@fanboynz/network-scanner 2.0.57 → 2.0.58

package/.github/workflows/npm-publish.yml

@@ -9,13 +9,13 @@ jobs:
       contents: write
       
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           token: ${{ secrets.GITHUB_TOKEN }}
           fetch-depth: 0
           
       - name: Setup Node.js
-        uses: actions/setup-node@v4
+        uses: actions/setup-node@v5
         with:
           node-version: '20'
           registry-url: 'https://registry.npmjs.org'
@@ -38,4 +38,4 @@ jobs:
       - name: Push changes
         run: git push --follow-tags
         env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

package/CLAUDE.md

@@ -0,0 +1,65 @@
+# Network Scanner (NWSS)
+
+Puppeteer-based network scanner for analyzing web traffic, generating adblock filter rules, and identifying third-party requests. Features fingerprint spoofing, Cloudflare bypass, content analysis with curl/grep, VPN/proxy routing, and multiple output formats.
+
+## Project Structure
+
+- `nwss.js` — Main entry point (~4,600 lines). CLI args, URL processing, orchestration.
+- `config.json` — Default scan configuration (sites, filters, options).
+- `lib/` — 28 focused, single-purpose modules:
+  - `fingerprint.js` — Bot detection evasion (device/GPU/timezone spoofing)
+  - `cloudflare.js` — Cloudflare challenge detection and solving
+  - `browserhealth.js` — Memory management and browser lifecycle
+  - `interaction.js` — Human-like mouse/scroll/typing simulation
+  - `smart-cache.js` — Multi-layer caching with persistence
+  - `nettools.js` — WHOIS/dig integration
+  - `output.js` — Multi-format rule output (adblock, dnsmasq, unbound, pihole, etc.)
+  - `proxy.js` — SOCKS5/HTTP proxy support
+  - `wireguard_vpn.js` / `openvpn_vpn.js` — VPN routing
+  - `adblock.js` — Adblock filter parsing and validation
+  - `validate_rules.js` — Domain and rule format validation
+  - `colorize.js` — Console output formatting and colors
+  - `domain-cache.js` — Domain detection cache for performance
+  - `post-processing.js` — Result cleanup and deduplication
+  - `redirect.js`, `referrer.js`, `cdp.js`, `curl.js`, `grep.js`, `compare.js`, `compress.js`, `dry-run.js`, `browserexit.js`, `clear_sitedata.js`, `flowproxy.js`, `ignore_similar.js`, `searchstring.js`
+- `.github/workflows/npm-publish.yml` — Automated npm publishing
+- `nwss.1` — Man page
+
+## Tech Stack
+
+- **Node.js** >=20.0.0
+- **puppeteer** >=20.0.0 — Headless browser automation
+- **psl** — Public Suffix List for domain parsing
+- **lru-cache** — LRU cache implementation
+- **p-limit** — Concurrency limiting (dynamically imported)
+- **eslint** — Linting (`npm run lint`)
+
+## Conventions
+
+- Store modular functionality in `./lib/` with focused, single-purpose modules
+- Use `messageColors` and `formatLogMessage` from `./lib/colorize` for consistent console output
+- Implement timeout protection for all Puppeteer operations using `Promise.race` patterns
+- Handle browser lifecycle with comprehensive cleanup in try-finally blocks
+- Validate all external tool availability before use (grep, curl, whois, dig)
+- Use `forceDebug` flag for detailed logging, `silentMode` for minimal output
+- Use `Object.freeze` for constant configuration objects (TIMEOUTS, CACHE_LIMITS, CONCURRENCY_LIMITS)
+- Use `fastTimeout(ms)` helper instead of `node:timers/promises` for Puppeteer 22.x compatibility
+
+## Running
+
+```bash
+node nwss.js                          # Run with default config.json
+node nwss.js config-custom.json       # Run with custom config
+node nwss.js --validate-config        # Validate configuration
+node nwss.js --dry-run                # Preview without network calls
+node nwss.js --headful                # Launch with browser GUI
+```
+
+## Files to Ignore
+
+- `node_modules/**`
+- `logs/**`
+- `sources/**`
+- `.cache/**`
+- `*.log`
+- `*.gz`

package/lib/adblock.js

@@ -51,11 +51,12 @@ function parseAdblockRules(filePath, options = {}) {
     caseSensitive = false
   } = options;
 
-  if (!fs.existsSync(filePath)) {
+  let fileContent;
+  try {
+    fileContent = fs.readFileSync(filePath, 'utf-8');
+  } catch (err) {
     throw new Error(`Adblock rules file not found: ${filePath}`);
   }
-
-  const fileContent = fs.readFileSync(filePath, 'utf-8');
   const lines = fileContent.split('\n');
   
   const rules = {

package/lib/browserexit.js

@@ -5,6 +5,7 @@
 
 
 const fs = require('fs');
+const path = require('path');
 const { execSync } = require('child_process');
 
 // Constants for temp file cleanup
@@ -15,20 +16,55 @@ const CHROME_TEMP_PATHS = [
 ];
 
 const CHROME_TEMP_PATTERNS = [
-  'com.google.Chrome.*',         // Google Chrome temp files (no leading dot)
-  '.org.chromium.Chromium.*',
-  'puppeteer-*'
+  /^\.?com\.google\.Chrome\./,
+  /^\.?org\.chromium\.Chromium\./,
+  /^puppeteer-/
 ];
 
