@wanzofc1/aisyah 1.0.0

package/index.js

@@ -0,0 +1,38 @@
+const Encryption = require('./src/encryption');
+const TwoFactor = require('./src/twoFactor');
+const IPBlocker = require('./src/ipBlocker');
+const SecurityReport = require('./src/reporting');
+const NetworkGuard = require('./src/network');
+const Sanitizer = require('./src/sanitizer');
+const AuthManager = require('./src/authManager');
+const CsrfGuard = require('./src/csrf');
+const FileGuard = require('./src/fileGuard');
+const Validator = require('./src/validator');
+const Database = require('./src/database');
+
+class Aisyah {
+    constructor(config = {}) {
+        this.config = config;
+        this.db = new Database(config.mongoUri);
+        if (config.autoConnect !== false) {
+            this.db.connect().catch(() => {});
+        }
+
+        this.encryption = new Encryption(config.secretKey || 'default_secret');
+        this.twoFactor = new TwoFactor();
+        this.ipBlocker = new IPBlocker();
+        this.reporting = new SecurityReport(config.logDir);
+        this.network = new NetworkGuard();
+        this.sanitizer = new Sanitizer();
+        this.csrf = new CsrfGuard();
+        this.auth = new AuthManager(this.encryption);
+        this.fileGuard = new FileGuard({ 
+            maxSize: config.maxUploadSize, 
+            tempDir: config.tempDir 
+        });
+        
+        this.validator = new Validator(this.db);
+    }
+}
+
+module.exports = Aisyah;

package/package.json

@@ -0,0 +1,28 @@
+{
+  "name": "@wanzofc1/aisyah",
+  "version": "1.0.0",
+  "description": "Comprehensive security utility with wanzofc integration (Android Support).",
+  "main": "index.js",
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "keywords": [
+    "security",
+    "encryption",
+    "mongodb",
+    "file-security",
+    "wanzofc"
+  ],
+  "author": "",
+  "license": "ISC",
+  "dependencies": {
+    "speakeasy": "^2.0.0",
+    "qrcode": "^1.5.0",
+    "uuid": "^9.0.0",
+    "mongoose": "^7.0.0",
+    "file-type": "^16.5.4",
+    "jimp": "^0.16.1",
+    "adm-zip": "^0.5.10",
+    "dns": "^0.2.2"
+  }
+}

package/package.json.bak

@@ -0,0 +1,28 @@
+{
+  "name": "aisyah",
+  "version": "1.0.0",
+  "description": "Comprehensive security utility with wanzofc integration (Android Support).",
+  "main": "index.js",
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "keywords": [
+    "security",
+    "encryption",
+    "mongodb",
+    "file-security",
+    "wanzofc"
+  ],
+  "author": "",
+  "license": "ISC",
+  "dependencies": {
+    "speakeasy": "^2.0.0",
+    "qrcode": "^1.5.0",
+    "uuid": "^9.0.0",
+    "mongoose": "^7.0.0",
+    "file-type": "^16.5.4",
+    "jimp": "^0.16.1",
+    "adm-zip": "^0.5.10",
+    "dns": "^0.2.2"
+  }
+}

