dns-security-mcp 0.1.0

package/dist/data/dnsbl-lists.js

@@ -0,0 +1,54 @@
+export const DNSBL_LISTS = [
+    // ─── IP-based Blocklists ───
+    { name: "Spamhaus ZEN", domain: "zen.spamhaus.org", type: "ip", category: "spam" },
+    { name: "Spamhaus SBL", domain: "sbl.spamhaus.org", type: "ip", category: "spam" },
+    { name: "Spamhaus XBL", domain: "xbl.spamhaus.org", type: "ip", category: "exploit" },
+    { name: "Spamhaus PBL", domain: "pbl.spamhaus.org", type: "ip", category: "policy" },
+    { name: "Spamhaus CSS", domain: "sbl-xbl.spamhaus.org", type: "ip", category: "spam" },
+    { name: "Barracuda RBL", domain: "b.barracudacentral.org", type: "ip", category: "spam" },
+    { name: "SpamCop", domain: "bl.spamcop.net", type: "ip", category: "spam" },
+    { name: "CBL", domain: "cbl.abuseat.org", type: "ip", category: "exploit" },
+    { name: "SORBS Spam", domain: "spam.dnsbl.sorbs.net", type: "ip", category: "spam" },
+    { name: "SORBS Recent", domain: "recent.spam.dnsbl.sorbs.net", type: "ip", category: "spam" },
+    { name: "SORBS Web", domain: "web.dnsbl.sorbs.net", type: "ip", category: "exploit" },
+    { name: "SORBS DUHL", domain: "duhl.dnsbl.sorbs.net", type: "ip", category: "dynamic" },
+    { name: "SORBS Zombie", domain: "zombie.dnsbl.sorbs.net", type: "ip", category: "botnet" },
+    { name: "SORBS HTTP", domain: "http.dnsbl.sorbs.net", type: "ip", category: "proxy" },
+    { name: "SORBS SOCKS", domain: "socks.dnsbl.sorbs.net", type: "ip", category: "proxy" },
+    { name: "SORBS Misc", domain: "misc.dnsbl.sorbs.net", type: "ip", category: "misc" },
+    { name: "NJABL", domain: "combined.njabl.org", type: "ip", category: "spam" },
+    { name: "UCEPROTECT-1", domain: "dnsbl-1.uceprotect.net", type: "ip", category: "spam" },
+    { name: "UCEPROTECT-2", domain: "dnsbl-2.uceprotect.net", type: "ip", category: "spam" },
+    { name: "UCEPROTECT-3", domain: "dnsbl-3.uceprotect.net", type: "ip", category: "spam" },
+    { name: "PSBL", domain: "psbl.surriel.com", type: "ip", category: "spam" },
+    { name: "WPBL", domain: "db.wpbl.info", type: "ip", category: "spam" },
+    { name: "Truncate", domain: "truncate.gbudb.net", type: "ip", category: "spam" },
+    { name: "DroneBL", domain: "dnsbl.dronebl.org", type: "ip", category: "botnet" },
+    { name: "EFnet RBL", domain: "rbl.efnetrbl.org", type: "ip", category: "abuse" },
+    { name: "Abuse.ch SSLBL", domain: "sslbl.abuse.ch", type: "ip", category: "malware" },
+    { name: "JustSpam", domain: "dnsbl.justspam.org", type: "ip", category: "spam" },
+    { name: "BlockList.de", domain: "all.bl.blocklist.de", type: "ip", category: "abuse" },
+    { name: "Mailspike BL", domain: "bl.mailspike.net", type: "ip", category: "spam" },
+    { name: "NiX Spam", domain: "ix.dnsbl.manitu.net", type: "ip", category: "spam" },
+    { name: "UCEProtect Level 1", domain: "dnsbl-1.uceprotect.net", type: "ip", category: "spam" },
+    { name: "DNSBL.info", domain: "dnsbl.info", type: "ip", category: "spam" },
+    { name: "Invaluement ivmSIP", domain: "sip.invaluement.com", type: "ip", category: "spam" },
+    { name: "S5H.net", domain: "all.s5h.net", type: "ip", category: "spam" },
+    { name: "Backscatterer", domain: "ips.backscatterer.org", type: "ip", category: "backscatter" },
+    // ─── Domain-based Blocklists ───
+    { name: "Spamhaus DBL", domain: "dbl.spamhaus.org", type: "domain", category: "spam" },
