npm - anastasis-mcp-server - Versions diffs - 1.0.0 - Mend

anastasis-mcp-server 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/LICENSE ADDED Viewed

@@ -0,0 +1,21 @@
+MIT License
+Copyright (c) 2025 0xazanul
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md ADDED Viewed

@@ -0,0 +1,208 @@
+# Anastasis MCP Server
+MCP server for JavaScript endpoint discovery and attack surface mapping. Gives Claude (and any MCP client) native tools to discover API endpoints from JavaScript files, probe API documentation, extract parameters, and reconstruct sourcemaps.
+Powered by the [Anastasis](https://github.com/0xazanul/Anastasis) engine.
+## Install
+### Claude Code (recommended)
+```bash
+claude mcp add anastasis -- npx -y anastasis-mcp-server
+```
+### Claude Desktop
+Add to `claude_desktop_config.json`:
+```json
+{
+  "mcpServers": {
+    "anastasis": {
+      "command": "npx",
+      "args": ["-y", "anastasis-mcp-server"]
+    }
+  }
+}
+```
+### Any MCP Client
+```bash
+npx -y anastasis-mcp-server
+```
+Communicates over stdio using the [Model Context Protocol](https://modelcontextprotocol.io).
+## Tools
+### `scan_domain`
+Full domain scan. Discovers JS files from 23+ passive sources, parses them for API endpoints, probes API documentation, extracts parameters.
+```
+Input:
+  domain: "example.com"
+  mode: "quick" | "standard" | "deep"  (default: standard)
+  concurrency: 1-50  (default: 10)
+  include_subdomains: true | false  (default: false)
+Output:
+  endpoints[], paramSpecs[], jsFiles, apiDocs, sources, stats, summary
+```
+**Modes:**
+- **quick** — API documentation probe only (~30s). Checks Swagger, GraphQL, WADL, WSDL.
+- **standard** — JS discovery + AST parsing + API docs (~2-3 min). Default.
+- **deep** — Full parameter extraction with nested body schemas (~3-5 min).
+### `discover_js_files`
+Find all JavaScript files for a domain from 23+ passive sources (Wayback Machine, OTX, URLScan, GAU, CommonCrawl, VirusTotal, HTML parsing, and more).
+```
+Input:
+  domain: "example.com"
+  concurrency: 1-50  (default: 10)
+Output:
+  files[{url, source}], sourceSummary[], inlineScripts count
+```
+### `parse_js_file`
+Parse a single JavaScript file for API endpoints. Provide a URL or raw content.
+```
+Input:
+  url: "https://example.com/app.js"  (or)
+  content: "fetch('/api/users')..."
+  extract_params: true | false  (default: true)
+  build_schemas: true | false  (default: false)
+Output:
+  endpoints[], paramSpecs[], stats, discoveredChunks[]
+```
+### `parse_multiple_js`
+Parse multiple JavaScript files in parallel.
+```
+Input:
+  urls: ["https://example.com/a.js", "https://example.com/b.js"]
+  extract_params: true  (default: true)
+  concurrency: 1-50  (default: 10)
+Output:
+  endpoints[], paramSpecs[], stats
+```
+### `check_api_docs`
+Probe a domain for API documentation — Swagger/OpenAPI, GraphQL introspection, WADL, WSDL, well-known endpoints, API version detection.
+```
+Input:
+  domain: "example.com"
+  sources: ["swagger", "graphql", "wadl", "wsdl", "well-known", "api-probe", "sitemap"]
+  timeout: 60000  (ms)
+Output:
+  endpoints[], jsFilesFromManifests[], sourceResults[]
+```
+### `extract_sourcemap`
+Check a JavaScript file for sourcemaps and recover original source files.
+```
+Input:
+  url: "https://example.com/app.js"
+Output:
+  sourcemapFound, sourcemapUrl, sourceFiles[{path, language, size, preview}]
+```
+## How It Works
+```
+Claude: "scan example.com"
+    │
+    ├── calls scan_domain("example.com", mode="standard")
+    │       │
+    │       ├── Phase 1: discover_js_files
+    │       │   └── 23+ passive sources (Wayback, OTX, URLScan, GAU, ...)
+    │       │
+    │       ├── Phase 2: Parse JS files
+    │       │   ├── Tree-Sitter AST parsing (primary)
+    │       │   ├── Acorn fallback (if tree-sitter unavailable)
+    │       │   ├── Regex extraction (supplementary)
+    │       │   ├── Sourcemap reconstruction
+    │       │   └── Webpack chunk following
+    │       │
+    │       └── Phase 3: API documentation probing
+    │           └── Swagger, GraphQL, WADL, WSDL, well-known
+    │
+    └── Claude analyzes results
+        ├── Categorizes endpoints by security relevance
+        ├── Identifies IDOR candidates, auth gaps, admin endpoints
+        ├── Suggests attack strategies per parameter type
+        └── Produces prioritized attack surface report
+```
+The MCP server imports the [Anastasis engine](https://github.com/0xazanul/Anastasis) directly — no CLI wrapping, no stdout parsing. Claude gets structured JSON from native tool calls.
+## Requirements
+- **Node.js 18-23** ([nodejs.org](https://nodejs.org))
+- **Internet access** for passive source queries
+Tree-sitter (C++ native AST parser) compiles automatically during install on most systems. If compilation fails, Anastasis falls back to acorn/acorn-loose with identical functionality.
+## Example Output
+```json
+{
+  "summary": {
+    "totalEndpoints": 1569,
+    "totalJsFiles": 6309,
+    "totalApiDocEndpoints": 1067,
+    "endpointsWithParams": 227,
+    "duration": "195.1s",
+    "byMethod": { "GET": 1272, "POST": 53, "PATCH": 20, "DELETE": 24 },
+    "bySource": { "ast": 293, "regex": 208, "graphql": 3 }
+  }
+}
+```
+## For Bug Bounty Hunters
+After `scan_domain` returns, ask Claude:
+- "Which endpoints are most likely to have IDOR?"
+- "Show me admin endpoints without authentication"
+- "Which parameters are SSRF candidates?"
