@etcsec-com/etc-collector 1.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.env.example +60 -0
- package/.env.test.example +33 -0
- package/.github/workflows/ci.yml +83 -0
- package/.github/workflows/release.yml +246 -0
- package/.prettierrc.json +10 -0
- package/CHANGELOG.md +15 -0
- package/Dockerfile +57 -0
- package/LICENSE +190 -0
- package/README.md +194 -0
- package/dist/api/controllers/audit.controller.d.ts +21 -0
- package/dist/api/controllers/audit.controller.d.ts.map +1 -0
- package/dist/api/controllers/audit.controller.js +179 -0
- package/dist/api/controllers/audit.controller.js.map +1 -0
- package/dist/api/controllers/auth.controller.d.ts +16 -0
- package/dist/api/controllers/auth.controller.d.ts.map +1 -0
- package/dist/api/controllers/auth.controller.js +146 -0
- package/dist/api/controllers/auth.controller.js.map +1 -0
- package/dist/api/controllers/export.controller.d.ts +27 -0
- package/dist/api/controllers/export.controller.d.ts.map +1 -0
- package/dist/api/controllers/export.controller.js +80 -0
- package/dist/api/controllers/export.controller.js.map +1 -0
- package/dist/api/controllers/health.controller.d.ts +5 -0
- package/dist/api/controllers/health.controller.d.ts.map +1 -0
- package/dist/api/controllers/health.controller.js +16 -0
- package/dist/api/controllers/health.controller.js.map +1 -0
- package/dist/api/controllers/jobs.controller.d.ts +13 -0
- package/dist/api/controllers/jobs.controller.d.ts.map +1 -0
- package/dist/api/controllers/jobs.controller.js +125 -0
- package/dist/api/controllers/jobs.controller.js.map +1 -0
- package/dist/api/controllers/providers.controller.d.ts +15 -0
- package/dist/api/controllers/providers.controller.d.ts.map +1 -0
- package/dist/api/controllers/providers.controller.js +112 -0
- package/dist/api/controllers/providers.controller.js.map +1 -0
- package/dist/api/dto/AuditRequest.dto.d.ts +6 -0
- package/dist/api/dto/AuditRequest.dto.d.ts.map +1 -0
- package/dist/api/dto/AuditRequest.dto.js +3 -0
- package/dist/api/dto/AuditRequest.dto.js.map +1 -0
- package/dist/api/dto/AuditResponse.dto.d.ts +17 -0
- package/dist/api/dto/AuditResponse.dto.d.ts.map +1 -0
- package/dist/api/dto/AuditResponse.dto.js +3 -0
- package/dist/api/dto/AuditResponse.dto.js.map +1 -0
- package/dist/api/dto/TokenRequest.dto.d.ts +6 -0
- package/dist/api/dto/TokenRequest.dto.d.ts.map +1 -0
- package/dist/api/dto/TokenRequest.dto.js +3 -0
- package/dist/api/dto/TokenRequest.dto.js.map +1 -0
- package/dist/api/dto/TokenResponse.dto.d.ts +12 -0
- package/dist/api/dto/TokenResponse.dto.d.ts.map +1 -0
- package/dist/api/dto/TokenResponse.dto.js +3 -0
- package/dist/api/dto/TokenResponse.dto.js.map +1 -0
- package/dist/api/middlewares/authenticate.d.ts +12 -0
- package/dist/api/middlewares/authenticate.d.ts.map +1 -0
- package/dist/api/middlewares/authenticate.js +141 -0
- package/dist/api/middlewares/authenticate.js.map +1 -0
- package/dist/api/middlewares/errorHandler.d.ts +3 -0
- package/dist/api/middlewares/errorHandler.d.ts.map +1 -0
- package/dist/api/middlewares/errorHandler.js +30 -0
- package/dist/api/middlewares/errorHandler.js.map +1 -0
- package/dist/api/middlewares/rateLimit.d.ts +3 -0
- package/dist/api/middlewares/rateLimit.d.ts.map +1 -0
- package/dist/api/middlewares/rateLimit.js +34 -0
- package/dist/api/middlewares/rateLimit.js.map +1 -0
- package/dist/api/middlewares/validate.d.ts +4 -0
- package/dist/api/middlewares/validate.d.ts.map +1 -0
- package/dist/api/middlewares/validate.js +31 -0
- package/dist/api/middlewares/validate.js.map +1 -0
- package/dist/api/routes/audit.routes.d.ts +5 -0
- package/dist/api/routes/audit.routes.d.ts.map +1 -0
- package/dist/api/routes/audit.routes.js +24 -0
- package/dist/api/routes/audit.routes.js.map +1 -0
- package/dist/api/routes/auth.routes.d.ts +6 -0
- package/dist/api/routes/auth.routes.d.ts.map +1 -0
- package/dist/api/routes/auth.routes.js +22 -0
- package/dist/api/routes/auth.routes.js.map +1 -0
- package/dist/api/routes/export.routes.d.ts +5 -0
- package/dist/api/routes/export.routes.d.ts.map +1 -0
- package/dist/api/routes/export.routes.js +16 -0
- package/dist/api/routes/export.routes.js.map +1 -0
- package/dist/api/routes/health.routes.d.ts +4 -0
- package/dist/api/routes/health.routes.d.ts.map +1 -0
- package/dist/api/routes/health.routes.js +11 -0
- package/dist/api/routes/health.routes.js.map +1 -0
- package/dist/api/routes/index.d.ts +10 -0
- package/dist/api/routes/index.d.ts.map +1 -0
- package/dist/api/routes/index.js +20 -0
- package/dist/api/routes/index.js.map +1 -0
- package/dist/api/routes/providers.routes.d.ts +5 -0
- package/dist/api/routes/providers.routes.d.ts.map +1 -0
- package/dist/api/routes/providers.routes.js +13 -0
- package/dist/api/routes/providers.routes.js.map +1 -0
- package/dist/api/validators/audit.schemas.d.ts +60 -0
- package/dist/api/validators/audit.schemas.d.ts.map +1 -0
- package/dist/api/validators/audit.schemas.js +55 -0
- package/dist/api/validators/audit.schemas.js.map +1 -0
- package/dist/api/validators/auth.schemas.d.ts +17 -0
- package/dist/api/validators/auth.schemas.d.ts.map +1 -0
- package/dist/api/validators/auth.schemas.js +21 -0
- package/dist/api/validators/auth.schemas.js.map +1 -0
- package/dist/app.d.ts +3 -0
- package/dist/app.d.ts.map +1 -0
- package/dist/app.js +62 -0
- package/dist/app.js.map +1 -0
- package/dist/config/config.schema.d.ts +65 -0
- package/dist/config/config.schema.d.ts.map +1 -0
- package/dist/config/config.schema.js +95 -0
- package/dist/config/config.schema.js.map +1 -0
- package/dist/config/index.d.ts +4 -0
- package/dist/config/index.d.ts.map +1 -0
- package/dist/config/index.js +75 -0
- package/dist/config/index.js.map +1 -0
- package/dist/container.d.ts +47 -0
- package/dist/container.d.ts.map +1 -0
- package/dist/container.js +137 -0
- package/dist/container.js.map +1 -0
- package/dist/data/database.d.ts +13 -0
- package/dist/data/database.d.ts.map +1 -0
- package/dist/data/database.js +68 -0
- package/dist/data/database.js.map +1 -0
- package/dist/data/jobs/token-cleanup.job.d.ts +23 -0
- package/dist/data/jobs/token-cleanup.job.d.ts.map +1 -0
- package/dist/data/jobs/token-cleanup.job.js +96 -0
- package/dist/data/jobs/token-cleanup.job.js.map +1 -0
- package/dist/data/migrations/migration.runner.d.ts +13 -0
- package/dist/data/migrations/migration.runner.d.ts.map +1 -0
- package/dist/data/migrations/migration.runner.js +136 -0
- package/dist/data/migrations/migration.runner.js.map +1 -0
- package/dist/data/models/Token.model.d.ts +30 -0
- package/dist/data/models/Token.model.d.ts.map +1 -0
- package/dist/data/models/Token.model.js +3 -0
- package/dist/data/models/Token.model.js.map +1 -0
- package/dist/data/repositories/token.repository.d.ts +16 -0
- package/dist/data/repositories/token.repository.d.ts.map +1 -0
- package/dist/data/repositories/token.repository.js +97 -0
- package/dist/data/repositories/token.repository.js.map +1 -0
- package/dist/providers/azure/auth.provider.d.ts +5 -0
- package/dist/providers/azure/auth.provider.d.ts.map +1 -0
- package/dist/providers/azure/auth.provider.js +13 -0
- package/dist/providers/azure/auth.provider.js.map +1 -0
- package/dist/providers/azure/azure-errors.d.ts +40 -0
- package/dist/providers/azure/azure-errors.d.ts.map +1 -0
- package/dist/providers/azure/azure-errors.js +121 -0
- package/dist/providers/azure/azure-errors.js.map +1 -0
- package/dist/providers/azure/azure-retry.d.ts +41 -0
- package/dist/providers/azure/azure-retry.d.ts.map +1 -0
- package/dist/providers/azure/azure-retry.js +85 -0
- package/dist/providers/azure/azure-retry.js.map +1 -0
- package/dist/providers/azure/graph-client.d.ts +26 -0
- package/dist/providers/azure/graph-client.d.ts.map +1 -0
- package/dist/providers/azure/graph-client.js +146 -0
- package/dist/providers/azure/graph-client.js.map +1 -0
- package/dist/providers/azure/graph.provider.d.ts +23 -0
- package/dist/providers/azure/graph.provider.d.ts.map +1 -0
- package/dist/providers/azure/graph.provider.js +161 -0
