@j3r3mcdev/oast-server 1.1.1 → 1.1.3

package/dist/listeners/http/http.listener.d.ts

@@ -0,0 +1,17 @@
+import { Logger } from "../../core/logger";
+import { CoreRouter } from "../../core/router";
+export interface HttpListenerOptions {
+    port: number;
+    logger?: Logger;
+}
+export declare class HttpListener {
+    private router;
+    private options;
+    private server?;
+    private logger;
+    constructor(router: CoreRouter, options: HttpListenerOptions);
+    start(): Promise<void>;
+    stop(): Promise<void>;
+    private handleRequest;
+    private readBody;
+}

package/dist/listeners/listener.interface.d.ts

@@ -0,0 +1,4 @@
+export interface Listener {
+    start(): Promise<void>;
+    stop(): Promise<void>;
+}

package/dist/listeners/smtp/__tests__/smtp.extractor.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/listeners/smtp/__tests__/smtp.listener.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/listeners/smtp/smtp.extractor.d.ts

@@ -0,0 +1,12 @@
+export declare class SmtpExtractor {
+    static extract(session: any, body: string): {
+        ip: any;
+        from: any;
+        to: any;
+        subject: any;
+        raw: {
+            session: any;
+            body: string;
+        };
+    };
+}

package/dist/listeners/smtp/smtp.listener.d.ts

@@ -0,0 +1,13 @@
+import { CoreRouter } from "../../core/router";
+import { Logger } from "../../core/logger";
+export declare class SmtpListener {
+    private router;
+    private server;
+    private logger;
+    constructor(router: CoreRouter, options: {
+        server: any;
+        logger?: Logger;
+    });
+    start(): Promise<void>;
+    stop(): Promise<void>;
+}

package/dist/listeners/ssrf/__tests__/ssrf.extractor.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/listeners/ssrf/__tests__/ssrf.listener.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/listeners/ssrf/__tests__/ssrf.listener.test.js

@@ -14,10 +14,8 @@ globals_1.jest.mock("../../../core/event.normalizer");
     let router;
     let port;
     let listener;
-    (0, globals_1.beforeEach)(() => {
-        router = {
-            dispatch: globals_1.jest.fn(),
-        };
+    (0, globals_1.beforeEach)((done) => {
+        router = { dispatch: globals_1.jest.fn() };
         port = 12000 + Math.floor(Math.random() * 2000);
         ssrf_extractor_1.SsrfExtractor.extract.mockReturnValue({
             ip: "1.2.3.4",
@@ -40,6 +38,8 @@ globals_1.jest.mock("../../../core/event.normalizer");
             },
         });
         listener = new ssrf_listener_1.SsrfListener(router, port);
+        // 🔥 On attend que le serveur soit prêt
+        listener["server"].on("listening", done);
     });
     (0, globals_1.afterEach)(() => {
         listener.stop();
@@ -49,18 +49,6 @@ globals_1.jest.mock("../../../core/event.normalizer");
             const req = http_1.default.request({ hostname: "localhost", port, path: "/ssrf", method: "GET" }, (res) => {
                 (0, globals_1.expect)(res.statusCode).toBe(200);
                 (0, globals_1.expect)(router.dispatch).toHaveBeenCalledTimes(1);
-                (0, globals_1.expect)(router.dispatch).toHaveBeenCalledWith({
-                    id: "123",
-                    type: "ssrf",
-                    timestamp: 111,
-                    sourceIp: "1.2.3.4",
-                    request: {
-                        method: "GET",
-                        path: "/ssrf",
-                        headers: {},
-                        query: {},
-                    },
-                });
                 resolve();
             });
             req.end();

package/dist/listeners/ssrf/ssrf.extractor.d.ts

@@ -0,0 +1,10 @@
+export declare class SsrfExtractor {
+    static extract(req: any): {
+        ip: any;
+        method: any;
+        path: any;
+        headers: any;
+        query: any;
+        raw: any;
+    };
+}

package/dist/listeners/ssrf/ssrf.listener.d.ts

@@ -0,0 +1,8 @@
+import { CoreRouter } from "../../core/router";
+export declare class SsrfListener {
+    private router;
+    private server;
+    private logger;
+    constructor(router: CoreRouter, port: number);
+    stop(): void;
+}

