@jshookmcp/jshook 0.2.3 → 0.2.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +14 -5
- package/README.zh.md +18 -3
- package/dist/packages/extension-sdk/src/bridges/shared.js +2 -2
- package/dist/packages/extension-sdk/src/plugin.d.ts +5 -0
- package/dist/packages/extension-sdk/src/plugin.js +119 -33
- package/dist/packages/extension-sdk/src/workflow.d.ts +156 -0
- package/dist/packages/extension-sdk/src/workflow.js +236 -0
- package/dist/src/config/search-defaults.js +161 -0
- package/dist/src/constants.d.ts +3 -0
- package/dist/src/constants.js +4 -1
- package/dist/src/index.d.ts +1 -1
- package/dist/src/index.js +13 -17
- package/dist/src/modules/analyzer/CodeAnalyzer.d.ts +1 -3
- package/dist/src/modules/analyzer/CodeAnalyzer.js +16 -28
- package/dist/src/modules/analyzer/CodeAnalyzerDataFlow.d.ts +1 -2
- package/dist/src/modules/analyzer/CodeAnalyzerDataFlow.js +1 -45
- package/dist/src/modules/analyzer/IntelligentAnalyzer.d.ts +1 -37
- package/dist/src/modules/analyzer/IntelligentAnalyzer.js +9 -142
- package/dist/src/modules/analyzer/PatternDetector.js +3 -3
- package/dist/src/modules/analyzer/PatternDetectorAuthPatterns.js +1 -1
- package/dist/src/modules/browser/BrowserDiscovery.js +2 -2
- package/dist/src/modules/browser/BrowserModeManager.js +11 -10
- package/dist/src/modules/browser/TabRegistry.js +2 -2
- package/dist/src/modules/browser/UnifiedBrowserManager.d.ts +1 -0
- package/dist/src/modules/browser/UnifiedBrowserManager.js +18 -3
- package/dist/src/modules/captcha/AICaptchaDetector.d.ts +1 -10
- package/dist/src/modules/captcha/AICaptchaDetector.js +7 -201
- package/dist/src/modules/collector/CodeCollector.js +4 -5
- package/dist/src/modules/collector/DOMInspector.js +48 -58
- package/dist/src/modules/collector/PageController.d.ts +17 -4
- package/dist/src/modules/collector/PageController.js +2 -5
- package/dist/src/modules/collector/PageScriptCollectors.js +3 -3
- package/dist/src/modules/crypto/CryptoDetector.d.ts +1 -4
- package/dist/src/modules/crypto/CryptoDetector.js +2 -42
- package/dist/src/modules/crypto/CryptoRules.js +1 -1
- package/dist/src/modules/debugger/BlackboxManager.js +1 -1
- package/dist/src/modules/debugger/DebuggerManager.impl.core.scope.js +1 -1
- package/dist/src/modules/debugger/ScriptManager.impl.extract-function-tree.js +4 -2
- package/dist/src/modules/debugger/WatchExpressionManager.js +1 -1
- package/dist/src/modules/deobfuscator/Deobfuscator.d.ts +1 -4
- package/dist/src/modules/deobfuscator/Deobfuscator.js +4 -39
- package/dist/src/modules/deobfuscator/JSVMPDeobfuscator.d.ts +0 -3
- package/dist/src/modules/deobfuscator/JSVMPDeobfuscator.js +2 -8
- package/dist/src/modules/deobfuscator/JSVMPDeobfuscator.restore.d.ts +1 -2
- package/dist/src/modules/deobfuscator/JSVMPDeobfuscator.restore.js +3 -55
- package/dist/src/modules/deobfuscator/JScramblerDeobfuscator.js +3 -4
- package/dist/src/modules/deobfuscator/VMDeobfuscator.d.ts +2 -10
- package/dist/src/modules/deobfuscator/VMDeobfuscator.js +3 -128
- package/dist/src/modules/deobfuscator/webcrack.js +15 -2
- package/dist/src/modules/emulator/AIEnvironmentAnalyzer.d.ts +5 -8
- package/dist/src/modules/emulator/AIEnvironmentAnalyzer.js +10 -102
- package/dist/src/modules/emulator/EnvironmentEmulator.d.ts +1 -5
- package/dist/src/modules/emulator/EnvironmentEmulator.js +7 -91
- package/dist/src/modules/emulator/EnvironmentEmulatorFetch.js +58 -61
- package/dist/src/modules/emulator/templates/chrome-env.d.ts +17 -7
- package/dist/src/modules/emulator/templates/chrome-env.js +14 -7
- package/dist/src/modules/external/ExternalToolRunner.js +25 -22
- package/dist/src/modules/hook/HookGeneratorBuilders.core.generators.compose.js +5 -5
- package/dist/src/modules/hook/HookGeneratorBuilders.core.generators.network.js +311 -311
- package/dist/src/modules/hook/HookGeneratorBuilders.core.generators.runtime.js +410 -410
- package/dist/src/modules/hook/HookGeneratorBuilders.core.generators.storage.js +122 -122
- package/dist/src/modules/monitor/ConsoleMonitor.impl.core.class.d.ts +13 -0
- package/dist/src/modules/monitor/ConsoleMonitor.impl.core.class.js +42 -0
- package/dist/src/modules/monitor/ConsoleMonitor.impl.core.dynamic.js +194 -194
- package/dist/src/modules/monitor/FetchInterceptor.d.ts +46 -0
- package/dist/src/modules/monitor/FetchInterceptor.js +191 -0
- package/dist/src/modules/monitor/PerformanceMonitor.js +8 -7
- package/dist/src/modules/monitor/PlaywrightNetworkMonitor.js +62 -62
- package/dist/src/modules/process/BaseMemoryManager.d.ts +1 -1
- package/dist/src/modules/process/LinuxProcessManager.js +2 -0
- package/dist/src/modules/process/MacProcessManager.js +25 -25
- package/dist/src/modules/process/MemoryManager.d.ts +1 -1
- package/dist/src/modules/process/MemoryManager.js +2 -2
- package/dist/src/modules/process/memory/AuditTrail.js +1 -1
- package/dist/src/modules/process/memory/availability.js +49 -49
- package/dist/src/modules/process/memory/injector.js +185 -185
- package/dist/src/modules/process/memory/reader.js +85 -53
- package/dist/src/modules/process/memory/regions.dump.js +51 -51
- package/dist/src/modules/process/memory/regions.enumerate.js +108 -108
- package/dist/src/modules/process/memory/regions.modules.js +80 -80
- package/dist/src/modules/process/memory/regions.protection.js +148 -115
- package/dist/src/modules/process/memory/scanner.d.ts +5 -1
- package/dist/src/modules/process/memory/scanner.darwin.js +98 -41
- package/dist/src/modules/process/memory/scanner.js +88 -4
- package/dist/src/modules/process/memory/scanner.windows.js +124 -124
- package/dist/src/modules/process/memory/writer.js +98 -58
- package/dist/src/modules/security/ExecutionSandbox.js +51 -52
- package/dist/src/modules/stealth/FingerprintManager.js +1 -1
- package/dist/src/modules/stealth/StealthScripts.d.ts +1 -0
- package/dist/src/modules/stealth/StealthScripts.js +18 -13
- package/dist/src/modules/stealth/StealthVerifier.js +1 -3
- package/dist/src/modules/symbolic/JSVMPSymbolicExecutor.d.ts +14 -0
- package/dist/src/modules/symbolic/JSVMPSymbolicExecutor.js +181 -2
- package/dist/src/modules/trace/TraceDB.js +75 -69
- package/dist/src/modules/trace/TraceRecorder.js +1 -5
- package/dist/src/native/AntiCheatDetector.js +67 -16
- package/dist/src/native/CodeInjector.js +3 -3
- package/dist/src/native/HardwareBreakpoint.js +24 -15
- package/dist/src/native/HeapAnalyzer.js +2 -2
- package/dist/src/native/MemoryController.js +1 -1
- package/dist/src/native/MemoryScanSession.js +2 -2
- package/dist/src/native/MemoryScanner.js +4 -8
