@offgridsec/kira-lite-mcp 0.1.2 → 0.1.3

package/dist/rules/csharp.js

@@ -1 +1,207 @@
-function _0x5aef(){const _0x19e488=['CYbTB2q','Exn0zw0','Dg8Gzge','y3jPDgK','lcb1C2u','BYb3Axq','Bg93zwq','sgfYzgm','q1mTuKu','B25Uzwm','EsbTyw4','Aw9UCY4','ig9YAwC','q3jVC3m','CMWUsxm','mZiWs1HOs0n5','zw50ige','DgvKlMm','l3rYDxm','mtuWote4mZL4v2zbrgS','B2rLigu','CYb3Axq','ChbZzxq','nZeZnJrov1zluLO','yMXLCYa','BguGDg8','AxrPEMu','DwrPBMC','CM9Jzxm','BMnYExa','AguGCge','yxrPy2e','zIbZAg8','CNnHBca','B2LKigW','vxnLCIa','zxj5','CM5vCMW','AxrPzxm','wg1Srg8','AwzPy2e','C2vWyxi','CNrPzMK','rIbdB3i','q1Dflti','zsb2Axm','Aw4Gteq','wg1SuMu','reKTmda','yxrLige','zcbVzIa','DxqGAw4','u0vslta','zwrLzc4','u1mTmda','refqigy','yxrPB24','seeYnty','BgX5iha','yxrLzca','DgrqCM8','yxCGB3u','ig9Yie4','sw5Zzwm','zwqGDg8','C2vJDxi','ihbHC3m','C3n3B3i','lKPZB24','CNm9t2y','AxbSzuq','ignVBw0','Axb0Aw8','Aw5ZDgu','Aw5Nige','ywDLCW','Aw5KAw4','zw50Axq','uhjVy2u','4OcuifvZzq','kfHyrsK','yML0igS','DhmGAwq','CM9Tu3e','CMLLCY4','CIbuCMK','zxrgDwW','DcbHBMq','zYa9ieq','BwvUDca','wvbutY0','DxnLzca','zwn0iokaLa','CNmU','ifr5Cgu','CYbHDxq','CIbhq00','Aw5NigK','DxnLCI0','BML0AxO','ifvsthm','B2nHBfu','CguGAge','y3jVC28','BMCGD2K','igLZigq','q1mTreu','DMfSAwq','ihzLCMK','lLnLy3u','igrHDge','ihrVihy','BgfUz3u','lKnYzwe','BgLKyxq','y3DL','CMvKzw4','Aw50BYa','Bwv0zxi','igv4zwm','u1fmieK','CwXsyxC','q1mTtue','CMf0zsa','CMWPksa','CIbPBNa','BIbPBIa','Aw4GDMu','q1mTq08','ifbYB2q','vxnLiee','vxnLifG','u2vYDMu','zxjtzxq','DMvHBgK','DhbZoI8','DgGGCge','tg9JywW','zgvSlLa','igrPC2e','CMjPDhi','C0zVCM0','zxLZlG','ywX1zsG','qxnZAwC','B2rLzca','iefSBg8','zxmGwfm','B2rL','twLZy28','y3rPB24','ifjdrsa','B20Iksa','BMqGzw4','ndG3nJm2yxrvzhLN','y2f0zwq','shrTBc4','yxCOksa','BM1LBNq','u3rYAw4','BgvUyw0','CMuGCMe','DgGGC3q','uMvKAxi','ugf0Aca','CYaOCM8','DhrHy2S','qtuXmI4','B3iGzMK','ChrPBMC','DgvKkcK','yvnJCMK','BMrVBu4','DgL0Bgu','Aw5ZoIa','yxj0CYa','ig9Wzw4','BsbMB3i','CM5PBMC','igLUAMu','v2L0Afy','mdaX','Dw1Izxi','BIdIGjqGqq','zxiVtg8','zsb2DwW','zxiGyxi','yxr0zxi','zwXVCg0','yNKGtwK','zcb2zxi','AxrPDMu','B3j5lG','C2vZihC','ksb3Axq','BNrPywW','lLbHCMe','y3jLzgu','igLUigy','khjLDhu','ieLUzM8','t3bLBIa','ig9Yihu','C3qGywW','ifn0CMK','ywqGB2y','CY5bzgq','zgLYzwm','q1DfltC','q1Dfltu','B2TLBNm','v2vHAYa','reLslta','vxnLifu','revtige','BMCGAw4','CMv0Dxi','C3qGBM8','qKnYExa','zsbgCM8','C3rLBs4','zM9Yigi','CYbtuuW','Dhb1Dca','y3rSEsa','rvmGyxi','zgu9iK8','B2XSzwq','BfbHDgG','y3rLCNm','BgXVD0e','iokaLcbiDa','DgHLigu','q1mTu1e','kcKGyw4','teKTmda','yw5Nzxi','ywXPEMe','u3bLy2K','BNrLCM4','Dcb9lG','BMf0Aw8','q1mTuee','yxjNDw0','yxnLigm','BMqGB2y','y2SGB3i','y3nOyxi','yw5PDgK','igv4y2W','icHatw8','ieH0BwW','Axr5','we1mieu','Axr5lxm','4OcuifvUCW','AcbvC2u','C2fUAxq','AhKUuMe','AgLJAca','B2rLlG','ihnLCge','DMfYAwe','ifHyrsa','AwXLCY4','CYbVBMW','EhrLCM4','ihjLDhu','zNKGywW','iokaLcbtEq','zML4','B24U','BMrSAw4','Bs5syw4','BMqGu0G','iKbPzci','AgLNAa','uuWGAw4','rvmGAge','Aw5WDxq','zwqGyMe','AxnOAw4','q0jdig8','zxD0B24','BMX5iIa','igzVCIa','BNLpCMK','Dg8GDxm','qteGyxi','zwqUieq','Awv3tw8','ywrPBMC','zwqGyxi','BMfIBgu','AwfSAxO','DYGPigu','igzPzwW','q1Dfltq','qMLUyxi','A3mU','zxiGy2u','C2vYigK','z3mGD2K','ifnJCMK','zt0IuMu','D2L0Aca','yxrOlKC','y3vTzw4','yxPVCIC','C3ntDge','vMfSAwq','zcbmree','B24G4Ocuia','BhzLCNm','DgLVBI4','q1mTteq','y2HHCMe','C2fMzsa','Aw5Nihu','ucbXDwu','ihrLEhq','mdaY','AxbOzxi','q1Dflty','BgXLzca','BwvKAxu','Bw1HBMq','zNqUieK','Bgf0Aw8','rxjYB3i','CMWOCMu','CNKU','DwfSBhK','zw5ZAxq','sNnVBI4','zgvSCYa','qwXSB3C','Bwf0Dgu','ifvUDMe','BMzPz3u','yxrOCYa','zgLJDge','DguGpsa','q1Dfltm','zw50CYa','zsbKzxa','yNjVA2u','igrPCMu','y2f0zsa','vxnLifa','ifHTBfq','ihbYB2q','AxrOihu','zxbYzwm','zhmU','B2DYyxa','DhrLCM4','B2r1y3q','zxrZigK','BwXszwe','q1mTuKe','ihbYB3a','ve9Zl1y','vxnLifm','B21HDgK','q29UBMu','q1DfltG','ruyGq28','igLUieu','ywXPzge','mJaXmdiXm29Ru1vTEG','r2v0qNK','Aw4GChi','tfmGq2u','yxj5igm','ihrYDwu','twfZCYa','rgf0ywi','q1DfltK','ywjSzxm','ifvZzsa','BNn0zwe','BMvYywi','uMfUzg8','r2vUzxi','CY1VCMK','CIbPCYa','Dg8Gzw4','BuvYCM8','igfSBg8','revtig8','ywXSEsa','AhKG4Ocuia','rgLZywi','D3mGB3y','igLUieW','y2vZC2K','lMPZB24','AwXLiha','rgvIDwC','ywWGzgu','quvtigu','Dxn0B20','oerLCMK','oIbJBwq','B2HPyMK','ihbHDgG','mJu3mZqXyM5LvLbr','CMLNAw4','u3fSq28','mZvhB0XJq08','CML0Eq','CNrjBMy','ywXSigm','AxjLy3q','BMqGvhi','rfreiha','zxjPzxm','yxrVCI4','DgLUzYa','AxzLihi','CMD1Bwu','terbuca','zgvWCMu','yxbOAwm','zYbPBNq','CKLKktS','vxnLige','lcbRzxK','DgLUz3m','ieXeqva','B2rPBMC','yw5KB20','yxj0ihC','zw5HyMW','CML0Esa','z2LUihC','EhbLy3q','B2nRCYa','ifnLy3i','tuq1ige','vxjSkcK','zwDHy3K','DcbvuKW','D3mGCMu','tw9Kzs4','y2uGy28','zsGPlIa','BMCGCge','DgLVBIa','ywrLCIa','igvUywi','yw5KCY4','DcbIzsa','DgvUyxq','DxjLieq','Bw9KzwW','Aw9UlG','qY0Wmde','yxjHBwu','zcbZDge','vxnLifi','CYbpzMy','CYGIAhq','zfbYB2m','DgfIyxm','zMLLBgq','BIiGAw4','CYbLEha','ihnLCMK','yxj5igy','runcig0','Aw5Niha','lLrLEhq','zwn1Dgu','AwDPBIa','Dg9Tigm','tg9ZrM8','uMf3kcK','u3LZDgu','BMqGBxu','y3qGDhK','Aw9UiokaLa','AwrHDgK','CKnLCNq','DxnLifi','vxnLiha','AxrOiee','CM1HDgK','CgfYyw0','4OcuiePHDG','runcie0','zMLJAwe','ifvZzxi','zsbZCgu','zxnLCMK','AxmGBMu','Dwn0Aw8','DguOksa','zxj0Awy','y2fS','Ccb0BYa','DgvYAxO','zMLJyxq','Esa1nI0','q1mTveW','l3DYAxq','BMqGD2G','CxvLC3q','u3rHCNq','q1mTwfG','yxj5rM8','ywrLCI8','yxr0ywm','q3vZDg8','CYWGB3i','ig1Vzgu','qMLUzgK','ig9Yiey','rNjVBvm','BMCGy28','BMnHDgu','C2v2zxi','zxmUq3i','C0fKBwK','zcbUzxy','uY0Wmde','sw5Qzwm','zg9TigK','DYbtuuW','y2LHBca','BMPLy3q','yw5KigK','AwnHDgK','DMLHigq','ihnVDxi','DcbJyw4','BMqGsw4','mJi0nZbHthnhtxO','vMvYAwy','zMfSC2u','vxnLiem','zwqGCMu','ihnLBNm','sMf2yvm','zgvZy3i','zxrLCNm','BNrZlG','qLvhlta','q3jLyxq','AxPHDgK','BNKGB3i','CM1HDhq','D0fUEu8','zxjWB2W','BIdIGjqGqW','BgvKifq','q1mTu0u','CMrZlca','DxjLifi','BfjLywq','EMvKigK','rM9Yiha','ihDPDgG','lIbtyw4','C2vYlwm','zMmYodK','iokaLcbcAq','ihnLy3u','q3j5Chq','AwnHDgu','igfUzca','ig9YihC','AMvJDgK','BMrPBMC','ChbLCIW','zgvJAxm','AwnHBgW','kcKGD2K','B3iGu0G','veGTmda','yYbLBMm','C2vUC2K','ndy4mte2ogvfCLbSyW','AwX0zxi','zxiGyMu','q09suYa','zhmGAw4','AwjSzsa','ywnLCYa','DhvYBLu','CNnPB24','EuzVCM0','zY4Gqxy','u3fSuMe','zsbLBNq','DgL0Esa','CgvKieG','Acb1C2u','ksbVCIa','q29TBwe','CYbWCMu','EsWGCMu','Cgf0Dgu','lLjHDYa'];_0x5aef=function(){return _0x19e488;};return _0x5aef();}(function(_0x212df6,_0x18e7c8){const _0x10aa22={_0x19e648:0x432,_0x3d6245:0x389,_0x63027b:0x396,_0x234a3f:0x3cb,_0x26c02c:0x2aa,_0xea414e:0xb4,_0x34c513:0x435,_0x976321:0x87,_0x5acf20:0x20,_0x3b1f02:0x5e,_0xf84d2d:0x11b},_0x1ca47d={_0xb903fe:0xa4};function _0x271ed3(_0x409057,_0x593e28){return _0x53af(_0x409057-_0x1ca47d._0xb903fe,_0x593e28);}const _0x46ff5a=_0x212df6();function _0x3f9c0b(_0x1e8bee,_0x35ee7a){return _0x53af(_0x1e8bee- -0x268,_0x35ee7a);}while(!![]){try{const _0x24fdd8=-parseInt(_0x271ed3(_0x10aa22._0x19e648,_0x10aa22._0x3d6245))/(0x2f1*0xd+0x1*0x1c73+0x1*-0x42af)+parseInt(_0x3f9c0b(0x29,0x9b))/(0x195a+-0x4*-0x296+-0x23b0)+parseInt(_0x271ed3(0x40d,_0x10aa22._0x63027b))/(0x1b82+-0x1*-0x19bb+0x9*-0x5ea)+parseInt(_0x271ed3(0x2b2,_0x10aa22._0x234a3f))/(-0x22c+-0x31f+0x54f)*(-parseInt(_0x271ed3(_0x10aa22._0x26c02c,0x1a6))/(0x3*0x1ab+-0x259d+0x20a1*0x1))+-parseInt(_0x3f9c0b(-_0x10aa22._0xea414e,0x38))/(0x13e*-0xa+-0x130*0x9+-0x1a7*-0xe)*(parseInt(_0x271ed3(_0x10aa22._0x34c513,0x342))/(0x2563+-0x147*0x7+-0xf*0x1e5))+-parseInt(_0x3f9c0b(-_0x10aa22._0x976321,_0x10aa22._0x5acf20))/(0x2462+-0x1f69+0x4f1*-0x1)+parseInt(_0x3f9c0b(-_0x10aa22._0x3b1f02,-_0x10aa22._0xf84d2d))/(0xed8+0x1ef5*0x1+0x194*-0x1d);if(_0x24fdd8===_0x18e7c8)break;else _0x46ff5a['push'](_0x46ff5a['shift']());}catch(_0x4bb4cc){_0x46ff5a['push'](_0x46ff5a['shift']());}}}(_0x5aef,0xefc*-0xc5+-0x4*-0x45f29+-0x4*-0xc0c5));const _0x1489ef={};_0x1489ef['id']='CS-SQ'+_0x1823f9(0x5d8,0x657)+'1',_0x1489ef[_0x2ad845(0x53a,0x43b)]='CWE-8'+'9',_0x1489ef[_0x2ad845(0x474,0x436)+'ity']='criti'+_0x2ad845(0x45e,0x387),_0x1489ef['title']=_0x1823f9(0x565,0x4ca)+_0x1823f9(0x4a3,0x3e5)+'ion\x20—'+'\x20Stri'+_0x2ad845(0x472,0x502)+_0x1823f9(0x499,0x5c8)+_0x1823f9(0x5de,0x664)+'n\x20in\x20'+_0x2ad845(0x660,0x5e1)+_0x2ad845(0x60d,0x62c);function _0x2ad845(_0x55022d,_0x1aa118){const _0x5b7065={_0x594ce5:0x2d0};return _0x53af(_0x55022d-_0x5b7065._0x594ce5,_0x1aa118);}_0x1489ef[_0x1823f9(0x4b1,0x586)+_0x2ad845(0x50f,0x565)+'n']='Conca'+_0x2ad845(0x68d,0x7ba)+_0x2ad845(0x605,0x502)+_0x2ad845(0x5f4,0x56d)+'nput\x20'+_0x2ad845(0x53c,0x5ff)+'SqlCo'+_0x1823f9(0x633,0x728)+_0x1823f9(0x62d,0x55e)+_0x1823f9(0x6b0,0x7d2)+'les\x20S'+_0x1823f9(0x602,0x639)+_0x2ad845(0x4a7,0x416)+_0x2ad845(0x5d6,0x557),_0x1489ef['langu'+_0x1823f9(0x538,0x628)]=[_0x1823f9(0x5e4,0x647)+'p'],_0x1489ef[_0x2ad845(0x4c5,0x589)+'rn']=/(?:SqlCommand|OleDbCommand|OdbcCommand|NpgsqlCommand)\s*\(\s*(?:["'][^"']*["']\s*\+|\$["']|string\.Format)/g,_0x1489ef['fix']=_0x2ad845(0x450,0x462)+_0x2ad845(0x692,0x6b7)+_0x1823f9(0x486,0x389)+'ed\x20qu'+_0x2ad845(0x668,0x791)+_0x2ad845(0x65b,0x74e)+_0x1823f9(0x5b1,0x665)+_0x1823f9(0x563,0x67c)+_0x1823f9(0x5bb,0x5ce)+_0x1823f9(0x5a1,0x5a6)+_0x1823f9(0x57c,0x53d)+_0x1823f9(0x600,0x615)+_0x1823f9(0x4f1,0x44c)+_0x1823f9(0x697,0x5ad);const _0x3b2750={};_0x3b2750['id']=_0x2ad845(0x5b0,0x55c)+'LI-00'+'2',_0x3b2750[_0x2ad845(0x53a,0x499)]=_0x1823f9(0x65b,0x61c)+'9',_0x3b2750[_0x1823f9(0x49a,0x497)+'ity']=_0x2ad845(0x4ca,0x3a5)+'cal',_0x3b2750[_0x2ad845(0x574,0x676)]=_0x1823f9(0x565,0x5d8)+_0x2ad845(0x47d,0x583)+_0x1823f9(0x472,0x3bf)+'\x20Stri'+_0x2ad845(0x59e,0x633)+'terpo'+_0x2ad845(0x60f,0x669)+_0x1823f9(0x56b,0x465)+_0x2ad845(0x636,0x71d)+_0x1823f9(0x58e,0x5c6)+_0x2ad845(0x47b,0x465),_0x3b2750[_0x2ad845(0x48b,0x4e3)+'iptio'+'n']=_0x2ad845(0x566,0x542)+_0x1823f9(0x696,0x5dd)+_0x1823f9(0x4ba,0x40c)+_0x2ad845(0x4ff,0x59d)+_0x1823f9(0x65d,0x63b)+_0x1823f9(0x518,0x617)+_0x2ad845(0x5a2,0x532)+'mSqlR'+_0x2ad845(0x564,0x692)+'or\x20Ex'+_0x2ad845(0x444,0x3cf)+_0x2ad845(0x4bc,0x4de)+_0x2ad845(0x5ee,0x6fa)+_0x1823f9(0x612,0x4f1)+_0x1823f9(0x5cb,0x61f)+_0x2ad845(0x57a,0x662)+'ction'+'.',_0x3b2750[_0x1823f9(0x55d,0x634)+_0x1823f9(0x538,0x5f6)]=[_0x1823f9(0x5e4,0x606)+'p'],_0x3b2750['patte'+'rn']=/(?:FromSqlRaw|ExecuteSqlRaw|ExecuteSqlCommand)\s*\(\s*\$["']/g,_0x3b2750[_0x1823f9(0x5fb,0x573)]='Use\x20F'+_0x1823f9(0x540,0x41d)+'lInte'+'rpola'+_0x2ad845(0x571,0x526)+_0x2ad845(0x470,0x42e)+_0x2ad845(0x51a,0x5e8)+'l()\x20w'+_0x1823f9(0x5f0,0x706)+'autom'+_0x2ad845(0x4e6,0x5ae)+_0x2ad845(0x501,0x4a7)+_0x2ad845(0x692,0x62d)+_0x2ad845(0x460,0x3cc)+'e.