@panguard-ai/core 0.1.0

package/dist/discovery/security-tools.js

@@ -0,0 +1,346 @@
+/**
+ * Security tool detection
+ * 安全工具偵測
+ *
+ * Detects installed and running security tools (antivirus, EDR, firewall,
+ * IDS, SIEM) by checking running processes, known service names, and
+ * common installation paths.
+ * 透過檢查執行中的行程、已知服務名稱和常見安裝路徑，偵測已安裝和執行中的安全工具
+ * （防毒、EDR、防火牆、IDS、SIEM）。
+ *
+ * @module @panguard-ai/core/discovery/security-tools
+ */
+import { execFile } from 'child_process';
+import { promisify } from 'util';
+import { platform as osPlatform } from 'os';
+import { access } from 'fs/promises';
+import { createLogger } from '../utils/logger.js';
+const execFileAsync = promisify(execFile);
+const logger = createLogger('discovery:security-tools');
+/**
+ * Database of known security tools and their identifiers
+ * 已知安全工具及其識別碼的資料庫
+ */
+const KNOWN_SECURITY_TOOLS = [
+    {
+        name: 'Windows Defender',
+        vendor: 'Microsoft',
+        processNames: ['MsMpEng.exe', 'MpCmdRun.exe', 'NisSrv.exe', 'SecurityHealthService.exe'],
+        serviceName: 'WinDefend',
+        type: 'antivirus',
+        installPaths: ['C:\\Program Files\\Windows Defender'],
+    },
+    {
+        name: 'Wazuh',
+        vendor: 'Wazuh Inc.',
+        processNames: ['wazuh-agentd', 'wazuh-execd', 'wazuh-modulesd', 'ossec-agentd'],
+        serviceName: 'wazuh-agent',
+        type: 'siem',
+        installPaths: ['/var/ossec', '/Library/Ossec'],
+    },
+    {
+        name: 'CrowdStrike Falcon',
+        vendor: 'CrowdStrike',
+        processNames: ['falcond', 'falcon-sensor', 'CSFalconService.exe', 'CSFalconContainer'],
+        serviceName: 'CSFalconService',
+        type: 'edr',
+        installPaths: ['/opt/CrowdStrike', '/Library/CS', 'C:\\Program Files\\CrowdStrike'],
+    },
+    {
+        name: 'Sophos',
+        vendor: 'Sophos',
+        processNames: [
+            'SophosScanD',
+            'SophosAntiVirus',
+            'savscand',
+            'SophosCleanM.exe',
+            'SophosHealth.exe',
+        ],
+        serviceName: 'Sophos Anti-Virus',
+        type: 'antivirus',
+        installPaths: ['/opt/sophos-av', '/Library/Sophos Anti-Virus', 'C:\\Program Files\\Sophos'],
+    },
+    {
+        name: 'Trend Micro',
+        vendor: 'Trend Micro',
+        processNames: ['ds_agent', 'dsa_query', 'coreServiceShell', 'PccNTMon.exe', 'TMBMSRV.exe'],
+        serviceName: 'ds_agent',
+        type: 'antivirus',
+        installPaths: ['/opt/ds_agent', 'C:\\Program Files\\Trend Micro'],
+    },
+    {
+        name: 'Kaspersky',
+        vendor: 'Kaspersky',
+        processNames: ['klnagent', 'avp', 'avp.exe', 'kavfswh.exe'],
+        serviceName: 'klnagent',
+        type: 'antivirus',