+    { name: "SURBL Multi", domain: "multi.surbl.org", type: "domain", category: "spam" },
+    { name: "URIBL", domain: "multi.uribl.com", type: "domain", category: "spam" },
+    { name: "Spamhaus ZRD", domain: "zrd.spamhaus.org", type: "domain", category: "newly-registered" },
+    { name: "SURBL Phishing", domain: "phishing.surbl.org", type: "domain", category: "phishing" },
+    { name: "SURBL Malware", domain: "malware.surbl.org", type: "domain", category: "malware" },
+    { name: "SURBL Cracked", domain: "cr.surbl.org", type: "domain", category: "compromised" },
+    { name: "SURBL Abuse", domain: "abuse.surbl.org", type: "domain", category: "abuse" },
+    { name: "SEM Fresh", domain: "fresh.spameatingmonkey.net", type: "domain", category: "newly-registered" },
+    { name: "SEM URI", domain: "uribl.spameatingmonkey.net", type: "domain", category: "spam" },
+    { name: "SEM URIRED", domain: "urired.spameatingmonkey.net", type: "domain", category: "spam" },
+    { name: "ivmURI", domain: "sip24.invaluement.com", type: "domain", category: "spam" },
+    { name: "0Spam DBL", domain: "dbl.0spam.org", type: "domain", category: "spam" },
+    { name: "abuse.ch URLhaus", domain: "urlhaus.abuse.ch", type: "domain", category: "malware" },
+];
+//# sourceMappingURL=dnsbl-lists.js.map

package/dist/data/dnsbl-lists.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"dnsbl-lists.js","sourceRoot":"","sources":["../../src/data/dnsbl-lists.ts"],"names":[],"mappings":"AAOA,MAAM,CAAC,MAAM,WAAW,GAAiB;IACvC,8BAA8B;IAC9B,EAAE,IAAI,EAAE,cAAc,EAAE,MAAM,EAAE,kBAAkB,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE;IAClF,EAAE,IAAI,EAAE,cAAc,EAAE,MAAM,EAAE,kBAAkB,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE;IAClF,EAAE,IAAI,EAAE,cAAc,EAAE,MAAM,EAAE,kBAAkB,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE;IACrF,EAAE,IAAI,EAAE,cAAc,EAAE,MAAM,EAAE,kBAAkB,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE;IACpF,EAAE,IAAI,EAAE,cAAc,EAAE,MAAM,EAAE,sBAAsB,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE;IACtF,EAAE,IAAI,EAAE,eAAe,EAAE,MAAM,EAAE,wBAAwB,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE;IACzF,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,gBAAgB,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE;IAC3E,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,iBAAiB,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE;IAC3E,EAAE,IAAI,EAAE,YAAY,EAAE,MAAM,EAAE,sBAAsB,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE;IACpF,EAAE,IAAI,EAAE,cAAc,EAAE,MAAM,EAAE,6BAA6B,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE;IAC7F,EAAE,IAAI,EAAE,WAAW,EAAE,MAAM,EAAE,qBAAqB,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE;IACrF,EAAE,IAAI,EAAE,YAAY,EAAE,MAAM,EAAE,sBAAsB,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE;IACvF,EAAE,IAAI,EAAE,cAAc,EAAE,MAAM,EAAE,wBAAwB,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE;IAC1F,EAAE,IAAI,EAAE,YAAY,EAAE,MAAM,EAAE,sBAAsB,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE;IACrF,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,uBAAuB,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE;IACvF,EAAE,IAAI,EAAE,YAAY,EAAE,MAAM,EAAE,sBAAsB,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE;IACpF,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,oBAAoB,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE;IAC7E,EAAE,IAAI,EAAE,cAAc,EAAE,MAAM,EAAE,wBAAwB,