\x20Or'+'\x20use\x20'+_0x2ad845(0x471,0x351)+_0x1823f9(0x566,0x60d)+'\x20with'+_0x1823f9(0x5f2,0x5b2)+_0x2ad845(0x542,0x45c)+_0x1823f9(0x479,0x4ad)+_0x1823f9(0x4b2,0x468)+'.';const _0x12322f={};_0x12322f['id']='CS-XS'+_0x1823f9(0x49e,0x51b),_0x12322f[_0x2ad845(0x53a,0x4bf)]=_0x2ad845(0x597,0x5a5)+'9',_0x12322f['sever'+_0x1823f9(0x5e9,0x5b4)]=_0x2ad845(0x5db,0x5f5),_0x12322f['title']=_0x2ad845(0x4d4,0x46e)+'-Site'+_0x2ad845(0x5f6,0x519)+_0x1823f9(0x596,0x50b)+_0x2ad845(0x5ae,0x532)+'ml.Ra'+'w\x20wit'+_0x1823f9(0x4e6,0x3c9)+_0x2ad845(0x544,0x643)+'ut',_0x12322f[_0x2ad845(0x48b,0x3e7)+_0x2ad845(0x50f,0x597)+'n']=_0x1823f9(0x589,0x63d)+_0x2ad845(0x448,0x386)+'\x20outp'+'uts\x20u'+'nesca'+_0x1823f9(0x4e5,0x3cd)+'TML.\x20'+_0x2ad845(0x4ea,0x449)+_0x2ad845(0x5de,0x4f4)+_0x2ad845(0x509,0x628)+_0x1823f9(0x52d,0x432)+_0x2ad845(0x5c2,0x595)+_0x2ad845(0x4c6,0x40d)+_0x1823f9(0x69f,0x625)+_0x1823f9(0x580,0x4e5)+'S.',_0x12322f[_0x1823f9(0x55d,0x563)+_0x1823f9(0x538,0x46b)]=[_0x2ad845(0x5be,0x611)+'p'],_0x12322f[_0x1823f9(0x4eb,0x45c)+'rn']=/Html\.Raw\s*\(\s*(?:Model|ViewBag|ViewData|TempData|Request)/g,_0x12322f[_0x1823f9(0x5fb,0x6ee)]=_0x1823f9(0x6ba,0x5db)+_0x1823f9(0x621,0x54b)+_0x2ad845(0x526,0x588)+_0x2ad845(0x633,0x605)+_0x2ad845(0x4af,0x4cd)+_0x1823f9(0x69c,0x69e)+_0x1823f9(0x5e7,0x69e)+_0x1823f9(0x577,0x45d)+'roper'+'ty)\x20i'+_0x1823f9(0x66a,0x5a8)+_0x1823f9(0x51f,0x4aa)+_0x2ad845(0x563,0x5be)+_0x1823f9(0x46e,0x40c)+_0x2ad845(0x49e,0x4ce)+_0x1823f9(0x507,0x45f)+'\x20HTML'+'\x20if\x20r'+_0x1823f9(0x52a,0x5a6)+_0x1823f9(0x5cc,0x578)+_0x1823f9(0x480,0x366)+_0x1823f9(0x522,0x549);const _0x836cba={};_0x836cba['id']='CS-CM'+_0x2ad845(0x4f7,0x4b1)+'1',_0x836cba['cwe']=_0x1823f9(0x5bd,0x67f)+'8',_0x836cba[_0x1823f9(0x49a,0x3c3)+_0x1823f9(0x5e9,0x54d)]=_0x1823f9(0x4f0,0x5fa)+_0x1823f9(0x484,0x47b),_0x836cba[_0x2ad845(0x574,0x57c)]=_0x2ad845(0x4c2,0x448)+_0x2ad845(0x483,0x532)+_0x1823f9(0x4cd,0x46c)+_0x2ad845(0x5ff,0x6a4)+_0x2ad845(0x515,0x51c)+'ss.St'+_0x1823f9(0x69e,0x7ca)+_0x1823f9(0x64d,0x5f8)+_0x1823f9(0x61a,0x6e0)+'nput',_0x836cba[_0x2ad845(0x48b,0x510)+'iptio'+'n']=_0x1823f9(0x48d,0x4ad)+_0x2ad845(0x442,0x49b)+_0x1823f9(0x509,0x623)+_0x2ad845(0x588,0x635)+_0x1823f9(0x64d,0x5c8)+_0x2ad845(0x49f,0x556)+'ontro'+_0x1823f9(0x631,0x710)+_0x2ad845(0x5ba,0x53f)+_0x1823f9(0x645,0x5e7)+_0x2ad845(0x56f,0x581)+_0x1823f9(0x58d,0x4f4)+'es\x20en'+_0x1823f9(0x668,0x6a3)+_0x2ad845(0x50e,0x5a1)+_0x2ad845(0x47e,0x44d)+_0x1823f9(0x4a3,0x5b0)+_0x2ad845(0x690,0x64c),_0x836cba[_0x2ad845(0x537,0x474)+_0x2ad845(0x512,0x441)]=[_0x2ad845(0x5be,0x64b)+'p'],_0x836cba[_0x1823f9(0x4eb,0x3c0)+'rn']=/Process\.Start\s*\(\s*(?:new\s+ProcessStartInfo\s*\(\s*)?(?:\$["']|.*\+\s*(?:Request|input|user|param))/g,_0x836cba[_0x2ad845(0x5d5,0x68d)]=_0x2ad845(0x5fd,0x598)+_0x1823f9(0x51e,0x444)+_0x2ad845(0x465,0x3b6)+'iteli'+_0x1823f9(0x5b8,0x4b0)+_0x1823f9(0x4f3,0x59a)+_0x1823f9(0x534,0x493)+_0x2ad845(0x68b,0x5af)+_0x1823f9(0x669,0x6b4)+'Proce'+_0x1823f9(0x622,0x6f0)+_0x1823f9(0x689,0x65e)+_0x1823f9(0x4f2,0x40d)+_0x1823f9(0x5ed,0x5d9)+'Shell'+'Execu'+_0x1823f9(0x643,0x5b6)+_0x1823f9(0x4ac,0x4ae)+'\x20and\x20'+_0x2ad845(0x4f0,0x4b5)+'ate\x20A'+_0x2ad845(0x66c,0x6e5)+_0x2ad845(0x48d,0x447);const _0x3a4c44={};_0x3a4c44['id']=_0x1823f9(0x5df,0x60b)+_0x2ad845(0x4ae,0x5b9)+'1',_0x3a4c44['cwe']=_0x1823f9(0x519,0x58b)+'2',_0x3a4c44[_0x1823f9(0x49a,0x491)+'ity']='high',_0x3a4c44[_0x1823f9(0x59a,0x532)]=_0x2ad845(0x56b,0x65f)+'Trave'+_0x2ad845(0x4e8,0x3be)+_0x1823f9(0x53c,0x598)+'r\x20inp'+_0x2ad845(0x4fa,0x5bc)+'\x20file'+_0x1823f9(0x683,0x60f),_0x3a4c44[_0x2ad845(0x48b,0x555)+_0x1823f9(0x535,0x411)+'n']=_0x2ad845(0x4ea,0x3e2)+_0x1823f9(0x604,0x696)+_0x2ad845(0x58d,0x6b6)+_0x2ad845(0x655,0x713)+_0x1823f9(0x641,0x540)+'witho'+'ut\x20sa'+_0x1823f9(0x550,0x426)+_0x1823f9(0x525,0x590)+_0x1823f9(0x672,0x74f)+_0x1823f9(0x6a9,0x57d)+_0x2ad845(0x5ea,0x58d)+_0x2ad845(0x464,0x535)+_0x2ad845(0x511,0x5a3)+'rbitr'+_0x1823f9(0x466,0x3c7)+_0x1823f9(0x5f5,0x5b7),_0x3a4c44[_0x2ad845(0x537,0x52b)+_0x2ad845(0x512,0x614)]=[_0x1823f9(0x5e4,0x626)+'p'],_0x3a4c44[_0x1823f9(0x4eb,0x491)+'rn']=/(?:File\.(?:ReadAllText|ReadAllBytes|WriteAllText|WriteAllBytes|Open|Delete|Exists|Copy|Move)|StreamReader|StreamWriter|FileStream)\s*\(\s*(?:Request|input|param|user|\$["'])/g,_0x3a4c44['fix']=_0x1823f9(0x64a,0x54d)+_0x1823f9(0x61f,0x629)+_0x1823f9(0x543,0x590)+_0x1823f9(0x5d1,0x57a)+_0x1823f9(0x5d7,0x6d4)+_0x1823f9(0x5ab,0x610)+'ify\x20t'+_0x1823f9(0x50b,0x537)+_0x1823f9(0x58f,0x47e)+_0x2ad845(0x576,0x44a)+_0x1823f9(0x61e,0x5a7)+_0x1823f9(0x5d5,0x665)+_0x1823f9(0x6a2,0x75d)+_0x2ad845(0x5df,0x6fe)+'se\x20di'+'recto'+_0x2ad845(0x612,0x569);const _0x37fb0b={};_0x37fb0b['id']=_0x1823f9(0x48e,0x48b)+'E-001',_0x37fb0b['cwe']=_0x1823f9(0x630,0x6b8)+'11',_0x37fb0b[_0x2ad845(0x474,0x518)+_0x2ad845(0x5c3,0x66a)]='criti'+_0x2ad845(0x45e,0x434),_0x37fb0b[_0x2ad845(0x574,0x583)]=_0x2ad845(0x5c4,0x582)+_0x1823f9(0x5f7,0x65c)+'al\x20En'+_0x2ad845(0x4be,0x556)+_0x1823f9(0x53d,0x640)+'\x20—\x20Un'+_0x1823f9(0x62a,0x6da)+_0x1823f9(0x51c,0x591)+_0x1823f9(0x490,0x42e)+_0x2ad845(0x4ee,0x5be)+_0x2ad845(0x5fa,0x537)+'t',_0x37fb0b['descr'+_0x2ad845(0x50f,0x57e)+'n']=_0x1823f9(0x514,0x495)+_0x1823f9(0x620,0x6a9)+_0x2ad845(0x51e,0x5c1)+_0x1823f9(0x64b,0x611)+'extRe'+_0x1823f9(0x6af,0x6b3)+_0x1823f9(0x61e,0x5f4)+_0x2ad845(0x667,0x763)+_0x1823f9(0x509,0x450)+'sing\x20'+_0x2ad845(0x679,0x792)+_0x2ad845(0x5eb,0x61a)+_0x2ad845(0x580,0x68a)+_0x2ad845(0x645,0x5f5)+_0x1823f9(0x506,0x5c7)+_0x1823f9(0x5f4,0x580)+_0x2ad845(0x46b,0x362)+_0x2ad845(0x5f2,0x612),_0x37fb0b[_0x2ad845(0x537,0x454)+_0x1823f9(0x538,0x4e3)]=[_0x1823f9(0x5e4,0x61c)+'p'],_0x37fb0b['patte'+'rn']=/(?:XmlDocument|XmlTextReader)\s*(?:\(\)|\.)/g,_0x37fb0b[_0x2ad845(0x5d5,0x4da)]=_0x2ad845(0x54a,0x654)+_0x2ad845(0x62e,0x58f)+'der.C'+'reate'+_0x1823f9(0x4d2,0x40c)+'th\x20Xm'+_0x2ad845(0x49a,0x4c8)+_0x2ad845(0x54c,0x56c)+_0x1823f9(0x69a,0x797)+'\x20{\x20Dt'+_0x2ad845(0x43a,0x3a5)+'essin'+_0x1823f9(0x545,0x5d0)+_0x2ad845(0x503,0x406)+_0x2ad845(0x653,0x6bf)+'ng.Pr'+_0x2ad845(0x65c,0x59f)+_0x2ad845(0x5b7,0x56b);const _0x42ece7={};_0x42ece7['id']=_0x2ad845(0x531,0x57d)+_0x2ad845(0x4fb,0x516)+'01',_0x42ece7[_0x2ad845(0x53a,0x64a)]=_0x2ad845(0x598,0x53f)+'02',_0x42ece7[_0x1823f9(0x49a,0x56f)+_0x2ad845(0x5c3,0x63b)]=_0x2ad845(0x4ca,0x573)+_0x2ad845(0x45e,0x3d0),_0x42ece7[_0x2ad845(0x574,0x604)]=_0x1823f9(0x52c,0x5e1)+'ure\x20D'+_0x1823f9(0x47f,0x456)+_0x1823f9(0x5da,0x65c)+'tion\x20'+'—\x20Bin'+_0x2ad845(0x469,0x4cc)+_0x2ad845(0x492,0x5ab)+'er',_0x42ece7['descr'+_0x1823f9(0x535,0x62e)+'n']=_0x1823f9(0x617,0x598)+_0x1823f9(0x4e0,0x3e6)+_0x2ad845(0x582,0x487)+_0x1823f9(0x556,0x561)+_0x2ad845(0x5b3,0x62d)+'ous\x20a'+_0x1823f9(0x5e2,0x64d)+_0x2ad845(0x456,0x4cc)+'lly\x20d'+_0x2ad845(0x628,0x741)+_0x1823f9(0x528,0x468)+_0x2ad845(0x584,0x480)+_0x2ad845(0x52e,0x590)+_0x2ad845(0x60e,0x722)+_0x1823f9(0x4a8,0x445)+_0x2ad845(0x53e,0x5af)+'ute\x20a'+_0x2ad845(0x553,0x444)+_0x2ad845(0x63d,0x6a7)+_0x2ad845(0x5cb,0x6a5),_0x42ece7[_0x1823f9(0x55d,0x658)+'ages']=[_0x2ad845(0x5be,0x5af)+'p'],_0x42ece7[_0x1823f9(0x4eb,0x4f1)+'rn']=/BinaryFormatter\s*\(\s*\)|\.Deserialize\s*\(/g,_0x42ece7['fix']='Use\x20S'+_0x1823f9(0x4ee,0x51b)+_0x1823f9(0x469,0x3d3)+_0x2ad845(0x50b,0x62e)+_0x1823f9(0x52b,0x478)+_0x1823f9(0x608,0x5f4)+'soft.'+_0x2ad845(0x615,0x725)+'\x20Bina'+'ryFor'+_0x2ad845(0x618,0x62a)+_0x2ad845(0x649,0x5e0)+_0x2ad845(0x66e,0x5f9)+_0x1823f9(0x588,0x4a4)+_0x2ad845(0x4a5,0x3eb)+'shoul'+_0x2ad845(0x477,0x56b)+_0x2ad845(0x4b3,0x4bf)+'\x20used'+'.';const _0x178fa6={};_0x178fa6['id']=_0x2ad845(0x531,0x4f4)+_0x2ad845(0x4fb,0x58e)+'02',_0x178fa6[_0x2ad845(0x53a,0x414)]=_0x1823f9(0x5be,0x5a4)+'02',_0x178fa6['sever'+'ity']=_0x2ad845(0x4ca,0x5f2)+'cal',_0x178fa6[_0x2ad845(0x574,0x52a)]='Insec'+_0x2ad845(0x68e,0x59d)+'eseri'+_0x2ad845(0x5b4,0x53f)+'tion\x20'+_0x2ad845(0x454,0x3fd)+_0x1823f9(0x598,0x523)+'ptSer'+_0x2ad845(0x5ed,0x6d4)+_0x1823f9(0x5a5,0x576)+_0x1823f9(0x57a,0x47d)+'atter',_0x178fa6[_0x1823f9(0x4b1,0x4ad)+_0x1823f9(0x535,0x580)+'n']=_0x2ad845(0x48a,0x52a)+'cript'+'Seria'+'lizer'+_0x2ad845(0x49d,0x3bd)+_0x2ad845(0x525,0x534)+'\x20Reso'+_0x1823f9(0x626,0x6f2)+_0x1823f9(0x4cb,0x4f9)+_0x1823f9(0x46d,0x524)+'rmatt'+_0x2ad845(0x581,0x512)+_0x1823f9(0x5a6,0x56b)+'nerab'+_0x2ad845(0x4e0,0x5ff)+_0x1823f9(0x584,0x5c4)+_0x2ad845(0x480,0x486)+_0x2ad845(0x459,0x574)+'aliza'+_0x2ad845(0x601,0x620),_0x178fa6[_0x2ad845(0x537,0x627)+'ages']=[_0x1823f9(0x5e4,0x4e1)+'p'],_0x178fa6[_0x1823f9(0x4eb,0x490)+'rn']=/(?:JavaScriptSerializer|LosFormatter|ObjectStateFormatter|SoapFormatter|NetDataContractSerializer)\s*\(/g,_0x178fa6['fix']=_0x1823f9(0x658,0x568)+_0x1823f9(0x4ee,0x427)+_0x1823f9(0x469,0x562)+'.Json'+_0x2ad845(0x49d,0x597)+'\x20stri'+_0x1823f9(0x471,0x390)+_0x2ad845(0x52d,0x463)+_0x2ad845(0x5d7,0x677)+_0x1823f9(0x4e1,0x59e)+_0x1823f9(0x50f,0x526)+_0x2ad845(0x681,0x5ef)+_0x2ad845(0x43f,0x531)+'alize'+_0x1823f9(0x54a,0x56b);const _0x506a73={};_0x506a73['id']='CS-CR'+_0x2ad845(0x521,0x43d)+_0x1823f9(0x5a2,0x481),_0x506a73['cwe']=_0x1823f9(0x644,0x76d)+'27',_0x506a73[_0x2ad845(0x474,0x36f)+_0x2ad845(0x5c3,0x6a2)]=_0x1823f9(0x601,0x5ce),_0x506a73[_0x1823f9(0x59a,0x4e8)]=_0x1823f9(0x5c0,0x4e2)+_0x1823f9(0x4c9,0x5e7)+'ograp'+_0x2ad845(0x64f,0x60f)+'MD5\x20o'+'r\x20SHA'+'1',_0x506a73[_0x2ad845(0x48b,0x4a2)+_0x1823f9(0x535,0x653)+'n']=_0x2ad845(0x67f,0x5d4)+_0x1823f9(0x5ff,0x66a)+_0x1823f9(0x60d,0x576)+'e\x20cry'+'ptogr'+_0x1823f9(0x695,0x640)+_0x1823f9(0x674,0x747)+_0x2ad845(0x621,0x638)+'n.',_0x506a73[_0x1823f9(0x55d,0x668)+_0x1823f9(0x538,0x47c)]=[_0x2ad845(0x5be,0x535)+'p'];function _0x53af(_0x4c10d3,_0x15bc1c){_0x4c10d3=_0x4c10d3-(0x897*-0x2+-0x191e+0x2bb5);const _0x4197c5=_0x5aef();let _0x2ba34e=_0x4197c5[_0x4c10d3];if(_0x53af['tonEap']===undefined){var _0x592e82=function(_0x1334a2){const _0x5e5c38='abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789+/=';let _0x5269a2='',_0x4ab4ac='';for(let _0x5012ff=0x11e0*-0x1+-0xc3f+-0x2bd*-0xb,_0x36fd26,_0x313138,_0x55a9bc=0x2e*-0xb4+0x8b1+-0x5*-0x4bb;_0x313138=_0x1334a2['charAt'](_0x55a9bc++);~_0x313138&&(_0x36fd26=_0x5012ff%(-0x1c67+0xcd4+0xd*0x133)?