npm - @j3r3my/scan-orchestrator - Versions diffs - 1.0.0 - Mend

@j3r3my/scan-orchestrator 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (347) hide show

package/LICENSE ADDED Viewed

@@ -0,0 +1,21 @@
+MIT License
+Copyright (c) 2026 Corbeilla
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md ADDED Viewed

@@ -0,0 +1,230 @@
+# 🔍 Scan Orchestrator
+Moteur de scan de sécurité modulaire, typé et extensible.
+Il orchestre des tâches, exécute des workers d’attaque, normalise les résultats et produit un rapport unifié.
+## ✨ Features
+- 🧩 Architecture modulaire (tasks → workers → normalize)
+- ⚡ Scheduler + Dispatcher intégrés
+- 🛠️ Workers d’attaque complets :
+  - SQL Injection (Error, Time, Boolean, Union, Stacked)
+  - XSS (Reflected, Stored)
+  - LFI / RFI / Path Traversal
+  - Open Redirect
+  - XXE
+  - SSRF (classique)
+  - RCE
+  - Header Injection
+- 🧹 Normalisation avancée :
+  - normalize:context
+  - normalize:attack
+  - normalize:assets
+- 🧪 Tests Jest complets (typages + workers + mapping)
+- 🧱 Typage strict (TaskType, TaskPayloadMap, Scan, Findings…)
+---
+## 🏗️ Architecture
+```bash
+C:\DEV\SCAN-ORCHESTRATOR\SRC
+|   index.ts
+|   src-architecture.txt
+|
++---adapters
+|   +---queue
+|   |       QueueAdapter.ts
+|   |
+|   \---storage
+|           StorageAdapter.ts
+|
++---core
+|       Orchestrator.ts
+|       ScanStateManager.ts
+|       TaskDispatcher.ts
+|       TaskScheduler.ts
+|
++---types
+|   |   index.ts
+|   |
+|   +---analyze
+|   |       AnalyzeJsPayload.ts
+|   |       AnalyzePayload.ts
+|   |       index.ts
+|   |
+|   +---attack
+|   |   |   index.ts
+|   |   |
+|   |   +---client
+|   |   |       index.ts
+|   |   |       OpenRedirectPayload.ts
+|   |   |       XssReflectedPayload.ts
+|   |   |       XssStoredPayload.ts
+|   |   |
+|   |   +---common
+|   |   |       AttackBasePayload.ts
+|   |   |       GenericAttackPayload.ts
+|   |   |       index.ts
+|   |   |
+|   |   \---server
+|   |           HeadersPayload.ts
+|   |           index.ts
+|   |           LfiPayload.ts
+|   |           OpenRedirectPayload.ts
+|   |           PathTraversalPayload.ts
+|   |           RcePayload.ts
+|   |           RfiPayload.ts
+|   |           SqliBooleanPayload.ts
+|   |           SqliErrorPayload.ts
+|   |           SqliStackedPayload.ts
+|   |           SqliTimePayload.ts
+|   |           SqliUnionPayload.ts
+|   |           SsrfPayload.ts
+|   |           XxePayload.ts
+|   |
+|   +---core
+|   |       index.ts
+|   |       Scan.ts
+|   |       SecurityContextPayload.ts
+|   |       Task.ts
+|   |       TaskPayload.ts
+|   |       TaskPayloadMap.ts
+|   |       TaskType.ts
+|   |       WorkerResult.ts
+|   |
+|   +---crawls
+|   |       CrawlApiPayload.ts