package/readme.md

@@ -0,0 +1,139 @@
+const manual = `
+================================================================
+                    AISYAH - SECURITY TOOLKIT
+================================================================
+
+[ KEGUNAAN ]
+Paket ini adalah "All-in-One Security Suite" untuk aplikasi Node.js.
+Dirancang untuk berjalan di berbagai lingkungan termasuk Android (Termux)
+karena menggunakan library "pure javascript" (Jimp) untuk pemrosesan gambar,
+bukan binary native yang sering bermasalah di mobile.
+
+Fitur Utama:
+1. Enkripsi Data & 2FA (Google Authenticator)
+2. Proteksi Jaringan (Rate Limit, Bot Detect, CORS, Proxy Detect)
+3. Keamanan File (MIME Sniffing, EXIF Remover, Zip Bomb Defend)
+4. Sanitasi Input (XSS, SQL Injection)
+5. Manajemen Autentikasi (Password Strength, Session, Magic Link)
+6. Logging & Database (Integrasi MongoDB otomatis)
+
+----------------------------------------------------------------
+
+[ CARA INSTALL ]
+Pastikan Node.js sudah terinstall, lalu jalankan:
+
+$ npm install aisyah
+
+Dependency yang akan terinstall otomatis:
+- mongoose (Database)
+- jimp (Gambar/Android support)
+- speakeasy, qrcode (2FA)
+- file-type, adm-zip (File checking)
+- uuid (ID generation)
+
+----------------------------------------------------------------
+
+[ CARA PENGGUNAAN (INIT) ]
+Import dan jalankan konfigurasi awal. Pastikan MongoDB local/cloud siap.
+
+const Aisyah = require('aisyah');
+
+const security = new Aisyah({
+    secretKey: 'kunci_rahasia_aplikasi_anda', // Wajib diganti
+    mongoUri: 'mongodb://localhost:27017/aisyah_security', // Otomatis connect
+    maxUploadSize: 5 * 1024 * 1024, // 5MB
+    tempDir: './temp_uploads'
+});
+
+----------------------------------------------------------------
+
+[ 1. ENKRIPSI & 2FA ]
+
+// Enkripsi String
+const rahasia = security.encryption.encrypt("Data Penting");
+const asli = security.encryption.decrypt(rahasia);
+
+// 2 Factor Auth (Google Auth)
+const secret = security.twoFactor.generateSecret();
+const qrCode = await security.twoFactor.generateQRCode(secret.otpauth_url);
+// Verifikasi
+const isValid = security.twoFactor.verifyToken(secret.base32, '123456');
+
+----------------------------------------------------------------
+
+[ 2. NETWORK GUARD (Express/Fastify Middleware) ]
+
+// Rate Limiter (Cegah Spam Request)
+// Cek IP pengguna, max 100 request per menit
+if (!security.network.checkRateLimit('192.168.1.1', 100)) {
+    return 'Too Many Requests';
+}
+
+// Bot Detection
+if (security.network.isBot(req.headers['user-agent'])) {
+    return 'Bot Detected';
+}
+
+// Secure Headers
+const headers = security.network.getSecureHeaders();
+// Gunakan: res.set(headers);
+
+----------------------------------------------------------------
+
+[ 3. FILE SECURITY (Support Android/Jimp) ]
+
+const fs = require('fs');
+
+// Cek Zip Bomb
+const buffer = fs.readFileSync('upload.zip');
+if (security.fileGuard.checkZipBomb(buffer)) {
+    throw new Error('Zip Bomb Detected!');
+}
+
+// Bersihkan Metadata Foto (GPS/EXIF) - Aman untuk Android
+const cleanImageBuffer = await security.fileGuard.stripImageMetadata(imageBuffer);
+
+// Cek Tipe File Asli (MIME Sniffing)
+const mime = await security.fileGuard.getMimeType(buffer); // ex: 'image/png'
+
+----------------------------------------------------------------
+
+[ 4. INPUT SANITIZER & VALIDATOR ]
+
+// XSS & SQL Injection
+const cleanInput = security.sanitizer.xssFilter("<script>alert(1)</script>"); // &lt;script&gt;...
+const isSqli = security.sanitizer.checkSqlInjection("' OR '1'='1"); // true
+
+// Email & URL Scanner
+const isEmailValid = await security.validator.validateEmail('test@gmail.com'); // Cek MX Record
+const urlCheck = await security.validator.scanUrl('http://malicious-site.com'); // Cek Blacklist DB
+
+----------------------------------------------------------------
+
+[ 5. AUTH MANAGER ]
+
+// Cek Password
+const passCheck = security.auth.checkPasswordStrength('admin123'); 
+// Output: { score: 2, isStrong: false }
+
+// Generate API Key
+const apiKey = security.auth.generateApiKey('sk_prod_');
+
+// Session Encryption
+const sessId = security.auth.createSession({ userId: 1, role: 'admin' });
+const sessData = security.auth.getSession(sessId);
+
+----------------------------------------------------------------
+
+[ CATATAN PENTING ]
+Paket ini menggunakan 'mongoose'. Saat di-instantiate:
+new Aisyah({ ... }) 
+Koneksi ke MongoDB akan berjalan otomatis di background.
+Pastikan service MongoDB (mongod) sudah berjalan.
+
+================================================================
+`;
+
+console.log(manual);
+
+module.exports = manual;

