npm - defense-mcp-server - Versions diffs - 0.6.0 - Mend

defense-mcp-server 0.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (186) hide show

package/CHANGELOG.md +471 -0
package/LICENSE +21 -0
package/README.md +242 -0
package/build/core/auto-installer.d.ts +102 -0
package/build/core/auto-installer.d.ts.map +1 -0
package/build/core/auto-installer.js +833 -0
package/build/core/backup-manager.d.ts +63 -0
package/build/core/backup-manager.d.ts.map +1 -0
package/build/core/backup-manager.js +189 -0
package/build/core/changelog.d.ts +75 -0
package/build/core/changelog.d.ts.map +1 -0
package/build/core/changelog.js +123 -0
package/build/core/command-allowlist.d.ts +129 -0
package/build/core/command-allowlist.d.ts.map +1 -0
package/build/core/command-allowlist.js +849 -0
package/build/core/config.d.ts +79 -0
package/build/core/config.d.ts.map +1 -0
package/build/core/config.js +193 -0
package/build/core/dependency-validator.d.ts +106 -0
package/build/core/dependency-validator.d.ts.map +1 -0
package/build/core/dependency-validator.js +405 -0
package/build/core/distro-adapter.d.ts +177 -0
package/build/core/distro-adapter.d.ts.map +1 -0
package/build/core/distro-adapter.js +481 -0
package/build/core/distro.d.ts +68 -0
package/build/core/distro.d.ts.map +1 -0
package/build/core/distro.js +457 -0
package/build/core/encrypted-state.d.ts +76 -0
package/build/core/encrypted-state.d.ts.map +1 -0
package/build/core/encrypted-state.js +209 -0
package/build/core/executor.d.ts +56 -0
package/build/core/executor.d.ts.map +1 -0
package/build/core/executor.js +350 -0
package/build/core/installer.d.ts +92 -0
package/build/core/installer.d.ts.map +1 -0
package/build/core/installer.js +1072 -0
package/build/core/logger.d.ts +102 -0
package/build/core/logger.d.ts.map +1 -0
package/build/core/logger.js +132 -0
package/build/core/parsers.d.ts +151 -0
package/build/core/parsers.d.ts.map +1 -0
package/build/core/parsers.js +479 -0
package/build/core/policy-engine.d.ts +170 -0
package/build/core/policy-engine.d.ts.map +1 -0
package/build/core/policy-engine.js +656 -0
package/build/core/preflight.d.ts +157 -0
package/build/core/preflight.d.ts.map +1 -0
package/build/core/preflight.js +638 -0
package/build/core/privilege-manager.d.ts +108 -0
package/build/core/privilege-manager.d.ts.map +1 -0
package/build/core/privilege-manager.js +363 -0
package/build/core/rate-limiter.d.ts +67 -0
package/build/core/rate-limiter.d.ts.map +1 -0
package/build/core/rate-limiter.js +129 -0
package/build/core/rollback.d.ts +73 -0
package/build/core/rollback.d.ts.map +1 -0
package/build/core/rollback.js +278 -0
package/build/core/safeguards.d.ts +58 -0
package/build/core/safeguards.d.ts.map +1 -0
package/build/core/safeguards.js +448 -0
package/build/core/sanitizer.d.ts +118 -0
package/build/core/sanitizer.d.ts.map +1 -0
package/build/core/sanitizer.js +459 -0
package/build/core/secure-fs.d.ts +67 -0
package/build/core/secure-fs.d.ts.map +1 -0
package/build/core/secure-fs.js +143 -0
package/build/core/spawn-safe.d.ts +55 -0
package/build/core/spawn-safe.d.ts.map +1 -0
package/build/core/spawn-safe.js +146 -0
package/build/core/sudo-guard.d.ts +145 -0
package/build/core/sudo-guard.d.ts.map +1 -0
package/build/core/sudo-guard.js +349 -0
package/build/core/sudo-session.d.ts +100 -0
package/build/core/sudo-session.d.ts.map +1 -0
package/build/core/sudo-session.js +319 -0
package/build/core/tool-dependencies.d.ts +61 -0
package/build/core/tool-dependencies.d.ts.map +1 -0
package/build/core/tool-dependencies.js +571 -0