+|   |       CrawlAssetsPayload.ts
+|   |       CrawlFormPayload.ts
+|   |       CrawlPagePayload.ts
+|   |       index.ts
+|   |
+|   +---normalize
+|   |       index.ts
+|   |       NormalizeAssetsPayload.ts
+|   |       NormalizeAttackPayload.ts
+|   |       NormalizeContextPayload.ts
+|   |
+|   \---__tests__
+|           attack-payloads.test.ts
+|           task-payload.test.ts
+|           task-type.failure.ts
+|           task-type.test.ts
+|           task.failure.ts
+|           task.test.ts
+|
+\---workers
+    +---analyze
+    |       domAnalyze.worker.ts
+    |       httpAnalyze.worker.ts
+    |
+    +---attack
+    |   |   headers.worker.ts
+    |   |   lfi.worker.ts
+    |   |   openRedirect.worker.ts
+    |   |   rfi.worker.ts
+    |   |   sqliBoolean.worker.ts
+    |   |   sqliError.worker.ts
+    |   |   sqliStacked.worker.ts
+    |   |   sqliTime.worker.ts
+    |   |   sqliUnion.worker.ts
+    |   |   xssReflected.worker.ts
+    |   |   xssStored.worker.ts
+    |   |
+    |   \---__tests__
+    |           headers.worker.test.ts
+    |           lfi.worker.test.ts
+    |           openRedirect.worker.test.ts
+    |           rfi.worker.test.ts
+    |           sqliBoolean.worker.test.ts
+    |           sqliError.worker.test.ts
+    |           sqliStacked.worker.test.ts
+    |           sqliTime.worker.test.ts
+    |           sqliUnion.worker.test.ts
+    |           xssReflected.worker.test.ts
+    |           xssStored.worker.test.ts
+    |
+    +---crawl
+    |       crawlApi.worker.ts
+    |       crawlAssets.worker.ts
+    |       crawlForm.worker.ts
+    |       crawlPage.worker.ts
+    |
+    \---normalize
+            normalizeAttack.worker.ts
+            normalizeContext.worker.ts
+```
+### 🔄 Flow général
+1. **Création du scan**
+2. **Génération des tâches**
+3. **Dispatch vers les workers**
+4. **Collecte des findings**
+5. **Normalisation**
+6. **Résultat final structuré**
+---
+## 🚀 Installation
+```bash
+npm install
+npm run build
+```
+\*\* Utilisation
+Lancer un scan
+```ts
+import { createScan } from "./src/core/createScan";
+const scan = await createScan({
+  target: "https://example.com",
+});
+console.log(scan.findings);
+```
+Ajouter un worker custom
+```ts
+export async function worker(payload) {
+  return {
+    taskType: "custom:task",
+    status: "success",
+    findings: [],
+    output: {},
+  };
+}
+```
+## Tests
+```bash
+npm run test
+```
+100% des workers testés
+Tests de typage strict (ts-expect-error)
+Tests de mapping TaskType → Payload
+Tests de normalize
+## Roadmap
+[ ] Serveur OAST externe (SSRF blind)
+[ ] DOM XSS Worker
+[ ] CSP Analyzer
+[ ] OpenAPI / GraphQL surface discovery
+[ ] Dashboard findings
+## Licence
+MIT