- package/dist/providers/azure/graph.provider.js.map +1 -0
- package/dist/providers/azure/queries/app.queries.d.ts +6 -0
- package/dist/providers/azure/queries/app.queries.d.ts.map +1 -0
- package/dist/providers/azure/queries/app.queries.js +9 -0
- package/dist/providers/azure/queries/app.queries.js.map +1 -0
- package/dist/providers/azure/queries/policy.queries.d.ts +6 -0
- package/dist/providers/azure/queries/policy.queries.d.ts.map +1 -0
- package/dist/providers/azure/queries/policy.queries.js +9 -0
- package/dist/providers/azure/queries/policy.queries.js.map +1 -0
- package/dist/providers/azure/queries/user.queries.d.ts +7 -0
- package/dist/providers/azure/queries/user.queries.d.ts.map +1 -0
- package/dist/providers/azure/queries/user.queries.js +10 -0
- package/dist/providers/azure/queries/user.queries.js.map +1 -0
- package/dist/providers/interfaces/IGraphProvider.d.ts +31 -0
- package/dist/providers/interfaces/IGraphProvider.d.ts.map +1 -0
- package/dist/providers/interfaces/IGraphProvider.js +3 -0
- package/dist/providers/interfaces/IGraphProvider.js.map +1 -0
- package/dist/providers/interfaces/ILDAPProvider.d.ts +37 -0
- package/dist/providers/interfaces/ILDAPProvider.d.ts.map +1 -0
- package/dist/providers/interfaces/ILDAPProvider.js +3 -0
- package/dist/providers/interfaces/ILDAPProvider.js.map +1 -0
- package/dist/providers/ldap/acl-parser.d.ts +8 -0
- package/dist/providers/ldap/acl-parser.d.ts.map +1 -0
- package/dist/providers/ldap/acl-parser.js +157 -0
- package/dist/providers/ldap/acl-parser.js.map +1 -0
- package/dist/providers/ldap/ad-mappers.d.ts +8 -0
- package/dist/providers/ldap/ad-mappers.d.ts.map +1 -0
- package/dist/providers/ldap/ad-mappers.js +162 -0
- package/dist/providers/ldap/ad-mappers.js.map +1 -0
- package/dist/providers/ldap/ldap-client.d.ts +33 -0
- package/dist/providers/ldap/ldap-client.d.ts.map +1 -0
- package/dist/providers/ldap/ldap-client.js +195 -0
- package/dist/providers/ldap/ldap-client.js.map +1 -0
- package/dist/providers/ldap/ldap-errors.d.ts +48 -0
- package/dist/providers/ldap/ldap-errors.d.ts.map +1 -0
- package/dist/providers/ldap/ldap-errors.js +120 -0
- package/dist/providers/ldap/ldap-errors.js.map +1 -0
- package/dist/providers/ldap/ldap-retry.d.ts +14 -0
- package/dist/providers/ldap/ldap-retry.d.ts.map +1 -0
- package/dist/providers/ldap/ldap-retry.js +102 -0
- package/dist/providers/ldap/ldap-retry.js.map +1 -0
- package/dist/providers/ldap/ldap-sanitizer.d.ts +12 -0
- package/dist/providers/ldap/ldap-sanitizer.d.ts.map +1 -0
- package/dist/providers/ldap/ldap-sanitizer.js +104 -0
- package/dist/providers/ldap/ldap-sanitizer.js.map +1 -0
- package/dist/providers/ldap/ldap.provider.d.ts +21 -0
- package/dist/providers/ldap/ldap.provider.d.ts.map +1 -0
- package/dist/providers/ldap/ldap.provider.js +165 -0
- package/dist/providers/ldap/ldap.provider.js.map +1 -0
- package/dist/providers/ldap/queries/computer.queries.d.ts +6 -0
- package/dist/providers/ldap/queries/computer.queries.d.ts.map +1 -0
- package/dist/providers/ldap/queries/computer.queries.js +9 -0
- package/dist/providers/ldap/queries/computer.queries.js.map +1 -0
- package/dist/providers/ldap/queries/group.queries.d.ts +6 -0
- package/dist/providers/ldap/queries/group.queries.d.ts.map +1 -0
- package/dist/providers/ldap/queries/group.queries.js +9 -0
- package/dist/providers/ldap/queries/group.queries.js.map +1 -0
- package/dist/providers/ldap/queries/user.queries.d.ts +7 -0
- package/dist/providers/ldap/queries/user.queries.d.ts.map +1 -0
- package/dist/providers/ldap/queries/user.queries.js +10 -0
- package/dist/providers/ldap/queries/user.queries.js.map +1 -0
- package/dist/providers/smb/smb.provider.d.ts +68 -0
- package/dist/providers/smb/smb.provider.d.ts.map +1 -0
- package/dist/providers/smb/smb.provider.js +382 -0
- package/dist/providers/smb/smb.provider.js.map +1 -0
- package/dist/server.d.ts +2 -0
- package/dist/server.d.ts.map +1 -0
- package/dist/server.js +44 -0
- package/dist/server.js.map +1 -0
- package/dist/services/audit/ad-audit.service.d.ts +70 -0
- package/dist/services/audit/ad-audit.service.d.ts.map +1 -0
- package/dist/services/audit/ad-audit.service.js +1019 -0
- package/dist/services/audit/ad-audit.service.js.map +1 -0
- package/dist/services/audit/attack-graph.service.d.ts +62 -0
- package/dist/services/audit/attack-graph.service.d.ts.map +1 -0
- package/dist/services/audit/attack-graph.service.js +702 -0
- package/dist/services/audit/attack-graph.service.js.map +1 -0
- package/dist/services/audit/audit.service.d.ts +4 -0
- package/dist/services/audit/audit.service.d.ts.map +1 -0
- package/dist/services/audit/audit.service.js +10 -0
- package/dist/services/audit/audit.service.js.map +1 -0
- package/dist/services/audit/azure-audit.service.d.ts +37 -0
- package/dist/services/audit/azure-audit.service.d.ts.map +1 -0
- package/dist/services/audit/azure-audit.service.js +153 -0
- package/dist/services/audit/azure-audit.service.js.map +1 -0
- package/dist/services/audit/detectors/ad/accounts.detector.d.ts +37 -0
- package/dist/services/audit/detectors/ad/accounts.detector.d.ts.map +1 -0
- package/dist/services/audit/detectors/ad/accounts.detector.js +881 -0
- package/dist/services/audit/detectors/ad/accounts.detector.js.map +1 -0
- package/dist/services/audit/detectors/ad/adcs.detector.d.ts +21 -0
- package/dist/services/audit/detectors/ad/adcs.detector.d.ts.map +1 -0
- package/dist/services/audit/detectors/ad/adcs.detector.js +227 -0
- package/dist/services/audit/detectors/ad/adcs.detector.js.map +1 -0
- package/dist/services/audit/detectors/ad/advanced.detector.d.ts +63 -0
- package/dist/services/audit/detectors/ad/advanced.detector.d.ts.map +1 -0
- package/dist/services/audit/detectors/ad/advanced.detector.js +867 -0
- package/dist/services/audit/detectors/ad/advanced.detector.js.map +1 -0
- package/dist/services/audit/detectors/ad/attack-paths.detector.d.ts +16 -0
- package/dist/services/audit/detectors/ad/attack-paths.detector.d.ts.map +1 -0
- package/dist/services/audit/detectors/ad/attack-paths.detector.js +369 -0
- package/dist/services/audit/detectors/ad/attack-paths.detector.js.map +1 -0
- package/dist/services/audit/detectors/ad/compliance.detector.d.ts +28 -0
- package/dist/services/audit/detectors/ad/compliance.detector.d.ts.map +1 -0
- package/dist/services/audit/detectors/ad/compliance.detector.js +896 -0
- package/dist/services/audit/detectors/ad/compliance.detector.js.map +1 -0
- package/dist/services/audit/detectors/ad/computers.detector.d.ts +30 -0
- package/dist/services/audit/detectors/ad/computers.detector.d.ts.map +1 -0
- package/dist/services/audit/detectors/ad/computers.detector.js +799 -0
- package/dist/services/audit/detectors/ad/computers.detector.js.map +1 -0
- package/dist/services/audit/detectors/ad/gpo.detector.d.ts +17 -0
- package/dist/services/audit/detectors/ad/gpo.detector.d.ts.map +1 -0
- package/dist/services/audit/detectors/ad/gpo.detector.js +257 -0
- package/dist/services/audit/detectors/ad/gpo.detector.js.map +1 -0
- package/dist/services/audit/detectors/ad/groups.detector.d.ts +19 -0
- package/dist/services/audit/detectors/ad/groups.detector.d.ts.map +1 -0
- package/dist/services/audit/detectors/ad/groups.detector.js +488 -0
- package/dist/services/audit/detectors/ad/groups.detector.js.map +1 -0
- package/dist/services/audit/detectors/ad/index.d.ts +15 -0
- package/dist/services/audit/detectors/ad/index.d.ts.map +1 -0
- package/dist/services/audit/detectors/ad/index.js +51 -0
- package/dist/services/audit/detectors/ad/index.js.map +1 -0
- package/dist/services/audit/detectors/ad/kerberos.detector.d.ts +17 -0
- package/dist/services/audit/detectors/ad/kerberos.detector.d.ts.map +1 -0
- package/dist/services/audit/detectors/ad/kerberos.detector.js +293 -0
- package/dist/services/audit/detectors/ad/kerberos.detector.js.map +1 -0
- package/dist/services/audit/detectors/ad/monitoring.detector.d.ts +23 -0
- package/dist/services/audit/detectors/ad/monitoring.detector.d.ts.map +1 -0
- package/dist/services/audit/detectors/ad/monitoring.detector.js +328 -0