+        installPaths: ['C:\\Program Files\\Kaspersky Lab', 'C:\\Program Files (x86)\\Kaspersky Lab'],
+    },
+    {
+        name: 'Malwarebytes',
+        vendor: 'Malwarebytes',
+        processNames: ['MBAMService', 'mbamservice.exe', 'RTProtectionDaemon'],
+        serviceName: 'MBAMService',
+        type: 'antivirus',
+        installPaths: ['/Library/Application Support/Malwarebytes', 'C:\\Program Files\\Malwarebytes'],
+    },
+    {
+        name: 'ESET',
+        vendor: 'ESET',
+        processNames: ['esets_daemon', 'ekrn.exe', 'egui.exe', 'essod'],
+        serviceName: 'esets_daemon',
+        type: 'antivirus',
+        installPaths: ['/opt/eset', 'C:\\Program Files\\ESET'],
+    },
+    {
+        name: 'pfSense',
+        vendor: 'Netgate',
+        processNames: ['pf', 'pflogd', 'pfctl'],
+        type: 'firewall',
+        installPaths: ['/usr/local/sbin/pfctl'],
+    },
+    {
+        name: 'Fortinet FortiClient',
+        vendor: 'Fortinet',
+        processNames: ['forticlient', 'FortiClient.exe', 'FortiTray.exe', 'FCDBLog.exe'],
+        serviceName: 'FortiClientMonitor',
+        type: 'edr',
+        installPaths: ['/opt/forticlient', 'C:\\Program Files\\Fortinet'],
+    },
+    {
+        name: 'Snort',
+        vendor: 'Cisco',
+        processNames: ['snort'],
+        serviceName: 'snort',
+        type: 'ids',
+        installPaths: ['/usr/local/bin/snort', '/usr/sbin/snort'],
+    },
+    {
+        name: 'Suricata',
+        vendor: 'OISF',
+        processNames: ['suricata'],
+        serviceName: 'suricata',
+        type: 'ids',
+        installPaths: ['/usr/bin/suricata', '/usr/local/bin/suricata'],
+    },
+    {
+        name: 'OSSEC',
+        vendor: 'OSSEC Foundation',
+        processNames: ['ossec-analysisd', 'ossec-syscheckd', 'ossec-remoted'],
+        serviceName: 'ossec',
+        type: 'ids',
+        installPaths: ['/var/ossec'],
+    },
+    {
+        name: 'ClamAV',
+        vendor: 'ClamAV',
+        processNames: ['clamd', 'freshclam', 'clamdscan'],
+        serviceName: 'clamav-daemon',
+        type: 'antivirus',
+        installPaths: ['/usr/bin/clamscan', '/usr/local/bin/clamscan'],
+    },
+    {
+        name: 'Splunk',
+        vendor: 'Splunk',
+        processNames: ['splunkd', 'splunk-optimize'],
+        serviceName: 'Splunkd',
+        type: 'siem',
+        installPaths: ['/opt/splunk', '/opt/splunkforwarder', 'C:\\Program Files\\Splunk'],
+    },
+    {
+        name: 'Elastic Agent',
+        vendor: 'Elastic',
+        processNames: ['elastic-agent', 'filebeat', 'metricbeat', 'auditbeat'],
+        serviceName: 'elastic-agent',
+        type: 'siem',
+        installPaths: ['/opt/Elastic', 'C:\\Program Files\\Elastic'],
+    },
+    {
+        name: 'Carbon Black',