package/dist/src/adapters/queue/QueueAdapter.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ //# sourceMappingURL=QueueAdapter.d.ts.map

package/dist/src/adapters/queue/QueueAdapter.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"QueueAdapter.d.ts","sourceRoot":"","sources":["../../../../src/adapters/queue/QueueAdapter.ts"],"names":[],"mappings":""}

package/dist/src/adapters/queue/QueueAdapter.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ "use strict";
2	+ //# sourceMappingURL=QueueAdapter.js.map

package/dist/src/adapters/queue/QueueAdapter.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"QueueAdapter.js","sourceRoot":"","sources":["../../../../src/adapters/queue/QueueAdapter.ts"],"names":[],"mappings":""}

package/dist/src/adapters/storage/StorageAdapter.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ //# sourceMappingURL=StorageAdapter.d.ts.map

package/dist/src/adapters/storage/StorageAdapter.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"StorageAdapter.d.ts","sourceRoot":"","sources":["../../../../src/adapters/storage/StorageAdapter.ts"],"names":[],"mappings":""}

package/dist/src/adapters/storage/StorageAdapter.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ "use strict";
2	+ //# sourceMappingURL=StorageAdapter.js.map

package/dist/src/adapters/storage/StorageAdapter.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"StorageAdapter.js","sourceRoot":"","sources":["../../../../src/adapters/storage/StorageAdapter.ts"],"names":[],"mappings":""}

package/dist/src/core/Orchestrator.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ //# sourceMappingURL=Orchestrator.d.ts.map

package/dist/src/core/Orchestrator.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"Orchestrator.d.ts","sourceRoot":"","sources":["../../../src/core/Orchestrator.ts"],"names":[],"mappings":""}

package/dist/src/core/Orchestrator.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ "use strict";
2	+ //# sourceMappingURL=Orchestrator.js.map

package/dist/src/core/Orchestrator.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"Orchestrator.js","sourceRoot":"","sources":["../../../src/core/Orchestrator.ts"],"names":[],"mappings":""}

package/dist/src/core/ScanStateManager.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ //# sourceMappingURL=ScanStateManager.d.ts.map

package/dist/src/core/ScanStateManager.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"ScanStateManager.d.ts","sourceRoot":"","sources":["../../../src/core/ScanStateManager.ts"],"names":[],"mappings":""}

package/dist/src/core/ScanStateManager.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ "use strict";
2	+ //# sourceMappingURL=ScanStateManager.js.map

package/dist/src/core/ScanStateManager.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"ScanStateManager.js","sourceRoot":"","sources":["../../../src/core/ScanStateManager.ts"],"names":[],"mappings":""}

package/dist/src/core/TaskDispatcher.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ //# sourceMappingURL=TaskDispatcher.d.ts.map

package/dist/src/core/TaskDispatcher.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"TaskDispatcher.d.ts","sourceRoot":"","sources":["../../../src/core/TaskDispatcher.ts"],"names":[],"mappings":""}

package/dist/src/core/TaskDispatcher.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ "use strict";
2	+ //# sourceMappingURL=TaskDispatcher.js.map

package/dist/src/core/TaskDispatcher.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"TaskDispatcher.js","sourceRoot":"","sources":["../../../src/core/TaskDispatcher.ts"],"names":[],"mappings":""}

package/dist/src/core/TaskScheduler.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ //# sourceMappingURL=TaskScheduler.d.ts.map

package/dist/src/core/TaskScheduler.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"TaskScheduler.d.ts","sourceRoot":"","sources":["../../../src/core/TaskScheduler.ts"],"names":[],"mappings":""}

package/dist/src/core/TaskScheduler.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ "use strict";
2	+ //# sourceMappingURL=TaskScheduler.js.map

package/dist/src/core/TaskScheduler.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"TaskScheduler.js","sourceRoot":"","sources":["../../../src/core/TaskScheduler.ts"],"names":[],"mappings":""}

package/dist/src/index.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export * from "./types";
2	+ //# sourceMappingURL=index.d.ts.map

package/dist/src/index.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,SAAS,CAAC"}

package/dist/src/index.js ADDED Viewed

@@ -0,0 +1,18 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./types"), exports);
+//# sourceMappingURL=index.js.map

package/dist/src/index.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,0CAAwB"}

package/dist/src/types/__tests__/attack-payloads.test.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export {};
2	+ //# sourceMappingURL=attack-payloads.test.d.ts.map

package/dist/src/types/__tests__/attack-payloads.test.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"attack-payloads.test.d.ts","sourceRoot":"","sources":["../../../../src/types/__tests__/attack-payloads.test.ts"],"names":[],"mappings":""}