+- "Analyze the auth patterns for inconsistencies"
+- "What standalone findings can I report right now?"
+Claude combines Anastasis's raw data with security analysis to produce actionable results.
+## Development
+```bash
+git clone https://github.com/0xazanul/anastasis-mcp-server.git
+cd anastasis-mcp-server
+npm install
+npm run build
+node dist/index.js  # starts MCP server on stdio
+```
+## License
+MIT
+## Credits
+- [Anastasis Engine](https://github.com/0xazanul/Anastasis) by [@0xazanul](https://github.com/0xazanul)

package/dist/index.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+#!/usr/bin/env node
+export {};
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":""}

package/dist/index.js ADDED Viewed

@@ -0,0 +1,411 @@
+#!/usr/bin/env node
+import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
+import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
+import { z } from "zod";
+// Import Anastasis core modules
+import { discoverJsFiles } from "anastasis/dist/core/discovery-orchestrator.js";
+import { discoverEndpoints } from "anastasis/dist/core/endpoint-discovery.js";
+import { parseEndpoints, parseEndpointsFromUrl, parseEndpointsFromUrls, isTreeSitterAvailable, } from "anastasis/dist/parsers/index.js";
+import { discoverAndReconstruct, } from "anastasis/dist/parsers/sourcemap-reconstructor.js";
+const server = new McpServer({
+    name: "anastasis",
+    version: "1.0.0",
+});
+// ─── Tool 1: scan_domain ───────────────────────────────────────────────────────
+// Full domain scan — the main use case. Combines JS discovery + parsing + API docs.
+server.tool("scan_domain", {
+    domain: z.string().describe("Target domain to scan (e.g., example.com)"),
+    mode: z.enum(["quick", "standard", "deep"]).default("standard").describe("Scan depth: quick (API docs only), standard (JS + API), deep (full params + schemas)"),
+    concurrency: z.number().int().min(1).max(50).default(10).describe("Number of parallel requests"),
+    include_subdomains: z.boolean().default(false).describe("Include subdomains in JS discovery"),
+}, async ({ domain, mode, concurrency, include_subdomains }) => {
+    const startTime = Date.now();
+    const results = {
+        domain,
+        mode,
+        treeSitterAvailable: isTreeSitterAvailable(),
+        jsFiles: { count: 0, urls: [] },
+        endpoints: [],
+        apiDocs: [],
+        paramSpecs: [],
+        sources: {},
+        stats: {},
+    };
+    try {
+        // Phase 1: Discover JS files (skip for quick mode)
+        if (mode !== "quick") {
+            const discovery = await discoverJsFiles({
+                domain,
+                concurrency,
+                includeSubdomains: include_subdomains,
+            });
+            results.jsFiles.count = discovery.totalUrls;
+            results.jsFiles.urls = discovery.urls.map((u) => u.url);
+            // Track sources
+            for (const src of discovery.sources) {
+                if (src.urls?.length > 0) {
+                    results.sources[src.source] = src.urls.length;
+                }
+            }
+            // Phase 2: Parse JS files for endpoints
+            if (discovery.totalUrls > 0) {
+                const parseOpts = {
+                    extractParams: mode === "deep" || mode === "standard",
+                    buildSchemas: mode === "deep",
+                    reconstructSourceMaps: true,
+                };
+                const parseResult = await parseEndpointsFromUrls(results.jsFiles.urls, parseOpts, undefined, concurrency);
+                results.endpoints.push(...parseResult.endpoints.map((ep) => ({
+                    path: ep.path,
+                    method: ep.method || "GET",
+                    source: ep.source || "ast",
+                    confidence: ep.confidence,
+                    queryParams: ep.queryParams,
+                    context: ep.context,
+                })));
+                // Collect param specs
+                if (parseResult.paramExtractionResult?.specs) {
+                    results.paramSpecs = parseResult.paramExtractionResult.specs.map((spec) => ({
+                        path: spec.path,
+                        method: spec.method,
+                        pathParams: spec.pathParams,
+                        queryParams: spec.queryParams,
+                        bodyParams: spec.bodyParams,
+                        cookieParams: spec.cookieParams,
+                        headers: spec.headers,
+                        auth: spec.auth,
+                        contentType: spec.contentType,
+                        confidence: spec.confidence,
+                    }));
+                }
+                results.stats = {
+                    regexFound: parseResult.stats?.regexFound || 0,
+                    astFound: parseResult.stats?.astFound || 0,
+                    sourceMapFound: parseResult.stats?.sourceMapFound || 0,
+                    totalParsed: parseResult.endpoints.length,
+                };
+            }
+        }
+        // Phase 3: Discover API documentation endpoints
+        const baseUrl = domain.startsWith("http") ? domain : `https://${domain}`;
+        const apiResult = await discoverEndpoints({
+            baseUrl,
+            concurrency: Math.min(concurrency, 20),
+            timeout: mode === "quick" ? 30000 : 60000,
+        });
+        results.apiDocs = apiResult.endpoints.map((ep) => ({
+            path: ep.path,
+            method: ep.method || "GET",
+            source: ep.source,
+            confidence: ep.confidence,
+        }));
+        // Merge API doc endpoints with JS-discovered endpoints (dedup by method:path)
+        const seen = new Set(results.endpoints.map((e) => `${e.method}:${e.path}`));
+        for (const ep of results.apiDocs) {
+            const key = `${ep.method}:${ep.path}`;
+            if (!seen.has(key)) {
+                results.endpoints.push(ep);
+                seen.add(key);
+            }
+        }
+        // Summary
+        results.summary = {
+            totalEndpoints: results.endpoints.length,
+            totalJsFiles: results.jsFiles.count,
+            totalApiDocEndpoints: results.apiDocs.length,
+            endpointsWithParams: results.paramSpecs.length,
+            duration: `${((Date.now() - startTime) / 1000).toFixed(1)}s`,
+            byMethod: results.endpoints.reduce((acc, ep) => {
+                acc[ep.method] = (acc[ep.method] || 0) + 1;
+                return acc;
+            }, {}),
+            bySource: results.endpoints.reduce((acc, ep) => {
+                acc[ep.source || "unknown"] = (acc[ep.source || "unknown"] || 0) + 1;
+                return acc;
+            }, {}),
+        };
+        return {
+            content: [{ type: "text", text: JSON.stringify(results, null, 2) }],
+        };
+    }
+    catch (error) {
+        return {
+            content: [{ type: "text", text: JSON.stringify({
+                        error: error.message,
+                        domain,
+                        mode,
+                        partial: results,
+                    }, null, 2) }],
+            isError: true,
+        };
+    }
+});
+// ─── Tool 2: discover_js_files ─────────────────────────────────────────────────
+// Just the discovery phase — find all JS files for a domain from 23+ passive sources.