- package/dist/services/audit/detectors/ad/monitoring.detector.js.map +1 -0
- package/dist/services/audit/detectors/ad/network.detector.d.ts +39 -0
- package/dist/services/audit/detectors/ad/network.detector.d.ts.map +1 -0
- package/dist/services/audit/detectors/ad/network.detector.js +257 -0
- package/dist/services/audit/detectors/ad/network.detector.js.map +1 -0
- package/dist/services/audit/detectors/ad/password.detector.d.ts +14 -0
- package/dist/services/audit/detectors/ad/password.detector.d.ts.map +1 -0
- package/dist/services/audit/detectors/ad/password.detector.js +235 -0
- package/dist/services/audit/detectors/ad/password.detector.js.map +1 -0
- package/dist/services/audit/detectors/ad/permissions.detector.d.ts +20 -0
- package/dist/services/audit/detectors/ad/permissions.detector.d.ts.map +1 -0
- package/dist/services/audit/detectors/ad/permissions.detector.js +392 -0
- package/dist/services/audit/detectors/ad/permissions.detector.js.map +1 -0
- package/dist/services/audit/detectors/ad/trusts.detector.d.ts +11 -0
- package/dist/services/audit/detectors/ad/trusts.detector.d.ts.map +1 -0
- package/dist/services/audit/detectors/ad/trusts.detector.js +186 -0
- package/dist/services/audit/detectors/ad/trusts.detector.js.map +1 -0
- package/dist/services/audit/detectors/azure/app-security.detector.d.ts +11 -0
- package/dist/services/audit/detectors/azure/app-security.detector.d.ts.map +1 -0
- package/dist/services/audit/detectors/azure/app-security.detector.js +184 -0
- package/dist/services/audit/detectors/azure/app-security.detector.js.map +1 -0
- package/dist/services/audit/detectors/azure/conditional-access.detector.d.ts +10 -0
- package/dist/services/audit/detectors/azure/conditional-access.detector.d.ts.map +1 -0
- package/dist/services/audit/detectors/azure/conditional-access.detector.js +130 -0
- package/dist/services/audit/detectors/azure/conditional-access.detector.js.map +1 -0
- package/dist/services/audit/detectors/azure/privilege-security.detector.d.ts +8 -0
- package/dist/services/audit/detectors/azure/privilege-security.detector.d.ts.map +1 -0
- package/dist/services/audit/detectors/azure/privilege-security.detector.js +113 -0
- package/dist/services/audit/detectors/azure/privilege-security.detector.js.map +1 -0
- package/dist/services/audit/detectors/azure/user-security.detector.d.ts +14 -0
- package/dist/services/audit/detectors/azure/user-security.detector.d.ts.map +1 -0
- package/dist/services/audit/detectors/azure/user-security.detector.js +198 -0
- package/dist/services/audit/detectors/azure/user-security.detector.js.map +1 -0
- package/dist/services/audit/detectors/index.d.ts +2 -0
- package/dist/services/audit/detectors/index.d.ts.map +1 -0
- package/dist/services/audit/detectors/index.js +38 -0
- package/dist/services/audit/detectors/index.js.map +1 -0
- package/dist/services/audit/response-formatter.d.ts +176 -0
- package/dist/services/audit/response-formatter.d.ts.map +1 -0
- package/dist/services/audit/response-formatter.js +240 -0
- package/dist/services/audit/response-formatter.js.map +1 -0
- package/dist/services/audit/scoring.service.d.ts +15 -0
- package/dist/services/audit/scoring.service.d.ts.map +1 -0
- package/dist/services/audit/scoring.service.js +139 -0
- package/dist/services/audit/scoring.service.js.map +1 -0
- package/dist/services/auth/crypto.service.d.ts +19 -0
- package/dist/services/auth/crypto.service.d.ts.map +1 -0
- package/dist/services/auth/crypto.service.js +135 -0
- package/dist/services/auth/crypto.service.js.map +1 -0
- package/dist/services/auth/errors.d.ts +19 -0
- package/dist/services/auth/errors.d.ts.map +1 -0
- package/dist/services/auth/errors.js +46 -0
- package/dist/services/auth/errors.js.map +1 -0
- package/dist/services/auth/token.service.d.ts +41 -0
- package/dist/services/auth/token.service.d.ts.map +1 -0
- package/dist/services/auth/token.service.js +208 -0
- package/dist/services/auth/token.service.js.map +1 -0
- package/dist/services/config/config.service.d.ts +6 -0
- package/dist/services/config/config.service.d.ts.map +1 -0
- package/dist/services/config/config.service.js +64 -0
- package/dist/services/config/config.service.js.map +1 -0
- package/dist/services/export/export.service.d.ts +28 -0
- package/dist/services/export/export.service.d.ts.map +1 -0
- package/dist/services/export/export.service.js +28 -0
- package/dist/services/export/export.service.js.map +1 -0
- package/dist/services/export/formatters/csv.formatter.d.ts +8 -0
- package/dist/services/export/formatters/csv.formatter.d.ts.map +1 -0
- package/dist/services/export/formatters/csv.formatter.js +46 -0
- package/dist/services/export/formatters/csv.formatter.js.map +1 -0
- package/dist/services/export/formatters/json.formatter.d.ts +40 -0
- package/dist/services/export/formatters/json.formatter.d.ts.map +1 -0
- package/dist/services/export/formatters/json.formatter.js +58 -0
- package/dist/services/export/formatters/json.formatter.js.map +1 -0
- package/dist/services/jobs/azure-job-runner.d.ts +38 -0
- package/dist/services/jobs/azure-job-runner.d.ts.map +1 -0
- package/dist/services/jobs/azure-job-runner.js +199 -0
- package/dist/services/jobs/azure-job-runner.js.map +1 -0
- package/dist/services/jobs/index.d.ts +4 -0
- package/dist/services/jobs/index.d.ts.map +1 -0
- package/dist/services/jobs/index.js +20 -0
- package/dist/services/jobs/index.js.map +1 -0
- package/dist/services/jobs/job-runner.d.ts +64 -0
- package/dist/services/jobs/job-runner.d.ts.map +1 -0
- package/dist/services/jobs/job-runner.js +952 -0
- package/dist/services/jobs/job-runner.js.map +1 -0
- package/dist/services/jobs/job-store.d.ts +27 -0
- package/dist/services/jobs/job-store.d.ts.map +1 -0
- package/dist/services/jobs/job-store.js +261 -0
- package/dist/services/jobs/job-store.js.map +1 -0
- package/dist/services/jobs/job.types.d.ts +67 -0
- package/dist/services/jobs/job.types.d.ts.map +1 -0
- package/dist/services/jobs/job.types.js +36 -0
- package/dist/services/jobs/job.types.js.map +1 -0
- package/dist/types/ad.types.d.ts +74 -0
- package/dist/types/ad.types.d.ts.map +1 -0
- package/dist/types/ad.types.js +3 -0
- package/dist/types/ad.types.js.map +1 -0
- package/dist/types/adcs.types.d.ts +58 -0
- package/dist/types/adcs.types.d.ts.map +1 -0
- package/dist/types/adcs.types.js +38 -0
- package/dist/types/adcs.types.js.map +1 -0
- package/dist/types/attack-graph.types.d.ts +135 -0
- package/dist/types/attack-graph.types.d.ts.map +1 -0
- package/dist/types/attack-graph.types.js +58 -0
- package/dist/types/attack-graph.types.js.map +1 -0
- package/dist/types/audit.types.d.ts +34 -0
- package/dist/types/audit.types.d.ts.map +1 -0
- package/dist/types/audit.types.js +3 -0
- package/dist/types/audit.types.js.map +1 -0
- package/dist/types/azure.types.d.ts +61 -0
- package/dist/types/azure.types.d.ts.map +1 -0
- package/dist/types/azure.types.js +3 -0
- package/dist/types/azure.types.js.map +1 -0
- package/dist/types/config.types.d.ts +63 -0
- package/dist/types/config.types.d.ts.map +1 -0
- package/dist/types/config.types.js +3 -0
- package/dist/types/config.types.js.map +1 -0
- package/dist/types/error.types.d.ts +33 -0
- package/dist/types/error.types.d.ts.map +1 -0
- package/dist/types/error.types.js +70 -0
- package/dist/types/error.types.js.map +1 -0
- package/dist/types/finding.types.d.ts +133 -0
- package/dist/types/finding.types.d.ts.map +1 -0
- package/dist/types/finding.types.js +3 -0
- package/dist/types/finding.types.js.map +1 -0
- package/dist/types/gpo.types.d.ts +39 -0
- package/dist/types/gpo.types.d.ts.map +1 -0
- package/dist/types/gpo.types.js +15 -0
- package/dist/types/gpo.types.js.map +1 -0
- package/dist/types/token.types.d.ts +26 -0
- package/dist/types/token.types.d.ts.map +1 -0
- package/dist/types/token.types.js +3 -0
- package/dist/types/token.types.js.map +1 -0
- package/dist/types/trust.types.d.ts +45 -0
- package/dist/types/trust.types.d.ts.map +1 -0
- package/dist/types/trust.types.js +71 -0
- package/dist/types/trust.types.js.map +1 -0