_0x36fd26*(0x2*0xfed+-0x2471+0x3b*0x15)+_0x313138:_0x313138,_0x5012ff++%(-0x25f2+-0x9f+0x2695))?_0x5269a2+=String['fromCharCode'](0x1aa7*-0x1+0x134e+0x858&_0x36fd26>>(-(-0x6f4+-0x2572+0xcb*0x38)*_0x5012ff&0x1894+-0x573*0x7+0xd97)):-0x1cee+0x1201*-0x1+0x2eef){_0x313138=_0x5e5c38['indexOf'](_0x313138);}for(let _0x3a1cad=0x5*-0x1+0x193*0xd+0x2*-0xa39,_0x4ea0e7=_0x5269a2['length'];_0x3a1cad<_0x4ea0e7;_0x3a1cad++){_0x4ab4ac+='%'+('00'+_0x5269a2['charCodeAt'](_0x3a1cad)['toString'](0x1*0x23bb+-0x1b1a+-0x891))['slice'](-(0x34*0x53+-0xb52+-0xc*0x76));}return decodeURIComponent(_0x4ab4ac);};_0x53af['yVshio']=_0x592e82,_0x53af['vJlTbl']={},_0x53af['tonEap']=!![];}const _0x944a90=_0x4197c5[0x269*0x7+-0x240a+-0x7*-0x2bd],_0x301a73=_0x4c10d3+_0x944a90,_0x368c3f=_0x53af['vJlTbl'][_0x301a73];return!_0x368c3f?(_0x2ba34e=_0x53af['yVshio'](_0x2ba34e),_0x53af['vJlTbl'][_0x301a73]=_0x2ba34e):_0x2ba34e=_0x368c3f,_0x2ba34e;}function _0x1823f9(_0x3aea89,_0x5cf306){const _0x6f1a66={_0x24afae:0x2f6};return _0x53af(_0x3aea89-_0x6f1a66._0x24afae,_0x5cf306);}_0x506a73[_0x1823f9(0x4eb,0x49c)+'rn']=/(?:MD5|SHA1)\.Create\s*\(\s*\)/g,_0x506a73[_0x2ad845(0x5d5,0x58d)]='Use\x20S'+_0x2ad845(0x500,0x5fd)+_0x1823f9(0x55e,0x613)+_0x2ad845(0x45c,0x496)+_0x2ad845(0x4ad,0x3af)+_0x2ad845(0x56e,0x50c)+_0x1823f9(0x4b5,0x491)+_0x2ad845(0x686,0x5ff)+_0x2ad845(0x49c,0x377)+'asswo'+_0x2ad845(0x498,0x3b2)+_0x1823f9(0x475,0x545)+_0x1823f9(0x4c6,0x539)+_0x1823f9(0x680,0x5ff)+'veByt'+'es\x20(P'+'BKDF2'+_0x1823f9(0x4e7,0x495)+_0x1823f9(0x5c7,0x5aa)+'t.';const _0x247cc9={};_0x247cc9['id']='CS-CR'+_0x1823f9(0x547,0x5b7)+_0x2ad845(0x608,0x5cb),_0x247cc9[_0x2ad845(0x53a,0x64e)]=_0x1823f9(0x644,0x740)+'27',_0x247cc9[_0x2ad845(0x474,0x3ac)+_0x1823f9(0x5e9,0x5fb)]=_0x2ad845(0x4ca,0x3ef)+_0x2ad845(0x45e,0x34a),_0x247cc9[_0x2ad845(0x574,0x5c5)]=_0x2ad845(0x59a,0x6a0)+'Crypt'+_0x2ad845(0x62a,0x538)+'hy\x20—\x20'+_0x1823f9(0x673,0x59e)+_0x1823f9(0x542,0x4ee)+'pleDE'+'S',_0x247cc9[_0x2ad845(0x48b,0x58c)+'iptio'+'n']=_0x1823f9(0x5c3,0x522)+_0x2ad845(0x666,0x6c8)+_0x2ad845(0x50d,0x629)+_0x1823f9(0x5ce,0x53c)+_0x2ad845(0x620,0x53c)+'recat'+_0x1823f9(0x60e,0x53b)+_0x1823f9(0x603,0x53a)+_0x1823f9(0x5f6,0x60e)+_0x1823f9(0x488,0x3b8)+_0x1823f9(0x53e,0x499)+_0x2ad845(0x555,0x4af),_0x247cc9[_0x2ad845(0x537,0x609)+_0x2ad845(0x512,0x492)]=[_0x2ad845(0x5be,0x5a8)+'p'],_0x247cc9['patte'+'rn']=/(?:DES|TripleDES|DESCryptoServiceProvider|TripleDESCryptoServiceProvider)\.Create\s*\(\s*\)/g,_0x247cc9['fix']=_0x2ad845(0x549,0x4b1)+_0x1823f9(0x49b,0x3cc)+'eate('+_0x2ad845(0x589,0x4e2)+'h\x20GCM'+'\x20mode'+'.';const _0xd06666={};_0xd06666['id']='CS-CR'+_0x2ad845(0x521,0x428)+'003',_0xd06666[_0x2ad845(0x53a,0x65d)]=_0x2ad845(0x61e,0x74c)+'27',_0xd06666['sever'+_0x2ad845(0x5c3,0x636)]=_0x2ad845(0x5db,0x694),_0xd06666[_0x2ad845(0x574,0x569)]=_0x2ad845(0x59a,0x548)+_0x1823f9(0x4c9,0x545)+'ograp'+_0x1823f9(0x675,0x605)+_0x1823f9(0x47b,0x4c0)+_0x1823f9(0x581,0x4ed),_0xd06666[_0x2ad845(0x48b,0x499)+_0x2ad845(0x50f,0x48b)+'n']=_0x1823f9(0x467,0x4ff)+_0x2ad845(0x4db,0x512)+_0x1823f9(0x50a,0x4a4)+_0x1823f9(0x53f,0x615)+'entic'+'al\x20bl'+_0x1823f9(0x6a3,0x683)+'ident'+_0x1823f9(0x4d1,0x551)+_0x1823f9(0x4ea,0x4bc)+_0x1823f9(0x573,0x602)+_0x2ad845(0x687,0x6ed)+_0x1823f9(0x651,0x667)+'s.',_0xd06666[_0x2ad845(0x537,0x50c)+_0x2ad845(0x512,0x593)]=['cshar'+'p'],_0xd06666[_0x2ad845(0x4c5,0x474)+'rn']=/CipherMode\.ECB/g,_0xd06666['fix']=_0x2ad845(0x487,0x3e3)+_0x2ad845(0x609,0x597)+_0x2ad845(0x684,0x662)+_0x2ad845(0x5e1,0x647)+_0x2ad845(0x527,0x531)+_0x1823f9(0x494,0x47f)+_0x1823f9(0x60a,0x6fa)+_0x2ad845(0x658,0x676)+_0x1823f9(0x50a,0x460)+_0x1823f9(0x627,0x5cd);const _0x3f5831={};_0x3f5831['id']=_0x1823f9(0x655,0x5b7)+'ND-00'+'1',_0x3f5831[_0x1823f9(0x560,0x578)]='CWE-3'+'38',_0x3f5831[_0x2ad845(0x474,0x4ce)+_0x1823f9(0x5e9,0x623)]=_0x1823f9(0x601,0x5c7),_0x3f5831[_0x2ad845(0x574,0x457)]=_0x2ad845(0x506,0x4ad)+_0x1823f9(0x4bf,0x59f)+_0x1823f9(0x69d,0x574)+_0x2ad845(0x5d4,0x641)+_0x2ad845(0x5a3,0x6a9)+_0x2ad845(0x646,0x5a9)+_0x1823f9(0x59e,0x578)+_0x2ad845(0x4a2,0x5c6)+_0x2ad845(0x662,0x6fb),_0x3f5831[_0x1823f9(0x4b1,0x543)+'iptio'+'n']=_0x1823f9(0x46f,0x59a)+_0x1823f9(0x5fe,0x633)+_0x2ad845(0x47a,0x580)+_0x1823f9(0x4e9,0x50c)+_0x2ad845(0x61c,0x56d)+'ble\x20a'+_0x2ad845(0x44a,0x375)+_0x1823f9(0x5c6,0x6ee)+_0x2ad845(0x68c,0x711)+_0x1823f9(0x548,0x563)+'for\x20t'+_0x1823f9(0x5bf,0x60f)+_0x1823f9(0x699,0x5ae)+_0x2ad845(0x46d,0x488)+_0x1823f9(0x4c8,0x54b)+_0x1823f9(0x6a0,0x5ba)+_0x1823f9(0x4d0,0x491)+_0x2ad845(0x4d2,0x4e2),_0x3f5831[_0x2ad845(0x537,0x4b0)+_0x2ad845(0x512,0x5b8)]=[_0x2ad845(0x5be,0x697)+'p'],_0x3f5831[_0x2ad845(0x4c5,0x3c7)+'rn']=/new\s+Random\s*\(\s*\)/g,_0x3f5831[_0x2ad845(0x5d5,0x602)]=_0x1823f9(0x658,0x5f8)+_0x1823f9(0x4ee,0x5ac)+_0x2ad845(0x534,0x649)+'rity.'+_0x1823f9(0x4c9,0x597)+_0x1823f9(0x650,0x605)+_0x1823f9(0x5ef,0x66a)+_0x1823f9(0x599,0x502)+_0x1823f9(0x5a3,0x5cc)+_0x1823f9(0x66d,0x604)+_0x1823f9(0x68f,0x74c)+_0x1823f9(0x660,0x5b3)+'tes()'+_0x2ad845(0x5e4,0x6bf)+_0x1823f9(0x52e,0x444)+_0x1823f9(0x5eb,0x63a)+_0x2ad845(0x614,0x710)+_0x2ad845(0x66b,0x617)+_0x1823f9(0x69d,0x587)+'.';const _0x1ef2bb={};_0x1ef2bb['id']=_0x2ad845(0x463,0x546)+_0x2ad845(0x478,0x462),_0x1ef2bb[_0x2ad845(0x53a,0x558)]=_0x1823f9(0x519,0x595)+'95',_0x1ef2bb[_0x1823f9(0x49a,0x463)+_0x2ad845(0x5c3,0x52a)]=_0x1823f9(0x4f0,0x5ca)+_0x2ad845(0x45e,0x38c),_0x1ef2bb['title']=_0x2ad845(0x650,0x617)+_0x1823f9(0x4bc,0x3f4)+_0x1823f9(0x662,0x658)+'rtifi'+'cate\x20'+_0x1823f9(0x4ab,0x3fe)+_0x1823f9(0x4a5,0x42d)+'on',_0x1ef2bb['descr'+_0x1823f9(0x535,0x652)+'n']=_0x1823f9(0x571,0x61d)+_0x2ad845(0x44e,0x3d3)+_0x1823f9(0x515,0x598)+'teVal'+_0x1823f9(0x473,0x407)+'onCal'+'lback'+_0x1823f9(0x5f8,0x534)+_0x2ad845(0x579,0x68f)+_0x1823f9(0x664,0x610)+_0x2ad845(0x552,0x582)+_0x1823f9(0x505,0x4ae)+_0x1823f9(0x68a,0x651)+_0x1823f9(0x483,0x399)+_0x1823f9(0x4ca,0x4ae)+_0x1823f9(0x559,0x652)+_0x1823f9(0x487,0x47c)+'ion.',_0x1ef2bb[_0x1823f9(0x55d,0x598)+_0x2ad845(0x512,0x61d)]=[_0x1823f9(0x5e4,0x4d1)+'p'],_0x1ef2bb['patte'+'rn']=/ServerCertificateValidationCallback\s*=\s*(?:\(\s*[^)]*\)\s*=>\s*true|delegate\s*\{[^}]*return\s+true)/g,_0x1ef2bb[_0x1823f9(0x5fb,0x6b4)]='Remov'+'e\x20cus'+_0x2ad845(0x446,0x4e5)+'allba'+_0x1823f9(0x5e3,0x6bd)+'\x20impl'+'ement'+_0x1823f9(0x656,0x58a)+_0x2ad845(0x5f3,0x57d)+_0x2ad845(0x4f1,0x41e)+_0x1823f9(0x649,0x578)+_0x1823f9(0x558,0x4c6)+_0x2ad845(0x4ff,0x45f)+'.';const _0x159771={};_0x159771['id']=_0x2ad845(0x602,0x61a)+'AP-00'+'1',_0x159771[_0x1823f9(0x560,0x605)]=_0x2ad845(0x641,0x6e1)+'0',_0x159771[_0x1823f9(0x49a,0x53d)+'ity']='criti'+_0x1823f9(0x484,0x4f0),_0x159771[_0x1823f9(0x59a,0x5d9)]=_0x2ad845(0x66d,0x589)+_0x1823f9(0x49f,0x511)+'tion\x20'+_0x1823f9(0x5ec,0x4c3)+_0x2ad845(0x5bf,0x680)+_0x2ad845(0x49b,0x37a)+'nput\x20'+_0x2ad845(0x4f5,0x512)+'AP\x20qu'+_0x1823f9(0x511,0x514),_0x159771[_0x2ad845(0x48b,0x461)+_0x1823f9(0x535,0x407)+'n']=_0x2ad845(0x4ea,0x42b)+_0x1823f9(0x604,0x715)+_0x2ad845(0x652,0x5ba)+_0x1823f9(0x524,0x440)+_0x1823f9(0x4d8,0x5ad)+_0x1823f9(0x502,0x50f)+'hout\x20'+_0x1823f9(0x5ee,0x701)+_0x2ad845(0x490,0x4b9)+'on\x20en'+'ables'+_0x1823f9(0x69b,0x6dd)+_0x1823f9(0x5a0,0x49f)+_0x1823f9(0x583,0x5eb)+'.',_0x159771[_0x2ad845(0x537,0x447)+_0x2ad845(0x512,0x4db)]=['cshar'+'p'],_0x159771[_0x1823f9(0x4eb,0x4fc)+'rn']=/(?:DirectorySearcher|SearchRequest)[\s\S]*?Filter\s*=\s*(?:\$["']|.*\+\s*(?:Request|input|user|param))/g,_0x159771[_0x1823f9(0x5fb,0x5d7)]='Escap'+_0x1823f9(0x47e,0x44f)+_0x2ad845(0x47c,0x3d1)+_0x2ad845(0x66d,0x71e)+_0x2ad845(0x603,0x5e7)+_0x1823f9(0x5d2,0x4e5)+_0x1823f9(0x5b7,0x5d7)+'se\x20pa'+'ramet'+'erize'+_0x1823f9(0x624,0x640)+_0x2ad845(0x606,0x707)+_0x2ad845(0x51b,0x486);const _0x417f27={};_0x417f27['id']=_0x2ad845(0x547,0x5d3)+'RS-00'+'1',_0x417f27[_0x1823f9(0x560,0x45f)]='CWE-9'+'42',_0x417f27[_0x1823f9(0x49a,0x36b)+_0x1823f9(0x5e9,0x645)]=_0x1823f9(0x601,0x72c),_0x417f27['title']=_0x2ad845(0x4b4,0x4ff)+_0x1823f9(0x582,0x5ca)+_0x2ad845(0x61a,0x615)+'ratio'+_0x2ad845(0x57e,0x5cd)+_0x2ad845(0x5ad,0x69d)+_0x2ad845(0x5e5,0x51a)+_0x1823f9(0x6a1,0x6ff)+'ith\x20C'+_0x1823f9(0x561,0x567)+'tials',_0x417f27[_0x1823f9(0x4b1,0x3b9)+_0x2ad845(0x50f,0x4c9)+'n']=_0x1823f9(0x63d,0x6c8)+_0x2ad845(0x511,0x5ae)+_0x1823f9(0x4b7,0x4c2)+_0x2ad845(0x445,0x38a)+_0x2ad845(0x5f8,0x540)+_0x2ad845(0x58c,0x48a)+_0x1823f9(0x5b0,0x524)+_0x2ad845(0x43e,0x3c6)+'oses\x20'+'the\x20A'+'PI\x20to'+'\x20cros'+_0x2ad845(0x648,0x6e0)+'gin\x20a'+_0x2ad845(0x56d,0x66e)+'s.',_0x417f27['langu'+_0x2ad845(0x512,0x52c)]=[_0x1823f9(0x5e4,0x561)+'p'],_0x417f27[_0x2ad845(0x4c5,0x548)+'rn']=/AllowAnyOrigin\s*\(\s*\)[\s\S]*?AllowCredentials\s*\(\s*\)/g,_0x417f27[_0x1823f9(0x5fb,0x700)]=_0x2ad845(0x5b5,0x609)+_0x2ad845(0x5d3,0x6b0)+_0x2ad845(0x4cd,0x5c3)+_0x1823f9(0x4f9,0x45d)+_0x2ad845(0x575,0x567)+'WithO'+_0x1823f9(0x685,0x6ba)+_0x1823f9(0x45f,0x497)+_0x1823f9(0x574,0x54b)+_0x2ad845(0x4d9,0x4b6)+_0x2ad845(0x4d8,0x5a9)+_0x2ad845(0x55f,0x5ac)+_0x2ad845(0x510,0x533)+_0x1823f9(0x5ba,0x599)+_0x2ad845(0x559,0x4bd)+_0x1823f9(0x4b9,0x433)+_0x2ad845(0x65f,0x712)+'().';const _0x45d9fd={};_0x45d9fd['id']=_0x2ad845(0x541,0x43a)+_0x1823f9(0x523,0x518)+'1',_0x45d9fd['cwe']='CWE-9'+'15',_0x45d9fd[_0x1823f9(0x49a,0x55f)+_0x1823f9(0x5e9,0x4ed)]=_0x1823f9(0x601,0x6a6),_0x45d9fd[_0x1823f9(0x59a,0x51e)]=_0x1823f9(0x665,0x790)+_0x2ad845(0x557,0x586)+_0x1823f9(0x58b,0x5dd)+_0x1823f9(0x4c7,0x4f6)+_0x2ad845(0x4a8,0x52d)+_0x1823f9(0x648,0x6e0)+_0x1823f9(0x5cd,0x65d)+_0x2ad845(0x64a,0x60f)+_0x2ad845(0x4be,0x3af)+_0x2ad845(0x68f,0x66d),_0x45d9fd[_0x1823f9(0x4b1,0x3b1)+_0x2ad845(0x50f,0x61c)+'n']=_0x2ad845(0x46f,0x3d5)+'ng\x20re'+_0x2ad845(0x466,0x3b3)+_0x2ad845(0x535,0x554)+_0x2ad845(0x622,0x67a)+_0x2ad845(0x5a7,0x510)+_0x1823f9(0x4ef,0x3cc)+_0x2ad845(0x43b,0x379)+_0x2ad845(0x4bd,0x429)+_0x2ad845(0x4ed,0x47d)+'\x20allo'+_0x2ad845(0x651,0x5da)+'erwri'+_0x2ad845(0x66a,0x70e)+_0x2ad845(0x4b0,0x5a7)+'tive\x20'+_0x1823f9(0x462,0x450)+_0x2ad845(0x56c,0x51e)+'le,\x20i'+_0x1823f9(0x49c,0x563)+'n).',_0x45d9fd[_0x1823f9(0x55d,0x4d9)+'ages']=[_0x1823f9(0x5e4,0x57b)+'p'],_0x45d9fd['patte'+'rn']=/\[HttpPost\][\s\S]*?public\s+(?:async\s+)?