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE;IACxF,EAAE,IAAI,EAAE,cAAc,EAAE,MAAM,EAAE,wBAAwB,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE;IACxF,EAAE,IAAI,EAAE,cAAc,EAAE,MAAM,EAAE,wBAAwB,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE;IACxF,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,kBAAkB,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE;IAC1E,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,cAAc,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE;IACtE,EAAE,IAAI,EAAE,UAAU,EAAE,MAAM,EAAE,oBAAoB,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE;IAChF,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,mBAAmB,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE;IAChF,EAAE,IAAI,EAAE,WAAW,EAAE,MAAM,EAAE,kBAAkB,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE;IAChF,EAAE,IAAI,EAAE,gBAAgB,EAAE,MAAM,EAAE,gBAAgB,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE;IACrF,EAAE,IAAI,EAAE,UAAU,EAAE,MAAM,EAAE,oBAAoB,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE;IAChF,EAAE,IAAI,EAAE,cAAc,EAAE,MAAM,EAAE,qBAAqB,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE;IACtF,EAAE,IAAI,EAAE,cAAc,EAAE,MAAM,EAAE,kBAAkB,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE;IAClF,EAAE,IAAI,EAAE,UAAU,EAAE,MAAM,EAAE,qBAAqB,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE;IACjF,EAAE,IAAI,EAAE,oBAAoB,EAAE,MAAM,EAAE,wBAAwB,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE;IAC9F,EAAE,IAAI,EAAE,YAAY,EAAE,MAAM,EAAE,YAAY,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE;IAC1E,EAAE,IAAI,EAAE,oBAAoB,EAAE,MAAM,EAAE,qBAAqB,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE;IAC3F,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,aAAa,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE;IACxE,EAAE,IAAI,EAAE,eAAe,EAAE,MAAM,EAAE,uBAAuB,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,aAAa,EAAE;IAE/F,kCAAkC;IAClC,EAAE,IAAI,EAAE,cAAc,EAAE,MAAM,EAAE,kBAAkB,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE;IACtF,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,iBAAiB,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE;IACpF,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,iBAAiB,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE;IAC9E,EAAE,IAAI,EAAE,cAAc,EAAE,MAAM,EAAE,kBAAkB,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,kBAAkB,EAAE;IAClG,EAAE,IAAI,EAAE,gBAAgB,EAAE,MAAM,EAAE,oBAAoB,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,UAAU,EAAE;IAC9F,EAAE,IAAI,EAAE,eAAe,EAAE,MAAM,EAAE,mBAAmB,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE;IAC3F,EAAE,IAAI,EAAE,eAAe,EAAE,MAAM,EAAE,cAAc,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,aAAa,EAAE;IAC1F,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,iBAAiB,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,OAAO,EAAE;IACrF,EAAE,IAAI,EAAE,WAAW,EAAE,MAAM,EAAE,4BAA4B,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,kBAAkB,EAAE;IACzG,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,4BAA4B,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE;IAC3F,EAAE,IAAI,EAAE,YAAY,EAAE,MAAM,EAAE,6BAA6B,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE;IAC/F,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,uBAAuB,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE;IACrF,EAAE,IAAI,EAAE,WAAW,EAAE,MAAM,EAAE,eAAe,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE;IAChF,EAAE,IAAI,EAAE,kBAAkB,EAAE,MAAM,EAAE,kBAAkB,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE;CAC9F,CAAC"}

