@shriyanss/js-recon 1.1.4 → 1.2.1-alpha.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +18 -0
- package/README.md +4 -0
- package/build/analyze/engine/astEngine.js +20 -0
- package/build/analyze/engine/astEngine.js.map +1 -1
- package/build/analyze/engine/index.js +4 -2
- package/build/analyze/engine/index.js.map +1 -1
- package/build/analyze/engine/requestEngine.js +18 -4
- package/build/analyze/engine/requestEngine.js.map +1 -1
- package/build/analyze/helpers/outputHelper.js +8 -0
- package/build/analyze/helpers/outputHelper.js.map +1 -0
- package/build/analyze/index.js +11 -3
- package/build/analyze/index.js.map +1 -1
- package/build/globalConfig.js +1 -1
- package/build/globalConfig.js.map +1 -1
- package/build/index.js +18 -6
- package/build/index.js.map +1 -1
- package/build/lazyLoad/index.js +5 -1
- package/build/lazyLoad/index.js.map +1 -1
- package/build/report/index.js +53 -0
- package/build/report/index.js.map +1 -0
- package/build/report/utility/genHtml.js +184 -0
- package/build/report/utility/genHtml.js.map +1 -0
- package/build/report/utility/initReportDb.js +71 -0
- package/build/report/utility/initReportDb.js.map +1 -0
- package/build/report/utility/markdownGen/addAnalyze.js +45 -0
- package/build/report/utility/markdownGen/addAnalyze.js.map +1 -0
- package/build/report/utility/markdownGen/addMappedJson.js +25 -0
- package/build/report/utility/markdownGen/addMappedJson.js.map +1 -0
- package/build/report/utility/populateDb/populateAnalysisFindings.js +23 -0
- package/build/report/utility/populateDb/populateAnalysisFindings.js.map +1 -0
- package/build/report/utility/populateDb/populateEndpoints.js +42 -0
- package/build/report/utility/populateDb/populateEndpoints.js.map +1 -0
- package/build/report/utility/populateDb/populateMappedJson.js +23 -0
- package/build/report/utility/populateDb/populateMappedJson.js.map +1 -0
- package/build/report/utility/populateDb/populateMappedOpenapi.js +41 -0
- package/build/report/utility/populateDb/populateMappedOpenapi.js.map +1 -0
- package/build/run/index.js +21 -8
- package/build/run/index.js.map +1 -1
- package/package.json +6 -2
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,23 @@
|
|
|
1
1
|
# Change Log
|
|
2
2
|
|
|
3
|
+
## 1.2.1-alpha.1 - 2025.08.04
|
|
4
|
+
|
|
5
|
+
### Added
|
|
6
|
+
|
|
7
|
+
- Added `-k/--insecure` flag to disable SSL certificate verification
|
|
8
|
+
- Added `json` output feature to analyze module
|
|
9
|
+
- Added `analyze` module auto-run to `run` module
|
|
10
|
+
- Added `report` module
|
|
11
|
+
|
|
12
|
+
### Changed
|
|
13
|
+
|
|
14
|
+
- Updated the `postMessageFunctionResolve` step to resolve function expressions
|
|
15
|
+
- Updated the `postMessageFunctionResolve` step to resolve arrow function expressions
|
|
16
|
+
- Remove `--map-openapi` flag from run module (enabled by default)
|
|
17
|
+
- Remove `--map-openapi-output` flag from run module
|
|
18
|
+
|
|
19
|
+
### Fixed
|
|
20
|
+
|
|
3
21
|
## 1.1.4 - 2025.08.01
|
|
4
22
|
|
|
5
23
|
### Added
|
package/README.md
CHANGED
|
@@ -58,6 +58,8 @@ js-recon run -u https://app.example.com
|
|
|
58
58
|
| `map` | Maps function calls and analyzes code, with optional AI-powered descriptions. | [Read Docs](https://js-recon.io/docs/docs/modules/map) |
|
|
59
59
|
| `api-gateway` | Manages AWS API Gateway for IP rotation to bypass rate limits. | [Read Docs](https://js-recon.io/docs/docs/modules/api-gateway) |
|
|
60
60
|
| `run` | Runs all analysis modules automatically on a target. | [Read Docs](https://js-recon.io/docs/docs/modules/run) |
|
|
61
|
+
| `analyze` | Analyzes the code. | [Read Docs](https://js-recon.io/docs/docs/modules/analyze) |
|
|
62
|
+
| `report` | Generates a report from the analysis modules. | [Read Docs](https://js-recon.io/docs/docs/modules/report) |
|
|
61
63
|
|
|
62
64
|
## Key Features
|
|
63
65
|
|
|
@@ -67,6 +69,8 @@ js-recon run -u https://app.example.com
|
|
|
67
69
|
- Endpoints modules extracts client-side paths from the app
|
|
68
70
|
- Map feature analyzes the JS files and outputs it to a JSON file. An interactive mode can be then used to analyze it
|
|
69
71
|
- Reconstruct HTTP requests that the app makes to the server, and output them to the OpenAPI spec
|
|
72
|
+
- Run analyze to find potential issues in JS code and the HTTP requests the app makes
|
|
73
|
+
- Generate a report from the analyze module
|
|
70
74
|
|
|
71
75
|
## Example Scenario
|
|
72
76
|
|
|
@@ -18,6 +18,7 @@ import { findMemberExpressionAssignment } from "../helpers/engineHelpers/findMem
|
|
|
18
18
|
import { findDirectAssignment } from "../helpers/engineHelpers/findDirectAssignment.js";
|
|
19
19
|
const esqueryEngine = (rule, mappedJsonData) => __awaiter(void 0, void 0, void 0, function* () {
|
|
20
20
|
var _a, _b;
|
|
21
|
+
let findings = [];
|
|
21
22
|
for (const chunk of Object.values(mappedJsonData)) {
|
|
22
23
|
// first of all, load the code in ast
|
|
23
24
|
const ast = parser.parse(chunk.code, {
|
|
@@ -72,6 +73,13 @@ const esqueryEngine = (rule, mappedJsonData) => __awaiter(void 0, void 0, void 0
|
|
|
72
73
|
completedSteps.push(step.name);
|
|
73
74
|
}
|
|
74
75
|
}
|
|
76
|
+
else if (selectedNode.arguments[1].type === "FunctionExpression" ||
|
|
77
|
+
selectedNode.arguments[1].type === "ArrowFunctionExpression") {
|
|
78
|
+
const functionExpression = selectedNode.arguments[1];
|
|
79
|
+
matchList[step.name] = { node: functionExpression, scope: ast };
|
|
80
|
+
matchCount++;
|
|
81
|
+
completedSteps.push(step.name);
|
|
82
|
+
}
|
|
75
83
|
}
|
|
76
84
|
}
|
|
77
85
|
}
|
|
@@ -124,8 +132,20 @@ const esqueryEngine = (rule, mappedJsonData) => __awaiter(void 0, void 0, void 0
|
|
|
124
132
|
ignoreIllegals: true,
|
|
125
133
|
theme: undefined,
|
|
126
134
|
}));
|
|
135
|
+
findings.push({
|
|
136
|
+
ruleId: rule.id,
|
|
137
|
+
ruleName: rule.name,
|
|
138
|
+
ruleType: rule.type,
|
|
139
|
+
ruleDescription: rule.description,
|
|
140
|
+
ruleAuthor: rule.author,
|
|
141
|
+
ruleTech: rule.tech,
|
|
142
|
+
severity: rule.severity,
|
|
143
|
+
message: message,
|
|
144
|
+
findingLocation: `// ${chunk.id}\n\n${code}`,
|
|
145
|
+
});
|
|
127
146
|
}
|
|
128
147
|
}
|
|
148
|
+
return findings;
|
|
129
149
|
});
|
|
130
150
|
export default esqueryEngine;
|
|
131
151
|
//# sourceMappingURL=astEngine.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"astEngine.js","sourceRoot":"","sources":["../../../src/analyze/engine/astEngine.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAI1B,OAAO,MAAM,MAAM,eAAe,CAAC;AAEnC,OAAO,UAAU,MAAM,kBAAkB,CAAC;AAC1C,MAAM,SAAS,GAAG,UAAU,CAAC,OAAO,CAAC;AACrC,OAAO,OAAO,MAAM,SAAS,CAAC;AAE9B,OAAO,EAAE,SAAS,EAAE,MAAM,eAAe,CAAC;AAC1C,OAAO,EAAE,yBAAyB,EAAE,MAAM,uDAAuD,CAAC;AAClG,OAAO,EAAE,8BAA8B,EAAE,MAAM,4DAA4D,CAAC;AAC5G,OAAO,EAAE,oBAAoB,EAAE,MAAM,kDAAkD,CAAC;
|
|
1
|
+
{"version":3,"file":"astEngine.js","sourceRoot":"","sources":["../../../src/analyze/engine/astEngine.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAI1B,OAAO,MAAM,MAAM,eAAe,CAAC;AAEnC,OAAO,UAAU,MAAM,kBAAkB,CAAC;AAC1C,MAAM,SAAS,GAAG,UAAU,CAAC,OAAO,CAAC;AACrC,OAAO,OAAO,MAAM,SAAS,CAAC;AAE9B,OAAO,EAAE,SAAS,EAAE,MAAM,eAAe,CAAC;AAC1C,OAAO,EAAE,yBAAyB,EAAE,MAAM,uDAAuD,CAAC;AAClG,OAAO,EAAE,8BAA8B,EAAE,MAAM,4DAA4D,CAAC;AAC5G,OAAO,EAAE,oBAAoB,EAAE,MAAM,kDAAkD,CAAC;AAGxF,MAAM,aAAa,GAAG,CAAO,IAAU,EAAE,cAAsB,EAA2B,EAAE;;IACxF,IAAI,QAAQ,GAAmB,EAAE,CAAC;IAElC,KAAK,MAAM,KAAK,IAAI,MAAM,CAAC,MAAM,CAAC,cAAc,CAAC,EAAE,CAAC;QAChD,qCAAqC;QACrC,MAAM,GAAG,GAAG,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,EAAE;YACjC,UAAU,EAAE,aAAa;YACzB,OAAO,EAAE,CAAC,KAAK,EAAE,YAAY,CAAC;YAC9B,aAAa,EAAE,IAAI;SACtB,CAAC,CAAC;QAEH,IAAI,UAAU,GAAG,CAAC,CAAC;QACnB,IAAI,SAAS,GAAmD,EAAE,CAAC;QACnE,MAAM,cAAc,GAAa,EAAE,CAAC;QAEpC,wCAAwC;QACxC,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YAC5B,8CAA8C;YAC9C,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;gBACf,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC;gBAEpC,wEAAwE;gBACxE,MAAM,OAAO,GAAW,OAAO,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;gBAE/C,KAAK,MAAM,IAAI,IAAI,OAAO,EAAE,CAAC;oBACzB,6DAA6D;oBAC7D,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC;oBAC5C,UAAU,EAAE,CAAC;gBACjB,CAAC;gBACD,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACnC,CAAC;iBAAM,IAAI,IAAI,CAAC,sBAAsB,EAAE,CAAC;gBACrC,6FAA6F;gBAE7F,MAAM,YAAY,GAAS,MAAA,SAAS,CAAC,IAAI,CAAC,sBAAsB,CAAC,IAAI,CAAC,0CAAE,IAAI,CAAC;gBAE7E,IAAI,YAAY,EAAE,CAAC;oBACf,0DAA0D;oBAC1D,IAAI,YAAY,CAAC,IAAI,KAAK,gBAAgB,EAAE,CAAC;wBACzC,IACI,YAAY,CAAC,MAAM,CAAC,IAAI,KAAK,kBAAkB;4BAC/C,YAAY,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY;4BAClD,YAAY,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,kBAAkB;4BACxD,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,eAAe;4BAClD,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,KAAK,KAAK,SAAS,EAC/C,CAAC;4BACC,IAAI,YAAY,CAAC,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gCACtC,+CAA+C;gCAC/C,4BAA4B;gCAC5B,IAAI,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;oCAClD,qCAAqC;oCACrC,MAAM,kBAAkB,GAAG,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;oCACrD,MAAM,gBAAgB,GAAG,yBAAyB,CAAC,kBAAkB,EAAE,GAAG,CAAC,CAAC;oCAE5E,IAAI,gBAAgB,EAAE,CAAC;wCACnB,eAAe;wCACf,mBAAmB;wCACnB,4DAA4D;wCAC5D,QAAQ;wCACR,KAAK;wCACL,gDAAgD;wCAChD,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,gBAAgB,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC;wCAC9D,UAAU,EAAE,CAAC;wCACb,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;oCACnC,CAAC;gCACL,CAAC;qCAAM,IACH,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,oBAAoB;oCACvD,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,yBAAyB,EAC9D,CAAC;oCACC,MAAM,kBAAkB,GAAG,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;oCACrD,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,kBAAkB,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC;oCAChE,UAAU,EAAE,CAAC;oCACb,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gCACnC,CAAC;4BACL,CAAC;wBACL,CAAC;oBACL,CAAC;gBACL,CAAC;YACL,CAAC;iBAAM,IAAI,IAAI,CAAC,oBAAoB,EAAE,CAAC;gBACnC,MAAM,YAAY,GAAS,MAAA,SAAS,CAAC,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,0CAAE,IAAI,CAAC;gBAC3E,MAAM,OAAO,GAAG,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC;gBAC/C,MAAM,gBAAgB,GAAG,IAAI,CAAC,oBAAoB,CAAC,gBAAgB,CAAC;gBAEpE,IAAI,YAAY,IAAI,gBAAgB,EAAE,CAAC;oBACnC,MAAM,cAAc,GAAG,8BAA8B,CACjD,YAAY,EACZ,OAAO,EACP,SAAS,CAAC,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,CAAC,KAAK,CAClD,CAAC;oBAEF,IAAI,cAAc,EAAE,CAAC;wBACjB,qEAAqE;wBACrE,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,cAAc,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC;wBAC5D,UAAU,EAAE,CAAC;wBACb,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;oBACnC,CAAC;gBACL,CAAC;qBAAM,IAAI,YAAY,EAAE,CAAC;oBACtB,MAAM,cAAc,GAAG,oBAAoB,CACvC,YAAY,EACZ,SAAS,CAAC,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,CAAC,KAAK,CAClD,CAAC;oBAEF,IAAI,cAAc,EAAE,CAAC;wBACjB,qEAAqE;wBACrE,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,cAAc,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC;wBAC5D,UAAU,EAAE,CAAC;wBACb,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;oBACnC,CAAC;gBACL,CAAC;YACL,CAAC;QACL,CAAC;QAED,wEAAwE;QACxE,IAAI,UAAU,KAAK,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC;YACnC,MAAM,OAAO,GAAG,QAAQ,IAAI,CAAC,IAAI,oBAAoB,KAAK,CAAC,EAAE,EAAE,CAAC;YAChE,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;YAC9E,MAAM,IAAI,GAAG,SAAS,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC;YAE5C,sDAAsD;YACtD,IAAI,IAAI,CAAC,QAAQ,KAAK,MAAM,EAAE,CAAC;gBAC3B,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;YACrC,CAAC;iBAAM,IAAI,IAAI,CAAC,QAAQ,KAAK,KAAK,EAAE,CAAC;gBACjC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC;YACvC,CAAC;iBAAM,IAAI,IAAI,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;gBACpC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC;YACxC,CAAC;iBAAM,IAAI,IAAI,CAAC,QAAQ,KAAK,MAAM,EAAE,CAAC;gBAClC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC;YACpC,CAAC;YAED,OAAO,CAAC,GAAG,CACP,SAAS,CAAC,IAAI,EAAE;gBACZ,QAAQ,EAAE,YAAY;gBACtB,cAAc,EAAE,IAAI;gBACpB,KAAK,EAAE,SAAS;aACnB,CAAC,CACL,CAAC;YAEF,QAAQ,CAAC,IAAI,CAAC;gBACV,MAAM,EAAE,IAAI,CAAC,EAAE;gBACf,QAAQ,EAAE,IAAI,CAAC,IAAI;gBACnB,QAAQ,EAAE,IAAI,CAAC,IAAI;gBACnB,eAAe,EAAE,IAAI,CAAC,WAAW;gBACjC,UAAU,EAAE,IAAI,CAAC,MAAM;gBACvB,QAAQ,EAAE,IAAI,CAAC,IAAI;gBACnB,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,OAAO,EAAE,OAAO;gBAChB,eAAe,EAAE,MAAM,KAAK,CAAC,EAAE,OAAO,IAAI,EAAE;aAC/C,CAAC,CAAC;QACP,CAAC;IACL,CAAC;IAED,OAAO,QAAQ,CAAC;AACpB,CAAC,CAAA,CAAC;AAEF,eAAe,aAAa,CAAC"}
|
|
@@ -11,6 +11,7 @@ import requestEngine from "./requestEngine.js";
|
|
|
11
11
|
import astEngine from "./astEngine.js";
|
|
12
12
|
export const engine = (rule, mappedJsonData, openapiData, tech) => __awaiter(void 0, void 0, void 0, function* () {
|
|
13
13
|
// first of all check what is rule type, and then check if the data for that is available or is undefined
|
|
14
|
+
let findings = [];
|
|
14
15
|
if (rule.type === "request") {
|
|
15
16
|
if (!openapiData) {
|
|
16
17
|
return;
|
|
@@ -22,7 +23,7 @@ export const engine = (rule, mappedJsonData, openapiData, tech) => __awaiter(voi
|
|
|
22
23
|
}
|
|
23
24
|
}
|
|
24
25
|
if (techValid || tech === "all") {
|
|
25
|
-
requestEngine(rule, openapiData);
|
|
26
|
+
findings.push(...(yield requestEngine(rule, openapiData)));
|
|
26
27
|
}
|
|
27
28
|
}
|
|
28
29
|
else if (rule.type === "ast") {
|
|
@@ -36,9 +37,10 @@ export const engine = (rule, mappedJsonData, openapiData, tech) => __awaiter(voi
|
|
|
36
37
|
}
|
|
37
38
|
}
|
|
38
39
|
if (techValid || tech === "all") {
|
|
39
|
-
astEngine(rule, mappedJsonData);
|
|
40
|
+
findings.push(...(yield astEngine(rule, mappedJsonData)));
|
|
40
41
|
}
|
|
41
42
|
}
|
|
43
|
+
return findings;
|
|
42
44
|
});
|
|
43
45
|
export default engine;
|
|
44
46