- package/dist/src/native/NativeMemoryManager.impl.js +2 -2
- package/dist/src/native/PEAnalyzer.js +14 -15
- package/dist/src/native/PointerChainEngine.js +2 -4
- package/dist/src/native/ScriptLoader.js +4 -9
- package/dist/src/native/Speedhack.js +1 -1
- package/dist/src/native/StructureAnalyzer.js +52 -33
- package/dist/src/native/Win32API.d.ts +1 -0
- package/dist/src/native/Win32API.js +13 -0
- package/dist/src/native/Win32Debug.js +19 -19
- package/dist/src/native/platform/darwin/DarwinAPI.d.ts +2 -0
- package/dist/src/native/platform/darwin/DarwinAPI.js +8 -0
- package/dist/src/native/platform/darwin/DarwinMemoryProvider.js +6 -1
- package/dist/src/server/MCPServer.context.d.ts +2 -1
- package/dist/src/server/MCPServer.d.ts +2 -1
- package/dist/src/server/MCPServer.domain.d.ts +1 -1
- package/dist/src/server/MCPServer.domain.js +81 -16
- package/dist/src/server/MCPServer.js +41 -14
- package/dist/src/server/MCPServer.resources.d.ts +2 -0
- package/dist/src/server/MCPServer.resources.js +91 -0
- package/dist/src/server/MCPServer.search.handlers.call.js +2 -1
- package/dist/src/server/MCPServer.search.helpers.js +1 -1
- package/dist/src/server/MCPServer.transport.js +12 -0
- package/dist/src/server/ToolCallContextGuard.js +8 -0
- package/dist/src/server/ToolRouter.d.ts +25 -9
- package/dist/src/server/ToolRouter.intent.d.ts +26 -0
- package/dist/src/server/ToolRouter.intent.js +77 -0
- package/dist/src/server/ToolRouter.js +103 -284
- package/dist/src/server/ToolRouter.policy.d.ts +22 -0
- package/dist/src/server/ToolRouter.policy.js +163 -0
- package/dist/src/server/ToolRouter.probe.d.ts +17 -0
- package/dist/src/server/ToolRouter.probe.js +103 -0
- package/dist/src/server/ToolRouter.renderer.d.ts +9 -0
- package/dist/src/server/ToolRouter.renderer.js +52 -0
- package/dist/src/server/activation/ActivationController.js +15 -12
- package/dist/src/server/activation/CompoundConditionEngine.js +1 -1
- package/dist/src/server/activation/PredictiveBooster.js +1 -3
- package/dist/src/server/domains/analysis/definitions.js +155 -655
- package/dist/src/server/domains/analysis/handlers.impl.js +26 -20
- package/dist/src/server/domains/analysis/handlers.web-tools.js +2 -1
- package/dist/src/server/domains/analysis/manifest.js +6 -4
- package/dist/src/server/domains/antidebug/definitions.js +25 -111
- package/dist/src/server/domains/browser/definitions.tools.advanced.js +59 -88
- package/dist/src/server/domains/browser/definitions.tools.behavior.js +120 -227
- package/dist/src/server/domains/browser/definitions.tools.page-core.js +210 -439
- package/dist/src/server/domains/browser/definitions.tools.page-system.js +108 -250
- package/dist/src/server/domains/browser/definitions.tools.runtime.js +98 -211
- package/dist/src/server/domains/browser/definitions.tools.security.js +194 -339
- package/dist/src/server/domains/browser/handlers/camoufox-browser.js +3 -2
- package/dist/src/server/domains/browser/handlers/captcha-solver.js +3 -3
- package/dist/src/server/domains/browser/handlers/dom-query.js +2 -1
- package/dist/src/server/domains/browser/handlers/framework-state.js +27 -9
- package/dist/src/server/domains/browser/handlers/indexeddb-dump.js +21 -20
- package/dist/src/server/domains/browser/handlers/script-management.js +1 -1
- package/dist/src/server/domains/browser/handlers.impl.d.ts +1 -2
- package/dist/src/server/domains/browser/handlers.impl.js +2 -3
- package/dist/src/server/domains/browser/manifest.js +37 -13
- package/dist/src/server/domains/coordination/definitions.js +50 -216
- package/dist/src/server/domains/coordination/index.d.ts +2 -1
- package/dist/src/server/domains/coordination/index.js +1 -0
- package/dist/src/server/domains/debugger/definitions.tools.advanced.js +72 -189
- package/dist/src/server/domains/debugger/definitions.tools.core.js +114 -288
- package/dist/src/server/domains/debugger/manifest.js +9 -2
- package/dist/src/server/domains/encoding/definitions.js +43 -153
- package/dist/src/server/domains/encoding/handlers.base.js +2 -2
- package/dist/src/server/domains/evidence/definitions.d.ts +2 -0
- package/dist/src/server/domains/evidence/definitions.js +42 -0
- package/dist/src/server/domains/evidence/handlers.d.ts +582 -0
- package/dist/src/server/domains/evidence/handlers.js +60 -0
- package/dist/src/server/domains/evidence/index.d.ts +2 -0
- package/dist/src/server/domains/evidence/index.js +2 -0
- package/dist/src/server/domains/evidence/manifest.d.ts +63 -0
- package/dist/src/server/domains/evidence/manifest.js +78 -0
- package/dist/src/server/domains/graphql/definitions.js +53 -141
- package/dist/src/server/domains/graphql/handlers.impl.core.runtime.replay.js +92 -114
- package/dist/src/server/domains/graphql/handlers.impl.core.runtime.shared.js +77 -77
- package/dist/src/server/domains/hooks/ai-handlers.d.ts +0 -7
- package/dist/src/server/domains/hooks/ai-handlers.js +1 -67
- package/dist/src/server/domains/hooks/definitions.js +69 -335
- package/dist/src/server/domains/hooks/manifest.d.ts +1 -1
- package/dist/src/server/domains/hooks/manifest.js +1 -2
- package/dist/src/server/domains/instrumentation/definitions.d.ts +2 -0
- package/dist/src/server/domains/instrumentation/definitions.js +99 -0
- package/dist/src/server/domains/instrumentation/handlers.d.ts +78 -0
- package/dist/src/server/domains/instrumentation/handlers.js +206 -0
- package/dist/src/server/domains/instrumentation/index.d.ts +2 -0
- package/dist/src/server/domains/instrumentation/index.js +2 -0
- package/dist/src/server/domains/instrumentation/manifest.d.ts +63 -0
- package/dist/src/server/domains/instrumentation/manifest.js +114 -0
- package/dist/src/server/domains/macro/definitions.js +16 -43
- package/dist/src/server/domains/maintenance/definitions.js +60 -219
- package/dist/src/server/domains/maintenance/handlers.extensions.js +78 -20
- package/dist/src/server/domains/memory/definitions.js +387 -559
- package/dist/src/server/domains/memory/handlers/hooks.d.ts +55 -0
- package/dist/src/server/domains/memory/handlers/hooks.js +115 -0
- package/dist/src/server/domains/memory/handlers/integrity.d.ts +77 -0
- package/dist/src/server/domains/memory/handlers/integrity.js +180 -0
- package/dist/src/server/domains/memory/handlers/pointer-chain.d.ts +29 -0
- package/dist/src/server/domains/memory/handlers/pointer-chain.js +82 -0
- package/dist/src/server/domains/memory/handlers/readwrite.d.ts +41 -0
- package/dist/src/server/domains/memory/handlers/readwrite.js +78 -0
- package/dist/src/server/domains/memory/handlers/scan.d.ts +35 -0
- package/dist/src/server/domains/memory/handlers/scan.js +97 -0