package/dist/listeners/tcp/tcp.extractor.d.ts

@@ -0,0 +1,4 @@
+import { RawTcpEvent, NormalizedTcpEvent } from "../../types/event.types";
+export declare class TcpExtractor {
+    static normalize(raw: RawTcpEvent): NormalizedTcpEvent;
+}

package/dist/listeners/tcp/tcp.listener.d.ts

@@ -0,0 +1,18 @@
+import { Listener } from "../listener.interface";
+import { CoreRouter } from "../../core/router";
+import { StorageManager } from "../../core/storage";
+import { Logger } from "../../core/logger";
+export interface TcpListenerOptions {
+    port: number;
+    logger?: Logger;
+}
+export declare class TcpListener implements Listener {
+    private router;
+    private storage;
+    private options;
+    private server;
+    private logger;
+    constructor(router: CoreRouter, storage: StorageManager, options: TcpListenerOptions);
+    start(): Promise<void>;
+    stop(): Promise<void>;
+}

package/dist/listeners/webhook/__tests__/webhook.extractor.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/listeners/webhook/__tests__/webhook.listener.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/listeners/webhook/webhook.extractor.d.ts

@@ -0,0 +1,8 @@
+export declare class WebhookExtractor {
+    static extract(req: any, body: any): {
+        ip: any;
+        headers: any;
+        body: any;
+        raw: any;
+    };
+}

package/dist/listeners/webhook/webhook.listener.d.ts

@@ -0,0 +1,8 @@
+import { CoreRouter } from "../../core/router";
+export declare class WebhookListener {
+    private router;
+    private server;
+    private logger;
+    constructor(router: CoreRouter, port: number);
+    stop(): void;
+}

package/dist/listeners/websocket/__tests__/websocket.extractor.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/listeners/websocket/__tests__/websocket.listener.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/listeners/websocket/websocket.extractor.d.ts

@@ -0,0 +1,10 @@
+export declare class WebSocketExtractor {
+    static extract(ws: any, req: any, message: string): {
+        ip: any;
+        message: string;
+        raw: {
+            ws: any;
+            req: any;
+        };
+    };
+}

package/dist/listeners/websocket/websocket.listener.d.ts

@@ -0,0 +1,8 @@
+import { CoreRouter } from "../../core/router";
+export declare class WebSocketListener {
+    private router;
+    private server;
+    private logger;
+    constructor(router: CoreRouter, port: number);
+    stop(): void;
+}

package/dist/storage-adapters/adapters/__tests__/memory.storage.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/storage-adapters/adapters/memory.storage.d.ts

@@ -0,0 +1,21 @@
+import { Storage } from "../storage.interface";
+import { AnyNormalizedEvent } from "../../types/event.types";
+export declare class MemoryStorage implements Storage {
+    private events;
+    save(event: AnyNormalizedEvent): Promise<void>;
+    getEvent(id: string): Promise<AnyNormalizedEvent | null>;
+    listEvents(params: {
+        type?: string;
+        page?: number;
+        limit?: number;
+    }): Promise<AnyNormalizedEvent[]>;
+    getAll(): Promise<AnyNormalizedEvent[]>;
+    deleteEvent(id: string): Promise<boolean>;
+    clearEvents(): Promise<void>;
+    getStats(): Promise<{
+        total: number;
+        byType: Record<string, number>;
+    }>;
+    getById(id: string): Promise<AnyNormalizedEvent | null>;
+    delete(id: string): Promise<boolean>;
+}

package/dist/storage-adapters/storage.interface.d.ts

@@ -0,0 +1,18 @@
+import { AnyNormalizedEvent } from "../types/event.types";
+export interface StorageListParams {
+    type?: string;
+    page?: number;
+    limit?: number;
+}
+export interface Storage {
+    save(event: AnyNormalizedEvent): Promise<void>;
+    getEvent(id: string): Promise<AnyNormalizedEvent | null>;
+    listEvents(params: StorageListParams): Promise<AnyNormalizedEvent[]>;
+    deleteEvent(id: string): Promise<boolean>;
+    clearEvents(): Promise<void>;
+    getAll(): Promise<AnyNormalizedEvent[]>;
+    getStats(): Promise<{
+        total: number;
+        byType: Record<string, number>;
+    }>;
+}