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/analyze/engine/index.ts"],"names":[],"mappings":";;;;;;;;;AAGA,OAAO,aAAa,MAAM,oBAAoB,CAAC;AAC/C,OAAO,SAAS,MAAM,gBAAgB,CAAC;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/analyze/engine/index.ts"],"names":[],"mappings":";;;;;;;;;AAGA,OAAO,aAAa,MAAM,oBAAoB,CAAC;AAC/C,OAAO,SAAS,MAAM,gBAAgB,CAAC;AAGvC,MAAM,CAAC,MAAM,MAAM,GAAG,CAClB,IAAU,EACV,cAAkC,EAClC,WAAoC,EACpC,IAAoB,EACtB,EAAE;IACA,yGAAyG;IAEzG,IAAI,QAAQ,GAAmB,EAAE,CAAC;IAElC,IAAI,IAAI,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;QAC1B,IAAI,CAAC,WAAW,EAAE,CAAC;YACf,OAAO;QACX,CAAC;QAED,IAAI,SAAS,GAAG,IAAI,CAAC;QACrB,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;YACxB,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC5B,SAAS,GAAG,KAAK,CAAC;YACtB,CAAC;QACL,CAAC;QAED,IAAI,SAAS,IAAI,IAAI,KAAK,KAAK,EAAE,CAAC;YAC9B,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,aAAa,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC;QAC/D,CAAC;IACL,CAAC;SAAM,IAAI,IAAI,CAAC,IAAI,KAAK,KAAK,EAAE,CAAC;QAC7B,IAAI,CAAC,cAAc,EAAE,CAAC;YAClB,OAAO;QACX,CAAC;QAED,IAAI,SAAS,GAAG,IAAI,CAAC;QACrB,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;YACxB,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC5B,SAAS,GAAG,KAAK,CAAC;YACtB,CAAC;QACL,CAAC;QAED,IAAI,SAAS,IAAI,IAAI,KAAK,KAAK,EAAE,CAAC;YAC9B,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,SAAS,CAAC,IAAI,EAAE,cAAc,CAAC,CAAC,CAAC,CAAC;QAC9D,CAAC;IACL,CAAC;IAED,OAAO,QAAQ,CAAC;AACpB,CAAC,CAAA,CAAC;AAEF,eAAe,MAAM,CAAC"}
|
|
@@ -10,6 +10,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
|
|
|
10
10
|
import chalk from "chalk";
|
|
11
11
|
const engine = (rule, openapiData) => __awaiter(void 0, void 0, void 0, function* () {
|
|
12
12
|
var _a;
|
|
13
|
+
let findings = [];
|
|
13
14
|
for (const path in openapiData.paths) {
|
|
14
15
|
const methods = openapiData.paths[path];
|
|
15
16
|
for (const method in methods) {
|
|
@@ -55,21 +56,34 @@ const engine = (rule, openapiData) => __awaiter(void 0, void 0, void 0, function
|
|
|
55
56
|
}
|
|
56
57
|
if (successfulSteps === rule.steps.length) {
|
|
57
58
|
// get the severity of the rule
|
|
59
|
+
const message = `[+] "${rule.name}" found in ${path} [${method.toUpperCase()}]`;
|
|
58
60
|
if (rule.severity === "info") {
|
|
59
|
-
console.log(chalk.cyan(
|
|
61
|
+
console.log(chalk.cyan(message));
|
|
60
62
|
}
|
|
61
63
|
else if (rule.severity === "low") {
|
|
62
|
-
console.log(chalk.yellow(
|
|
64
|
+
console.log(chalk.yellow(message));
|
|
63
65
|
}
|
|
64
66
|
else if (rule.severity === "medium") {
|
|
65
|
-
console.log(chalk.magenta(
|
|
67
|
+
console.log(chalk.magenta(message));
|
|
66
68
|
}
|
|
67
69
|
else if (rule.severity === "high") {
|
|
68
|
-
console.log(chalk.red(
|
|
70
|
+
console.log(chalk.red(message));
|
|
69
71
|
}
|
|
72
|
+
findings.push({
|
|
73
|
+
ruleId: rule.id,
|
|
74
|
+
ruleName: rule.name,
|
|
75
|
+
ruleType: rule.type,
|
|
76
|
+
ruleDescription: rule.description,
|
|
77
|
+
ruleAuthor: rule.author,
|
|
78
|
+
ruleTech: rule.tech,
|
|
79
|
+
severity: rule.severity,
|
|
80
|
+
message: message,
|
|
81
|
+
findingLocation: `${path} [${method.toUpperCase()}]`,
|
|
82
|
+
});
|
|
70
83
|
}
|
|
71
84
|
}
|
|
72
85
|
}
|
|
86
|
+
return findings;
|
|
73
87
|
});
|
|
74
88
|
export default engine;
|
|
75
89
|
//# sourceMappingURL=requestEngine.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"requestEngine.js","sourceRoot":"","sources":["../../../src/analyze/engine/requestEngine.ts"],"names":[],"mappings":";;;;;;;;;AAEA,OAAO,KAAK,MAAM,OAAO,CAAC;
|
|
1
|
+
{"version":3,"file":"requestEngine.js","sourceRoot":"","sources":["../../../src/analyze/engine/requestEngine.ts"],"names":[],"mappings":";;;;;;;;;AAEA,OAAO,KAAK,MAAM,OAAO,CAAC;AAG1B,MAAM,MAAM,GAAG,CAAO,IAAU,EAAE,WAAwB,EAA2B,EAAE;;IACnF,IAAI,QAAQ,GAAmB,EAAE,CAAC;IAElC,KAAK,MAAM,IAAI,IAAI,WAAW,CAAC,KAAK,EAAE,CAAC;QACnC,MAAM,OAAO,GAAG,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QACxC,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;YAC3B,MAAM,SAAS,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;YAClC,IAAI,CAAC,SAAS;gBAAE,SAAS;YAEzB,IAAI,eAAe,GAAG,CAAC,CAAC;YAExB,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;gBAC5B,IAAI,WAAW,GAAG,KAAK,CAAC;gBAExB,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,KAAK,KAAK,EAAE,CAAC;oBAC9B,MAAM,eAAe,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;oBACzD,IAAI,IAAI,CAAC,OAAO,CAAC,SAAS,KAAK,UAAU,EAAE,CAAC;wBACxC,WAAW,GAAG,eAAe,CAAC;oBAClC,CAAC;yBAAM,IAAI,IAAI,CAAC,OAAO,CAAC,SAAS,KAAK,QAAQ,EAAE,CAAC;wBAC7C,WAAW,GAAG,CAAC,eAAe,CAAC;oBACnC,CAAC;gBACL,CAAC;qBAAM,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;oBACzC,MAAM,OAAO,GAAG,MAAA,SAAS,CAAC,UAAU,0CAAE,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,EAAE,KAAK,QAAQ,CAAC,CAAC;oBAE/E,IAAI,IAAI,CAAC,OAAO,CAAC,SAAS,KAAK,UAAU,EAAE,CAAC;wBACxC,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;4BACrD,WAAW,GAAG,IAAI,CAAC;wBACvB,CAAC;oBACL,CAAC;yBAAM,IAAI,IAAI,CAAC,OAAO,CAAC,SAAS,KAAK,QAAQ,EAAE,CAAC;wBAC7C,IAAI,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAA,EAAE,CAAC;4BACtD,WAAW,GAAG,IAAI,CAAC;wBACvB,CAAC;oBACL,CAAC;gBACL,CAAC;qBAAM,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;oBACxC,IAAI,IAAI,CAAC,OAAO,CAAC,SAAS,KAAK,IAAI,EAAE,CAAC;wBAClC,WAAW,GAAG,MAAM,CAAC,WAAW,EAAE,KAAK,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;oBAC3E,CAAC;yBAAM,IAAI,IAAI,CAAC,OAAO,CAAC,SAAS,KAAK,QAAQ,EAAE,CAAC;wBAC7C,WAAW,GAAG,MAAM,CAAC,WAAW,EAAE,KAAK,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;oBAC3E,CAAC;gBACL,CAAC;gBAED,IAAI,WAAW,EAAE,CAAC;oBACd,eAAe,EAAE,CAAC;gBACtB,CAAC;YACL,CAAC;YAED,IAAI,eAAe,KAAK,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC;gBACxC,+BAA+B;gBAC/B,MAAM,OAAO,GAAG,QAAQ,IAAI,CAAC,IAAI,cAAc,IAAI,KAAK,MAAM,CAAC,WAAW,EAAE,GAAG,CAAC;gBAChF,IAAI,IAAI,CAAC,QAAQ,KAAK,MAAM,EAAE,CAAC;oBAC3B,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;gBACrC,CAAC;qBAAM,IAAI,IAAI,CAAC,QAAQ,KAAK,KAAK,EAAE,CAAC;oBACjC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC;gBACvC,CAAC;qBAAM,IAAI,IAAI,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;oBACpC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC;gBACxC,CAAC;qBAAM,IAAI,IAAI,CAAC,QAAQ,KAAK,MAAM,EAAE,CAAC;oBAClC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC;gBACpC,CAAC;gBAED,QAAQ,CAAC,IAAI,CAAC;oBACV,MAAM,EAAE,IAAI,CAAC,EAAE;oBACf,QAAQ,EAAE,IAAI,CAAC,IAAI;oBACnB,QAAQ,EAAE,IAAI,CAAC,IAAI;oBACnB,eAAe,EAAE,IAAI,CAAC,WAAW;oBACjC,UAAU,EAAE,IAAI,CAAC,MAAM;oBACvB,QAAQ,EAAE,IAAI,CAAC,IAAI;oBACnB,QAAQ,EAAE,IAAI,CAAC,QAAQ;oBACvB,OAAO,EAAE,OAAO;oBAChB,eAAe,EAAE,GAAG,IAAI,KAAK,MAAM,CAAC,WAAW,EAAE,GAAG;iBACvD,CAAC,CAAC;YACP,CAAC;QACL,CAAC;IACL,CAAC;IAED,OAAO,QAAQ,CAAC;AACpB,CAAC,CAAA,CAAC;AAEF,eAAe,MAAM,CAAC"}
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
import fs from "fs";
|
|
2
|
+
import chalk from "chalk";
|
|
3
|
+
export const generateEngineOutput = (outputFile, findings) => {
|
|
4
|
+
console.log(chalk.cyan("[i] Generating engine output..."));
|
|
5
|
+
fs.writeFileSync(outputFile, JSON.stringify(findings, null, 2));
|
|
6
|
+
console.log(chalk.green("[✓] Engine output generated successfully."));
|
|
7
|
+
};
|
|
8
|
+
//# sourceMappingURL=outputHelper.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"outputHelper.js","sourceRoot":"","sources":["../../../src/analyze/helpers/outputHelper.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,IAAI,CAAC;AAEpB,OAAO,KAAK,MAAM,OAAO,CAAC;AAc1B,MAAM,CAAC,MAAM,oBAAoB,GAAG,CAAC,UAAkB,EAAE,QAAwB,EAAE,EAAE;IACjF,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,iCAAiC,CAAC,CAAC,CAAC;IAC3D,EAAE,CAAC,aAAa,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAChE,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,2CAA2C,CAAC,CAAC,CAAC;AAC1E,CAAC,CAAC"}
|
package/build/analyze/index.js
CHANGED
|
@@ -14,6 +14,7 @@ import validateRules from "./helpers/validate.js";
|
|
|
14
14
|
import engine from "./engine/index.js";
|
|
15
15
|
import yaml from "yaml";
|
|
16
16
|
import initRules from "./helpers/initRules.js";
|
|
17
|
+
import { generateEngineOutput } from "./helpers/outputHelper.js";
|
|
17
18
|
const availableTechs = {
|
|
18
19
|
next: "Next.js",
|
|
19
20
|
};
|
|
@@ -34,11 +35,11 @@ const getRuleFilesRecursive = (dir) => {
|
|
|
34
35
|
});
|
|
35
36
|
return results;
|
|
36
37
|
};
|
|
37
|
-
const analyze = (rulesPath, mappedJson, tech, list, openapi, validate) => __awaiter(void 0, void 0, void 0, function* () {
|
|
38
|
+
const analyze = (rulesPath, mappedJson, tech, list, openapi, validate, outputFile) => __awaiter(void 0, void 0, void 0, function* () {
|
|
38
39
|
console.log(chalk.cyan(`[i] Loading analyze module...`));
|
|
39
40
|
yield initRules();
|
|
40
41
|
// check if `-r` flag is there. If not, default to `~/.js-recon/rules`
|
|
41
|
-
if (!rulesPath) {
|
|
42
|
+
if (!rulesPath || rulesPath === "") {
|
|
42
43
|
rulesPath = path.join(process.env.HOME, "/.js-recon/rules");
|
|
43
44
|
}
|
|
44
45
|
// check if `rules` exists
|
|
@@ -104,12 +105,19 @@ const analyze = (rulesPath, mappedJson, tech, list, openapi, validate) => __awai
|
|
|
104
105
|
console.log(chalk.green(`[✓] OpenAPI spec loaded successfully`));
|
|
105
106
|
}
|
|
106
107
|
// iterate over the ruleFiles
|
|
108
|
+
let ruleFindings = [];
|
|
107
109
|
for (const ruleFile of ruleFiles) {
|
|
108
110
|
// load the rule
|
|
109
111
|
const rule = yaml.parse(fs.readFileSync(ruleFile, "utf8"));
|
|
110
112
|
// run the rule
|
|
111
|
-
yield engine(rule, mappedJsonData, openapiData, tech);
|
|
113
|
+
const engineFindings = yield engine(rule, mappedJsonData, openapiData, tech);
|
|
114
|
+
// add findings to the global findings
|
|
115
|
+
if (engineFindings) {
|
|
116
|
+
ruleFindings.push(...engineFindings);
|
|
117
|
+
}
|
|
112
118
|
}
|
|
119
|
+
// generate the engine output
|
|
120
|
+
generateEngineOutput(outputFile, ruleFindings);
|
|
113
121
|
});
|
|
114
122
|
export default analyze;
|
|
115
123
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/analyze/index.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,aAAa,MAAM,uBAAuB,CAAC;AAElD,OAAO,MAAM,MAAM,mBAAmB,CAAC;AACvC,OAAO,IAAI,MAAM,MAAM,CAAC;AAGxB,OAAO,SAAS,MAAM,wBAAwB,CAAC;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/analyze/index.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,aAAa,MAAM,uBAAuB,CAAC;AAElD,OAAO,MAAM,MAAM,mBAAmB,CAAC;AACvC,OAAO,IAAI,MAAM,MAAM,CAAC;AAGxB,OAAO,SAAS,MAAM,wBAAwB,CAAC;AAC/C,OAAO,EAAgB,oBAAoB,EAAE,MAAM,2BAA2B,CAAC;AAE/E,MAAM,cAAc,GAAG;IACnB,IAAI,EAAE,SAAS;CAClB,CAAC;AAEF,MAAM,qBAAqB,GAAG,CAAC,GAAW,EAAY,EAAE;IACpD,IAAI,OAAO,GAAa,EAAE,CAAC;IAC3B,MAAM,IAAI,GAAG,EAAE,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;IACjC,IAAI,CAAC,OAAO,CAAC,UAAU,IAAI;QACvB,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QAC5B,MAAM,IAAI,GAAG,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAC/B,IAAI,IAAI,IAAI,IAAI,CAAC,WAAW,EAAE,EAAE,CAAC;YAC7B,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,qBAAqB,CAAC,IAAI,CAAC,CAAC,CAAC;QAC1D,CAAC;aAAM,CAAC;YACJ,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;gBAClD,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACvB,CAAC;QACL,CAAC;IACL,CAAC,CAAC,CAAC;IACH,OAAO,OAAO,CAAC;AACnB,CAAC,CAAC;AAEF,MAAM,OAAO,GAAG,CACZ,SAAiB,EACjB,UAAkB,EAClB,IAAY,EACZ,IAAa,EACb,OAAe,EACf,QAAiB,EACjB,UAAkB,EACpB,EAAE;IACA,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC,CAAC;IAEzD,MAAM,SAAS,EAAE,CAAC;IAElB,sEAAsE;IACtE,IAAI,CAAC,SAAS,IAAI,SAAS,KAAK,EAAE,EAAE,CAAC;QACjC,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,EAAE,kBAAkB,CAAC,CAAC;IAChE,CAAC;IAED,0BAA0B;IAC1B,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QAC5B,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,aAAa,SAAS,iBAAiB,CAAC,CAAC,CAAC;QAChE,OAAO;IACX,CAAC;IAED,uEAAuE;IACvE,IAAI,SAAS,GAAa,EAAE,CAAC;IAE7B,IAAI,EAAE,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC,WAAW,EAAE,EAAE,CAAC;QACxC,SAAS,GAAG,qBAAqB,CAAC,SAAS,CAAC,CAAC;IACjD,CAAC;SAAM,CAAC;QACJ,SAAS,GAAG,CAAC,SAAS,CAAC,CAAC;IAC5B,CAAC;IAED,gCAAgC;IAChC,MAAM,YAAY,GAAG,MAAM,aAAa,CAAC,SAAS,CAAC,CAAC;IAEpD,IAAI,CAAC,YAAY,EAAE,CAAC;QAChB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,4BAA4B,CAAC,CAAC,CAAC;QACrD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACpB,CAAC;IAED,IAAI,QAAQ,EAAE,CAAC;QACX,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,yBAAyB,CAAC,CAAC,CAAC;QACpD,OAAO;IACX,CAAC;IAED,qEAAqE;IACrE,IAAI,IAAI,EAAE,CAAC;QACP,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,oCAAoC,CAAC,CAAC,CAAC;QAC/D,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,cAAc,CAAC,EAAE,CAAC;YACxD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,KAAK,GAAG,KAAK,KAAK,EAAE,CAAC,CAAC,CAAC;QACnD,CAAC;QACD,OAAO;IACX,CAAC;IAED,kCAAkC;IAClC,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,EAAE,CAAC;QACxB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,0BAA0B,IAAI,GAAG,CAAC,CAAC,CAAC;QAC1D,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,sDAAsD,CAAC,CAAC,CAAC;QAClF,OAAO;IACX,CAAC;IAED,yDAAyD;IACzD,IAAI,CAAC,UAAU,IAAI,CAAC,OAAO,EAAE,CAAC;QAC1B,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,iDAAiD,CAAC,CAAC,CAAC;QAC1E,OAAO;IACX,CAAC;IAED,uEAAuE;IACvE,IAAI,UAAU,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QAC3C,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,mBAAmB,UAAU,iBAAiB,CAAC,CAAC,CAAC;QACvE,OAAO;IACX,CAAC;IACD,IAAI,OAAO,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;QACrC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,oBAAoB,OAAO,iBAAiB,CAAC,CAAC,CAAC;QACrE,OAAO;IACX,CAAC;IAED,6CAA6C;IAC7C,IAAI,cAAkC,CAAC;IACvC,IAAI,WAAoC,CAAC;IACzC,IAAI,UAAU,EAAE,CAAC;QACb,cAAc,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC,CAAC;QACjE,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,qCAAqC,CAAC,CAAC,CAAC;IACpE,CAAC;IACD,IAAI,OAAO,EAAE,CAAC;QACV,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC,CAAC;QAC3D,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,sCAAsC,CAAC,CAAC,CAAC;IACrE,CAAC;IAED,6BAA6B;IAC7B,IAAI,YAAY,GAAmB,EAAE,CAAC;IACtC,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE,CAAC;QAC/B,gBAAgB;QAChB,MAAM,IAAI,GAAS,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC,CAAC;QAEjE,eAAe;QACf,MAAM,cAAc,GAAmB,MAAM,MAAM,CAAC,IAAI,EAAE,cAAc,EAAE,WAAW,EAAE,IAAI,CAAC,CAAC;QAE7F,sCAAsC;QACtC,IAAI,cAAc,EAAE,CAAC;YACjB,YAAY,CAAC,IAAI,CAAC,GAAG,cAAc,CAAC,CAAC;QACzC,CAAC;IACL,CAAC;IAED,6BAA6B;IAC7B,oBAAoB,CAAC,UAAU,EAAE,YAAY,CAAC,CAAC;AACnD,CAAC,CAAA,CAAC;AAEF,eAAe,OAAO,CAAC"}
|
package/build/globalConfig.js
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
const githubURL = "https://github.com/shriyanss/js-recon";
|
|
2
2
|
const modulesDocs = "https://js-recon.io/docs/category/modules";
|
|
3
|
-
const version = "1.1.