package/dist/data/takeover-fingerprints.d.ts

@@ -0,0 +1,8 @@
+export interface TakeoverFingerprint {
+    service: string;
+    cnames: string[];
+    fingerprint: string;
+    vulnerable: boolean;
+}
+export declare const TAKEOVER_FINGERPRINTS: TakeoverFingerprint[];
+//# sourceMappingURL=takeover-fingerprints.d.ts.map

package/dist/data/takeover-fingerprints.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"takeover-fingerprints.d.ts","sourceRoot":"","sources":["../../src/data/takeover-fingerprints.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,mBAAmB;IAClC,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,UAAU,EAAE,OAAO,CAAC;CACrB;AAED,eAAO,MAAM,qBAAqB,EAAE,mBAAmB,EAkFtD,CAAC"}

package/dist/data/takeover-fingerprints.js

@@ -0,0 +1,84 @@
+export const TAKEOVER_FINGERPRINTS = [
+    { service: "GitHub Pages", cnames: ["*.github.io"], fingerprint: "There isn't a GitHub Pages site here", vulnerable: true },
+    { service: "Heroku", cnames: ["*.herokuapp.com", "*.herokussl.com"], fingerprint: "No such app", vulnerable: true },
+    { service: "AWS S3", cnames: ["*.s3.amazonaws.com", "*.s3-website*"], fingerprint: "NoSuchBucket", vulnerable: true },
+    { service: "AWS Elastic Beanstalk", cnames: ["*.elasticbeanstalk.com"], fingerprint: "NXDOMAIN", vulnerable: true },
+    { service: "AWS CloudFront", cnames: ["*.cloudfront.net"], fingerprint: "Bad request", vulnerable: true },
+    { service: "Azure", cnames: ["*.azurewebsites.net", "*.cloudapp.net", "*.azure-api.net", "*.azurefd.net"], fingerprint: "404 Web Site not found", vulnerable: true },
+    { service: "Azure TrafficManager", cnames: ["*.trafficmanager.net"], fingerprint: "NXDOMAIN", vulnerable: true },
+    { service: "Shopify", cnames: ["*.myshopify.com"], fingerprint: "Sorry, this shop is currently unavailable", vulnerable: true },
+    { service: "Fastly", cnames: ["*.fastly.net", "*.fastlylb.net"], fingerprint: "Fastly error: unknown domain", vulnerable: true },
+    { service: "Pantheon", cnames: ["*.pantheonsite.io", "*.pantheon.io"], fingerprint: "404 error unknown site", vulnerable: true },
+    { service: "Tumblr", cnames: ["*.tumblr.com"], fingerprint: "There's nothing here", vulnerable: true },
+    { service: "WordPress.com", cnames: ["*.wordpress.com"], fingerprint: "Do you want to register", vulnerable: true },
+    { service: "Ghost", cnames: ["*.ghost.io"], fingerprint: "The thing you were looking for is no longer here", vulnerable: true },
+    { service: "Surge.sh", cnames: ["*.surge.sh"], fingerprint: "project not found", vulnerable: true },
+    { service: "Bitbucket", cnames: ["*.bitbucket.io"], fingerprint: "Repository not found", vulnerable: true },
+    { service: "Intercom", cnames: ["custom.intercom.help"], fingerprint: "This page is reserved for", vulnerable: true },
+    { service: "HelpJuice", cnames: ["*.helpjuice.com"], fingerprint: "We could not find what you're looking for", vulnerable: true },
+    { service: "HelpScout", cnames: ["*.helpscoutdocs.com"], fingerprint: "No settings were found", vulnerable: true },
+    { service: "Cargo", cnames: ["*.cargocollective.com"], fingerprint: "If you're moving your domain away", vulnerable: true },
+    { service: "StatusPage", cnames: ["*.statuspage.io"], fingerprint: "You are being redirected", vulnerable: true },