+server.tool("discover_js_files", {
+    domain: z.string().describe("Target domain (e.g., example.com)"),
+    concurrency: z.number().int().min(1).max(50).default(10).describe("Parallel request limit"),
+    include_subdomains: z.boolean().default(false).describe("Include subdomains"),
+}, async ({ domain, concurrency, include_subdomains }) => {
+    try {
+        const result = await discoverJsFiles({
+            domain,
+            concurrency,
+            includeSubdomains: include_subdomains,
+        });
+        const output = {
+            domain,
+            totalFiles: result.totalUrls,
+            files: result.urls.map((u) => ({
+                url: u.url,
+                source: u.source,
+            })),
+            sourceSummary: result.sources
+                .filter((s) => s.urls?.length > 0)
+                .map((s) => ({
+                source: s.source,
+                found: s.urls.length,
+                duration: s.duration ? `${(s.duration / 1000).toFixed(1)}s` : undefined,
+            })),
+            inlineScripts: result.inlineScripts?.length || 0,
+            duration: `${(result.duration / 1000).toFixed(1)}s`,
+        };
+        return {
+            content: [{ type: "text", text: JSON.stringify(output, null, 2) }],
+        };
+    }
+    catch (error) {
+        return {
+            content: [{ type: "text", text: JSON.stringify({ error: error.message, domain }) }],
+            isError: true,
+        };
+    }
+});
+// ─── Tool 3: parse_js_file ─────────────────────────────────────────────────────
+// Parse a single JS file URL or raw content for endpoints.
+server.tool("parse_js_file", {
+    url: z.string().optional().describe("URL of the JavaScript file to parse"),
+    content: z.string().optional().describe("Raw JavaScript content to parse (instead of URL)"),
+    extract_params: z.boolean().default(true).describe("Extract parameter types and constraints"),
+    build_schemas: z.boolean().default(false).describe("Build nested body schemas"),
+}, async ({ url, content, extract_params, build_schemas }) => {
+    if (!url && !content) {
+        return {
+            content: [{ type: "text", text: JSON.stringify({ error: "Provide either url or content" }) }],
+            isError: true,
+        };
+    }
+    try {
+        let result;
+        if (url) {
+            result = await parseEndpointsFromUrl(url, {
+                extractParams: extract_params,
+                buildSchemas: build_schemas,
+                reconstructSourceMaps: true,
+            });
+        }
+        else {
+            result = parseEndpoints(content, {
+                extractParams: extract_params,
+                buildSchemas: build_schemas,
+            });
+        }
+        const output = {
+            endpoints: result.endpoints.map((ep) => ({
+                path: ep.path,
+                method: ep.method || "GET",
+                source: ep.source || "ast",
+                confidence: ep.confidence,
+                queryParams: ep.queryParams,
+                context: ep.context,
+            })),
+            stats: {
+                total: result.endpoints.length,
+                regexFound: result.stats?.regexFound || 0,
+                astFound: result.stats?.astFound || 0,
+                sourceMapFound: result.stats?.sourceMapFound || 0,
+                treeSitterAvailable: isTreeSitterAvailable(),
+            },
+        };
+        if (result.paramExtractionResult?.specs) {
+            output.paramSpecs = result.paramExtractionResult.specs.map((spec) => ({
+                path: spec.path,
+                method: spec.method,
+                pathParams: spec.pathParams,
+                queryParams: spec.queryParams,
+                bodyParams: spec.bodyParams,
+                headers: spec.headers,
+                auth: spec.auth,
+                confidence: spec.confidence,
+            }));
+        }
+        if (result.discoveredChunks?.length) {
+            output.discoveredChunks = result.discoveredChunks;
+        }
+        return {
+            content: [{ type: "text", text: JSON.stringify(output, null, 2) }],
+        };
+    }
+    catch (error) {
+        return {
+            content: [{ type: "text", text: JSON.stringify({ error: error.message, url }) }],
+            isError: true,
+        };
+    }
+});
+// ─── Tool 4: check_api_docs ────────────────────────────────────────────────────
+// Probe a domain for API documentation (Swagger, GraphQL, WADL, WSDL, etc.)
+server.tool("check_api_docs", {
+    domain: z.string().describe("Target domain (e.g., example.com)"),
+    sources: z.array(z.string()).optional().describe("Specific sources to check: swagger, graphql, wadl, wsdl, well-known, api-probe, sitemap"),
+    timeout: z.number().int().default(60000).describe("Timeout in ms per source"),
+}, async ({ domain, sources, timeout }) => {
+    try {
+        const baseUrl = domain.startsWith("http") ? domain : `https://${domain}`;
+        const result = await discoverEndpoints({
+            baseUrl,
+            sources: sources,
+            timeout,
+            concurrency: 20,
+        });
+        const output = {
+            domain,
+            totalEndpoints: result.endpoints.length,
+            endpoints: result.endpoints.map((ep) => ({
+                path: ep.path,
+                method: ep.method || "GET",
+                source: ep.source,
+                confidence: ep.confidence,
+                params: ep.params,
+            })),
+            jsFilesFromManifests: result.jsFiles?.map((f) => f.url) || [],
+            sourceResults: result.sources?.map((s) => ({
+                source: s.source,
+                count: s.count,
+                duration: s.duration ? `${(s.duration / 1000).toFixed(1)}s` : undefined,
+                error: s.error,
+            })) || [],
+            duration: `${(result.totalDuration / 1000).toFixed(1)}s`,
+        };
+        return {
+            content: [{ type: "text", text: JSON.stringify(output, null, 2) }],
+        };
+    }
+    catch (error) {
+        return {
+            content: [{ type: "text", text: JSON.stringify({ error: error.message, domain }) }],
+            isError: true,
+        };
+    }
+});
+// ─── Tool 5: extract_sourcemap ─────────────────────────────────────────────────
+// Recover original source files from a JS file's sourcemap.