package/dist/src/types/__tests__/attack-payloads.test.js ADDED Viewed

@@ -0,0 +1,116 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+describe("Attack payloads typing", () => {
+    test("SqliTimePayload requires delay", () => {
+        const payload = {
+            url: "http://test",
+            method: "GET",
+            headers: {},
+            vector: "' OR SLEEP(5)--",
+            delay: 5000,
+        };
+        expect(payload.delay).toBe(5000);
+    });
+    test("SqliErrorPayload requires errorSignature", () => {
+        const payload = {
+            url: "http://test",
+            method: "GET",
+            headers: {},
+            vector: "' OR 1=1 --",
+            errorSignature: "SQL syntax error",
+        };
+        expect(payload.errorSignature).toBe("SQL syntax error");
+    });
+    test("SqliBooleanPayload accepts boolean-based SQLi vectors", () => {
+        const payload = {
+            url: "http://test",
+            method: "GET",
+            headers: {},
+            query: { q: "' OR '1'='1" },
+            body: {},
+        };
+        expect(payload.query.q).toBe("' OR '1'='1");
+    });
+    test("SqliUnionPayload accepts UNION-based SQLi vectors", () => {
+        const payload = {
+            url: "http://test",
+            method: "GET",
+            headers: {},
+            query: { q: "UNION SELECT 1,2" },
+            body: {},
+        };
+        expect(payload.query.q).toBe("UNION SELECT 1,2");
+    });
+    test("XxePayload requires xmlPayload", () => {
+        const payload = {
+            url: "http://test",
+            method: "POST",
+            headers: {},
+            vector: '<!DOCTYPE foo [ <!ENTITY xxe SYSTEM "file:///etc/passwd"> ]>',
+            xmlPayload: "<!DOCTYPE foo>",
+        };
+        expect(payload.xmlPayload).toBe("<!DOCTYPE foo>");
+    });
+    test("RcePayload requires command", () => {
+        const payload = {
+            url: "http://test",
+            method: "POST",
+            headers: {},
+            vector: "ls -la",
+            command: "ls -la",
+        };
+        expect(payload.command).toBe("ls -la");
+    });
+    test("PathTraversalPayload requires filePath", () => {
+        const payload = {
+            url: "http://test",
+            method: "GET",
+            headers: {},
+            vector: "../../../../etc/passwd",
+            filePath: "../../../../etc/passwd",
+        };
+        expect(payload.filePath).toBe("../../../../etc/passwd");
+    });
+    test("SqliStackedPayload accepts stacked SQLi vectors", () => {
+        const payload = {
+            url: "http://test",
+            method: "GET",
+            headers: {},
+            query: { q: "1; DROP TABLE users;" },
+        };
+        expect(payload.query.q).toBe("1; DROP TABLE users;");
+    });
+    test("OpenRedirectPayload accepts redirect parameters", () => {
+        const payload = {
+            url: "http://test",
+            method: "GET",
+            headers: {},
+            query: { redirect: "http://evil.com" },
+        };
+        expect(payload.query.redirect).toBe("http://evil.com");
+    });
+    test("XssReflectedPayload requires marker", () => {
+        const payload = {
+            url: "http://test",
+            method: "GET",
+            headers: {},
+            body: {},
+            query: {},
+            vector: "<script>alert(1)</script>",
+            marker: "XSS_MARKER",
+        };
+        expect(payload.marker).toBe("XSS_MARKER");
+    });
+    test("XssStoredPayload accepts stored XSS vectors", () => {
+        const payload = {
+            url: "http://test",
+            method: "POST",
+            headers: {},
+            body: {},
+            query: {},
+            vector: "<img src=x onerror=alert(1)>",
+        };
+        expect(payload.vector).toBe("<img src=x onerror=alert(1)>");
+    });
+});
+//# sourceMappingURL=attack-payloads.test.js.map