- package/dist/utils/entity-converter.d.ts +17 -0
- package/dist/utils/entity-converter.d.ts.map +1 -0
- package/dist/utils/entity-converter.js +285 -0
- package/dist/utils/entity-converter.js.map +1 -0
- package/dist/utils/graph.util.d.ts +66 -0
- package/dist/utils/graph.util.d.ts.map +1 -0
- package/dist/utils/graph.util.js +382 -0
- package/dist/utils/graph.util.js.map +1 -0
- package/dist/utils/logger.d.ts +7 -0
- package/dist/utils/logger.d.ts.map +1 -0
- package/dist/utils/logger.js +86 -0
- package/dist/utils/logger.js.map +1 -0
- package/dist/utils/type-name-normalizer.d.ts +5 -0
- package/dist/utils/type-name-normalizer.d.ts.map +1 -0
- package/dist/utils/type-name-normalizer.js +218 -0
- package/dist/utils/type-name-normalizer.js.map +1 -0
- package/docker-compose.yml +26 -0
- package/docs/api/README.md +178 -0
- package/docs/api/openapi.yaml +1524 -0
- package/eslint.config.js +54 -0
- package/jest.config.js +38 -0
- package/package.json +97 -0
- package/scripts/fetch-ad-cert.sh +142 -0
- package/src/.gitkeep +0 -0
- package/src/api/.gitkeep +0 -0
- package/src/api/controllers/.gitkeep +0 -0
- package/src/api/controllers/audit.controller.ts +313 -0
- package/src/api/controllers/auth.controller.ts +258 -0
- package/src/api/controllers/export.controller.ts +153 -0
- package/src/api/controllers/health.controller.ts +16 -0
- package/src/api/controllers/jobs.controller.ts +187 -0
- package/src/api/controllers/providers.controller.ts +165 -0
- package/src/api/dto/.gitkeep +0 -0
- package/src/api/dto/AuditRequest.dto.ts +8 -0
- package/src/api/dto/AuditResponse.dto.ts +19 -0
- package/src/api/dto/TokenRequest.dto.ts +8 -0
- package/src/api/dto/TokenResponse.dto.ts +14 -0
- package/src/api/middlewares/.gitkeep +0 -0
- package/src/api/middlewares/authenticate.ts +203 -0
- package/src/api/middlewares/errorHandler.ts +54 -0
- package/src/api/middlewares/rateLimit.ts +35 -0
- package/src/api/middlewares/validate.ts +32 -0
- package/src/api/routes/.gitkeep +0 -0
- package/src/api/routes/audit.routes.ts +77 -0
- package/src/api/routes/auth.routes.ts +71 -0
- package/src/api/routes/export.routes.ts +34 -0
- package/src/api/routes/health.routes.ts +14 -0
- package/src/api/routes/index.ts +40 -0
- package/src/api/routes/providers.routes.ts +24 -0
- package/src/api/validators/.gitkeep +0 -0
- package/src/api/validators/audit.schemas.ts +59 -0
- package/src/api/validators/auth.schemas.ts +59 -0
- package/src/app.ts +87 -0
- package/src/config/.gitkeep +0 -0
- package/src/config/config.schema.ts +108 -0
- package/src/config/index.ts +82 -0
- package/src/container.ts +221 -0
- package/src/data/.gitkeep +0 -0
- package/src/data/database.ts +78 -0
- package/src/data/jobs/token-cleanup.job.ts +166 -0
- package/src/data/migrations/.gitkeep +0 -0
- package/src/data/migrations/001_initial_schema.sql +47 -0
- package/src/data/migrations/migration.runner.ts +125 -0
- package/src/data/models/.gitkeep +0 -0
- package/src/data/models/Token.model.ts +35 -0
- package/src/data/repositories/.gitkeep +0 -0
- package/src/data/repositories/token.repository.ts +160 -0
- package/src/providers/.gitkeep +0 -0
- package/src/providers/azure/.gitkeep +0 -0
- package/src/providers/azure/auth.provider.ts +14 -0
- package/src/providers/azure/azure-errors.ts +189 -0
- package/src/providers/azure/azure-retry.ts +168 -0
- package/src/providers/azure/graph-client.ts +315 -0
- package/src/providers/azure/graph.provider.ts +294 -0
- package/src/providers/azure/queries/app.queries.ts +9 -0
- package/src/providers/azure/queries/policy.queries.ts +9 -0
- package/src/providers/azure/queries/user.queries.ts +10 -0
- package/src/providers/interfaces/.gitkeep +0 -0
- package/src/providers/interfaces/IGraphProvider.ts +117 -0
- package/src/providers/interfaces/ILDAPProvider.ts +142 -0
- package/src/providers/ldap/.gitkeep +0 -0
- package/src/providers/ldap/acl-parser.ts +231 -0
- package/src/providers/ldap/ad-mappers.ts +280 -0
- package/src/providers/ldap/ldap-client.ts +259 -0
- package/src/providers/ldap/ldap-errors.ts +188 -0
- package/src/providers/ldap/ldap-retry.ts +267 -0
- package/src/providers/ldap/ldap-sanitizer.ts +273 -0
- package/src/providers/ldap/ldap.provider.ts +293 -0
- package/src/providers/ldap/queries/computer.queries.ts +9 -0
- package/src/providers/ldap/queries/group.queries.ts +9 -0
- package/src/providers/ldap/queries/user.queries.ts +10 -0
- package/src/providers/smb/smb.provider.ts +653 -0
- package/src/server.ts +60 -0
- package/src/services/.gitkeep +0 -0
- package/src/services/audit/.gitkeep +0 -0
- package/src/services/audit/ad-audit.service.ts +1481 -0
- package/src/services/audit/attack-graph.service.ts +1104 -0
- package/src/services/audit/audit.service.ts +12 -0
- package/src/services/audit/azure-audit.service.ts +286 -0
- package/src/services/audit/detectors/ad/accounts.detector.ts +1232 -0
- package/src/services/audit/detectors/ad/adcs.detector.ts +449 -0
- package/src/services/audit/detectors/ad/advanced.detector.ts +1270 -0
- package/src/services/audit/detectors/ad/attack-paths.detector.ts +600 -0
- package/src/services/audit/detectors/ad/compliance.detector.ts +1421 -0
- package/src/services/audit/detectors/ad/computers.detector.ts +1188 -0
- package/src/services/audit/detectors/ad/gpo.detector.ts +485 -0
- package/src/services/audit/detectors/ad/groups.detector.ts +685 -0
- package/src/services/audit/detectors/ad/index.ts +84 -0
- package/src/services/audit/detectors/ad/kerberos.detector.ts +424 -0
- package/src/services/audit/detectors/ad/monitoring.detector.ts +501 -0
- package/src/services/audit/detectors/ad/network.detector.ts +538 -0
- package/src/services/audit/detectors/ad/password.detector.ts +324 -0
- package/src/services/audit/detectors/ad/permissions.detector.ts +637 -0
- package/src/services/audit/detectors/ad/trusts.detector.ts +315 -0
- package/src/services/audit/detectors/azure/app-security.detector.ts +246 -0
- package/src/services/audit/detectors/azure/conditional-access.detector.ts +186 -0
- package/src/services/audit/detectors/azure/privilege-security.detector.ts +176 -0
- package/src/services/audit/detectors/azure/user-security.detector.ts +280 -0
- package/src/services/audit/detectors/index.ts +18 -0
- package/src/services/audit/response-formatter.ts +604 -0
- package/src/services/audit/scoring.service.ts +234 -0
- package/src/services/auth/.gitkeep +0 -0
- package/src/services/auth/crypto.service.ts +230 -0
- package/src/services/auth/errors.ts +47 -0
- package/src/services/auth/token.service.ts +420 -0
- package/src/services/config/.gitkeep +0 -0
- package/src/services/config/config.service.ts +75 -0
- package/src/services/export/.gitkeep +0 -0
- package/src/services/export/export.service.ts +99 -0
- package/src/services/export/formatters/csv.formatter.ts +124 -0
- package/src/services/export/formatters/json.formatter.ts +160 -0
- package/src/services/jobs/azure-job-runner.ts +312 -0
- package/src/services/jobs/index.ts +9 -0
- package/src/services/jobs/job-runner.ts +1280 -0
- package/src/services/jobs/job-store.ts +384 -0
- package/src/services/jobs/job.types.ts +182 -0
- package/src/types/.gitkeep +0 -0
- package/src/types/ad.types.ts +91 -0
- package/src/types/adcs.types.ts +107 -0
- package/src/types/attack-graph.types.ts +260 -0
- package/src/types/audit.types.ts +42 -0
- package/src/types/azure.types.ts +68 -0
- package/src/types/config.types.ts +79 -0
- package/src/types/error.types.ts +69 -0
- package/src/types/finding.types.ts +284 -0
- package/src/types/gpo.types.ts +72 -0
- package/src/types/smb2.d.ts +73 -0
- package/src/types/token.types.ts +32 -0
- package/src/types/trust.types.ts +140 -0
- package/src/utils/.gitkeep +0 -0
- package/src/utils/entity-converter.ts +453 -0
- package/src/utils/graph.util.ts +609 -0
- package/src/utils/logger.ts +111 -0
- package/src/utils/type-name-normalizer.ts +302 -0
- package/tests/.gitkeep +0 -0
- package/tests/e2e/.gitkeep +0 -0
- package/tests/fixtures/.gitkeep +0 -0
- package/tests/integration/.gitkeep +0 -0
