defense-mcp-server 0.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (186) hide show
  1. package/CHANGELOG.md +471 -0
  2. package/LICENSE +21 -0
  3. package/README.md +242 -0
  4. package/build/core/auto-installer.d.ts +102 -0
  5. package/build/core/auto-installer.d.ts.map +1 -0
  6. package/build/core/auto-installer.js +833 -0
  7. package/build/core/backup-manager.d.ts +63 -0
  8. package/build/core/backup-manager.d.ts.map +1 -0
  9. package/build/core/backup-manager.js +189 -0
  10. package/build/core/changelog.d.ts +75 -0
  11. package/build/core/changelog.d.ts.map +1 -0
  12. package/build/core/changelog.js +123 -0
  13. package/build/core/command-allowlist.d.ts +129 -0
  14. package/build/core/command-allowlist.d.ts.map +1 -0
  15. package/build/core/command-allowlist.js +849 -0
  16. package/build/core/config.d.ts +79 -0
  17. package/build/core/config.d.ts.map +1 -0
  18. package/build/core/config.js +193 -0
  19. package/build/core/dependency-validator.d.ts +106 -0
  20. package/build/core/dependency-validator.d.ts.map +1 -0
  21. package/build/core/dependency-validator.js +405 -0
  22. package/build/core/distro-adapter.d.ts +177 -0
  23. package/build/core/distro-adapter.d.ts.map +1 -0
  24. package/build/core/distro-adapter.js +481 -0
  25. package/build/core/distro.d.ts +68 -0
  26. package/build/core/distro.d.ts.map +1 -0
  27. package/build/core/distro.js +457 -0
  28. package/build/core/encrypted-state.d.ts +76 -0
  29. package/build/core/encrypted-state.d.ts.map +1 -0
  30. package/build/core/encrypted-state.js +209 -0
  31. package/build/core/executor.d.ts +56 -0
  32. package/build/core/executor.d.ts.map +1 -0
  33. package/build/core/executor.js +350 -0
  34. package/build/core/installer.d.ts +92 -0
  35. package/build/core/installer.d.ts.map +1 -0
  36. package/build/core/installer.js +1072 -0
  37. package/build/core/logger.d.ts +102 -0
  38. package/build/core/logger.d.ts.map +1 -0
  39. package/build/core/logger.js +132 -0
  40. package/build/core/parsers.d.ts +151 -0
  41. package/build/core/parsers.d.ts.map +1 -0
  42. package/build/core/parsers.js +479 -0
  43. package/build/core/policy-engine.d.ts +170 -0
  44. package/build/core/policy-engine.d.ts.map +1 -0
  45. package/build/core/policy-engine.js +656 -0
  46. package/build/core/preflight.d.ts +157 -0
  47. package/build/core/preflight.d.ts.map +1 -0
  48. package/build/core/preflight.js +638 -0
  49. package/build/core/privilege-manager.d.ts +108 -0
  50. package/build/core/privilege-manager.d.ts.map +1 -0
  51. package/build/core/privilege-manager.js +363 -0
  52. package/build/core/rate-limiter.d.ts +67 -0
  53. package/build/core/rate-limiter.d.ts.map +1 -0
  54. package/build/core/rate-limiter.js +129 -0
  55. package/build/core/rollback.d.ts +73 -0
  56. package/build/core/rollback.d.ts.map +1 -0
  57. package/build/core/rollback.js +278 -0
  58. package/build/core/safeguards.d.ts +58 -0
  59. package/build/core/safeguards.d.ts.map +1 -0
  60. package/build/core/safeguards.js +448 -0
  61. package/build/core/sanitizer.d.ts +118 -0
  62. package/build/core/sanitizer.d.ts.map +1 -0
  63. package/build/core/sanitizer.js +459 -0
  64. package/build/core/secure-fs.d.ts +67 -0
  65. package/build/core/secure-fs.d.ts.map +1 -0
  66. package/build/core/secure-fs.js +143 -0
  67. package/build/core/spawn-safe.d.ts +55 -0
  68. package/build/core/spawn-safe.d.ts.map +1 -0
  69. package/build/core/spawn-safe.js +146 -0
  70. package/build/core/sudo-guard.d.ts +145 -0
  71. package/build/core/sudo-guard.d.ts.map +1 -0
  72. package/build/core/sudo-guard.js +349 -0
  73. package/build/core/sudo-session.d.ts +100 -0
  74. package/build/core/sudo-session.d.ts.map +1 -0