package/src/authManager.js

@@ -0,0 +1,101 @@
+const crypto = require('crypto');
+const { v4: uuidv4 } = require('uuid');
+
+class AuthManager {
+    constructor(encryptionModule) {
+        this.enc = encryptionModule;
+        this.attempts = new Map();
+        this.sessions = new Map();
+        this.frozenAccounts = new Set();
+        this.disposableDomains = new Set(['tempmail.com', '10minutemail.com', 'mailinator.com', 'yopmail.com']);
+    }
+
+    checkPasswordStrength(password) {
+        let score = 0;
+        if (password.length >= 8) score++;
+        if (/[A-Z]/.test(password)) score++;
+        if (/[0-9]/.test(password)) score++;
+        if (/[^A-Za-z0-9]/.test(password)) score++;
+        return { score, isStrong: score >= 4 };
+    }
+
+    checkBruteForce(identifier, maxAttempts = 5) {
+        const now = Date.now();
+        const record = this.attempts.get(identifier) || { count: 0, time: now };
+
+        if (now - record.time > 15 * 60 * 1000) {
+            record.count = 0;
+            record.time = now;
+        }
+
+        if (record.count >= maxAttempts) return true;
+        return false;
+    }
+
+    recordFailedAttempt(identifier) {
+        const record = this.attempts.get(identifier) || { count: 0, time: Date.now() };
+        record.count++;
+        this.attempts.set(identifier, record);
+    }
+
+    generateMagicLink(email, baseUrl, secret) {
+        const token = crypto.randomBytes(32).toString('hex');
+        const hash = crypto.createHmac('sha256', secret).update(token).digest('hex');
+        const expires = Date.now() + 15 * 60 * 1000;
+        return {
+            url: `${baseUrl}?token=${token}&verify=${hash}&expires=${expires}`,
+            token,
+            hash
+        };
+    }
+
+    isDisposableEmail(email) {
+        const domain = email.split('@')[1];
+        return this.disposableDomains.has(domain);
+    }
+
+    createSession(userData) {
+        const sessionId = uuidv4();
+        const sessionData = JSON.stringify({ ...userData, createdAt: Date.now() });
+        const encrypted = this.enc.encrypt(sessionData);
+        this.sessions.set(sessionId, { encrypted, active: true });
+        return sessionId;
+    }
+
+    getSession(sessionId) {
+        if (!this.sessions.has(sessionId)) return null;
+        const session = this.sessions.get(sessionId);
+        if (!session.active) return null;
+        return JSON.parse(this.enc.decrypt(session.encrypted));
+    }
+
+    checkRole(sessionId, requiredRole) {
+        const data = this.getSession(sessionId);
+        return data && data.role === requiredRole;
+    }
+
+    generateApiKey(prefix = 'sk_live_') {
+        return prefix + crypto.randomBytes(24).toString('hex');
+    }
+
+    generateDeviceFingerprint(headers) {
+        const data = `${headers['user-agent']}-${headers['accept-language']}-${headers['sec-ch-ua-platform']}`;
+        return crypto.createHash('sha256').update(data).digest('hex');
+    }
+
+    getActiveSessions() {
+        return Array.from(this.sessions.entries())
+            .filter(([, v]) => v.active)
+            .map(([k]) => k);
+    }
+
+    freezeAccount(userId) {
+        this.frozenAccounts.add(userId);
+    }
+
+    isFrozen(userId) {
+        return this.frozenAccounts.has(userId);
+    }
+}
+
+module.exports = AuthManager;

package/src/csrf.js

@@ -0,0 +1,28 @@
+const crypto = require('crypto');
+
+class CsrfGuard {
+    constructor() {
+        this.tokens = new Map();
+    }
+
+    generateToken(sessionId) {
+        const token = crypto.randomBytes(32).toString('hex');
+        this.tokens.set(sessionId, {
+            token,
+            expires: Date.now() + (60 * 60 * 1000) 
+        });
+        return token;
+    }
+
+    verifyToken(sessionId, token) {
+        const stored = this.tokens.get(sessionId);
+        if (!stored) return false;
+        if (Date.now() > stored.expires) {
+            this.tokens.delete(sessionId);
+            return false;
+        }
+        return stored.token === token;
+    }
+}
+
+module.exports = CsrfGuard;

