@j3r3mcdev/scoring 1.0.0

package/src/reporters/html/HTMLReporter.ts

@@ -0,0 +1,240 @@
+/**
+ * ─────────────────────────────────────────────────────────────
+ *  HTML REPORTER — Version PRO
+ *  Génère un rapport HTML structuré, lisible et sécurisé.
+ * ─────────────────────────────────────────────────────────────
+ */
+
+import { BaseReporter } from "../base/BaseReporter";
+import { ReporterMetadata, ReporterOutput } from "../base/ReporterTypes";
+import { Finding, CorrelationChain } from "../../core/scoring-types";
+
+import {
+  escapeHtml,
+  renderHtmlTable,
+  renderHtmlList,
+  renderHtmlParagraph,
+} from "../../utils/report-utils";
+import { sortFindingsBySeverity } from "../../utils/finding-utils";
+import { sortChains, chainSummary } from "../../utils/chain-utils";
+import { scoreInfo } from "../../utils/score-utils";
+import { formatIso } from "../../utils/date-utils";
+
+function severityClass(severity: Finding["severity"]): string {
+  switch (severity) {
+    case "critical":
+      return "sev-critical";
+    case "high":
+      return "sev-high";
+    case "medium":
+      return "sev-medium";
+    case "low":
+      return "sev-low";
+    default:
+      return "sev-unknown";
+  }
+}
+
+export class HTMLReporter extends BaseReporter {
+  getName(): string {
+    return "html";
+  }
+
+  getExtension(): string {
+    return ".html";
+  }
+
+  generate(
+    findings: Finding[],
+    chains: CorrelationChain[],
+    metadata: ReporterMetadata = {},
+  ): ReporterOutput {
+    this.validateInput(findings, chains);
+
+    const { findings: preparedFindings, chains: preparedChains } =
+      this.prepareData(findings, chains);
+
+    const generatedAt = metadata.generatedAt ?? Date.now();
+    const generatedAtIso = formatIso(generatedAt);
+
+    const title = metadata.title ?? "Security Scan Report";
+
+    const summaryTable = renderHtmlTable(
+      ["Metric", "Value"],
+      [
+        ["Total Findings", String(preparedFindings.length)],
+        ["Total Chains", String(preparedChains.length)],
+        [
+          "Critical",
+          String(
+            preparedFindings.filter((f) => f.severity === "critical").length,
+          ),
+        ],
+        [
+          "High",
+          String(preparedFindings.filter((f) => f.severity === "high").length),
+        ],
+        [
+          "Medium",
+          String(
+            preparedFindings.filter((f) => f.severity === "medium").length,
+          ),
+        ],
+        [
+          "Low",
+          String(preparedFindings.filter((f) => f.severity === "low").length),
+        ],
+      ],
+    );
+
+    const findingsHtml =
+      preparedFindings.length === 0
+        ? renderHtmlParagraph("_No findings detected._")
+        : preparedFindings
+            .map((f) => {
+              const info = scoreInfo(f.score / 100);
+
+              const evidenceHtml =
+                f.evidence && f.evidence.length
+                  ? `<h4>Evidence</h4>${renderHtmlList(
+                      f.evidence.map((e) => String(e)),
+                    )}`
+                  : "";
+
+              const chainsHtml =
+                f.chains && f.chains.length
+                  ? `<h4>Related Chains</h4>${renderHtmlList(
+                      f.chains.map((c) => chainSummary(c)),
+                    )}`