package/dist/src/types/__tests__/attack-payloads.test.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"attack-payloads.test.js","sourceRoot":"","sources":["../../../../src/types/__tests__/attack-payloads.test.ts"],"names":[],"mappings":";;AAYA,QAAQ,CAAC,wBAAwB,EAAE,GAAG,EAAE;IACtC,IAAI,CAAC,gCAAgC,EAAE,GAAG,EAAE;QAC1C,MAAM,OAAO,GAAoB;YAC/B,GAAG,EAAE,aAAa;YAClB,MAAM,EAAE,KAAK;YACb,OAAO,EAAE,EAAE;YACX,MAAM,EAAE,iBAAiB;YACzB,KAAK,EAAE,IAAI;SACZ,CAAC;QAEF,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACnC,CAAC,CAAC,CAAC;IAEH,IAAI,CAAC,0CAA0C,EAAE,GAAG,EAAE;QACpD,MAAM,OAAO,GAAqB;YAChC,GAAG,EAAE,aAAa;YAClB,MAAM,EAAE,KAAK;YACb,OAAO,EAAE,EAAE;YACX,MAAM,EAAE,aAAa;YACrB,cAAc,EAAE,kBAAkB;SACnC,CAAC;QAEF,MAAM,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;IAC1D,CAAC,CAAC,CAAC;IAEH,IAAI,CAAC,uDAAuD,EAAE,GAAG,EAAE;QACjE,MAAM,OAAO,GAAuB;YAClC,GAAG,EAAE,aAAa;YAClB,MAAM,EAAE,KAAK;YACb,OAAO,EAAE,EAAE;YACX,KAAK,EAAE,EAAE,CAAC,EAAE,aAAa,EAAE;YAC3B,IAAI,EAAE,EAAE;SACT,CAAC;QAEF,MAAM,CAAC,OAAO,CAAC,KAAM,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;IAC/C,CAAC,CAAC,CAAC;IAEH,IAAI,CAAC,mDAAmD,EAAE,GAAG,EAAE;QAC7D,MAAM,OAAO,GAAqB;YAChC,GAAG,EAAE,aAAa;YAClB,MAAM,EAAE,KAAK;YACb,OAAO,EAAE,EAAE;YACX,KAAK,EAAE,EAAE,CAAC,EAAE,kBAAkB,EAAE;YAChC,IAAI,EAAE,EAAE;SACT,CAAC;QAEF,MAAM,CAAC,OAAO,CAAC,KAAM,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;IACpD,CAAC,CAAC,CAAC;IAEH,IAAI,CAAC,gCAAgC,EAAE,GAAG,EAAE;QAC1C,MAAM,OAAO,GAAe;YAC1B,GAAG,EAAE,aAAa;YAClB,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,EAAE;YACX,MAAM,EAAE,8DAA8D;YACtE,UAAU,EAAE,gBAAgB;SAC7B,CAAC;QAEF,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;IACpD,CAAC,CAAC,CAAC;IAEH,IAAI,CAAC,6BAA6B,EAAE,GAAG,EAAE;QACvC,MAAM,OAAO,GAAe;YAC1B,GAAG,EAAE,aAAa;YAClB,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,EAAE;YACX,MAAM,EAAE,QAAQ;YAChB,OAAO,EAAE,QAAQ;SAClB,CAAC;QAEF,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IACzC,CAAC,CAAC,CAAC;IAEH,IAAI,CAAC,wCAAwC,EAAE,GAAG,EAAE;QAClD,MAAM,OAAO,GAAyB;YACpC,GAAG,EAAE,aAAa;YAClB,MAAM,EAAE,KAAK;YACb,OAAO,EAAE,EAAE;YACX,MAAM,EAAE,wBAAwB;YAChC,QAAQ,EAAE,wBAAwB;SACnC,CAAC;QAEF,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;IAC1D,CAAC,CAAC,CAAC;IAEH,IAAI,CAAC,iDAAiD,EAAE,GAAG,EAAE;QAC3D,MAAM,OAAO,GAAuB;YAClC,GAAG,EAAE,aAAa;YAClB,MAAM,EAAE,KAAK;YACb,OAAO,EAAE,EAAE;YACX,KAAK,EAAE,EAAE,CAAC,EAAE,sBAAsB,EAAE;SACrC,CAAC;QAEF,MAAM,CAAC,OAAO,CAAC,KAAM,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;IACxD,CAAC,CAAC,CAAC;IAEH,IAAI,CAAC,iDAAiD,EAAE,GAAG,EAAE;QAC3D,MAAM,OAAO,GAAwB;YACnC,GAAG,EAAE,aAAa;YAClB,MAAM,EAAE,KAAK;YACb,OAAO,EAAE,EAAE;YACX,KAAK,EAAE,EAAE,QAAQ,EAAE,iBAAiB,EAAE;SACvC,CAAC;QAEF,MAAM,CAAC,OAAO,CAAC,KAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;IAC1D,CAAC,CAAC,CAAC;IAEH,IAAI,CAAC,qCAAqC,EAAE,GAAG,EAAE;QAC/C,MAAM,OAAO,GAAwB;YACnC,GAAG,EAAE,aAAa;YAClB,MAAM,EAAE,KAAK;YACb,OAAO,EAAE,EAAE;YACX,IAAI,EAAE,EAAE;YACR,KAAK,EAAE,EAAE;YACT,MAAM,EAAE,2BAA2B;YACnC,MAAM,EAAE,YAAY;SACrB,CAAC;QAEF,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;IAC5C,CAAC,CAAC,CAAC;IAEH,IAAI,CAAC,6CAA6C,EAAE,GAAG,EAAE;QACvD,MAAM,OAAO,GAAqB;YAChC,GAAG,EAAE,aAAa;YAClB,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,EAAE;YACX,IAAI,EAAE,EAAE;YACR,KAAK,EAAE,EAAE;YACT,MAAM,EAAE,8BAA8B;SACvC,CAAC;QAEF,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC;IAC9D,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/src/types/__tests__/task-payload.test.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export {};
2	+ //# sourceMappingURL=task-payload.test.d.ts.map