+    { service: "UserVoice", cnames: ["*.uservoice.com"], fingerprint: "This UserVoice subdomain is currently available", vulnerable: true },
+    { service: "Zendesk", cnames: ["*.zendesk.com"], fingerprint: "Help Center Closed", vulnerable: true },
+    { service: "TeamWork", cnames: ["*.teamwork.com"], fingerprint: "Oops - We didn't find your site", vulnerable: true },
+    { service: "Unbounce", cnames: ["*.unbouncepages.com"], fingerprint: "The requested URL was not found on this server", vulnerable: true },
+    { service: "Tilda", cnames: ["*.tilda.ws"], fingerprint: "Please renew your subscription", vulnerable: true },
+    { service: "SmartJobBoard", cnames: ["*.smartjobboard.com"], fingerprint: "This job board website is either expired or its domain name is invalid", vulnerable: true },
+    { service: "Strikingly", cnames: ["*.s.strikinglydns.com", "*.strikingly.com"], fingerprint: "page not found", vulnerable: true },
+    { service: "UptimeRobot", cnames: ["*.stats.uptimerobot.com"], fingerprint: "page not found", vulnerable: true },
+    { service: "Frontify", cnames: ["*.frontify.com"], fingerprint: "404 - Page not found", vulnerable: true },
+    { service: "SmartJobBoard", cnames: ["*.smartjobboard.com"], fingerprint: "job board website is either expired", vulnerable: true },
+    { service: "ReadMe.io", cnames: ["*.readme.io"], fingerprint: "Project doesnt exist", vulnerable: true },
+    { service: "Fly.io", cnames: ["*.fly.dev"], fingerprint: "404 Not Found", vulnerable: true },
+    { service: "Netlify", cnames: ["*.netlify.app", "*.netlify.com"], fingerprint: "Not Found - Request ID", vulnerable: true },
+    { service: "Vercel", cnames: ["*.vercel.app", "cname.vercel-dns.com"], fingerprint: "NOT_FOUND", vulnerable: true },
+    { service: "Firebase", cnames: ["*.firebaseapp.com", "*.web.app"], fingerprint: "Site Not Found", vulnerable: true },
+    { service: "Gitbook", cnames: ["*.gitbook.io"], fingerprint: "If you need specifics", vulnerable: true },
+    { service: "LaunchRock", cnames: ["*.launchrock.com"], fingerprint: "It looks like you may have taken a wrong turn", vulnerable: true },
+    { service: "Pingdom", cnames: ["*.stats.pingdom.com"], fingerprint: "Sorry, couldn't find the status page", vulnerable: true },
+    { service: "Tictail", cnames: ["*.tictail.com"], fingerprint: "Starting your own Tictail store", vulnerable: true },
+    { service: "Campaign Monitor", cnames: ["*.createsend.com"], fingerprint: "Double check the URL", vulnerable: true },
+    { service: "Acquia", cnames: ["*.acquia-test.co", "*.acquia.com"], fingerprint: "Web Site Not Found", vulnerable: true },
+    { service: "Proposify", cnames: ["*.proposify.biz"], fingerprint: "If you need access to this", vulnerable: true },
+    { service: "Simplebooklet", cnames: ["*.simplebooklet.com"], fingerprint: "We can't find this SimpleBoo", vulnerable: true },
+    { service: "GetResponse", cnames: ["*.gr8.com"], fingerprint: "With GetResponse Landing Pages", vulnerable: true },
+    { service: "Vend", cnames: ["*.vendecommerce.com"], fingerprint: "Looks like you've followed a broken link", vulnerable: true },
+    { service: "Aftership", cnames: ["*.aftership.com"], fingerprint: "Oops.</h2>", vulnerable: true },
+    { service: "Aha!", cnames: ["*.ideas.aha.io"], fingerprint: "There is no portal here", vulnerable: true },
+    { service: "Brightcove", cnames: ["*.bcvp0rtal.com", "*.brightcovegallery.com"], fingerprint: "Error - Page Not Found", vulnerable: true },