+                  : "";
+
+              return `
+<section class="finding ${severityClass(f.severity)}">
+  <h3>${escapeHtml(f.vulnerability.toUpperCase())}</h3>
+  <p><strong>Severity:</strong> ${escapeHtml(f.severity)}</p>
+  <p><strong>Score:</strong> ${info.normalized} (${escapeHtml(info.label)})</p>
+  ${f.details ? `<h4>Details</h4>${renderHtmlParagraph(f.details)}` : ""}
+  ${evidenceHtml}
+  ${chainsHtml}
+</section>`;
+            })
+            .join("\n");
+
+    const chainsHtml =
+      preparedChains.length === 0
+        ? renderHtmlParagraph("_No chains detected._")
+        : renderHtmlList(preparedChains.map((c) => chainSummary(c)));
+
+    const html = `<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="utf-8" />
+  <title>${escapeHtml(title)}</title>
+  <style>
+    body {
+      font-family: system-ui, -apple-system, BlinkMacSystemFont, "Segoe UI", sans-serif;
+      margin: 0;
+      padding: 2rem;
+      background: #0b1020;
+      color: #f5f7ff;
+    }
+    h1, h2, h3, h4 {
+      color: #ffffff;
+    }
+    a {
+      color: #7aa2ff;
+    }
+    table {
+      border-collapse: collapse;
+      width: 100%;
+      margin: 1rem 0;
+      background: #11162a;
+    }
+    th, td {
+      border: 1px solid #252b45;
+      padding: 0.5rem 0.75rem;
+      text-align: left;
+    }
+    th {
+      background: #181e36;
+      font-weight: 600;
+    }
+    tr:nth-child(even) td {
+      background: #101528;
+    }
+    .finding {
+      border: 1px solid #252b45;
+      border-left-width: 4px;
+      padding: 1rem;
+      margin: 1rem 0;
+      background: #11162a;
+      border-radius: 4px;
+    }
+    .sev-critical { border-left-color: #ff4b5c; }
+    .sev-high { border-left-color: #ff9f43; }
+    .sev-medium { border-left-color: #feca57; }
+    .sev-low { border-left-color: #1dd1a1; }
+    ul {
+      padding-left: 1.5rem;
+    }
+    code {
+      font-family: "Fira Code", ui-monospace, SFMono-Regular, Menlo, Monaco, Consolas, "Liberation Mono", "Courier New", monospace;
+      background: #181e36;
+      padding: 0.1rem 0.25rem;
+      border-radius: 3px;
+    }
+    .meta {
+      margin-bottom: 1.5rem;
+      font-size: 0.95rem;
+      color: #c3c8e8;
+    }
+    .section {
+      margin-top: 2rem;
+    }
+  </style>
+</head>
+<body>
+  <h1>${escapeHtml(title)}</h1>
+
+  <div class="meta">
+    <p><strong>Generated at:</strong> ${escapeHtml(generatedAtIso)}</p>
+    <p><strong>Target:</strong> ${escapeHtml(metadata.target ?? "unknown")}</p>
+    <p><strong>Engine version:</strong> ${escapeHtml(
+      metadata.version ?? "1.0.0",
+    )}</p>
+  </div>
+
+  <section class="section">
+    <h2>Summary</h2>
+    ${summaryTable}
+  </section>
+
+  <section class="section">
+    <h2>Findings</h2>
+    ${findingsHtml}
+  </section>
+
+  <section class="section">
+    <h2>Correlation Chains</h2>
+    ${chainsHtml}
+  </section>
+</body>
+</html>`;
+
+    return {
+      filename: `report${this.getExtension()}`,
+      content: html,
+      mime: "text/html",
+    };
+  }
+
+  protected prepareData(
+    findings: Finding[],
+    chains: CorrelationChain[],
+  ): { findings: Finding[]; chains: CorrelationChain[] } {
+    return {
+      findings: sortFindingsBySeverity(findings),
+      chains: sortChains(chains),
+    };
+  }
+}