package/dist/types/event.types.d.ts

@@ -0,0 +1,118 @@
+export interface RawEvent {
+    ip: string;
+    method: string;
+    path: string;
+    headers: Record<string, string | string[] | undefined>;
+    query: Record<string, any>;
+    body: any;
+    raw: any;
+}
+export interface RawDnsEvent {
+    ip: string;
+    query: string;
+    recordType: string;
+    raw: any;
+}
+export interface RawSmtpEvent {
+    ip: string;
+    from: string;
+    to: string[];
+    subject: string;
+    body: string;
+    raw: any;
+}
+export interface RawTcpEvent {
+    ip: string;
+    port: number;
+    data: string;
+    raw: any;
+}
+export interface RawSsrfEvent {
+    ip: string;
+    method: string | undefined;
+    path: string | undefined;
+    headers: Record<string, string | string[] | undefined>;
+    query: Record<string, any>;
+    raw: any;
+}
+export interface RawWebhookEvent {
+    ip: string;
+    headers: Record<string, string | string[] | undefined>;
+    body: any;
+    raw: any;
+}
+export interface RawWebSocketEvent {
+    ip: string;
+    message: string;
+    raw: any;
+}
+export interface NormalizedHttpEvent {
+    id: string;
+    type: "http";
+    timestamp: number;
+    sourceIp: string;
+    request: {
+        method: string;
+        path: string;
+        headers: Record<string, string | string[] | undefined>;
+        query: Record<string, any>;
+        body: any;
+    };
+}
+export interface NormalizedDnsEvent {
+    id: string;
+    type: "dns";
+    timestamp: number;
+    ip: string;
+    query: string;
+    recordType: string;
+    raw: any;
+}
+export interface NormalizedSmtpEvent {
+    id: string;
+    type: "smtp";
+    timestamp: number;
+    ip: string;
+    from: string;
+    to: string[];
+    subject: string;
+    body: string;
+    raw: any;
+}
+export interface NormalizedTcpEvent {
+    id: string;
+    type: "tcp";
+    timestamp: number;
+    ip: string;
+    port: number;
+    data: string;
+    raw: any;
+}
+export interface NormalizedSsrfEvent {
+    id: string;
+    type: "ssrf";
+    timestamp: number;
+    sourceIp: string;
+    request: {
+        method: string | undefined;
+        path: string | undefined;
+        headers: Record<string, string | string[] | undefined>;
+        query: Record<string, any>;
+    };
+}
+export interface NormalizedWebhookEvent {
+    id: string;
+    type: "webhook";
+    timestamp: number;
+    sourceIp: string;
+    headers: Record<string, string | string[] | undefined>;
+    body: any;
+}
+export interface NormalizedWebSocketEvent {
+    id: string;
+    type: "websocket";
+    timestamp: number;
+    sourceIp: string;
+    message: string;
+}
+export type AnyNormalizedEvent = NormalizedHttpEvent | NormalizedDnsEvent | NormalizedSmtpEvent | NormalizedTcpEvent | NormalizedSsrfEvent | NormalizedWebhookEvent | NormalizedWebSocketEvent;

package/jest.config.js

@@ -1,14 +1,14 @@
-const { createDefaultPreset } = require("ts-jest");
-
-const tsJestTransformCfg = createDefaultPreset().transform;
-
-/** @type {import("jest").Config} **/
-module.exports = {
-  testEnvironment: "node",
-  transform: {
-    ...tsJestTransformCfg,
-  },
-
-  // 🔥 Empêche Jest d'exécuter les tests compilés dans dist/
-  testPathIgnorePatterns: ["/dist/"],
-};
+const { createDefaultPreset } = require("ts-jest");
+
+const tsJestTransformCfg = createDefaultPreset().transform;
+
+/** @type {import("jest").Config} **/
+module.exports = {
+  testEnvironment: "node",
+  transform: {
+    ...tsJestTransformCfg,
+  },
+
+  // 🔥 Empêche Jest d'exécuter les tests compilés dans dist/
+  testPathIgnorePatterns: ["/dist/"],
+};