+        vendor: 'VMware',
+        processNames: ['cbagentd', 'cbdaemon', 'CbDefense.exe'],
+        serviceName: 'CbDefense',
+        type: 'edr',
+        installPaths: ['/opt/carbonblack', 'C:\\Program Files\\Confer'],
+    },
+    {
+        name: 'SentinelOne',
+        vendor: 'SentinelOne',
+        processNames: ['sentinelone-agent', 'SentinelAgent.exe', 'sentineld'],
+        serviceName: 'SentinelAgent',
+        type: 'edr',
+        installPaths: ['/opt/sentinelone', 'C:\\Program Files\\SentinelOne'],
+    },
+];
+/**
+ * Safely execute a command and return stdout, or empty string on failure
+ * 安全地執行命令並回傳 stdout，失敗時回傳空字串
+ *
+ * @param cmd - Command to execute / 要執行的命令
+ * @param args - Command arguments / 命令參數
+ * @returns stdout output trimmed / 修剪後的 stdout 輸出
+ */
+async function safeExec(cmd, args) {
+    try {
+        const { stdout } = await execFileAsync(cmd, args, { timeout: 10_000 });
+        return stdout.trim();
+    }
+    catch (err) {
+        logger.debug(`Command failed: ${cmd} ${args.join(' ')}`, {
+            error: err instanceof Error ? err.message : String(err),
+        });
+        return '';
+    }
+}
+/**
+ * Get list of currently running process names
+ * 取得目前執行中的行程名稱列表
+ *
+ * @returns Set of lowercase process names / 小寫行程名稱集合
+ */
+async function getRunningProcesses() {
+    const processes = new Set();
+    const currentPlatform = osPlatform();
+    try {
+        let output = '';
+        switch (currentPlatform) {
+            case 'darwin':
+            case 'linux':
+                output = await safeExec('ps', ['aux']);
+                break;
+            case 'win32':
+                output = await safeExec('tasklist', ['/FO', 'CSV', '/NH']);
+                break;
+            default:
+                return processes;
+        }
+        if (!output)
+            return processes;
+        const lines = output.split('\n');
+        for (const line of lines) {
+            if (currentPlatform === 'win32') {
+                // CSV format: "process.exe","PID",...
+                // CSV 格式："process.exe","PID",...
+                const match = line.match(/^"([^"]+)"/);
+                if (match?.[1]) {
+                    processes.add(match[1].toLowerCase());
+                }
+            }
+            else {
+                // Unix ps aux format: USER PID ... COMMAND
+                // Unix ps aux 格式：USER PID ... COMMAND
+                const parts = line.trim().split(/\s+/);
+                if (parts.length >= 11) {
+                    const cmd = parts[10] ?? '';
+                    // Extract just the binary name from the full path
+                    // 從完整路徑中僅擷取二進位檔案名稱
+                    const binaryName = cmd.split('/').pop()?.split('\\').pop() ?? '';