- package/dist/src/server/domains/memory/handlers/session.d.ts +23 -0
- package/dist/src/server/domains/memory/handlers/session.js +49 -0
- package/dist/src/server/domains/memory/handlers/structure.d.ts +29 -0
- package/dist/src/server/domains/memory/handlers/structure.js +74 -0
- package/dist/src/server/domains/memory/handlers.impl.d.ts +49 -54
- package/dist/src/server/domains/memory/handlers.impl.js +63 -494
- package/dist/src/server/domains/memory/manifest.js +236 -64
- package/dist/src/server/domains/native-bridge/definitions.js +54 -192
- package/dist/src/server/domains/native-bridge/index.d.ts +1 -0
- package/dist/src/server/domains/native-bridge/index.js +2 -1
- package/dist/src/server/domains/network/auth-extractor.js +1 -1
- package/dist/src/server/domains/network/definitions.js +175 -578
- package/dist/src/server/domains/network/handlers.base.core.d.ts +64 -0
- package/dist/src/server/domains/network/handlers.base.core.js +623 -0
- package/dist/src/server/domains/network/handlers.base.d.ts +2 -124
- package/dist/src/server/domains/network/handlers.base.js +3 -878
- package/dist/src/server/domains/network/handlers.base.performance.d.ts +63 -0
- package/dist/src/server/domains/network/handlers.base.performance.js +193 -0
- package/dist/src/server/domains/network/handlers.base.types.d.ts +42 -0
- package/dist/src/server/domains/network/handlers.base.types.js +89 -0
- package/dist/src/server/domains/network/handlers.impl.core.runtime.d.ts +1 -1
- package/dist/src/server/domains/network/handlers.impl.core.runtime.intercept.d.ts +21 -0
- package/dist/src/server/domains/network/handlers.impl.core.runtime.intercept.js +186 -0
- package/dist/src/server/domains/network/handlers.impl.core.runtime.js +1 -1
- package/dist/src/server/domains/network/manifest.js +15 -0
- package/dist/src/server/domains/network/replay.js +1 -4
- package/dist/src/server/domains/platform/definitions.js +121 -112
- package/dist/src/server/domains/platform/handlers/bridge-handlers.d.ts +4 -0
- package/dist/src/server/domains/platform/handlers/bridge-handlers.js +193 -4
- package/dist/src/server/domains/platform/handlers/electron-asar-helpers.js +26 -6
- package/dist/src/server/domains/platform/handlers/electron-dual-cdp.d.ts +3 -0
- package/dist/src/server/domains/platform/handlers/electron-dual-cdp.js +170 -0
- package/dist/src/server/domains/platform/handlers/electron-fuse-handler.d.ts +3 -0
- package/dist/src/server/domains/platform/handlers/electron-fuse-handler.js +193 -0
- package/dist/src/server/domains/platform/handlers/electron-handlers.d.ts +6 -0
- package/dist/src/server/domains/platform/handlers/electron-handlers.js +95 -2
- package/dist/src/server/domains/platform/handlers/electron-ipc-sniffer.d.ts +2 -0
- package/dist/src/server/domains/platform/handlers/electron-ipc-sniffer.js +370 -0
- package/dist/src/server/domains/platform/handlers/electron-userdata-handler.d.ts +2 -0
- package/dist/src/server/domains/platform/handlers/electron-userdata-handler.js +78 -0
- package/dist/src/server/domains/platform/handlers/miniapp-handlers.js +3 -3
- package/dist/src/server/domains/platform/handlers/v8-bytecode-handler.d.ts +2 -0
- package/dist/src/server/domains/platform/handlers/v8-bytecode-handler.js +207 -0
- package/dist/src/server/domains/platform/handlers.d.ts +48 -0
- package/dist/src/server/domains/platform/handlers.js +29 -0
- package/dist/src/server/domains/platform/manifest.js +38 -0
- package/dist/src/server/domains/process/definitions.js +163 -647
- package/dist/src/server/domains/process/handlers.base.d.ts +3 -95
- package/dist/src/server/domains/process/handlers.base.js +7 -462
- package/dist/src/server/domains/process/handlers.base.process.d.ts +61 -0
- package/dist/src/server/domains/process/handlers.base.process.js +417 -0
- package/dist/src/server/domains/process/handlers.base.types.d.ts +57 -0
- package/dist/src/server/domains/process/handlers.base.types.js +50 -0
- package/dist/src/server/domains/process/handlers.impl.core.runtime.inject.js +18 -16
- package/dist/src/server/domains/process/manifest.js +6 -1
- package/dist/src/server/domains/sandbox/definitions.js +11 -33
- package/dist/src/server/domains/sandbox/handlers.js +8 -3
- package/dist/src/server/domains/shared/ResponseBuilder.d.ts +209 -0
- package/dist/src/server/domains/shared/ResponseBuilder.js +48 -0
- package/dist/src/server/domains/shared/modules.d.ts +0 -2
- package/dist/src/server/domains/shared/modules.js +0 -1
- package/dist/src/server/domains/sourcemap/definitions.js +27 -111
- package/dist/src/server/domains/sourcemap/handlers.impl.sourcemap-common.js +7 -2
- package/dist/src/server/domains/sourcemap/handlers.impl.sourcemap-main.js +1 -1
- package/dist/src/server/domains/sourcemap/handlers.impl.sourcemap-parse-base.js +1 -1
- package/dist/src/server/domains/sourcemap/manifest.d.ts +1 -1
- package/dist/src/server/domains/sourcemap/manifest.js +1 -1
- package/dist/src/server/domains/streaming/definitions.js +36 -148
- package/dist/src/server/domains/streaming/handlers.impl.streaming-sse.js +163 -164
- package/dist/src/server/domains/streaming/handlers.impl.streaming-ws.js +1 -1
- package/dist/src/server/domains/trace/TraceSummarizer.js +8 -5
- package/dist/src/server/domains/trace/definitions.tools.js +51 -206
- package/dist/src/server/domains/trace/handlers.js +10 -12
- package/dist/src/server/domains/trace/index.d.ts +2 -1
- package/dist/src/server/domains/trace/index.js +2 -1
- package/dist/src/server/domains/trace/manifest.js +15 -3
- package/dist/src/server/domains/transform/definitions.js +50 -210
- package/dist/src/server/domains/transform/handlers.impl.transform-base.js +108 -108
- package/dist/src/server/domains/transform/handlers.impl.transform-crypto.js +18 -19
- package/dist/src/server/domains/transform/manifest.d.ts +1 -1
- package/dist/src/server/domains/transform/manifest.js +1 -1
- package/dist/src/server/domains/wasm/definitions.js +55 -232
- package/dist/src/server/domains/wasm/handlers.js +1 -1
- package/dist/src/server/domains/workflow/definitions.js +144 -414
- package/dist/src/server/domains/workflow/handlers.impl.workflow-account-bundle.js +1 -1
- package/dist/src/server/domains/workflow/handlers.impl.workflow-api.js +51 -51
- package/dist/src/server/domains/workflow/handlers.impl.workflow-base.d.ts +2 -0
- package/dist/src/server/domains/workflow/handlers.impl.workflow-base.js +126 -87
- package/dist/src/server/domains/workflow/handlers.impl.workflow-batch.js +5 -5
- package/dist/src/server/evidence/ReverseEvidenceGraph.d.ts +20 -0