package/src/reporters/json/JSONReporter.ts

@@ -0,0 +1,98 @@
+/**
+ * ─────────────────────────────────────────────────────────────
+ *  JSON REPORTER — Version PRO
+ *  Génère un rapport JSON structuré, stable et lisible.
+ * ─────────────────────────────────────────────────────────────
+ */
+
+import { BaseReporter } from "../base/BaseReporter";
+import { ReporterMetadata, ReporterOutput } from "../base/ReporterTypes";
+import { Finding, CorrelationChain } from "../../core/scoring-types";
+
+import { sortFindingsBySeverity } from "../../utils/finding-utils";
+import { sortChains } from "../../utils/chain-utils";
+import { scoreInfo } from "../../utils/score-utils";
+import { formatIso } from "../../utils/date-utils";
+
+export class JSONReporter extends BaseReporter {
+  getName(): string {
+    return "json";
+  }
+
+  getExtension(): string {
+    return ".json";
+  }
+
+  generate(
+    findings: Finding[],
+    chains: CorrelationChain[],
+    metadata: ReporterMetadata = {},
+  ): ReporterOutput {
+    this.validateInput(findings, chains);
+
+    const { findings: preparedFindings, chains: preparedChains } =
+      this.prepareData(findings, chains);
+
+    const report = {
+      format: "json",
+      generatedAt: metadata.generatedAt ?? Date.now(),
+      generatedAtIso: formatIso(metadata.generatedAt ?? Date.now()),
+      title: metadata.title ?? "Security Scan Report",
+      target: metadata.target ?? "unknown",
+      version: metadata.version ?? "1.0.0",
+
+      summary: {
+        totalFindings: preparedFindings.length,
+        totalChains: preparedChains.length,
+        severities: {
+          critical: preparedFindings.filter((f) => f.severity === "critical")
+            .length,
+          high: preparedFindings.filter((f) => f.severity === "high").length,
+          medium: preparedFindings.filter((f) => f.severity === "medium")
+            .length,
+          low: preparedFindings.filter((f) => f.severity === "low").length,
+        },
+      },
+
+      findings: preparedFindings.map((f) => ({
+        ...f,
+        scoreInfo: scoreInfo(f.score / 100), // ton score brut est 0–100
+      })),
+
+      chains: preparedChains.map((c) => ({
+        ...c,
+        confidenceLabel:
+          c.confidence >= 0.9
+            ? "very_high"
+            : c.confidence >= 0.75
+              ? "high"
+              : c.confidence >= 0.5
+                ? "medium"
+                : c.confidence >= 0.25
+                  ? "low"
+                  : "very_low",
+      })),
+    };
+
+    return {
+      filename: `report${this.getExtension()}`,
+      content: JSON.stringify(report, null, 2),
+      mime: "application/json",
+    };
+  }
+
+  /**
+   * Prépare les données avant génération :
+   * - tri des findings par sévérité
+   * - tri des chains par confiance
+   */
+  protected prepareData(
+    findings: Finding[],
+    chains: CorrelationChain[],
+  ): { findings: Finding[]; chains: CorrelationChain[] } {
+    return {
+      findings: sortFindingsBySeverity(findings),
+      chains: sortChains(chains),
+    };
+  }
+}