package/dist/src/types/__tests__/task-payload.test.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"task-payload.test.d.ts","sourceRoot":"","sources":["../../../../src/types/__tests__/task-payload.test.ts"],"names":[],"mappings":""}

package/dist/src/types/__tests__/task-payload.test.js ADDED Viewed

@@ -0,0 +1,125 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+describe("TaskPayloadMap", () => {
+    it("accepte les bons payloads pour chaque TaskType", () => {
+        const page = {
+            url: "https://test.com",
+        };
+        const assets = {
+            url: "https://test.com",
+            includeJS: true,
+        };
+        const form = {
+            url: "https://test.com",
+            method: "POST",
+        };
+        const api = {
+            baseUrl: "https://api.test.com",
+            headers: { Authorization: "Bearer token" },
+            depth: 1,
+        };
+        const analyzeHttp = {
+            url: "https://test.com",
+            method: "GET",
+            headers: {},
+            body: "",
+            query: {},
+            response: { status: 200, headers: {}, body: "" },
+        };
+        const analyzeDom = {
+            url: "https://test.com/app.js",
+            code: "console.log('hello');",
+            isInline: false,
+            metadata: { size: 1234 },
+        };
+        const sqliTime = {
+            url: "https://test.com",
+            method: "GET",
+            headers: {},
+            body: {},
+            query: {},
+            vector: "' OR SLEEP(5)--",
+            delay: 5,
+        };
+        const sqliError = {
+            url: "https://test.com",
+            method: "GET",
+            headers: {},
+            body: {},
+            query: {},
+            vector: "' OR 1=1--",
+            errorSignature: "SQL syntax error",
+        };
+        const sqliBoolean = {
+            url: "https://test.com",
+            method: "GET",
+            headers: {},
+            body: {},
+            query: { q: "' OR '1'='1" },
+        };
+        const sqliUnion = {
+            url: "https://test.com",
+            method: "GET",
+            headers: {},
+            body: {},
+            query: { q: "UNION SELECT 1,2" },
+        };
+        const xssReflected = {
+            url: "https://test.com",
+            method: "GET",
+            headers: {},
+            body: {},
+            query: {},
+            vector: "<script>alert(1)</script>",
+            marker: "XSS_MARKER",
+        };
+        const xssStored = {
+            url: "https://test.com",
+            method: "POST",
+            headers: {},
+            body: {},
+            query: {},
+            vector: "<img src=x onerror=alert(1)>",
+        };
+        const lfi = {
+            url: "https://test.com",
+            method: "GET",
+            headers: {},
+            body: {},
+            query: {},
+            vector: "../../etc/passwd",
+            filePath: "/etc/passwd",
+        };
+        const rfi = {
+            url: "https://test.com",
+            method: "GET",
+            headers: {},
+            body: {},
+            query: {},
+            vector: "http://evil.com/shell.txt",
+            remoteUrl: "http://evil.com/shell.txt",
+        };
+        const normalizeAttack = {
+            rawFindings: [],
+            context: {},
+        };
+        const normalizeContext = {
+            context: {},
+        };
+        const normalizeAssets = {
+            rawAssets: [],
+            context: {},
+        };
+        expect(page.url).toBe("https://test.com");
+    });
+    it("rejette un mauvais payload pour un TaskType", () => {
+        // @ts-expect-error
+        const wrong = { method: "POST" };
+        // @ts-expect-error
+        const wrong2 = { url: 123 };
+        // @ts-expect-error
+        const wrongNormAssets = { foo: "bar" };
+        expect(true).toBe(true);
+    });
+});
+//# sourceMappingURL=task-payload.test.js.map