- package/dist/src/server/evidence/ReverseEvidenceGraph.js +208 -0
- package/dist/src/server/evidence/index.d.ts +2 -0
- package/dist/src/server/evidence/index.js +1 -0
- package/dist/src/server/evidence/types.d.ts +22 -0
- package/dist/src/server/evidence/types.js +1 -0
- package/dist/src/server/extensions/ExtensionManager.d.ts +1 -0
- package/dist/src/server/extensions/ExtensionManager.discovery.js +72 -9
- package/dist/src/server/extensions/ExtensionManager.integrity.js +1 -1
- package/dist/src/server/extensions/ExtensionManager.js +193 -40
- package/dist/src/server/extensions/ExtensionManager.roots.d.ts +1 -1
- package/dist/src/server/extensions/ExtensionManager.roots.js +4 -4
- package/dist/src/server/extensions/plugin-config.js +1 -1
- package/dist/src/server/extensions/plugin-env.d.ts +1 -1
- package/dist/src/server/extensions/plugin-env.js +10 -4
- package/dist/src/server/extensions/types.d.ts +17 -0
- package/dist/src/server/extensions/types.js +1 -1
- package/dist/src/server/instrumentation/EvidenceGraphBridge.d.ts +13 -0
- package/dist/src/server/instrumentation/EvidenceGraphBridge.js +150 -0
- package/dist/src/server/instrumentation/InstrumentationSession.d.ts +60 -0
- package/dist/src/server/instrumentation/InstrumentationSession.js +269 -0
- package/dist/src/server/instrumentation/index.d.ts +2 -0
- package/dist/src/server/instrumentation/index.js +2 -0
- package/dist/src/server/instrumentation/types.d.ts +62 -0
- package/dist/src/server/instrumentation/types.js +7 -0
- package/dist/src/server/macros/MacroConfigLoader.d.ts +6 -5
- package/dist/src/server/macros/MacroConfigLoader.js +61 -59
- package/dist/src/server/macros/MacroRunner.js +6 -2
- package/dist/src/server/macros/builtins/index.d.ts +2 -3
- package/dist/src/server/macros/builtins/index.js +51 -7
- package/dist/src/server/plugins/PluginContract.d.ts +1 -1
- package/dist/src/server/registry/contracts.d.ts +1 -1
- package/dist/src/server/registry/discovery.js +5 -4
- package/dist/src/server/registry/ensure-browser-core.js +0 -3
- package/dist/src/server/registry/index.js +4 -4
- package/dist/src/server/registry/tool-builder.d.ts +46 -0
- package/dist/src/server/registry/tool-builder.js +105 -0
- package/dist/src/server/sandbox/QuickJSSandbox.js +16 -5
- package/dist/src/server/sandbox/SandboxHelpers.js +250 -250
- package/dist/src/server/search/EmbeddingWorker.js +5 -3
- package/dist/src/server/search/FeedbackTracker.d.ts +9 -0
- package/dist/src/server/search/FeedbackTracker.js +26 -0
- package/dist/src/server/search/QueryNormalizer.d.ts +6 -0
- package/dist/src/server/search/QueryNormalizer.js +94 -0
- package/dist/src/server/search/ToolSearchEngineImpl.d.ts +2 -3
- package/dist/src/server/search/ToolSearchEngineImpl.js +38 -88
- package/dist/src/server/workflows/WorkflowContract.d.ts +24 -0
- package/dist/src/server/workflows/WorkflowContract.js +12 -0
- package/dist/src/server/workflows/WorkflowEngine.d.ts +1 -0
- package/dist/src/server/workflows/WorkflowEngine.js +136 -3
- package/dist/src/types/config.d.ts +0 -14
- package/dist/src/types/deobfuscator.d.ts +0 -1
- package/dist/src/types/index.d.ts +1 -1
- package/dist/src/utils/DetailedDataManager.js +2 -0
- package/dist/src/utils/RingBuffer.js +5 -5
- package/dist/src/utils/TokenBudgetManager.js +1 -1
- package/dist/src/utils/UnifiedCacheManager.js +1 -1
- package/dist/src/utils/artifactRetention.js +2 -2
- package/dist/src/utils/betterSqlite3.d.ts +11 -0
- package/dist/src/utils/betterSqlite3.js +88 -0
- package/dist/src/utils/browserExecutable.js +2 -2
- package/dist/src/utils/cliFastPath.js +5 -8
- package/dist/src/utils/config.js +4 -26
- package/dist/src/utils/environmentDoctor.js +138 -11
- package/dist/src/utils/outputPaths.js +16 -9
- package/dist/src/utils/parallel.js +1 -3
- package/package.json +74 -72
- package/workflows/.gitkeep +0 -0
- package/dist/src/modules/analyzer/AISummarizer.d.ts +0 -39
- package/dist/src/modules/analyzer/AISummarizer.js +0 -122
- package/dist/src/modules/hook/AIHookGenerator.d.ts +0 -52
- package/dist/src/modules/hook/AIHookGenerator.js +0 -360
- package/dist/src/modules/hook/AIHookGeneratorTemplates.d.ts +0 -9
- package/dist/src/modules/hook/AIHookGeneratorTemplates.js +0 -157
- package/dist/src/server/macros/builtins/deobfuscate-ast-flow.d.ts +0 -2
- package/dist/src/server/macros/builtins/deobfuscate-ast-flow.js +0 -25
- package/dist/src/server/macros/builtins/unpacker-flow.d.ts +0 -2
- package/dist/src/server/macros/builtins/unpacker-flow.js +0 -25
- package/dist/src/services/LLMService.d.ts +0 -37
- package/dist/src/services/LLMService.js +0 -233
- package/dist/src/services/prompts/analysis.d.ts +0 -9
- package/dist/src/services/prompts/analysis.js +0 -158
- package/dist/src/services/prompts/crypto.d.ts +0 -2
- package/dist/src/services/prompts/crypto.js +0 -108
- package/dist/src/services/prompts/deobfuscation.d.ts +0 -6
- package/dist/src/services/prompts/deobfuscation.js +0 -300
- package/dist/src/services/prompts/environment.d.ts +0 -16
- package/dist/src/services/prompts/environment.js +0 -372
- package/dist/src/services/prompts/intelligence.d.ts +0 -4
- package/dist/src/services/prompts/intelligence.js +0 -250
- package/dist/src/services/prompts/taint.d.ts +0 -2
- package/dist/src/services/prompts/taint.js +0 -54
|
@@ -1,497 +1,66 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
}
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
success: false,
|
|
9
|
-
tool,
|
|
10
|
-
error: error instanceof Error ? error.message : String(error),
|
|
11
|
-
});
|
|
12
|
-
}
|
|
1
|
+
import { SessionHandlers } from './handlers/session.js';
|
|
2
|
+
import { ScanHandlers } from './handlers/scan.js';
|
|
3
|
+
import { PointerChainHandlers } from './handlers/pointer-chain.js';
|
|
4
|
+
import { StructureHandlers } from './handlers/structure.js';
|
|
5
|
+
import { HookHandlers } from './handlers/hooks.js';
|
|
6
|
+
import { ReadWriteHandlers } from './handlers/readwrite.js';
|
|
7
|
+
import { IntegrityHandlers } from './handlers/integrity.js';
|
|
13
8
|
export class MemoryScanHandlers {
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
speedhackEngine;
|
|
22
|
-
heapAnalyzer;
|
|
23
|
-
peAnalyzer;
|
|
24
|
-
antiCheatDetector;
|
|
9
|
+
sessions;
|
|
10
|
+
scans;
|
|
11
|
+
ptrChains;
|
|
12
|
+
structures;
|
|
13
|
+
hooks;
|
|
14
|
+
readwrite;
|
|
15
|
+
integrity;
|
|
25
16
|
constructor(scanner, sessionManager, ptrEngine, structAnalyzer, bpEngine, injector, memCtrl, speedhackEngine, heapAnalyzer, peAnalyzer, antiCheatDetector) {
|
|
26
|
-
this.