package/src/reporters/markdown/MarkdownReporter.ts

@@ -0,0 +1,157 @@
+/**
+ * ─────────────────────────────────────────────────────────────
+ *  MARKDOWN REPORTER — Version PRO
+ *  Génère un rapport Markdown propre, lisible et structuré.
+ * ─────────────────────────────────────────────────────────────
+ */
+
+import { BaseReporter } from "../base/BaseReporter";
+import { ReporterMetadata, ReporterOutput } from "../base/ReporterTypes";
+import { Finding, CorrelationChain } from "../../core/scoring-types";
+
+import {
+  escapeMarkdown,
+  renderTable,
+  renderList,
+  renderSection,
+} from "../../utils/report-utils";
+import { sortFindingsBySeverity } from "../../utils/finding-utils";
+import { sortChains, chainSummary } from "../../utils/chain-utils";
+import { scoreInfo } from "../../utils/score-utils";
+import { formatIso } from "../../utils/date-utils";
+
+export class MarkdownReporter extends BaseReporter {
+  getName(): string {
+    return "markdown";
+  }
+
+  getExtension(): string {
+    return ".md";
+  }
+
+  generate(
+    findings: Finding[],
+    chains: CorrelationChain[],
+    metadata: ReporterMetadata = {},
+  ): ReporterOutput {
+    this.validateInput(findings, chains);
+
+    const { findings: preparedFindings, chains: preparedChains } =
+      this.prepareData(findings, chains);
+
+    const generatedAt = metadata.generatedAt ?? Date.now();
+    const generatedAtIso = formatIso(generatedAt);
+
+    // ─────────────────────────────────────────────────────────────
+    // HEADER
+    // ─────────────────────────────────────────────────────────────
+    let md = `# ${escapeMarkdown(metadata.title ?? "Security Scan Report")}\n\n`;
+
+    md += `**Generated at:** ${generatedAtIso}\n\n`;
+    md += `**Target:** ${escapeMarkdown(metadata.target ?? "unknown")}\n\n`;
+    md += `**Engine version:** ${escapeMarkdown(metadata.version ?? "1.0.0")}\n\n`;
+
+    // ─────────────────────────────────────────────────────────────
+    // SUMMARY
+    // ─────────────────────────────────────────────────────────────
+    md += renderSection(
+      "Summary",
+      renderTable(
+        ["Metric", "Value"],
+        [
+          ["Total Findings", String(preparedFindings.length)],
+          ["Total Chains", String(preparedChains.length)],
+          [
+            "Critical",
+            String(
+              preparedFindings.filter((f) => f.severity === "critical").length,
+            ),
+          ],
+          [
+            "High",
+            String(
+              preparedFindings.filter((f) => f.severity === "high").length,
+            ),
+          ],
+          [
+            "Medium",
+            String(
+              preparedFindings.filter((f) => f.severity === "medium").length,
+            ),
+          ],
+          [
+            "Low",
+            String(preparedFindings.filter((f) => f.severity === "low").length),
+          ],
+        ],
+      ),
+    );
+
+    // ─────────────────────────────────────────────────────────────
+    // FINDINGS
+    // ─────────────────────────────────────────────────────────────
+    const findingsContent = preparedFindings
+      .map((f) => {
+        const info = scoreInfo(f.score / 100);
+
+        return (
+          `### ${escapeMarkdown(f.vulnerability.toUpperCase())}\n\n` +
+          `**Severity:** ${escapeMarkdown(f.severity)}\n\n` +
+          `**Score:** ${info.normalized} (${escapeMarkdown(info.label)})\n\n` +
+          (f.details
+            ? `**Details:**\n\n${escapeMarkdown(f.details)}\n\n`
+            : "") +
+          (f.evidence?.length
+            ? `**Evidence:**\n\n${renderList(
+                f.evidence.map((e) => escapeMarkdown(String(e))),
+              )}\n\n`
+            : "") +
+          (f.chains?.length
+            ? `**Related Chains:**\n\n${renderList(f.chains.map((c) => escapeMarkdown(chainSummary(c))))}\n\n`
+            : "")
+        );
+      })
+      .join("\n");
+
+    md += renderSection(
+      "Findings",
+      findingsContent || "_No findings detected._",
+    );
+
+    // ─────────────────────────────────────────────────────────────
+    // CHAINS
+    // ─────────────────────────────────────────────────────────────
+    const chainsContent = preparedChains
+      .map((c) => `- ${escapeMarkdown(chainSummary(c))}`)
+      .join("\n");
+
+    md += renderSection(
+      "Correlation Chains",
+      chainsContent || "_No chains detected._",
+    );
+
+    // ─────────────────────────────────────────────────────────────
+    // OUTPUT
+    // ─────────────────────────────────────────────────────────────
+    return {
+      filename: `report${this.getExtension()}`,
+      content: md,
+      mime: "text/markdown",
+    };
+  }
+
+  /**
+   * Prépare les données avant génération :
+   * - tri des findings par sévérité
+   * - tri des chains par confiance
+   */
+  protected prepareData(
+    findings: Finding[],
+    chains: CorrelationChain[],
+  ): { findings: Finding[]; chains: CorrelationChain[] } {
+    return {
+      findings: sortFindingsBySeverity(findings),
+      chains: sortChains(chains),
+    };
+  }
+}

package/src/reporters/reporter-factory.ts

@@ -0,0 +1,29 @@
+/**
+ * ─────────────────────────────────────────────────────────────
+ *  REPORTER FACTORY
+ *  Crée dynamiquement un reporter selon le format demandé.
+ * ─────────────────────────────────────────────────────────────
+ */
+
+import { ReporterFormat } from "./base/ReporterTypes";
+import { BaseReporter } from "./base/BaseReporter";
+
+import { JSONReporter } from "./json/JSONReporter";
+import { MarkdownReporter } from "./markdown/MarkdownReporter";
+import { HTMLReporter } from "./html/HTMLReporter";
+
+export function createReporter(format: ReporterFormat): BaseReporter {
+  switch (format) {
+    case "json":
+      return new JSONReporter();
+
+    case "markdown":
+      return new MarkdownReporter();
+
+    case "html":
+      return new HTMLReporter();
+
+    default:
+      throw new Error(`Unknown reporter format: ${format}`);
+  }
+}