+/**
+ * Count and remove matching Chrome/Puppeteer temp entries from a directory using fs
+ * @param {string} basePath - Directory to scan
+ * @param {boolean} forceDebug - Whether to output debug logs
+ * @returns {number} Number of items cleaned
+ */
+function cleanTempDir(basePath, forceDebug) {
+  let entries;
+  try {
+    entries = fs.readdirSync(basePath);
+  } catch {
+    if (forceDebug) console.log(`[debug] [temp-cleanup] Cannot read ${basePath}`);
+    return 0;
+  }
+
+  let cleaned = 0;
+  for (const entry of entries) {
+    let matched = false;
+    for (const re of CHROME_TEMP_PATTERNS) {
+      if (re.test(entry)) { matched = true; break; }
+    }
+    if (!matched) continue;
+
+    try {
+      fs.rmSync(path.join(basePath, entry), { recursive: true, force: true });
+      cleaned++;
+      if (forceDebug) console.log(`[debug] [temp-cleanup] Removed ${basePath}/${entry}`);
+    } catch (rmErr) {
+      if (forceDebug) console.log(`[debug] [temp-cleanup] Failed to remove ${basePath}/${entry}: ${rmErr.message}`);
+    }
+  }
+
+  return cleaned;
+}
+
 /**
  * Clean Chrome temporary files and directories
  * @param {Object} options - Cleanup options
  * @param {boolean} options.includeSnapTemp - Whether to clean snap temp directories
  * @param {boolean} options.forceDebug - Whether to output debug logs
  * @param {boolean} options.comprehensive - Whether to perform comprehensive cleanup of all temp locations
- * @returns {Promise<Object>} Cleanup results
+ * @returns {Object} Cleanup results
  */
-async function cleanupChromeTempFiles(options = {}) {
+function cleanupChromeTempFiles(options = {}) {
   const {
     includeSnapTemp = false,
     forceDebug = false,
@@ -36,57 +72,20 @@ async function cleanupChromeTempFiles(options = {}) {
   } = options;
 
   try {
-
-    // Base cleanup commands for standard temp directories
-    const cleanupCommands = [
-      'rm -rf /tmp/com.google.Chrome.* 2>/dev/null || true',
-      'rm -rf /tmp/.com.google.Chrome.* 2>/dev/null || true',
-      'rm -rf /tmp/.org.chromium.Chromium.* 2>/dev/null || true',
-      'rm -rf /tmp/puppeteer-* 2>/dev/null || true',
-      'rm -rf /dev/shm/.com.google.Chrome.* 2>/dev/null || true',
-      'rm -rf /dev/shm/.org.chromium.Chromium.* 2>/dev/null || true'
-    ];
-
-    // Add snap-specific cleanup if requested
-    if (includeSnapTemp || comprehensive) {
-      cleanupCommands.push('rm -rf /dev/shm/com.google.Chrome.* 2>/dev/null || true');
-      cleanupCommands.push(
-        'rm -rf /tmp/snap-private-tmp/snap.chromium/tmp/.org.chromium.Chromium.* 2>/dev/null || true',
-        'rm -rf /tmp/snap-private-tmp/snap.chromium/tmp/puppeteer-* 2>/dev/null || true'
-      );
-    }
+    const paths = comprehensive || includeSnapTemp
+      ? CHROME_TEMP_PATHS
+      : CHROME_TEMP_PATHS.slice(0, 2); // /tmp and /dev/shm only
 
     let totalCleaned = 0;
-    
-    for (const command of cleanupCommands) {
-      try {
-        // Extract glob pattern and count matches before deletion
-        const globPattern = command.match(/rm -rf ([^ ]+)/)?.[1];
-        if (!globPattern) continue;
-        const fileCount = parseInt(execSync(`ls -1d ${globPattern} 2>/dev/null | wc -l || echo 0`, { stdio: 'pipe' }).toString().trim()) || 0;
-        
-        if (fileCount > 0) {
-          execSync(command, { stdio: 'ignore' });
-          totalCleaned += fileCount;
-          
-          if (forceDebug) {
-            console.log(`[debug] [temp-cleanup] Cleaned ${fileCount} items from ${globPattern}`);
-          }
-        }
-      } catch (cmdErr) {
-        // Ignore individual command errors but log in debug mode
-        if (forceDebug) {
-          console.log(`[debug] [temp-cleanup] Cleanup command failed: ${command} (${cmdErr.message})`);
-        }
-      }
+    for (const basePath of paths) {
+      totalCleaned += cleanTempDir(basePath, forceDebug);
     }
 
     if (forceDebug) {
-      console.log(`[debug] [temp-cleanup] Standard cleanup completed (${totalCleaned} items)`);
+      console.log(`[debug] [temp-cleanup] Cleanup completed (${totalCleaned} items)`);
     }
-    
+
     return { success: true, itemsCleaned: totalCleaned };
-    
   } catch (cleanupErr) {
     if (forceDebug) {
       console.log(`[debug] [temp-cleanup] Chrome cleanup error: ${cleanupErr.message}`);
@@ -96,72 +95,38 @@ async function cleanupChromeTempFiles(options = {}) {
 }
 