  75. package/build/core/sudo-session.js +319 -0
  76. package/build/core/tool-dependencies.d.ts +61 -0
  77. package/build/core/tool-dependencies.d.ts.map +1 -0
  78. package/build/core/tool-dependencies.js +571 -0
  79. package/build/core/tool-registry.d.ts +111 -0
  80. package/build/core/tool-registry.d.ts.map +1 -0
  81. package/build/core/tool-registry.js +656 -0
  82. package/build/core/tool-wrapper.d.ts +73 -0
  83. package/build/core/tool-wrapper.d.ts.map +1 -0
  84. package/build/core/tool-wrapper.js +296 -0
  85. package/build/index.d.ts +3 -0
  86. package/build/index.d.ts.map +1 -0
  87. package/build/index.js +247 -0
  88. package/build/tools/access-control.d.ts +9 -0
  89. package/build/tools/access-control.d.ts.map +1 -0
  90. package/build/tools/access-control.js +1818 -0
  91. package/build/tools/api-security.d.ts +12 -0
  92. package/build/tools/api-security.d.ts.map +1 -0
  93. package/build/tools/api-security.js +901 -0
  94. package/build/tools/app-hardening.d.ts +11 -0
  95. package/build/tools/app-hardening.d.ts.map +1 -0
  96. package/build/tools/app-hardening.js +768 -0
  97. package/build/tools/backup.d.ts +8 -0
  98. package/build/tools/backup.d.ts.map +1 -0
  99. package/build/tools/backup.js +381 -0
  100. package/build/tools/cloud-security.d.ts +17 -0
  101. package/build/tools/cloud-security.d.ts.map +1 -0
  102. package/build/tools/cloud-security.js +739 -0
  103. package/build/tools/compliance.d.ts +10 -0
  104. package/build/tools/compliance.d.ts.map +1 -0
  105. package/build/tools/compliance.js +1225 -0
  106. package/build/tools/container-security.d.ts +14 -0
  107. package/build/tools/container-security.d.ts.map +1 -0
  108. package/build/tools/container-security.js +788 -0
  109. package/build/tools/deception.d.ts +13 -0
  110. package/build/tools/deception.d.ts.map +1 -0
  111. package/build/tools/deception.js +763 -0
  112. package/build/tools/dns-security.d.ts +93 -0
  113. package/build/tools/dns-security.d.ts.map +1 -0
  114. package/build/tools/dns-security.js +745 -0
  115. package/build/tools/drift-detection.d.ts +8 -0
  116. package/build/tools/drift-detection.d.ts.map +1 -0
  117. package/build/tools/drift-detection.js +326 -0
  118. package/build/tools/ebpf-security.d.ts +15 -0
  119. package/build/tools/ebpf-security.d.ts.map +1 -0
  120. package/build/tools/ebpf-security.js +294 -0
  121. package/build/tools/encryption.d.ts +9 -0
  122. package/build/tools/encryption.d.ts.map +1 -0
  123. package/build/tools/encryption.js +1667 -0
  124. package/build/tools/firewall.d.ts +9 -0
  125. package/build/tools/firewall.d.ts.map +1 -0
  126. package/build/tools/firewall.js +1398 -0
  127. package/build/tools/hardening.d.ts +10 -0
  128. package/build/tools/hardening.d.ts.map +1 -0
  129. package/build/tools/hardening.js +2654 -0
  130. package/build/tools/ids.d.ts +9 -0
  131. package/build/tools/ids.d.ts.map +1 -0
  132. package/build/tools/ids.js +624 -0
  133. package/build/tools/incident-response.d.ts +10 -0
  134. package/build/tools/incident-response.d.ts.map +1 -0
  135. package/build/tools/incident-response.js +1180 -0
  136. package/build/tools/logging.d.ts +12 -0
  137. package/build/tools/logging.d.ts.map +1 -0
  138. package/build/tools/logging.js +454 -0
  139. package/build/tools/malware.d.ts +10 -0
  140. package/build/tools/malware.d.ts.map +1 -0
  141. package/build/tools/malware.js +532 -0
  142. package/build/tools/meta.d.ts +11 -0
  143. package/build/tools/meta.d.ts.map +1 -0
  144. package/build/tools/meta.js +2278 -0
  145. package/build/tools/network-defense.d.ts +12 -0
  146. package/build/tools/network-defense.d.ts.map +1 -0