- package/tests/integration/README.md +156 -0
- package/tests/integration/ad-audit.integration.test.ts +216 -0
- package/tests/integration/api/.gitkeep +0 -0
- package/tests/integration/api/endpoints.integration.test.ts +431 -0
- package/tests/integration/auth/jwt-authentication.integration.test.ts +358 -0
- package/tests/integration/providers/.gitkeep +0 -0
- package/tests/integration/providers/azure-basic.integration.test.ts +167 -0
- package/tests/integration/providers/ldap-basic.integration.test.ts +152 -0
- package/tests/integration/providers/ldap-connectivity.test.ts +44 -0
- package/tests/integration/providers/ldap-provider.integration.test.ts +347 -0
- package/tests/mocks/.gitkeep +0 -0
- package/tests/setup.ts +16 -0
- package/tests/unit/.gitkeep +0 -0
- package/tests/unit/api/middlewares/authenticate.test.ts +446 -0
- package/tests/unit/providers/.gitkeep +0 -0
- package/tests/unit/providers/azure/azure-errors.test.ts +193 -0
- package/tests/unit/providers/azure/azure-retry.test.ts +254 -0
- package/tests/unit/providers/azure/graph-provider.test.ts +313 -0
- package/tests/unit/providers/ldap/ad-mappers.test.ts +392 -0
- package/tests/unit/providers/ldap/ldap-provider.test.ts +376 -0
- package/tests/unit/providers/ldap/ldap-retry.test.ts +377 -0
- package/tests/unit/providers/ldap/ldap-sanitizer.test.ts +301 -0
- package/tests/unit/sample.test.ts +19 -0
- package/tests/unit/services/.gitkeep +0 -0
- package/tests/unit/services/audit/detectors/ad/accounts.detector.test.ts +393 -0
- package/tests/unit/services/audit/detectors/ad/advanced.detector.test.ts +380 -0
- package/tests/unit/services/audit/detectors/ad/computers.detector.test.ts +440 -0
- package/tests/unit/services/audit/detectors/ad/groups.detector.test.ts +276 -0
- package/tests/unit/services/audit/detectors/ad/kerberos.detector.test.ts +215 -0
- package/tests/unit/services/audit/detectors/ad/password.detector.test.ts +226 -0
- package/tests/unit/services/audit/detectors/ad/permissions.detector.test.ts +244 -0
- package/tests/unit/services/audit/detectors/azure/app-security.detector.test.ts +349 -0
- package/tests/unit/services/audit/detectors/azure/conditional-access.detector.test.ts +374 -0
- package/tests/unit/services/audit/detectors/azure/privilege-security.detector.test.ts +374 -0
- package/tests/unit/services/audit/detectors/azure/user-security.detector.test.ts +297 -0
- package/tests/unit/services/auth/crypto.service.test.ts +296 -0
- package/tests/unit/services/auth/token.service.test.ts +579 -0
- package/tests/unit/services/export/export.service.test.ts +241 -0
- package/tests/unit/services/export/formatters/csv.formatter.test.ts +270 -0
- package/tests/unit/services/export/formatters/json.formatter.test.ts +258 -0
- package/tests/unit/utils/.gitkeep +0 -0
- package/tsconfig.json +50 -0
|
@@ -0,0 +1,198 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.detectGlobalAdminNoMfa = detectGlobalAdminNoMfa;
|
|
4
|
+
exports.detectPrivilegedUserNoMfa = detectPrivilegedUserNoMfa;
|
|
5
|
+
exports.detectRiskyUserHigh = detectRiskyUserHigh;
|
|
6
|
+
exports.detectUserInactive = detectUserInactive;
|
|
7
|
+
exports.detectPasswordNeverExpires = detectPasswordNeverExpires;
|
|
8
|
+
exports.detectRiskyUserMedium = detectRiskyUserMedium;
|
|
9
|
+
exports.detectPasswordOld = detectPasswordOld;
|
|
10
|
+
exports.detectUserNeverSignedIn = detectUserNeverSignedIn;
|
|
11
|
+
exports.detectUserUnlicensed = detectUserUnlicensed;
|
|
12
|
+
exports.detectUserExternalMember = detectUserExternalMember;
|
|
13
|
+
exports.detectUserSecurityVulnerabilities = detectUserSecurityVulnerabilities;
|
|
14
|
+
const entity_converter_1 = require("../../../../utils/entity-converter");
|
|
15
|
+
function detectGlobalAdminNoMfa(users, roles, includeDetails) {
|
|
16
|
+
const globalAdminRoleId = '62e90394-69f5-4237-9190-012177145e10';
|
|
17
|
+
const affected = users.filter((u) => {
|
|
18
|
+
const userRoles = roles.get(u.id) || [];
|
|
19
|
+
const isGlobalAdmin = userRoles.includes(globalAdminRoleId);
|
|
20
|
+
const hasMfa = u.strongAuthenticationMethods?.length > 0 || u.isMfaRegistered === true;
|
|
21
|
+
return isGlobalAdmin && !hasMfa;
|
|
22
|
+
});
|
|
23
|
+
return {
|
|
24
|
+
type: 'AZURE_GLOBAL_ADMIN_NO_MFA',
|
|
25
|
+
severity: 'critical',
|
|
26
|
+
category: 'identity',
|
|
27
|
+
title: 'Global Administrator without MFA',
|
|
28
|
+
description: 'Global Administrator account without Multi-Factor Authentication. Full control over Azure AD if compromised.',
|
|
29
|
+
count: affected.length,
|
|
30
|
+
affectedEntities: includeDetails ? (0, entity_converter_1.toAffectedAzureUserEntities)(affected) : undefined,
|
|
31
|
+
};
|
|
32
|
+
}
|
|
33
|
+
function detectPrivilegedUserNoMfa(users, roles, includeDetails) {
|
|
34
|
+
const privilegedRoleIds = [
|
|
35
|
+
'62e90394-69f5-4237-9190-012177145e10',
|
|
36
|
+
'e8611ab8-c189-46e8-94e1-60213ab1f814',
|
|
37
|
+
'194ae4cb-b126-40b2-bd5b-6091b380977d',
|
|
38
|
+
'29232cdf-9323-42fd-ade2-1d097af3e4de',
|
|
39
|
+
'f28a1f50-f6e7-4571-818b-6a12f2af6b6c',
|
|
40
|
+
];
|
|
41
|
+
const affected = users.filter((u) => {
|
|
42
|
+
const userRoles = roles.get(u.id) || [];
|
|
43
|
+
const hasPrivilegedRole = userRoles.some((r) => privilegedRoleIds.includes(r));
|
|
44
|
+
const hasMfa = u.strongAuthenticationMethods?.length > 0 || u.isMfaRegistered === true;
|
|
45
|
+
return hasPrivilegedRole && !hasMfa;
|
|
46
|
+
});
|
|
47
|
+
return {
|
|
48
|
+
type: 'AZURE_PRIVILEGED_USER_NO_MFA',
|
|
49
|
+
severity: 'critical',
|
|
50
|
+
category: 'identity',
|
|
51
|
+
title: 'Privileged User without MFA',
|
|
52
|
+
description: 'Privileged role assigned to user without MFA. High risk if account is compromised.',
|
|
53
|
+
count: affected.length,
|
|
54
|
+
affectedEntities: includeDetails ? (0, entity_converter_1.toAffectedAzureUserEntities)(affected) : undefined,
|
|
55
|
+
};
|
|
56
|
+
}
|
|
57
|
+
function detectRiskyUserHigh(users, includeDetails) {
|
|
58
|
+
const affected = users.filter((u) => {
|
|
59
|
+
const riskLevel = u.riskLevel;
|
|
60
|
+
return riskLevel === 'high';
|
|
61
|
+
});
|
|
62
|
+
return {
|
|
63
|
+
type: 'AZURE_RISKY_USER_HIGH',
|
|
64
|
+
severity: 'critical',
|
|
65
|
+
category: 'identity',
|
|
66
|
+
title: 'High-Risk User (Identity Protection)',
|
|
67
|
+
description: 'User flagged as high risk by Azure Identity Protection. Account may be compromised.',
|
|
68
|
+
count: affected.length,
|
|
69
|
+
affectedEntities: includeDetails ? (0, entity_converter_1.toAffectedAzureUserEntities)(affected) : undefined,
|
|
70
|
+
};
|
|
71
|
+
}
|
|
72
|
+
function detectUserInactive(users, includeDetails) {
|
|
73
|
+
const now = Date.now();
|
|
74
|
+
const ninetyDaysAgo = now - 90 * 24 * 60 * 60 * 1000;
|
|
75
|
+
const affected = users.filter((u) => {
|
|
76
|
+
if (!u.lastSignInDateTime)
|
|
77
|
+
return false;
|
|
78
|
+
const lastSignIn = new Date(u.lastSignInDateTime).getTime();
|
|
79
|
+
return lastSignIn < ninetyDaysAgo;
|
|
80
|
+
});
|
|
81
|
+
return {
|
|
82
|
+
type: 'AZURE_USER_INACTIVE',
|
|
83
|
+
severity: 'high',
|
|
84
|
+
category: 'accounts',
|
|
85
|
+
title: 'Inactive User (90+ days)',
|
|
86
|
+
description: 'User account inactive for 90+ days. Should be disabled or deleted.',
|
|
87
|
+
count: affected.length,
|
|
88
|
+
affectedEntities: includeDetails ? (0, entity_converter_1.toAffectedAzureUserEntities)(affected) : undefined,
|
|
89
|
+
};
|
|
90
|
+
}
|
|
91
|
+
function detectPasswordNeverExpires(users, includeDetails) {
|
|
92
|
+
const affected = users.filter((u) => {
|
|
93
|
+
return u.passwordPolicies?.includes('DisablePasswordExpiration');
|
|
94
|
+
});
|
|
95
|
+
return {
|
|
96
|
+
type: 'AZURE_USER_PASSWORD_NEVER_EXPIRES',
|
|
97
|
+
severity: 'high',
|
|
98
|
+
category: 'accounts',
|
|
99
|
+
title: 'Password Never Expires',
|
|
100
|
+
description: 'User password expiration disabled. Increases risk of credential compromise.',
|
|
101
|
+
count: affected.length,
|
|
102
|
+