+server.tool("extract_sourcemap", {
+    url: z.string().describe("URL of the JavaScript file to check for sourcemaps"),
+}, async ({ url }) => {
+    try {
+        // Fetch the JS content first
+        const response = await fetch(url, {
+            headers: {
+                "User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36",
+                Accept: "*/*",
+            },
+            signal: AbortSignal.timeout(15000),
+        });
+        if (!response.ok) {
+            throw new Error(`HTTP ${response.status} fetching ${url}`);
+        }
+        const content = await response.text();
+        const result = await discoverAndReconstruct(url, content);
+        if (!result) {
+            return {
+                content: [{ type: "text", text: JSON.stringify({
+                            url,
+                            sourcemapFound: false,
+                            message: "No sourcemap found for this file",
+                        }) }],
+            };
+        }
+        const output = {
+            url,
+            sourcemapFound: true,
+            sourcemapUrl: result.sourcemapUrl,
+            sourceFiles: result.sources?.map((s) => ({
+                path: s.path,
+                language: s.language,
+                size: s.content?.length || 0,
+                preview: s.content?.slice(0, 500),
+            })) || [],
+            totalFiles: result.sources?.length || 0,
+        };
+        return {
+            content: [{ type: "text", text: JSON.stringify(output, null, 2) }],
+        };
+    }
+    catch (error) {
+        return {
+            content: [{ type: "text", text: JSON.stringify({ error: error.message, url }) }],
+            isError: true,
+        };
+    }
+});
+// ─── Tool 6: parse_multiple_js ─────────────────────────────────────────────────
+// Parse multiple JS file URLs in parallel.
+server.tool("parse_multiple_js", {
+    urls: z.array(z.string()).describe("Array of JS file URLs to parse"),
+    extract_params: z.boolean().default(true).describe("Extract parameter types"),
+    concurrency: z.number().int().min(1).max(50).default(10).describe("Parallel request limit"),
+}, async ({ urls, extract_params, concurrency }) => {
+    try {
+        const result = await parseEndpointsFromUrls(urls, {
+            extractParams: extract_params,
+            reconstructSourceMaps: true,
+        }, undefined, concurrency);
+        const output = {
+            filesProcessed: urls.length,
+            totalEndpoints: result.endpoints.length,
+            endpoints: result.endpoints.map((ep) => ({
+                path: ep.path,
+                method: ep.method || "GET",
+                source: ep.source || "ast",
+                confidence: ep.confidence,
+            })),
+            stats: {
+                regexFound: result.stats?.regexFound || 0,
+                astFound: result.stats?.astFound || 0,
+                sourceMapFound: result.stats?.sourceMapFound || 0,
+                byMethod: result.stats?.byMethod || {},
+            },
+        };
+        if (result.paramExtractionResult?.specs) {
+            output.paramSpecs = result.paramExtractionResult.specs.map((spec) => ({
+                path: spec.path,
+                method: spec.method,
+                pathParams: spec.pathParams,
+                queryParams: spec.queryParams,
+                bodyParams: spec.bodyParams,
+                headers: spec.headers,
+                auth: spec.auth,
+            }));
+        }
+        return {
+            content: [{ type: "text", text: JSON.stringify(output, null, 2) }],
+        };
+    }
+    catch (error) {
+        return {
+            content: [{ type: "text", text: JSON.stringify({ error: error.message }) }],
+            isError: true,
+        };
+    }
+});
+// ─── Start server ──────────────────────────────────────────────────────────────
+async function main() {
+    const transport = new StdioServerTransport();
+    await server.connect(transport);
+}
+main().catch((error) => {
+    console.error("Fatal:", error);
+    process.exit(1);
+});