|
|
3
|
+
const version = "1.2.1-alpha.1";
|
|
4
4
|
const toolDesc = "JS Recon Tool";
|
|
5
5
|
const axiosNonHttpMethods = ["isAxiosError"]; // methods available in axios, which are not for making HTTP requests
|
|
6
6
|
let CONFIG = {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"globalConfig.js","sourceRoot":"","sources":["../src/globalConfig.ts"],"names":[],"mappings":"AAAA,MAAM,SAAS,GAAG,uCAAuC,CAAC;AAC1D,MAAM,WAAW,GAAG,2CAA2C,CAAC;AAChE,MAAM,OAAO,GAAG,
|
|
1
|
+
{"version":3,"file":"globalConfig.js","sourceRoot":"","sources":["../src/globalConfig.ts"],"names":[],"mappings":"AAAA,MAAM,SAAS,GAAG,uCAAuC,CAAC;AAC1D,MAAM,WAAW,GAAG,2CAA2C,CAAC;AAChE,MAAM,OAAO,GAAG,eAAe,CAAC;AAChC,MAAM,QAAQ,GAAG,eAAe,CAAC;AACjC,MAAM,mBAAmB,GAAG,CAAC,cAAc,CAAC,CAAC,CAAC,qEAAqE;AAEnH,IAAI,MAAM,GAAG;IACT,MAAM,EAAE,SAAS;IACjB,WAAW,EAAE,WAAW;IACxB,eAAe,EAAE,qFAAqF,SAAS,kCAAkC;IACjJ,OAAO,EAAE,OAAO;IAChB,QAAQ,EAAE,QAAQ;IAClB,mBAAmB,EAAE,mBAAmB;CAC3C,CAAC;AAEF,eAAe,MAAM,CAAC"}
|
package/build/index.js
CHANGED
|
@@ -20,6 +20,7 @@ import refactor from "./refactor/index.js";
|
|
|
20
20
|
import run from "./run/index.js";
|
|
21
21
|
import chalk from "chalk";
|
|
22
22
|
import analyze from "./analyze/index.js";
|
|
23
|
+
import report from "./report/index.js";
|
|
23
24
|
program.version(CONFIG.version).description(CONFIG.toolDesc);
|
|
24
25
|
const validAiOptions = ["description"];
|
|
25
26
|
program
|
|
@@ -37,13 +38,14 @@ program
|
|
|
37
38
|
.option("--cache-file <file>", "File to store response cache", ".resp_cache.json")
|
|
38
39
|
.option("--disable-cache", "Disable response caching", false)
|
|
39
40
|
.option("-y, --yes", "Auto-approve executing JS code from the target", false)
|
|
41
|
+
.option("-k, --insecure", "Disable SSL certificate verification", false)
|
|
40
42
|
.action((cmd) => __awaiter(void 0, void 0, void 0, function* () {
|
|
41
43
|
globalsUtil.setApiGatewayConfigFile(cmd.apiGatewayConfig);
|
|
42
44
|
globalsUtil.setUseApiGateway(cmd.apiGateway);
|
|
43
45
|
globalsUtil.setDisableCache(cmd.disableCache);
|
|
44
46
|
globalsUtil.setRespCacheFile(cmd.cacheFile);
|
|
45
47
|
globalsUtil.setYes(cmd.yes);
|
|
46
|
-
yield lazyLoad(cmd.url, cmd.output, cmd.strictScope, cmd.scope.split(","), Number(cmd.threads), cmd.subsequentRequests, cmd.urlsFile);
|
|
48
|
+
yield lazyLoad(cmd.url, cmd.output, cmd.strictScope, cmd.scope.split(","), Number(cmd.threads), cmd.subsequentRequests, cmd.urlsFile, cmd.insecure);
|
|
47
49
|
}));
|
|
48
50
|
program
|
|
49
51
|
.command("endpoints")
|
|
@@ -149,8 +151,21 @@ program
|
|
|
149
151
|
.option("--openapi <file>", "Path to OpenAPI spec file")
|
|
150
152
|
.option("-l, --list", "List available technologies", false)
|
|
151
153
|
.option("--validate", "Validate the rules", false)
|
|
154
|
+
.option("-o, --output <file>", "Output JSON file name", "analyze.json")
|
|
152
155
|
.action((cmd) => __awaiter(void 0, void 0, void 0, function* () {
|
|
153
|
-
yield analyze(cmd.rules, cmd.mappedJson, cmd.tech, cmd.list, cmd.openapi, cmd.validate);
|
|
156
|
+
yield analyze(cmd.rules, cmd.mappedJson, cmd.tech, cmd.list, cmd.openapi, cmd.validate, cmd.output);
|
|
157
|
+
}));
|
|
158
|
+
program
|
|
159
|
+
.command("report")
|
|
160
|
+
.description("Generate a report")
|
|
161
|
+
.option("-s, --sqlite-db <file>", "SQLite database file", "js-recon.db")
|
|
162
|
+
.option("-m, --mapped-json <file>", "Mapped JSON file")
|
|
163
|
+
.option("-a, --analyze-json <file>", "Analyze JSON file")
|
|
164
|
+
.option("-e, --endpoints-json <file>", "Endpoints JSON file")
|
|
165
|
+
.option("--map-openapi, --mapped-openapi-json <file>", "Mapped OpenAPI JSON file")
|
|
166
|
+
.option("-o, --output <file>", "Output file name (without the extension)", "report")
|
|
167
|
+
.action((cmd) => __awaiter(void 0, void 0, void 0, function* () {
|
|
168
|
+
yield report(cmd.sqliteDb, cmd.mappedJson, cmd.analyzeJson, cmd.endpointsJson, cmd.mappedOpenapiJson, cmd.output);
|
|
154
169
|
}));
|
|
155
170
|
program
|
|
156
171
|
.command("run")
|
|
@@ -172,9 +187,8 @@ program
|
|
|
172
187
|
.option("--ai-endpoint <endpoint>", "Endpoint to use for AI service (for Ollama, etc)")
|
|
173
188
|
.option("--openai-api-key <key>", "OpenAI API key")
|
|
174
189
|
.option("--model <model>", "AI model to use", "gpt-4o-mini")
|
|
175
|
-
.option("--map-openapi", "Generate OpenAPI spec from the code (map module)", false)
|
|
176
|
-
.option("--map-openapi-output <file>", "Output file for OpenAPI spec (map module)", "mapped-openapi.json")
|
|
177
190
|
.option("--map-openapi-chunk-tag", "Add chunk ID tag to OpenAPI spec for each request found (map module)", false)
|
|
191
|
+
.option("--insecure", "Disable SSL certificate verification", false)
|
|
178
192
|
.action((cmd) => __awaiter(void 0, void 0, void 0, function* () {
|
|
179
193
|
var _a;
|
|
180
194
|
globalsUtil.setAi(((_a = cmd.ai) === null || _a === void 0 ? void 0 : _a.split(",")) || []);
|
|
@@ -184,8 +198,6 @@ program
|
|
|
184
198
|
globalsUtil.setAiThreads(cmd.aiThreads);
|
|
185
199
|
if (cmd.aiEndpoint)
|
|
186
200
|
globalsUtil.setAiEndpoint(cmd.aiEndpoint);
|
|
187
|
-
globalsUtil.setOpenapi(cmd.mapOpenapi);
|
|
188
|
-
globalsUtil.setOpenapiOutputFile(cmd.mapOpenapiOutput);
|
|
189
201
|
globalsUtil.setOpenapiChunkTag(cmd.mapOpenapiChunkTag);
|
|
190
202
|
// validate AI options
|
|
191
203
|
if (globalsUtil.getAi().length !== 0) {
|
package/build/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;AACA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,QAAQ,MAAM,qBAAqB,CAAC;AAC3C,OAAO,SAAS,MAAM,sBAAsB,CAAC;AAC7C,OAAO,MAAM,MAAM,mBAAmB,CAAC;AACvC,OAAO,OAAO,MAAM,oBAAoB,CAAC;AACzC,OAAO,UAAU,MAAM,wBAAwB,CAAC;AAChD,OAAO,GAAG,MAAM,gBAAgB,CAAC;AACjC,OAAO,KAAK,WAAW,MAAM,sBAAsB,CAAC;AACpD,OAAO,QAAQ,MAAM,qBAAqB,CAAC;AAC3C,OAAO,GAAG,MAAM,gBAAgB,CAAC;AACjC,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,OAAO,MAAM,oBAAoB,CAAC;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;AACA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,QAAQ,MAAM,qBAAqB,CAAC;AAC3C,OAAO,SAAS,MAAM,sBAAsB,CAAC;AAC7C,OAAO,MAAM,MAAM,mBAAmB,CAAC;AACvC,OAAO,OAAO,MAAM,oBAAoB,CAAC;AACzC,OAAO,UAAU,MAAM,wBAAwB,CAAC;AAChD,OAAO,GAAG,MAAM,gBAAgB,CAAC;AACjC,OAAO,KAAK,WAAW,MAAM,sBAAsB,CAAC;AACpD,OAAO,QAAQ,MAAM,qBAAqB,CAAC;AAC3C,OAAO,GAAG,MAAM,gBAAgB,CAAC;AACjC,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,OAAO,MAAM,oBAAoB,CAAC;AACzC,OAAO,MAAM,MAAM,mBAAmB,CAAC;AAEvC,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,WAAW,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;AAC7D,MAAM,cAAc,GAAG,CAAC,aAAa,CAAC,CAAC;AAEvC,OAAO;KACF,OAAO,CAAC,UAAU,CAAC;KACnB,WAAW,CAAC,sBAAsB,CAAC;KACnC,cAAc,CAAC,sBAAsB,EAAE,+DAA+D,CAAC;KACvG,MAAM,CAAC,0BAA0B,EAAE,kBAAkB,EAAE,QAAQ,CAAC;KAChE,MAAM,CAAC,gBAAgB,EAAE,kDAAkD,EAAE,KAAK,CAAC;KACnF,MAAM,CAAC,qBAAqB,EAAE,2DAA2D,EAAE,GAAG,CAAC;KAC/F,MAAM,CAAC,yBAAyB,EAAE,0BAA0B,EAAE,GAAG,CAAC;KAClE,MAAM,CAAC,uBAAuB,EAAE,2DAA2D,EAAE,KAAK,CAAC;KACnG,MAAM,CAAC,oBAAoB,EAAE,iCAAiC,EAAE,qBAAqB,CAAC;KACtF,MAAM,CAAC,eAAe,EAAE,qCAAqC,EAAE,KAAK,CAAC;KACrE,MAAM,CAAC,6BAA6B,EAAE,yBAAyB,EAAE,0BAA0B,CAAC;KAC5F,MAAM,CAAC,qBAAqB,EAAE,8BAA8B,EAAE,kBAAkB,CAAC;KACjF,MAAM,CAAC,iBAAiB,EAAE,0BAA0B,EAAE,KAAK,CAAC;KAC5D,MAAM,CAAC,WAAW,EAAE,gDAAgD,EAAE,KAAK,CAAC;KAC5E,MAAM,CAAC,gBAAgB,EAAE,sCAAsC,EAAE,KAAK,CAAC;KACvE,MAAM,CAAC,CAAO,GAAG,EAAE,EAAE;IAClB,WAAW,CAAC,uBAAuB,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;IAC1D,WAAW,CAAC,gBAAgB,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IAC7C,WAAW,CAAC,eAAe,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;IAC9C,WAAW,CAAC,gBAAgB,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IAC5C,WAAW,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAC5B,MAAM,QAAQ,CACV,GAAG,CAAC,GAAG,EACP,GAAG,CAAC,MAAM,EACV,GAAG,CAAC,WAAW,EACf,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,EACpB,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,EACnB,GAAG,CAAC,kBAAkB,EACtB,GAAG,CAAC,QAAQ,EACZ,GAAG,CAAC,QAAQ,CACf,CAAC;AACN,CAAC,CAAA,CAAC,CAAC;AAEP,OAAO;KACF,OAAO,CAAC,WAAW,CAAC;KACpB,WAAW,CAAC,+BAA+B,CAAC;KAC5C,MAAM,CAAC,iBAAiB,EAAE,0DAA0D,CAAC;KACrF,MAAM,CAAC,6BAA6B,EAAE,+BAA+B,CAAC;KACtE,MAAM,CAAC,yBAAyB,EAAE,0CAA0C,EAAE,WAAW,CAAC;KAC1F,MAAM,CAAC,0BAA0B,EAAE,iEAAiE,EAAE,MAAM,CAAC;KAC7G,MAAM,CAAC,mBAAmB,EAAE,+EAA+E,CAAC;KAC5G,MAAM,CAAC,YAAY,EAAE,6BAA6B,EAAE,KAAK,CAAC;KAC1D,MAAM,CAAC,sBAAsB,EAAE,gCAAgC,CAAC;KAChE,MAAM,CAAC,CAAO,GAAG,EAAE,EAAE;IAClB,MAAM,SAAS,CACX,GAAG,CAAC,GAAG,EACP,GAAG,CAAC,SAAS,EACb,GAAG,CAAC,MAAM,EACV,GAAG,CAAC,YAAY,CAAC,KAAK,CAAC,GAAG,CAAC,EAC3B,GAAG,CAAC,IAAI,EACR,GAAG,CAAC,IAAI,EACR,GAAG,CAAC,UAAU,CACjB,CAAC;AACN,CAAC,CAAA,CAAC,CAAC;AAEP,OAAO;KACF,OAAO,CAAC,SAAS,CAAC;KAClB,WAAW,CAAC,+BAA+B,CAAC;KAC5C,cAAc,CAAC,6BAA6B,EAAE,+BAA+B,CAAC;KAC9E,MAAM,CAAC,qBAAqB,EAAE,+BAA+B,EAAE,cAAc,CAAC;KAC9E,MAAM,CAAC,oBAAoB,EAAE,2BAA2B,EAAE,KAAK,CAAC;KAChE,MAAM,CACH,6BAA6B,EAC7B,8DAA8D,EAC9D,gBAAgB,CACnB;KACA,MAAM,CAAC,iBAAiB,EAAE,gCAAgC,EAAE,KAAK,CAAC;KAClE,MAAM,CAAC,WAAW,EAAE,qDAAqD,EAAE,KAAK,CAAC;KACjF,MAAM,CAAC,oBAAoB,EAAE,kBAAkB,EAAE,KAAK,CAAC;KACvD,MAAM,CAAC,CAAO,GAAG,EAAE,EAAE;IAClB,MAAM,OAAO,CACT,GAAG,CAAC,SAAS,EACb,GAAG,CAAC,MAAM,EACV,GAAG,CAAC,WAAW,EACf,GAAG,CAAC,gBAAgB,EACpB,GAAG,CAAC,WAAW,EACf,GAAG,CAAC,SAAS,EACb,GAAG,CAAC,OAAO,CACd,CAAC;AACN,CAAC,CAAA,CAAC,CAAC;AAEP,OAAO;KACF,OAAO,CAAC,aAAa,CAAC;KACtB,WAAW,CAAC,kDAAkD,CAAC;KAC/D,MAAM,CAAC,YAAY,EAAE,yCAAyC,EAAE,KAAK,CAAC;KACtE,MAAM,CAAC,oBAAoB,EAAE,+BAA+B,CAAC;KAC7D,MAAM,CAAC,eAAe,EAAE,yDAAyD,EAAE,KAAK,CAAC;KACzF,MAAM,CAAC,uBAAuB,EAAE,qCAAqC,CAAC;KACtE,MAAM,CACH,+BAA+B,EAC/B,uFAAuF,CAC1F;KACA,MAAM,CACH,+BAA+B,EAC/B,2FAA2F,CAC9F;KACA,MAAM,CAAC,uBAAuB,EAAE,yBAAyB,EAAE,0BAA0B,CAAC;KACtF,MAAM,CAAC,YAAY,EAAE,uCAAuC,EAAE,KAAK,CAAC;KACpE,MAAM,CAAC,eAAe,EAAE,kCAAkC,EAAE,KAAK,CAAC;KAClE,MAAM,CAAC,yBAAyB,EAAE,6BAA6B,CAAC;KAChE,MAAM,CAAC,CAAO,GAAG,EAAE,EAAE;IAClB,WAAW,CAAC,uBAAuB,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IAChD,WAAW,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC;IACnC,MAAM,UAAU,CACZ,GAAG,CAAC,IAAI,EACR,GAAG,CAAC,OAAO,EACX,GAAG,CAAC,UAAU,EACd,GAAG,CAAC,IAAI,EACR,GAAG,CAAC,MAAM,EACV,GAAG,CAAC,SAAS,EACb,GAAG,CAAC,SAAS,EACb,GAAG,CAAC,MAAM,EACV,GAAG,CAAC,WAAW,EACf,GAAG,CAAC,cAAc,CACrB,CAAC;AACN,CAAC,CAAA,CAAC,CAAC;AAEP,OAAO;KACF,OAAO,CAAC,KAAK,CAAC;KACd,WAAW,CAAC,uBAAuB,CAAC;KACpC,MAAM,CAAC,6BAA6B,EAAE,+BAA+B,CAAC;KACtE,MAAM,CAAC,mBAAmB,EAAE,+EAA+E,CAAC;KAC5G,MAAM,CAAC,YAAY,EAAE,6BAA6B,EAAE,KAAK,CAAC;KAC1D,MAAM,CAAC,qBAAqB,EAAE,sCAAsC,EAAE,QAAQ,CAAC;KAC/E,MAAM,CAAC,uBAAuB,EAAE,iEAAiE,EAAE,MAAM,CAAC;KAC1G,MAAM,CAAC,mBAAmB,EAAE,kBAAkB,EAAE,KAAK,CAAC;KACtD,MAAM,CAAC,gBAAgB,EAAE,sEAAsE,CAAC;KAChG,MAAM,CAAC,wBAAwB,EAAE,iCAAiC,EAAE,GAAG,CAAC;KACxE,MAAM,CAAC,0BAA0B,EAAE,4DAA4D,EAAE,QAAQ,CAAC;KAC1G,MAAM,CAAC,0BAA0B,EAAE,kDAAkD,CAAC;KACtF,MAAM,CAAC,wBAAwB,EAAE,gBAAgB,CAAC;KAClD,MAAM,CAAC,iBAAiB,EAAE,iBAAiB,EAAE,aAAa,CAAC;KAC3D,MAAM,CAAC,WAAW,EAAE,qCAAqC,EAAE,KAAK,CAAC;KACjE,MAAM,CAAC,yBAAyB,EAAE,8BAA8B,EAAE,qBAAqB,CAAC;KACxF,MAAM,CAAC,qBAAqB,EAAE,yDAAyD,EAAE,KAAK,CAAC;KAC/F,MAAM,CAAC,CAAO,GAAG,EAAE,EAAE;;IAClB,WAAW,CAAC,KAAK,CAAC,CAAA,MAAA,GAAG,CAAC,EAAE,0CAAE,KAAK,CAAC,GAAG,CAAC,KAAI,EAAE,CAAC,CAAC;IAC5C,WAAW,CAAC,oBAAoB,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IACjD,WAAW,CAAC,kBAAkB,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;IACpD,WAAW,CAAC,eAAe,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;IAC9C,WAAW,CAAC,UAAU,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;IAClC,IAAI,GAAG,CAAC,UAAU;QAAE,WAAW,CAAC,aAAa,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IAC9D,WAAW,CAAC,YAAY,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IACxC,WAAW,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IACpC,WAAW,CAAC,oBAAoB,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;IAEpD,sBAAsB;IACtB,IAAI,WAAW,CAAC,KAAK,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACnC,KAAK,MAAM,MAAM,IAAI,WAAW,CAAC,KAAK,EAAE,EAAE,CAAC;YACvC,IAAI,MAAM,KAAK,EAAE,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;gBACpD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,0BAA0B,MAAM,EAAE,CAAC,CAAC,CAAC;gBAC3D,OAAO;YACX,CAAC;QACL,CAAC;IACL,CAAC;IACD,MAAM,GAAG,CAAC,GAAG,CAAC,SAAS,EAAE,