affectedEntities: includeDetails ? (0, entity_converter_1.toAffectedAzureUserEntities)(affected) : undefined,
|
|
103
|
+
};
|
|
104
|
+
}
|
|
105
|
+
function detectRiskyUserMedium(users, includeDetails) {
|
|
106
|
+
const affected = users.filter((u) => {
|
|
107
|
+
const riskLevel = u.riskLevel;
|
|
108
|
+
return riskLevel === 'medium';
|
|
109
|
+
});
|
|
110
|
+
return {
|
|
111
|
+
type: 'AZURE_RISKY_USER_MEDIUM',
|
|
112
|
+
severity: 'high',
|
|
113
|
+
category: 'identity',
|
|
114
|
+
title: 'Medium-Risk User (Identity Protection)',
|
|
115
|
+
description: 'User flagged as medium risk by Azure Identity Protection. Unusual sign-in activity detected.',
|
|
116
|
+
count: affected.length,
|
|
117
|
+
affectedEntities: includeDetails ? (0, entity_converter_1.toAffectedAzureUserEntities)(affected) : undefined,
|
|
118
|
+
};
|
|
119
|
+
}
|
|
120
|
+
function detectPasswordOld(users, includeDetails) {
|
|
121
|
+
const now = Date.now();
|
|
122
|
+
const sixMonthsAgo = now - 180 * 24 * 60 * 60 * 1000;
|
|
123
|
+
const affected = users.filter((u) => {
|
|
124
|
+
const lastPasswordChange = u.lastPasswordChangeDateTime;
|
|
125
|
+
if (!lastPasswordChange)
|
|
126
|
+
return false;
|
|
127
|
+
return new Date(lastPasswordChange).getTime() < sixMonthsAgo;
|
|
128
|
+
});
|
|
129
|
+
return {
|
|
130
|
+
type: 'AZURE_PASSWORD_OLD',
|
|
131
|
+
severity: 'medium',
|
|
132
|
+
category: 'accounts',
|
|
133
|
+
title: 'Old Password (180+ days)',
|
|
134
|
+
description: 'User password not changed for 180+ days. Increases credential compromise risk.',
|
|
135
|
+
count: affected.length,
|
|
136
|
+
affectedEntities: includeDetails ? (0, entity_converter_1.toAffectedAzureUserEntities)(affected) : undefined,
|
|
137
|
+
};
|
|
138
|
+
}
|
|
139
|
+
function detectUserNeverSignedIn(users, includeDetails) {
|
|
140
|
+
const affected = users.filter((u) => {
|
|
141
|
+
return u.accountEnabled && !u.lastSignInDateTime;
|
|
142
|
+
});
|
|
143
|
+
return {
|
|
144
|
+
type: 'AZURE_USER_NEVER_SIGNED_IN',
|
|
145
|
+
severity: 'medium',
|
|
146
|
+
category: 'accounts',
|
|
147
|
+
title: 'User Never Signed In',
|
|
148
|
+
description: 'Enabled account that has never been used. Orphaned account should be removed.',
|
|
149
|
+
count: affected.length,
|
|
150
|
+
affectedEntities: includeDetails ? (0, entity_converter_1.toAffectedAzureUserEntities)(affected) : undefined,
|
|
151
|
+
};
|
|
152
|
+
}
|
|
153
|
+
function detectUserUnlicensed(users, includeDetails) {
|
|
154
|
+
const affected = users.filter((u) => {
|
|
155
|
+
const licenses = u.assignedLicenses;
|
|
156
|
+
return u.accountEnabled && (!licenses || licenses.length === 0);
|
|
157
|
+
});
|
|
158
|
+
return {
|
|
159
|
+
type: 'AZURE_USER_UNLICENSED',
|
|
160
|
+
severity: 'medium',
|
|
161
|
+
category: 'accounts',
|
|
162
|
+
title: 'Unlicensed Active User',
|
|
163
|
+
description: 'Active user without assigned license. May indicate configuration issue.',
|
|
164
|
+
count: affected.length,
|
|
165
|
+
affectedEntities: includeDetails ? (0, entity_converter_1.toAffectedAzureUserEntities)(affected) : undefined,
|
|
166
|
+
};
|
|
167
|
+
}
|
|
168
|
+
function detectUserExternalMember(users, includeDetails) {
|
|
169
|
+
const affected = users.filter((u) => {
|
|
170
|
+
const userType = u.userType;
|
|
171
|
+
const isExternal = u.userPrincipalName?.includes('#EXT#');
|
|
172
|
+
return userType === 'Member' && isExternal;
|
|
173
|
+
});
|
|
174
|
+
return {
|
|
175
|
+
type: 'AZURE_USER_EXTERNAL_MEMBER',
|
|
176
|
+
severity: 'medium',
|
|
177
|
+
category: 'accounts',
|
|
178
|
+
title: 'External User as Member',
|
|
179
|
+
description: 'External domain user configured as Member instead of Guest. Security misconfiguration.',
|
|
180
|
+
count: affected.length,
|
|
181
|
+
affectedEntities: includeDetails ? (0, entity_converter_1.toAffectedAzureUserEntities)(affected) : undefined,
|
|
182
|
+
};
|
|
183
|
+
}
|
|
184
|
+
function detectUserSecurityVulnerabilities(users, roles, includeDetails) {
|
|
185
|
+
return [
|
|
186
|
+
detectGlobalAdminNoMfa(users, roles, includeDetails),
|
|
187
|
+
detectPrivilegedUserNoMfa(users, roles, includeDetails),
|
|
188
|
+
detectRiskyUserHigh(users, includeDetails),
|
|
189
|
+
detectUserInactive(users, includeDetails),
|
|
190
|
+
detectPasswordNeverExpires(users, includeDetails),
|
|
191
|
+
detectRiskyUserMedium(users, includeDetails),
|
|
192
|
+
detectPasswordOld(users, includeDetails),
|
|
193
|
+
detectUserNeverSignedIn(users, includeDetails),
|
|
194
|
+
detectUserUnlicensed(users, includeDetails),
|
|
195
|
+
detectUserExternalMember(users, includeDetails),
|
|
196
|
+
].filter((finding) => finding.count > 0);
|
|
197
|
+
}
|
|
198
|
+
//# sourceMappingURL=user-security.detector.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"user-security.detector.js","sourceRoot":"","sources":["../../../../../src/services/audit/detectors/azure/user-security.detector.ts"],"names":[],"mappings":";;AA+BA,wDAwBC;AAKD,8DA8BC;AAKD,kDAeC;AAKD,gDAmBC;AAKD,gEAcC;AAKD,sDAeC;AAKD,8CAmBC;AAKD,0DAcC;AAKD,oDAeC;AAKD,4DAgBC;AAKD,8EAiBC;AA7PD,yEAAiF;AAKjF,SAAgB,sBAAsB,CACpC,KAAkB,EAClB,KAA4B,EAC5B,cAAuB;IAEvB,MAAM,iBAAiB,GAAG,sCAAsC,CAAC;IAEjE,MAAM,QAAQ,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;QAClC,MAAM,SAAS,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC;QACxC,MAAM,aAAa,GAAG,SAAS,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC;QAC5D,MAAM,MAAM,GAAI,CAAS,CAAC,2BAA2B,EAAE,MAAM,GAAG,CAAC,IAAK,CAAS,CAAC,eAAe,KAAK,IAAI,CAAC;QAEzG,OAAO,aAAa,IAAI,CAAC,MAAM,CAAC;IAClC,CAAC,CAAC,CAAC;IAEH,OAAO;QACL,IAAI,EAAE,2BAA2B;QACjC,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,UAAU;QACpB,KAAK,EAAE,kCAAkC;QACzC,WAAW,EAAE,8GAA8G;QAC3H,KAAK,EAAE,QAAQ,CAAC,MAAM;QACtB,gBAAgB,EAAE,cAAc,CAAC,CAAC,CAAC,IAAA,8CAA2B,EAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS;KACrF,CAAC;AACJ,CAAC;AAKD,SAAgB,yBAAyB,CACvC,KAAkB,EAClB,KAA4B,EAC5B,cAAuB;IAEvB,MAAM,iBAAiB,GAAG;QACxB,sCAAsC;QACtC,sCAAsC;QACtC,sCAAsC;QACtC,sCAAsC;QACtC,sCAAsC;KACvC,CAAC;IAEF,MAAM,QAAQ,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;QAClC,MAAM,SAAS,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC;QACxC,MAAM,iBAAiB,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;QAC/E,MAAM,MAAM,GAAI,CAAS,CAAC,2BAA2B,EAAE,MAAM,GAAG,CAAC,IAAK,CAAS,CAAC,eAAe,KAAK,IAAI,CAAC;QAEzG,OAAO,iBAAiB,IAAI,CAAC,MAAM,CAAC;IACtC,CAAC,CAAC,CAAC;IAEH,OAAO;QACL,IAAI,EAAE,8BAA8B;QACpC,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,UAAU;QACpB,KAAK,EAAE,6BAA6B;QACpC,WAAW,EAAE,oFAAoF;QACjG,KAAK,EAAE,QAAQ,CAAC,MAAM;QACtB,gBAAgB,EAAE,cAAc,CAAC,CAAC,CAAC,IAAA,8CAA2B,EAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS;KACrF,CAAC;AACJ,CAAC;AAKD,SAAgB,mBAAmB,CAAC,KAAkB,EAAE,cAAuB;IAC7E,MAAM,QAAQ,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;QAClC,MAAM,SAAS,GAAI,CAAS,CAAC,SAAS,CAAC;QACvC,OAAO,SAAS,KAAK,MAAM,CAAC;IAC9B,CAAC,CAAC,CAAC;IAEH,OAAO;QACL,IAAI,EAAE,uBAAuB;QAC7B,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,UAAU;QACpB,KAAK,EAAE,sCAAsC;QAC7C,WAAW,EAAE,qFAAqF;QAClG,KAAK,EAAE,QAAQ,CAAC,MAAM;QACtB,gBAAgB,EAAE,cAAc,CAAC,CAAC,CAAC,IAAA,8CAA2B,EAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS;KACrF,CAAC;AACJ,CAAC;AAKD,SAAgB,kBAAkB,CAAC,KAAkB,EAAE,cAAuB;IAC5E,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACvB,MAAM,aAAa,GAAG,GAAG,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;IAErD,MAAM,QAAQ,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;QAClC,IAAI,CAAC,CAAC,CAAC,kBAAkB;YAAE,OAAO,KAAK,CAAC;QACxC,MAAM,UAAU,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,kBAAkB,CAAC,CAAC,OAAO,EAAE,CAAC;QAC5D,OAAO,UAAU,GAAG,aAAa,CAAC;IACpC,CAAC,CAAC,CAAC;IAEH,OAAO;QACL,IAAI,EAAE,qBAAqB;QAC3B,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,UAAU;QACpB,KAAK,EAAE,0BAA0B;QACjC,WAAW,EAAE,oEAAoE;QACjF,KAAK,EAAE,QAAQ,CAAC,MAAM;QACtB,gBAAgB,EAAE,cAAc,CAAC,CAAC,CAAC,IAAA,8CAA2B,EAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS;KACrF,CAAC;AACJ,CAAC;AAKD,SAAgB,0BAA0B,CAAC,KAAkB,EAAE,cAAuB;IACpF,MAAM,QAAQ,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