package/src/rules/__tests__/dns.rule.test.ts

@@ -0,0 +1,42 @@
+import { DnsRule } from "../dns.rules";
+
+describe("DNS Rule", () => {
+  const rule = new DnsRule();
+
+  it("détecte une anomalie DNS", () => {
+    const ctx = {
+      events: [
+        {
+          id: "1",
+          source: "dns" as const,
+          timestamp: Date.now(),
+          metadata: {},
+          payload: "internal.localdomain",
+        },
+      ],
+      chains: [],
+    };
+
+    expect(rule.applies(ctx)).toBe(true);
+    const findings = rule.execute(ctx);
+    expect(findings.length).toBe(1);
+    expect(findings[0].vulnerability).toBe("dns");
+  });
+
+  it("ne détecte rien sur un domaine normal", () => {
+    const ctx = {
+      events: [
+        {
+          id: "1",
+          source: "dns" as const,
+          timestamp: Date.now(),
+          metadata: {},
+          payload: "google.com",
+        },
+      ],
+      chains: [],
+    };
+
+    expect(rule.applies(ctx)).toBe(false);
+  });
+});

package/src/rules/__tests__/http.rule.test.ts

@@ -0,0 +1,46 @@
+import { HttpRule } from "../http.rules";
+
+describe("HTTP Rule", () => {
+  const rule = new HttpRule();
+
+  it("détecte une anomalie HTTP", () => {
+    const ctx = {
+      events: [
+        {
+          id: "1",
+          source: "http" as const,
+          timestamp: Date.now(),
+          metadata: {
+            method: "TRACE",
+            path: "/",
+          },
+        },
+      ],
+      chains: [],
+    };
+
+    expect(rule.applies(ctx)).toBe(true);
+    const findings = rule.execute(ctx);
+    expect(findings.length).toBe(1);
+    expect(findings[0].vulnerability).toBe("http");
+  });
+
+  it("ne détecte rien sur une requête normale", () => {
+    const ctx = {
+      events: [
+        {
+          id: "1",
+          source: "http" as const,
+          timestamp: Date.now(),
+          metadata: {
+            method: "GET",
+            path: "/home",
+          },
+        },
+      ],
+      chains: [],
+    };
+
+    expect(rule.applies(ctx)).toBe(false);
+  });
+});

package/src/rules/__tests__/lfi.rule.test.ts

@@ -0,0 +1,42 @@
+import { LfiRule } from "../lfi.rule";
+
+describe("LFI Rule", () => {
+  const rule = new LfiRule();
+
+  it("détecte un payload LFI", () => {
+    const ctx = {
+      events: [
+        {
+          id: "1",
+          source: "http" as const,
+          timestamp: Date.now(),
+          metadata: {},
+          payload: "../../../../etc/passwd",
+        },
+      ],
+      chains: [],
+    };
+
+    expect(rule.applies(ctx)).toBe(true);
+    const findings = rule.execute(ctx);
+    expect(findings.length).toBe(1);
+    expect(findings[0].vulnerability).toBe("lfi");
+  });
+
+  it("ne détecte rien sur un payload normal", () => {
+    const ctx = {
+      events: [
+        {
+          id: "1",
+          source: "http" as const,
+          timestamp: Date.now(),
+          metadata: {},
+          payload: "/home/user/profile",
+        },
+      ],
+      chains: [],
+    };
+
+    expect(rule.applies(ctx)).toBe(false);
+  });
+});

package/src/rules/__tests__/path-traversal.rule.test.ts

@@ -0,0 +1,42 @@
+import { PathTraversalRule } from "../path-transversal.rule";
+
+describe("Path Traversal Rule", () => {
+  const rule = new PathTraversalRule();
+
+  it("détecte un path traversal", () => {
+    const ctx = {
+      events: [
+        {
+          id: "1",
+          source: "http" as const,
+          timestamp: Date.now(),
+          metadata: {},
+          payload: "../etc/passwd",
+        },
+      ],
+      chains: [],
+    };
+
+    expect(rule.applies(ctx)).toBe(true);
+    const findings = rule.execute(ctx);
+    expect(findings.length).toBe(1);
+    expect(findings[0].vulnerability).toBe("path_traversal");
+  });
+
+  it("ne détecte rien sur un payload normal", () => {
+    const ctx = {
+      events: [
+        {
+          id: "1",
+          source: "http" as const,
+          timestamp: Date.now(),
+          metadata: {},
+          payload: "/api/user",
+        },
+      ],
+      chains: [],
+    };
+
+    expect(rule.applies(ctx)).toBe(false);
+  });
+});