package/package.json

@@ -1,45 +1,45 @@
-{
-  "name": "@j3r3mcdev/oast-server",
-  "version": "1.1.1",
-  "description": "Modular OAST callback server for security auditing",
-  "main": "dist/index.js",
-  "types": "dist/index.d.ts",
-  "scripts": {
-    "dev": "ts-node-dev --respawn --transpile-only src/core/server.ts",
-    "build": "tsc -p tsconfig.json",
-    "start": "node dist/core/server.js",
-    "clean": "rimraf dist",
-    "test": "jest --passWithNoTests"
-  },
-  "keywords": [
-    "oast",
-    "security",
-    "ssrf",
-    "callback",
-    "audit",
-    "pentest"
-  ],
-  "author": "Jérémy",
-  "license": "MIT",
-  "dependencies": {
-    "body-parser": "^1.20.2",
-    "cors": "^2.8.5",
-    "dotenv": "^16.4.5",
-    "express": "^4.19.2",
-    "ioredis": "^5.4.1",
-    "ws": "^8.21.0"
-  },
-  "devDependencies": {
-    "@types/body-parser": "^1.19.5",
-    "@types/cors": "^2.8.17",
-    "@types/express": "^4.17.21",
-    "@types/jest": "^29.5.14",
-    "@types/node": "^20.12.7",
-    "@types/ws": "^8.18.1",
-    "jest": "^29.7.0",
-    "rimraf": "^5.0.5",
-    "ts-jest": "^29.4.11",
-    "ts-node-dev": "^2.0.0",
-    "typescript": "^5.4.5"
-  }
-}
+{
+  "name": "@j3r3mcdev/oast-server",
+  "version": "1.1.3",
+  "description": "Modular OAST callback server for security auditing",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "scripts": {
+    "dev": "ts-node-dev --respawn --transpile-only src/core/server.ts",
+    "build": "tsc -p tsconfig.json",
+    "start": "node dist/core/server.js",
+    "clean": "rimraf dist",
+    "test": "jest --passWithNoTests"
+  },
+  "keywords": [
+    "oast",
+    "security",
+    "ssrf",
+    "callback",
+    "audit",
+    "pentest"
+  ],
+  "author": "Jérémy",
+  "license": "MIT",
+  "dependencies": {
+    "body-parser": "^1.20.2",
+    "cors": "^2.8.5",
+    "dotenv": "^16.4.5",
+    "express": "^4.19.2",
+    "ioredis": "^5.4.1",
+    "ws": "^8.21.0"
+  },
+  "devDependencies": {
+    "@types/body-parser": "^1.19.5",
+    "@types/cors": "^2.8.17",
+    "@types/express": "^4.17.21",
+    "@types/jest": "^29.5.14",
+    "@types/node": "^20.12.7",
+    "@types/ws": "^8.18.1",
+    "jest": "^29.7.0",
+    "rimraf": "^5.0.5",
+    "ts-jest": "^29.4.11",
+    "ts-node-dev": "^2.0.0",
+    "typescript": "^5.4.5"
+  }
+}

package/sadmin list shadows

@@ -1,9 +1,9 @@
-8faa343 (HEAD -> feat/core-event, origin/main, main) HEAD@{0}: checkout: moving from main to feat/core-event
-8faa343 (HEAD -> feat/core-event, origin/main, main) HEAD@{1}: commit: ADD FULL architecture
-8f8f441 HEAD@{2}: commit: ADD CI/CD
-0c987a0 HEAD@{3}: commit: ADD CI/CD
-8aad148 HEAD@{4}: commit: ADD CI/CD
-e1f2959 HEAD@{5}: commit: ADD CI/CD
-271e3b1 HEAD@{6}: commit: ADD Architecture & package.json & tsconfig.json
-b840cd3 HEAD@{7}: Branch: renamed refs/heads/master to refs/heads/main
-b840cd3 HEAD@{9}: commit (initial): Initial project structure
+8faa343 (HEAD -> feat/core-event, origin/main, main) HEAD@{0}: checkout: moving from main to feat/core-event
+8faa343 (HEAD -> feat/core-event, origin/main, main) HEAD@{1}: commit: ADD FULL architecture
+8f8f441 HEAD@{2}: commit: ADD CI/CD
+0c987a0 HEAD@{3}: commit: ADD CI/CD
+8aad148 HEAD@{4}: commit: ADD CI/CD
+e1f2959 HEAD@{5}: commit: ADD CI/CD
+271e3b1 HEAD@{6}: commit: ADD Architecture & package.json & tsconfig.json
+b840cd3 HEAD@{7}: Branch: renamed refs/heads/master to refs/heads/main
+b840cd3 HEAD@{9}: commit (initial): Initial project structure