;QAClC,OAAQ,CAAS,CAAC,gBAAgB,EAAE,QAAQ,CAAC,2BAA2B,CAAC,CAAC;IAC5E,CAAC,CAAC,CAAC;IAEH,OAAO;QACL,IAAI,EAAE,mCAAmC;QACzC,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,UAAU;QACpB,KAAK,EAAE,wBAAwB;QAC/B,WAAW,EAAE,6EAA6E;QAC1F,KAAK,EAAE,QAAQ,CAAC,MAAM;QACtB,gBAAgB,EAAE,cAAc,CAAC,CAAC,CAAC,IAAA,8CAA2B,EAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS;KACrF,CAAC;AACJ,CAAC;AAKD,SAAgB,qBAAqB,CAAC,KAAkB,EAAE,cAAuB;IAC/E,MAAM,QAAQ,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;QAClC,MAAM,SAAS,GAAI,CAAS,CAAC,SAAS,CAAC;QACvC,OAAO,SAAS,KAAK,QAAQ,CAAC;IAChC,CAAC,CAAC,CAAC;IAEH,OAAO;QACL,IAAI,EAAE,yBAAyB;QAC/B,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,UAAU;QACpB,KAAK,EAAE,wCAAwC;QAC/C,WAAW,EAAE,8FAA8F;QAC3G,KAAK,EAAE,QAAQ,CAAC,MAAM;QACtB,gBAAgB,EAAE,cAAc,CAAC,CAAC,CAAC,IAAA,8CAA2B,EAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS;KACrF,CAAC;AACJ,CAAC;AAKD,SAAgB,iBAAiB,CAAC,KAAkB,EAAE,cAAuB;IAC3E,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACvB,MAAM,YAAY,GAAG,GAAG,GAAG,GAAG,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;IAErD,MAAM,QAAQ,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;QAClC,MAAM,kBAAkB,GAAI,CAAS,CAAC,0BAA0B,CAAC;QACjE,IAAI,CAAC,kBAAkB;YAAE,OAAO,KAAK,CAAC;QACtC,OAAO,IAAI,IAAI,CAAC,kBAAkB,CAAC,CAAC,OAAO,EAAE,GAAG,YAAY,CAAC;IAC/D,CAAC,CAAC,CAAC;IAEH,OAAO;QACL,IAAI,EAAE,oBAAoB;QAC1B,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,UAAU;QACpB,KAAK,EAAE,0BAA0B;QACjC,WAAW,EAAE,gFAAgF;QAC7F,KAAK,EAAE,QAAQ,CAAC,MAAM;QACtB,gBAAgB,EAAE,cAAc,CAAC,CAAC,CAAC,IAAA,8CAA2B,EAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS;KACrF,CAAC;AACJ,CAAC;AAKD,SAAgB,uBAAuB,CAAC,KAAkB,EAAE,cAAuB;IACjF,MAAM,QAAQ,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;QAClC,OAAO,CAAC,CAAC,cAAc,IAAI,CAAC,CAAC,CAAC,kBAAkB,CAAC;IACnD,CAAC,CAAC,CAAC;IAEH,OAAO;QACL,IAAI,EAAE,4BAA4B;QAClC,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,UAAU;QACpB,KAAK,EAAE,sBAAsB;QAC7B,WAAW,EAAE,+EAA+E;QAC5F,KAAK,EAAE,QAAQ,CAAC,MAAM;QACtB,gBAAgB,EAAE,cAAc,CAAC,CAAC,CAAC,IAAA,8CAA2B,EAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS;KACrF,CAAC;AACJ,CAAC;AAKD,SAAgB,oBAAoB,CAAC,KAAkB,EAAE,cAAuB;IAC9E,MAAM,QAAQ,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;QAClC,MAAM,QAAQ,GAAI,CAAS,CAAC,gBAAgB,CAAC;QAC7C,OAAO,CAAC,CAAC,cAAc,IAAI,CAAC,CAAC,QAAQ,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC;IAClE,CAAC,CAAC,CAAC;IAEH,OAAO;QACL,IAAI,EAAE,uBAAuB;QAC7B,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,UAAU;QACpB,KAAK,EAAE,wBAAwB;QAC/B,WAAW,EAAE,yEAAyE;QACtF,KAAK,EAAE,QAAQ,CAAC,MAAM;QACtB,gBAAgB,EAAE,cAAc,CAAC,CAAC,CAAC,IAAA,8CAA2B,EAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS;KACrF,CAAC;AACJ,CAAC;AAKD,SAAgB,wBAAwB,CAAC,KAAkB,EAAE,cAAuB;IAClF,MAAM,QAAQ,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;QAClC,MAAM,QAAQ,GAAI,CAAS,CAAC,QAAQ,CAAC;QACrC,MAAM,UAAU,GAAG,CAAC,CAAC,iBAAiB,EAAE,QAAQ,CAAC,OAAO,CAAC,CAAC;QAC1D,OAAO,QAAQ,KAAK,QAAQ,IAAI,UAAU,CAAC;IAC7C,CAAC,CAAC,CAAC;IAEH,OAAO;QACL,IAAI,EAAE,4BAA4B;QAClC,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,UAAU;QACpB,KAAK,EAAE,yBAAyB;QAChC,WAAW,EAAE,wFAAwF;QACrG,KAAK,EAAE,QAAQ,CAAC,MAAM;QACtB,gBAAgB,EAAE,cAAc,CAAC,CAAC,CAAC,IAAA,8CAA2B,EAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS;KACrF,CAAC;AACJ,CAAC;AAKD,SAAgB,iCAAiC,CAC/C,KAAkB,EAClB,KAA4B,EAC5B,cAAuB;IAEvB,OAAO;QACL,sBAAsB,CAAC,KAAK,EAAE,KAAK,EAAE,cAAc,CAAC;QACpD,yBAAyB,CAAC,KAAK,EAAE,KAAK,EAAE,cAAc,CAAC;QACvD,mBAAmB,CAAC,KAAK,EAAE,cAAc,CAAC;QAC1C,kBAAkB,CAAC,KAAK,EAAE,cAAc,CAAC;QACzC,0BAA0B,CAAC,KAAK,EAAE,cAAc,CAAC;QACjD,qBAAqB,CAAC,KAAK,EAAE,cAAc,CAAC;QAC5C,iBAAiB,CAAC,KAAK,EAAE,cAAc,CAAC;QACxC,uBAAuB,CAAC,KAAK,EAAE,cAAc,CAAC;QAC9C,oBAAoB,CAAC,KAAK,EAAE,cAAc,CAAC;QAC3C,wBAAwB,CAAC,KAAK,EAAE,cAAc,CAAC;KAChD,CAAC,MAAM,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;AAC3C,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/services/audit/detectors/index.ts"],"names":[],"mappings":"AAQA,OAAO,KAAK,WAAW,MAAM,MAAM,CAAC"}
|
|
@@ -0,0 +1,38 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
14
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
15
|
+
}) : function(o, v) {
|
|
16
|
+
o["default"] = v;
|
|
17
|
+
});
|
|
18
|
+
var __importStar = (this && this.__importStar) || (function () {
|
|
19
|
+
var ownKeys = function(o) {
|
|
20
|
+
ownKeys = Object.getOwnPropertyNames || function (o) {
|
|
21
|
+
var ar = [];
|
|
22
|
+
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
|
|
23
|
+
return ar;
|
|
24
|
+
};
|
|
25
|
+
return ownKeys(o);
|
|
26
|
+
};
|
|
27
|
+
return function (mod) {
|
|
28
|
+
if (mod && mod.__esModule) return mod;
|
|
29
|
+
var result = {};
|
|
30
|
+
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
|
|
31
|
+
__setModuleDefault(result, mod);
|
|
32
|
+
return result;
|
|
33
|
+
};
|
|
34
|
+
})();
|
|
35
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
36
|
+
exports.ADDetectors = void 0;
|
|
37
|
+
exports.ADDetectors = __importStar(require("./ad"));
|
|
38
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/services/audit/detectors/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAQA,oDAAoC"}
|
|
@@ -0,0 +1,176 @@
|
|
|
1
|
+
import { AffectedUserEntity, AffectedAzureUserEntity, AffectedAppEntity, AffectedGroupEntity, AffectedComputerEntity, Finding, Severity } from '../../types/finding.types';
|
|
2
|
+
import { SecurityScore } from './scoring.service';
|
|
3
|
+
import { AttackGraphExport } from '../../types/attack-graph.types';
|
|
4
|
+
export interface DomainMetadata {
|
|
5
|
+
name: string;
|
|
6
|
+
baseDN: string;
|
|
7
|
+
ldapUrl: string;
|
|
8
|
+
}
|
|
9
|
+
export interface AuditOptionsMetadata {
|
|
10
|
+
includeDetails: boolean;
|
|
11
|
+
includeComputers: boolean;
|
|
12
|
+
includeConfig: boolean;
|
|
13
|
+
}
|
|
14
|
+
export interface ExecutionMetadata {
|
|
15
|
+
timestamp: string;
|
|
16
|
+
duration: string;
|
|
17
|
+
}
|
|
18
|
+
export interface AuditMetadata {
|
|
19
|
+
provider: string;
|
|
20
|
+
domain: DomainMetadata;
|
|
21
|
+
options: AuditOptionsMetadata;
|
|
22
|
+
execution: ExecutionMetadata;
|
|
23
|
+
}
|
|
24
|
+
export interface ObjectsSummary {
|
|
25
|
+
users: number;
|
|
26
|
+
users_enabled: number;
|
|
27
|
+
users_disabled: number;
|
|
28
|
+
groups: number;
|
|
29
|
+
ous: number;
|
|
30
|
+
computers: number;
|
|
31
|
+
}
|
|
32
|
+
export interface RiskSummary {
|
|
33
|
+
score: number;
|
|
34
|
+
rating: string;
|
|
35
|
+
findings: {
|
|
36
|
+
critical: number;
|
|
37
|
+
high: number;
|
|
38
|
+
medium: number;
|
|
39
|
+
low: number;
|
|
40
|
+
total: number;
|
|
41
|
+
totalInstances?: number;
|
|
42
|
+
};
|
|
43
|
+
}
|
|
44
|
+
export interface AuditSummary {
|
|
45
|
+
objects: ObjectsSummary;
|
|
46
|
+
risk: RiskSummary;
|
|
47
|
+
}
|
|
48
|
+
export interface SectionFinding {
|
|
49
|
+
type: string;
|
|
50
|
+
severity: Severity;
|
|
51
|
+
title: string;
|
|
52
|
+
description: string;
|
|
53
|
+
count: number;
|
|
54
|
+
totalInstances?: number;
|
|
55
|
+
affectedEntities?: (string | AffectedUserEntity | AffectedAzureUserEntity | AffectedAppEntity | AffectedGroupEntity | AffectedComputerEntity)[];
|
|
56
|
+
details?: Record<string, unknown>;
|
|
57
|
+
}
|
|
58
|
+
export interface FindingsSection {
|
|
59
|
+
total: number;
|
|
60
|
+
findings: SectionFinding[];
|
|
61
|
+
}
|
|
62
|
+
export interface SecuritySection {
|
|
63
|
+
passwords: FindingsSection;
|
|
64
|
+
kerberos: FindingsSection;
|
|
65
|
+
advanced: FindingsSection;
|
|
66
|
+
}
|
|
67
|
+
export interface AccountsSection {
|
|
68
|
+
status: FindingsSection;
|
|
69
|
+
privileged: FindingsSection;
|
|
70
|
+
service: FindingsSection;
|
|
71
|
+
dangerous: FindingsSection;
|
|
72
|
+
}
|
|
73
|
+
export interface PasswordPolicy {
|
|
74
|
+
minPasswordLength: number;
|
|
75
|
+
passwordHistoryLength: number;
|
|
76
|
+
maxPasswordAge: string;
|
|
77
|
+
minPasswordAge: string;
|
|
78
|
+
lockoutThreshold: number;
|
|
79
|
+
lockoutDuration: string;
|
|
80
|
+
lockoutObservationWindow: string;
|
|
81
|
+
complexity: boolean;