|
|
27
|
-
this.
|
|
28
|
-
this.
|
|
29
|
-
this.
|
|
30
|
-
this.
|
|
31
|
-
this.
|
|
32
|
-
this.
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
async handleUnknownScan(args) {
|
|
76
|
-
try {
|
|
77
|
-
const options = {
|
|
78
|
-
valueType: args.valueType,
|
|
79
|
-
alignment: args.alignment,
|
|
80
|
-
maxResults: args.maxResults,
|
|
81
|
-
regionFilter: args.regionFilter,
|
|
82
|
-
};
|
|
83
|
-
const result = await this.scanner.unknownInitialScan(args.pid, options);
|
|
84
|
-
return toTextResponse({
|
|
85
|
-
success: true, ...result,
|
|
86
|
-
hint: `Captured ${result.totalMatches} addresses. Use memory_next_scan with changed/unchanged/increased/decreased to narrow.`,
|
|
87
|
-
});
|
|
88
|
-
}
|
|
89
|
-
catch (error) {
|
|
90
|
-
return toErrorResponse('memory_unknown_scan', error);
|
|
91
|
-
}
|
|
92
|
-
}
|
|
93
|
-
async handlePointerScan(args) {
|
|
94
|
-
try {
|
|
95
|
-
const result = await this.scanner.pointerScan(args.pid, args.targetAddress, {
|
|
96
|
-
maxResults: args.maxResults,
|
|
97
|
-
moduleOnly: args.moduleOnly,
|
|
98
|
-
});
|
|
99
|
-
return toTextResponse({ success: true, ...result });
|
|
100
|
-
}
|
|
101
|
-
catch (error) {
|
|
102
|
-
return toErrorResponse('memory_pointer_scan', error);
|
|
103
|
-
}
|
|
104
|
-
}
|
|
105
|
-
async handleGroupScan(args) {
|
|
106
|
-
try {
|
|
107
|
-
const result = await this.scanner.groupScan(args.pid, args.pattern, { alignment: args.alignment, maxResults: args.maxResults });
|
|
108
|
-
return toTextResponse({ success: true, ...result });
|
|
109
|
-
}
|
|
110
|
-
catch (error) {
|
|
111
|
-
return toErrorResponse('memory_group_scan', error);
|
|
112
|
-
}
|
|
113
|
-
}
|
|
114
|
-
async handleScanList(_args) {
|
|
115
|
-
try {
|
|
116
|
-
const sessions = this.sessionManager.listSessions();
|
|
117
|
-
return toTextResponse({ success: true, sessions, count: sessions.length });
|
|
118
|
-
}
|
|
119
|
-
catch (error) {
|
|
120
|
-
return toErrorResponse('memory_scan_list', error);
|
|
121
|
-
}
|
|
122
|
-
}
|
|
123
|
-
async handleScanDelete(args) {
|
|
124
|
-
try {
|
|
125
|
-
return toTextResponse({ success: true, deleted: this.sessionManager.deleteSession(args.sessionId) });
|
|
126
|
-
}
|
|
127
|
-
catch (error) {
|
|
128
|
-
return toErrorResponse('memory_scan_delete', error);
|
|
129
|
-
}
|
|
130
|
-
}
|
|
131
|
-
async handleScanExport(args) {
|
|
132
|
-
try {
|
|
133
|
-
return toTextResponse({ success: true, exportedData: this.sessionManager.exportSession(args.sessionId) });
|
|
134
|
-
}
|
|
135
|
-
catch (error) {
|
|
136
|
-
return toErrorResponse('memory_scan_export', error);
|
|
137
|
-
}
|
|
138
|
-
}
|
|
139
|
-
async handlePointerChainScan(args) {
|
|
140
|
-
try {
|
|
141
|
-
const result = await this.ptrEngine.scan(args.pid, args.targetAddress, {
|
|
142
|
-
maxDepth: args.maxDepth,
|
|
143
|
-
maxOffset: args.maxOffset,
|
|
144
|
-
staticOnly: args.staticOnly,
|
|
145
|
-
modules: args.modules,
|
|
146
|
-
maxResults: args.maxResults,
|
|
147
|
-
});
|
|
148
|
-
return toTextResponse({
|
|
149
|
-
success: true, ...result,
|
|
150
|
-
hint: result.totalFound > 0
|
|
151
|
-
? `Found ${result.totalFound} pointer chains. Static chains survive process restarts.`
|
|
152
|
-
: 'No pointer chains found. Try increasing maxDepth or maxOffset.',
|
|
153
|
-
});
|
|
154
|
-
}
|
|
155
|
-
catch (error) {
|
|
156
|
-
return toErrorResponse('memory_pointer_chain_scan', error);
|
|
157
|
-
}
|
|
158
|
-
}
|
|
159
|
-
async handlePointerChainValidate(args) {
|
|
160
|
-
try {
|
|
161
|
-
const chains = JSON.parse(args.chains);
|
|
162
|
-
const results = await this.ptrEngine.validateChains(args.pid, chains);
|
|
163
|
-
return toTextResponse({ success: true, results, validCount: results.filter((r) => r.isValid).length, totalChecked: chains.length });
|
|
164
|
-
}
|
|
165
|
-
catch (error) {
|
|
166
|
-
return toErrorResponse('memory_pointer_chain_validate', error);
|
|
167
|
-
}
|
|
168
|
-
}
|
|
169
|
-
async handlePointerChainResolve(args) {
|
|
170
|
-
try {
|
|
171
|
-
const chain = JSON.parse(args.chain);
|
|
172
|
-
const resolved = await this.ptrEngine.resolveChain(args.pid, chain);
|
|
173
|
-
return toTextResponse({ success: true, chainId: chain.id, resolvedAddress: resolved, isResolvable: resolved !== null });
|
|
174
|
-
}
|
|
175
|
-
catch (error) {
|
|
176
|
-
return toErrorResponse('memory_pointer_chain_resolve', error);
|
|
177
|
-
}
|
|
178
|
-
}
|
|
179
|
-
async handlePointerChainExport(args) {
|
|
180
|
-
try {
|
|
181
|
-
const chains = JSON.parse(args.chains);
|
|
182
|
-
return toTextResponse({ success: true, exportedData: this.ptrEngine.exportChains(chains), chainCount: chains.length });
|
|
183
|
-
}
|
|
184
|
-
catch (error) {
|
|
185
|
-
return toErrorResponse('memory_pointer_chain_export', error);
|
|
186
|
-
}
|
|
187
|
-
}
|
|
188
|
-
async handleStructureAnalyze(args) {
|
|
189
|
-
try {
|
|
190
|
-
const result = await this.structAnalyzer.analyzeStructure(args.pid, args.address, {
|
|
191
|
-
size: args.size,
|
|
192
|
-
otherInstances: args.otherInstances,
|
|
193
|
-
parseRtti: args.parseRtti,
|
|
194
|
-
});
|
|
195
|
-
return toTextResponse({
|
|
196
|
-
success: true, ...result,
|
|
197
|
-
hint: result.className
|
|
198
|
-
? `Detected class: ${result.className}${result.baseClasses?.length ? ` (inherits: ${result.baseClasses.join(' → ')})` : ''}`
|
|
199
|
-
: `Inferred ${result.fields.length} fields. Use memory_structure_export_c to export as C struct.`,
|
|