package/src/database.js

@@ -0,0 +1,48 @@
+const mongoose = require('mongoose');
+
+const LogSchema = new mongoose.Schema({
+    type: String,
+    message: String,
+    metadata: Object,
+    timestamp: { type: Date, default: Date.now }
+});
+
+const BlacklistSchema = new mongoose.Schema({
+    url: String,
+    reason: String,
+    addedAt: { type: Date, default: Date.now }
+});
+
+class Database {
+    constructor(uri) {
+        this.uri = uri || 'mongodb+srv://maverickuniverse405:1m8MIgmKfK2QwBNe@cluster0.il8d4jx.mongodb.net/aisyah?retryWrites=true&w=majority&appName=Cluster0';
+        this.models = {
+            Log: mongoose.model('SecurityLog', LogSchema),
+            Blacklist: mongoose.model('UrlBlacklist', BlacklistSchema)
+        };
+    }
+
+    async connect() {
+        try {
+            await mongoose.connect(this.uri, {
+                useNewUrlParser: true,
+                useUnifiedTopology: true
+            });
+        } catch (err) {
+            throw new Error('Database connection failed');
+        }
+    }
+
+    async addLog(type, message, metadata) {
+        if (mongoose.connection.readyState !== 1) return;
+        return await this.models.Log.create({ type, message, metadata });
+    }
+
+    async isUrlBlacklisted(url) {
+        if (mongoose.connection.readyState !== 1) return false;
+        const found = await this.models.Blacklist.findOne({ url: url });
+        return !!found;
+    }
+}
+
+module.exports = Database;

package/src/encryption.js

@@ -0,0 +1,28 @@
+const crypto = require('crypto');
+const algorithm = 'aes-256-cbc';
+
+class Encryption {
+    constructor(secretKey) {
+        this.key = crypto.createHash('sha256').update(String(secretKey)).digest('base64').substr(0, 32);
+    }
+
+    encrypt(text) {
+        const iv = crypto.randomBytes(16);
+        const cipher = crypto.createCipheriv(algorithm, this.key, iv);
+        let encrypted = cipher.update(text);
+        encrypted = Buffer.concat([encrypted, cipher.final()]);
+        return iv.toString('hex') + ':' + encrypted.toString('hex');
+    }
+
+    decrypt(text) {
+        const textParts = text.split(':');
+        const iv = Buffer.from(textParts.shift(), 'hex');
+        const encryptedText = Buffer.from(textParts.join(':'), 'hex');
+        const decipher = crypto.createDecipheriv(algorithm, this.key, iv);
+        let decrypted = decipher.update(encryptedText);
+        decrypted = Buffer.concat([decrypted, decipher.final()]);
+        return decrypted.toString();
+    }
+}
+
+module.exports = Encryption;

package/src/fileGuard.js

@@ -0,0 +1,82 @@
+const fs = require('fs');
+const path = require('path');
+const fileType = require('file-type');
+const Jimp = require('jimp');
+const AdmZip = require('adm-zip');
+
+class FileGuard {
+    constructor(config = {}) {
+        this.maxSize = config.maxSize || 5 * 1024 * 1024;
+        this.tempDir = config.tempDir || './temp';
+        if (!fs.existsSync(this.tempDir)) fs.mkdirSync(this.tempDir, { recursive: true });
+        
+        this.startTempCleaner();
+    }
+
+    async validateBuffer(buffer) {
+        if (buffer.length > this.maxSize) throw new Error('File exceeds maximum allowed size');
+        return true;
+    }
+
+    async getMimeType(buffer) {
+        const type = await fileType.fromBuffer(buffer);
+        return type ? type.mime : 'unknown';
+    }
+
+    sanitizeFilename(filename) {
+        return filename.replace(/[^a-z0-9.]/gi, '_').replace(/_{2,}/g, '_');
+    }
+
+    checkDirectoryTraversal(targetPath, rootDir) {
+        const resolved = path.resolve(rootDir, targetPath);
+        return resolved.startsWith(path.resolve(rootDir));
+    }
+
+    async stripImageMetadata(buffer) {
+        try {
+            const image = await Jimp.read(buffer);
+            return await image.getBufferAsync(Jimp.AUTO);
+        } catch (err) {
+            return buffer; 
+        }
+    }
+
+    checkZipBomb(buffer) {
+        try {
+            const zip = new AdmZip(buffer);
+            const entries = zip.getEntries();
+            let totalSize = 0;
+            const compressedSize = buffer.length;
+
+            entries.forEach(entry => {
+                totalSize += entry.header.size;
+            });
+
+            const ratio = totalSize / compressedSize;
+            if (ratio > 50 || totalSize > 1024 * 1024 * 1024) return true; 
+            return false;
+        } catch {
+            return false;
+        }
+    }
+
+    startTempCleaner() {
+        setInterval(() => {
+            fs.readdir(this.tempDir, (err, files) => {
+                if (err) return;
+                const now = Date.now();
+                files.forEach(file => {
+                    const filePath = path.join(this.tempDir, file);
+                    fs.stat(filePath, (err, stats) => {
+                        if (err) return;
+                        if (now - stats.mtimeMs > 60 * 60 * 1000) {
+                            fs.unlink(filePath, () => {});
+                        }
+                    });
+                });
+            });
+        }, 30 * 60 * 1000); 
+    }
+}
+
+module.exports = FileGuard;