package/dist/src/types/__tests__/task-payload.test.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"task-payload.test.js","sourceRoot":"","sources":["../../../../src/types/__tests__/task-payload.test.ts"],"names":[],"mappings":";;AAGA,QAAQ,CAAC,gBAAgB,EAAE,GAAG,EAAE;IAC9B,EAAE,CAAC,gDAAgD,EAAE,GAAG,EAAE;QACxD,MAAM,IAAI,GAAwC;YAChD,GAAG,EAAE,kBAAkB;SACxB,CAAC;QAEF,MAAM,MAAM,GAA0C;YACpD,GAAG,EAAE,kBAAkB;YACvB,SAAS,EAAE,IAAI;SAChB,CAAC;QAEF,MAAM,IAAI,GAAwC;YAChD,GAAG,EAAE,kBAAkB;YACvB,MAAM,EAAE,MAAM;SACf,CAAC;QAEF,MAAM,GAAG,GAAuC;YAC9C,OAAO,EAAE,sBAAsB;YAC/B,OAAO,EAAE,EAAE,aAAa,EAAE,cAAc,EAAE;YAC1C,KAAK,EAAE,CAAC;SACT,CAAC;QAEF,MAAM,WAAW,GAA0C;YACzD,GAAG,EAAE,kBAAkB;YACvB,MAAM,EAAE,KAAK;YACb,OAAO,EAAE,EAAE;YACX,IAAI,EAAE,EAAE;YACR,KAAK,EAAE,EAAE;YACT,QAAQ,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE;SACjD,CAAC;QAEF,MAAM,UAAU,GAAyC;YACvD,GAAG,EAAE,yBAAyB;YAC9B,IAAI,EAAE,uBAAuB;YAC7B,QAAQ,EAAE,KAAK;YACf,QAAQ,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE;SACzB,CAAC;QAEF,MAAM,QAAQ,GAA8C;YAC1D,GAAG,EAAE,kBAAkB;YACvB,MAAM,EAAE,KAAK;YACb,OAAO,EAAE,EAAE;YACX,IAAI,EAAE,EAAE;YACR,KAAK,EAAE,EAAE;YACT,MAAM,EAAE,iBAAiB;YACzB,KAAK,EAAE,CAAC;SACT,CAAC;QAEF,MAAM,SAAS,GAA+C;YAC5D,GAAG,EAAE,kBAAkB;YACvB,MAAM,EAAE,KAAK;YACb,OAAO,EAAE,EAAE;YACX,IAAI,EAAE,EAAE;YACR,KAAK,EAAE,EAAE;YACT,MAAM,EAAE,YAAY;YACpB,cAAc,EAAE,kBAAkB;SACnC,CAAC;QAEF,MAAM,WAAW,GAAiD;YAChE,GAAG,EAAE,kBAAkB;YACvB,MAAM,EAAE,KAAK;YACb,OAAO,EAAE,EAAE;YACX,IAAI,EAAE,EAAE;YACR,KAAK,EAAE,EAAE,CAAC,EAAE,aAAa,EAAE;SAC5B,CAAC;QAEF,MAAM,SAAS,GAA+C;YAC5D,GAAG,EAAE,kBAAkB;YACvB,MAAM,EAAE,KAAK;YACb,OAAO,EAAE,EAAE;YACX,IAAI,EAAE,EAAE;YACR,KAAK,EAAE,EAAE,CAAC,EAAE,kBAAkB,EAAE;SACjC,CAAC;QAEF,MAAM,YAAY,GAAkD;YAClE,GAAG,EAAE,kBAAkB;YACvB,MAAM,EAAE,KAAK;YACb,OAAO,EAAE,EAAE;YACX,IAAI,EAAE,EAAE;YACR,KAAK,EAAE,EAAE;YACT,MAAM,EAAE,2BAA2B;YACnC,MAAM,EAAE,YAAY;SACrB,CAAC;QAEF,MAAM,SAAS,GAA+C;YAC5D,GAAG,EAAE,kBAAkB;YACvB,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