present. These may contain cleartext or weakly hashed passwords.',
+        count: affected.length,
+        affectedEntities: includeDetails ? (0, entity_converter_1.toAffectedUserEntities)(affected) : undefined,
+    };
+}
+function detectPasswordCleartextStorage(users, includeDetails) {
+    const cleartextAttributes = [
+        'unixUserPassword',
+        'userPassword',
+        'unicodePwd',
+        'msDS-ManagedPassword',
+        'ms-Mcs-AdmPwd',
+    ];
+    const affected = users.filter((u) => {
+        return cleartextAttributes.some((attr) => {
+            const value = u[attr];
+            return value !== undefined && value !== null && value !== '';
+        });
+    });
+    return {
+        type: 'PASSWORD_CLEARTEXT_STORAGE',
+        severity: 'critical',
+        category: 'passwords',
+        title: 'Cleartext Password Storage',
+        description: 'User accounts with attributes that may store passwords in cleartext or reversible format. ' +
+            'These attributes (userPassword, unixUserPassword) can be read by attackers with LDAP access.',
+        count: affected.length,
+        affectedEntities: includeDetails ? (0, entity_converter_1.toAffectedUserEntities)(affected) : undefined,
+    };
+}
+function detectPasswordCommonPatterns(users, includeDetails) {
+    const riskyNamePatterns = [
+        /^admin$/i,
+        /^administrator$/i,
+        /^test$/i,
+        /^user$/i,
+        /^guest$/i,
+        /^temp$/i,
+        /^default$/i,
+        /^support$/i,
+        /^service$/i,
+        /^backup$/i,
+        /^demo$/i,
+        /password/i,
+        /123$/,
+        /^sa$/i,
+        /^dba$/i,
+    ];
+    const affected = users.filter((u) => {
+        if (!u.enabled)
+            return false;
+        const samName = u.sAMAccountName.toLowerCase();
+        return riskyNamePatterns.some((pattern) => pattern.test(samName));
+    });
+    return {
+        type: 'PASSWORD_COMMON_PATTERNS',
+        severity: 'high',
+        category: 'passwords',
+        title: 'Common Password Pattern Risk',
+        description: 'User accounts with names suggesting default or commonly-used passwords (admin, test, user, temp). ' +
+            'These accounts are primary targets for password spraying attacks.',
+        count: affected.length,
+        affectedEntities: includeDetails ? (0, entity_converter_1.toAffectedUserEntities)(affected) : undefined,
+        details: {
+            affectedAccountNames: affected.slice(0, 10).map((u) => u.sAMAccountName),
+        },
+    };
+}
+function detectPasswordDictAttackRisk(users, includeDetails) {