 /**
- * Comprehensive temp file cleanup that systematically checks all known Chrome temp locations
+ * Comprehensive temp file cleanup that checks all known Chrome temp locations
  * @param {Object} options - Cleanup options
  * @param {boolean} options.forceDebug - Whether to output debug logs
  * @param {boolean} options.verbose - Whether to show verbose output
- * @returns {Promise<Object>} Cleanup results
+ * @returns {Object} Cleanup results
  */
-async function comprehensiveChromeTempCleanup(options = {}) {
+function comprehensiveChromeTempCleanup(options = {}) {
   const { forceDebug = false, verbose = false } = options;
-  
+
   try {
-    let totalCleaned = 0;
-    
     if (verbose && !forceDebug) {
       console.log(`[temp-cleanup] Scanning Chrome/Puppeteer temporary files...`);
     }
-    
+
+    let totalCleaned = 0;
     for (const basePath of CHROME_TEMP_PATHS) {
-      // Check if the base path exists before trying to clean it
-      try {
-        const pathExists = fs.existsSync(basePath);
-        
-        if (!pathExists) {
-          if (forceDebug) {
-            console.log(`[debug] [temp-cleanup] Skipping non-existent path: ${basePath}`);
-          }
-          continue;
-        }
-        
-        for (const pattern of CHROME_TEMP_PATTERNS) {
-          const fullPattern = `${basePath}/${pattern}`;
-          
-          // Count items before deletion
-          const countCommand = `ls -1d ${fullPattern} 2>/dev/null | wc -l || echo 0`;
-          const itemCount = parseInt(execSync(countCommand, { stdio: 'pipe' }).toString().trim()) || 0;
-          
-          if (itemCount > 0) {
-            const deleteCommand = `rm -rf ${fullPattern} 2>/dev/null || true`;
-            execSync(deleteCommand, { stdio: 'ignore' });
-            totalCleaned += itemCount;
-            
-            if (forceDebug) {
-              console.log(`[debug] [temp-cleanup] Removed ${itemCount} items matching ${fullPattern}`);
-            }
-          }
-        }
-      } catch (pathErr) {
-        if (forceDebug) {
-          console.log(`[debug] [temp-cleanup] Error checking path ${basePath}: ${pathErr.message}`);
-        }
-      }
+      totalCleaned += cleanTempDir(basePath, forceDebug);
     }
-    
+
     if (verbose && totalCleaned > 0) {
-      console.log(`[temp-cleanup] ? Removed ${totalCleaned} temporary file(s)/folder(s)`);
+      console.log(`[temp-cleanup] Removed ${totalCleaned} temporary file(s)/folder(s)`);
     } else if (verbose && totalCleaned === 0) {
-      console.log(`[temp-cleanup] ? Clean - no remaining temporary files`);
+      console.log(`[temp-cleanup] Clean - no remaining temporary files`);
     } else if (forceDebug) {
       console.log(`[debug] [temp-cleanup] Comprehensive cleanup completed (${totalCleaned} items)`);
     }
-    
+
     return { success: true, itemsCleaned: totalCleaned };
-    
   } catch (err) {
     const errorMsg = `Comprehensive temp file cleanup failed: ${err.message}`;
     if (verbose) {
-      console.warn(`[temp-cleanup] ? ${errorMsg}`);
+      console.warn(`[temp-cleanup] ${errorMsg}`);
     } else if (forceDebug) {
       console.log(`[debug] [temp-cleanup] ${errorMsg}`);
     }
@@ -317,7 +282,7 @@ async function forceBrowserKill(browser, forceDebug = false) {
       }
       
       // Wait for graceful termination
-      await new Promise(resolve => setTimeout(resolve, 3000));
+      await new Promise(resolve => setTimeout(resolve, 1000));
       
       // Force kill any remaining processes with SIGKILL
       for (const pid of pidsToKill) {

package/lib/browserhealth.js

@@ -438,11 +438,12 @@ async function performRealtimeWindowCleanup(browserInstance, threshold = REALTIM
     let closedCount = 0;
     for (const page of safePagesToClose) {
       try {
-        // Cache both page state and URL for this iteration
         const isPageClosed = page.isClosed();
-        const pageUrl = page.url();
-        
-        if (!isPageClosed) {
+
+        // Re-check processing state — may have changed since safety check
+        const usage = pageUsageTracker.get(page);
+        if (!isPageClosed && !(usage && usage.isProcessing)) {
+          const pageUrl = page.url();
           await page.close();
           pageCreationTracker.delete(page); // Remove from tracker
           pageUsageTracker.delete(page);
@@ -569,6 +570,16 @@ function trackPageForRealtime(page) {
   updatePageUsage(page, false); // Initialize usage tracking
 }
 
+/**
+ * Removes a page from all tracking Maps immediately.
+ * Call this before page.close() to prevent stale entries during concurrent execution.
+ * @param {import('puppeteer').Page} page - Page to untrack
+ */
+function untrackPage(page) {
+  pageCreationTracker.delete(page);
+  pageUsageTracker.delete(page);
+}
+
 /**
  * Purges stale entries from tracking Maps (pages that were closed without cleanup)
  * Should be called periodically to prevent memory leaks
@@ -1225,6 +1236,7 @@ module.exports = {
   isBrowserHealthy,
   isCriticalProtocolError,
   updatePageUsage,
+  untrackPage,
   cleanupPageBeforeReload,
   purgeStaleTrackers
 };

package/lib/compare.js

@@ -9,10 +9,6 @@ const path = require('path');
  */
 function loadComparisonRules(compareFilePath, forceDebug = false) {
   try {
-    if (!fs.existsSync(compareFilePath)) {
-      throw new Error(`Comparison file not found: ${compareFilePath}`);
-    }
-    
     const content = fs.readFileSync(compareFilePath, 'utf8');
     const lines = content.split('\n')
       .map(line => line.trim())

package/lib/compress.js

@@ -24,9 +24,7 @@ async function compressFile(filePath, removeOriginal = true) {
     const handleError = (error) => {
       // Clean up partial compressed file on error
       try {
-        if (fs.existsSync(compressedPath)) {
-          fs.unlinkSync(compressedPath);
-        }
+        fs.unlinkSync(compressedPath);
       } catch (cleanupErr) {
         // Ignore cleanup errors
       }
@@ -69,18 +67,11 @@ async function compressMultipleFiles(filePaths, removeOriginals = true) {
   
   for (const filePath of filePaths) {
     try {
-      if (fs.existsSync(filePath)) {
-        const compressedPath = await compressFile(filePath, removeOriginals);
-        results.successful.push({
-          original: filePath,
-          compressed: compressedPath
-        });
-      } else {
-        results.failed.push({
-          path: filePath,
-          error: 'File does not exist'
-        });
-      }
+      const compressedPath = await compressFile(filePath, removeOriginals);
+      results.successful.push({
+        original: filePath,
+        compressed: compressedPath
+      });
     } catch (error) {
       results.failed.push({
         path: filePath,

package/lib/dry-run.js

@@ -436,7 +436,7 @@ function writeDryRunOutput(outputFile, dryRunOutput, silentMode = false) {
     // Ensure output directory exists
     const path = require('path');
     const outputDir = path.dirname(outputFile);
-    if (outputDir !== '.' && !fs.existsSync(outputDir)) {
+    if (outputDir !== '.') {
       fs.mkdirSync(outputDir, { recursive: true });
     }
     

package/lib/fingerprint.js

@@ -41,8 +41,6 @@ const USER_AGENT_COLLECTIONS = Object.freeze(new Map([
   ['safari', "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.6 Safari/605.1.15"]
 ]));
 