package/build/core/tool-registry.d.ts +111 -0
package/build/core/tool-registry.d.ts.map +1 -0
package/build/core/tool-registry.js +656 -0
package/build/core/tool-wrapper.d.ts +73 -0
package/build/core/tool-wrapper.d.ts.map +1 -0
package/build/core/tool-wrapper.js +296 -0
package/build/index.d.ts +3 -0
package/build/index.d.ts.map +1 -0
package/build/index.js +247 -0
package/build/tools/access-control.d.ts +9 -0
package/build/tools/access-control.d.ts.map +1 -0
package/build/tools/access-control.js +1818 -0
package/build/tools/api-security.d.ts +12 -0
package/build/tools/api-security.d.ts.map +1 -0
package/build/tools/api-security.js +901 -0
package/build/tools/app-hardening.d.ts +11 -0
package/build/tools/app-hardening.d.ts.map +1 -0
package/build/tools/app-hardening.js +768 -0
package/build/tools/backup.d.ts +8 -0
package/build/tools/backup.d.ts.map +1 -0
package/build/tools/backup.js +381 -0
package/build/tools/cloud-security.d.ts +17 -0
package/build/tools/cloud-security.d.ts.map +1 -0
package/build/tools/cloud-security.js +739 -0
package/build/tools/compliance.d.ts +10 -0
package/build/tools/compliance.d.ts.map +1 -0
package/build/tools/compliance.js +1225 -0
package/build/tools/container-security.d.ts +14 -0
package/build/tools/container-security.d.ts.map +1 -0
package/build/tools/container-security.js +788 -0
package/build/tools/deception.d.ts +13 -0
package/build/tools/deception.d.ts.map +1 -0
package/build/tools/deception.js +763 -0
package/build/tools/dns-security.d.ts +93 -0
package/build/tools/dns-security.d.ts.map +1 -0
package/build/tools/dns-security.js +745 -0
package/build/tools/drift-detection.d.ts +8 -0
package/build/tools/drift-detection.d.ts.map +1 -0
package/build/tools/drift-detection.js +326 -0
package/build/tools/ebpf-security.d.ts +15 -0
package/build/tools/ebpf-security.d.ts.map +1 -0
package/build/tools/ebpf-security.js +294 -0
package/build/tools/encryption.d.ts +9 -0
package/build/tools/encryption.d.ts.map +1 -0
package/build/tools/encryption.js +1667 -0
package/build/tools/firewall.d.ts +9 -0
package/build/tools/firewall.d.ts.map +1 -0
package/build/tools/firewall.js +1398 -0
package/build/tools/hardening.d.ts +10 -0
package/build/tools/hardening.d.ts.map +1 -0
package/build/tools/hardening.js +2654 -0
package/build/tools/ids.d.ts +9 -0
package/build/tools/ids.d.ts.map +1 -0
package/build/tools/ids.js +624 -0
package/build/tools/incident-response.d.ts +10 -0
package/build/tools/incident-response.d.ts.map +1 -0
package/build/tools/incident-response.js +1180 -0
package/build/tools/logging.d.ts +12 -0
package/build/tools/logging.d.ts.map +1 -0
package/build/tools/logging.js +454 -0
package/build/tools/malware.d.ts +10 -0
package/build/tools/malware.d.ts.map +1 -0
package/build/tools/malware.js +532 -0
package/build/tools/meta.d.ts +11 -0
package/build/tools/meta.d.ts.map +1 -0
package/build/tools/meta.js +2278 -0
package/build/tools/network-defense.d.ts +12 -0
package/build/tools/network-defense.d.ts.map +1 -0
package/build/tools/network-defense.js +760 -0
package/build/tools/patch-management.d.ts +3 -0
package/build/tools/patch-management.d.ts.map +1 -0
package/build/tools/patch-management.js +708 -0
package/build/tools/process-security.d.ts +12 -0
package/build/tools/process-security.d.ts.map +1 -0
package/build/tools/process-security.js +784 -0
package/build/tools/reporting.d.ts +11 -0
package/build/tools/reporting.d.ts.map +1 -0
package/build/tools/reporting.js +559 -0
package/build/tools/secrets.d.ts +9 -0