+//# sourceMappingURL=index.js.map

package/dist/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAEA,OAAO,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AACpE,OAAO,EAAE,oBAAoB,EAAE,MAAM,2CAA2C,CAAC;AACjF,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,gCAAgC;AAChC,OAAO,EAAE,eAAe,EAAE,MAAM,+CAA+C,CAAC;AAChF,OAAO,EAAE,iBAAiB,EAAE,MAAM,2CAA2C,CAAC;AAC9E,OAAO,EACL,cAAc,EACd,qBAAqB,EACrB,sBAAsB,EAEtB,qBAAqB,GACtB,MAAM,iCAAiC,CAAC;AACzC,OAAO,EACL,sBAAsB,GACvB,MAAM,mDAAmD,CAAC;AAE3D,MAAM,MAAM,GAAG,IAAI,SAAS,CAAC;IAC3B,IAAI,EAAE,WAAW;IACjB,OAAO,EAAE,OAAO;CACjB,CAAC,CAAC;AAEH,kFAAkF;AAClF,oFAAoF;AAEpF,MAAM,CAAC,IAAI,CACT,aAAa,EACb;IACE,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,2CAA2C,CAAC;IACxE,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,UAAU,EAAE,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,QAAQ,CAAC,sFAAsF,CAAC;IAChK,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,6BAA6B,CAAC;IAChG,kBAAkB,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,oCAAoC,CAAC;CAC9F,EACD,KAAK,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,WAAW,EAAE,kBAAkB,EAAE,EAAE,EAAE;IAC1D,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAC7B,MAAM,OAAO,GAAQ;QACnB,MAAM;QACN,IAAI;QACJ,mBAAmB,EAAE,qBAAqB,EAAE;QAC5C,OAAO,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,EAAc,EAAE;QAC3C,SAAS,EAAE,EAAW;QACtB,OAAO,EAAE,EAAW;QACpB,UAAU,EAAE,EAAW;QACvB,OAAO,EAAE,EAA4B;QACrC,KAAK,EAAE,EAAS;KACjB,CAAC;IAEF,IAAI,CAAC;QACH,mDAAmD;QACnD,IAAI,IAAI,KAAK,OAAO,EAAE,CAAC;YACrB,MAAM,SAAS,GAAG,MAAM,eAAe,CAAC;gBACtC,MAAM;gBACN,WAAW;gBACX,iBAAiB,EAAE,kBAAkB;aACtC,CAAC,CAAC;YAEH,OAAO,CAAC,OAAO,CAAC,KAAK,GAAG,SAAS,CAAC,SAAS,CAAC;YAC5C,OAAO,CAAC,OAAO,CAAC,IAAI,GAAG,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;YAE7D,gBAAgB;YAChB,KAAK,MAAM,GAAG,IAAI,SAAS,CAAC,OAAO,EAAE,CAAC;gBACpC,IAAI,GAAG,CAAC,IAAI,EAAE,MAAM,GAAG,CAAC,EAAE,CAAC;oBACzB,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC;gBAChD,CAAC;YACH,CAAC;YAED,wCAAwC;YACxC,IAAI,SAAS,CAAC,SAAS,GAAG,CAAC,EAAE,CAAC;gBAC5B,MAAM,SAAS,GAAQ;oBACrB,aAAa,EAAE,IAAI,KAAK,MAAM,IAAI,IAAI,KAAK,UAAU;oBACrD,YAAY,EAAE,IAAI,KAAK,MAAM;oBAC7B,qBAAqB,EAAE,IAAI;iBAC5B,CAAC;gBAEF,MAAM,WAAW,GAAG,MAAM,sBAAsB,CAC9C,OAAO,CAAC,OAAO,CAAC,IAAI,EACpB,SAAS,EACT,SAAS,EACT,WAAW,CACZ,CAAC;gBAEF,OAAO,CAAC,SAAS,CAAC,IAAI,CACpB,GAAG,WAAW,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,EAAO,EAAE,EAAE,CAAC,CAAC;oBACzC,IAAI,EAAE,EAAE,CAAC,IAAI;oBACb,MAAM,EAAE,EAAE,CAAC,MAAM,IAAI,KAAK;oBAC1B,MAAM,EAAE,EAAE,CAAC,MAAM,IAAI,KAAK;oBAC1B,UAAU,EAAE,EAAE,CAAC,UAAU;oBACzB,WAAW,EAAE,EAAE,CAAC,WAAW;oBAC3B,OAAO,EAAE,EAAE,CAAC,OAAO;iBACpB,CAAC,CAAC,CACJ,CAAC;gBAEF,sBAAsB;gBACtB,IAAI,WAAW,CAAC,qBAAqB,EAAE,KAAK,EAAE,CAAC;oBAC7C,OAAO,CAAC,UAAU,GAAG,WAAW,CAAC,qBAAqB,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAS,EAAE,EAAE,CAAC,CAAC;wBAC/E,IAAI,EAAE,IAAI,CAAC,IAAI;wBACf,MAAM,EAAE,IAAI,CAAC,MAAM;wBACnB,UAAU,EAAE,IAAI,CAAC,UAAU;wBAC3B,WAAW,EAAE,IAAI,CAAC,WAAW;wBAC7B,UAAU,EAAE,IAAI,CAAC,UAAU;wBAC3B,YAAY,EAAE,IAAI,CAAC,YAAY;wBAC/B,OAAO,EAAE,IAAI,CAAC,OAAO;wBACrB,IAAI,EAAE,IAAI,CAAC,IAAI;wBACf,WAAW,EAAE,IAAI,CAAC,WAAW;wBAC7B,UAAU,EAAE,IAAI,CAAC,UAAU;qBAC5B,CAAC,CAAC,CAAC;gBACN,CAAC;gBAED,OAAO,CAAC,KAAK,GAAG;oBACd,UAAU,EAAE,WAAW,CAAC,KAAK,EAAE,UAAU,IAAI,CAAC;oBAC9C,QAAQ,EAAE,WAAW,CAAC,KAAK,EAAE,QAAQ,IAAI,CAAC;oBAC1C,cAAc,EAAE,WAAW,CAAC,KAAK,EAAE,cAAc,IAAI,CAAC;oBACtD,WAAW,EAAE,WAAW,CAAC,SAAS,CAAC,MAAM;iBAC1C,CAAC;YACJ,CAAC;QACH,CAAC;QAED,gDAAgD;QAChD,MAAM,OAAO,GAAG,MAAM,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,WAAW,MAAM,EAAE,CAAC;QACzE,MAAM,SAAS,GAAG,MAAM,iBAAiB,CAAC;YACxC,OAAO;YACP,WAAW,EAAE,IAAI,CAAC,GAAG,CAAC,WAAW,EAAE,EAAE,CAAC;YACtC,OAAO,EAAE,IAAI,KAAK,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK;SAC1C,CAAC,CAAC;QAEH,OAAO,CAAC,OAAO,GAAG,SAAS,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,EAAO,EAAE,EAAE,CAAC,CAAC;YACtD,IAAI,EAAE,EAAE,CAAC,IAAI;YACb,MAAM,EAAE,EAAE,CAAC,MAAM,IAAI,KAAK;YAC1B,MAAM,EAAE,EAAE,CAAC,MAAM;YACjB,UAAU,EAAE,EAAE,CAAC,UAAU;SAC1B,CAAC,CAAC,CAAC;QAEJ,8EAA8E;QAC9E,MAAM,IAAI,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;QACjF,KAAK,MAAM,EAAE,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;YACjC,