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,WAAW,CAAC,CAAC;AACrG,CAAC,CAAA,CAAC,CAAC;AAEP,OAAO;KACF,OAAO,CAAC,UAAU,CAAC;KACnB,WAAW,CAAC,mBAAmB,CAAC;KAChC,MAAM,CAAC,0BAA0B,EAAE,kBAAkB,EAAE,aAAa,CAAC;KACrE,MAAM,CAAC,0BAA0B,EAAE,kBAAkB,EAAE,mBAAmB,CAAC;KAC3E,MAAM,CAAC,mBAAmB,EAAE,+EAA+E,CAAC;KAC5G,MAAM,CAAC,YAAY,EAAE,6BAA6B,EAAE,KAAK,CAAC;KAC1D,MAAM,CAAC,CAAO,GAAG,EAAE,EAAE;IAClB,MAAM,QAAQ,CAAC,GAAG,CAAC,UAAU,EAAE,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC;AACnE,CAAC,CAAA,CAAC,CAAC;AAEP,OAAO;KACF,OAAO,CAAC,SAAS,CAAC;KAClB,WAAW,CAAC,kBAAkB,CAAC;KAC/B,MAAM,CAAC,wBAAwB,EAAE,yBAAyB,CAAC;KAC3D,MAAM,CAAC,0BAA0B,EAAE,kBAAkB,EAAE,aAAa,CAAC;KACrE,MAAM,CAAC,mBAAmB,EAAE,+EAA+E,CAAC;KAC5G,MAAM,CAAC,kBAAkB,EAAE,2BAA2B,CAAC;KACvD,MAAM,CAAC,YAAY,EAAE,6BAA6B,EAAE,KAAK,CAAC;KAC1D,MAAM,CAAC,YAAY,EAAE,oBAAoB,EAAE,KAAK,CAAC;KACjD,MAAM,CAAC,qBAAqB,EAAE,uBAAuB,EAAE,cAAc,CAAC;KACtE,MAAM,CAAC,CAAO,GAAG,EAAE,EAAE;IAClB,MAAM,OAAO,CAAC,GAAG,CAAC,KAAK,EAAE,GAAG,CAAC,UAAU,EAAE,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,OAAO,EAAE,GAAG,CAAC,QAAQ,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;AACxG,CAAC,CAAA,CAAC,CAAC;AAEP,OAAO;KACF,OAAO,CAAC,QAAQ,CAAC;KACjB,WAAW,CAAC,mBAAmB,CAAC;KAChC,MAAM,CAAC,wBAAwB,EAAE,sBAAsB,EAAE,aAAa,CAAC;KACvE,MAAM,CAAC,0BAA0B,EAAE,kBAAkB,CAAC;KACtD,MAAM,CAAC,2BAA2B,EAAE,mBAAmB,CAAC;KACxD,MAAM,CAAC,6BAA6B,EAAE,qBAAqB,CAAC;KAC5D,MAAM,CAAC,6CAA6C,EAAE,0BAA0B,CAAC;KACjF,MAAM,CAAC,qBAAqB,EAAE,0CAA0C,EAAE,QAAQ,CAAC;KACnF,MAAM,CAAC,CAAO,GAAG,EAAE,EAAE;IAClB,MAAM,MAAM,CACR,GAAG,CAAC,QAAQ,EACZ,GAAG,CAAC,UAAU,EACd,GAAG,CAAC,WAAW,EACf,GAAG,CAAC,aAAa,EACjB,GAAG,CAAC,iBAAiB,EACrB,GAAG,CAAC,MAAM,CACb,CAAC;AACN,CAAC,CAAA,CAAC,CAAC;AAEP,OAAO;KACF,OAAO,CAAC,KAAK,CAAC;KACd,WAAW,CAAC,iBAAiB,CAAC;KAC9B,cAAc,CAAC,iBAAiB,EAAE,YAAY,CAAC;KAC/C,MAAM,CAAC,0BAA0B,EAAE,kBAAkB,EAAE,QAAQ,CAAC;KAChE,MAAM,CAAC,gBAAgB,EAAE,kDAAkD,EAAE,KAAK,CAAC;KACnF,MAAM,CAAC,qBAAqB,EAAE,2DAA2D,EAAE,GAAG,CAAC;KAC/F,MAAM,CAAC,yBAAyB,EAAE,0BAA0B,EAAE,GAAG,CAAC;KAClE,MAAM,CAAC,eAAe,EAAE,qCAAqC,EAAE,KAAK,CAAC;KACrE,MAAM,CAAC,6BAA6B,EAAE,yBAAyB,EAAE,0BAA0B,CAAC;KAC5F,MAAM,CAAC,qBAAqB,EAAE,8BAA8B,EAAE,kBAAkB,CAAC;KACjF,MAAM,CAAC,iBAAiB,EAAE,0BAA0B,EAAE,KAAK,CAAC;KAC5D,MAAM,CAAC,WAAW,EAAE,gDAAgD,EAAE,KAAK,CAAC;KAC5E,MAAM,CAAC,WAAW,EAAE,kBAAkB,EAAE,KAAK,CAAC;KAC9C,MAAM,CAAC,gBAAgB,EAAE,sEAAsE,CAAC;KAChG,MAAM,CAAC,wBAAwB,EAAE,iCAAiC,EAAE,GAAG,CAAC;KACxE,MAAM,CAAC,0BAA0B,EAAE,4DAA4D,EAAE,QAAQ,CAAC;KAC1G,MAAM,CAAC,0BAA0B,EAAE,kDAAkD,CAAC;KACtF,MAAM,CAAC,wBAAwB,EAAE,gBAAgB,CAAC;KAClD,MAAM,CAAC,iBAAiB,EAAE,iBAAiB,EAAE,aAAa,CAAC;KAC3D,MAAM,CAAC,yBAAyB,EAAE,sEAAsE,EAAE,KAAK,CAAC;KAChH,MAAM,CAAC,YAAY,EAAE,sCAAsC,EAAE,KAAK,CAAC;KACnE,MAAM,CAAC,CAAO,GAAG,EAAE,EAAE;;IAClB,WAAW,CAAC,KAAK,CAAC,CAAA,MAAA,GAAG,CAAC,EAAE,0CAAE,KAAK,CAAC,GAAG,CAAC,KAAI,EAAE,CAAC,CAAC;IAC5C,WAAW,CAAC,eAAe,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;IAC9C,WAAW,CAAC,UAAU,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;IAClC,WAAW,CAAC,oBAAoB,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IACjD,WAAW,CAAC,YAAY,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IACxC,IAAI,GAAG,CAAC,UAAU;QAAE,WAAW,CAAC,aAAa,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IAC9D,WAAW,CAAC,kBAAkB,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;IAEvD,sBAAsB;IACtB,IAAI,WAAW,CAAC,KAAK,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACnC,KAAK,MAAM,MAAM,IAAI,WAAW,CAAC,KAAK,EAAE,EAAE,CAAC;YACvC,IAAI,MAAM,KAAK,EAAE,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;gBACpD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,0BAA0B,MAAM,EAAE,CAAC,CAAC,CAAC;gBAC3D,OAAO;YACX,CAAC;QACL,CAAC;IACL,CAAC;IACD,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC;AACnB,CAAC,CAAA,CAAC,CAAC;AAEP,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC"}
|
package/build/lazyLoad/index.js
CHANGED
|
@@ -48,11 +48,15 @@ import * as globals from "../utility/globals.js";
|
|
|
48
48
|
* @param {string} urlsFile - The JSON file containing additional URLs for subsequent requests.
|
|
49
49
|
* @returns {Promise<void>}
|
|
50
50
|
*/
|
|
51
|
-
const lazyLoad = (url, output, strictScope, inputScope, threads, subsequentRequestsFlag, urlsFile) => __awaiter(void 0, void 0, void 0, function* () {
|
|
51
|
+
const lazyLoad = (url, output, strictScope, inputScope, threads, subsequentRequestsFlag, urlsFile, insecure) => __awaiter(void 0, void 0, void 0, function* () {
|
|
52
52
|
console.log(chalk.cyan("[i] Loading 'Lazy Load' module"));
|
|
53
53
|
if (process.env.IS_DOCKER === "true") {
|
|
54
54
|
console.log(chalk.yellow("[!] Running in Docker. Browser sandbox disabled"));
|
|
55
55
|
}
|
|
56
|
+
if (insecure) {
|
|
57
|
+
process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0";
|
|
58
|
+
console.log(chalk.yellow("[!] Running in insecure mode. SSL certificate verification disabled"));
|
|
59
|
+
}
|
|
56
60
|
// if cache enabled, check if the cache file exists or not. If no, then create a new one
|
|
57
61
|
if (!globals.getDisableCache()) {
|
|
58
62
|
if (!fs.existsSync(globals.getRespCacheFile())) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/lazyLoad/index.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,eAAe,MAAM,wBAAwB,CAAC;AACrD,OAAO,MAAM,MAAM,oBAAoB,CAAC;AACxC,OAAO,SAAS,MAAM,iBAAiB,CAAC;AACxC,MAAM,QAAQ,GAAG,SAAS,CAAC,OAAO,CAAC;AACnC,OAAO,EAAE,GAAG,EAAE,MAAM,KAAK,CAAC;AAE1B,UAAU;AACV,OAAO,kBAAkB,MAAM,sCAAsC,CAAC;AACtE,OAAO,gBAAgB,MAAM,+BAA+B,CAAC;AAC7D,OAAO,8BAA8B,MAAM,6CAA6C,CAAC;AACzF,OAAO,oCAAoC,MAAM,mDAAmD,CAAC;AAErG,UAAU;AACV,OAAO,sBAAsB,MAAM,qCAAqC,CAAC;AACzE,OAAO,0BAA0B,MAAM,yCAAyC,CAAC;AACjF,OAAO,aAAa,MAAM,4BAA4B,CAAC;AAEvD,SAAS;AACT,OAAO,wBAAwB,MAAM,sCAAsC,CAAC;AAC5E,OAAO,4BAA4B,MAAM,0CAA0C,CAAC;AAEpF,UAAU;AACV,OAAO,aAAa,MAAM,wBAAwB,CAAC;AACnD,OAAO,gBAAgB,MAAM,2BAA2B,CAAC;AAEzD,qBAAqB;AACrB,OAAO,KAAK,eAAe,MAAM,cAAc,CAAC;AAChD,OAAO,KAAK,OAAO,MAAM,uBAAuB,CAAC;AAEjD;;;;;;;;;;;;;;;GAeG;AACH,MAAM,QAAQ,GAAG,CACb,GAAW,EACX,MAAc,EACd,WAAoB,EACpB,UAAc,EACd,OAAe,EACf,sBAA+B,EAC/B,QAAgB,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/lazyLoad/index.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,eAAe,MAAM,wBAAwB,CAAC;AACrD,OAAO,MAAM,MAAM,oBAAoB,CAAC;AACxC,OAAO,SAAS,MAAM,iBAAiB,CAAC;AACxC,MAAM,QAAQ,GAAG,SAAS,CAAC,OAAO,CAAC;AACnC,OAAO,EAAE,GAAG,EAAE,MAAM,KAAK,CAAC;AAE1B,UAAU;AACV,OAAO,kBAAkB,MAAM,sCAAsC,CAAC;AACtE,OAAO,gBAAgB,MAAM,+BAA+B,CAAC;AAC7D,OAAO,8BAA8B,MAAM,6CAA6C,CAAC;AACzF,OAAO,oCAAoC,MAAM,mDAAmD,CAAC;AAErG,UAAU;AACV,OAAO,sBAAsB,MAAM,qCAAqC,CAAC;AACzE,OAAO,0BAA0B,MAAM,yCAAyC,CAAC;AACjF,OAAO,aAAa,MAAM,4BAA4B,CAAC;AAEvD,SAAS;AACT,OAAO,wBAAwB,MAAM,sCAAsC,CAAC;AAC5E,OAAO,4BAA4B,MAAM,0CAA0C,CAAC;AAEpF,UAAU;AACV,OAAO,aAAa,MAAM,wBAAwB,CAAC;AACnD,OAAO,gBAAgB,MAAM,2BAA2B,CAAC;AAEzD,qBAAqB;AACrB,OAAO,KAAK,eAAe,MAAM,cAAc,CAAC;AAChD,OAAO,KAAK,OAAO,MAAM,uBAAuB,CAAC;AAEjD;;;;;;;;;;;;;;;GAeG;AACH,MAAM,QAAQ,GAAG,CACb,GAAW,EACX,MAAc,EACd,WAAoB,EACpB,UAAc,EACd,OAAe,EACf,sBAA+B,EAC/B,QAAgB,EAChB,QAAiB,EACnB,EAAE;IACA,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,gCAAgC,CAAC,CAAC,CAAC;IAE1D,IAAI,OAAO,CAAC,GAAG,CAAC,SAAS,KAAK,MAAM,EAAE,CAAC;QACnC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,iDAAiD,CAAC,CAAC,CAAC;IACjF,CAAC;IAED,IAAI,QAAQ,EAAE,CAAC;QACX,OAAO,CAAC,GAAG,CAAC,4BAA4B,GAAG,GAAG,CAAC;QAC/C,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,qEAAqE,CAAC,CAAC,CAAC;IACrG,CAAC;IAED,wFAAwF;IACxF,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,EAAE,CAAC;QAC7B,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,gBAAgB,EAAE,CAAC,EAAE,CAAC;YAC7C,EAAE,CAAC,aAAa,CAAC,OAAO,CAAC,gBAAgB,EAAE,EAAE,IAAI,CAAC,CAAC;QACvD,CAAC;IACL,CAAC;IAED,IAAI,IAAI,CAAC;IAET,oCAAoC;IACpC,IAAI,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QACrB,IAAI,GAAG,EAAE,CAAC,YAAY,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAChD,yBAAyB;QACzB,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;IACnD,CAAC;SAAM,IAAI,GAAG,CAAC,KAAK,CAAC,+BAA+B,CAAC,EAAE,CAAC;QACpD,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;IACjB,CAAC;SAAM,CAAC;QACJ,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,8BAA8B,CAAC,CAAC,CAAC;QACvD,OAAO;IACX,CAAC;IAED,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;QACrB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,kBAAkB,GAAG,EAAE,CAAC,CAAC,CAAC;QAEjD,IAAI,WAAW,EAAE,CAAC;YACd,eAAe,CAAC,WAAW,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC;QACnD,CAAC;aAAM,CAAC;YACJ,eAAe,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;QACzC,CAAC;QAED,eAAe,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;QAExC,MAAM,IAAI,GAAG,MAAM,eAAe,CAAC,GAAG,CAAC,CAAC;QACxC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;QAE9C,IAAI,IAAI,EAAE,CAAC;YACP,IAAI,IAAI,CAAC,IAAI,KAAK,MAAM,EAAE,CAAC;gBACvB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,sBAAsB,CAAC,CAAC,CAAC;gBACjD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,aAAa,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;gBAExD,+CAA+C;gBAC/C,MAAM,oBAAoB,GAAG,MAAM,gBAAgB,CAAC,GAAG,CAAC,CAAC;gBAEzD,qBAAqB;gBACrB,MAAM,wBAAwB,GAAG,MAAM,8BAA8B,CAAC,GAAG,CAAC,CAAC;gBAC3E,MAAM,8BAA8B,GAAG,MAAM,oCAAoC,CAAC,GAAG,CAAC,CAAC;gBACvF,IAAI,mCAAmC,CAAC;gBAExC,IAAI,sBAAsB,EAAE,CAAC;oBACzB,wCAAwC;oBACxC,mCAAmC,GAAG,MAAM,kBAAkB,CAC1D,GAAG,EACH,QAAQ,EACR,OAAO,EACP,MAAM,EACN,eAAe,CAAC,SAAS,EAAE,CAAC,0BAA0B;qBACzD,CAAC;gBACN,CAAC;gBAED,yBAAyB;gBACzB,yBAAyB;gBACzB,IAAI,iBAAiB,GAAmB;oBACpC,GAAG,CAAC,oBAAoB,IAAI,EAAE,CAAC;oBAC/B,GAAG,CAAC,wBAAwB,IAAI,EAAE,CAAC;oBACnC,GAAG,CAAC,8BAA8B,IAAI,EAAE,CAAC;oBACzC,GAAG,CAAC,mCAAmC,IAAI,EAAE,CAAC;iBACjD,CAAC;gBACF,sGAAsG;gBACtG,8EAA8E;gBAC9E,mGAAmG;gBACnG,yFAAyF;gBACzF,iBAAiB,CAAC,IAAI,CAAC,GAAG,eAAe,CAAC,SAAS,EAAE,CAAC,CAAC;gBAEvD,sEAAsE;gBACtE,iBAAiB,CAAC,IAAI,CAAC,GAAG,eAAe,CAAC,WAAW,EAAE,CAAC,CAAC;gBAEzD,mBAAmB;gBACnB,iBAAiB,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,iBAAiB,CAAC,CAAC,CAAC;gBAEpD,MAAM,aAAa,CAAC,iBAAiB,EAAE,MAAM,CAAC,CAAC;YACnD,CAAC;iBAAM,IAAI,IAAI,CAAC,IAAI,KAAK,KAAK,EAAE,CAAC;gBAC7B,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,qBAAqB,CAAC,CAAC,CAAC;gBAChD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,aAAa,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;YAC5D,CAAC;iBAAM,IAAI,IAAI,CAAC,IAAI,KAAK,MAAM,EAAE,CAAC;gBAC9B,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,sBAAsB,CAAC,CAAC,CAAC;gBACjD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,aAAa,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;gBAExD,IAAI,iBAAiB,GAAa,EAAE,CAAC;gBAErC,sCAAsC;gBACtC,MAAM,qBAAqB,GAAG,MAAM,sBAAsB,CAAC,GAAG,CAAC,CAAC;gBAChE,MAAM,yBAAyB,GAAG,MAAM,0BAA0B,CAAC,GAAG,CAAC,CAAC;gBAExE,iBAAiB,CAAC,IAAI,CAAC,GAAG,qBAAqB,CAAC,CAAC;gBACjD,iBAAiB,CAAC,IAAI,CAAC,GAAG,yBAAyB,CAAC,CAAC;gBACrD,mBAAmB;gBACnB,iBAAiB,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,iBAAiB,CAAC,CAAC,CAAC;gBAEpD,IAAI,cAAc,GAAG,EAAE,CAAC;gBACxB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,4CAA4C,CAAC,CAAC,CAAC;gBACtE,KAAK,MAAM,MAAM,IAAI,iBAAiB,EAAE,CAAC;oBACrC,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;gBAC1D,CAAC;gBAED,iBAAiB,CAAC,IAAI,CAAC,GAAG,cAAc,CAAC,CAAC;gBAE1C,iBAAiB,CAAC,IAAI,CAAC,GAAG,eAAe,CAAC,SAAS,EAAE,CAAC,CAAC;gBAEvD,mBAAmB;gBACnB,iBAAiB,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,iBAAiB,CAAC,CAAC,CAAC;gBAEpD,MAAM,aAAa,CAAC,iBAAiB,EAAE,MAAM,CAAC,CAAC;YACnD,CAAC;iBAAM,IAAI,IAAI,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBAChC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,qBAAqB,CAAC,CAAC,CAAC;gBAChD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,aAAa,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;gBAExD,IAAI,iBAAiB,GAAG,EAAE,CAAC;gBAE3B,sCAAsC;gBACtC,MAAM,qBAAqB,GAAG,MAAM,wBAAwB,CAAC,GAAG,CAAC,CAAC;gBAClE,iBAAiB,CAAC,IAAI,CAAC,GAAG,qBAAqB,CAAC,CAAC;gBAEjD,0BAA0B;gBAC1B,MAAM,yBAAyB,GAAG,MAAM,4BAA4B,CAAC,GAAG,CAAC,CAAC;gBAC1E,iBAAiB,CAAC,IAAI,CAAC,GAAG,yBAAyB,CAAC,CAAC;gBAErD,mBAAmB;gBACnB,iBAAiB,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,iBAAiB,CAAC,CAAC,CAAC;gBAEpD,MAAM,aAAa,CAAC,iBAAiB,EAAE,MAAM,CAAC,CAAC;YACnD,CAAC;QACL,CAAC;aAAM,CAAC;YACJ,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,+BAA+B,CAAC,CAAC,CAAC;YACxD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC,CAAC;YACnD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,wCAAwC,CAAC,CAAC,CAAC;YACpE,MAAM,OAAO,GAAG,MAAM,gBAAgB,CAAC,GAAG,CAAC,CAAC;YAC5C,IAAI,OAAO,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAChC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,aAAa,OAAO,CAAC,MAAM,YAAY,CAAC,CAAC,CAAC;gBAClE,MAAM,aAAa,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;YACzC,CAAC;QACL,CAAC;IACL,CAAC;AACL,CAAC,CAAA,CAAC;AAEF,eAAe,QAAQ,CAAC"}