+    { service: "BigCartel", cnames: ["*.bigcartel.com"], fingerprint: "<h1>Oops! We couldn't find that page.</h1>", vulnerable: true },
+    { service: "ActiveCampaign", cnames: ["*.activehosted.com"], fingerprint: "alt=\"JEdistribution\"", vulnerable: true },
+    { service: "Campaignmonitor", cnames: ["*.createsend.com"], fingerprint: "Trying to access your account?", vulnerable: true },
+    { service: "Digital Ocean", cnames: ["*.ondigitalocean.app"], fingerprint: "Domain is not served", vulnerable: true },
+    { service: "Gemfury", cnames: ["*.furyns.com"], fingerprint: "404: This page could not be found", vulnerable: true },
+    { service: "HatenaBlog", cnames: ["*.hatenablog.com", "*.hateblo.jp"], fingerprint: "404 Blog is not found", vulnerable: true },
+    { service: "Helprace", cnames: ["*.helprace.com"], fingerprint: "Alias not configured!", vulnerable: true },
+    { service: "JetBrains YouTrack", cnames: ["*.myjetbrains.com"], fingerprint: "is not a registered InCloud YouTrack", vulnerable: true },
+    { service: "Kinsta", cnames: ["*.kinsta.cloud"], fingerprint: "No Site For Domain", vulnerable: true },
+    { service: "Landingi", cnames: ["*.cname.landingi.com"], fingerprint: "It looks like you're lost", vulnerable: true },
+    { service: "Mashery", cnames: ["*.mashery.com"], fingerprint: "Unrecognized domain", vulnerable: true },
+    { service: "Ngrok", cnames: ["*.ngrok.io", "*.ngrok-free.app"], fingerprint: "ngrok.io not found", vulnerable: true },
+    { service: "Render", cnames: ["*.onrender.com"], fingerprint: "NOT_FOUND", vulnerable: true },
+    { service: "Short.io", cnames: ["*.short.io"], fingerprint: "Link does not exist", vulnerable: true },
+    { service: "SmugMug", cnames: ["*.smugmug.com"], fingerprint: "Page Not Found", vulnerable: true },
+    { service: "Sprintful", cnames: ["*.sprintful.com"], fingerprint: "Sprint.ly - 404", vulnerable: true },
+    { service: "Squarespace", cnames: ["*.squarespace.com"], fingerprint: "No Such Account", vulnerable: true },
+    { service: "Webflow", cnames: ["*.webflow.io", "proxy-ssl.webflow.com"], fingerprint: "The page you are looking for doesn't exist", vulnerable: true },
+    { service: "Wix", cnames: ["*.wixsite.com"], fingerprint: "Error ConnectYourDomain", vulnerable: true },
+    { service: "Worksites", cnames: ["*.worksites.net"], fingerprint: "Hello! Sorry, but the website", vulnerable: true },
+    { service: "Agile CRM", cnames: ["*.agilecrm.com"], fingerprint: "Sorry, this page is no longer available", vulnerable: true },
+    { service: "Anima", cnames: ["*.animaapp.io"], fingerprint: "If this is your website and you've just created it", vulnerable: true },
+    { service: "Airee", cnames: ["*.airkitapps.com"], fingerprint: "404 Not Found", vulnerable: true },
+    { service: "Canny", cnames: ["*.canny.io"], fingerprint: "Company Not Found", vulnerable: true },
+    { service: "Desk", cnames: ["*.desk.com"], fingerprint: "Please try again or try Desk.com free", vulnerable: true },
+    { service: "FeedPress", cnames: ["*.redirect.feedpress.me"], fingerprint: "The feed has not been found", vulnerable: true },
+    { service: "Freshdesk", cnames: ["*.freshdesk.com"], fingerprint: "May not be configured", vulnerable: true },
+    { service: "Hubspot", cnames: ["*.sites.hubspot.net"], fingerprint: "Domain not found", vulnerable: true },