-// Timezone configuration with offsets
-
 // GPU pool — realistic vendor/renderer combos per OS (used for WebGL spoofing)
 const GPU_POOL = {
   windows: [
@@ -86,12 +84,20 @@ function selectGpuForUserAgent(userAgentString) {
   const pool = GPU_POOL[osKey];
   return pool[Math.floor(Math.random() * pool.length)];
 }
-const TIMEZONE_CONFIG = {
-  'America/New_York': { offset: 300, abbr: 'EST' },
-  'America/Los_Angeles': { offset: 480, abbr: 'PST' },
-  'Europe/London': { offset: 0, abbr: 'GMT' },
-  'America/Chicago': { offset: 360, abbr: 'CST' }
-};
+
+/**
+ * Checks if an error is a session/protocol closed error (common during page navigation)
+ */
+function isSessionClosedError(err) {
+  const msg = err.message;
+  return msg.includes('Session closed') ||
+    msg.includes('addScriptToEvaluateOnNewDocument timed out') ||
+    msg.includes('Target closed') ||
+    msg.includes('Protocol error') || err.name === 'ProtocolError' ||
+    msg.includes('detached Frame') || msg.includes('Navigating frame was detached') ||
+    msg.includes('Cannot find context') ||
+    msg.includes('Execution context was destroyed');
+}
 
 /**
  * Safely defines a property with comprehensive error handling
@@ -406,11 +412,6 @@ async function applyUserAgentSpoofing(page, siteConfig, forceDebug, currentUrl)
           }
         }
 
-        // Add cached descriptors helper for page context
-        const CACHED_DESCRIPTORS = {
-          getter: (fn) => ({ get: fn, enumerable: true, configurable: true })
-        };
-        
         // Add monomorphic spoofing functions for page context
         function spoofNavigatorProperties(navigator, properties) {
           for (const [prop, descriptor] of Object.entries(properties)) {
@@ -1689,15 +1690,31 @@ async function applyUserAgentSpoofing(page, siteConfig, forceDebug, currentUrl)
           if (debugEnabled) console.log('[fingerprint] toString protection applied to all spoofed functions');
         }, 'Function.prototype.toString bulk masking');
 
+        // Trigger interaction-gated scripts (GTM, Monetag etc.) on page load
+        safeExecute(() => {
+          function triggerInteraction() {
+            setTimeout(() => {
+              const x = Math.floor(Math.random() * 800) + 100;
+              const y = Math.floor(Math.random() * 400) + 100;
+              window.dispatchEvent(new MouseEvent('mousemove', {
+                clientX: x, clientY: y, bubbles: true, cancelable: true, view: window
+              }));
+              window.dispatchEvent(new Event('scroll', { bubbles: true }));
+              document.dispatchEvent(new KeyboardEvent('keydown', {
+                key: 'Tab', code: 'Tab', bubbles: true
+              }));
+            }, 50);
+          }
+          if (document.readyState === 'loading') {
+            document.addEventListener('DOMContentLoaded', triggerInteraction, { once: true });
+          } else {
+            triggerInteraction();
+          }
+        }, 'interaction-gated script trigger');
+
       }, ua, forceDebug, selectedGpu);
     } catch (stealthErr) {
-      if (stealthErr.message.includes('Session closed') || 
-          stealthErr.message.includes('addScriptToEvaluateOnNewDocument timed out') ||
-          stealthErr.message.includes('Target closed') ||
-          stealthErr.message.includes('Protocol error') || stealthErr.name === 'ProtocolError' ||
-          stealthErr.message.includes('detached Frame') || stealthErr.message.includes('Navigating frame was detached') ||
-          stealthErr.message.includes('Cannot find context') ||
-          stealthErr.message.includes('Execution context was destroyed')) {
+      if (isSessionClosedError(stealthErr)) {
         if (forceDebug) console.log(`[debug] Page closed during stealth injection: ${currentUrl}`);
         return;
       }
@@ -1749,13 +1766,7 @@ async function applyBraveSpoofing(page, siteConfig, forceDebug, currentUrl) {
     }
     }, forceDebug);
   } catch (braveErr) {
-    if (braveErr.message.includes('Session closed') || 
-        braveErr.message.includes('addScriptToEvaluateOnNewDocument timed out') ||
-        braveErr.message.includes('Target closed') ||
-        braveErr.message.includes('Protocol error') || braveErr.name === 'ProtocolError' ||
-        braveErr.message.includes('detached Frame') || braveErr.message.includes('Navigating frame was detached') ||
-        braveErr.message.includes('Cannot find context') ||
-        braveErr.message.includes('Execution context was destroyed')) {
+    if (isSessionClosedError(braveErr)) {
       if (forceDebug) console.log(`[debug] Page closed during Brave injection: ${currentUrl}`);
       return;
     }
@@ -1918,13 +1929,7 @@ async function applyFingerprintProtection(page, siteConfig, forceDebug, currentU
       