  147. package/build/tools/network-defense.js +760 -0
  148. package/build/tools/patch-management.d.ts +3 -0
  149. package/build/tools/patch-management.d.ts.map +1 -0
  150. package/build/tools/patch-management.js +708 -0
  151. package/build/tools/process-security.d.ts +12 -0
  152. package/build/tools/process-security.d.ts.map +1 -0
  153. package/build/tools/process-security.js +784 -0
  154. package/build/tools/reporting.d.ts +11 -0
  155. package/build/tools/reporting.d.ts.map +1 -0
  156. package/build/tools/reporting.js +559 -0
  157. package/build/tools/secrets.d.ts +9 -0
  158. package/build/tools/secrets.d.ts.map +1 -0
  159. package/build/tools/secrets.js +596 -0
  160. package/build/tools/siem-integration.d.ts +18 -0
  161. package/build/tools/siem-integration.d.ts.map +1 -0
  162. package/build/tools/siem-integration.js +754 -0
  163. package/build/tools/sudo-management.d.ts +18 -0
  164. package/build/tools/sudo-management.d.ts.map +1 -0
  165. package/build/tools/sudo-management.js +737 -0
  166. package/build/tools/supply-chain-security.d.ts +8 -0
  167. package/build/tools/supply-chain-security.d.ts.map +1 -0
  168. package/build/tools/supply-chain-security.js +256 -0
  169. package/build/tools/threat-intel.d.ts +22 -0
  170. package/build/tools/threat-intel.d.ts.map +1 -0
  171. package/build/tools/threat-intel.js +749 -0
  172. package/build/tools/vulnerability-management.d.ts +11 -0
  173. package/build/tools/vulnerability-management.d.ts.map +1 -0
  174. package/build/tools/vulnerability-management.js +667 -0
  175. package/build/tools/waf.d.ts +12 -0
  176. package/build/tools/waf.d.ts.map +1 -0
  177. package/build/tools/waf.js +843 -0
  178. package/build/tools/wireless-security.d.ts +19 -0
  179. package/build/tools/wireless-security.d.ts.map +1 -0
  180. package/build/tools/wireless-security.js +826 -0
  181. package/build/tools/zero-trust-network.d.ts +8 -0
  182. package/build/tools/zero-trust-network.d.ts.map +1 -0
  183. package/build/tools/zero-trust-network.js +367 -0
  184. package/docs/SAFEGUARDS.md +518 -0
  185. package/docs/TOOLS-REFERENCE.md +665 -0
  186. package/package.json +87 -0
@@ -0,0 +1,8 @@
1
+ /**
2
+ * Supply chain security tools.
3
+ *
4
+ * Registers 1 tool: supply_chain (actions: sbom, sign, verify_slsa).
5
+ */
6
+ import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
7
+ export declare function registerSupplyChainSecurityTools(server: McpServer): void;
8
+ //# sourceMappingURL=supply-chain-security.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"supply-chain-security.d.ts","sourceRoot":"","sources":["../../src/tools/supply-chain-security.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AAsEpE,wBAAgB,gCAAgC,CAAC,MAAM,EAAE,SAAS,GAAG,IAAI,CAqOxE"}
@@ -0,0 +1,256 @@
1
+ /**
2
+ * Supply chain security tools.
3
+ *
4
+ * Registers 1 tool: supply_chain (actions: sbom, sign, verify_slsa).
5
+ */
6
+ import { z } from "zod";
7
+ import { executeCommand } from "../core/executor.js";
8
+ import { getToolTimeout } from "../core/config.js";
9
+ import { createErrorContent, formatToolOutput } from "../core/parsers.js";
10
+ import { logChange, createChangeEntry } from "../core/changelog.js";
11
+ import { detectDistro } from "../core/distro.js";
12
+ import { SafeguardRegistry } from "../core/safeguards.js";
13
+ // ── TOOL-025 remediation: supply chain input validation ────────────────────
14
+ /** npm package name validation regex (scoped and unscoped) */
15
+ const NPM_PACKAGE_NAME_RE = /^(@[a-z0-9-~][a-z0-9-._~]*\/)?[a-z0-9-~][a-z0-9-._~]*$/;
16
+ /** Maximum npm package name length */
17
+ const NPM_PACKAGE_NAME_MAX_LENGTH = 214;
18
+ /**
19
+ * Validate a package name against npm naming rules.