+    { service: "Instapage", cnames: ["*.pageserve.co", "*.secure.pageserve.co"], fingerprint: "Looks Like You're Lost", vulnerable: true },
+    { service: "InterCom", cnames: ["custom.intercom.help"], fingerprint: "Uh oh. That page doesn't exist", vulnerable: true },
+    { service: "Kajabi", cnames: ["*.endpoint.mykajabi.com"], fingerprint: "The page you were looking for doesn't exist", vulnerable: true },
+    { service: "Leadpages", cnames: ["*.leadpages.net"], fingerprint: "Double check that you have the right", vulnerable: true },
+    { service: "Microsoft Azure", cnames: ["*.azurewebsites.net"], fingerprint: "404 Web Site not found", vulnerable: true },
+];
+//# sourceMappingURL=takeover-fingerprints.js.map

package/dist/data/takeover-fingerprints.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"takeover-fingerprints.js","sourceRoot":"","sources":["../../src/data/takeover-fingerprints.ts"],"names":[],"mappings":"AAOA,MAAM,CAAC,MAAM,qBAAqB,GAA0B;IAC1D,EAAE,OAAO,EAAE,cAAc,EAAE,MAAM,EAAE,CAAC,aAAa,CAAC,EAAE,WAAW,EAAE,sCAAsC,EAAE,UAAU,EAAE,IAAI,EAAE;IAC3H,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,iBAAiB,EAAE,iBAAiB,CAAC,EAAE,WAAW,EAAE,aAAa,EAAE,UAAU,EAAE,IAAI,EAAE;IACnH,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,oBAAoB,EAAE,eAAe,CAAC,EAAE,WAAW,EAAE,cAAc,EAAE,UAAU,EAAE,IAAI,EAAE;IACrH,EAAE,OAAO,EAAE,uBAAuB,EAAE,MAAM,EAAE,CAAC,wBAAwB,CAAC,EAAE,WAAW,EAAE,UAAU,EAAE,UAAU,EAAE,IAAI,EAAE;IACnH,EAAE,OAAO,EAAE,gBAAgB,EAAE,MAAM,EAAE,CAAC,kBAAkB,CAAC,EAAE,WAAW,EAAE,aAAa,EAAE,UAAU,EAAE,IAAI,EAAE;IACzG,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC,qBAAqB,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,eAAe,CAAC,EAAE,WAAW,EAAE,wBAAwB,EAAE,UAAU,EAAE,IAAI,EAAE;IACpK,EAAE,OAAO,EAAE,sBAAsB,EAAE,MAAM,EAAE,CAAC,sBAAsB,CAAC,EAAE,WAAW,EAAE,UAAU,EAAE,UAAU,EAAE,IAAI,EAAE;IAChH,EAAE,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,CAAC,iBAAiB,CAAC,EAAE,WAAW,EAAE,2CAA2C,EAAE,UAAU,EAAE,IAAI,EAAE;IAC/H,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,cAAc,EAAE,gBAAgB,CAAC,EAAE,WAAW,EAAE,8BAA8B,EAAE,UAAU,EAAE,IAAI,EAAE;IAChI,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,EAAE,CAAC,mBAAmB,EAAE,eAAe,CAAC,EAAE,WAAW,EAAE,wBAAwB,EAAE,UAAU,EAAE,IAAI,EAAE;IAChI,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,cAAc,CAAC,EAAE,WAAW,EAAE,sBAAsB,EAAE,UAAU,EAAE,IAAI,EAAE;IACtG,EAAE,OAAO,EAAE,eAAe,EAAE,MAAM,EAAE,CAAC,iBAAiB,CAAC,EAAE,WAAW,EAAE,yBAAyB,EAAE,UAAU,EAAE,IAAI,EAAE;IACnH,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC,YAAY,CAAC,EAAE,WAAW,EAAE,kDAAkD,EAAE,UAAU,EAAE,IAAI,EAAE;IAC/H,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,EAAE,CAAC,YAAY,CAAC,EAAE,WAAW,EAAE,mBAAmB,EAAE,UAAU,EAAE,IAAI,EAAE;IACnG,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,EAAE,CAAC,gBAAgB,CAAC,EAAE,WAAW,EAAE,sBAAsB,EAAE,UAAU,EAAE,IAAI,EAAE;IAC3G,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,EAAE,CAAC,sBAAsB,CAAC,EAAE,WAAW,EAAE,2BAA2B,EAAE,UAAU,EAAE,IAAI,EAAE;IACrH,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,EAAE,CAAC,iBAAiB,CAAC,EAAE,WAAW,EAAE,2CAA2C,EAAE,UAAU,EAAE,IAAI,EAAE;IACjI,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,EAAE,CAAC,qBAAqB,CAAC,EAAE,WAAW,EAAE,wBAAwB,EAAE,UAAU,EAAE,IAAI,EAAE;IAClH,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC,uBAAuB,CAAC,EAAE,WAAW,EAAE,mCAAmC,EAAE,UAAU,EAAE,IAAI,EAAE;IAC3H,EAAE,OAAO,EAAE,YAAY,EAAE,MAAM,EAAE,CAAC,iBAAiB,CAAC,EAAE,WAAW,EAAE,0BAA0B,EAAE,UAAU,EAAE,IAAI,EAAE;IACjH,