+    const affected = users.filter((u) => {
+        if (!u.enabled)
+            return false;
+        const badPwdCount = u.badPwdCount ?? 0;
+        const lockoutTime = u.lockoutTime;
+        return badPwdCount > 3 || (lockoutTime && lockoutTime !== '0');
+    });
+    return {
+        type: 'PASSWORD_DICT_ATTACK_RISK',
+        severity: 'medium',
+        category: 'passwords',
+        title: 'Dictionary Attack Risk',
+        description: 'User accounts showing signs of password guessing attacks (multiple bad password attempts or lockouts). ' +
+            'May indicate weak passwords being targeted or ongoing brute-force attacks.',
+        count: affected.length,
+        affectedEntities: includeDetails ? (0, entity_converter_1.toAffectedUserEntities)(affected) : undefined,
+        details: {
+            recommendation: 'Review affected accounts for weak passwords. Consider implementing Azure AD Password Protection.',
+        },
+    };
+}
+function detectPasswordVulnerabilities(users, includeDetails) {
+    return [
+        detectPasswordNotRequired(users, includeDetails),
+        detectReversibleEncryption(users, includeDetails),
+        detectPasswordNeverExpires(users, includeDetails),
+        detectPasswordVeryOld(users, includeDetails),
+        detectPasswordInDescription(users, includeDetails),
+        detectUserCannotChangePassword(users, includeDetails),
+        detectUnixUserPassword(users, includeDetails),
+        detectPasswordCleartextStorage(users, includeDetails),
+        detectPasswordCommonPatterns(users, includeDetails),
+        detectPasswordDictAttackRisk(users, includeDetails),
+    ].filter((finding) => finding.count > 0);
+}
+//# sourceMappingURL=password.detector.js.map

package/dist/services/audit/detectors/ad/password.detector.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"password.detector.js","sourceRoot":"","sources":["../../../../../src/services/audit/detectors/ad/password.detector.ts"],"names":[],"mappings":";;AA2BA,8DAeC;AAKD,gEAeC;AAKD,gEAeC;AAKD,sDAkBC;AAKD,kEAyBC;AAKD,wEAeC;AAKD,wDAeC;AAYD,wEA4BC;AAWD,oEAwCC;AAWD,oEA2BC;AAKD,sEAcC;AA7SD,yEAA8F;AAK9F,SAAgB,yBAAyB,CAAC,KAAe,EAAE,cAAuB;IAChF,MAAM,QAAQ,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;QAClC,IAAI,CAAC,CAAC,CAAC,kBAAkB;YAAE,OAAO,KAAK,CAAC;QACxC,OAAO,CAAC,CAAC,CAAC,kBAAkB,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC;IAC7C,CAAC,CAAC,CAAC;IAEH,OAAO;QACL,IAAI,EAAE,uBAAuB;QAC7B,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,WAAW;QACrB,KAAK,EAAE,uBAAuB;QAC9B,WAAW,EAAE,+GAA+G;QAC5H,KAAK,EAAE,QAAQ,CAAC,MAAM;QACtB,gBAAgB,EAAE,cAAc,CAAC,CAAC,CAAC,IAAA,yCAAsB,EAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS;KAChF,CAAC;AACJ,CAAC;AAKD,SAAgB,0BAA0B,CAAC,KAAe,EAAE,cAAuB;IACjF,MAAM,QAAQ,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;QAClC,IAAI,CAAC,CAAC,CAAC,kBAAkB;YAAE,OAAO,KAAK,CAAC;QACxC,OAAO,CAAC,CAAC,CAAC,kBAAkB,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC;IAC7C,CAAC,CAAC,CAAC;IAEH,OAAO;QACL,IAAI,EAAE,uBAAuB;QAC7B,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,WAAW;QACrB,KAAK,EAAE,uBAAuB;QAC9B,WAAW,EAAE,4GAA4G;QACzH,KAAK,EAAE,QAAQ,CAAC,MAAM;QACtB,gBAAgB,EAAE,cAAc,CAAC,CAAC,CAAC,IAAA,yCAAsB,EAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS;KAChF,CAAC;AACJ,CAAC;AAKD,SAAgB,0BAA0B,CAAC,KAAe,EAAE,cAAuB;IACjF,MAAM,QAAQ,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;QAClC,IAAI,CAAC,CAAC,CAAC,kBAAkB;YAAE,OAAO,KAAK,CAAC;QACxC,OAAO,CAAC,CAAC,CAAC,kBAAkB,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC;IAChD,CAAC,CAAC,CAAC;IAEH,OAAO;QACL,IAAI,EAAE,wBAAwB;QAC9B,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,WAAW;QACrB,KAAK,EAAE,wBAAwB;QAC/B,WAAW,EAAE,0GAA0G;QACvH,KAAK,EAAE,QAAQ,CAAC,MAAM;QACtB,gBAAgB,EAAE,cAAc,CAAC,CAAC,CAAC,IAAA,yCAAsB,EAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS;KAChF,CAAC;AACJ,CAAC;AAKD,SAAgB,qBAAqB,CAAC,KAAe,EAAE,cAAuB;IAC5E,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACvB,MAAM,UAAU,GAAG,GAAG,GAAG,GAAG,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;IAEnD,MAAM,QAAQ,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;QAClC,IAAI,CAAC,CAAC,CAAC,eAAe;YAAE,OAAO,KAAK,CAAC;QACrC,OAAO,CAAC,CAAC,eAAe,CAAC,OAAO,EAAE,GAAG,UAAU,CAAC;IAClD,CAAC,CAAC,CAAC;IAEH,OAAO;QACL,IAAI,EAAE,mBAAmB;QACzB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,WAAW;QACrB,KAAK,EAAE,mBAAmB;QAC1B,WAAW,EAAE,4FAA4F;QACzG,KAAK,EAAE,QAAQ,CAAC,MAAM;QACtB,gBAAgB,EAAE,cAAc,CAAC,CAAC,CAAC,IAAA,yCAAsB,EAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS;KAChF,CAAC;AACJ,CAAC;AAKD,SAAgB,2BAA2B,CAAC,KAAe,EAAE,cAAuB;IAClF,MAAM,gBAAgB,GAAG;QACvB,wBAAwB;QACxB,mBAAmB;QACnB,oBAAoB;QACpB,0BAA0B;QAC1B,eAAe;QACf,kBAAkB;KACnB,CAAC;IAEF,MAAM,QAAQ,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;QAClC,MAAM,WAAW,GAAG,IAAA,mCAAgB,EAAE,CAAS,CAAC,aAAa,CAAC,CAAC,CAAC;QAChE,IAAI,CAAC,WAAW;YAAE,OAAO,KAAK,CAAC;QAC/B,OAAO,gBAAgB,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC;IACvE,CAAC,CAAC,CAAC;IAEH,OAAO;QACL,IAAI,EAAE,yBAAyB;QAC/B,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,WAAW;QACrB,KAAK,EAAE,yBAAyB;QAChC,WAAW,EAAE,gHAAgH;QAC7H,KAAK,EAAE,QAAQ,CAAC,MAAM;QACtB,gBAAgB,EAAE,cAAc,CAAC,CAAC,CAAC,IAAA,yCAAsB,EAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS;KAChF,CAAC;AACJ,CAAC;AAKD,SAAgB,8BAA8B,CAAC,KAAe,EAAE,cAAuB;IACrF,MAAM,QAAQ,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;QAClC,IAAI,CAAC,CAAC,CAAC,kBAAkB;YAAE,OAAO,KAAK,CAAC;QACxC,OAAO,CAAC,CAAC,CAAC,kBAAkB,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC;IAC7C,CAAC,CAAC,CAAC;IAEH,OAAO;QACL,IAAI,EAAE,6BAA6B;QACnC,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,WAAW;QACrB,KAAK,EAAE,6BAA6B;QACpC,WAAW,EAAE,uGAAuG;QACpH,KAAK,EAAE,QAAQ,CAAC,MAAM;QACtB,gBAAgB,EAAE,cAAc,CAAC,CAAC,CAAC,IAAA,yCAAsB,EAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS;KAChF,CAAC;AACJ,CAAC;AAKD,SAAgB,sBAAsB,CAAC,KAAe,EAAE,cAAuB;IAC7E,MAAM,QAAQ,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;QAElC,OAAO,kBAAkB,IAAI,CAAC,IAAI,cAAc,IAAI,CAAC,CAAC;IACxD,CAAC,CAAC,CAAC;IAEH,OAAO;QACL,IAAI,EAAE,oBAAoB;QAC1B,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,WAAW;QACrB,KAAK,EAAE,oBAAoB;QAC3B,WAAW,EAAE,8GAA8G;QAC3H,KAAK,EAAE,QAAQ,CAAC,MAAM;QACtB,gBAAgB,EAAE,cAAc,CAAC,CAAC,CAAC,IAAA,yCAAsB,EAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS;KAChF,CAAC;AACJ,CAAC;AAYD,SAAgB,8BAA8B,CAAC,KAAe,EAAE,cAAuB;IACrF,MAAM,mBAAmB,GAAG;QAC1B,kBAAkB;QAClB,cAAc;QACd,YAAY;QACZ,sBAAsB;QACtB,eAAe;KAChB,CAAC;IAEF,MAAM,QAAQ,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;QAElC,OAAO,mBAAmB,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE;YACvC,MAAM,KAAK,GAAI,CAA6B,CAAC,IAAI,CAAC,CAAC;YACnD,OAAO,KAAK,KAAK,SAAS,IAAI,KAAK,KAAK,IAAI,IAAI,KAAK,KAAK,EAAE,CAAC;QAC/D,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,OAAO;QACL,IAAI,EAAE,4BAA4B;QAClC,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,WAAW;QACrB,KAAK,EAAE,4BAA4B;QACnC,WAAW,EACT,4FAA4F;YAC5F,8FAA8F;QAChG,KAAK,EAAE,QAAQ,CAAC,MAAM;QACtB,gBAAgB,EAAE,cAAc,CAAC,CAAC,CAAC,IAAA,yCAAsB,EAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS;KAChF,CAAC;AACJ,CAAC;AAWD,SAAgB,4BAA4B,CAAC,KAAe,EAAE,cAAuB;IAEnF,MAAM,iBAAiB,GAAG;QACxB,UAAU;QACV,kBAAkB;QAClB,SAAS;QACT,SAAS;QACT,UAAU;QACV,SAAS;QACT,YAAY;QACZ,YAAY;QACZ,YAAY;QACZ,WAAW;QACX,SAAS;QACT,WAAW;QACX,MAAM;QACN,OAAO;QACP,QAAQ;KACT,CAAC;IAEF,MAAM,QAAQ,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;QAClC,IAAI,CAAC,CAAC,CAAC,OAAO;YAAE,OAAO,KAAK,CAAC;QAC7B,MAAM,OAAO,GAAG,CAAC,CAAC,cAAc,CAAC,WAAW,EAAE,CAAC;QAC/C,OAAO,iBAAiB,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;IACpE,CAAC,CAAC,CAAC;IAEH,OAAO;QACL,IAAI,EAAE,0BAA0B;QAChC,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,WAAW;QACrB,KAAK,EAAE,8BAA8B;QACrC,WAAW,EACT,oGAAoG;YACpG,mEAAmE;QACrE,KAAK,EAAE,QAAQ,CAAC,MAAM;QACtB,gBAAgB,EAAE,cAAc,CAAC,CAAC,CAAC,IAAA,yCAAsB,EAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS;QAC/E,OAAO,EAAE;YACP,oBAAoB,