|
|
@@ -0,0 +1,53 @@
|
|
|
1
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
2
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
3
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
4
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
5
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
6
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
7
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
8
|
+
});
|
|
9
|
+
};
|
|
10
|
+
import chalk from "chalk";
|
|
11
|
+
import initReportDb from "./utility/initReportDb.js";
|
|
12
|
+
import fs from "fs";
|
|
13
|
+
import { populateMappedJson } from "./utility/populateDb/populateMappedJson.js";
|
|
14
|
+
import Database from "better-sqlite3";
|
|
15
|
+
import { populateAnalysisFindings } from "./utility/populateDb/populateAnalysisFindings.js";
|
|
16
|
+
import populateEndpoints from "./utility/populateDb/populateEndpoints.js";
|
|
17
|
+
import populateMappedOpenapi from "./utility/populateDb/populateMappedOpenapi.js";
|
|
18
|
+
import genHtml from "./utility/genHtml.js";
|
|
19
|
+
const report = (sqliteDbPath, mappedJsonFilePath, analyzeJsonFilePath, endpointsJsonFilePath, mappedOpenapiJsonFilePath, reportFileName) => __awaiter(void 0, void 0, void 0, function* () {
|
|
20
|
+
console.log(chalk.cyan("[i] Running 'report' module"));
|
|
21
|
+
// check if db exists. if not, init
|
|
22
|
+
if (!fs.existsSync(sqliteDbPath)) {
|
|
23
|
+
yield initReportDb(sqliteDbPath);
|
|
24
|
+
console.log(chalk.green("[✓] Report database initialized successfully"));
|
|
25
|
+
}
|
|
26
|
+
const db = new Database(sqliteDbPath);
|
|
27
|
+
// first, populate mapped.json
|
|
28
|
+
if (mappedJsonFilePath) {
|
|
29
|
+
const chunks = JSON.parse(fs.readFileSync(mappedJsonFilePath, "utf8"));
|
|
30
|
+
yield populateMappedJson(db, chunks);
|
|
31
|
+
}
|
|
32
|
+
// then, move to analyze.json
|
|
33
|
+
if (analyzeJsonFilePath) {
|
|
34
|
+
const findings = JSON.parse(fs.readFileSync(analyzeJsonFilePath, "utf8"));
|
|
35
|
+
yield populateAnalysisFindings(db, findings);
|
|
36
|
+
}
|
|
37
|
+
// populate the endpoints
|
|
38
|
+
if (endpointsJsonFilePath) {
|
|
39
|
+
const endpoints = JSON.parse(fs.readFileSync(endpointsJsonFilePath, "utf8"));
|
|
40
|
+
yield populateEndpoints(db, endpoints);
|
|
41
|
+
}
|
|
42
|
+
// populate the mapped openapi
|
|
43
|
+
if (mappedOpenapiJsonFilePath) {
|
|
44
|
+
const openapi = JSON.parse(fs.readFileSync(mappedOpenapiJsonFilePath, "utf8"));
|
|
45
|
+
yield populateMappedOpenapi(db, openapi);
|
|
46
|
+
}
|
|
47
|
+
// finally, generate HTML report
|
|
48
|
+
if (reportFileName) {
|
|
49
|
+
yield genHtml(`${reportFileName}.html`, db);
|
|
50
|
+
}
|
|
51
|
+
});
|
|
52
|
+
export default report;
|
|
53
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/report/index.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,YAAY,MAAM,2BAA2B,CAAC;AACrD,OAAO,EAAE,MAAM,IAAI,CAAC;AAEpB,OAAO,EAAE,kBAAkB,EAAE,MAAM,4CAA4C,CAAC;AAChF,OAAO,QAAQ,MAAM,gBAAgB,CAAC;AAEtC,OAAO,EAAE,wBAAwB,EAAE,MAAM,kDAAkD,CAAC;AAC5F,OAAO,iBAAiB,MAAM,2CAA2C,CAAC;AAC1E,OAAO,qBAAqB,MAAM,+CAA+C,CAAC;AAClF,OAAO,OAAO,MAAM,sBAAsB,CAAC;AAE3C,MAAM,MAAM,GAAG,CACX,YAAoB,EACpB,kBAAsC,EACtC,mBAAuC,EACvC,qBAAyC,EACzC,yBAA6C,EAC7C,cAAkC,EACpC,EAAE;IACA,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC,CAAC;IAEvD,mCAAmC;IACnC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;QAC/B,MAAM,YAAY,CAAC,YAAY,CAAC,CAAC;QACjC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,8CAA8C,CAAC,CAAC,CAAC;IAC7E,CAAC;IAED,MAAM,EAAE,GAAG,IAAI,QAAQ,CAAC,YAAY,CAAC,CAAC;IAEtC,8BAA8B;IAC9B,IAAI,kBAAkB,EAAE,CAAC;QACrB,MAAM,MAAM,GAAW,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,kBAAkB,EAAE,MAAM,CAAC,CAAC,CAAC;QAC/E,MAAM,kBAAkB,CAAC,EAAE,EAAE,MAAM,CAAC,CAAC;IACzC,CAAC;IAED,6BAA6B;IAC7B,IAAI,mBAAmB,EAAE,CAAC;QACtB,MAAM,QAAQ,GAAmB,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,mBAAmB,EAAE,MAAM,CAAC,CAAC,CAAC;QAC1F,MAAM,wBAAwB,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAC;IACjD,CAAC;IAED,yBAAyB;IACzB,IAAI,qBAAqB,EAAE,CAAC;QACxB,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,qBAAqB,EAAE,MAAM,CAAC,CAAC,CAAC;QAC7E,MAAM,iBAAiB,CAAC,EAAE,EAAE,SAAS,CAAC,CAAC;IAC3C,CAAC;IAED,8BAA8B;IAC9B,IAAI,yBAAyB,EAAE,CAAC;QAC5B,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,yBAAyB,EAAE,MAAM,CAAC,CAAC,CAAC;QAC/E,MAAM,qBAAqB,CAAC,EAAE,EAAE,OAAO,CAAC,CAAC;IAC7C,CAAC;IAED,gCAAgC;IAChC,IAAI,cAAc,EAAE,CAAC;QACjB,MAAM,OAAO,CAAC,GAAG,cAAc,OAAO,EAAE,EAAE,CAAC,CAAC;IAChD,CAAC;AACL,CAAC,CAAA,CAAC;AAEF,eAAe,MAAM,CAAC"}
|
|
@@ -0,0 +1,184 @@
|
|
|
1
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
2
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
3
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
4
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
5
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
6
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
7
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
8
|
+
});
|
|
9
|
+
};
|
|
10
|
+
import chalk from "chalk";
|
|
11
|
+
import fs from "fs";
|
|
12
|
+
import { marked } from "marked";
|
|
13
|
+
import hljs from "highlight.js";
|
|
14
|
+
import addAnalyze from "./markdownGen/addAnalyze.js";
|
|
15
|
+
import CONFIG from "../../globalConfig.js";
|
|
16
|
+
import addMappedJson from "./markdownGen/addMappedJson.js";
|
|
17
|
+
const html = (analyzeMarkdown, mappedJsonMarkdown) => __awaiter(void 0, void 0, void 0, function* () {
|
|
18
|
+
return `<!DOCTYPE html>
|
|
19
|
+
<html>
|
|
20
|
+
<head>
|
|
21
|
+
<meta charset="UTF-8">
|
|
22
|
+
<title>JS Recon Report</title>
|
|
23
|
+
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/highlight.js@11.9.0/styles/github-dark.css">
|
|
24
|
+
<style>
|
|
25
|
+
h2, h3, h4 {
|
|
26
|
+
cursor: pointer;
|
|
27
|
+
position: relative;
|
|
28
|
+
padding-left: 20px;
|
|
29
|
+
}
|
|
30
|
+
h2::before, h3::before, h4::before {
|
|
31
|
+
content: '▼';
|
|
32
|
+
position: absolute;
|
|
33
|
+
left: 0;
|
|
34
|
+
transition: transform 0.2s;
|
|
35
|
+
}
|
|
36
|
+
.collapsed::before {
|
|
37
|
+
transform: rotate(-90deg);
|
|
38
|
+
}
|
|
39
|
+
body {
|
|
40
|
+
padding-top: 80px; /* Height of the navbar */
|
|
41
|
+
}
|
|
42
|
+
.navbar {
|
|
43
|
+
position: fixed;
|
|
44
|
+
top: 0;
|
|
45
|
+
left: 0;
|
|
46
|
+
width: 100%;
|
|
47
|
+
background-color: #ffffff;
|
|
48
|
+
border-bottom: 1px solid #e0e0e0;
|
|
49
|
+
display: flex;
|
|
50
|
+
align-items: center;
|
|
51
|
+
padding: 10px 20px;
|
|
52
|
+
z-index: 1000;
|
|
53
|
+
box-shadow: 0 2px 5px rgba(0,0,0,0.1);
|
|
54
|
+
}
|
|
55
|
+
.navbar-logo img {
|
|
56
|
+
height: 40px;
|
|
57
|
+
}
|
|
58
|
+
.navbar-links {
|
|
59
|
+
list-style: none;
|
|
60
|
+
margin: 0 0 0 20px;
|
|
61
|
+
padding: 0;
|
|
62
|
+
display: flex;
|
|
63
|
+
gap: 15px;
|
|
64
|
+
}
|
|
65
|
+
</style>
|
|
66
|
+
</head>
|
|
67
|
+
<body>
|
|
68
|
+
<nav class="navbar">
|
|
69
|
+
<div class="navbar-logo">
|
|
70
|
+
<img src="https://js-recon.io/img/js-recon-logo.png" alt="JS Recon Logo">
|
|
71
|
+
</div>
|
|
72
|
+
<ul class="navbar-links" id="navbar-links">
|
|
73
|
+
<li><a href="#home">Home</a></li>
|
|
74
|
+
<li><a href="#mappedJson">Mapped JSON</a></li>
|
|
75
|
+
<li><a href="#about">About</a></li>
|
|
76
|
+
</ul>
|
|
77
|
+
</nav>
|
|
78
|
+
<div id="content"></div>
|
|
79
|
+
<script id="page-data" type="application/json">
|
|
80
|
+
${JSON.stringify({
|
|
81
|
+
home: yield marked.parse(analyzeMarkdown),
|
|
82
|
+
mappedJson: yield marked.parse(mappedJsonMarkdown),
|
|
83
|
+
about: `# About\n\n The documentation for this tool is available at [JS Recon Docs](https://js-recon.io/).\n\n## Version\n\nThis report is generated with JS Recon [v${CONFIG.version}](https://github.com/shriyanss/js-recon/releases/tag/v${CONFIG.version}).`,
|
|
84
|
+
})}
|
|
85
|
+
</script>
|
|
86
|
+
<script src="https://cdn.jsdelivr.net/npm/marked/marked.min.js"></script>
|
|
87
|
+
<script>
|
|
88
|
+
document.addEventListener('DOMContentLoaded', () => {
|
|
89
|
+
const contentDiv = document.getElementById('content');
|
|
90
|
+
const navbarLinks = document.getElementById('navbar-links');
|
|
91
|
+
const pages = JSON.parse(document.getElementById('page-data').textContent);
|
|
92
|
+
|
|
93
|
+
const updateVisibility = () => {
|
|
94
|
+
const headers = contentDiv.querySelectorAll('h2, h3, h4');
|
|
95
|
+
let parentCollapsedLevels = [];
|
|
96
|
+
headers.forEach(header => {
|
|
97
|
+
const level = parseInt(header.tagName.substring(1));
|
|
98
|
+
parentCollapsedLevels = parentCollapsedLevels.filter(l => l < level);
|
|
99
|
+
if (parentCollapsedLevels.length > 0) {
|
|
100
|
+
header.style.display = 'none';
|
|
101
|
+
} else {
|
|
102
|
+
header.style.display = '';
|
|
103
|
+
}
|
|
104
|
+
if (header.classList.contains('collapsed')) {
|
|
105
|
+
parentCollapsedLevels.push(level);
|
|
106
|
+
}
|
|
107
|
+
let nextEl = header.nextElementSibling;
|
|
108
|
+
while (nextEl && !nextEl.tagName.match(/^H[1-4]$/)) {
|
|
109
|
+
if (parentCollapsedLevels.length > 0) {
|
|
110
|
+
nextEl.style.display = 'none';
|
|
111
|
+
} else {
|
|
112
|
+
nextEl.style.display = '';
|
|
113
|
+
}
|
|
114
|
+
nextEl = nextEl.nextElementSibling;
|
|
115
|
+
}
|
|
116
|
+
});
|
|
117
|
+
};
|
|
118
|
+
|
|
119
|
+
const initializeCollapsibleHeaders = () => {
|
|
120
|
+
const headers = contentDiv.querySelectorAll('h2, h3, h4');
|
|
121
|
+
headers.forEach((header) => {
|
|
122
|
+
if (header.tagName.toLowerCase() === 'h3') {
|
|
123
|
+
header.classList.add('collapsed');
|
|
124
|
+
}
|
|
125
|
+
header.addEventListener('click', () => {
|
|
126
|
+
header.classList.toggle('collapsed');
|
|
127
|
+
updateVisibility();
|
|
128
|
+
});
|
|
129
|
+
});
|
|
130
|
+
updateVisibility();
|
|
131
|
+
};
|
|
132
|
+
|
|
133
|
+
const renderPage = (pageName) => {
|
|
134
|
+
const markdownContent = pages[pageName] || '<h2>Page Not Found: ' + pageName + '</h2>';
|
|
135
|
+
contentDiv.innerHTML = pageName === 'home' ? markdownContent : window.marked.parse(markdownContent);
|
|
136
|
+
initializeCollapsibleHeaders();
|
|
137
|
+
};
|
|
138
|
+
|
|
139
|
+
const handleHashChange = () => {
|
|
140
|
+
const pageName = window.location.hash.substring(1) || 'home';
|
|
141
|
+
renderPage(pageName);
|
|
142
|
+
};
|
|
143
|
+
|
|
144
|
+
navbarLinks.addEventListener('click', (event) => {
|
|
145
|
+
if (event.target.tagName === 'A') {
|
|
146
|
+
event.preventDefault();
|
|
147
|
+
const pageName = event.target.hash.substring(1);
|
|
148
|
+
window.location.hash = pageName;
|
|
149
|
+
}
|
|
150
|
+
});
|
|
151
|
+
|
|
152
|
+
window.addEventListener('hashchange', handleHashChange);
|
|
153
|
+
|
|
154
|
+
// Initial page load
|
|
155
|
+
handleHashChange();
|
|
156
|
+
});
|
|
157
|
+
</script>
|
|
158
|
+
</body>
|
|
159
|
+
</html>`;
|
|
160
|
+
});
|
|
161
|
+
const genHtml = (outputReportFile, db) => __awaiter(void 0, void 0, void 0, function* () {
|
|
162
|
+
console.log(chalk.cyan("[i] Generating HTML report..."));
|
|
163
|
+
let analyzeMarkdown = `# JS Recon Report generated at ${new Date().toISOString()}\n\n`;
|
|
164
|
+
let mappedJsonMarkdown = analyzeMarkdown;
|
|
165
|
+
analyzeMarkdown = yield addAnalyze(analyzeMarkdown, db);
|
|
166
|
+
mappedJsonMarkdown = yield addMappedJson(mappedJsonMarkdown, db);
|
|
167
|
+
const renderer = new marked.Renderer();
|
|
168
|
+
renderer.code = ({ text, lang }) => {
|
|
169
|
+
const language = hljs.getLanguage(lang) ? lang : "plaintext";
|
|
170
|
+
const highlightedCode = hljs.highlight(text, { language, ignoreIllegals: true }).value;
|
|
171
|
+
return `<pre><code class="hljs ${language}">${highlightedCode}</code></pre>`;
|
|
172
|
+
};
|
|
173
|
+
marked.setOptions({
|
|
174
|
+
renderer,