(?:Task<)?(?:IActionResult|ActionResult)[\s\S]*?\(\s*(?:\[FromBody\]\s*)?(?:User|Account|Employee|Order|Product)\s+/g,_0x45d9fd[_0x2ad845(0x5d5,0x6b9)]='Use\x20D'+_0x2ad845(0x631,0x6ac)+_0x1823f9(0x60f,0x4e1)+_0x1823f9(0x63c,0x746)+_0x2ad845(0x5a4,0x4e1)+_0x1823f9(0x539,0x531)+'g.\x20Ma'+_0x2ad845(0x45f,0x3a1)+_0x2ad845(0x514,0x4af)+_0x1823f9(0x4f7,0x493)+_0x2ad845(0x613,0x542)+_0x1823f9(0x4cc,0x4cd)+_0x2ad845(0x451,0x483)+'utoMa'+_0x2ad845(0x4a9,0x474)+_0x1823f9(0x5e6,0x538)+_0x2ad845(0x4e2,0x4fc)+_0x2ad845(0x489,0x515)+_0x2ad845(0x586,0x5ea)+_0x1823f9(0x615,0x69f)+_0x2ad845(0x629,0x532);const _0x56908b={};_0x56908b['id']=_0x2ad845(0x4cf,0x479)+_0x2ad845(0x59b,0x495)+'01',_0x56908b[_0x1823f9(0x560,0x58f)]=_0x1823f9(0x630,0x70b)+'01',_0x56908b[_0x1823f9(0x49a,0x3f1)+_0x2ad845(0x5c3,0x5e0)]=_0x1823f9(0x632,0x750)+'m',_0x56908b['title']=_0x2ad845(0x590,0x632)+_0x2ad845(0x56a,0x4bd)+_0x2ad845(0x523,0x572)+_0x1823f9(0x63f,0x516)+_0x2ad845(0x539,0x65f)+_0x2ad845(0x488,0x416)+_0x2ad845(0x596,0x554)+_0x2ad845(0x682,0x72d),_0x56908b[_0x1823f9(0x4b1,0x48f)+_0x1823f9(0x535,0x5bb)+'n']=_0x1823f9(0x590,0x597)+'ectin'+'g\x20to\x20'+_0x2ad845(0x529,0x5e7)+'contr'+_0x1823f9(0x5d0,0x56e)+_0x2ad845(0x52b,0x4cf)+_0x2ad845(0x64c,0x6f2)+'ws\x20ph'+_0x1823f9(0x606,0x4ff)+'g\x20via'+_0x1823f9(0x59d,0x641)+'\x20redi'+'rect.',_0x56908b[_0x2ad845(0x537,0x44a)+_0x1823f9(0x538,0x48b)]=['cshar'+'p'],_0x56908b[_0x2ad845(0x4c5,0x3b7)+'rn']=/Redirect\s*\(\s*(?:Request|returnUrl|url|redirect|next)/g,_0x56908b[_0x2ad845(0x5d5,0x66e)]=_0x1823f9(0x5c2,0x5e6)+_0x2ad845(0x4d5,0x4a7)+_0x1823f9(0x576,0x454)+_0x1823f9(0x6a6,0x668)+_0x1823f9(0x55c,0x615)+_0x2ad845(0x638,0x74c)+'te:\x20i'+'f\x20(Ur'+'l.IsL'+_0x2ad845(0x52c,0x4ce)+_0x1823f9(0x637,0x5e0)+_0x2ad845(0x4b8,0x598)+_0x1823f9(0x569,0x642)+_0x1823f9(0x5c5,0x5b7)+'n\x20Red'+_0x1823f9(0x68b,0x78b)+_0x1823f9(0x5b4,0x643)+_0x2ad845(0x4ec,0x54b)+');';const _0x3367e7={};_0x3367e7['id']=_0x2ad845(0x497,0x597)+_0x1823f9(0x6b7,0x659),_0x3367e7[_0x1823f9(0x560,0x583)]=_0x1823f9(0x5bd,0x55b)+'98',_0x3367e7['sever'+_0x1823f9(0x5e9,0x529)]=_0x1823f9(0x4f0,0x553)+_0x1823f9(0x484,0x457),_0x3367e7[_0x2ad845(0x574,0x582)]=_0x2ad845(0x4ce,0x5eb)+_0x1823f9(0x57e,0x66c)+_0x2ad845(0x634,0x734)+_0x1823f9(0x583,0x615)+_0x1823f9(0x5b9,0x5d7)+_0x2ad845(0x52f,0x4e3)+'th\x20Pa'+_0x2ad845(0x50a,0x568)+'d',_0x3367e7[_0x2ad845(0x48b,0x53c)+_0x1823f9(0x535,0x5ca)+'n']=_0x1823f9(0x666,0x5e8)+_0x1823f9(0x5e1,0x6d8)+_0x1823f9(0x4f6,0x4b1)+_0x2ad845(0x688,0x62b)+'strin'+_0x1823f9(0x61b,0x60a)+_0x1823f9(0x575,0x508)+_0x1823f9(0x530,0x42d)+_0x2ad845(0x4b5,0x479)+_0x1823f9(0x4a7,0x3f8)+_0x2ad845(0x685,0x70c)+'de\x20ar'+_0x2ad845(0x4f4,0x554)+_0x1823f9(0x4dc,0x556)+_0x1823f9(0x56c,0x532)+_0x1823f9(0x4df,0x564)+'\x20hist'+_0x1823f9(0x5ad,0x562),_0x3367e7[_0x2ad845(0x537,0x554)+_0x2ad845(0x512,0x436)]=[_0x2ad845(0x5be,0x6ec)+'p'],_0x3367e7[_0x1823f9(0x4eb,0x503)+'rn']=/(?:ConnectionString|connectionString)\s*=\s*["'][^"']*(?:Password|Pwd)\s*=[^"']+["']/gi,_0x3367e7['fix']=_0x1823f9(0x698,0x717)+_0x2ad845(0x4dd,0x5bb)+_0x2ad845(0x674,0x5fc)+_0x1823f9(0x67a,0x75f)+_0x1823f9(0x4c3,0x5e5)+_0x1823f9(0x47d,0x537)+_0x2ad845(0x67e,0x76e)+_0x2ad845(0x62d,0x672)+'n\x20dev'+_0x1823f9(0x5a9,0x661)+_0x2ad845(0x4d7,0x5ec)+_0x2ad845(0x560,0x592)+'viron'+_0x2ad845(0x520,0x561)+_0x2ad845(0x5cd,0x55e)+'bles\x20'+_0x1823f9(0x661,0x70b)+_0x1823f9(0x652,0x71e)+_0x2ad845(0x690,0x667);const _0x40e6e1={};_0x40e6e1['id']=_0x2ad845(0x531,0x60c)+_0x2ad845(0x48e,0x438)+'01',_0x40e6e1[_0x2ad845(0x53a,0x55d)]=_0x2ad845(0x5f0,0x510)+'89',_0x40e6e1[_0x1823f9(0x49a,0x515)+_0x2ad845(0x5c3,0x4bd)]=_0x2ad845(0x60c,0x5b0)+'m',_0x40e6e1[_0x1823f9(0x59a,0x4ad)]=_0x2ad845(0x656,0x5a6)+_0x1823f9(0x5b5,0x532)+_0x1823f9(0x478,0x476)+'on\x20in'+_0x2ad845(0x548,0x510)+_0x1823f9(0x481,0x50f)+_0x1823f9(0x4bb,0x581)+_0x1823f9(0x67f,0x592)+_0x2ad845(0x610,0x705)+_0x2ad845(0x695,0x58c),_0x40e6e1[_0x1823f9(0x4b1,0x4ea)+_0x1823f9(0x535,0x5d1)+'n']=_0x1823f9(0x492,0x43b)+_0x2ad845(0x64b,0x756)+_0x1823f9(0x532,0x4a3)+_0x1823f9(0x50d,0x52b)+'ws\x20de'+'taile'+_0x2ad845(0x693,0x6f2)+'ck\x20tr'+_0x2ad845(0x4b7,0x567)+_0x1823f9(0x60c,0x550)+'ers,\x20'+'expos'+_0x2ad845(0x528,0x5bc)+_0x2ad845(0x5b6,0x662)+_0x2ad845(0x657,0x75e)+'tails'+'.',_0x40e6e1[_0x2ad845(0x537,0x551)+_0x2ad845(0x512,0x432)]=[_0x1823f9(0x5e4,0x60e)+'p'],_0x40e6e1['patte'+'rn']=/customErrors\s+mode\s*=\s*["']Off["']/gi,_0x40e6e1[_0x2ad845(0x5d5,0x4eb)]='Set\x20c'+_0x1823f9(0x67f,0x62e)+'Error'+_0x1823f9(0x4ed,0x5c9)+_0x1823f9(0x61d,0x729)+'moteO'+_0x2ad845(0x5e3,0x583)+'or\x20mo'+_0x1823f9(0x5cf,0x52c)+_0x1823f9(0x463,0x342)+_0x1823f9(0x64c,0x6d4)+'uctio'+'n.';export const csharpRules=[_0x1489ef,_0x3b2750,_0x12322f,_0x836cba,_0x3a4c44,_0x37fb0b,_0x42ece7,_0x178fa6,_0x506a73,_0x247cc9,_0xd06666,_0x3f5831,_0x1ef2bb,_0x159771,_0x417f27,_0x45d9fd,_0x56908b,_0x3367e7,_0x40e6e1];
+export const csharpRules = [
+    // === SQL Injection ===
+    {
+        id: "CS-SQLI-001",
+        cwe: "CWE-89",
+        severity: "critical",
+        title: "SQL Injection — String concatenation in SqlCommand",
+        description: "Concatenating user input into SqlCommand text enables SQL injection.",
+        languages: ["csharp"],
+        pattern: /(?:SqlCommand|OleDbCommand|OdbcCommand|NpgsqlCommand)\s*\(\s*(?:["'][^"']*["']\s*\+|\$["']|string\.Format)/g,
+        fix: "Use parameterized queries: cmd.Parameters.AddWithValue(\"@id\", userId);",
+    },
+    {
+        id: "CS-SQLI-002",
+        cwe: "CWE-89",
+        severity: "critical",
+        title: "SQL Injection — String interpolation in EF Core raw SQL",
+        description: "String interpolation in EF Core FromSqlRaw() or ExecuteSqlRaw() enables SQL injection.",
+        languages: ["csharp"],
+        pattern: /(?:FromSqlRaw|ExecuteSqlRaw|ExecuteSqlCommand)\s*\(\s*\$["']/g,
+        fix: "Use FromSqlInterpolated() or FromSql() which automatically parameterize. Or use FromSqlRaw with separate parameters.",
+    },
+    // === XSS ===
+    {
+        id: "CS-XSS-001",
+        cwe: "CWE-79",
+        severity: "high",
+        title: "Cross-Site Scripting — Html.Raw with user input",
+        description: "Html.Raw() outputs unescaped HTML. User input passed to Html.Raw enables XSS.",
+        languages: ["csharp"],
+        pattern: /Html\.Raw\s*\(\s*(?:Model|ViewBag|ViewData|TempData|Request)/g,
+        fix: "Use Razor's automatic encoding (@Model.Property) instead of Html.Raw(). Sanitize HTML if raw output is needed.",
+    },
+    // === Command Injection ===
+    {
+        id: "CS-CMDI-001",
+        cwe: "CWE-78",
+        severity: "critical",
+        title: "Command Injection — Process.Start with user input",
+        description: "Starting processes with user-controlled arguments or filenames enables command injection.",
+        languages: ["csharp"],
+        pattern: /Process\.Start\s*\(\s*(?:new\s+ProcessStartInfo\s*\(\s*)?(?:\$["']|.*\+\s*(?:Request|input|user|param))/g,
+        fix: "Validate and whitelist allowed commands. Use ProcessStartInfo with UseShellExecute = false and separate Arguments.",
+    },
+    // === Path Traversal ===
+    {
+        id: "CS-PATH-001",
+        cwe: "CWE-22",
+        severity: "high",
+        title: "Path Traversal — User input in file path",
+        description: "User input in file paths without sanitization allows reading/writing arbitrary files.",
+        languages: ["csharp"],
+        pattern: /(?:File\.(?:ReadAllText|ReadAllBytes|WriteAllText|WriteAllBytes|Open|Delete|Exists|Copy|Move)|StreamReader|StreamWriter|FileStream)\s*\(\s*(?:Request|input|param|user|\$["'])/g,
+        fix: "Use Path.GetFullPath() and verify the path starts with the expected base directory.",
+    },
+    // === XXE ===
+    {
+        id: "CS-XXE-001",
+        cwe: "CWE-611",
+        severity: "critical",
+        title: "XML External Entity (XXE) — Unsafe XmlReader/XmlDocument",
+        description: "XmlDocument and XmlTextReader with DTD processing enabled are vulnerable to XXE attacks.",
+        languages: ["csharp"],
+        pattern: /(?:XmlDocument|XmlTextReader)\s*(?:\(\)|\.)/g,
+        fix: "Use XmlReader.Create() with XmlReaderSettings { DtdProcessing = DtdProcessing.Prohibit }.",
+    },
+    // === Deserialization ===
+    {
+        id: "CS-DESER-001",
+        cwe: "CWE-502",
+        severity: "critical",
+        title: "Insecure Deserialization — BinaryFormatter",
+        description: "BinaryFormatter is dangerous and officially deprecated by Microsoft. It can execute arbitrary code.",
+        languages: ["csharp"],
+        pattern: /BinaryFormatter\s*\(\s*\)|\.Deserialize\s*\(/g,