+                    if (binaryName) {
+                        processes.add(binaryName.toLowerCase());
+                    }
+                }
+            }
+        }
+    }
+    catch (err) {
+        logger.error('Failed to enumerate running processes', {
+            error: err instanceof Error ? err.message : String(err),
+        });
+    }
+    return processes;
+}
+/**
+ * Check if a file/directory exists at the given path
+ * 檢查給定路徑是否存在檔案/目錄
+ *
+ * @param filePath - Path to check / 要檢查的路徑
+ * @returns Whether the path exists / 路徑是否存在
+ */
+async function pathExists(filePath) {
+    try {
+        await access(filePath);
+        return true;
+    }
+    catch {
+        return false;
+    }
+}
+/**
+ * Detect installed and running security tools on the system
+ * 偵測系統上已安裝和執行中的安全工具
+ *
+ * Detection methods:
+ * 1. Check running processes against known process names
+ * 2. Check service list against known service names
+ * 3. Check common installation paths
+ * 偵測方法：
+ * 1. 比對執行中行程與已知行程名稱
+ * 2. 比對服務列表與已知服務名稱
+ * 3. 檢查常見安裝路徑
+ *
+ * @param services - Previously detected services list / 先前偵測到的服務列表
+ * @returns Array of detected security tools / 偵測到的安全工具陣列
+ */
+export async function detectSecurityTools(services) {
+    const detectedTools = [];
+    const processSet = await getRunningProcesses();
+    logger.info(`Checking ${KNOWN_SECURITY_TOOLS.length} known security tools against ${processSet.size} running processes`);
+    // Build a set of running service names for quick lookup
+    // 建立執行中服務名稱集合以快速查找
+    const runningServiceNames = new Set(services.filter((s) => s.status === 'running').map((s) => s.name.toLowerCase()));
+    for (const tool of KNOWN_SECURITY_TOOLS) {
+        let running = false;
+        let foundViaProcess = false;
+        let foundViaService = false;
+        let foundViaPath = false;
+        // Check 1: Running processes
+        // 檢查 1：執行中行程
+        for (const processName of tool.processNames) {
+            if (processSet.has(processName.toLowerCase())) {
+                running = true;
+                foundViaProcess = true;
+                break;
+            }
+        }
+        // Check 2: Service names
+        // 檢查 2：服務名稱
+        if (!foundViaProcess && tool.serviceName) {
+            if (runningServiceNames.has(tool.serviceName.toLowerCase())) {
+                running = true;
+                foundViaService = true;
+            }
+            // Also check if the service exists but isn't running
+            // 同時檢查服務是否存在但未執行
+            const matchingService = services.find((s) => s.name.toLowerCase() === tool.serviceName.toLowerCase());
+            if (matchingService && !foundViaService) {
+                foundViaService = true;