MAAM,GAAG,GAAG,GAAG,EAAE,CAAC,MAAM,IAAI,EAAE,CAAC,IAAI,EAAE,CAAC;YACtC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;gBACnB,OAAO,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBAC3B,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;YAChB,CAAC;QACH,CAAC;QAED,UAAU;QACV,OAAO,CAAC,OAAO,GAAG;YAChB,cAAc,EAAE,OAAO,CAAC,SAAS,CAAC,MAAM;YACxC,YAAY,EAAE,OAAO,CAAC,OAAO,CAAC,KAAK;YACnC,oBAAoB,EAAE,OAAO,CAAC,OAAO,CAAC,MAAM;YAC5C,mBAAmB,EAAE,OAAO,CAAC,UAAU,CAAC,MAAM;YAC9C,QAAQ,EAAE,GAAG,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG;YAC5D,QAAQ,EAAE,OAAO,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,GAAQ,EAAE,EAAO,EAAE,EAAE;gBACvD,GAAG,CAAC,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;gBAC3C,OAAO,GAAG,CAAC;YACb,CAAC,EAAE,EAAE,CAAC;YACN,QAAQ,EAAE,OAAO,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,GAAQ,EAAE,EAAO,EAAE,EAAE;gBACvD,GAAG,CAAC,EAAE,CAAC,MAAM,IAAI,SAAS,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,MAAM,IAAI,SAAS,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;gBACrE,OAAO,GAAG,CAAC;YACb,CAAC,EAAE,EAAE,CAAC;SACP,CAAC;QAEF,OAAO;YACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC;SACpE,CAAC;IACJ,CAAC;IAAC,OAAO,KAAU,EAAE,CAAC;QACpB,OAAO;YACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;wBAC7C,KAAK,EAAE,KAAK,CAAC,OAAO;wBACpB,MAAM;wBACN,IAAI;wBACJ,OAAO,EAAE,OAAO;qBACjB,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC;YACd,OAAO,EAAE,IAAI;SACd,CAAC;IACJ,CAAC;AACH,CAAC,CACF,CAAC;AAEF,kFAAkF;AAClF,sFAAsF;AAEtF,MAAM,CAAC,IAAI,CACT,mBAAmB,EACnB;IACE,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,mCAAmC,CAAC;IAChE,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,wBAAwB,CAAC;IAC3F,kBAAkB,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,oBAAoB,CAAC;CAC9E,EACD,KAAK,EAAE,EAAE,MAAM,EAAE,WAAW,EAAE,kBAAkB,EAAE,EAAE,EAAE;IACpD,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC;YACnC,MAAM;YACN,WAAW;YACX,iBAAiB,EAAE,kBAAkB;SACtC,CAAC,CAAC;QAEH,MAAM,MAAM,GAAG;YACb,MAAM;YACN,UAAU,EAAE,MAAM,CAAC,SAAS;YAC5B,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,CAAC;gBAClC,GAAG,EAAE,CAAC,CAAC,GAAG;gBACV,MAAM,EAAE,CAAC,CAAC,MAAM;aACjB,CAAC,CAAC;YACH,aAAa,EAAE,MAAM,CAAC,OAAO;iBAC1B,MAAM,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,MAAM,GAAG,CAAC,CAAC;iBACtC,GAAG,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,CAAC;gBAChB,MAAM,EAAE,CAAC,CAAC,MAAM;gBAChB,KAAK,EAAE,CAAC,CAAC,IAAI,CAAC,MAAM;gBACpB,QAAQ,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,GAAG,IAAI,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS;aACxE,CAAC,CAAC;YACL,aAAa,EAAE,MAAM,CAAC,aAAa,EAAE,MAAM,IAAI,CAAC;YAChD,QAAQ,EAAE,GAAG,CAAC,MAAM,CAAC,QAAQ,GAAG,IAAI,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG;SACpD,CAAC;QAEF,OAAO;YACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC;SACnE,CAAC;IACJ,CAAC;IAAC,OAAO,KAAU,EAAE,CAAC;QACpB,OAAO;YACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,KAAK,CAAC,OAAO,EAAE,MAAM,EAAE,CAAC,EAAE,CAAC;YACnF,OAAO,EAAE,IAAI;SACd,CAAC;IACJ,CAAC;AACH,CAAC,CACF,CAAC;AAEF,kFAAkF;AAClF,2DAA2D;AAE3D,MAAM,CAAC,IAAI,CACT,eAAe,EACf;IACE,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,qCAAqC,CAAC;IAC1E,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,kDAAkD,CAAC;IAC3F,cAAc,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,yCAAyC,CAAC;IAC7F,aAAa,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,2BAA2B,CAAC;CAChF,EACD,KAAK,EAAE,EAAE,GAAG,EAAE,OAAO,EAAE,cAAc,EAAE,aAAa,EAAE,EAAE,EAAE;IACxD,IAAI,CAAC,GAAG,IAAI,CAAC,OAAO,EAAE,CAAC;QACrB,OAAO;YACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,+BAA+B,EAAE,CAAC,EAAE,CAAC;YAC7F,OAAO,EAAE,IAAI;SACd,CAAC;IACJ,CAAC;IAED,IAAI,CAAC;QACH,IAAI,MAAW,CAAC;QAEhB,IAAI,GAAG,EAAE,CAAC;YACR,MAAM,GAAG,MAAM,qBAAqB,CAAC,GAAG,EAAE;gBACxC,aAAa,EAAE,cAAc;gBAC7B,YAAY,EAAE,aAAa;gBAC3B,qBAAqB,EAAE,IAAI;aAC5B,CAAC,CAAC;QACL,CAAC;aAAM,CAAC;YACN,MAAM,GAAG,cAAc,CAAC,OAAQ,EAAE;gBAChC,aAAa,EAAE,cAAc;gBAC7B,YAAY,EAAE,aAAa;aAC5B,CAAC,CAAC;QACL,CAAC;QAED,MAAM,MAAM,GAAQ;YAClB,SAAS,EAAE,MAAM,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,EAAO,EAAE,EAAE,CAAC,CAAC;gBAC5C,IAAI,EAAE,EAAE,CAAC,IAAI;gBACb,MAAM,EAAE,EAAE,CAAC,MAAM,IAAI,KAAK;gBAC1B