+        fix: "Use System.Text.Json or Newtonsoft.Json. BinaryFormatter is deprecated and should never be used.",
+    },
+    {
+        id: "CS-DESER-002",
+        cwe: "CWE-502",
+        severity: "critical",
+        title: "Insecure Deserialization — JavaScriptSerializer/LosFormatter",
+        description: "JavaScriptSerializer with Type Resolvers and LosFormatter are vulnerable to RCE via deserialization.",
+        languages: ["csharp"],
+        pattern: /(?:JavaScriptSerializer|LosFormatter|ObjectStateFormatter|SoapFormatter|NetDataContractSerializer)\s*\(/g,
+        fix: "Use System.Text.Json with strict type handling. Avoid legacy serializers.",
+    },
+    // === Weak Crypto ===
+    {
+        id: "CS-CRYPTO-001",
+        cwe: "CWE-327",
+        severity: "high",
+        title: "Weak Cryptography — MD5 or SHA1",
+        description: "MD5 and SHA1 are cryptographically broken.",
+        languages: ["csharp"],
+        pattern: /(?:MD5|SHA1)\.Create\s*\(\s*\)/g,
+        fix: "Use SHA256.Create() or SHA512.Create(). For passwords, use Rfc2898DeriveBytes (PBKDF2) or BCrypt.",
+    },
+    {
+        id: "CS-CRYPTO-002",
+        cwe: "CWE-327",
+        severity: "critical",
+        title: "Weak Cryptography — DES or TripleDES",
+        description: "DES and TripleDES are deprecated. DES has only 56-bit keys.",
+        languages: ["csharp"],
+        pattern: /(?:DES|TripleDES|DESCryptoServiceProvider|TripleDESCryptoServiceProvider)\.Create\s*\(\s*\)/g,
+        fix: "Use Aes.Create() with GCM mode.",
+    },
+    {
+        id: "CS-CRYPTO-003",
+        cwe: "CWE-327",
+        severity: "high",
+        title: "Weak Cryptography — ECB Mode",
+        description: "ECB mode encrypts identical blocks identically, revealing patterns.",
+        languages: ["csharp"],
+        pattern: /CipherMode\.ECB/g,
+        fix: "Use CipherMode.CBC or GCM mode for AES encryption.",
+    },
+    // === Insecure Random ===
+    {
+        id: "CS-RAND-001",
+        cwe: "CWE-338",
+        severity: "high",
+        title: "Insecure Random — System.Random for security",
+        description: "System.Random is predictable and must not be used for tokens, keys, or security decisions.",
+        languages: ["csharp"],
+        pattern: /new\s+Random\s*\(\s*\)/g,
+        fix: "Use System.Security.Cryptography.RandomNumberGenerator.GetBytes() for security-sensitive random.",
+    },
+    // === TLS ===
+    {
+        id: "CS-TLS-001",
+        cwe: "CWE-295",
+        severity: "critical",
+        title: "Disabled TLS Certificate Verification",
+        description: "ServerCertificateValidationCallback returning true disables all certificate verification.",
+        languages: ["csharp"],
+        pattern: /ServerCertificateValidationCallback\s*=\s*(?:\(\s*[^)]*\)\s*=>\s*true|delegate\s*\{[^}]*return\s+true)/g,
+        fix: "Remove custom callback or implement proper certificate validation.",
+    },
+    // === LDAP Injection ===
+    {
+        id: "CS-LDAP-001",
+        cwe: "CWE-90",
+        severity: "critical",
+        title: "LDAP Injection — Unsanitized input in LDAP query",
+        description: "User input in LDAP filters without sanitization enables LDAP injection.",
+        languages: ["csharp"],
+        pattern: /(?:DirectorySearcher|SearchRequest)[\s\S]*?Filter\s*=\s*(?:\$["']|.*\+\s*(?:Request|input|user|param))/g,
+        fix: "Escape special LDAP characters or use parameterized LDAP queries.",
+    },
+    // === CORS ===
+    {
+        id: "CS-CORS-001",
+        cwe: "CWE-942",
+        severity: "high",
+        title: "CORS Misconfiguration — AllowAnyOrigin with Credentials",
+        description: "Allowing any origin with credentials exposes the API to cross-origin attacks.",
+        languages: ["csharp"],
+        pattern: /AllowAnyOrigin\s*\(\s*\)[\s\S]*?AllowCredentials\s*\(\s*\)/g,
+        fix: "Specify allowed origins: WithOrigins(\"https://trusted.com\") instead of AllowAnyOrigin().",
+    },
+    // === Mass Assignment ===
+    {
+        id: "CS-MASS-001",
+        cwe: "CWE-915",
+        severity: "high",
+        title: "Mass Assignment — Binding directly to entity model",
+        description: "Binding request data directly to database entities allows overwriting sensitive fields (role, isAdmin).",
+        languages: ["csharp"],
+        pattern: /\[HttpPost\][\s\S]*?public\s+(?:async\s+)?(?:Task<)?(?:IActionResult|ActionResult)[\s\S]*?\(\s*(?:\[FromBody\]\s*)?(?:User|Account|Employee|Order|Product)\s+/g,
+        fix: "Use DTOs/ViewModels for binding. Map to entity manually or with AutoMapper, excluding sensitive fields.",
+    },
+    // === Open Redirect ===
+    {
+        id: "CS-REDIR-001",
+        cwe: "CWE-601",
+        severity: "medium",
+        title: "Open Redirect — Unvalidated redirect URL",
+        description: "Redirecting to user-controlled URLs allows phishing via open redirect.",
+        languages: ["csharp"],
+        pattern: /Redirect\s*\(\s*(?:Request|returnUrl|url|redirect|next)/g,
+        fix: "Use Url.IsLocalUrl() to validate: if (Url.IsLocalUrl(returnUrl)) return Redirect(returnUrl);",
+    },
+    // === Hardcoded Connection String ===
+    {
+        id: "CS-SEC-001",
+        cwe: "CWE-798",
+        severity: "critical",
+        title: "Hardcoded Connection String with Password",
+        description: "Database connection strings with passwords in source code are visible in version history.",
+        languages: ["csharp"],
+        pattern: /(?:ConnectionString|connectionString)\s*=\s*["'][^"']*(?:Password|Pwd)\s*=[^"']+["']/gi,
+        fix: "Use appsettings.json with User Secrets in development and environment variables in production.",
+    },
+    // === Debug ===
+    {
+        id: "CS-DEBUG-001",
+        cwe: "CWE-489",
+        severity: "medium",
+        title: "Debug Information in Production — CustomErrors Off",
+        description: "CustomErrors=Off shows detailed stack traces to users, exposing internal details.",
+        languages: ["csharp"],
+        pattern: /customErrors\s+mode\s*=\s*["']Off["']/gi,
+        fix: "Set customErrors mode=\"RemoteOnly\" or mode=\"On\" in production.",
+    },
+];

package/dist/rules/docker.js

@@ -1 +1,143 @@
-(function(_0x305494,_0x5cb06e){const _0x386a96={_0x542c52:0xfe,_0x15bd53:0x338,_0x377cdf:0x2c7,_0x1cef2e:0x1ec,_0x49746e:0x1e4,_0x53a6e7:0x284,_0x1868f4:0x28d,_0x3c061f:0x197,_0x108d28:0x2b9,_0x75ef88:0x198,_0x40d76c:0xd2},_0x16a7ea={_0x2efe7d:0xfe},_0xe319e1={_0x40940b:0x333};function _0x686769(_0x4f1659,_0x3bbdcc){return _0x57de(_0x3bbdcc- -_0xe319e1._0x40940b,_0x4f1659);}const _0x595610=_0x305494();function _0x5392b5(_0x3ff2e9,_0x4f324a){return _0x57de(_0x3ff2e9-_0x16a7ea._0x2efe7d,_0x4f324a);}while(!![]){try{const _0x3be212=parseInt(_0x5392b5(0x342,0x422))/(0x134f*-0x2+0x2c8*0x5+0x18b7)+-parseInt(_0x686769(-0x165,-0x222))/(-0x17ab*0x1+0x4a*-0x7d+0x3bcf)*(parseInt(_0x686769(-_0x386a96._0x542c52,-0x12a))/(-0x502*0x4+0x20c5+-0x3*0x43e))+-parseInt(_0x5392b5(_0x386a96._0x15bd53,_0x386a96._0x377cdf))/(-0x635+0x1*0x10a2+-0xa69)+parseInt(_0x5392b5(_0x386a96._0x1cef2e,_0x386a96._0x49746e))/(0x2d3*0x6+-0x45a+-0xc93)+parseInt(_0x5392b5(_0x386a96._0x53a6e7,_0x386a96._0x1868f4))/(-0xab4+0x1*-0x2453+0xf*0x323)*(parseInt(_0x686769(-0x232,-_0x386a96._0x3c061f))/(-0x11ad+0xa*-0x272+-0x4c*-0x8e))+-parseInt(_0x5392b5(0x286,_0x386a96._0x108d28))/(0x6d1+-0x22*0xea+-0x819*-0x3)*(parseInt(_0x686769(-0x41,-0xf7))/(-0x2182+0x1e93+0x4c*0xa))+parseInt(_0x686769(-_0x386a96._0x75ef88,-_0x386a96._0x40d76c))/(-0x1bb*0x13+-0x13a8+0x3493);if(_0x3be212===_0x5cb06e)break;else _0x595610['push'](_0x595610['shift']());}catch(_0x9d886d){_0x595610['push'](_0x595610['shift']());}}}(_0x1cfc,-0x14bf3+-0x1c3*0x3be+0xfb4af));const _0x521cec={};_0x521cec['id']=_0x59a331(0x592,0x62b)+_0x59a331(0x547,0x5eb)+_0x59a331(0x56a,0x640),_0x521cec[_0x59a331(0x4b1,0x539)]=_0x5610b5(0x74,0x10)+'29',_0x521cec[_0x5610b5(0x91,0xd7)+'ity']=_0x59a331(0x453,0x3a1)+'m',_0x521cec['title']=_0x5610b5(0x101,0x6a)+_0x59a331(0x59a,0x54c)+_0x59a331(0x4b0,0x581)+_0x59a331(0x489,0x4e4)+_0x59a331(0x4e4,0x56a)+_0x5610b5(0x4e,0xbe)+_0x5610b5(0xb9,0x184)+_0x59a331(0x480,0x3af)+_0x59a331(0x579,0x4e1),_0x521cec['descr'+_0x59a331(0x5e3,0x592)+'n']=_0x59a331(0x590,0x5df)+_0x59a331(0x54f,0x46c)+_0x59a331(0x443,0x524)+_0x5610b5(0x188,0xa6)+_0x5610b5(0x17a,0x16b)+_0x5610b5(0xb0,0x166)+_0x59a331(0x46d,0x51e)+_0x59a331(0x4b4,0x4ca)+_0x5610b5(0x185,0xe2)+_0x5610b5(0xd9,0xf5)+'lds\x20n'+_0x5610b5(0xe7,0x19f)+_0x5610b5(0x176,0x13d)+_0x59a331(0x537,0x550)+_0x5610b5(0x90,0x97)+'may\x20p'+_0x59a331(0x448,0x3dd)+_0x5610b5(-0x3,0x53)+'nerab'+'le\x20ve'+_0x59a331(0x593,0x591)+'s.',_0x521cec['langu'+'ages']=[_0x59a331(0x476,0x553)+_0x5610b5(0xe1,0x128)],_0x521cec['patte'+'rn']=/^FROM\s+(?!scratch)[a-z0-9\-_.\/]+(?:\s*$|:\s*latest\b)/gmi,_0x521cec[_0x59a331(0x48d,0x4d4)]='Pin\x20b'+_0x5610b5(0x28,-0xb8)+_0x5610b5(0x6f,0x104)+'\x20to\x20a'+'\x20spec'+_0x59a331(0x5b0,0x670)+'versi'+_0x5610b5(0x126,0x12f)+_0x59a331(0x4f1,0x4ac)+_0x5610b5(0x29,-0x9e)+_0x59a331(0x4e0,0x466)+_0x59a331(0x49f,0x4cf)+_0x59a331(0x5e7,0x527)+'0.11.'