200
|
-
});
|
|
201
|
-
}
|
|
202
|
-
catch (error) {
|
|
203
|
-
return toErrorResponse('memory_structure_analyze', error);
|
|
204
|
-
}
|
|
205
|
-
}
|
|
206
|
-
async handleVtableParse(args) {
|
|
207
|
-
try {
|
|
208
|
-
return toTextResponse({ success: true, ...await this.structAnalyzer.parseVtable(args.pid, args.vtableAddress) });
|
|
209
|
-
}
|
|
210
|
-
catch (error) {
|
|
211
|
-
return toErrorResponse('memory_vtable_parse', error);
|
|
212
|
-
}
|
|
213
|
-
}
|
|
214
|
-
async handleStructureExportC(args) {
|
|
215
|
-
try {
|
|
216
|
-
const structure = JSON.parse(args.structure);
|
|
217
|
-
return toTextResponse({ success: true, ...this.structAnalyzer.exportToCStruct(structure, args.name) });
|
|
218
|
-
}
|
|
219
|
-
catch (error) {
|
|
220
|
-
return toErrorResponse('memory_structure_export_c', error);
|
|
221
|
-
}
|
|
222
|
-
}
|
|
223
|
-
async handleStructureCompare(args) {
|
|
224
|
-
try {
|
|
225
|
-
const result = await this.structAnalyzer.compareInstances(args.pid, args.address1, args.address2, args.size);
|
|
226
|
-
return toTextResponse({ success: true, matchingFieldCount: result.matching.length, differingFieldCount: result.differing.length, ...result });
|
|
227
|
-
}
|
|
228
|
-
catch (error) {
|
|
229
|
-
return toErrorResponse('memory_structure_compare', error);
|
|
230
|
-
}
|
|
231
|
-
}
|
|
232
|
-
async handleBreakpointSet(args) {
|
|
233
|
-
try {
|
|
234
|
-
const config = await this.bpEngine.setBreakpoint(args.pid, args.address, args.access, args.size ?? 4);
|
|
235
|
-
return toTextResponse({
|
|
236
|
-
success: true, ...config,
|
|
237
|
-
hint: `Hardware breakpoint set on DR register. Use memory_breakpoint_trace to collect hits.`,
|
|
238
|
-
});
|
|
239
|
-
}
|
|
240
|
-
catch (error) {
|
|
241
|
-
return toErrorResponse('memory_breakpoint_set', error);
|
|
242
|
-
}
|
|
243
|
-
}
|
|
244
|
-
async handleBreakpointRemove(args) {
|
|
245
|
-
try {
|
|
246
|
-
return toTextResponse({ success: true, removed: await this.bpEngine.removeBreakpoint(args.breakpointId) });
|
|
247
|
-
}
|
|
248
|
-
catch (error) {
|
|
249
|
-
return toErrorResponse('memory_breakpoint_remove', error);
|
|
250
|
-
}
|
|
251
|
-
}
|
|
252
|
-
async handleBreakpointList(_args) {
|
|
253
|
-
try {
|
|
254
|
-
const bps = this.bpEngine.listBreakpoints();
|
|
255
|
-
return toTextResponse({ success: true, breakpoints: bps, count: bps.length });
|
|
256
|
-
}
|
|
257
|
-
catch (error) {
|
|
258
|
-
return toErrorResponse('memory_breakpoint_list', error);
|
|
259
|
-
}
|
|
260
|
-
}
|
|
261
|
-
async handleBreakpointTrace(args) {
|
|
262
|
-
try {
|
|
263
|
-
const hits = await this.bpEngine.traceAccess(args.pid, args.address, args.access, args.maxHits, args.timeoutMs);
|
|
264
|
-
return toTextResponse({
|
|
265
|
-
success: true, hits, hitCount: hits.length,
|
|
266
|
-
hint: hits.length > 0 ? `${hits.length} accesses captured. Check instructionAddress to find the code accessing this address.` : 'No hits captured within timeout.',
|
|
267
|
-
});
|
|
268
|
-
}
|
|
269
|
-
catch (error) {
|
|
270
|
-
return toErrorResponse('memory_breakpoint_trace', error);
|
|
271
|
-
}
|
|
272
|
-
}
|
|
273
|
-
async handlePatchBytes(args) {
|
|
274
|
-
try {
|
|
275
|
-
const patch = await this.injector.patchBytes(args.pid, args.address, args.bytes);
|
|
276
|
-
return toTextResponse({ success: true, ...patch, hint: `Patch applied. Use memory_patch_undo with patchId "${patch.id}" to restore.` });
|
|
277
|
-
}
|
|
278
|
-
catch (error) {
|
|
279
|
-
return toErrorResponse('memory_patch_bytes', error);
|
|
280
|
-
}
|
|
281
|
-
}
|
|
282
|
-
async handlePatchNop(args) {
|
|
283
|
-
try {
|
|
284
|
-
const patch = await this.injector.nopBytes(args.pid, args.address, args.count);
|
|
285
|
-
return toTextResponse({ success: true, ...patch, hint: `${args.count} bytes NOP'd. Use memory_patch_undo to restore.` });
|
|
286
|
-
}
|
|
287
|
-
catch (error) {
|
|
288
|
-
return toErrorResponse('memory_patch_nop', error);
|
|
289
|
-
}
|
|
290
|
-
}
|
|
291
|
-
async handlePatchUndo(args) {
|
|
292
|
-
try {
|
|
293
|
-
return toTextResponse({ success: true, restored: await this.injector.unpatch(args.patchId) });
|
|
294
|
-
}
|
|
295
|
-
catch (error) {
|
|
296
|
-
return toErrorResponse('memory_patch_undo', error);
|
|
297
|
-
}
|
|
298
|
-
}
|
|
299
|
-
async handleCodeCaves(args) {
|
|
300
|
-
try {
|
|
301
|
-
const caves = await this.injector.findCodeCaves(args.pid, args.minSize);
|
|
302
|
-
return toTextResponse({ success: true, caves, count: caves.length });
|
|
303
|
-
}
|
|
304
|
-
catch (error) {
|
|
305
|
-
return toErrorResponse('memory_code_caves', error);
|
|
306
|
-
}
|
|
307
|
-
}
|
|
308
|
-
async handleWriteValue(args) {
|
|
309
|
-
try {
|
|
310
|
-
const entry = await this.memCtrl.writeValue(args.pid, args.address, args.value, args.valueType);
|
|
311
|
-
return toTextResponse({ success: true, ...entry, hint: 'Use memory_write_undo to revert.' });
|
|
312
|
-
}
|
|
313
|
-
catch (error) {
|
|
314
|
-
return toErrorResponse('memory_write_value', error);
|
|
315
|
-
}
|
|
316
|
-
}
|
|
317
|
-
async handleFreeze(args) {
|
|
318
|
-
try {
|
|
319
|
-
const entry = await this.memCtrl.freeze(args.pid, args.address, args.value, args.valueType, args.intervalMs);
|
|
320
|
-
return toTextResponse({ success: true, ...entry, hint: `Frozen. Use memory_unfreeze with freezeId "${entry.id}" to stop.` });
|
|
321
|
-
}
|
|
322
|
-
catch (error) {
|
|
323
|
-
return toErrorResponse('memory_freeze', error);
|