,MAAM,EAAE,EAAE,CAAC,MAAM,IAAI,KAAK;gBAC1B,UAAU,EAAE,EAAE,CAAC,UAAU;gBACzB,WAAW,EAAE,EAAE,CAAC,WAAW;gBAC3B,OAAO,EAAE,EAAE,CAAC,OAAO;aACpB,CAAC,CAAC;YACH,KAAK,EAAE;gBACL,KAAK,EAAE,MAAM,CAAC,SAAS,CAAC,MAAM;gBAC9B,UAAU,EAAE,MAAM,CAAC,KAAK,EAAE,UAAU,IAAI,CAAC;gBACzC,QAAQ,EAAE,MAAM,CAAC,KAAK,EAAE,QAAQ,IAAI,CAAC;gBACrC,cAAc,EAAE,MAAM,CAAC,KAAK,EAAE,cAAc,IAAI,CAAC;gBACjD,mBAAmB,EAAE,qBAAqB,EAAE;aAC7C;SACF,CAAC;QAEF,IAAI,MAAM,CAAC,qBAAqB,EAAE,KAAK,EAAE,CAAC;YACxC,MAAM,CAAC,UAAU,GAAG,MAAM,CAAC,qBAAqB,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAS,EAAE,EAAE,CAAC,CAAC;gBACzE,IAAI,EAAE,IAAI,CAAC,IAAI;gBACf,MAAM,EAAE,IAAI,CAAC,MAAM;gBACnB,UAAU,EAAE,IAAI,CAAC,UAAU;gBAC3B,WAAW,EAAE,IAAI,CAAC,WAAW;gBAC7B,UAAU,EAAE,IAAI,CAAC,UAAU;gBAC3B,OAAO,EAAE,IAAI,CAAC,OAAO;gBACrB,IAAI,EAAE,IAAI,CAAC,IAAI;gBACf,UAAU,EAAE,IAAI,CAAC,UAAU;aAC5B,CAAC,CAAC,CAAC;QACN,CAAC;QAED,IAAI,MAAM,CAAC,gBAAgB,EAAE,MAAM,EAAE,CAAC;YACpC,MAAM,CAAC,gBAAgB,GAAG,MAAM,CAAC,gBAAgB,CAAC;QACpD,CAAC;QAED,OAAO;YACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC;SACnE,CAAC;IACJ,CAAC;IAAC,OAAO,KAAU,EAAE,CAAC;QACpB,OAAO;YACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,KAAK,CAAC,OAAO,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC;YAChF,OAAO,EAAE,IAAI;SACd,CAAC;IACJ,CAAC;AACH,CAAC,CACF,CAAC;AAEF,kFAAkF;AAClF,4EAA4E;AAE5E,MAAM,CAAC,IAAI,CACT,gBAAgB,EAChB;IACE,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,mCAAmC,CAAC;IAChE,OAAO,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,yFAAyF,CAAC;IAC3I,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,0BAA0B,CAAC;CAC9E,EACD,KAAK,EAAE,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,EAAE,EAAE;IACrC,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,WAAW,MAAM,EAAE,CAAC;QACzE,MAAM,MAAM,GAAG,MAAM,iBAAiB,CAAC;YACrC,OAAO;YACP,OAAO,EAAE,OAAc;YACvB,OAAO;YACP,WAAW,EAAE,EAAE;SAChB,CAAC,CAAC;QAEH,MAAM,MAAM,GAAG;YACb,MAAM;YACN,cAAc,EAAE,MAAM,CAAC,SAAS,CAAC,MAAM;YACvC,SAAS,EAAE,MAAM,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,EAAO,EAAE,EAAE,CAAC,CAAC;gBAC5C,IAAI,EAAE,EAAE,CAAC,IAAI;gBACb,MAAM,EAAE,EAAE,CAAC,MAAM,IAAI,KAAK;gBAC1B,MAAM,EAAE,EAAE,CAAC,MAAM;gBACjB,UAAU,EAAE,EAAE,CAAC,UAAU;gBACzB,MAAM,EAAE,EAAE,CAAC,MAAM;aAClB,CAAC,CAAC;YACH,oBAAoB,EAAE,MAAM,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE;YAClE,aAAa,EAAE,MAAM,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,CAAC;gBAC9C,MAAM,EAAE,CAAC,CAAC,MAAM;gBAChB,KAAK,EAAE,CAAC,CAAC,KAAK;gBACd,QAAQ,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,GAAG,IAAI,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS;gBACvE,KAAK,EAAE,CAAC,CAAC,KAAK;aACf,CAAC,CAAC,IAAI,EAAE;YACT,QAAQ,EAAE,GAAG,CAAC,MAAM,CAAC,aAAa,GAAG,IAAI,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG;SACzD,CAAC;QAEF,OAAO;YACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC;SACnE,CAAC;IACJ,CAAC;IAAC,OAAO,KAAU,EAAE,CAAC;QACpB,OAAO;YACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,KAAK,CAAC,OAAO,EAAE,MAAM,EAAE,CAAC,EAAE,CAAC;YACnF,OAAO,EAAE,IAAI;SACd,CAAC;IACJ,CAAC;AACH,CAAC,CACF,CAAC;AAEF,kFAAkF;AAClF,4DAA4D;AAE5D,MAAM,CAAC,IAAI,CACT,mBAAmB,EACnB;IACE,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,oDAAoD,CAAC;CAC/E,EACD,KAAK,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE;IAChB,IAAI,CAAC;QACH,6BAA6B;QAC7B,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;YAChC,OAAO,EAAE;gBACP,YAAY,EAAE,oEAAoE;gBAClF,MAAM,EAAE,KAAK;aACd;YACD,MAAM,EAAE,WAAW,CAAC,OAAO,CAAC,KAAK,CAAC;SACnC,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CAAC,QAAQ,QAAQ,CAAC,MAAM,aAAa,GAAG,EAAE,CAAC,CAAC;QAC7D,CAAC;QAED,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QACtC,MAAM,MAAM,GAAG,MAAM,sBAAsB,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAE1D,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,OAAO;gBACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;4BAC7C,GAAG;4BACH,cAAc,EAAE,KAAK;4BACrB,OAAO,EAAE,kCAAkC;yBAC5C,CAAC,EAAE,CAAC;aACN,CAAC;QACJ,CAAC;QAED,MAAM,MAAM,GAAG;YACb,GAAG;YACH,cAAc,EAAE,IAAI;YACpB,YAAY,EAAE,MAAM,CAAC,YAAY;YACjC,WAAW,EAAE,MAAM,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,CAAC;gBAC5C,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,IAAI,EAAE,CAAC,