20
+ */
21
+ function validatePackageNameNpm(name) {
22
+ if (!name || typeof name !== "string") {
23
+ throw new Error("Package name must be a non-empty string");
24
+ }
25
+ const trimmed = name.trim();
26
+ if (trimmed.length > NPM_PACKAGE_NAME_MAX_LENGTH) {
27
+ throw new Error(`Package name too long (${trimmed.length} chars). Maximum is ${NPM_PACKAGE_NAME_MAX_LENGTH} characters.`);
28
+ }
29
+ if (!NPM_PACKAGE_NAME_RE.test(trimmed)) {
30
+ throw new Error(`Invalid package name: '${trimmed}'. Must match npm naming rules: lowercase, alphanumeric, hyphens, dots, underscores, tildes. Scoped packages must start with @.`);
31
+ }
32
+ return trimmed;
33
+ }
34
+ /**
35
+ * Validate a registry URL.
36
+ * Must be a valid URL and must use HTTPS.
37
+ */
38
+ function validateRegistryUrl(url) {
39
+ if (!url || typeof url !== "string") {
40
+ throw new Error("Registry URL must be a non-empty string");
41
+ }
42
+ const trimmed = url.trim();
43
+ let parsed;
44
+ try {
45
+ parsed = new URL(trimmed);
46
+ }
47
+ catch {
48
+ throw new Error(`Invalid registry URL: '${trimmed}'. Must be a valid URL.`);
49
+ }
50
+ if (parsed.protocol !== "https:") {
51
+ throw new Error(`Registry URL must use HTTPS. Got: '${parsed.protocol}'. Reject insecure HTTP connections.`);
52
+ }
53
+ return trimmed;
54
+ }
55
+ export function registerSupplyChainSecurityTools(server) {
56
+ server.tool("supply_chain", "Supply chain security: generate SBOMs, sign artifacts with cosign, or verify SLSA provenance attestations.", {
57
+ action: z.enum(["sbom", "sign", "verify_slsa"]).describe("Action: sbom=generate SBOM, sign=cosign signing, verify_slsa=verify SLSA attestation"),
58
+ // sbom params
59
+ path: z.string().optional().default(".").describe("Directory to scan (sbom action)"),
60
+ format: z.enum(["cyclonedx-json", "spdx-json", "table"]).optional().default("cyclonedx-json").describe("Output format (sbom action)"),
61
+ // sign params
62
+ artifact: z.string().optional().describe("Image reference or file path to sign/verify (sign/verify_slsa action)"),
63
+ keyPath: z.string().optional().describe("Path to private key, omit for keyless (sign action)"),
64
+ // verify_slsa params
65
+ source: z.string().optional().describe("Expected source repository URI (verify_slsa action)"),
66
+ // shared
67
+ dryRun: z.boolean().optional().default(true).describe("Preview only"),
68
+ }, async (params) => {
69
+ const { action } = params;
70
+ switch (action) {
71
+ // ── sbom ────────────────────────────────────────────────────
72
+ case "sbom": {
73
+ const { path: scanPath, format } = params;
74
+ try {
75
+ // Try syft first
76
+ const syftResult = await executeCommand({
77
+ command: "which",
78
+ args: ["syft"],
79
+ timeout: 5000,
80
+ });
81
+ if (syftResult.exitCode === 0) {
82
+ const result = await executeCommand({
83
+ command: "syft",
84
+ args: [scanPath, "-o", format],
85
+ timeout: getToolTimeout("generate_sbom"),
86
+ });
87
+ if (result.exitCode === 0) {
88
+ return { content: [formatToolOutput({ tool: "syft", format, output: result.stdout.slice(0, 50000) })] };
89
+ }
90
+ }
91
+ // Try cdxgen
92
+ const cdxgenResult = await executeCommand({
93
+ command: "which",
94
+ args: ["cdxgen"],
95
+ timeout: 5000,
96
+ });
97
+ if (cdxgenResult.exitCode === 0) {
98
+ const result = await executeCommand({
99
+ command: "cdxgen",
100
+ args: ["-o", "-", scanPath],
101
+ timeout: getToolTimeout("generate_sbom"),
102
+ });
103
+ if (result.exitCode === 0) {
104