     }, { spoof, debugEnabled: forceDebug });
   } catch (err) {
-    if (err.message.includes('Session closed') || 
-        err.message.includes('addScriptToEvaluateOnNewDocument timed out') ||
-        err.message.includes('Target closed') ||
-        err.message.includes('Protocol error') || err.name === 'ProtocolError' ||
-        err.message.includes('detached Frame') || err.message.includes('Navigating frame was detached') ||
-        err.message.includes('Cannot find context') ||
-        err.message.includes('Execution context was destroyed')) {
+    if (isSessionClosedError(err)) {
       if (forceDebug) console.log(`[debug] Page closed during fingerprint injection: ${currentUrl}`);
       return;
     }
@@ -2083,9 +2088,6 @@ async function applyAllFingerprintSpoofing(page, siteConfig, forceDebug, current
   }
 }
 
-// Legacy compatibility function - maintained for backwards compatibility
-
-
 module.exports = {
   generateRealisticFingerprint,
   getRealisticScreenResolution,

package/lib/flowproxy.js

@@ -41,6 +41,13 @@ const FAST_TIMEOUTS = {
  * Gets module version information
  * @returns {object} Version information object
  */
+// Protocols to skip — FlowProxy only protects web traffic
+const SKIP_PATTERNS = [
+  'about:', 'chrome:', 'chrome-extension:', 'chrome-error:', 'chrome-search:',
+  'devtools:', 'edge:', 'moz-extension:', 'safari-extension:', 'webkit:',
+  'data:', 'blob:', 'javascript:', 'vbscript:', 'file:', 'ftp:', 'ftps:'
+];
+
 function getModuleInfo() {
   return {
     version: FLOWPROXY_MODULE_VERSION,
@@ -73,15 +80,8 @@ function shouldProcessUrl(url, forceDebug = false) {
   }
 
   // Skip browser-internal and special protocol URLs
-  // These protocols are not relevant for FlowProxy protection
-  const skipPatterns = [
-    'about:', 'chrome:', 'chrome-extension:', 'chrome-error:', 'chrome-search:',
-    'devtools:', 'edge:', 'moz-extension:', 'safari-extension:', 'webkit:',
-    'data:', 'blob:', 'javascript:', 'vbscript:', 'file:', 'ftp:', 'ftps:'
-  ];
-
   const urlLower = url.toLowerCase();
-  for (const pattern of skipPatterns) {
+  for (const pattern of SKIP_PATTERNS) {
     if (urlLower.startsWith(pattern)) {
       if (forceDebug) {
         console.log(`[flowproxy][url-validation] Skipping ${pattern} URL: ${url.substring(0, 100)}${url.length > 100 ? '...' : ''}`);

package/lib/grep.js

@@ -28,7 +28,7 @@ const GREP_DEFAULTS = {
  * @param {object} options - Grep options
  * @returns {Promise<object>} Object with found boolean, matchedPattern, and allMatches array
  */
-async function grepContent(content, searchPatterns, options = {}) {
+function grepContent(content, searchPatterns, options = {}) {
   const {
     ignoreCase = true,
     wholeWord = false,

package/lib/interaction.js

@@ -374,11 +374,14 @@ async function humanLikeMouseMove(page, fromX, fromY, toX, toY, options = {}) {
   }
 
   for (let i = 0; i <= actualSteps; i++) {
+    // Bail out if page closed mid-movement
+    try { if (page.isClosed()) return; } catch { return; }
+
     const progress = i / actualSteps;
-    
+
     // Apply easing curve for more natural movement
-    const easedProgress = progress < 0.5 
-      ? 2 * progress * progress 
+    const easedProgress = progress < 0.5
+      ? 2 * progress * progress
       : 1 - Math.pow(-2 * progress + 2, 2) / 2;
 
     // Calculate base position
@@ -390,7 +393,7 @@ async function humanLikeMouseMove(page, fromX, fromY, toX, toY, options = {}) {
       const curveIntensity = Math.sin((i / actualSteps) * Math.PI) * curve * distance * MOUSE_MOVEMENT.CURVE_INTENSITY_RATIO;
       const perpX = -(toY - fromY) / distance;
       const perpY = (toX - fromX) / distance;
-      
+
       currentX += perpX * curveIntensity;
       currentY += perpY * curveIntensity;
     }
@@ -402,7 +405,7 @@ async function humanLikeMouseMove(page, fromX, fromY, toX, toY, options = {}) {
     }
 
     await page.mouse.move(currentX, currentY);
-    
+
     // Variable delay between movements
     if (i < actualSteps) {
       const delay = Math.floor(Math.random() * (maxDelay - minDelay + 1)) + minDelay;
@@ -457,14 +460,16 @@ async function simulateScrolling(page, options = {}) {
 
   try {
     for (let i = 0; i < amount; i++) {
+      try { if (page.isClosed()) return; } catch { return; }
+
       const scrollDelta = direction === 'down' ? SCROLLING.SCROLL_DELTA : -SCROLLING.SCROLL_DELTA;
-      
+
       // Smooth scrolling by breaking into smaller increments
       for (let j = 0; j < smoothness; j++) {
         await page.mouse.wheel({ deltaY: scrollDelta / smoothness });
         await fastTimeout(SCROLLING.SMOOTH_INCREMENT_DELAY);
       }
-      
+
       if (i < amount - 1) {
         await fastTimeout(pauseBetween);
       }
@@ -547,6 +552,8 @@ async function interactWithElements(page, options = {}) {
 
       // Very short timeout since page should already be loaded
       await page.waitForSelector('body', { timeout: 1000 });
+      // Re-check after async wait — page may have closed during selector wait
+      if (page.isClosed()) return;
     } catch (bodyWaitErr) {
       if (options.forceDebug) {
         console.log(`[interaction] Page not ready for element interaction: ${bodyWaitErr.message}`);
@@ -677,7 +684,7 @@ async function performContentClicks(page, options = {}) {
     let lastY = minY + Math.floor(Math.random() * (maxY - minY));
 
     for (let i = 0; i < clicks; i++) {
-      if (page.isClosed()) break;
+      try { if (page.isClosed()) break; } catch { break; }
 