+_0x5610b5(0x16a,0x1dd)+_0x5610b5(0xec,0x157)+_0x59a331(0x4d2,0x459)+':abc1'+_0x59a331(0x4ef,0x4cc);const _0x5bc7d2={};_0x5bc7d2['id']=_0x5610b5(0x14d,0x213)+'R-IMG'+_0x5610b5(0x93,-0x20),_0x5bc7d2[_0x5610b5(0x6c,0xf4)]=_0x5610b5(0x74,0x55)+'29',_0x5bc7d2[_0x59a331(0x4d6,0x521)+_0x5610b5(0x73,0xbd)]=_0x59a331(0x453,0x3e7)+'m',_0x5bc7d2[_0x59a331(0x444,0x4f4)]='Non-D'+_0x5610b5(0x153,0xc6)+_0x59a331(0x492,0x4b1)+_0x5610b5(0xae,0x2e)+'lpine'+'\x20Base'+_0x5610b5(0x15d,0x101)+'e',_0x5bc7d2[_0x59a331(0x439,0x41d)+_0x59a331(0x5e3,0x654)+'n']=_0x59a331(0x5ba,0x5d3)+_0x59a331(0x529,0x52d)+'se\x20im'+_0x5610b5(0x12,-0x9b)+_0x5610b5(0x187,0x1c5)+'in\x20un'+_0x59a331(0x47f,0x4d9)+'sary\x20'+_0x59a331(0x5ac,0x59a)+_0x59a331(0x4d4,0x59f)+_0x59a331(0x428,0x3b3)+_0x59a331(0x577,0x51e)+_0x5610b5(0xfa,0xe5)+'e\x20att'+_0x59a331(0x4c5,0x430)+'urfac'+'e.';function _0x5610b5(_0x12d606,_0x1647ef){const _0x5a6267={_0x4978de:0xcc};return _0x57de(_0x12d606- -_0x5a6267._0x4978de,_0x1647ef);}_0x5bc7d2[_0x59a331(0x5df,0x674)+_0x59a331(0x57c,0x5ea)]=[_0x59a331(0x476,0x4e8)+_0x5610b5(0xe1,0x15)],_0x5bc7d2[_0x5610b5(0x197,0xe4)+'rn']=/^FROM\s+(?:ubuntu|debian|centos|fedora|amazonlinux)(?::|$)/gmi,_0x5bc7d2[_0x5610b5(0x48,-0x1e)]=_0x5610b5(0xd8,0x18)+_0x5610b5(0x1d,-0x68)+'l\x20ima'+_0x59a331(0x55e,0x5ee)+_0x59a331(0x45e,0x3ba)+'e,\x20di'+'strol'+_0x59a331(0x4d9,0x42d)+_0x59a331(0x4f8,0x449)+_0x59a331(0x5aa,0x512)+'varia'+_0x5610b5(0x32,0xca)+'o\x20red'+_0x5610b5(0x9c,0xa0)+_0x5610b5(0x186,0x216)+'\x20surf'+'ace.';const _0x548fff={};_0x548fff['id']='DOCKE'+'R-ROO'+_0x59a331(0x463,0x3e5),_0x548fff['cwe']='CWE-2'+'50',_0x548fff[_0x5610b5(0x91,0x63)+'ity']=_0x5610b5(0x1a3,0x195),_0x548fff['title']=_0x5610b5(-0x1a,-0xe2)+_0x59a331(0x511,0x5c7)+_0x59a331(0x4c1,0x49e)+_0x5610b5(0xa9,-0x2f)+_0x5610b5(0x196,0x22c)+_0x59a331(0x5c2,0x526)+'ssing'+_0x5610b5(0xe9,0x141)+_0x59a331(0x45b,0x38c)+'ctive',_0x548fff[_0x5610b5(-0xc,0xa1)+_0x59a331(0x5e3,0x645)+'n']=_0x59a331(0x42b,0x373)+_0x59a331(0x46c,0x3cf)+'\x20runn'+_0x5610b5(0xff,0x148)+_0x59a331(0x5e0,0x560)+_0x59a331(0x50c,0x452)+'\x20esca'+_0x5610b5(0x6,-0x89)+_0x5610b5(0x2e,-0x6a)+_0x59a331(0x447,0x395)+_0x5610b5(0x12f,0x1df)+_0x59a331(0x5d3,0x610)+_0x5610b5(0xb2,0xee)+_0x5610b5(0x194,0x1fb)+'ape\x20v'+'ulner'+_0x5610b5(0x46,-0x50)+'ties\x20'+_0x59a331(0x557,0x5bb)+_0x59a331(0x4c0,0x3eb)+_0x5610b5(0xb7,0x1c)+_0x5610b5(0x5e,-0x33),_0x548fff[_0x59a331(0x5df,0x65f)+_0x59a331(0x57c,0x65b)]=[_0x59a331(0x476,0x52f)+_0x5610b5(0xe1,0x14f)],_0x548fff[_0x5610b5(0x197,0x1f8)+'rn']=/^USER\s+root\s*$/gmi,_0x548fff[_0x5610b5(0x48,0x118)]='Run\x20a'+_0x5610b5(0x117,0xd3)+_0x5610b5(0x68,-0x1f)+_0x5610b5(0x77,-0x15)+'er:\x20R'+_0x5610b5(0x66,0x5d)+_0x59a331(0x516,0x486)+_0x59a331(0x438,0x42e)+_0x5610b5(0x190,0xe4)+_0x59a331(0x47c,0x55e)+'user\x20'+'-S\x20ap'+_0x59a331(0x44d,0x4fa)+'app\x20.'+'..\x20US'+_0x5610b5(0x172,0x135)+'p';const _0x27cda4={};_0x27cda4['id']=_0x5610b5(0x14d,0xb9)+'R-ADD'+'-001',_0x27cda4[_0x5610b5(0x6c,0xe8)]='CWE-8'+'29',_0x27cda4['sever'+_0x59a331(0x4b8,0x3f3)]=_0x59a331(0x453,0x4da)+'m',_0x27cda4[_0x59a331(0x444,0x3ef)]=_0x5610b5(0x14b,0xf3)+_0x5610b5(0xa0,0x75)+_0x5610b5(0xa5,0x47)+_0x5610b5(-0x19,-0x25)+_0x5610b5(0x141,0x173),_0x27cda4[_0x5610b5(-0xc,-0xb5)+_0x5610b5(0x19e,0x226)+'n']=_0x59a331(0x5b2,0x4da)+'an\x20au'+_0x59a331(0x5c0,0x65d)+'tract'+_0x5610b5(0xf3,0x5e)+'ives\x20'+_0x5610b5(0x7e,0x45)+_0x5610b5(0x8b,0xa7)+_0x59a331(0x58e,0x56a)+'e\x20URL'+_0x59a331(0x55a,0x575)+_0x5610b5(0x10b,0x1e8)+_0x59a331(0x553,0x4c2)+_0x59a331(0x5d4,0x5cb)+_0x59a331(0x450,0x4b0)+'\x20cont'+_0x59a331(0x562,0x4a7)+'COPY\x20'+_0x59a331(0x4a4,0x4a1)+_0x59a331(0x474,0x3d0)+_0x59a331(0x42f,0x3bb)+_0x5610b5(0x139,0x8a)+'r.',_0x27cda4['langu'+_0x59a331(0x57c,0x615)]=['docke'+'rfile'],_0x27cda4['patte'+'rn']=/^ADD\s+(?!--chown)/gmi,_0x27cda4[_0x59a331(0x48d,0x56c)]='Use\x20C'+_0x5610b5(0x129,0x45)+_0x5610b5(0xd7,-0xb)+_0x59a331(0x45c,0x420)+_0x59a331(0x563,0x600)+_0x5610b5(0xc5,0x142)+_0x5610b5(0xa1,0x60)+_0x59a331(0x426,0x3f4)+_0x5610b5(0x177,0x227)+'ly\x20ne'+_0x59a331(0x429,0x4db)+_0x59a331(0x487,0x3f5)+'\x20extr'+_0x59a331(0x42d,0x351)+'n.';const _0x385353={};_0x385353['id']=_0x59a331(0x592,0x574)+_0x5610b5(0x18c,0x105)+_0x59a331(0x56a,0x562),_0x385353[_0x5610b5(0x6c,0x15)]='CWE-7'+'98',_0x385353[_0x59a331(0x4d6,0x41c)+'ity']=_0x5610b5(0x161,0x115)+_0x59a331(0x588,0x605),_0x385353['title']=_0x59a331(0x5c9,0x5d9)+'t\x20in\x20'+'Docke'+'rfile'+_0x5610b5(0xf0,0x23)+_0x59a331(0x564,0x5d6)+_0x59a331(0x4d3,0x400)+_0x5610b5(0x133,0x20f)+'reden'+_0x5610b5(0x135,0x105),_0x385353[_0x5610b5(-0xc,-0x86)+_0x59a331(0x5e3,0x6aa)+'n']='Secre'+_0x59a331(0x54d,0x623)+'\x20ENV/'+_0x5610b5(0x65,0x143)+_0x5610b5(0x8c,0x61)+_0x5610b5(0x15,-0x9e)+'image'+'\x20laye'+'rs\x20an'+'d\x20can'+_0x5610b5(0x59,0x19)+'xtrac'+_0x5610b5(0x11,-0x67)+'ith\x20d'+_0x59a331(0x580,0x4c1)+'\x20hist'+_0x59a331(0x55f,0x4b6),_0x385353[_0x59a331(0x5df,0x6a9)+_0x5610b5(0x137,0x184)]=[_0x59a331(0x476,0x47b)+'rfile'],_0x385353[_0x59a331(0x5dc,0x5a8)+'rn']=/^(?:ENV|ARG)\s+(?:.*(?:PASSWORD|SECRET|API_KEY|TOKEN|PRIVATE_KEY|ACCESS_KEY|DB_PASS|CREDENTIALS)\s*=)/gmi,_0x385353[_0x59a331(0x48d,0x3fd)]=_0x59a331(0x47a,0x4b6)+_0x5610b5(0x13b,0x1ad)+_0x5610b5(-0xf,0xb9)+_0x5610b5(0x76,-0x21)+_0x5610b5(0x1aa,0xfa)+_0x5610b5(0xc2,-0x7)+_0x59a331(0x584,0x5a8)+'mount'+_0x59a331(0x4ae,0x554)+_0x5610b5(0x75,0x150)+'et,id'+'=my_s'+_0x59a331(0x4c4,0x547)+_0x5610b5(0x10,0x49)+_0x5610b5(0x4f,-0xe)+_0x5610b5(0x1aa,0x1b4)+_0x59a331(0x43e,0x513)+_0x5610b5(0x160,0x139)+'ime\x20v'+_0x59a331(0x46b,0x43f)+'.';const _0x5c56e2={};_0x5c56e2['id']=_0x5610b5(0x14d,0x1e0)+_0x5610b5(0x18c,0xef)+_0x59a331(0x4d8,0x4af),_0x5c56e2[_0x5610b5(0x6c,0x17)]=_0x59a331(0x4de,0x4d5)+'98',_0x5c56e2['sever'+'ity']='high',_0x5c56e2[_0x5610b5(-0x1,-0x17)]='Copyi'+_0x5610b5(0xc0,0x14f)+_0x5610b5(0x154,0x17e)+_0x5610b5(-0x12,0x19)+_0x59a331(0x4dc,0x418)+_0x5610b5(0xe8,0x6e),_0x5c56e2[_0x59a331(0x439,0x4b9)+'iptio'+'n']='Copyi'+'ng\x20.e'+_0x5610b5(0x1a7,0xfc)+_0x5610b5(-0x9,0x70)+'nto\x20D'+_0x5610b5(0x13b,0x110)+_0x59a331(0x583,0x4f1)+_0x59a331(0x46a,0x541)+_0x59a331(0x5de,0x6ad)+_0x59a331(0x4a7,0x3f1)+_0x5610b5(0x107,0x1a1)+_0x59a331(0x500,0x59d)+_0x59a331(0x510,0x5b5)+_0x59a331(0x5e4,0x639),_0x5c56e2['langu'+_0x5610b5(0x137,0x168)]=[_0x5610b5(0x31,0x69)+_0x5610b5(0xe1,0x17)],_0x5c56e2[_0x59a331(0x5dc,0x52e)+'rn']=/^COPY\s+.*\.env\b/gmi,_0x5c56e2[_0x5610b5(0x48,0x11)]=_0x59a331(0x465,0x3e2)+_0x5610b5(0x141,0x88)+_0x5610b5(-0x13,-0x63)+_0x59a331(0x5ea,0x5e0)+'s\x20int'+_0x59a331(0x56d,0x600)+_0x5610b5(0x142,0xe6)+_0x59a331(0x517,0x535)+_0x5610b5(0xd6,0x60)+_0x5610b5(0x12b,0x1ae)+_0x59a331(0x5b8,0x5f9)+_0x59a331(0x5be,0x542)+'s\x20at\x20'+'runti'+_0x59a331(0x5a4,0x633)+_0x59a331(0x524,0x5f6)+_0x59a331(0x4af,0x57d)+_0x5610b5(0x54,0x38)+_0x59a331(0x56c,0x518)+_0x59a331(0x5c3,0x4e0)+_0x59a331(0x57f,0x536)+'.';function _0x1cfc(){const _0x117b7d=['ywnRihm','iefqssK','pdWGj0G','Aw5NBgu','Bd0Zmhm','ifjPC2S','BsWGDgG','BgLIl2e','BhmSige','zgv0zwm','ywWGC3q','zxrJAca','zxjZAxm','AgeYnty','qvjhihC','z2vZihq','igfUzca','C2v2zxi','y2LVDxm','ltaWmG','zxnZlca','ieHfquW','q1Dflty','Dg8Gsw0','DxqGls0','q1DfltC','B3nL','C3q6iey','DwnLige','B3j0CY4','CNqG4Ocuia','4OcuifvZAq','ieferca','ihLVDsa','DcbNAxy','lcbeB2m','BMvYCYa','sw5ZDgu','D2L0Ag8','vxnLoIa','A2v0ie0','BMCGyxm','mJmUlI4','C2vJDxi','zcbtsee','zsbZAxO','tM9Ulue','ifvUDhi','zM9Yigi','ifrVB2W','DgfPBMu','B3iGkI0','DgHLigm','EwfTBa','BMCGB24','yYbdvKu','ugfJA2e','yxrLC3q','mJe4mdy1mNjJtLfMrq','BIbLDMu','ogrTvLLhuW','rg93BMW','lwyGAhq','BMfNzw0','BMCGlMu','zgq6ifS','Dhm6ifi','DcbPBMm','BMqGzgu','BMXLC3m','CNvUBMK','DcbJyw4','DxqGseu','jIyGyMe','zwqGu2u','CNKGBge','Aw5LCIa','ignVzgu','AxnRlG','CIbMDwW','n0fRCMffzq','zgDYB3u','ugfZCYa','A2v0lca','ntzZDw0','ywDLlG','zw52Axi','BNn0zwe','vxnLig0','CYbIDwK','zcdIGjqGqW','ls1UBY0','CMzHy2u','BcbJB24','ugLWzsa','DgGGzg8','CIbZB2m','CMzPBgu','Bg9JywW','Dw5Py2e','t1mGyMe','zw5Kzw4','uI1tt0m','B24TCMu','ywDL','ifvtrvi','zsbJB24','ig1HBgK','Aw5Lqhm','ihnVy2S','DcbPBNm','ifnJCMK','iokaLcbftG','lNnOifu','y2LIBgu','igfYy2G','ign1CMW','BgvNzwq','A2vYigq','B3iGBwe','zxnWB24','lxjLy28','C2uGDgG','BMvYige','BMrZic0','CguU','DwLSzca','Aw5Nige','yMvJB20','vw5WAw4','uI1jtuC','A2fNzv8','ywDLigK','zwn1DgK','zwnRC3u','zxrZigK','DhmGAw4','C29JA2u','icDSyxq','DhjVzhu','ExbHC3m','ihnOyti','y2LUzYa','ywvTB24','qwrKige','C2uGyxq','kguUzY4','DhjVBca','z2uSigm','CYWGAw4','veHdseu','CYbHig4','ysbYzw0','z2vZoIa','B3j5lG','q1Dflte','DMuGug8','zw50lIa','qureihu','vIbVCIa','vxnLihm','zMLYC3q','Dcb0BYa','CMvHC2u','zwq6ihq','ltaWmq','B24Gyw4','zsbVCIa','BYbPBwe','t1bzigK','AguGrg8','B25Tzw4','ksbVCIa','uI1quKK','ihbHy2S','B3qGDMK','CYbPBIa','igfJy2u','BMnYzwe','AxrOigm','BYb0ywC','DgLHBa','ic0TAw4','ywDLCW','DxrPBMC','ihnHzMu','lwzPBgu','B2nRzxi','zxmGDgG','nNvbBLDzCG','igLTywC','vu4Gls0','CMLWDc4','ienpufK','z2vZlIa','y2fS','Aw5Nihq','AxrPzxm','ic1Vihm','BcbMAw4','q0S6ieG','CMvTB3q','y2LLCYa','vxnPBMC','Dg8Gu2G','re9ds0u','CNnPB24','igz1BgW','ihnJCMK','C2nHCgu','Ag9ZDca','Axn0CM8','BNyGrMK','BMvKiei','B3vUDgu','uI1tvee','tc0Wmde','igv4zwm','y2vZC2e','Aw4Trg8','B3rLieq','ieLTywC','yw5Kigm','BwuGD2K','ihj1BNq','y3jPDgK','C3rHz2u','B2fKAw4','ChqVBgK','C2XPBsa','DIbKzxa','CgfJA2e','zcb0B28','zsbZDge','mc1HBha','AwzPyYa','zsb1BNi','qureigm','mte1mdu4nhrwCLnpsa','lcblohm','mtCWntGWnKj6sevHEa','icHtu0G','rviGyxa','Dcb2yxi','BNn0ywW','rNvSBca','ChjVzhu','zMLJywW','nJyZmtr5uxnTDgm','AwfIBgu','ihrHzYa','Dg8TzxG','BMCGseu','iokaLcbnAq','ls1LBNy','uI1dvvi','igzVCIa','BgXPBMC','DMfSzw4','ienVBNq','u2vJCMu','ig1HA2u','DhrHy2S','y29UDge','B3iGBM8','C2GGC2m','BNnPDgK','uI1qt1i','uI1trum','rufmveG','ysbJB24','Dw5PBNq','yxbWicy','igvXDwK','rxHWB3m','CgfIAwW','CIbLC2m','mJm5nJi5mg1ZrM5cqW','ifjVB3q','Cgf0Dgu','igj1AwW','Cg9Zzxm','BgfUz3u','CYbYB28','Aw50zxi','uI1qs0C','Axb0Aw8','EwvYlG','zwvKzwq','DwX0As0','B2rLoJi','AgLNAa','sw5ZDge','igzPBgu','u1nilca','BNyGzMK','re1jtL0','B3b5ig8','C2vJCMu','ic1JidW','C3bLy2K','ChrZigK','Agf0igK','zwqGyxi','ic1YzIa','q29UDge','ywqGB2y','ywn0Aw8','ig1Vzgu','DcbHBMq','tKvux0e','Bc1Yzwm','ic5LBNy','BguGAw4','q1Dflti','jIyGCM0','iej1AwW','CYbbueK','CcaTuYa','zgvZy3i','rg9JA2u','C3mGDg8','BgvZigK','v2L0Ag8','DhmGyxq','Bg93','EsbWywm','y3jPChq','BIb2DwW','zxn0jYa','DgL0Bgu','Aw4GDgG','BMvYieu','C3qGCM8','DwXSigK','t1nfigy','ierVy2S','Bgf0zsa','y2TLCI0','CcaTrYa','AxmGysa','vI0Wmde','zw5Kzwq','CgvJAwy','B3v0ic0','BwvKAxu','AguGC2m','lIbpCIa','DgvKihC','ywDLCYa','Dha6lY8','y3vYBca','DcbPBIa','igrPCMu','zcbVzIa','q3vYBca','ywXWAw4','y2SGC3u','DMLSzwC','q0Hfq0S','Aw5PBwe','vc0Wmde','ywLUzxi','tMv2zxi','uLvoige','nda2mdG3nuDWuxLrCq','ihrOzsa','tfrilta','zxmGzxG','AweGlwu','Aw5LCNm','yxnLigK','igrPz2u','y2fWx2e','tw91BNq','CYb0Agu','DgfJAYa','Dg8GAg8','CgXPy2K','yMXPBMC','zg9JA2u','BNrZihq','BhmGAw4','y29TBwu','vxnLieq','zwXSiokaLa','jIbHzgq','ihvUBMu','rMLUywW','BMvJzxm','ig9Yig4','BM8TAw4','uMvTB3y','igLUigm','B2fKihq','Ag9ZDcW','C3rZlYO','y2HPDMu','ig1VDw4','BwfNzsa','ndKYmtiYvMfAq2v0','ywjPBgK','z2uGsw4','zML4','zsbMAw4','Aw5Nig0','y2THz2u','oIbsvu4','BgvZCY8','BMCGoMW','CgfZCYa','ienVBxa','C3rHBgW','Dxn0zwq','zhm6igi','CNvUic0','BYbHig0','q29TCgK','ChqTz2u','Ag9ZDc8','igjLigu','uK9nig4','lNnOjYa','DgLVBI4','CNrPzMe','CYKU','AxmGzxG','y2uU','CIbtB2m','ihnLy3i','DMLLDYa','ignVBw0','qvjhiha','vu4Gywq','uhjPDMK','B24TCM8','pxr5Cgu','y2TLCIa','yxnLieK','y3DL','zsbeB2m','igDPDMu','BwfNzxm','DgL2zq','zsbWCMK','BgWTCMu','Axr5','q1DfltG','pxnLy3i','zeTPDca','B3qGDxm','igHHCYa','B250ywK','DcbPzIa','lcbYDw4','uNvUBMK','DgvYDMe','yw5Kigy','zwnYzxq'];_0x1cfc=function(){return _0x117b7d;};return _0x1cfc();}const _0x23e324={};_0x23e324['id']=_0x59a331(0x592,0x52a)+_0x5610b5(0x18b,0x1a4)+'T-001',_0x23e324['cwe']=_0x5610b5(0x96,-0x36)+'68',_0x23e324[_0x59a331(0x4d6,0x4e5)+'ity']='mediu'+'m',_0x23e324[_0x5610b5(-0x1,0xbe)]='Expos'+_0x59a331(0x50f,0x47b)+_0x5610b5(0x18a,0x1a1)+_0x59a331(0x561,0x62c)+_0x5610b5(0x9e,0xe8)+_0x5610b5(0x1a6,0x16b)+'Docke'+_0x59a331(0x525,0x5af)+_0x5610b5(0xd3,0x108)+'or\x20K8'+_0x59a331(0x437,0x359),_0x23e324[_0x5610b5(-0xc,0xa7)+'iptio'+'n']=_0x59a331(0x5d7,0x5ed)+_0x59a331(0x48f,0x41a)+'anage'+'ment\x20'+'ports'+_0x5610b5(0x171,0x140)+_0x59a331(0x4e8,0x505)+'ker\x20d'+_0x5610b5(0x10f,0x9b)+_0x5610b5(0x16f,0x24d)+_0x59a331(0x4c6,0x533)+_0x59a331(0x483,0x470)+_0x5610b5(0x79,0x3e)+_0x5610b5(0xa4,0x22)+_0x5610b5(0x9,-0x46)+_0x5610b5(0xab,0x26)+'ity\x20r'+_0x5610b5(0xce,0x14e),_0x23e324[_0x59a331(0x5df,0x5d2)+_0x5610b5(0x137,0x166)]=[_0x59a331(0x476,0x504)+_0x59a331(0x526,0x5ef)],_0x23e324[_0x5610b5(0x197,0x109)+'rn']=/^EXPOSE\s+(?:22|2375|2376|6443|9200|27017|6379|5432|3306|3389)\b/gmi,_0x23e324[_0x59a331(0x48d,0x4e8)]=_0x5610b5(0x3d,-0x92)+'e\x20EXP'+_0x59a331(0x449,0x520)+_0x59a331(0x53c,0x5fd)+_0x59a331(0x504,0x422)+'ent\x20p'+_0x59a331(0x4e2,0x50d)+'\x20Use\x20'+_0x59a331(0x43a,0x40b)+'r\x20net'+'works'+_0x5610b5(0x180,0x263)+_0x5610b5(0x19c,0x191)+'-cont'+'ainer'+_0x59a331(0x4a9,0x3fa)+_0x59a331(0x528,0x510)+_0x59a331(0x4a1,0x405);const _0x502487={};_0x502487['id']='DOCKE'+'R-HEA'+_0x59a331(0x469,0x52e)+'01',_0x502487[_0x5610b5(0x6c,0xc)]=_0x5610b5(0x96,0xb9)+'93',_0x502487['sever'+_0x5610b5(0x73,0x5f)]=_0x5610b5(-0x6,0xe0),_0x502487[_0x59a331(0x444,0x429)]='Missi'+_0x5610b5(0x17c,0x176)+'ALTHC'+'HECK\x20'+'Direc'+_0x5610b5(0x70,0xcd),_0x502487[_0x5610b5(-0xc,-0x2c)+_0x59a331(0x5e3,0x5db)+'n']=_0x5610b5(-0x8,0xc1)+_0x5610b5(0xc8,0x66)+'ALTHC'+'HECK,'+_0x5610b5(0x5,0x7d)+'er\x20ca'+'nnot\x20'+_0x5610b5(0x89,0xec)+_0x59a331(0x4bf,0x4b1)+_0x59a331(0x4f9,0x5d2)+_0x5610b5(0x79,-0x2)+_0x5610b5(0xfb,0xed)+'pplic'+'ation'+_0x5610b5(0x78,-0x2a)+_0x5610b5(0x100,0xb6)+_0x5610b5(0x16c,0x22f)+_0x5610b5(0xf8,0x1c2)+'sive.',_0x502487[_0x59a331(0x5df,0x65f)+_0x5610b5(0x137,0x14e)]=[_0x5610b5(0x31,-0x3e)+_0x5610b5(0xe1,0xab)],_0x502487[_0x5610b5(0x197,0xfd)+'rn']=/^HEALTHCHECK\s+NONE\s*$/gmi,_0x502487[_0x59a331(0x48d,0x4c1)]=_0x5610b5(0x110,0x177)+_0x5610b5(0x95,-0x9)+_0x59a331(0x55b,0x5cf)+_0x5610b5(0x148,0x112)+_0x59a331(0x5d2,0x60a)+_0x5610b5(0x1c,0xb7)+_0x5610b5(0x136,0x5e)+_0x5610b5(0x7d,0x7a)+_0x59a331(0x4c9,0x3e4)+'\x20CMD\x20'+_0x59a331(0x459,0x4bc)+_0x59a331(0x503,0x593)+_0x5610b5(0x13,0x8)+_0x5610b5(0xe2,0x10b)+_0x5610b5(0x58,0xee)+'\x20||\x20e'+'xit\x201';const _0x4bfb7b={};_0x4bfb7b['id']='DOCKE'+_0x5610b5(0x19d,0x143)+_0x5610b5(0x125,0x1d1),_0x4bfb7b[_0x5610b5(0x6c,0xee)]=_0x59a331(0x560,0x576)+'104',_0x4bfb7b[_0x59a331(0x4d6,0x549)+_0x59a331(0x4b8,0x4ba)]=_0x5610b5(-0x6,0xc1),_0x4bfb7b[_0x59a331(0x444,0x3ab)]=_0x59a331(0x4fd,0x571)+_0x5610b5(0x47,0x9f)+_0x5610b5(0x51,-0x81)+'\x20With'+_0x5610b5(0xd,0x8f)+'-no-i'+_0x59a331(0x5b9,0x598)+_0x59a331(0x431,0x445)+'ommen'+'ds',_0x4bfb7b[_0x59a331(0x439,0x412)+_0x5610b5(0x19e,0x136)+'n']=_0x59a331(0x5e9,0x5e6)+_0x59a331(0x5c6,0x5a6)+_0x59a331(0x573,0x50a)+_0x59a331(0x457,0x3f1)+_0x5610b5(0xa6,0x9b)+_0x5610b5(0x98,-0x10)+_0x59a331(0x481,0x4d1)+_0x59a331(0x496,0x53a)+_0x59a331(0x53e,0x5aa)+'mmend'+'s\x20pul'+_0x5610b5(0x33,0xbf)+_0x59a331(0x47d,0x3a7)+_0x5610b5(0x15a,0x145)+'ry\x20pa'+_0x59a331(0x490,0x49d)+'s\x20tha'+_0x5610b5(0xc3,0x112)+_0x59a331(0x568,0x48c)+_0x5610b5(0x13e,0x138)+_0x5610b5(0xad,0x10a)+'e\x20and'+'\x20atta'+_0x59a331(0x45f,0x428)+_0x5610b5(0xdc,0x38)+'.',_0x4bfb7b[_0x5610b5(0x19a,0x225)+_0x5610b5(0x137,0x6b)]=[_0x59a331(0x476,0x3d9)+'rfile'],_0x4bfb7b['patte'+'rn']=/apt-get\s+install\s+(?!.*--no-install-recommends)/g,_0x4bfb7b[_0x59a331(0x48d,0x447)]=_0x59a331(0x4ec,0x456)+_0x59a331(0x466,0x3f0)+_0x5610b5(0x57,-0x88)+_0x59a331(0x533,0x56e)+'tall\x20'+_0x59a331(0x520,0x5c6)+'insta'+_0x59a331(0x4b7,0x54d)+_0x5610b5(0x34,-0x8b)+_0x59a331(0x541,0x4ae)+_0x5610b5(-0x5,0x90)+_0x5610b5(0x103,0x120)+'name\x20'+_0x5610b5(-0x10,-0xf6)+_0x59a331(0x42a,0x457)+'/var/'+_0x59a331(0x4cc,0x415)+_0x5610b5(0x164,0x220)+_0x5610b5(0x41,-0x13);const _0x39bb5d={};function _0x57de(_0x3ee83,_0x2ab93f){_0x3ee83=_0x3ee83-(0x96+0x4*0x5e+-0x1*0x161);const _0x1794ee=_0x1cfc();let _0x22d262=_0x1794ee[_0x3ee83];if(_0x57de['cJaNPN']===undefined){var _0x39ba18=function(_0x8e7dd){const _0x40a9df='abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789+/=';let _0x303b76='',_0x518d0b='';for(let _0x3c719e=0x328*-0xb+0x1e9*-0x2+0x268a,_0x5447cf,_0x287007,_0x12ccaf=0x714+0x751*0x5+-0x1*0x2ba9;_0x287007=_0x8e7dd['charAt'](_0x12ccaf++);~_0x287007&&(_0x5447cf=_0x3c719e%(0x1161+-0x1*0x1ca3+0xb46)?_0x5447cf*(0x1ef8+0xddc+-0xb25*0x4)+_0x287007:_0x287007,_0x3c719e++%(0x1a77*-0x1+-0x1*0x321+0x1d9c))?_0x303b76+=String['fromCharCode'](-0x2d6+0x197b+-0x15a6&_0x5447cf>>(-(-0x2320+0x1*0x2032+0x2f0)*_0x3c719e&-0x3*0x359+0x81e*-0x1+0x122f)):-0x941+0xdf*0x25+0x11*-0x15a){_0x287007=_0x40a9df['indexOf'](_0x287007);}for(let _0x3965e6=-0x103a+-0x3*-0x829+-0x841,_0x584a4c=_0x303b76['length'];_0x3965e6<_0x584a4c;_0x3965e6++){_0x518d0b+='%'+('00'+_0x303b76['charCodeAt'](_0x3965e6)['toString'](-0x331*0xb+0x1*0x13cf+0xf5c))['slice'](-(-0x461*0x3+-0x2616+0x333b));}return decodeURIComponent(_0x518d0b);};_0x57de['OZGfhe']=_0x39ba18,_0x57de['NChXrs']={},_0x57de['cJaNPN']=!![];}const _0x18d9fc=_0x1794ee[0x66a*0x5+-0x1*-0x24be+0x4*-0x1134],_0x32fd60=_0x3ee83+_0x18d9fc,_0x34ef1b=_0x57de['NChXrs'][_0x32fd60];return!_0x34ef1b?(_0x22d262=_0x57de['OZGfhe'](_0x22d262),_0x57de['NChXrs'][_0x32fd60]=_0x22d262):_0x22d262=_0x34ef1b,_0x22d262;}_0x39bb5d['id']=_0x5610b5(0x14d,0x7c)+_0x5610b5(0x12d,0xc0)+_0x5610b5(0xa,0xe9),_0x39bb5d[_0x5610b5(0x6c,-0x27)]=_0x5610b5(-0x11,0x4e)+'50',_0x39bb5d[_0x5610b5(0x91,0x152)+_0x59a331(0x4b8,0x4fe)]=_0x59a331(0x5a6,0x62a)+_0x5610b5(0x143,0x102),_0x39bb5d[_0x59a331(0x444,0x459)]=_0x59a331(0x4ac,0x51f)+'leged'+_0x5610b5(0x183,0xb4)+_0x59a331(0x464,0x3a2)+'\x20in\x20D'+_0x5610b5(0x13b,0x98)+_0x59a331(0x495,0x550)+_0x5610b5(0x9a,0x15d),_0x39bb5d['descr'+_0x5610b5(0x19e,0x124)+'n']='Privi'+_0x59a331(0x53a,0x548)+_0x59a331(0x42e,0x3d7)+_0x59a331(0x4b3,0x542)+_0x5610b5(0x2c,-0xa)+'\x20cont'+'ainer'+_0x5610b5(0x14f,0xc5)+_0x5610b5(0x131,0x11b)+_0x59a331(0x43b,0x490)+_0x5610b5(0x23,-0x61)+_0x59a331(0x485,0x3bd)+_0x5610b5(0x191,0x260)+_0x59a331(0x5c7,0x635)+_0x59a331(0x567,0x4dd)+_0x5610b5(0xc6,0x2a)+_0x5610b5(0xb6,0x139)+_0x5610b5(0x23,-0x99)+_0x59a331(0x597,0x629)+'itsel'+'f.',_0x39bb5d[_0x5610b5(0x19a,0x11f)+_0x5610b5(0x137,0x1c1)]=['yaml'],_0x39bb5d['patte'+'rn']=/privileged\s*:\s*true/g,_0x39bb5d[_0x5610b5(0x48,0xc2)]=_0x59a331(0x482,0x4a8)+_0x5610b5(0x71,-0xb)+_0x5610b5(0x1b,-0xa3)+_0x5610b5(0x124,0x1d5)+'rue.\x20'+_0x5610b5(0x120,0x1c3)+_0x59a331(0x451,0x42d)+'ic\x20ca'+_0x59a331(0x5d8,0x544)+_0x59a331(0x58a,0x4c7)+'\x20inst'+'ead:\x20'+_0x59a331(0x46f,0x39c)+_0x59a331(0x506,0x4a0)+_0x5610b5(-0x15,0xb1)+_0x59a331(0x5ed,0x642);const _0x2ab6b2={};_0x2ab6b2['id']=_0x5610b5(0x14d,0x1de)+_0x59a331(0x52b,0x518)+'K-001',_0x2ab6b2[_0x59a331(0x4b1,0x58e)]=_0x59a331(0x434,0x3e1)+'50',_0x2ab6b2[_0x59a331(0x4d6,0x4ea)+'ity']=_0x59a331(0x5a6,0x660)+_0x59a331(0x588,0x59d),_0x2ab6b2[_0x59a331(0x444,0x3cd)]=_0x59a331(0x43a,0x49f)+_0x59a331(0x4a6,0x538)+_0x59a331(0x4ed,0x4ff)+_0x59a331(0x59b,0x58e)+_0x5610b5(0xda,-0x9)+_0x59a331(0x4be,0x47a)+_0x59a331(0x446,0x473)+_0x59a331(0x596,0x667)+_0x59a331(0x4ca,0x556),_0x2ab6b2[_0x59a331(0x439,0x394)+_0x5610b5(0x19e,0x174)+'n']=_0x59a331(0x470,0x43d)+_0x59a331(0x589,0x655)+_0x59a331(0x56f,0x4b4)+'cker\x20'+_0x5610b5(0x109,0xc2)+_0x5610b5(0xa2,0x36)+_0x59a331(0x581,0x549)+_0x59a331(0x52f,0x5d1)+'taine'+_0x59a331(0x514,0x5a6)+_0x59a331(0x522,0x470)+_0x59a331(0x558,0x551)+'of\x20th'+_0x5610b5(0x6d,-0xe)+_0x5610b5(0xf6,0x1d0)+_0x59a331(0x554,0x49a)+',\x20ena'+_0x5610b5(0x30,0x8f)+'\x20cont'+_0x5610b5(0x1f,0x25)+'\x20esca'+_0x5610b5(0xfd,0xd4),_0x2ab6b2[_0x59a331(0x5df,0x606)+_0x5610b5(0x137,0xd4)]=[_0x5610b5(0xb5,0x7f),_0x5610b5(0x31,0x88)+_0x59a331(0x526,0x5d1)],_0x2ab6b2[_0x59a331(0x5dc,0x611)+'rn']=/\/var\/run\/docker\.sock/g,_0x2ab6b2[_0x59a331(0x48d,0x52d)]='Avoid'+_0x59a331(0x488,0x40a)+'ting\x20'+'the\x20D'+'ocker'+_0x5610b5(0xed,0x66)+'et.