CAAC,OAAO,EAAE,MAAM,IAAI,CAAC;gBAC5B,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;aAClC,CAAC,CAAC,IAAI,EAAE;YACT,UAAU,EAAE,MAAM,CAAC,OAAO,EAAE,MAAM,IAAI,CAAC;SACxC,CAAC;QAEF,OAAO;YACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC;SACnE,CAAC;IACJ,CAAC;IAAC,OAAO,KAAU,EAAE,CAAC;QACpB,OAAO;YACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,KAAK,CAAC,OAAO,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC;YAChF,OAAO,EAAE,IAAI;SACd,CAAC;IACJ,CAAC;AACH,CAAC,CACF,CAAC;AAEF,kFAAkF;AAClF,2CAA2C;AAE3C,MAAM,CAAC,IAAI,CACT,mBAAmB,EACnB;IACE,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,CAAC,gCAAgC,CAAC;IACpE,cAAc,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,yBAAyB,CAAC;IAC7E,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,wBAAwB,CAAC;CAC5F,EACD,KAAK,EAAE,EAAE,IAAI,EAAE,cAAc,EAAE,WAAW,EAAE,EAAE,EAAE;IAC9C,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,sBAAsB,CACzC,IAAI,EACJ;YACE,aAAa,EAAE,cAAc;YAC7B,qBAAqB,EAAE,IAAI;SAC5B,EACD,SAAS,EACT,WAAW,CACZ,CAAC;QAEF,MAAM,MAAM,GAAQ;YAClB,cAAc,EAAE,IAAI,CAAC,MAAM;YAC3B,cAAc,EAAE,MAAM,CAAC,SAAS,CAAC,MAAM;YACvC,SAAS,EAAE,MAAM,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,EAAO,EAAE,EAAE,CAAC,CAAC;gBAC5C,IAAI,EAAE,EAAE,CAAC,IAAI;gBACb,MAAM,EAAE,EAAE,CAAC,MAAM,IAAI,KAAK;gBAC1B,MAAM,EAAE,EAAE,CAAC,MAAM,IAAI,KAAK;gBAC1B,UAAU,EAAE,EAAE,CAAC,UAAU;aAC1B,CAAC,CAAC;YACH,KAAK,EAAE;gBACL,UAAU,EAAE,MAAM,CAAC,KAAK,EAAE,UAAU,IAAI,CAAC;gBACzC,QAAQ,EAAE,MAAM,CAAC,KAAK,EAAE,QAAQ,IAAI,CAAC;gBACrC,cAAc,EAAE,MAAM,CAAC,KAAK,EAAE,cAAc,IAAI,CAAC;gBACjD,QAAQ,EAAE,MAAM,CAAC,KAAK,EAAE,QAAQ,IAAI,EAAE;aACvC;SACF,CAAC;QAEF,IAAI,MAAM,CAAC,qBAAqB,EAAE,KAAK,EAAE,CAAC;YACxC,MAAM,CAAC,UAAU,GAAG,MAAM,CAAC,qBAAqB,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAS,EAAE,EAAE,CAAC,CAAC;gBACzE,IAAI,EAAE,IAAI,CAAC,IAAI;gBACf,MAAM,EAAE,IAAI,CAAC,MAAM;gBACnB,UAAU,EAAE,IAAI,CAAC,UAAU;gBAC3B,WAAW,EAAE,IAAI,CAAC,WAAW;gBAC7B,UAAU,EAAE,IAAI,CAAC,UAAU;gBAC3B,OAAO,EAAE,IAAI,CAAC,OAAO;gBACrB,IAAI,EAAE,IAAI,CAAC,IAAI;aAChB,CAAC,CAAC,CAAC;QACN,CAAC;QAED,OAAO;YACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC;SACnE,CAAC;IACJ,CAAC;IAAC,OAAO,KAAU,EAAE,CAAC;QACpB,OAAO;YACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,KAAK,CAAC,OAAO,EAAE,CAAC,EAAE,CAAC;YAC3E,OAAO,EAAE,IAAI;SACd,CAAC;IACJ,CAAC;AACH,CAAC,CACF,CAAC;AAEF,kFAAkF;AAElF,KAAK,UAAU,IAAI;IACjB,MAAM,SAAS,GAAG,IAAI,oBAAoB,EAAE,CAAC;IAC7C,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;AAClC,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;IACrB,OAAO,CAAC,KAAK,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;IAC/B,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}

package/package.json ADDED Viewed

@@ -0,0 +1,57 @@
+{
+  "name": "anastasis-mcp-server",
+  "version": "1.0.0",
+  "type": "module",
+  "description": "MCP server for JavaScript endpoint discovery and attack surface mapping. Discovers JS files from 23+ passive sources, extracts API endpoints via AST parsing, reconstructs sourcemaps, probes API documentation. Powered by the Anastasis engine.",
+  "main": "dist/index.js",
+  "bin": {
+    "anastasis-mcp-server": "./dist/index.js"
+  },
+  "files": [
+    "dist",
+    "README.md",
+    "LICENSE"
+  ],
+  "scripts": {
+    "build": "tsc",
+    "start": "node dist/index.js",
+    "dev": "tsx src/index.ts",
+    "prepublishOnly": "npm run build"
+  },
+  "keywords": [
+    "mcp",
+    "modelcontextprotocol",
+    "security",
+    "bug-bounty",
+    "endpoint-discovery",
+    "javascript",
+    "recon",
+    "anastasis",
+    "attack-surface",
+    "api-discovery",
+    "sourcemap",
+    "pentesting"
+  ],
+  "author": "0xazanul",
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/0xazanul/anastasis-mcp-server.git"
+  },
+  "bugs": {
+    "url": "https://github.com/0xazanul/anastasis-mcp-server/issues"
+  },
+  "homepage": "https://github.com/0xazanul/anastasis-mcp-server#readme",
+  "engines": {
+    "node": ">=18 <24"
+  },
+  "dependencies": {
+    "@modelcontextprotocol/sdk": "^1.29.0",
+    "anastasis": "^1.2.0",
+    "zod": "^3.24.0"
+  },
+  "devDependencies": {
+    "@types/node": "^22.0.0",
+    "typescript": "^5.7.0"
+  }
+}