package/build/tools/secrets.d.ts.map +1 -0
package/build/tools/secrets.js +596 -0
package/build/tools/siem-integration.d.ts +18 -0
package/build/tools/siem-integration.d.ts.map +1 -0
package/build/tools/siem-integration.js +754 -0
package/build/tools/sudo-management.d.ts +18 -0
package/build/tools/sudo-management.d.ts.map +1 -0
package/build/tools/sudo-management.js +737 -0
package/build/tools/supply-chain-security.d.ts +8 -0
package/build/tools/supply-chain-security.d.ts.map +1 -0
package/build/tools/supply-chain-security.js +256 -0
package/build/tools/threat-intel.d.ts +22 -0
package/build/tools/threat-intel.d.ts.map +1 -0
package/build/tools/threat-intel.js +749 -0
package/build/tools/vulnerability-management.d.ts +11 -0
package/build/tools/vulnerability-management.d.ts.map +1 -0
package/build/tools/vulnerability-management.js +667 -0
package/build/tools/waf.d.ts +12 -0
package/build/tools/waf.d.ts.map +1 -0
package/build/tools/waf.js +843 -0
package/build/tools/wireless-security.d.ts +19 -0
package/build/tools/wireless-security.d.ts.map +1 -0
package/build/tools/wireless-security.js +826 -0
package/build/tools/zero-trust-network.d.ts +8 -0
package/build/tools/zero-trust-network.d.ts.map +1 -0
package/build/tools/zero-trust-network.js +367 -0
package/docs/SAFEGUARDS.md +518 -0
package/docs/TOOLS-REFERENCE.md +665 -0
package/package.json +87 -0

package/build/tools/dns-security.d.ts ADDED Viewed

@@ -0,0 +1,93 @@
+/**
+ * DNS security tools for Kali Defense MCP Server.
+ *
+ * Registers 1 tool: dns_security (actions: audit_resolv, check_dnssec,
+ * detect_tunneling, block_domains, query_log_audit)
+ *
+ * Provides DNS configuration auditing, DNSSEC validation checking,
+ * DNS tunneling detection, domain blocking, and query log analysis.
+ */
+import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
+/**
+ * Calculate Shannon entropy of a string.
+ * Pure function — no external dependencies.
+ *
+ * Higher entropy values indicate more randomness, which is characteristic
+ * of DNS tunneling and DGA (Domain Generation Algorithm) domains.
+ *
+ * @param str - Input string to calculate entropy for
+ * @returns Entropy value in bits per character
+ */
+export declare function calculateShannonEntropy(str: string): number;
+interface DnssecResult {
+    domain: string;
+    dnssecEnabled: boolean;
+    hasRRSIG: boolean;
+    hasDNSKEY: boolean;
+    hasDS: boolean;
+    adFlag: boolean;
+    chainValid: boolean;
+    records: string[];
+    issues: string[];
+}
+/**
+ * Parse dig +dnssec output and determine DNSSEC status.
+ */
+export declare function parseDnssecOutput(domain: string, digOutput: string): DnssecResult;
+interface SuspiciousQuery {
+    domain: string;
+    entropy: number;
+    labelLength: number;
+    reason: string;
+}
+/**
+ * Analyze captured DNS queries for tunneling indicators.
+ */
+export declare function analyzeDnsQueries(capturedOutput: string, entropyThreshold: number): {
+    suspicious: SuspiciousQuery[];
+    totalQueries: number;
+    txtQueries: number;
+    nullQueries: number;
+    domainCounts: Record<string, number>;
+};
+interface ResolvAuditResult {
+    nameservers: Array<{
+        ip: string;
+        type: "public" | "internal" | "loopback";
+        provider?: string;
+    }>;
+    searchDomains: string[];
+    options: string[];
+    findings: Array<{
+        check: string;
+        status: "PASS" | "FAIL" | "INFO" | "WARN";
+        detail: string;
+    }>;
+    recommendations: string[];
+}
+/**
+ * Audit resolv.conf content.