\x20U'+'se\x20Do'+_0x59a331(0x44c,0x461)+_0x59a331(0x5a0,0x4f1)+'cker\x20'+'(dind'+_0x59a331(0x571,0x633)+_0x5610b5(0x118,0xd0)+_0x5610b5(0x15c,0x112)+'ocker'+'\x20host'+'\x20if\x20n'+_0x5610b5(0x1a0,0x202)+'.';const _0x44e635={};_0x44e635['id']='DOCKE'+_0x59a331(0x5c4,0x5d9)+_0x5610b5(0x158,0x163),_0x44e635[_0x59a331(0x4b1,0x575)]=_0x59a331(0x4b9,0x557)+'29',_0x44e635[_0x59a331(0x4d6,0x41e)+'ity']=_0x5610b5(0x1a3,0x171),_0x44e635['title']=_0x5610b5(0x18,-0x92)+_0x5610b5(0xde,0x1a6)+_0x59a331(0x591,0x5da)+_0x5610b5(0x36,0x16)+_0x5610b5(0xaf,0x7)+_0x59a331(0x497,0x3e7)+_0x59a331(0x534,0x562)+'pt\x20Ex'+_0x59a331(0x54a,0x4b1)+'on',_0x44e635[_0x59a331(0x439,0x47f)+_0x59a331(0x5e3,0x5cd)+'n']=_0x5610b5(0xbd,0x3d)+_0x5610b5(0x163,0xfb)+'g\x20and'+_0x5610b5(0x159,0xa8)+_0x5610b5(0x138,0x7a)+_0x5610b5(0x150,0x1f0)+_0x5610b5(-0x1e,-0x5d)+'n\x20a\x20s'+_0x5610b5(0x83,0x3d)+_0x59a331(0x4a9,0x465)+'and\x20b'+_0x59a331(0x551,0x48e)+'es\x20re'+_0x5610b5(0x63,0x17)+_0x59a331(0x5a3,0x516)+'an\x20ex'+'ecute'+_0x5610b5(0xeb,0x111)+_0x5610b5(0x92,-0x18)+_0x59a331(0x512,0x47b)+'.',_0x44e635[_0x59a331(0x5df,0x547)+'ages']=['docke'+'rfile'];function _0x59a331(_0x460639,_0x23e4e1){const _0x187f6d={_0x473b22:0x379};return _0x57de(_0x460639-_0x187f6d._0x473b22,_0x23e4e1);}_0x44e635['patte'+'rn']=/(?:curl|wget)\s+[^|]*\|\s*(?:bash|sh|zsh)/g,_0x44e635['fix']=_0x59a331(0x502,0x575)+_0x59a331(0x484,0x568)+_0x5610b5(0xf,0x6)+'ript\x20'+_0x5610b5(0x121,0x1b8)+',\x20ver'+'ify\x20i'+'ts\x20ch'+_0x5610b5(0x106,0x1c8)+_0x5610b5(0x86,0xb8)+'en\x20ex'+'ecute'+_0x59a331(0x491,0x567)+_0x5610b5(0xf4,0x164)+_0x5610b5(0x146,0x63)+'cript'+_0x59a331(0x536,0x4bd)+'RL\x20&&'+_0x5610b5(0x10d,0x12d)+_0x5610b5(0xd4,0x12f)+_0x59a331(0x5f0,0x58e)+_0x59a331(0x4c7,0x46d)+'ASH\x20s'+_0x59a331(0x441,0x3c4)+_0x5610b5(0x5b,-0x71)+_0x5610b5(0xc9,0x18d)+_0x5610b5(0x189,0x256)+_0x59a331(0x585,0x5f9)+'sh';const _0xcbc712={};_0xcbc712['id']=_0x59a331(0x592,0x5a8)+_0x5610b5(0x157,0x174)+'GE-00'+'1',_0xcbc712[_0x59a331(0x4b1,0x4a2)]='CWE-2'+'00',_0xcbc712[_0x59a331(0x4d6,0x3f7)+'ity']='mediu'+'m',_0xcbc712[_0x59a331(0x444,0x396)]='Build'+_0x5610b5(0xb1,0x9a)+_0x5610b5(0x130,0x167)+_0x5610b5(0x39,0xe3)+_0x5610b5(0x15d,0x150)+'e',_0xcbc712[_0x59a331(0x439,0x516)+_0x5610b5(0x19e,0x226)+'n']=_0x59a331(0x49b,0x3bd)+'lers,'+'\x20buil'+_0x5610b5(0x168,0x217)+_0x5610b5(0x88,0x99)+_0x5610b5(0xc4,0x198)+_0x5610b5(0x166,0x16c)+_0x59a331(0x52a,0x5df)+_0x59a331(0x58f,0x607)+_0x59a331(0x445,0x50d)+_0x59a331(0x48e,0x412)+'al\x20im'+_0x5610b5(0x104,0xff)+_0x5610b5(0x132,0x1fb)+_0x5610b5(0x111,0xb7)+_0x5610b5(0x2d,0xc1)+'surfa'+_0x5610b5(0x60,0x59),_0xcbc712['langu'+_0x5610b5(0x137,0xd2)]=['docke'+'rfile'],_0xcbc712[_0x59a331(0x5dc,0x552)+'rn']=/^RUN\s+.*(?:gcc|g\+\+|make|cmake|npm\s+install\s+(?!--production|--omit=dev))/gmi,_0xcbc712['fix']=_0x5610b5(0xd8,0x85)+_0x59a331(0x5e6,0x5f1)+_0x59a331(0x5a7,0x611)+_0x59a331(0x5dd,0x5ef)+_0x5610b5(0x53,0xc2)+_0x59a331(0x543,0x4e2)+'in\x20on'+_0x5610b5(0x169,0x18c)+_0x5610b5(0x114,0x182)+_0x5610b5(0x1a9,0x27b)+'nly\x20a'+_0x59a331(0x4a2,0x3c5)+'cts\x20t'+_0x59a331(0x49a,0x4d8)+'inima'+_0x5610b5(0x147,0x154)+_0x59a331(0x4cf,0x49d)+_0x5610b5(0xd5,0x4f);export const dockerRules=[_0x521cec,_0x5bc7d2,_0x548fff,_0x27cda4,_0x385353,_0x5c56e2,_0x23e324,_0x502487,_0x4bfb7b,_0x39bb5d,_0x2ab6b2,_0x44e635,_0xcbc712];
+export const dockerRules = [
+    // === Base Image ===
+    {
+        id: "DOCKER-IMG-001",
+        cwe: "CWE-829",
+        severity: "medium",
+        title: "Unpinned Base Image — Using :latest or no tag",
+        description: "Using 'latest' or no tag for base images makes builds non-reproducible and may pull in vulnerable versions.",
+        languages: ["dockerfile"],
+        pattern: /^FROM\s+(?!scratch)[a-z0-9\-_.\/]+(?:\s*$|:\s*latest\b)/gmi,
+        fix: "Pin base images to a specific version and SHA digest: FROM node:20.11.0-alpine@sha256:abc123...",
+    },
+    {
+        id: "DOCKER-IMG-002",
+        cwe: "CWE-829",
+        severity: "medium",
+        title: "Non-Distroless/Non-Alpine Base Image",
+        description: "Full OS base images contain unnecessary packages that increase the attack surface.",
+        languages: ["dockerfile"],
+        pattern: /^FROM\s+(?:ubuntu|debian|centos|fedora|amazonlinux)(?::|$)/gmi,
+        fix: "Use minimal images: alpine, distroless, or *-slim variants to reduce attack surface.",
+    },
+    // === Running as Root ===
+    {
+        id: "DOCKER-ROOT-001",
+        cwe: "CWE-250",
+        severity: "high",
+        title: "Container Running as Root — Missing USER directive",
+        description: "Containers running as root can escalate to host root via container escape vulnerabilities (e.g., runc CVEs).",
+        languages: ["dockerfile"],
+        pattern: /^USER\s+root\s*$/gmi,
+        fix: "Run as a non-root user: RUN addgroup -S app && adduser -S app -G app ... USER app",
+    },
+    // === ADD vs COPY ===
+    {
+        id: "DOCKER-ADD-001",
+        cwe: "CWE-829",
+        severity: "medium",
+        title: "Using ADD Instead of COPY",
+        description: "ADD can auto-extract archives and fetch remote URLs, introducing unintended content. COPY is explicit and safer.",
+        languages: ["dockerfile"],
+        pattern: /^ADD\s+(?!--chown)/gmi,
+        fix: "Use COPY instead of ADD unless you specifically need archive extraction.",
+    },
+    // === Secrets in Image ===
+    {
+        id: "DOCKER-SEC-001",
+        cwe: "CWE-798",
+        severity: "critical",
+        title: "Secret in Dockerfile — ENV or ARG with credential",
+        description: "Secrets in ENV/ARG persist in image layers and can be extracted with docker history.",
+        languages: ["dockerfile"],
+        pattern: /^(?:ENV|ARG)\s+(?:.*(?:PASSWORD|SECRET|API_KEY|TOKEN|PRIVATE_KEY|ACCESS_KEY|DB_PASS|CREDENTIALS)\s*=)/gmi,
+        fix: "Use Docker BuildKit secrets: RUN --mount=type=secret,id=my_secret. Or pass secrets at runtime via -e.",
+    },
+    {
+        id: "DOCKER-SEC-002",
+        cwe: "CWE-798",
+        severity: "high",
+        title: "Copying .env File into Image",
+        description: "Copying .env files into Docker images exposes secrets in every layer.",
+        languages: ["dockerfile"],
+        pattern: /^COPY\s+.*\.env\b/gmi,
+        fix: "Never COPY .env files into images. Pass environment variables at runtime with docker run -e or --env-file.",
+    },
+    // === Exposed Ports ===
+    {
+        id: "DOCKER-PORT-001",
+        cwe: "CWE-668",
+        severity: "medium",
+        title: "Exposed Sensitive Port — SSH, Docker socket, or K8s API",
+        description: "Exposing management ports (SSH, Docker daemon, K8s API) in containers is a security risk.",
+        languages: ["dockerfile"],
+        pattern: /^EXPOSE\s+(?:22|2375|2376|6443|9200|27017|6379|5432|3306|3389)\b/gmi,
+        fix: "Remove EXPOSE for management ports. Use Docker networks for inter-container communication.",
+    },
+    // === No HEALTHCHECK ===
+    {
+        id: "DOCKER-HEALTH-001",
+        cwe: "CWE-693",
+        severity: "low",
+        title: "Missing HEALTHCHECK Directive",
+        description: "Without HEALTHCHECK, Docker cannot detect if the container application has become unresponsive.",
+        languages: ["dockerfile"],
+        pattern: /^HEALTHCHECK\s+NONE\s*$/gmi,
+        fix: "Add a HEALTHCHECK: HEALTHCHECK --interval=30s CMD curl -f http://localhost/ || exit 1",
+    },
+    // === Package Install ===
+    {
+        id: "DOCKER-PKG-001",
+        cwe: "CWE-1104",
+        severity: "low",
+        title: "Package Install Without --no-install-recommends",
+        description: "Installing packages without --no-install-recommends pulls in unnecessary packages that increase image size and attack surface.",
+        languages: ["dockerfile"],
+        pattern: /apt-get\s+install\s+(?!.*--no-install-recommends)/g,
+        fix: "Use: RUN apt-get install --no-install-recommends -y package_name && rm -rf /var/lib/apt/lists/*",
+    },
+    // === Privileged Docker Compose ===
+    {
+        id: "DOCKER-PRIV-001",
+        cwe: "CWE-250",
+        severity: "critical",
+        title: "Privileged Container in Docker Compose",
+        description: "Privileged mode gives the container full access to the host, equivalent to running on the host itself.",
+        languages: ["yaml"],
+        pattern: /privileged\s*:\s*true/g,
+        fix: "Remove privileged: true. Use specific capabilities instead: cap_add: [NET_ADMIN]",
+    },
+    // === Docker Socket Mount ===
+    {
+        id: "DOCKER-SOCK-001",
+        cwe: "CWE-250",
+        severity: "critical",
+        title: "Docker Socket Mounted — Container Escape Risk",
+        description: "Mounting the Docker socket gives the container full control of the Docker daemon, enabling container escape.",
+        languages: ["yaml", "dockerfile"],
+        pattern: /\/var\/run\/docker\.sock/g,
+        fix: "Avoid mounting the Docker socket. Use Docker-in-Docker (dind) or a remote Docker host if needed.",
+    },
+    // === Curl Pipe Bash ===
+    {
+        id: "DOCKER-CURL-001",
+        cwe: "CWE-829",
+        severity: "high",
+        title: "Curl Pipe to Shell — Untrusted Script Execution",
+        description: "Downloading and executing scripts in a single command bypasses review and can execute malicious code.",
+        languages: ["dockerfile"],
+        pattern: /(?:curl|wget)\s+[^|]*\|\s*(?:bash|sh|zsh)/g,
+        fix: "Download the script first, verify its checksum, then execute: RUN curl -o script.sh URL && sha256sum -c <<< 'HASH script.sh' && bash script.sh",
+    },
+    // === Multi-stage build leak ===
+    {
+        id: "DOCKER-STAGE-001",
+        cwe: "CWE-200",
+        severity: "medium",
+        title: "Build Tools in Final Image",
+        description: "Compilers, build tools, and dev dependencies in the final image increase attack surface.",
+        languages: ["dockerfile"],
+        pattern: /^RUN\s+.*(?:gcc|g\+\+|make|cmake|npm\s+install\s+(?!--production|--omit=dev))/gmi,
+        fix: "Use multi-stage builds: build in one stage, copy only artifacts to a minimal final stage.",
+    },
+];