|
|
175
|
+
async: true,
|
|
176
|
+
pedantic: false,
|
|
177
|
+
gfm: true,
|
|
178
|
+
});
|
|
179
|
+
const renderedHtml = yield html(analyzeMarkdown, mappedJsonMarkdown);
|
|
180
|
+
fs.writeFileSync(outputReportFile, renderedHtml);
|
|
181
|
+
console.log(chalk.green("[✓] HTML report generated successfully"));
|
|
182
|
+
});
|
|
183
|
+
export default genHtml;
|
|
184
|
+
//# sourceMappingURL=genHtml.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"genHtml.js","sourceRoot":"","sources":["../../../src/report/utility/genHtml.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAChC,OAAO,IAAI,MAAM,cAAc,CAAC;AAEhC,OAAO,UAAU,MAAM,6BAA6B,CAAC;AACrD,OAAO,MAAM,MAAM,uBAAuB,CAAC;AAC3C,OAAO,aAAa,MAAM,gCAAgC,CAAC;AAQ3D,MAAM,IAAI,GAAG,CAAO,eAAuB,EAAE,kBAA0B,EAAE,EAAE;IACvE,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;MA8DL,IAAI,CAAC,SAAS,CAAC;QACb,IAAI,EAAE,MAAM,MAAM,CAAC,KAAK,CAAC,eAAe,CAAC;QACzC,UAAU,EAAE,MAAM,MAAM,CAAC,KAAK,CAAC,kBAAkB,CAAC;QAClD,KAAK,EAAE,gKAAgK,MAAM,CAAC,OAAO,yDAAyD,MAAM,CAAC,OAAO,IAAI;KACnQ,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;QA2EE,CAAC;AACT,CAAC,CAAA,CAAC;AAEF,MAAM,OAAO,GAAG,CAAO,gBAAwB,EAAE,EAAqB,EAAE,EAAE;IACtE,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC,CAAC;IAEzD,IAAI,eAAe,GAAG,kCAAkC,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,MAAM,CAAC;IACvF,IAAI,kBAAkB,GAAG,eAAe,CAAC;IAEzC,eAAe,GAAG,MAAM,UAAU,CAAC,eAAe,EAAE,EAAE,CAAC,CAAC;IACxD,kBAAkB,GAAG,MAAM,aAAa,CAAC,kBAAkB,EAAE,EAAE,CAAC,CAAC;IAEjE,MAAM,QAAQ,GAAG,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;IACvC,QAAQ,CAAC,IAAI,GAAG,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE,EAAE;QAC/B,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,CAAC,IAAc,CAAC,CAAC,CAAC,CAAE,IAAe,CAAC,CAAC,CAAC,WAAW,CAAC;QACnF,MAAM,eAAe,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,EAAE,QAAQ,EAAE,cAAc,EAAE,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC;QACvF,OAAO,0BAA0B,QAAQ,KAAK,eAAe,eAAe,CAAC;IACjF,CAAC,CAAC;IAEF,MAAM,CAAC,UAAU,CAAC;QACd,QAAQ;QACR,KAAK,EAAE,IAAI;QACX,QAAQ,EAAE,KAAK;QACf,GAAG,EAAE,IAAI;KACZ,CAAC,CAAC;IACH,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,eAAe,EAAE,kBAAkB,CAAC,CAAC;IACrE,EAAE,CAAC,aAAa,CAAC,gBAAgB,EAAE,YAAY,CAAC,CAAC;IAEjD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,wCAAwC,CAAC,CAAC,CAAC;AACvE,CAAC,CAAA,CAAC;AAEF,eAAe,OAAO,CAAC"}
|
|
@@ -0,0 +1,71 @@
|
|
|
1
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
2
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
3
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
4
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
5
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
6
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
7
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
8
|
+
});
|
|
9
|
+
};
|
|
10
|
+
import Database from "better-sqlite3";
|
|
11
|
+
const createMappedTable = (db) => {
|
|
12
|
+
db.prepare(`
|
|
13
|
+
CREATE TABLE IF NOT EXISTS mapped (
|
|
14
|
+
id TEXT PRIMARY KEY,
|
|
15
|
+
description TEXT,
|
|
16
|
+
loadedOn TEXT,
|
|
17
|
+
containsFetch BOOLEAN,
|
|
18
|
+
isAxiosClient BOOLEAN,
|
|
19
|
+
exports TEXT,
|
|
20
|
+
callStack TEXT,
|
|
21
|
+
code TEXT,
|
|
22
|
+
imports TEXT,
|
|
23
|
+
file TEXT
|
|
24
|
+
)
|
|
25
|
+
`).run();
|
|
26
|
+
};
|
|
27
|
+
const createMappedOpenapiTable = (db) => {
|
|
28
|
+
db.prepare(`
|
|
29
|
+
CREATE TABLE IF NOT EXISTS mapped_openapi (
|
|
30
|
+
path TEXT,
|
|
31
|
+
method TEXT,
|
|
32
|
+
summary TEXT,
|
|
33
|
+
parameters TEXT,
|
|
34
|
+
requestBody TEXT,
|
|
35
|
+
tags TEXT,
|
|
36
|
+
PRIMARY KEY (path, method)
|
|
37
|
+
)
|
|
38
|
+
`).run();
|
|
39
|
+
};
|
|
40
|
+
const createEndpointsTable = (db) => {
|
|
41
|
+
db.prepare(`
|
|
42
|
+
CREATE TABLE IF NOT EXISTS endpoints (
|
|
43
|
+
url TEXT PRIMARY KEY
|
|
44
|
+
)
|
|
45
|
+
`).run();
|
|
46
|
+
};
|
|
47
|
+
const createAnalysisFindingsTable = (db) => {
|
|
48
|
+
db.prepare(`
|
|
49
|
+
CREATE TABLE IF NOT EXISTS analysis_findings (
|
|
50
|
+
ruleId TEXT,
|
|
51
|
+
ruleName TEXT,
|
|
52
|
+
ruleType TEXT,
|
|
53
|
+
ruleDescription TEXT,
|
|
54
|
+
ruleAuthor TEXT,
|
|
55
|
+
ruleTech TEXT,
|
|
56
|
+
severity TEXT,
|
|
57
|
+
message TEXT,
|
|
58
|
+
findingLocation TEXT
|
|
59
|
+
)
|
|
60
|
+
`).run();
|
|
61
|
+
};
|
|
62
|
+
const initReportDb = (sqliteDbPath) => __awaiter(void 0, void 0, void 0, function* () {
|
|
63
|
+
const db = new Database(sqliteDbPath);
|
|
64
|
+
createMappedTable(db);
|
|
65
|
+
createMappedOpenapiTable(db);
|
|
66
|
+
createEndpointsTable(db);
|
|
67
|
+
createAnalysisFindingsTable(db);
|
|
68
|
+
db.close();
|
|
69
|
+
});
|
|
70
|
+
export default initReportDb;
|
|
71
|
+
//# sourceMappingURL=initReportDb.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"initReportDb.js","sourceRoot":"","sources":["../../../src/report/utility/initReportDb.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,QAAQ,MAAM,gBAAgB,CAAC;AAEtC,MAAM,iBAAiB,GAAG,CAAC,EAAqB,EAAE,EAAE;IAChD,EAAE,CAAC,OAAO,CACN;;;;;;;;;;;;;KAaH,CACA,CAAC,GAAG,EAAE,CAAC;AACZ,CAAC,CAAC;AAEF,MAAM,wBAAwB,GAAG,CAAC,EAAqB,EAAE,EAAE;IACvD,EAAE,CAAC,OAAO,CACN;;;;;;;;;;KAUH,CACA,CAAC,GAAG,EAAE,CAAC;AACZ,CAAC,CAAC;AAEF,MAAM,oBAAoB,GAAG,CAAC,EAAqB,EAAE,EAAE;IACnD,EAAE,CAAC,OAAO,CACN;;;;KAIH,CACA,CAAC,GAAG,EAAE,CAAC;AACZ,CAAC,CAAC;AAEF,MAAM,2BAA2B,GAAG,CAAC,EAAqB,EAAE,EAAE;IAC1D,EAAE,CAAC,OAAO,CACN;;;;;;;;;;;;KAYH,CACA,CAAC,GAAG,EAAE,CAAC;AACZ,CAAC,CAAC;AAEF,MAAM,YAAY,GAAG,CAAO,YAAoB,EAAE,EAAE;IAChD,MAAM,EAAE,GAAG,IAAI,QAAQ,CAAC,YAAY,CAAC,CAAC;IAEtC,iBAAiB,CAAC,EAAE,CAAC,CAAC;IACtB,wBAAwB,CAAC,EAAE,CAAC,CAAC;IAC7B,oBAAoB,CAAC,EAAE,CAAC,CAAC;IACzB,2BAA2B,CAAC,EAAE,CAAC,CAAC;IAEhC,EAAE,CAAC,KAAK,EAAE,CAAC;AACf,CAAC,CAAA,CAAC;AAEF,eAAe,YAAY,CAAC"}
|
|
@@ -0,0 +1,45 @@
|
|
|
1
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
2
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
3
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
4
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
5
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
6
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
7
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
8
|
+
});
|
|
9
|
+
};
|
|
10
|
+
const addAnalyze = (markdown, db) => __awaiter(void 0, void 0, void 0, function* () {
|
|
11
|
+
let toReturn = markdown;
|
|
12
|
+
toReturn += `\n## Analyze Results\n`;
|
|
13
|
+
const findings = db.prepare(`SELECT * FROM analysis_findings`).all();
|
|
14
|
+
if (findings.length > 0) {
|
|
15
|
+
const groupedFindings = {};
|
|
16
|
+
for (const finding of findings) {
|
|
17
|
+
if (!groupedFindings[finding.ruleType]) {
|
|
18
|
+
groupedFindings[finding.ruleType] = [];
|
|
19
|
+
}
|
|
20
|
+
groupedFindings[finding.ruleType].push(finding);
|
|
21
|
+
}
|
|
22
|
+
for (const ruleType in groupedFindings) {
|
|
23
|
+
toReturn += `### ${ruleType.toUpperCase()}\n`;
|
|
24
|
+
for (const finding of groupedFindings[ruleType]) {
|
|
25
|
+
toReturn += `#### ${finding.ruleName}, ${finding.ruleDescription}\n`;
|
|
26
|
+
let findingLocationBlock = "";
|
|
27
|
+
if (ruleType.toLowerCase() === "ast") {
|
|
28
|
+
findingLocationBlock = "```js\n" + finding.findingLocation + "\n```";
|
|
29
|
+
}
|
|
30
|
+
else {
|
|
31
|
+
findingLocationBlock = "```\n" + finding.findingLocation + "\n```";
|
|
32
|
+
}
|
|
33
|
+
toReturn += `${findingLocationBlock}\n`;
|
|
34
|
+
toReturn += `- **Rule ID:** ${finding.ruleId}\n`;
|
|
35
|
+
toReturn += `- **Severity:** ${finding.severity}\n`;
|
|
36
|
+
toReturn += `- **Message:** ${finding.message}\n`;
|
|
37
|
+
toReturn += `- **Author:** ${finding.ruleAuthor}\n`;
|
|
38
|
+
toReturn += `- **Technology:** ${finding.ruleTech}\n\n`;
|
|
39
|
+
}
|
|
40
|
+
}
|
|
41
|
+
}
|
|
42
|
+
return toReturn;
|
|
43
|
+
});
|
|
44
|
+
export default addAnalyze;
|
|
45
|
+
//# sourceMappingURL=addAnalyze.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"addAnalyze.js","sourceRoot":"","sources":["../../../../src/report/utility/markdownGen/addAnalyze.ts"],"names":[],"mappings":";;;;;;;;;AAcA,MAAM,UAAU,GAAG,CAAO,QAAgB,EAAE,EAAqB,EAAmB,EAAE;IAClF,IAAI,QAAQ,GAAG,QAAQ,CAAC;IACxB,QAAQ,IAAI,wBAAwB,CAAC;IACrC,MAAM,QAAQ,GAAG,EAAE,CAAC,OAAO,CAAC,iCAAiC,CAAC,CAAC,GAAG,EAAuB,CAAC;IAC1F,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACtB,MAAM,eAAe,GAAyC,EAAE,CAAC;QACjE,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC7B,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACrC,eAAe,CAAC,OAAO,CAAC,QAAQ,CAAC,GAAG,EAAE,CAAC;YAC3C,CAAC;YACD,eAAe,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACpD,CAAC;QAED,KAAK,MAAM,QAAQ,IAAI,eAAe,EAAE,CAAC;YACrC,QAAQ,IAAI,OAAO,QAAQ,CAAC,WAAW,EAAE,IAAI,CAAC;YAC9C,KAAK,MAAM,OAAO,IAAI,eAAe,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC9C,QAAQ,IAAI,QAAQ,OAAO,CAAC,QAAQ,KAAK,OAAO,CAAC,eAAe,IAAI,CAAC;gBACrE,IAAI,oBAAoB,GAAG,EAAE,CAAC;gBAC9B,IAAI,QAAQ,CAAC,WAAW,EAAE,KAAK,KAAK,EAAE,CAAC;oBACnC,oBAAoB,GAAG,SAAS,GAAG,OAAO,CAAC,eAAe,GAAG,OAAO,CAAC;gBACzE,CAAC;qBAAM,CAAC;oBACJ,oBAAoB,GAAG,OAAO,GAAG,OAAO,CAAC,eAAe,GAAG,OAAO,CAAC;gBACvE,CAAC;gBACD,QAAQ,IAAI,GAAG,oBAAoB,IAAI,CAAC;gBACxC,QAAQ,IAAI,kBAAkB,OAAO,CAAC,MAAM,IAAI,CAAC;gBACjD,QAAQ,IAAI,mBAAmB,OAAO,CAAC,QAAQ,IAAI,CAAC;gBACpD,QAAQ,IAAI,kBAAkB,OAAO,CAAC,OAAO,IAAI,CAAC;gBAClD,QAAQ,IAAI,iBAAiB,OAAO,CAAC,UAAU,IAAI,CAAC;gBACpD,QAAQ,IAAI,qBAAqB,OAAO,CAAC,QAAQ,MAAM,CAAC;YAC5D,CAAC;QACL,CAAC;IACL,CAAC;IAED,OAAO,QAAQ,CAAC;AACpB,CAAC,CAAA,CAAC;AAEF,eAAe,UAAU,CAAC"}
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
2
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
3
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
4
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
5
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
6
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
7
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
8
|
+
});
|
|
9
|
+
};
|
|
10
|
+
const addMappedJson = (markdown, db) => __awaiter(void 0, void 0, void 0, function* () {
|
|
11
|
+
let toReturn = markdown;
|
|
12
|
+
const mappedData = db.prepare(`SELECT * FROM mapped`).all();
|
|
13
|
+
for (const item of mappedData) {
|
|
14
|
+
toReturn += `## ${item.id}\n`;
|
|
15
|
+
toReturn += `- Description: ${item.description || "N/A"}\n`;
|
|
16
|
+
toReturn += `- Contains Fetch: ${!!item.containsFetch}\n`;
|
|
17
|
+
toReturn += `- Is Axios Client: ${!!item.isAxiosClient}\n`;
|
|
18
|
+
toReturn += `- Exports: ${item.exports || "N/A"}\n`;
|
|
19
|
+
toReturn += `- Imports: ${item.imports || "N/A"}\n`;
|
|
20
|
+
toReturn += `- File: ${item.file}\n\n`;
|
|
21
|
+
}
|
|
22
|
+
return toReturn;
|
|
23
|
+
});
|
|
24
|
+
export default addMappedJson;
|
|
25
|
+
//# sourceMappingURL=addMappedJson.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"addMappedJson.js","sourceRoot":"","sources":["../../../../src/report/utility/markdownGen/addMappedJson.ts"],"names":[],"mappings":";;;;;;;;;AAYA,MAAM,aAAa,GAAG,CAAO,QAAgB,EAAE,EAAqB,EAAmB,EAAE;IACrF,IAAI,QAAQ,GAAG,QAAQ,CAAC;IAExB,MAAM,UAAU,GAAG,EAAE,CAAC,OAAO,CAAC,sBAAsB,CAAC,CAAC,GAAG,EAAkB,CAAC;IAE5E,KAAK,MAAM,IAAI,IAAI,UAAU,EAAE,CAAC;QAC5B,QAAQ,IAAI,MAAM,IAAI,CAAC,EAAE,IAAI,CAAC;QAC9B,QAAQ,IAAI,kBAAkB,IAAI,CAAC,WAAW,IAAI,KAAK,IAAI,CAAC;QAC5D,QAAQ,IAAI,qBAAqB,CAAC,CAAC,IAAI,CAAC,aAAa,IAAI,CAAC;QAC1D,QAAQ,IAAI,sBAAsB,CAAC,CAAC,IAAI,CAAC,aAAa,IAAI,CAAC;QAC3D,QAAQ,IAAI,cAAc,IAAI,CAAC,OAAO,IAAI,KAAK,IAAI,CAAC;QACpD,QAAQ,IAAI,cAAc,IAAI,CAAC,OAAO,IAAI,KAAK,IAAI,CAAC;QACpD,QAAQ,IAAI,WAAW,IAAI,CAAC,IAAI,MAAM,CAAC;IAC3C,CAAC;IAED,OAAO,QAAQ,CAAC;AACpB,CAAC,CAAA,CAAC;AAEF,eAAe,aAAa,CAAC"}
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
2
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
3
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
4
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
5
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
6
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
7
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
8
|
+
});
|
|
9
|
+
};
|
|
10
|
+
import chalk from "chalk";
|
|
11
|
+
export const populateAnalysisFindings = (db, findings) => __awaiter(void 0, void 0, void 0, function* () {
|
|
12
|
+
// Clear the table before inserting new data
|
|
13
|
+