       // Random position in content zone
       const targetX = minX + Math.floor(Math.random() * (maxX - minX));
@@ -813,11 +820,6 @@ function cleanupInteractionMemory(force = false) {
     cachedViewport = null;
     lastViewportCheck = 0;
   }
-  
-  // Force garbage collection if available (helps with memory pressure)
-  if (global.gc) {
-    global.gc();
-  }
 }
 
 /**
@@ -915,7 +917,9 @@ async function performPageInteraction(page, currentUrl, options = {}, forceDebug
     const maxY = viewport.height;
 
     if (forceDebug) {
-      console.log(`[interaction] Starting enhanced interaction simulation for ${new URL(currentUrl).hostname} (${intensity} intensity)`);
+      let hostname = currentUrl;
+      try { hostname = new URL(currentUrl).hostname; } catch {}
+      console.log(`[interaction] Starting enhanced interaction simulation for ${hostname} (${intensity} intensity)`);
     }
 
     // Configure intensity settings
@@ -1010,8 +1014,11 @@ async function performPageInteraction(page, currentUrl, options = {}, forceDebug
     try {
       const bodyElement = await page.$('body');
       if (bodyElement) {
-        await page.hover('body');
-        await bodyElement.dispose();
+        try {
+          await page.hover('body');
+        } finally {
+          await bodyElement.dispose();
+        }
       }
     } catch (hoverErr) {
       // Silently handle hover failures - not critical
@@ -1037,35 +1044,6 @@ async function performPageInteraction(page, currentUrl, options = {}, forceDebug
   }
 }
 
-/**
- * Performs minimal interaction for very slow or problematic pages
- * Only does basic mouse movement without body validation
- */
-async function performMinimalInteraction(page, currentUrl, options = {}, forceDebug = false) {
-  try {
-    if (page.isClosed()) return;
-    
-    const viewport = await getCachedViewport(page);
-    const maxX = viewport.width;
-    const maxY = viewport.height;
-    
-    if (forceDebug) {
-      console.log(`[interaction] Performing minimal interaction for slow page: ${new URL(currentUrl).hostname}`);
-    }
-    
-    // Just do basic mouse movement without body-dependent operations
-    const startPos = generateRandomCoordinates(maxX, maxY);
-    const endPos = generateRandomCoordinates(maxX, maxY);
-    
-    await page.mouse.move(startPos.x, startPos.y);
-    await fastTimeout(200);
-    await humanLikeMouseMove(page, startPos.x, startPos.y, endPos.x, endPos.y);
-    
-  } catch (minimalErr) {
-    // Even minimal interaction failed - page is truly broken
-  }
-}
-
 /**
  * Creates an optimized interaction configuration based on site characteristics
  * 

package/lib/openvpn_vpn.js

@@ -5,7 +5,7 @@
 //
 // NOTE: Like wireguard_vpn.js, OpenVPN modifies system-level routing.
 // When running concurrent scans, all traffic routes through the active
-// VPN tunnel � not just the site that requested it. For isolated
+// VPN tunnel � not just the site that requested it. For isolated
 // per-site VPN with concurrency, a SOCKS proxy approach is needed.
 
 const { execSync, spawn } = require('child_process');
@@ -77,13 +77,17 @@ function hasRootPrivileges() {
  * Detect if running inside WSL
  * @returns {boolean}
  */
-function isWSL() {
+const _isWSL = (() => {
   try {
     const release = fs.readFileSync('/proc/version', 'utf8').toLowerCase();
     return release.includes('microsoft') || release.includes('wsl');
   } catch {
     return false;
   }
+})();
+
+function isWSL() {
+  return _isWSL;
 }
 
 /**
@@ -122,9 +126,7 @@ function checkTunDevice() {
  * Ensure temp directory exists with secure permissions
  */
 function ensureTempDir() {
-  if (!fs.existsSync(TEMP_DIR)) {
-    fs.mkdirSync(TEMP_DIR, { recursive: true, mode: 0o755 });
-  }
+  fs.mkdirSync(TEMP_DIR, { recursive: true, mode: 0o755 });
 }
 
 /**
@@ -369,7 +371,7 @@ async function startConnection(configPath, vpnConfig, forceDebug = false) {
   const logPath = path.join(TEMP_DIR, `${connectionName}.log`);
 
   // Clean stale log
-  try { if (fs.existsSync(logPath)) fs.unlinkSync(logPath); } catch {}
+  try { fs.unlinkSync(logPath); } catch {}
 
   // Pre-create log file writable by all so sudo openvpn can write and user can read
   try { fs.writeFileSync(logPath, '', { mode: 0o666 }); } catch {}
@@ -380,9 +382,8 @@ async function startConnection(configPath, vpnConfig, forceDebug = false) {
     console.log(formatLogMessage('debug', `[openvpn] Starting: openvpn ${args.join(' ')}`));
   }
 
-  // Spawn OpenVPN � it daemonizes itself via --daemon, but we spawn
+  // Spawn OpenVPN — it daemonizes itself via --daemon, but we spawn
   // without --daemon so we can track the process directly
-  const filteredArgs = args.filter(a => a !== '--daemon' && a !== connectionName);
   // Remove --daemon and its argument from args, run in foreground
   const fgArgs = [];
   for (let i = 0; i < args.length; i++) {
@@ -508,9 +509,7 @@ function cleanupConnectionFiles(connectionName) {
   ];
 
   for (const file of filesToClean) {
-    try {
-      if (fs.existsSync(file)) fs.unlinkSync(file);
-    } catch {}
+    try { fs.unlinkSync(file); } catch {}
   }
 }
 