+ return { content: [formatToolOutput({ tool: "cdxgen", output: result.stdout.slice(0, 50000) })] };
105
+ }
106
+ }
107
+ // Fallback: dpkg or rpm
108
+ const distro = await detectDistro();
109
+ let cmd;
110
+ let args;
111
+ if (distro.family === "debian") {
112
+ cmd = "dpkg-query";
113
+ args = ["-W", "-f", "${Package}\t${Version}\t${Architecture}\n"];
114
+ }
115
+ else if (distro.family === "rhel") {
116
+ cmd = "rpm";
117
+ args = ["-qa", "--queryformat", "%{NAME}\t%{VERSION}-%{RELEASE}\t%{ARCH}\n"];
118
+ }
119
+ else {
120
+ return { content: [createErrorContent("No SBOM tool (syft/cdxgen) found and unsupported package manager for fallback")], isError: true };
121
+ }
122
+ const result = await executeCommand({ command: cmd, args, timeout: 30000 });
123
+ if (result.exitCode !== 0) {
124
+ return { content: [createErrorContent(`Package listing failed: ${result.stderr}`)], isError: true };
125
+ }
126
+ const packages = result.stdout.trim().split("\n").map((line) => {
127
+ const [name, version, arch] = line.split("\t");
128
+ return { name, version, arch };
129
+ });
130
+ return {
131
+ content: [formatToolOutput({
132
+ tool: "package-manager-fallback",
133
+ packageManager: distro.packageManager,
134
+ totalPackages: packages.length,
135
+ packages: packages.slice(0, 200),
136
+ truncated: packages.length > 200,
137
+ })],
138
+ };
139
+ }
140
+ catch (err) {
141
+ return { content: [createErrorContent(`SBOM generation failed: ${err instanceof Error ? err.message : String(err)}`)], isError: true };
142
+ }
143
+ }
144
+ // ── sign ────────────────────────────────────────────────────
145
+ case "sign": {
146
+ const { artifact, keyPath, dryRun } = params;
147
+ try {
148
+ if (!artifact) {
149
+ return { content: [createErrorContent("artifact is required for sign action")], isError: true };
150
+ }
151
+ // TOOL-025: Validate key path if provided
152
+ if (keyPath) {
153
+ if (keyPath.includes("..")) {
154
+ return { content: [createErrorContent("Key path contains forbidden traversal sequence (..).")], isError: true };
155
+ }
156
+ }
157
+ const safety = await SafeguardRegistry.getInstance().checkSafety("cosign_signing", { artifact });
158
+ if (!safety.safe) {
159
+ return { content: [formatToolOutput({ blocked: true, ...safety })], isError: true };
160
+ }
161
+ if (dryRun) {
162
+ const cmd = keyPath
163
+ ? `cosign sign --key ${keyPath} ${artifact}`
164
+ : `cosign sign --yes ${artifact}`;
165
+ return { content: [formatToolOutput({ dryRun: true, command: cmd, warnings: safety.warnings })] };
166
+ }
167
+ const args = keyPath
168
+ ? ["sign", "--key", keyPath, artifact]
169
+ : ["sign", "--yes", artifact];
170
+ const result = await executeCommand({
171
+ command: "cosign",
172
+ args,
173
+ timeout: 60000,
174
+ });
175
+ const entry = createChangeEntry({
176
+ tool: "supply_chain",
177
+ action: "sign artifact",
178
+ target: artifact,
179
+ dryRun: false,
180
+ success: result.exitCode === 0,
181
+ error: result.exitCode !== 0 ? result.stderr : undefined,
182
+ });
183
+ logChange(entry);
184
+ return {
185
+ content: [formatToolOutput({
186
+ exitCode: result.exitCode,
187
+ stdout: result.stdout,
188
+ stderr: result.stderr,
189
+ signed: result.exitCode === 0,
190
+ })],
191
+ };
192
+ }
193
+ catch (err) {
194
+ return { content: [createErrorContent(`Cosign signing failed: ${err instanceof Error ? err.message : String(err)}`)], isError: true };
195
+ }
196
+ }
197
+ // ── verify_slsa ─────────────────────────────────────────────
198