+                running = matchingService.status === 'running';
+            }
+        }
+        // Check 3: Install paths
+        // 檢查 3：安裝路徑
+        if (!foundViaProcess && !foundViaService && tool.installPaths) {
+            for (const installPath of tool.installPaths) {
+                if (await pathExists(installPath)) {
+                    foundViaPath = true;
+                    break;
+                }
+            }
+        }
+        if (foundViaProcess || foundViaService || foundViaPath) {
+            const detected = {
+                name: tool.name,
+                vendor: tool.vendor,
+                running,
+                type: tool.type,
+            };
+            logger.info(`Detected security tool: ${tool.name} (${tool.vendor}) - ${running ? 'running' : 'installed but not running'}`, {
+                detectedVia: foundViaProcess ? 'process' : foundViaService ? 'service' : 'path',
+            });
+            detectedTools.push(detected);
+        }
+    }
+    logger.info(`Total security tools detected: ${detectedTools.length}`);
+    return detectedTools;
+}
+//# sourceMappingURL=security-tools.js.map

package/dist/discovery/security-tools.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"security-tools.js","sourceRoot":"","sources":["../../src/discovery/security-tools.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AACzC,OAAO,EAAE,SAAS,EAAE,MAAM,MAAM,CAAC;AACjC,OAAO,EAAE,QAAQ,IAAI,UAAU,EAAE,MAAM,IAAI,CAAC;AAC5C,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AACrC,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAGlD,MAAM,aAAa,GAAG,SAAS,CAAC,QAAQ,CAAC,CAAC;AAC1C,MAAM,MAAM,GAAG,YAAY,CAAC,0BAA0B,CAAC,CAAC;AAqBxD;;;GAGG;AACH,MAAM,oBAAoB,GAAwB;IAChD;QACE,IAAI,EAAE,kBAAkB;QACxB,MAAM,EAAE,WAAW;QACnB,YAAY,EAAE,CAAC,aAAa,EAAE,cAAc,EAAE,YAAY,EAAE,2BAA2B,CAAC;QACxF,WAAW,EAAE,WAAW;QACxB,IAAI,EAAE,WAAW;QACjB,YAAY,EAAE,CAAC,qCAAqC,CAAC;KACtD;IACD;QACE,IAAI,EAAE,OAAO;QACb,MAAM,EAAE,YAAY;QACpB,YAAY,EAAE,CAAC,cAAc,EAAE,aAAa,EAAE,gBAAgB,EAAE,cAAc,CAAC;QAC/E,WAAW,EAAE,aAAa;QAC1B,IAAI,EAAE,MAAM;QACZ,YAAY,EAAE,CAAC,YAAY,EAAE,gBAAgB,CAAC;KAC/C;IACD;QACE,IAAI,EAAE,oBAAoB;QAC1B,MAAM,EAAE,aAAa;QACrB,YAAY,EAAE,CAAC,SAAS,EAAE,eAAe,EAAE,qBAAqB,EAAE,mBAAmB,CAAC;QACtF,WAAW,EAAE,iBAAiB;QAC9B,IAAI,EAAE,KAAK;QACX,YAAY,EAAE,CAAC,kBAAkB,EAAE,aAAa,EAAE,gCAAgC,CAAC;KACpF;IACD;QACE,IAAI,EAAE,QAAQ;QACd,MAAM,EAAE,QAAQ;QAChB,YAAY,EAAE;YACZ,aAAa;YACb,iBAAiB;YACjB,UAAU;YACV,kBAAkB;YAClB,kBAAkB;SACnB;QACD,WAAW,EAAE,mBAAmB;QAChC,IAAI,EAAE,WAAW;QACjB,YAAY,EAAE,CAAC,gBAAgB,EAAE,4BAA4B,EAAE,2BAA2B,CAAC;KAC5F;IACD;QACE,IAAI,EAAE,aAAa;QACnB,MAAM,EAAE,aAAa;QACrB,YAAY,EAAE,CAAC,UAAU,EAAE,WAAW,EAAE,kBAAkB,EAAE,cAAc,EAAE,aAAa,CAAC;QAC1F,WAAW,EAAE,UAAU;QACvB,IAAI,EAAE,WAAW;QACjB,YAAY,EAAE,CAAC