|
|
82
|
+
}
|
|
83
|
+
export interface DomainInfo {
|
|
84
|
+
forestName: string;
|
|
85
|
+
domainName: string;
|
|
86
|
+
domainMode: string;
|
|
87
|
+
forestMode: string;
|
|
88
|
+
domainControllers: string[];
|
|
89
|
+
fsmoRoles: {
|
|
90
|
+
schemaMaster?: string;
|
|
91
|
+
domainNamingMaster?: string;
|
|
92
|
+
pdcEmulator?: string;
|
|
93
|
+
ridMaster?: string;
|
|
94
|
+
infrastructureMaster?: string;
|
|
95
|
+
};
|
|
96
|
+
}
|
|
97
|
+
export interface TrustRelationship {
|
|
98
|
+
name: string;
|
|
99
|
+
direction: 'inbound' | 'outbound' | 'bidirectional';
|
|
100
|
+
type: 'forest' | 'external' | 'realm' | 'shortcut';
|
|
101
|
+
transitive: boolean;
|
|
102
|
+
}
|
|
103
|
+
export interface GPOSummary {
|
|
104
|
+
totalGPOs: number;
|
|
105
|
+
linkedGPOs: number;
|
|
106
|
+
}
|
|
107
|
+
export interface KerberosPolicy {
|
|
108
|
+
maxTicketAge: string;
|
|
109
|
+
maxRenewAge: string;
|
|
110
|
+
maxServiceAge: string;
|
|
111
|
+
maxClockSkew: string;
|
|
112
|
+
ticketValidateClient: boolean;
|
|
113
|
+
isDefault: boolean;
|
|
114
|
+
}
|
|
115
|
+
export interface DomainConfig {
|
|
116
|
+
passwordPolicy: PasswordPolicy;
|
|
117
|
+
kerberosPolicy?: KerberosPolicy;
|
|
118
|
+
domainInfo: DomainInfo;
|
|
119
|
+
trusts: TrustRelationship[];
|
|
120
|
+
gpoSummary: GPOSummary;
|
|
121
|
+
}
|
|
122
|
+
export interface ADCSSection {
|
|
123
|
+
total: number;
|
|
124
|
+
findings: SectionFinding[];
|
|
125
|
+
}
|
|
126
|
+
export interface GPOSecuritySection {
|
|
127
|
+
total: number;
|
|
128
|
+
findings: SectionFinding[];
|
|
129
|
+
}
|
|
130
|
+
export interface TrustsAnalysisSection {
|
|
131
|
+
total: number;
|
|
132
|
+
findings: SectionFinding[];
|
|
133
|
+
}
|
|
134
|
+
export interface ADAuditResponse {
|
|
135
|
+
success: boolean;
|
|
136
|
+
provider: 'active-directory';
|
|
137
|
+
audit: {
|
|
138
|
+
metadata: AuditMetadata;
|
|
139
|
+
summary: AuditSummary;
|
|
140
|
+
security: SecuritySection;
|
|
141
|
+
accounts: AccountsSection;
|
|
142
|
+
groups: FindingsSection;
|
|
143
|
+
computers: FindingsSection;
|
|
144
|
+
permissions: FindingsSection;
|
|
145
|
+
temporal: FindingsSection;
|
|
146
|
+
extendedConfig: FindingsSection;
|
|
147
|
+
adcs: ADCSSection;
|
|
148
|
+
gpoSecurity: GPOSecuritySection;
|
|
149
|
+
trustsAnalysis: TrustsAnalysisSection;
|
|
150
|
+
domainConfig?: DomainConfig;
|
|
151
|
+
attackGraph?: AttackGraphExport;
|
|
152
|
+
};
|
|
153
|
+
}
|
|
154
|
+
export interface FormatterContext {
|
|
155
|
+
domain: DomainMetadata;
|
|
156
|
+
options: {
|
|
157
|
+
includeDetails: boolean;
|
|
158
|
+
includeComputers?: boolean;
|
|
159
|
+
includeConfig?: boolean;
|
|
160
|
+
};
|
|
161
|
+
executionTimeMs: number;
|
|
162
|
+
timestamp: Date;
|
|
163
|
+
domainConfig?: DomainConfig;
|
|
164
|
+
attackGraph?: AttackGraphExport;
|
|
165
|
+
}
|
|
166
|
+
export declare function formatADAuditResponse(score: SecurityScore, findings: Finding[], stats: {
|
|
167
|
+
totalUsers: number;
|
|
168
|
+
enabledUsers: number;
|
|
169
|
+
disabledUsers: number;
|
|
170
|
+
totalGroups: number;
|
|
171
|
+
totalComputers: number;
|
|
172
|
+
totalOUs: number;
|
|
173
|
+
totalFindings: number;
|
|
174
|
+
executionTimeMs: number;
|
|
175
|
+
}, context: FormatterContext): ADAuditResponse;
|
|
176
|
+
//# sourceMappingURL=response-formatter.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"response-formatter.d.ts","sourceRoot":"","sources":["../../../src/services/audit/response-formatter.ts"],"names":[],"mappings":"AAOA,OAAO,EACL,kBAAkB,EAClB,uBAAuB,EACvB,iBAAiB,EACjB,mBAAmB,EACnB,sBAAsB,EACtB,OAAO,EACP,QAAQ,EACT,MAAM,2BAA2B,CAAC;AACnC,OAAO,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAElD,OAAO,EAAE,iBAAiB,EAAE,MAAM,gCAAgC,CAAC;AAKnE,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,MAAM,CAAC;CACjB;AAKD,MAAM,WAAW,oBAAoB;IACnC,cAAc,EAAE,OAAO,CAAC;IACxB,gBAAgB,EAAE,OAAO,CAAC;IAC1B,aAAa,EAAE,OAAO,CAAC;CACxB;AAKD,MAAM,WAAW,iBAAiB;IAChC,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAKD,MAAM,WAAW,aAAa;IAC5B,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,cAAc,CAAC;IACvB,OAAO,EAAE,oBAAoB,CAAC;IAC9B,SAAS,EAAE,iBAAiB,CAAC;CAC9B;AAKD,MAAM,WAAW,cAAc;IAC7B,KAAK,EAAE,MAAM,CAAC;IACd,aAAa,EAAE,MAAM,CAAC;IACtB,cAAc,EAAE,MAAM,CAAC;IACvB,MAAM,EAAE,MAAM,CAAC;IACf,GAAG,EAAE,MAAM,CAAC;IACZ,SAAS,EAAE,MAAM,CAAC;CACnB;AAKD,MAAM,WAAW,WAAW;IAC1B,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE;QACR,QAAQ,EAAE,MAAM,CAAC;QACjB,IAAI,EAAE,MAAM,CAAC;QACb,MAAM,EAAE,MAAM,CAAC;QACf,GAAG,EAAE,MAAM,CAAC;QACZ,KAAK,EAAE,MAAM,CAAC;QAEd,cAAc,CAAC,EAAE,MAAM,CAAC;KACzB,CAAC;CACH;AAKD,MAAM,WAAW,YAAY;IAC3B,OAAO,EAAE,cAAc,CAAC;IACxB,IAAI,EAAE,WAAW,CAAC;CACnB;AAKD,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,QAAQ,CAAC;IACnB,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IAEpB,KAAK,EAAE,MAAM,CAAC;IAEd,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,gBAAgB,CAAC,EAAE,CACf,MAAM,GACN,kBAAkB,GAClB,uBAAuB,GACvB,iBAAiB,GACjB,mBAAmB,GACnB,sBAAsB,CACzB,EAAE,CAAC;IACJ,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACnC;AAKD,MAAM,WAAW,eAAe;IAC9B,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,cAAc,EAAE,CAAC;CAC5B;AAKD,MAAM,WAAW,eAAe;IAC9B,SAAS,EAAE,eAAe,CAAC;IAC3B,QAAQ,EAAE,eAAe,CAAC;IAC1B,QAAQ,EAAE,eAAe,CAAC;CAC3B;AAKD,MAAM,WAAW,eAAe;IAC9B,MAAM,EAAE,eAAe,CAAC;IACxB,UAAU,EAAE,eAAe,CAAC;IAC5B,OAAO,EAAE,eAAe,CAAC;IACzB,SAAS,EAAE,eAAe,CAAC;CAC5B;AAKD,MAAM,WAAW,cAAc;IAC7B,iBAAiB,EAAE,MAAM,CAAC;IAC1B,qBAAqB,EAAE,MAAM,CAAC;IAC9B,cAAc,EAAE,MAAM,CAAC;IACvB,cAAc,EAAE,MAAM,CAAC;IACvB,gBAAgB,EAAE,MAAM,CAAC;IACzB,eAAe,EAAE,MAAM,CAAC;IACxB,wBAAwB,EAAE,MAAM,CAAC;IACjC,UAAU,EAAE,OAAO,CAAC;CACrB;AAKD,MAAM,WAAW,UAAU;IACzB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,iBAAiB,EAAE,MAAM,EAAE,CAAC;IAC5B,SAAS,EAAE;QACT,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB,kBAAkB,CAAC,EAAE,MAAM,CAAC;QAC5B,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,oBAAoB,CAAC,EAAE,MAAM,CAAC;KAC/B,CAAC;CACH;AAKD,MAAM,WAAW,iBAAiB;IAChC,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,SAAS,GAAG,UAAU,GAAG,eAAe,CAAC;IACpD,IAAI,EAAE,QAAQ,GAAG,UAAU,GAAG,OAAO,GAAG,UAAU,CAAC;IACnD,UAAU,EAAE,OAAO,CAAC;CACrB;AAKD,MAAM,WAAW,UAAU;IACzB,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;CACpB;AAKD,MAAM,WAAW,cAAc;IAC7B,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,CAAC;IACpB,aAAa,EAAE,MAAM,CAAC;IACtB,YAAY,EAAE,MAAM,CAAC;IACrB,oBAAoB,EAAE,OAAO,CAAC;IAE9B,SAAS,EAAE,OAAO,CAAC;CACpB;AAKD,MAAM,WAAW,YAAY;IAC3B,cAAc,EAAE,cAAc,CAAC;IAC/B,cAAc,CAAC,EAAE,cAAc,CAAC;IAChC,UAAU,EAAE,UAAU,CAAC;IACvB,MAAM,EAAE,iBAAiB,EAAE,CAAC;IAC5B,UAAU,EAAE,UAAU,CAAC;CACxB;AAKD,MAAM,WAAW,WAAW;IAC1B,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,cAAc,EAAE,CAAC;CAC5B;AAKD,MAAM,WAAW,kBAAkB;IACjC,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,cAAc,EAAE,CAAC;CAC5B;AAKD,MAAM,WAAW,qBAAqB;IACpC,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,cAAc,EAAE,CAAC;CAC5B;AAKD,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,OAAO,CAAC;IACjB,QAAQ,EAAE,kBAAkB,CAAC;IAC7B,KAAK,EAAE;QACL,QAAQ,EAAE,aAAa,CAAC;QACxB,OAAO,EAAE,YAAY,CAAC;QACtB,QAAQ,EAAE,eAAe,CAAC;QAC1B,QAAQ,EAAE,eAAe,CAAC;QAC1B,MAAM,EAAE,eAAe,CAAC;QACxB,SAAS,EAAE,eAAe,CAAC;QAC3B,WAAW,EAAE,eAAe,CAAC;QAC7B,QAAQ,EAAE,eAAe,CAAC;QAC1B,cAAc,EAAE,eAAe,CAAC;QAChC,IAAI,EAAE,WAAW,CAAC;QAClB,WAAW,EAAE,kBAAkB,CAAC;QAChC,cAAc,EAAE,qBAAqB,CAAC;QACtC,YAAY,CAAC,EAAE,YAAY,CAAC;QAC5B,WAAW,CAAC,EAAE,iBAAiB,CAAC;KACjC,CAAC;CACH;AAKD,MAAM,WAAW,gBAAgB;IAC/B,MAAM,EAAE,cAAc,CAAC;IACvB,OAAO,EAAE;QACP,cAAc,EAAE,OAAO,CAAC;QACxB,gBAAgB,CAAC,EAAE,OAAO,CAAC;QAC3B,aAAa,CAAC,EAAE,OAAO,CAAC;KACzB,CAAC;IACF,eAAe,EAAE,MAAM,CAAC;IACxB,SAAS,EAAE,IAAI,CAAC;IAChB,YAAY,CAAC,EAAE,YAAY,CAAC;IAC5B,WAAW,CAAC,EAAE,iBAAiB,CAAC;CACjC;AAgHD,wBAAgB,qBAAqB,CACnC,KAAK,EAAE,aAAa,EACpB,QAAQ,EAAE,OAAO,EAAE,EACnB,KAAK,EAAE;IACL,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;IACtB,WAAW,EAAE,MAAM,CAAC;IACpB,cAAc,EAAE,MAAM,CAAC;IACvB,QAAQ,EAAE,MAAM,CAAC;IACjB,aAAa,EAAE,MAAM,CAAC;IACtB,eAAe,EAAE,MAAM,CAAC;CACzB,EACD,OAAO,EAAE,gBAAgB,GACxB,eAAe,CAsMjB"}
|