+ */
+export declare function auditResolvConf(resolvContent: string, resolvedStatus: string): ResolvAuditResult;
+interface QueryLogAnalysis {
+    totalEntries: number;
+    topDomains: Array<{
+        domain: string;
+        count: number;
+    }>;
+    suspiciousTldQueries: Array<{
+        domain: string;
+        tld: string;
+    }>;
+    nxdomainCount: number;
+    nxdomainRate: number;
+    queryTimeline: Record<string, number>;
+    findings: string[];
+}
+/**
+ * Analyze DNS query log content.
+ */
+export declare function analyzeQueryLog(logContent: string): QueryLogAnalysis;
+export declare function registerDnsSecurityTools(server: McpServer): void;
+export {};
+//# sourceMappingURL=dns-security.d.ts.map

package/build/tools/dns-security.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"dns-security.d.ts","sourceRoot":"","sources":["../../src/tools/dns-security.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AAoHpE;;;;;;;;;GASG;AACH,wBAAgB,uBAAuB,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAkB3D;AAID,UAAU,YAAY;IACpB,MAAM,EAAE,MAAM,CAAC;IACf,aAAa,EAAE,OAAO,CAAC;IACvB,QAAQ,EAAE,OAAO,CAAC;IAClB,SAAS,EAAE,OAAO,CAAC;IACnB,KAAK,EAAE,OAAO,CAAC;IACf,MAAM,EAAE,OAAO,CAAC;IAChB,UAAU,EAAE,OAAO,CAAC;IACpB,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,MAAM,EAAE,MAAM,EAAE,CAAC;CAClB;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,YAAY,CA4DjF;AAID,UAAU,eAAe;IACvB,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,MAAM,CAAC;CAChB;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAC/B,cAAc,EAAE,MAAM,EACtB,gBAAgB,EAAE,MAAM,GACvB;IAAE,UAAU,EAAE,eAAe,EAAE,CAAC;IAAC,YAAY,EAAE,MAAM,CAAC;IAAC,UAAU,EAAE,MAAM,CAAC;IAAC,WAAW,EAAE,MAAM,CAAC;IAAC,YAAY,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;CAAE,CA4DxI;AAID,UAAU,iBAAiB;IACzB,WAAW,EAAE,KAAK,CAAC;QAAE,EAAE,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,QAAQ,GAAG,UAAU,GAAG,UAAU,CAAC;QAAC,QAAQ,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAChG,aAAa,EAAE,MAAM,EAAE,CAAC;IACxB,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,QAAQ,EAAE,KAAK,CAAC;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,GAAG,MAAM,GAAG,MAAM,GAAG,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAC9F,eAAe,EAAE,MAAM,EAAE,CAAC;CAC3B;AAED;;GAEG;AACH,wBAAgB,eAAe,CAAC,aAAa,EAAE,MAAM,EAAE,cAAc,EAAE,MAAM,GAAG,iBAAiB,CAyEhG;AAID,UAAU,gBAAgB;IACxB,YAAY,EAAE,MAAM,CAAC;IACrB,UAAU,EAAE,KAAK,CAAC;QAAE,MAAM,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IACrD,oBAAoB,EAAE,KAAK,CAAC;QAAE,MAAM,EAAE,MAAM,CAAC;QAAC,GAAG,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAC7D,aAAa,EAAE,MAAM,CAAC;IACtB,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACtC,QAAQ,EAAE,MAAM,EAAE,CAAC;CACpB;AAED;;GAEG;AACH,wBAAgB,eAAe,CAAC,UAAU,EAAE,MAAM,GAAG,gBAAgB,CAyFpE;AAID,wBAAgB,wBAAwB,CAAC,MAAM,EAAE,SAAS,GAAG,IAAI,CAwZhE"}