,eAAe,EAAE,gCAAgC,CAAC;KAClE;IACD;QACE,IAAI,EAAE,WAAW;QACjB,MAAM,EAAE,WAAW;QACnB,YAAY,EAAE,CAAC,UAAU,EAAE,KAAK,EAAE,SAAS,EAAE,aAAa,CAAC;QAC3D,WAAW,EAAE,UAAU;QACvB,IAAI,EAAE,WAAW;QACjB,YAAY,EAAE,CAAC,kCAAkC,EAAE,wCAAwC,CAAC;KAC7F;IACD;QACE,IAAI,EAAE,cAAc;QACpB,MAAM,EAAE,cAAc;QACtB,YAAY,EAAE,CAAC,aAAa,EAAE,iBAAiB,EAAE,oBAAoB,CAAC;QACtE,WAAW,EAAE,aAAa;QAC1B,IAAI,EAAE,WAAW;QACjB,YAAY,EAAE,CAAC,2CAA2C,EAAE,iCAAiC,CAAC;KAC/F;IACD;QACE,IAAI,EAAE,MAAM;QACZ,MAAM,EAAE,MAAM;QACd,YAAY,EAAE,CAAC,cAAc,EAAE,UAAU,EAAE,UAAU,EAAE,OAAO,CAAC;QAC/D,WAAW,EAAE,cAAc;QAC3B,IAAI,EAAE,WAAW;QACjB,YAAY,EAAE,CAAC,WAAW,EAAE,yBAAyB,CAAC;KACvD;IACD;QACE,IAAI,EAAE,SAAS;QACf,MAAM,EAAE,SAAS;QACjB,YAAY,EAAE,CAAC,IAAI,EAAE,QAAQ,EAAE,OAAO,CAAC;QACvC,IAAI,EAAE,UAAU;QAChB,YAAY,EAAE,CAAC,uBAAuB,CAAC;KACxC;IACD;QACE,IAAI,EAAE,sBAAsB;QAC5B,MAAM,EAAE,UAAU;QAClB,YAAY,EAAE,CAAC,aAAa,EAAE,iBAAiB,EAAE,eAAe,EAAE,aAAa,CAAC;QAChF,WAAW,EAAE,oBAAoB;QACjC,IAAI,EAAE,KAAK;QACX,YAAY,EAAE,CAAC,kBAAkB,EAAE,6BAA6B,CAAC;KAClE;IACD;QACE,IAAI,EAAE,OAAO;QACb,MAAM,EAAE,OAAO;QACf,YAAY,EAAE,CAAC,OAAO,CAAC;QACvB,WAAW,EAAE,OAAO;QACpB,IAAI,EAAE,KAAK;QACX,YAAY,EAAE,CAAC,sBAAsB,EAAE,iBAAiB,CAAC;KAC1D;IACD;QACE,IAAI,EAAE,UAAU;QAChB,MAAM,EAAE,MAAM;QACd,YAAY,EAAE,CAAC,UAAU,CAAC;QAC1B,WAAW,EAAE,UAAU;QACvB,IAAI,EAAE,KAAK;QACX,YAAY,EAAE,CAAC,mBAAmB,EAAE,yBAAyB,CAAC;KAC/D;IACD;QACE,IAAI,EAAE,OAAO;QACb,MAAM,EAAE,kBAAkB;QAC1B,YAAY,EAAE,CAAC,iBAAiB,EAAE,iBAAiB,EAAE,eAAe,CAAC;QACrE,WAAW,EAAE,OAAO;QACpB,IAAI,EAAE,KAAK;QACX,YAAY,EAAE,CAAC,YAAY,CAAC;KAC7B;IACD;QACE,IAAI,EAAE,QAAQ;QACd,MAAM,EAAE,QAAQ;QAChB,YAAY,EAAE,CAAC,OAAO,EAAE,WAAW,EAAE,WAAW,CAAC;QACjD,WAAW,EAAE,eAAe;QAC5B,IAAI,EAAE,WAAW;QACjB,YAAY,EAAE,CAAC,mBAAmB,EAAE,yBAAyB,CAAC;KAC/D;IACD;QACE,IAAI,EAAE,QAAQ;QACd,MAAM,EAAE,QAAQ;QAChB,YAAY,EAAE,CAAC,SAAS,EAAE,iBAAiB,CAAC;QAC5C,WAAW,EAAE,SAAS;QACtB,IAAI,EAAE,MAAM;QACZ,YAAY,EAAE,CAAC,aAAa,EAAE,sBAAsB,EAAE,2BAA2B,CAAC;KACnF;IACD;QACE,IAAI,EAAE,eAAe;QACrB,MAAM,EAAE,SAAS;QACjB,YAAY,EAAE,CAAC,eAAe,EAAE,UAAU,EAAE,YAAY,EAAE,WAAW,CAAC;QACtE,WAAW,EAAE,eAAe;QAC5B,IAAI,EAAE,MAAM;QACZ,YAAY,EAAE,CAAC,cAAc,EAAE,4BAA4B,CAAC;KAC7D;IACD;QACE,IAAI,EAAE,cAAc;QACpB,MAAM,EAAE,QAAQ;QAChB,YAAY,EAAE,CAAC,UAAU,EAAE,UAAU,EAAE,eAAe,CAAC;QACvD,WAAW,EAAE,WAAW;QACxB,IAAI,EAAE,KAAK;QACX,YAAY,EAAE,CAAC,kBAAkB,EAAE,2BAA2B,CAAC;KAChE;IACD;QACE,IAAI,EAAE,aAAa;QACnB,MAAM,EAAE,aAAa;QACrB,YAAY,EAAE,CAAC,mBAAmB,EAAE,mBAAmB,EAAE,WAAW,CAAC;QACrE,WAAW,EAAE,eAAe;QAC5B,IAAI,EAAE,KAAK;QACX,YAAY,EAAE,CAAC,kBAAkB,EAAE,gCAAgC,CAAC;KACrE;CACF,CAAC;AAEF;;;;;;;GAOG;AACH,KAAK,UAAU,QAAQ,CAAC,GAAW,EAAE,IAAc;IACjD,IAAI,CAAC;QACH,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,aAAa,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC,CAAC;QACvE,OAAO,MAAM,CAAC,IAAI,EAAE,CAAC;IACvB,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,CAAC,KAAK,CAAC,mBAAmB,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE;YACvD,KAAK,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC;SACxD,CAAC,CAAC;QACH,OAAO,EAAE,CAAC;IACZ,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,KAAK,UAAU,mBAAmB;IAChC,MAAM,SAAS,GAAG,IAAI,GAAG,EAAU,CAAC;IACpC,MAAM,eAAe,GAAG,UAAU,EAAE,CAAC;IAErC,IAAI,CAAC;QACH,IAAI,MAAM,GAAG,EAAE,CAAC;QAEhB,QAAQ,eAAe,EAAE,CAAC;YACxB,KAAK,QAAQ,CAAC;YACd,KAAK,OAAO;gBACV,MAAM,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC;gBACvC,MAAM;YACR,KAAK,OAAO;gBACV,MAAM,GAAG,MAAM,QAAQ,CAAC,UAAU,EAAE,CAAC,KAAK,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC;gBAC3D,MAAM;YACR;gBACE,OAAO,SAAS,CAAC;QACrB,CAAC;QAED,IAAI,CAAC,MAAM;YAAE,OAAO,SAAS,CAAC;QAE9B,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAEjC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,IAAI,eAAe,KAAK,OAAO,EAAE,CAAC;gBAChC,sCAAsC;gBACtC,iCAAiC;gBACjC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;gBACvC,IAAI,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;oBACf,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC;gBACxC,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,2CAA2C;gBAC3C,sCAAsC;gBACtC,MAAM,KAAK,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;gBACvC,IAAI,KAAK,CAAC,MAAM,IAAI,EAAE,EAAE,CAAC;oBACvB,MAAM,GAAG,GAAG,KAAK,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC;oBAC5B,kDAAkD;oBAClD,mBAAmB;oBACnB,MAAM,UAAU,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC;oBACjE,IAAI,UAAU,EAAE,CAAC;wBACf,SAAS,CAAC,GAAG,CAAC,UAAU,CAAC,WAAW,EAAE,CAAC,CAAC;oBAC1C,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,CAAC,KAAK,CAAC,uCAAuC,EAAE;YACpD,KAAK,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC;SACxD,CAAC,CAAC;IACL,CAAC;IAED,OAAO,SAAS,CAAC;AACnB,CAAC;AAED;;;;;;GAMG;AACH,KAAK,UAAU,UAAU,CAAC,QAAgB;IACxC,IAAI,CAAC;QACH,MAAM,MAAM,CAAC,QAAQ,CAAC,CAAC;QACvB,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;;;;GAeG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CAAC,QAAuB;IAC/D,MAAM,aAAa,GAAmB,EAAE,CAAC;IACzC,MAAM,UAAU,GAAG,MAAM,mBAAmB,EAAE,CAAC;IAE/C,MAAM,CAAC,IAAI,CACT,YAAY,oBAAoB,CAAC,MAAM,iCAAiC,UAAU,CAAC,IAAI,oBAAoB,CAC5G,CAAC;IAEF,wDAAwD;IACxD,mBAAmB;IACnB,MAAM,mBAAmB,GAAG,IAAI,GAAG,CACjC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,CAChF,CAAC;IAEF,KAAK,MAAM,IAAI,IAAI,oBAAoB,EAAE,CAAC;QACxC,IAAI,OAAO,GAAG,KAAK,CAAC;QACpB,IAAI,eAAe,GAAG,KAAK,CAAC;QAC5B,IAAI,eAAe,GAAG,KAAK,CAAC;QAC5B,IAAI,YAAY,GAAG,KAAK,CAAC;QAEzB,6BAA6B;QAC7B,aAAa;QACb,KAAK,MAAM,WAAW,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;YAC5C,IAAI,UAAU,CAAC,GAAG,CAAC,WAAW,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;gBAC9C,OAAO,GAAG,IAAI,CAAC;gBACf,eAAe,GAAG,IAAI,CAAC;gBACvB,MAAM;YACR,CAAC;QACH,CAAC;QAED,yBAAyB;QACzB,YAAY;QACZ,IAAI,CAAC,eAAe,