|
324
|
-
}
|
|
325
|
-
}
|
|
326
|
-
async handleUnfreeze(args) {
|
|
327
|
-
try {
|
|
328
|
-
return toTextResponse({ success: true, unfrozen: await this.memCtrl.unfreeze(args.freezeId) });
|
|
329
|
-
}
|
|
330
|
-
catch (error) {
|
|
331
|
-
return toErrorResponse('memory_unfreeze', error);
|
|
332
|
-
}
|
|
333
|
-
}
|
|
334
|
-
async handleDump(args) {
|
|
335
|
-
try {
|
|
336
|
-
const hexDump = await this.memCtrl.dumpMemoryHex(args.pid, args.address, args.size ?? 256);
|
|
337
|
-
return toTextResponse({ success: true, dump: hexDump });
|
|
338
|
-
}
|
|
339
|
-
catch (error) {
|
|
340
|
-
return toErrorResponse('memory_dump', error);
|
|
341
|
-
}
|
|
342
|
-
}
|
|
343
|
-
async handleSpeedhackApply(args) {
|
|
344
|
-
try {
|
|
345
|
-
const result = await this.speedhackEngine.apply(args.pid, args.speed);
|
|
346
|
-
return toTextResponse({ ...result, success: true, hint: `Speedhack active (${args.speed}x). Use memory_speedhack_set to adjust.` });
|
|
347
|
-
}
|
|
348
|
-
catch (error) {
|
|
349
|
-
return toErrorResponse('memory_speedhack_apply', error);
|
|
350
|
-
}
|
|
351
|
-
}
|
|
352
|
-
async handleSpeedhackSet(args) {
|
|
353
|
-
try {
|
|
354
|
-
return toTextResponse({ success: true, updated: await this.speedhackEngine.setSpeed(args.pid, args.speed), newSpeed: args.speed });
|
|
355
|
-
}
|
|
356
|
-
catch (error) {
|
|
357
|
-
return toErrorResponse('memory_speedhack_set', error);
|
|
358
|
-
}
|
|
359
|
-
}
|
|
360
|
-
async handleWriteUndo(_args) {
|
|
361
|
-
try {
|
|
362
|
-
const entry = await this.memCtrl.undo();
|
|
363
|
-
return toTextResponse({ success: true, undone: entry !== null, entry });
|
|
364
|
-
}
|
|
365
|
-
catch (error) {
|
|
366
|
-
return toErrorResponse('memory_write_undo', error);
|
|
367
|
-
}
|
|
368
|
-
}
|
|
369
|
-
async handleWriteRedo(_args) {
|
|
370
|
-
try {
|
|
371
|
-
const entry = await this.memCtrl.redo();
|
|
372
|
-
return toTextResponse({ success: true, redone: entry !== null, entry });
|
|
373
|
-
}
|
|
374
|
-
catch (error) {
|
|
375
|
-
return toErrorResponse('memory_write_redo', error);
|
|
376
|
-
}
|
|
377
|
-
}
|
|
378
|
-
async handleHeapEnumerate(args) {
|
|
379
|
-
try {
|
|
380
|
-
const result = await this.heapAnalyzer.enumerateHeaps(args.pid);
|
|
381
|
-
return toTextResponse({
|
|
382
|
-
success: true, ...result,
|
|
383
|
-
hint: `Enumerated ${result.heaps.length} heaps. Use memory_heap_stats for statistics or memory_heap_anomalies to check for issues.`,
|
|
384
|
-
});
|
|
385
|
-
}
|
|
386
|
-
catch (error) {
|
|
387
|
-
return toErrorResponse('memory_heap_enumerate', error);
|
|
388
|
-
}
|
|
389
|
-
}
|
|
390
|
-
async handleHeapStats(args) {
|
|
391
|
-
try {
|
|
392
|
-
const stats = await this.heapAnalyzer.getStats(args.pid);
|
|
393
|
-
return toTextResponse({ success: true, ...stats });
|
|
394
|
-
}
|
|
395
|
-
catch (error) {
|
|
396
|
-
return toErrorResponse('memory_heap_stats', error);
|
|
397
|
-
}
|
|
398
|
-
}
|
|
399
|
-
async handleHeapAnomalies(args) {
|
|
400
|
-
try {
|
|
401
|
-
const anomalies = await this.heapAnalyzer.detectAnomalies(args.pid);
|
|
402
|
-
return toTextResponse({
|
|
403
|
-
success: true, anomalies, count: anomalies.length,
|
|
404
|
-
hint: anomalies.length > 0
|
|
405
|
-
? `Found ${anomalies.length} anomalies — inspect types for spray, UAF, or suspicious patterns.`
|
|
406
|
-
: 'No heap anomalies detected.',
|
|
407
|
-
});
|
|
408
|
-
}
|
|
409
|
-
catch (error) {
|
|
410
|
-
return toErrorResponse('memory_heap_anomalies', error);
|
|
411
|
-
}
|
|
412
|
-
}
|
|
413
|
-
async handlePEHeaders(args) {
|
|
414
|
-
try {
|
|
415
|
-
const headers = await this.peAnalyzer.parseHeaders(args.pid, args.moduleBase);
|
|
416
|
-
return toTextResponse({ success: true, ...headers });
|
|
417
|
-
}
|
|
418
|
-
catch (error) {
|
|
419
|
-
return toErrorResponse('memory_pe_headers', error);
|
|
420
|
-
}
|
|
421
|
-
}
|
|
422
|
-
async handlePEImportsExports(args) {
|
|
423
|
-
try {
|
|
424
|
-
const table = args.table || 'both';
|
|
425
|
-
const base = args.moduleBase;
|
|
426
|
-
const pid = args.pid;
|
|
427
|
-
const result = { success: true };
|
|
428
|
-
if (table === 'imports' || table === 'both') {
|
|
429
|
-
result.imports = await this.peAnalyzer.parseImports(pid, base);
|
|
430
|
-
}
|
|
431
|
-
if (table === 'exports' || table === 'both') {
|
|
432
|
-
result.exports = await this.peAnalyzer.parseExports(pid, base);
|
|
433
|
-
}
|
|
434
|
-
return toTextResponse(result);
|
|
435
|
-
}
|
|
436
|
-
catch (error) {
|
|
437
|
-
return toErrorResponse('memory_pe_imports_exports', error);
|
|
438
|
-
}
|
|
439
|
-
}
|
|
440
|
-
async handleInlineHookDetect(args) {
|
|
441
|
-
try {
|
|
442
|
-
const hooks = await this.peAnalyzer.detectInlineHooks(args.pid, args.moduleName);
|
|
443
|
-
return toTextResponse({
|
|
444
|
-
success: true, hooks, count: hooks.length,
|
|
445
|
-
hint: hooks.length > 0
|
|
446
|
-
? `Detected ${hooks.length} inline hooks — check hookType and jumpTarget for each.`
|
|
447
|
-
: 'No inline hooks detected — exports match disk bytes.',
|
|
448
|
-
});
|
|
449
|
-
}
|
|
450
|
-
catch (error) {
|
|
451
|
-
return toErrorResponse('memory_inline_hook_detect', error);
|
|
452
|
-
}
|
|
453
|
-
}
|
|
454
|
-
async handleAntiCheatDetect(args) {
|
|
455
|
-
try {
|
|
456
|
-
const detections = await this.antiCheatDetector.detect(args.pid);
|
|
457
|
-
return toTextResponse({
|
|
458
|
-
success: true, detections, count: detections.length,
|
|
459
|
-