@@ -582,11 +581,9 @@ function getConnectionStatus(connectionName) {
 
   // Read last few lines of log
   try {
-    if (fs.existsSync(info.logPath)) {
-      const log = fs.readFileSync(info.logPath, 'utf8');
-      const lines = log.trim().split('\n');
-      status.lastLog = lines.slice(-3).join('\n');
-    }
+    const log = fs.readFileSync(info.logPath, 'utf8');
+    const lines = log.trim().split('\n');
+    status.lastLog = lines.slice(-3).join('\n');
   } catch {}
 
   return status;
@@ -694,12 +691,12 @@ function validateOvpnConfig(ovpnConfig) {
 
   // Privilege check
   if (!hasRootPrivileges()) {
-    result.warnings.push('OpenVPN requires root privileges � run with sudo');
+    result.warnings.push('OpenVPN requires root privileges � run with sudo');
   }
 
   // WSL checks
   if (isWSL()) {
-    result.warnings.push('Running on WSL2 � ensure TUN module is loaded: sudo modprobe tun');
+    result.warnings.push('Running on WSL2 � ensure TUN module is loaded: sudo modprobe tun');
     const tunCheck = checkTunDevice();
     if (!tunCheck.available) {
       result.warnings.push(tunCheck.error);
@@ -862,9 +859,7 @@ function disconnectAll(forceDebug = false) {
   }
 
   // Clean up entire temp directory
-  if (fs.existsSync(TEMP_DIR)) {
-    try { fs.rmSync(TEMP_DIR, { recursive: true, force: true }); } catch {}
-  }
+  try { fs.rmSync(TEMP_DIR, { recursive: true, force: true }); } catch {}
 
   if (forceDebug && results.tornDown > 0) {
     console.log(formatLogMessage('debug',

package/lib/output.js

@@ -5,6 +5,9 @@ const { getTotalDomainsSkipped } = require('./domain-cache');
 const { loadComparisonRules, filterUniqueRules } = require('./compare');
 const { colorize, colors, messageColors, tags, formatLogMessage } = require('./colorize');
 
+// Cache for compiled wildcard regex patterns in matchesIgnoreDomain
+const wildcardRegexCache = new Map();
+
 /**
  * Check if domain matches any ignore patterns (supports wildcards)
  * @param {string} domain - Domain to check
@@ -37,11 +40,14 @@ function matchesIgnoreDomain(domain, ignorePatterns) {
         const baseDomain = pattern.slice(0, -2); // Remove ".*"
         return domain.startsWith(baseDomain + '.');
       } else {
-        // Complex wildcard pattern
-        const regexPattern = pattern
-          .replace(/\./g, '\\.')  // Escape dots
-          .replace(/\*/g, '.*');  // Convert * to .*
-        return new RegExp(`^${regexPattern}$`).test(domain);
+        // Complex wildcard pattern (cached)
+        if (!wildcardRegexCache.has(pattern)) {
+          const regexPattern = pattern
+            .replace(/\./g, '\\.')  // Escape dots
+            .replace(/\*/g, '.*');  // Convert * to .*
+          wildcardRegexCache.set(pattern, new RegExp(`^${regexPattern}$`));
+        }
+        return wildcardRegexCache.get(pattern).test(domain);
       }
     } else {
       // Exact pattern matching
@@ -435,7 +441,7 @@ function writeOutput(lines, outputFile = null, silentMode = false) {
     if (outputFile) {
       // Ensure output directory exists
       const outputDir = path.dirname(outputFile);
-      if (outputDir !== '.' && !fs.existsSync(outputDir)) {
+      if (outputDir !== '.') {
         fs.mkdirSync(outputDir, { recursive: true });
       }
       

package/lib/validate_rules.js

@@ -1,5 +1,11 @@
 const { formatLogMessage } = require('./colorize');
 
+// Pre-compiled regex constants for validation
+const REGEX_LABEL = /^[a-zA-Z0-9-]+$/;
+const REGEX_TLD = /^[a-zA-Z][a-zA-Z0-9]*$/;
+const REGEX_IPv4 = /^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$/;
+const REGEX_IPv6 = /^(?:[0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$|^::$|^::1$|^(?:[0-9a-fA-F]{1,4}:)*::(?:[0-9a-fA-F]{1,4}:)*[0-9a-fA-F]{1,4}$/;
+
 /**
  * Enhanced domain validation function
  * @param {string} domain - The domain to validate
@@ -88,8 +94,7 @@ function isValidDomainLabel(label) {
   }
   
   // Label can only contain alphanumeric characters and hyphens
-  const labelRegex = /^[a-zA-Z0-9-]+$/;
-  if (!labelRegex.test(label)) {
+  if (!REGEX_LABEL.test(label)) {
     return false;
   }
   
@@ -115,8 +120,7 @@ function isValidTLD(tld) {
   // but still validate structure
   
   // TLD can contain letters and numbers, but must start with letter
-  const tldRegex = /^[a-zA-Z][a-zA-Z0-9]*$/;
-  if (!tldRegex.test(tld)) {
+  if (!REGEX_TLD.test(tld)) {
     return false;
   }
   
@@ -138,8 +142,7 @@ function isIPAddress(str) {
  * @returns {boolean} True if valid IPv4
  */
 function isIPv4(str) {
-  const ipv4Regex = /^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$/;
-  return ipv4Regex.test(str);
+  return REGEX_IPv4.test(str);
 }
 