,EAAE;YACX,IAAI,EAAE,EAAE;YACR,KAAK,EAAE,EAAE;YACT,MAAM,EAAE,8BAA8B;SACvC,CAAC;QAEF,MAAM,GAAG,GAAwC;YAC/C,GAAG,EAAE,kBAAkB;YACvB,MAAM,EAAE,KAAK;YACb,OAAO,EAAE,EAAE;YACX,IAAI,EAAE,EAAE;YACR,KAAK,EAAE,EAAE;YACT,MAAM,EAAE,kBAAkB;YAC1B,QAAQ,EAAE,aAAa;SACxB,CAAC;QAEF,MAAM,GAAG,GAAwC;YAC/C,GAAG,EAAE,kBAAkB;YACvB,MAAM,EAAE,KAAK;YACb,OAAO,EAAE,EAAE;YACX,IAAI,EAAE,EAAE;YACR,KAAK,EAAE,EAAE;YACT,MAAM,EAAE,2BAA2B;YACnC,SAAS,EAAE,2BAA2B;SACvC,CAAC;QAEF,MAAM,eAAe,GAA8C;YACjE,WAAW,EAAE,EAAE;YACf,OAAO,EAAE,EAAE;SACZ,CAAC;QAEF,MAAM,gBAAgB,GAA+C;YACnE,OAAO,EAAE,EAAE;SACZ,CAAC;QAEF,MAAM,eAAe,GAA8C;YACjE,SAAS,EAAE,EAAE;YACb,OAAO,EAAE,EAAE;SACZ,CAAC;QAEF,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;IAC5C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,6CAA6C,EAAE,GAAG,EAAE;QACrD,mBAAmB;QACnB,MAAM,KAAK,GAAiC,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC;QAE/D,mBAAmB;QACnB,MAAM,MAAM,GAAuC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;QAEhE,mBAAmB;QACnB,MAAM,eAAe,GAAuC,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC;QAE3E,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/src/types/__tests__/task-type.failure.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ //# sourceMappingURL=task-type.failure.d.ts.map

package/dist/src/types/__tests__/task-type.failure.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"task-type.failure.d.ts","sourceRoot":"","sources":["../../../../src/types/__tests__/task-type.failure.ts"],"names":[],"mappings":""}

package/dist/src/types/__tests__/task-type.failure.js ADDED Viewed

@@ -0,0 +1,11 @@
+"use strict";
+describe("TaskType (errors)", () => {
+    it("rejette un TaskType invalide", () => {
+        // @ts-expect-error – doit échouer
+        const invalid = "crawl";
+        // @ts-expect-error – doit échouer
+        const invalid2 = "invalid-type";
+        expect(true).toBe(true);
+    });
+});
+//# sourceMappingURL=task-type.failure.js.map