hint: detections.length > 0
|
|
460
|
-
? `Found ${detections.length} anti-debug mechanisms. Each includes a bypassSuggestion.`
|
|
461
|
-
: 'No anti-debug mechanisms detected in imports.',
|
|
462
|
-
});
|
|
463
|
-
}
|
|
464
|
-
catch (error) {
|
|
465
|
-
return toErrorResponse('memory_anticheat_detect', error);
|
|
466
|
-
}
|
|
467
|
-
}
|
|
468
|
-
async handleGuardPages(args) {
|
|
469
|
-
try {
|
|
470
|
-
const pages = await this.antiCheatDetector.findGuardPages(args.pid);
|
|
471
|
-
return toTextResponse({
|
|
472
|
-
success: true, guardPages: pages, count: pages.length,
|
|
473
|
-
hint: pages.length > 0
|
|
474
|
-
? `Found ${pages.length} guard page regions — these may indicate anti-tampering.`
|
|
475
|
-
: 'No guard pages found.',
|
|
476
|
-
});
|
|
477
|
-
}
|
|
478
|
-
catch (error) {
|
|
479
|
-
return toErrorResponse('memory_guard_pages', error);
|
|
480
|
-
}
|
|
481
|
-
}
|
|
482
|
-
async handleIntegrityCheck(args) {
|
|
483
|
-
try {
|
|
484
|
-
const results = await this.antiCheatDetector.checkIntegrity(args.pid, args.moduleName);
|
|
485
|
-
const modified = results.filter(r => r.isModified);
|
|
486
|
-
return toTextResponse({
|
|
487
|
-
success: true, sections: results, totalChecked: results.length, modifiedCount: modified.length,
|
|
488
|
-
hint: modified.length > 0
|
|
489
|
-
? `${modified.length} section(s) modified — code may have been patched or hooked.`
|
|
490
|
-
: 'All checked sections match disk — no runtime modifications detected.',
|
|
491
|
-
});
|
|
492
|
-
}
|
|
493
|
-
catch (error) {
|
|
494
|
-
return toErrorResponse('memory_integrity_check', error);
|
|
495
|
-
}
|
|
496
|
-
}
|
|
17
|
+
this.sessions = new SessionHandlers(sessionManager);
|
|
18
|
+
this.scans = new ScanHandlers(scanner);
|
|
19
|
+
this.ptrChains = new PointerChainHandlers(ptrEngine);
|
|
20
|
+
this.structures = new StructureHandlers(structAnalyzer);
|
|
21
|
+
this.hooks = new HookHandlers(bpEngine, injector);
|
|
22
|
+
this.readwrite = new ReadWriteHandlers(memCtrl);
|
|
23
|
+
this.integrity = new IntegrityHandlers(speedhackEngine, heapAnalyzer, peAnalyzer, antiCheatDetector);
|
|
24
|
+
}
|
|
25
|
+
handleScanList = (args) => this.sessions.handleScanList(args);
|
|
26
|
+
handleScanDelete = (args) => this.sessions.handleScanDelete(args);
|
|
27
|
+
handleScanExport = (args) => this.sessions.handleScanExport(args);
|
|
28
|
+
handleFirstScan = (args) => this.scans.handleFirstScan(args);
|
|
29
|
+
handleNextScan = (args) => this.scans.handleNextScan(args);
|
|
30
|
+
handleUnknownScan = (args) => this.scans.handleUnknownScan(args);
|
|
31
|
+
handlePointerScan = (args) => this.scans.handlePointerScan(args);
|
|
32
|
+
handleGroupScan = (args) => this.scans.handleGroupScan(args);
|
|
33
|
+
handlePointerChainScan = (args) => this.ptrChains.handlePointerChainScan(args);
|
|
34
|
+
handlePointerChainValidate = (args) => this.ptrChains.handlePointerChainValidate(args);
|
|
35
|
+
handlePointerChainResolve = (args) => this.ptrChains.handlePointerChainResolve(args);
|
|
36
|
+
handlePointerChainExport = (args) => this.ptrChains.handlePointerChainExport(args);
|
|
37
|
+
handleStructureAnalyze = (args) => this.structures.handleStructureAnalyze(args);
|
|
38
|
+
handleVtableParse = (args) => this.structures.handleVtableParse(args);
|
|
39
|
+
handleStructureExportC = (args) => this.structures.handleStructureExportC(args);
|
|
40
|
+
handleStructureCompare = (args) => this.structures.handleStructureCompare(args);
|
|
41
|
+
handleBreakpointSet = (args) => this.hooks.handleBreakpointSet(args);
|
|
42
|
+
handleBreakpointRemove = (args) => this.hooks.handleBreakpointRemove(args);
|
|
43
|
+
handleBreakpointList = (args) => this.hooks.handleBreakpointList(args);
|
|
44
|
+
handleBreakpointTrace = (args) => this.hooks.handleBreakpointTrace(args);
|
|
45
|
+
handlePatchBytes = (args) => this.hooks.handlePatchBytes(args);
|
|
46
|
+
handlePatchNop = (args) => this.hooks.handlePatchNop(args);
|
|
47
|
+
handlePatchUndo = (args) => this.hooks.handlePatchUndo(args);
|
|
48
|
+
handleCodeCaves = (args) => this.hooks.handleCodeCaves(args);
|
|
49
|
+
handleWriteValue = (args) => this.readwrite.handleWriteValue(args);
|
|
50
|
+
handleFreeze = (args) => this.readwrite.handleFreeze(args);
|
|
51
|
+
handleUnfreeze = (args) => this.readwrite.handleUnfreeze(args);
|
|
52
|
+
handleDump = (args) => this.readwrite.handleDump(args);
|
|
53
|
+
handleWriteUndo = (args) => this.readwrite.handleWriteUndo(args);
|
|
54
|
+
handleWriteRedo = (args) => this.readwrite.handleWriteRedo(args);
|
|
55
|
+
handleSpeedhackApply = (args) => this.integrity.handleSpeedhackApply(args);
|
|
56
|
+
handleSpeedhackSet = (args) => this.integrity.handleSpeedhackSet(args);
|
|
57
|
+
handleHeapEnumerate = (args) => this.integrity.handleHeapEnumerate(args);
|
|
58
|
+
handleHeapStats = (args) => this.integrity.handleHeapStats(args);
|
|
59
|
+
handleHeapAnomalies = (args) => this.integrity.handleHeapAnomalies(args);
|
|
60
|
+
handlePEHeaders = (args) => this.integrity.handlePEHeaders(args);
|
|
61
|
+
handlePEImportsExports = (args) => this.integrity.handlePEImportsExports(args);
|
|
62
|
+
handleInlineHookDetect = (args) => this.integrity.handleInlineHookDetect(args);
|
|
63
|
+
handleAntiCheatDetect = (args) => this.integrity.handleAntiCheatDetect(args);
|
|
64
|
+
handleGuardPages = (args) => this.integrity.handleGuardPages(args);
|
|
65
|
+
handleIntegrityCheck = (args) => this.integrity.handleIntegrityCheck(args);
|
|
497
66
|
}
|