db.prepare(`DELETE FROM analysis_findings`).run();
|
|
14
|
+
const insert = db.prepare(`INSERT INTO analysis_findings (ruleId, ruleName, ruleType, ruleDescription, ruleAuthor, ruleTech, severity, message, findingLocation) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)`);
|
|
15
|
+
const insertMany = db.transaction((items) => {
|
|
16
|
+
for (const item of items) {
|
|
17
|
+
insert.run(item.ruleId, item.ruleName, item.ruleType, item.ruleDescription, item.ruleAuthor, item.ruleTech, item.severity, item.message, item.findingLocation);
|
|
18
|
+
}
|
|
19
|
+
});
|
|
20
|
+
insertMany(findings);
|
|
21
|
+
console.log(chalk.green("[✓] Populated analysis findings into the database..."));
|
|
22
|
+
});
|
|
23
|
+
//# sourceMappingURL=populateAnalysisFindings.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"populateAnalysisFindings.js","sourceRoot":"","sources":["../../../../src/report/utility/populateDb/populateAnalysisFindings.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAI1B,MAAM,CAAC,MAAM,wBAAwB,GAAG,CAAO,EAAqB,EAAE,QAAwB,EAAE,EAAE;IAC9F,4CAA4C;IAC5C,EAAE,CAAC,OAAO,CAAC,+BAA+B,CAAC,CAAC,GAAG,EAAE,CAAC;IAElD,MAAM,MAAM,GAAG,EAAE,CAAC,OAAO,CACrB,0KAA0K,CAC7K,CAAC;IAEF,MAAM,UAAU,GAAG,EAAE,CAAC,WAAW,CAAC,CAAC,KAAK,EAAE,EAAE;QACxC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACvB,MAAM,CAAC,GAAG,CACN,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,QAAQ,EACb,IAAI,CAAC,QAAQ,EACb,IAAI,CAAC,eAAe,EACpB,IAAI,CAAC,UAAU,EACf,IAAI,CAAC,QAAQ,EACb,IAAI,CAAC,QAAQ,EACb,IAAI,CAAC,OAAO,EACZ,IAAI,CAAC,eAAe,CACvB,CAAC;QACN,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,UAAU,CAAC,QAAQ,CAAC,CAAC;IACrB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,sDAAsD,CAAC,CAAC,CAAC;AACrF,CAAC,CAAA,CAAC"}
|
|
@@ -0,0 +1,42 @@
|
|
|
1
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
2
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
3
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
4
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
5
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
6
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
7
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
8
|
+
});
|
|
9
|
+
};
|
|
10
|
+
import chalk from "chalk";
|
|
11
|
+
const populateEndpoints = (db, endpoints) => __awaiter(void 0, void 0, void 0, function* () {
|
|
12
|
+
const insert = db.prepare("INSERT OR IGNORE INTO endpoints (url) VALUES (?)");
|
|
13
|
+
// clear the endpoints table
|
|
14
|
+
db.prepare("DELETE FROM endpoints").run();
|
|
15
|
+
const insertPaths = (base, paths) => {
|
|
16
|
+
for (const path in paths) {
|
|
17
|
+
// The path is the key itself, which is a full path
|
|
18
|
+
const fullUrl = base + path;
|
|
19
|
+
try {
|
|
20
|
+
insert.run(fullUrl);
|
|
21
|
+
}
|
|
22
|
+
catch (error) {
|
|
23
|
+
// Ignore unique constraint errors if a URL is already present
|
|
24
|
+
if (!error.message.includes("UNIQUE constraint failed")) {
|
|
25
|
+
console.error(`Error inserting ${fullUrl}:`, error);
|
|
26
|
+
}
|
|
27
|
+
}
|
|
28
|
+
// Recursively process nested paths
|
|
29
|
+
if (Object.keys(paths[path]).length > 0) {
|
|
30
|
+
insertPaths(base, paths[path]);
|
|
31
|
+
}
|
|
32
|
+
}
|
|
33
|
+
};
|
|
34
|
+
db.transaction(() => {
|
|
35
|
+
for (const baseUrl in endpoints) {
|
|
36
|
+
insertPaths(baseUrl, endpoints[baseUrl]);
|
|
37
|
+
}
|
|
38
|
+
})();
|
|
39
|
+
console.log(chalk.green("[✓] Populated endpoints into the database..."));
|
|
40
|
+
});
|
|
41
|
+
export default populateEndpoints;
|
|
42
|
+
//# sourceMappingURL=populateEndpoints.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"populateEndpoints.js","sourceRoot":"","sources":["../../../../src/report/utility/populateDb/populateEndpoints.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAG1B,MAAM,iBAAiB,GAAG,CAAO,EAAqB,EAAE,SAAc,EAAE,EAAE;IACtE,MAAM,MAAM,GAAG,EAAE,CAAC,OAAO,CAAC,kDAAkD,CAAC,CAAC;IAE9E,4BAA4B;IAC5B,EAAE,CAAC,OAAO,CAAC,uBAAuB,CAAC,CAAC,GAAG,EAAE,CAAC;IAE1C,MAAM,WAAW,GAAG,CAAC,IAAY,EAAE,KAAa,EAAE,EAAE;QAChD,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACvB,mDAAmD;YACnD,MAAM,OAAO,GAAG,IAAI,GAAG,IAAI,CAAC;YAC5B,IAAI,CAAC;gBACD,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YACxB,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACb,8DAA8D;gBAC9D,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,0BAA0B,CAAC,EAAE,CAAC;oBACtD,OAAO,CAAC,KAAK,CAAC,mBAAmB,OAAO,GAAG,EAAE,KAAK,CAAC,CAAC;gBACxD,CAAC;YACL,CAAC;YAED,mCAAmC;YACnC,IAAI,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACtC,WAAW,CAAC,IAAI,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;YACnC,CAAC;QACL,CAAC;IACL,CAAC,CAAC;IAEF,EAAE,CAAC,WAAW,CAAC,GAAG,EAAE;QAChB,KAAK,MAAM,OAAO,IAAI,SAAS,EAAE,CAAC;YAC9B,WAAW,CAAC,OAAO,EAAE,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC;QAC7C,CAAC;IACL,CAAC,CAAC,EAAE,CAAC;IAEL,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,8CAA8C,CAAC,CAAC,CAAC;AAC7E,CAAC,CAAA,CAAC;AAEF,eAAe,iBAAiB,CAAC"}
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
2
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
3
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
4
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
5
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
6
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
7
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
8
|
+
});
|
|
9
|
+
};
|
|
10
|
+
import chalk from "chalk";
|
|
11
|
+
export const populateMappedJson = (db, chunks) => __awaiter(void 0, void 0, void 0, function* () {
|
|
12
|
+
// Clear the table before inserting new data
|
|
13
|
+
db.prepare(`DELETE FROM mapped`).run();
|
|
14
|
+
const insert = db.prepare(`INSERT INTO mapped (id, description, loadedOn, containsFetch, isAxiosClient, exports, callStack, code, imports, file) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`);
|
|
15
|
+
const insertMany = db.transaction((items) => {
|
|
16
|
+
for (const item of items) {
|
|
17
|
+
insert.run(item.id, item.description, JSON.stringify(item.loadedOn), item.containsFetch ? 1 : 0, item.isAxiosClient ? 1 : 0, JSON.stringify(item.exports), JSON.stringify(item.callStack), item.code, JSON.stringify(item.imports), item.file);
|
|
18
|
+
}
|
|
19
|
+
});
|
|
20
|
+
insertMany(Object.values(chunks));
|
|
21
|
+
console.log(chalk.green("[✓] Populated mapped data into the database..."));
|
|
22
|
+
});
|
|
23
|
+
//# sourceMappingURL=populateMappedJson.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"populateMappedJson.js","sourceRoot":"","sources":["../../../../src/report/utility/populateDb/populateMappedJson.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAI1B,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAAO,EAAqB,EAAE,MAAc,EAAE,EAAE;IAC9E,4CAA4C;IAC5C,EAAE,CAAC,OAAO,CAAC,oBAAoB,CAAC,CAAC,GAAG,EAAE,CAAC;IAEvC,MAAM,MAAM,GAAG,EAAE,CAAC,OAAO,CACrB,6JAA6J,CAChK,CAAC;IAEF,MAAM,UAAU,GAAG,EAAE,CAAC,WAAW,CAAC,CAAC,KAAK,EAAE,EAAE;QACxC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACvB,MAAM,CAAC,GAAG,CACN,IAAI,CAAC,EAAE,EACP,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,EAC7B,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAC1B,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAC1B,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,EAC5B,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,SAAS,CAAC,EAC9B,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,EAC5B,IAAI,CAAC,IAAI,CACZ,CAAC;QACN,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,UAAU,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC;IAClC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,gDAAgD,CAAC,CAAC,CAAC;AAC/E,CAAC,CAAA,CAAC"}
|
|
@@ -0,0 +1,41 @@
|
|
|
1
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
2
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
3
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
4
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
5
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
6
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
7
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
8
|
+
});
|
|
9
|
+
};
|
|
10
|
+
import chalk from "chalk";
|
|
11
|
+
const populateMappedOpenapi = (db, openapi) => __awaiter(void 0, void 0, void 0, function* () {
|
|
12
|
+
const insert = db.prepare(`INSERT OR REPLACE INTO mapped_openapi (path, method, summary, parameters, requestBody, tags)
|
|
13
|
+
VALUES (@path, @method, @summary, @parameters, @requestBody, @tags)`);
|
|
14
|
+
db.transaction(() => {
|
|
15
|
+
if (!openapi.paths) {
|
|
16
|
+
return;
|
|
17
|
+
}
|
|
18
|
+
for (const path in openapi.paths) {
|
|
19
|
+
const methods = openapi.paths[path];
|
|
20
|
+
for (const method in methods) {
|
|
21
|
+
const details = methods[method];
|
|
22
|
+
try {
|
|
23
|
+
insert.run({
|
|
24
|
+
path: path,
|
|
25
|
+
method: method,
|
|
26
|
+
summary: details.summary || null,
|
|
27
|
+
parameters: details.parameters ? JSON.stringify(details.parameters) : null,
|
|
28
|
+
requestBody: details.requestBody ? JSON.stringify(details.requestBody) : null,
|
|
29
|
+
tags: details.tags ? JSON.stringify(details.tags) : null,
|
|
30
|
+
});
|
|
31
|
+
}
|
|
32
|
+
catch (error) {
|
|
33
|
+
console.error(`Error inserting OpenAPI path: ${path} [${method}]`, error);
|
|
34
|
+
}
|
|
35
|
+
}
|
|
36
|
+
}
|
|
37
|
+
})();
|
|
38
|
+
console.log(chalk.green("[✓] Populated mapped openapi into the database..."));
|
|
39
|
+
});
|
|
40
|
+
export default populateMappedOpenapi;
|
|
41
|
+
//# sourceMappingURL=populateMappedOpenapi.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"populateMappedOpenapi.js","sourceRoot":"","sources":["../../../../src/report/utility/populateDb/populateMappedOpenapi.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAG1B,MAAM,qBAAqB,GAAG,CAAO,EAAqB,EAAE,OAAY,EAAE,EAAE;IACxE,MAAM,MAAM,GAAG,EAAE,CAAC,OAAO,CACrB;6EACqE,CACxE,CAAC;IAEF,EAAE,CAAC,WAAW,CAAC,GAAG,EAAE;QAChB,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;YACjB,OAAO;QACX,CAAC;QAED,KAAK,MAAM,IAAI,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;YAC/B,MAAM,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YACpC,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;gBAC3B,MAAM,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;gBAChC,IAAI,CAAC;oBACD,MAAM,CAAC,GAAG,CAAC;wBACP,IAAI,EAAE,IAAI;wBACV,MAAM,EAAE,MAAM;wBACd,OAAO,EAAE,OAAO,CAAC,OAAO,IAAI,IAAI;wBAChC,UAAU,EAAE,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,IAAI;wBAC1E,WAAW,EAAE,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,IAAI;wBAC7E,IAAI,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI;qBAC3D,CAAC,CAAC;gBACP,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACb,OAAO,CAAC,KAAK,CAAC,iCAAiC,IAAI,KAAK,MAAM,GAAG,EAAE,KAAK,CAAC,CAAC;gBAC9E,CAAC;YACL,CAAC;QACL,CAAC;IACL,CAAC,CAAC,EAAE,CAAC;IAEL,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,mDAAmD,CAAC,CAAC,CAAC;AAClF,CAAC,CAAA,CAAC;AAEF,eAAe,qBAAqB,CAAC"}
|
package/build/run/index.js
CHANGED
|
@@ -15,6 +15,8 @@ import * as fs from "fs";
|
|
|
15
15
|
import lazyLoad from "../lazyLoad/index.js";
|
|
16
16
|
import chalk from "chalk";
|
|
17
17
|
import CONFIG from "../globalConfig.js";
|
|
18
|
+
import analyze from "../analyze/index.js";
|
|
19
|
+
import report from "../report/index.js";
|
|
18
20
|
export default (cmd) => __awaiter(void 0, void 0, void 0, function* () {
|
|
19
21
|
globalsUtil.setApiGatewayConfigFile(cmd.apiGatewayConfig);
|
|
20
22
|
globalsUtil.setUseApiGateway(cmd.apiGateway);
|
|
@@ -37,8 +39,8 @@ export default (cmd) => __awaiter(void 0, void 0, void 0, function* () {
|
|
|
37
39
|
}
|
|
38
40
|
const targetHost = new URL(cmd.url).host.replace(":", "_");
|
|
39
41
|
console.log(chalk.bgGreenBright("[+] Starting analysis..."));
|
|
40
|
-
console.log(chalk.bgCyan("[1/
|
|
41
|
-
yield lazyLoad(cmd.url, cmd.output, cmd.strictScope, cmd.scope.split(","), cmd.threads, false, "");
|
|
42
|
+
console.log(chalk.bgCyan("[1/8] Running lazyload to download JavaScript files..."));
|
|
43
|
+
yield lazyLoad(cmd.url, cmd.output, cmd.strictScope, cmd.scope.split(","), cmd.threads, false, "", cmd.insecure);
|
|
42
44
|
console.log(chalk.bgGreen("[+] Lazyload complete."));