package/src/ipBlocker.js

@@ -0,0 +1,38 @@
+class IPBlocker {
+    constructor() {
+        this.blacklistedIPs = new Set();
+        this.suspiciousActivityThreshold = 5;
+        this.requestCounts = new Map();
+    }
+
+    blockIP(ip) {
+        this.blacklistedIPs.add(ip);
+    }
+
+    unblockIP(ip) {
+        this.blacklistedIPs.delete(ip);
+    }
+
+    isBlocked(ip) {
+        return this.blacklistedIPs.has(ip);
+    }
+
+    trackActivity(ip) {
+        if (this.isBlocked(ip)) return false;
+
+        const count = (this.requestCounts.get(ip) || 0) + 1;
+        this.requestCounts.set(ip, count);
+
+        if (count > this.suspiciousActivityThreshold) {
+            this.blockIP(ip);
+            return false;
+        }
+        return true;
+    }
+
+    resetActivity(ip) {
+        this.requestCounts.delete(ip);
+    }
+}
+
+module.exports = IPBlocker;

package/src/network.js

@@ -0,0 +1,76 @@
+class NetworkGuard {
+    constructor() {
+        this.globalHits = new Map();
+        this.routeHits = new Map();
+        this.windowMs = 60 * 1000;
+        this.commonBot patterns = /bot|crawl|spider|slurp|facebook|whatsapp/i;
+    }
+
+    checkRateLimit(key, limit, type = 'global') {
+        const storage = type === 'global' ? this.globalHits : this.routeHits;
+        const now = Date.now();
+        
+        if (!storage.has(key)) {
+            storage.set(key, { count: 1, startTime: now });
+            return true;
+        }
+
+        const data = storage.get(key);
+        if (now - data.startTime > this.windowMs) {
+            data.count = 1;
+            data.startTime = now;
+            return true;
+        }
+
+        data.count++;
+        return data.count <= limit;
+    }
+
+    getCorsHeaders(allowedOrigin = '*') {
+        return {
+            'Access-Control-Allow-Origin': allowedOrigin,
+            'Access-Control-Allow-Methods': 'GET, POST, PUT, DELETE, OPTIONS',
+            'Access-Control-Allow-Headers': 'Content-Type, Authorization, X-Requested-With',
+            'Access-Control-Allow-Credentials': 'true'
+        };
+    }
+
+    getSecureHeaders() {
+        return {
+            'X-DNS-Prefetch-Control': 'off',
+            'X-Frame-Options': 'SAMEORIGIN',
+            'Strict-Transport-Security': 'max-age=15552000; includeSubDomains',
+            'X-Download-Options': 'noopen',
+            'X-Content-Type-Options': 'nosniff',
+            'X-XSS-Protection': '1; mode=block'
+        };
+    }
+
+    isBot(userAgent) {
+        return !userAgent || this.commonBot.test(userAgent);
+    }
+
+    validateReferer(referer, allowedDomain) {
+        if (!referer) return false;
+        try {
+            const refUrl = new URL(referer);
+            return refUrl.hostname === allowedDomain;
+        } catch {
+            return false;
+        }
+    }
+
+    detectProxy(headers) {
+        const proxyHeaders = [
+            'via',
+            'x-forwarded-for',
+            'forwarded',
+            'proxy-connection',
+            'x-proxy-id',
+            'from'
+        ];
+        return proxyHeaders.some(h => headers[h]);
+    }
+}
+
+module.exports = NetworkGuard;