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,cAAc,CAAC;SACzE;KACF,CAAC;AACJ,CAAC;AAWD,SAAgB,4BAA4B,CAAC,KAAe,EAAE,cAAuB;IAGnF,MAAM,QAAQ,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;QAClC,IAAI,CAAC,CAAC,CAAC,OAAO;YAAE,OAAO,KAAK,CAAC;QAC7B,MAAM,WAAW,GAAG,CAAC,CAAC,WAAW,IAAI,CAAC,CAAC;QACvC,MAAM,WAAW,GAAG,CAAC,CAAC,WAAW,CAAC;QAGlC,OAAO,WAAW,GAAG,CAAC,IAAI,CAAC,WAAW,IAAI,WAAW,KAAK,GAAG,CAAC,CAAC;IACjE,CAAC,CAAC,CAAC;IAEH,OAAO;QACL,IAAI,EAAE,2BAA2B;QACjC,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,WAAW;QACrB,KAAK,EAAE,wBAAwB;QAC/B,WAAW,EACT,yGAAyG;YACzG,4EAA4E;QAC9E,KAAK,EAAE,QAAQ,CAAC,MAAM;QACtB,gBAAgB,EAAE,cAAc,CAAC,CAAC,CAAC,IAAA,yCAAsB,EAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS;QAC/E,OAAO,EAAE;YACP,cAAc,EACZ,kGAAkG;SACrG;KACF,CAAC;AACJ,CAAC;AAKD,SAAgB,6BAA6B,CAAC,KAAe,EAAE,cAAuB;IACpF,OAAO;QACL,yBAAyB,CAAC,KAAK,EAAE,cAAc,CAAC;QAChD,0BAA0B,CAAC,KAAK,EAAE,cAAc,CAAC;QACjD,0BAA0B,CAAC,KAAK,EAAE,cAAc,CAAC;QACjD,qBAAqB,CAAC,KAAK,EAAE,cAAc,CAAC;QAC5C,2BAA2B,CAAC,KAAK,EAAE,cAAc,CAAC;QAClD,8BAA8B,CAAC,KAAK,EAAE,cAAc,CAAC;QACrD,sBAAsB,CAAC,KAAK,EAAE,cAAc,CAAC;QAE7C,8BAA8B,CAAC,KAAK,EAAE,cAAc,CAAC;QACrD,4BAA4B,CAAC,KAAK,EAAE,cAAc,CAAC;QACnD,4BAA4B,CAAC,KAAK,EAAE,cAAc,CAAC;KACpD,CAAC,MAAM,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;AAC3C,CAAC"}

package/dist/services/audit/detectors/ad/permissions.detector.d.ts

@@ -0,0 +1,20 @@
+import { Finding } from '../../../../types/finding.types';
+import { AclEntry } from '../../../../types/ad.types';
+export declare function detectAclGenericAll(aclEntries: AclEntry[], includeDetails: boolean): Finding;
+export declare function detectAclWriteDacl(aclEntries: AclEntry[], includeDetails: boolean): Finding;
+export declare function detectAclWriteOwner(aclEntries: AclEntry[], includeDetails: boolean): Finding;
+export declare function detectAclGenericWrite(aclEntries: AclEntry[], includeDetails: boolean): Finding;
+export declare function detectAclForceChangePassword(aclEntries: AclEntry[], includeDetails: boolean): Finding;
+export declare function detectEveryoneInAcl(aclEntries: AclEntry[], includeDetails: boolean): Finding;
+export declare function detectWriteSpnAbuse(aclEntries: AclEntry[], includeDetails: boolean): Finding;
+export declare function detectGpoLinkPoisoning(aclEntries: AclEntry[], includeDetails: boolean): Finding;
+export declare function detectAdminSdHolderBackdoor(aclEntries: AclEntry[], includeDetails: boolean): Finding;
+export declare function detectAclSelfMembership(aclEntries: AclEntry[], includeDetails: boolean): Finding;
+export declare function detectAclAddMember(aclEntries: AclEntry[], includeDetails: boolean): Finding;