|
|
43
45
|
// if tech is undefined, i.e. it can't be detected, quit. Nothing to be done :(
|
|
44
46
|
if (globalsUtil.getTech() === "") {
|
|
@@ -51,23 +53,24 @@ export default (cmd) => __awaiter(void 0, void 0, void 0, function* () {
|
|
|
51
53
|
return;
|
|
52
54
|
}
|
|
53
55
|
// run strings
|
|
54
|
-
console.log(chalk.bgCyan("[2/
|
|
56
|
+
console.log(chalk.bgCyan("[2/8] Running strings to extract endpoints..."));
|
|
55
57
|
yield strings(cmd.output, "strings.json", true, "extracted_urls", false, false, false);
|
|
56
58
|
console.log(chalk.bgGreen("[+] Strings complete."));
|
|
57
59
|
// run lazyload with subsequent requests
|
|
58
|
-
console.log(chalk.bgCyan("[3/
|
|
59
|
-
yield lazyLoad(cmd.url, cmd.output, cmd.strictScope, cmd.scope.split(","), cmd.threads, true, "extracted_urls.json");
|
|
60
|
+
console.log(chalk.bgCyan("[3/8] Running lazyload with subsequent requests to download JavaScript files..."));
|
|
61
|
+
yield lazyLoad(cmd.url, cmd.output, cmd.strictScope, cmd.scope.split(","), cmd.threads, true, "extracted_urls.json", cmd.insecure);
|
|
60
62
|
console.log(chalk.bgGreen("[+] Lazyload with subsequent requests complete."));
|
|
61
63
|
// run strings again to extract endpoints from the files that are downloaded in the previous step
|
|
62
|
-
console.log(chalk.bgCyan("[4/
|
|
64
|
+
console.log(chalk.bgCyan("[4/8] Running strings again to extract endpoints..."));
|
|
63
65
|
yield strings(cmd.output, "strings.json", true, "extracted_urls", cmd.secrets, true, true);
|
|
64
66
|
console.log(chalk.bgGreen("[+] Strings complete."));
|
|
65
67
|
// now, run map
|
|
66
|
-
console.log(chalk.bgCyan("[5/
|
|
68
|
+
console.log(chalk.bgCyan("[5/8] Running map to find functions..."));
|
|
69
|
+
globalsUtil.setOpenapi(true);
|
|
67
70
|
yield map(cmd.output + "/" + targetHost, "mapped", ["json"], globalsUtil.getTech(), false, false);
|
|
68
71
|
console.log(chalk.bgGreen("[+] Map complete."));
|
|
69
72
|
// now, run endpoints
|
|
70
|
-
console.log(chalk.bgCyan("[6/
|
|
73
|
+
console.log(chalk.bgCyan("[6/8] Running endpoints to extract endpoints..."));
|
|
71
74
|
// check if the subsequent requests directory exists
|
|
72
75
|
if (fs.existsSync(`${cmd.output}/${targetHost}/___subsequent_requests`)) {
|
|
73
76
|
yield endpoints(cmd.url, `${cmd.output}/${targetHost}/`, "endpoints", ["json"], "next", false, "mapped.json");
|
|
@@ -76,6 +79,16 @@ export default (cmd) => __awaiter(void 0, void 0, void 0, function* () {
|
|
|
76
79
|
yield endpoints(cmd.url, undefined, "endpoints", ["json"], "next", false, "mapped.json");
|
|
77
80
|
}
|
|
78
81
|
console.log(chalk.bgGreen("[+] Endpoints complete."));
|
|
82
|
+
// run the analyze module now
|
|
83
|
+
console.log(chalk.bgCyan("[7/8] Running analyze to extract endpoints..."));
|
|
84
|
+
// since the thirs argument is tech, and it can't be "all", so adding type ignore
|
|
85
|
+
// @ts-ignore
|
|
86
|
+
yield analyze("", "mapped.json", globalsUtil.getTech(), false, "mapped-openapi.json", false, "analyze.json");
|
|
87
|
+
console.log(chalk.bgGreen("[+] Analyze complete."));
|
|
88
|
+
// run the report module now
|
|
89
|
+
console.log(chalk.bgCyan("[8/8] Running report module..."));
|
|
90
|
+
yield report("js-recon.db", "mapped.json", "analyze.json", "endpoints.json", "mapped-openapi.json", "report");
|
|
91
|
+
console.log(chalk.bgGreen("[+] Report complete."));
|
|
79
92
|
console.log(chalk.bgGreenBright("[+] Analysis complete."));
|
|
80
93
|
});
|
|
81
94
|
//# sourceMappingURL=index.js.map
|
package/build/run/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/run/index.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,SAAS,MAAM,uBAAuB,CAAC;AAC9C,OAAO,OAAO,MAAM,qBAAqB,CAAC;AAC1C,OAAO,GAAG,MAAM,iBAAiB,CAAC;AAClC,OAAO,KAAK,WAAW,MAAM,uBAAuB,CAAC;AACrD,OAAO,KAAK,EAAE,MAAM,IAAI,CAAC;AACzB,OAAO,QAAQ,MAAM,sBAAsB,CAAC;AAC5C,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,MAAM,MAAM,oBAAoB,CAAC;AAExC,eAAe,CAAO,GAAG,EAAE,EAAE;IACzB,WAAW,CAAC,uBAAuB,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;IAC1D,WAAW,CAAC,gBAAgB,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IAC7C,WAAW,CAAC,eAAe,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;IAC9C,WAAW,CAAC,gBAAgB,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IAC5C,WAAW,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAE5B,mCAAmC;IACnC,IAAI,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;QACzB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,yEAAyE,CAAC,CAAC,CAAC;QAClG,OAAO,CAAC,GAAG,CACP,KAAK,CAAC,MAAM,CACR,gIAAgI,CACnI,CACJ,CAAC;QACF,OAAO;IACX,CAAC;IAED,qFAAqF;IACrF,8CAA8C;IAC9C,4DAA4D;IAC5D,IAAI,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;QAC5B,OAAO,CAAC,GAAG,CACP,KAAK,CAAC,GAAG,CACL,wBAAwB,GAAG,CAAC,MAAM,2FAA2F,CAChI,CACJ,CAAC;QACF,OAAO,CAAC,GAAG,CACP,KAAK,CAAC,MAAM,CACR,8EAA8E,MAAM,CAAC,WAAW,EAAE,CACrG,CACJ,CAAC;QACF,OAAO;IACX,CAAC;IAED,MAAM,UAAU,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;IAE3D,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,aAAa,CAAC,0BAA0B,CAAC,CAAC,CAAC;IAE7D,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,wDAAwD,CAAC,CAAC,CAAC;IACpF,MAAM,QAAQ,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,WAAW,EAAE,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,OAAO,EAAE,KAAK,EAAE,EAAE,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/run/index.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,SAAS,MAAM,uBAAuB,CAAC;AAC9C,OAAO,OAAO,MAAM,qBAAqB,CAAC;AAC1C,OAAO,GAAG,MAAM,iBAAiB,CAAC;AAClC,OAAO,KAAK,WAAW,MAAM,uBAAuB,CAAC;AACrD,OAAO,KAAK,EAAE,MAAM,IAAI,CAAC;AACzB,OAAO,QAAQ,MAAM,sBAAsB,CAAC;AAC5C,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,MAAM,MAAM,oBAAoB,CAAC;AACxC,OAAO,OAAO,MAAM,qBAAqB,CAAC;AAC1C,OAAO,MAAM,MAAM,oBAAoB,CAAC;AAExC,eAAe,CAAO,GAAG,EAAE,EAAE;IACzB,WAAW,CAAC,uBAAuB,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;IAC1D,WAAW,CAAC,gBAAgB,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IAC7C,WAAW,CAAC,eAAe,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;IAC9C,WAAW,CAAC,gBAAgB,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IAC5C,WAAW,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAE5B,mCAAmC;IACnC,IAAI,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;QACzB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,yEAAyE,CAAC,CAAC,CAAC;QAClG,OAAO,CAAC,GAAG,CACP,KAAK,CAAC,MAAM,CACR,gIAAgI,CACnI,CACJ,CAAC;QACF,OAAO;IACX,CAAC;IAED,qFAAqF;IACrF,8CAA8C;IAC9C,4DAA4D;IAC5D,IAAI,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;QAC5B,OAAO,CAAC,GAAG,CACP,KAAK,CAAC,GAAG,CACL,wBAAwB,GAAG,CAAC,MAAM,2FAA2F,CAChI,CACJ,CAAC;QACF,OAAO,CAAC,GAAG,CACP,KAAK,CAAC,MAAM,CACR,8EAA8E,MAAM,CAAC,WAAW,EAAE,CACrG,CACJ,CAAC;QACF,OAAO;IACX,CAAC;IAED,MAAM,UAAU,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;IAE3D,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,aAAa,CAAC,0BAA0B,CAAC,CAAC,CAAC;IAE7D,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,wDAAwD,CAAC,CAAC,CAAC;IACpF,MAAM,QAAQ,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,WAAW,EAAE,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,GAAG,CAAC,QAAQ,CAAC,CAAC;IACjH,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,wBAAwB,CAAC,CAAC,CAAC;IAErD,+EAA+E;IAC/E,IAAI,WAAW,CAAC,OAAO,EAAE,KAAK,EAAE,EAAE,CAAC;QAC/B,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,wCAAwC,CAAC,CAAC,CAAC;QACnE,OAAO;IACX,CAAC;IAED,+EAA+E;IAC/E,IAAI,WAAW,CAAC,OAAO,EAAE,KAAK,MAAM,EAAE,CAAC;QACnC,OAAO,CAAC,GAAG,CACP,KAAK,CAAC,QAAQ,CACV,0DAA0D,WAAW,CAAC,OAAO,EAAE,0CAA0C,CAC5H,CACJ,CAAC;QACF,OAAO;IACX,CAAC;IAED,cAAc;IACd,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,+CAA+C,CAAC,CAAC,CAAC;IAC3E,MAAM,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,cAAc,EAAE,IAAI,EAAE,gBAAgB,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC;IACvF,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,uBAAuB,CAAC,CAAC,CAAC;IAEpD,wCAAwC;IACxC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,iFAAiF,CAAC,CAAC,CAAC;IAC7G,MAAM,QAAQ,CACV,GAAG,CAAC,GAAG,EACP,GAAG,CAAC,MAAM,EACV,GAAG,CAAC,WAAW,EACf,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,EACpB,GAAG,CAAC,OAAO,EACX,IAAI,EACJ,qBAAqB,EACrB,GAAG,CAAC,QAAQ,CACf,CAAC;IACF,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,iDAAiD,CAAC,CAAC,CAAC;IAE9E,iGAAiG;IACjG,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,qDAAqD,CAAC,CAAC,CAAC;IACjF,MAAM,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,cAAc,EAAE,IAAI,EAAE,gBAAgB,EAAE,GAAG,CAAC,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;IAC3F,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,uBAAuB,CAAC,CAAC,CAAC;IAEpD,eAAe;IACf,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,wCAAwC,CAAC,CAAC,CAAC;IACpE,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;IAC7B,MAAM,GAAG,CAAC,GAAG,CAAC,MAAM,GAAG,GAAG,GAAG,UAAU,EAAE,QAAQ,EAAE,CAAC,MAAM,CAAC,EAAE,WAAW,CAAC,OAAO,EAAE,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC;IAClG,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAC,CAAC;IAEhD,qBAAqB;IACrB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,iDAAiD,CAAC,CAAC,CAAC;IAC7E,oDAAoD;IACpD,IAAI,EAAE,CAAC,UAAU,CAAC,GAAG,GAAG,CAAC,MAAM,IAAI,UAAU,yBAAyB,CAAC,EAAE,CAAC;QACtE,MAAM,SAAS,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,MAAM,IAAI,UAAU,GAAG,EAAE,WAAW,EAAE,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,aAAa,CAAC,CAAC;IAClH,CAAC;SAAM,CAAC;QACJ,MAAM,SAAS,CAAC,GAAG,CAAC,GAAG,EAAE,SAAS,EAAE,WAAW,EAAE,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,aAAa,CAAC,CAAC;IAC7F,CAAC;IACD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,yBAAyB,CAAC,CAAC,CAAC;IAEtD,6BAA6B;IAC7B,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,+CAA+C,CAAC,CAAC,CAAC;IAC3E,iFAAiF;IACjF,aAAa;IACb,MAAM,OAAO,CAAC,EAAE,EAAE,aAAa,EAAE,WAAW,CAAC,OAAO,EAAE,EAAE,KAAK,EAAE,qBAAqB,EAAE,KAAK,EAAE,cAAc,CAAC,CAAC;IAC7G,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,uBAAuB,CAAC,CAAC,CAAC;IAEpD,4BAA4B;IAC5B,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,gCAAgC,CAAC,CAAC,CAAC;IAC5D,MAAM,MAAM,CAAC,aAAa,EAAE,aAAa,EAAE,cAAc,EAAE,gBAAgB,EAAE,qBAAqB,EAAE,QAAQ,CAAC,CAAC;IAC9G,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,sBAAsB,CAAC,CAAC,CAAC;IAEnD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,aAAa,CAAC,wBAAwB,CAAC,CAAC,CAAC;AAC/D,CAAC,CAAA,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@shriyanss/js-recon",
|
|
3
|
-
"version": "1.1.
|
|
3
|
+
"version": "1.2.1-alpha.1",
|
|
4
4
|
"description": "JS Recon Tool",
|
|
5
5
|
"main": "build/index.js",
|
|
6
6
|
"type": "module",
|
|
@@ -12,7 +12,7 @@
|
|
|
12
12
|
"build": "rm -rf build/ && tsc",
|
|
13
13
|
"start": "node build/index.js",
|
|
14
14
|
"test": "node build/index.js -h",
|
|
15
|
-
"cleanup": "rm -rf build output .resp_cache.json endpoints.json extracted_urls{.txt,.json,-openapi.json} strings.json mapped.json test{.yaml,.js} shriyanss-js-recon-*.tgz && tsc"
|
|
15
|
+
"cleanup": "rm -rf build output .resp_cache.json endpoints.json extracted_urls{.txt,.json,-openapi.json} strings.json mapped{-openapi.json,.json} analyze.json test{.yaml,.js} shriyanss-js-recon-*.tgz js-recon.db report.{html,md} && tsc"
|
|
16
16
|
},
|
|
17
17
|
"keywords": [],
|
|
18
18
|
"author": "Shriyans Sudhi",
|
|
@@ -23,6 +23,7 @@
|
|
|
23
23
|
"@babel/traverse": "^7.27.4",
|
|
24
24
|
"@babel/types": "^7.27.6",
|
|
25
25
|
"@types/chalk": "^0.4.31",
|
|
26
|
+
"better-sqlite3": "^12.2.0",
|
|
26
27
|
"blessed": "^0.1.81",
|
|
27
28
|
"chalk": "^5.4.1",
|
|
28
29
|
"cheerio": "^1.0.0",
|
|
@@ -30,7 +31,9 @@
|
|
|
30
31
|
"commander": "^14.0.0",
|
|
31
32
|
"esquery": "^1.6.0",
|
|
32
33
|
"fs": "^0.0.2",
|
|
34
|
+
"highlight.js": "^11.11.1",
|
|
33
35
|
"inquirer": "^12.6.3",
|
|
36
|
+
"marked": "^16.1.2",
|
|
34
37
|
"md5": "^2.3.0",
|
|
35
38
|
"ollama": "^0.5.16",
|
|
36
39
|
"openai": "^5.8.2",
|
|
@@ -50,6 +53,7 @@
|
|
|
50
53
|
},
|
|
51
54
|
"homepage": "https://github.com/shriyanss/js-recon#readme",
|
|
52
55
|
"devDependencies": {
|
|
56
|
+
"@types/better-sqlite3": "^7.6.13",
|
|
53
57
|
"@types/blessed": "^0.1.25",
|
|
54
58
|
"ts-node": "^10.9.2",
|
|
55
59
|
"tsconfig-paths": "^4.2.0"
|