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;YACzC,IAAI,mBAAmB,CAAC,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;gBAC5D,OAAO,GAAG,IAAI,CAAC;gBACf,eAAe,GAAG,IAAI,CAAC;YACzB,CAAC;YACD,qDAAqD;YACrD,iBAAiB;YACjB,MAAM,eAAe,GAAG,QAAQ,CAAC,IAAI,CACnC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,EAAE,KAAK,IAAI,CAAC,WAAY,CAAC,WAAW,EAAE,CAChE,CAAC;YACF,IAAI,eAAe,IAAI,CAAC,eAAe,EAAE,CAAC;gBACxC,eAAe,GAAG,IAAI,CAAC;gBACvB,OAAO,GAAG,eAAe,CAAC,MAAM,KAAK,SAAS,CAAC;YACjD,CAAC;QACH,CAAC;QAED,yBAAyB;QACzB,YAAY;QACZ,IAAI,CAAC,eAAe,IAAI,CAAC,eAAe,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;YAC9D,KAAK,MAAM,WAAW,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;gBAC5C,IAAI,MAAM,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC;oBAClC,YAAY,GAAG,IAAI,CAAC;oBACpB,MAAM;gBACR,CAAC;YACH,CAAC;QACH,CAAC;QAED,IAAI,eAAe,IAAI,eAAe,IAAI,YAAY,EAAE,CAAC;YACvD,MAAM,QAAQ,GAAiB;gBAC7B,IAAI,EAAE,IAAI,CAAC,IAAI;gBACf,MAAM,EAAE,IAAI,CAAC,MAAM;gBACnB,OAAO;gBACP,IAAI,EAAE,IAAI,CAAC,IAAI;aAChB,CAAC;YAEF,MAAM,CAAC,IAAI,CACT,2BAA2B,IAAI,CAAC,IAAI,KAAK,IAAI,CAAC,MAAM,OAAO,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,2BAA2B,EAAE,EAC9G;gBACE,WAAW,EAAE,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM;aAChF,CACF,CAAC;YAEF,aAAa,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAC/B,CAAC;IACH,CAAC;IAED,MAAM,CAAC,IAAI,CAAC,kCAAkC,aAAa,CAAC,MAAM,EAAE,CAAC,CAAC;IACtE,OAAO,aAAa,CAAC;AACvB,CAAC"}

package/dist/discovery/service-detector.d.ts

@@ -0,0 +1,28 @@
+/**
+ * Running services detection
+ * 執行中服務偵測
+ *
+ * Detects and enumerates running services across macOS, Linux, and Windows
+ * using platform-specific service management commands.
+ * 使用平台特定的服務管理命令，跨 macOS、Linux 和 Windows 偵測並列舉執行中的服務。
+ *
+ * @module @panguard-ai/core/discovery/service-detector
+ */
+import type { ServiceInfo } from './types.js';
+/**
+ * Detect all running services on the current platform
+ * 偵測目前平台上所有執行中的服務
+ *
+ * Dispatches to platform-specific detection methods:
+ * - macOS: launchctl list
+ * - Linux: systemctl list-units
+ * - Windows: sc query / net start
+ * 分派到平台特定的偵測方法：
+ * - macOS：launchctl list
+ * - Linux：systemctl list-units
+ * - Windows：sc query / net start
+ *
+ * @returns Array of detected services / 偵測到的服務陣列
+ */
+export declare function detectServices(): Promise<ServiceInfo[]>;
+//# sourceMappingURL=service-detector.d.ts.map

package/dist/discovery/service-detector.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"service-detector.d.ts","sourceRoot":"","sources":["../../src/discovery/service-detector.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAMH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAiR9C;;;;;;;;;;;;;;GAcG;AACH,wBAAsB,cAAc,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC,CAiC7D"}