 /**
@@ -148,9 +151,7 @@ function isIPv4(str) {
  * @returns {boolean} True if valid IPv6
  */
 function isIPv6(str) {
-  // Simplified IPv6 regex - covers most common cases
-  const ipv6Regex = /^(?:[0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$|^::$|^::1$|^(?:[0-9a-fA-F]{1,4}:)*::(?:[0-9a-fA-F]{1,4}:)*[0-9a-fA-F]{1,4}$/;
-  return ipv6Regex.test(str);
+  return REGEX_IPv6.test(str);
 }
 
 /**
@@ -467,15 +468,7 @@ function validateRulesetFile(filePath, options = {}) {
   } = options;
   
   const fs = require('fs');
-  
-  if (!fs.existsSync(filePath)) {
-    return {
-      isValid: false,
-      error: `File not found: ${filePath}`,
-      stats: { total: 0, valid: 0, invalid: 0, comments: 0 }
-    };
-  }
-  
+
   let content;
   try {
     content = fs.readFileSync(filePath, 'utf8');
@@ -721,15 +714,7 @@ function cleanRulesetFile(filePath, outputPath = null, options = {}) {
   
   const fs = require('fs');
   const path = require('path');
-  
-  if (!fs.existsSync(filePath)) {
-    return {
-      success: false,
-      error: `File not found: ${filePath}`,
-      stats: { total: 0, valid: 0, invalid: 0, removed: 0, duplicates: 0 }
-    };
-  }
-  
+
   let content;
   try {
     content = fs.readFileSync(filePath, 'utf8');

package/nwss.js

@@ -4,6 +4,7 @@
 // const pLimit = require('p-limit'); // Will be dynamically imported
 const puppeteer = require('puppeteer');
 const fs = require('fs');
+const os = require('os');
 const psl = require('psl');
 const path = require('path');
 const { createGrepHandler, validateGrepAvailability } = require('./lib/grep');
@@ -151,7 +152,7 @@ function detectPuppeteerVersion() {
 // Enhanced redirect handling
 const { navigateWithRedirectHandling, handleRedirectTimeout } = require('./lib/redirect');
 // Ensure web browser is working correctly
-const { monitorBrowserHealth, isBrowserHealthy, isQuicklyResponsive, performGroupWindowCleanup, performRealtimeWindowCleanup, trackPageForRealtime, updatePageUsage, cleanupPageBeforeReload, purgeStaleTrackers } = require('./lib/browserhealth');
+const { monitorBrowserHealth, isBrowserHealthy, isQuicklyResponsive, performGroupWindowCleanup, performRealtimeWindowCleanup, trackPageForRealtime, updatePageUsage, untrackPage, cleanupPageBeforeReload, purgeStaleTrackers } = require('./lib/browserhealth');
 
 // --- Script Configuration & Constants --- 
 const VERSION = '2.0.33'; // Script version
@@ -1375,7 +1376,7 @@ function setupFrameHandling(page, forceDebug) {
    */
   async function createBrowser(extraArgs = []) {
     // Create temporary user data directory that we can fully control and clean up
-    const tempUserDataDir = `/tmp/puppeteer-${Date.now()}-${Math.random().toString(36).substring(7)}`;
+    const tempUserDataDir = path.join(os.tmpdir(), `puppeteer-${Date.now()}-${Math.random().toString(36).substring(7)}`);
     userDataDir = tempUserDataDir; // Store for cleanup tracking (use outer scope variable)
 
     // Try to find system Chrome installation to avoid Puppeteer downloads
@@ -1405,11 +1406,15 @@ function setupFrameHandling(page, forceDebug) {
     }
 
     const systemChromePaths = [
+      // Linux / WSL
       '/usr/bin/google-chrome-stable',
       '/usr/bin/google-chrome',
       '/usr/bin/chromium-browser',
       '/usr/bin/chromium',
-      '/snap/bin/chromium'
+      '/snap/bin/chromium',
+      // macOS
+      '/Applications/Google Chrome.app/Contents/MacOS/Google Chrome',
+      '/Applications/Chromium.app/Contents/MacOS/Chromium'
     ];
     // V8 Optimization: Freeze the Chrome paths array since it's constant
     Object.freeze(systemChromePaths);
@@ -3894,6 +3899,7 @@ function setupFrameHandling(page, forceDebug) {
         }
 
         try {
+          untrackPage(page);
           await page.close();
           if (forceDebug) console.log(formatLogMessage('debug', `Page closed for ${currentUrl}`));
         } catch (pageCloseErr) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@fanboynz/network-scanner",
-  "version": "2.0.57",
+  "version": "2.0.58",
   "description": "A Puppeteer-based network scanner for analyzing web traffic, generating adblock filter rules, and identifying third-party requests. Features include fingerprint spoofing, Cloudflare bypass, content analysis with curl/grep, and multiple output formats.",
   "main": "nwss.js",
   "scripts": {

package/.clauderc

@@ -1,30 +0,0 @@
-{
-  "description": "Network scanner that monitors website requests and generates blocking rules. Uses Puppeteer to load sites, intercepts network traffic, matches patterns, and outputs rules in various formats (adblock, dnsmasq, hosts file, etc.).",
-  
-  "conventions": [
-    "Store modular functionality in ./lib/ directory with focused, single-purpose modules",
-    "Use messageColors and formatLogMessage from ./lib/colorize for consistent console output",
-    "Implement timeout protection for all Puppeteer operations using Promise.race patterns",
-    "Handle browser lifecycle with comprehensive cleanup in try-finally blocks",
-    "Validate all external tool availability before use (grep, curl, whois, dig)",
-    "Use forceDebug flag for detailed logging, silentMode for minimal output"
-  ],
-  
-  "files": {
-    "important": [
-      "nwss.js",
-      "config.json",
-      "lib/*.js",
-      "*.md",
-      "nwss.1"
-    ],
-    "ignore": [
-      "node_modules/**",
-      "logs/**",
-      "sources/**",
-      ".cache/**",
-      "*.log",
-      "*.gz"
-    ]
-  }
-}