+export declare function detectAclWritePropertyExtended(aclEntries: AclEntry[], includeDetails: boolean): Finding;
+export declare function detectAclDsReplicationGetChanges(aclEntries: AclEntry[], includeDetails: boolean): Finding;
+export declare function detectAclUserForceChangePassword(aclEntries: AclEntry[], includeDetails: boolean): Finding;
+export declare function detectAclComputerWriteValidatedDns(aclEntries: AclEntry[], includeDetails: boolean): Finding;
+export declare function detectComputerAclGenericAll(aclEntries: AclEntry[], includeDetails: boolean, computerDns?: string[]): Finding;
+export declare function detectPermissionsVulnerabilities(aclEntries: AclEntry[], includeDetails: boolean, computerDns?: string[]): Finding[];
+//# sourceMappingURL=permissions.detector.d.ts.map

package/dist/services/audit/detectors/ad/permissions.detector.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"permissions.detector.d.ts","sourceRoot":"","sources":["../../../../../src/services/audit/detectors/ad/permissions.detector.ts"],"names":[],"mappings":"AA6BA,OAAO,EAAE,OAAO,EAAE,MAAM,iCAAiC,CAAC;AAC1D,OAAO,EAAE,QAAQ,EAAE,MAAM,4BAA4B,CAAC;AAgBtD,wBAAgB,mBAAmB,CAAC,UAAU,EAAE,QAAQ,EAAE,EAAE,cAAc,EAAE,OAAO,GAAG,OAAO,CA4B5F;AAKD,wBAAgB,kBAAkB,CAAC,UAAU,EAAE,QAAQ,EAAE,EAAE,cAAc,EAAE,OAAO,GAAG,OAAO,CAoB3F;AAKD,wBAAgB,mBAAmB,CAAC,UAAU,EAAE,QAAQ,EAAE,EAAE,cAAc,EAAE,OAAO,GAAG,OAAO,CAoB5F;AAKD,wBAAgB,qBAAqB,CAAC,UAAU,EAAE,QAAQ,EAAE,EAAE,cAAc,EAAE,OAAO,GAAG,OAAO,CAoB9F;AAKD,wBAAgB,4BAA4B,CAAC,UAAU,EAAE,QAAQ,EAAE,EAAE,cAAc,EAAE,OAAO,GAAG,OAAO,CAoBrG;AAKD,wBAAgB,mBAAmB,CAAC,UAAU,EAAE,QAAQ,EAAE,EAAE,cAAc,EAAE,OAAO,GAAG,OAAO,CAwB5F;AAKD,wBAAgB,mBAAmB,CAAC,UAAU,EAAE,QAAQ,EAAE,EAAE,cAAc,EAAE,OAAO,GAAG,OAAO,CAoB5F;AAKD,wBAAgB,sBAAsB,CAAC,UAAU,EAAE,QAAQ,EAAE,EAAE,cAAc,EAAE,OAAO,GAAG,OAAO,CA4B/F;AAKD,wBAAgB,2BAA2B,CAAC,UAAU,EAAE,QAAQ,EAAE,EAAE,cAAc,EAAE,OAAO,GAAG,OAAO,CAkBpG;AAWD,wBAAgB,uBAAuB,CAAC,UAAU,EAAE,QAAQ,EAAE,EAAE,cAAc,EAAE,OAAO,GAAG,OAAO,CA4BhG;AAWD,wBAAgB,kBAAkB,CAAC,UAAU,EAAE,QAAQ,EAAE,EAAE,cAAc,EAAE,OAAO,GAAG,OAAO,CA0B3F;AAWD,wBAAgB,8BAA8B,CAC5C,UAAU,EAAE,QAAQ,EAAE,EACtB,cAAc,EAAE,OAAO,GACtB,OAAO,CAiCT;AAWD,wBAAgB,gCAAgC,CAC9C,UAAU,EAAE,QAAQ,EAAE,EACtB,cAAc,EAAE,OAAO,GACtB,OAAO,CAiCT;AAWD,wBAAgB,gCAAgC,CAC9C,UAAU,EAAE,QAAQ,EAAE,EACtB,cAAc,EAAE,OAAO,GACtB,OAAO,CAuBT;AAWD,wBAAgB,kCAAkC,CAChD,UAAU,EAAE,QAAQ,EAAE,EACtB,cAAc,EAAE,OAAO,GACtB,OAAO,CAyBT;AAUD,wBAAgB,2BAA2B,CACzC,UAAU,EAAE,QAAQ,EAAE,EACtB,cAAc,EAAE,OAAO,EACvB,WAAW,CAAC,EAAE,MAAM,EAAE,GACrB,OAAO,CAyDT;AASD,wBAAgB,gCAAgC,CAC9C,UAAU,EAAE,QAAQ,EAAE,EACtB,cAAc,EAAE,OAAO,EACvB,WAAW,CAAC,EAAE,MAAM,EAAE,GACrB,OAAO,EAAE,CAsBX"}