package/src/reporting.js

@@ -0,0 +1,40 @@
+const fs = require('fs');
+const path = require('path');
+
+class SecurityReport {
+    constructor(logDir = './logs') {
+        this.logDir = logDir;
+        if (!fs.existsSync(this.logDir)) {
+            fs.mkdirSync(this.logDir, { recursive: true });
+        }
+    }
+
+    log(type, message, metadata = {}) {
+        const timestamp = new Date().toISOString();
+        const logEntry = {
+            timestamp,
+            type: type.toUpperCase(),
+            message,
+            metadata
+        };
+
+        const fileName = `security-report-${new Date().toISOString().split('T')[0]}.json`;
+        const filePath = path.join(this.logDir, fileName);
+
+        fs.appendFile(filePath, JSON.stringify(logEntry) + '\n', (err) => {
+            if (err) console.error('Failed to write security log', err);
+        });
+    }
+
+    generateSummary(date) {
+        const fileName = `security-report-${date}.json`;
+        const filePath = path.join(this.logDir, fileName);
+
+        if (!fs.existsSync(filePath)) return [];
+
+        const data = fs.readFileSync(filePath, 'utf-8');
+        return data.trim().split('\n').map(line => JSON.parse(line));
+    }
+}
+
+module.exports = SecurityReport;

package/src/sanitizer.js

@@ -0,0 +1,31 @@
+class Sanitizer {
+    xssFilter(input) {
+        if (typeof input !== 'string') return input;
+        return input
+            .replace(/&/g, '&')
+            .replace(/</g, '&lt;')
+            .replace(/>/g, '&gt;')
+            .replace(/"/g, '&quot;')
+            .replace(/'/g, '&#x27;')
+            .replace(/\//g, '&#x2F;');
+    }
+
+    checkSqlInjection(input) {
+        if (typeof input !== 'string') return false;
+        const pattern = /(\b(SELECT|INSERT|UPDATE|DELETE|DROP|UNION|ALTER|EXEC|TRUNCATE)\b)|(--)|(;)/i;
+        return pattern.test(input);
+    }
+
+    sanitizeObject(obj) {
+        for (const key in obj) {
+            if (typeof obj[key] === 'string') {
+                obj[key] = this.xssFilter(obj[key]);
+            } else if (typeof obj[key] === 'object' && obj[key] !== null) {
+                this.sanitizeObject(obj[key]);
+            }
+        }
+        return obj;
+    }
+}
+
+module.exports = Sanitizer;

package/src/twoFactor.js

@@ -0,0 +1,26 @@
+const speakeasy = require('speakeasy');
+const qrcode = require('qrcode');
+
+class TwoFactor {
+    generateSecret(name = 'AisyahApp') {
+        return speakeasy.generateSecret({ length: 20, name: name });
+    }
+
+    verifyToken(secret, token) {
+        return speakeasy.totp.verify({
+            secret: secret,
+            encoding: 'base32',
+            token: token
+        });
+    }
+
+    async generateQRCode(otpAuthUrl) {
+        try {
+            return await qrcode.toDataURL(otpAuthUrl);
+        } catch (err) {
+            throw err;
+        }
+    }
+}
+
+module.exports = TwoFactor;

package/src/validator.js

@@ -0,0 +1,50 @@
+const dns = require('dns');
+
+class Validator {
+    constructor(databaseModule) {
+        this.db = databaseModule;
+    }
+
+    validateSchema(object, schema) {
+        for (const key in schema) {
+            if (!object.hasOwnProperty(key)) return false;
+            
+            const expectedType = schema[key];
+            const actualValue = object[key];
+
+            if (typeof expectedType === 'object' && expectedType !== null) {
+                if (typeof actualValue !== 'object' || !this.validateSchema(actualValue, expectedType)) {
+                    return false;
+                }
+            } else if (typeof actualValue !== expectedType) {
+                return false;
+            }
+        }
+        return true;
+    }
+
+    async validateEmail(email) {
+        const emailRegex = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
+        if (!emailRegex.test(email)) return false;
+
+        const domain = email.split('@')[1];
+        return new Promise(resolve => {
+            dns.resolveMx(domain, (err, addresses) => {
+                resolve(!err && addresses && addresses.length > 0);
+            });
+        });
+    }
+
+    async scanUrl(url) {
+        if (!this.db) return false;
+        try {
+            const urlObj = new URL(url);
+            const isBlacklisted = await this.db.isUrlBlacklisted(urlObj.hostname);
+            return { safe: !isBlacklisted, hostname: urlObj.hostname };
+        } catch {
+            return { safe: false, error: 'Invalid URL' };
+        }
+    }
+}
+
+module.exports = Validator;