+ case "verify_slsa": {
199
+ const { artifact, source } = params;
200
+ try {
201
+ if (!artifact) {
202
+ return { content: [createErrorContent("artifact is required for verify_slsa action")], isError: true };
203
+ }
204
+ // TOOL-025: Validate source URL if provided (must be HTTPS)
205
+ if (source) {
206
+ validateRegistryUrl(source);
207
+ }
208
+ // Check for slsa-verifier
209
+ const which = await executeCommand({ command: "which", args: ["slsa-verifier"], timeout: 5000 });
210
+ if (which.exitCode !== 0) {
211
+ // Try cosign verify-attestation as fallback
212
+ const cosignWhich = await executeCommand({ command: "which", args: ["cosign"], timeout: 5000 });
213
+ if (cosignWhich.exitCode !== 0) {
214
+ return { content: [createErrorContent("Neither slsa-verifier nor cosign found. Install one to verify attestations.")], isError: true };
215
+ }
216
+ const args = ["verify-attestation", "--type", "slsaprovenance", artifact];
217
+ const result = await executeCommand({ command: "cosign", args, timeout: 30000 });
218
+ return {
219
+ content: [formatToolOutput({
220
+ tool: "cosign verify-attestation",
221
+ artifact,
222
+ verified: result.exitCode === 0,
223
+ output: result.stdout.slice(0, 10000),
224
+ errors: result.stderr || undefined,
225
+ })],
226
+ };
227
+ }
228
+ const args = ["verify-artifact", artifact];
229
+ if (source) {
230
+ args.push("--source-uri", source);
231
+ }
232
+ const result = await executeCommand({
233
+ command: "slsa-verifier",
234
+ args,
235
+ timeout: 30000,
236
+ });
237
+ return {
238
+ content: [formatToolOutput({
239
+ tool: "slsa-verifier",
240
+ artifact,
241
+ source: source ?? "not specified",
242
+ verified: result.exitCode === 0,
243
+ output: result.stdout.slice(0, 10000),
244
+ errors: result.stderr || undefined,
245
+ })],
246
+ };
247
+ }
248
+ catch (err) {
249
+ return { content: [createErrorContent(`SLSA verification failed: ${err instanceof Error ? err.message : String(err)}`)], isError: true };
250
+ }
251
+ }
252
+ default:
253
+ return { content: [createErrorContent(`Unknown action: ${action}`)], isError: true };
254
+ }
255
+ });
256
+ }
@@ -0,0 +1,22 @@
1
+ /**
2
+ * Threat intelligence tools for Kali Defense MCP Server.
3
+ *
4
+ * Registers 1 tool: threat_intel (actions: check_ip, check_hash, check_domain,
5
+ * update_feeds, blocklist_apply)
6
+ *
7
+ * Provides IP/hash/domain reputation checking against local threat intelligence
8
+ * feeds, feed management, and blocklist application to iptables/fail2ban/hosts.
9
+ */
10
+ import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
11
+ /**
12
+ * Validate an IPv4 address.
13
+ * Returns true if the address is a valid IPv4 address.
14
+ */
15
+ export declare function isValidIPv4(ip: string): boolean;
16
+ /**
17
+ * Auto-detect hash type based on string length.
18
+ * Returns the hash type or "unknown".
19
+ */
20
+ export declare function detectHashType(hash: string): "MD5" | "SHA1" | "SHA256" | "unknown";
21
+ export declare function registerThreatIntelTools(server: McpServer): void;
22
+ //# sourceMappingURL=threat-intel.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"threat-intel.d.ts","sourceRoot":"","sources":["../../src/tools/threat-intel.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AAoGpE;;;GAGG;AACH,wBAAgB,WAAW,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAQ/C;AAED;;;GAGG;AACH,wBAAgB,cAAc,CAAC,IAAI,EAAE,MAAM,GAAG,KAAK,GAAG,MAAM,GAAG,QAAQ,GAAG,SAAS,CAWlF;AAqGD,wBAAgB,wBAAwB,CAAC,MAAM,EAAE,SAAS,GAAG,IAAI,CAspBhE"}