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,EAAE,CAAC,iBAAiB,CAAC,EAAE,WAAW,EAAE,iDAAiD,EAAE,UAAU,EAAE,IAAI,EAAE;IACvI,EAAE,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,CAAC,eAAe,CAAC,EAAE,WAAW,EAAE,oBAAoB,EAAE,UAAU,EAAE,IAAI,EAAE;IACtG,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,EAAE,CAAC,gBAAgB,CAAC,EAAE,WAAW,EAAE,iCAAiC,EAAE,UAAU,EAAE,IAAI,EAAE;IACrH,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,EAAE,CAAC,qBAAqB,CAAC,EAAE,WAAW,EAAE,gDAAgD,EAAE,UAAU,EAAE,IAAI,EAAE;IACzI,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC,YAAY,CAAC,EAAE,WAAW,EAAE,gCAAgC,EAAE,UAAU,EAAE,IAAI,EAAE;IAC7G,EAAE,OAAO,EAAE,eAAe,EAAE,MAAM,EAAE,CAAC,qBAAqB,CAAC,EAAE,WAAW,EAAE,wEAAwE,EAAE,UAAU,EAAE,IAAI,EAAE;IACtK,EAAE,OAAO,EAAE,YAAY,EAAE,MAAM,EAAE,CAAC,uBAAuB,EAAE,kBAAkB,CAAC,EAAE,WAAW,EAAE,gBAAgB,EAAE,UAAU,EAAE,IAAI,EAAE;IACjI,EAAE,OAAO,EAAE,aAAa,EAAE,MAAM,EAAE,CAAC,yBAAyB,CAAC,EAAE,WAAW,EAAE,gBAAgB,EAAE,UAAU,EAAE,IAAI,EAAE;IAChH,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,EAAE,CAAC,gBAAgB,CAAC,EAAE,WAAW,EAAE,sBAAsB,EAAE,UAAU,EAAE,IAAI,EAAE;IAC1G,EAAE,OAAO,EAAE,eAAe,EAAE,MAAM,EAAE,CAAC,qBAAqB,CAAC,EAAE,WAAW,EAAE,qCAAqC,EAAE,UAAU,EAAE,IAAI,EAAE;IACnI,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,EAAE,CAAC,aAAa,CAAC,EAAE,WAAW,EAAE,sBAAsB,EAAE,UAAU,EAAE,IAAI,EAAE;IACxG,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,WAAW,CAAC,EAAE,WAAW,EAAE,eAAe,EAAE,UAAU,EAAE,IAAI,EAAE;IAC5F,EAAE,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,CAAC,eAAe,EAAE,eAAe,CAAC,EAAE,WAAW,EAAE,wBAAwB,EAAE,UAAU,EAAE,IAAI,EAAE;IAC3H,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,cAAc,EAAE,sBAAsB,CAAC,EAAE,WAAW,EAAE,WAAW,EAAE,UAAU,EAAE,IAAI,EAAE;IACnH,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,EAAE,CAAC,mBAAmB,EAAE,WAAW,CAAC,EAAE,WAAW,EAAE,gBAAgB,EAAE,UAAU,EAAE,IAAI,EAAE;IACpH,EAAE,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,CAAC,cAAc,CAAC,EAAE,WAAW,EAAE,uBAAuB,EAAE,UAAU,EAAE,IAAI,EAAE;IACxG,EAAE,OAAO,EAAE,YAAY,EAAE,MAAM,EAAE,CAAC,kBAAkB,CAAC,EAAE,WAAW,EAAE,+CAA+C,EAAE,UAAU,EAAE,IAAI,EAAE;IACvI,EAAE,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,CAAC,qBAAqB,CAAC,EAAE,WAAW,EAAE,sCAAsC,EAAE,UAAU,EAAE,IAAI,EAAE;IAC9H,EAAE,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,CAAC,eAAe,CAAC,EAAE,WAAW,EAAE,iCAAiC,EAAE,UAAU,EAAE,IAAI,EAAE;IACnH,EAAE,OAAO,EAAE,kBAAkB,EAAE,MAAM,EAAE,CAAC,kBAAkB,CAAC,EAAE,WAAW,EAAE,sBAAsB,EAAE,UAAU,EAAE,IAAI,EAAE;IACpH,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,kBAAkB,EAAE,cAAc,CAAC,EAAE,WAAW,EAAE,oBAAoB,EAAE,UAAU,EAAE,IAAI,EAAE;IACxH,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,EAAE,CAAC,iBAAiB,CAAC,EAAE,WAAW,EAAE,4BAA4B,EAAE,UAAU,EAAE,IAAI,EAAE;IAClH,EAAE,OAAO,EAAE,eAAe,EAAE,MAAM,EAAE,CAAC,qBAAqB,CAAC,EAAE,WAAW,EAAE,8BAA8B,EAAE,UAAU,EAAE,IAAI,EAAE;IAC5H,EAAE,OAAO,EAAE,aAAa,EAAE,MAAM,EAAE,CAAC,WAAW,CAAC,EAAE,WAAW,EAAE,gCAAgC,EAAE,UAAU,EAAE,IAAI,EAAE;IAClH,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,qBAAqB,CAAC,EAAE,WAAW,EAAE,0CAA0C,EAAE,UAAU,EAAE,IAAI,EAAE;IAC/H,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,EAAE,CAAC,iBAAiB,CAAC,EAAE,WAAW,EAAE,YAAY,EAAE,UAAU,EAAE,IAAI,EAAE;IAClG,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,gBAAgB,CAAC,EAAE,WAAW,EAAE,yBAAyB,EAAE,UAAU,EAAE,IAAI,EAAE;IACzG,EAAE,OAAO,EAAE,YAAY,EAAE,MAAM,EAAE,CAAC,iBAAiB,EAAE,yBAAyB,CAAC,EAAE,WAAW,EAAE,wBAAwB,EAAE,UAAU,EAAE,IAAI,EAAE;IAC1I,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,EAAE,CAAC,iBAAiB,CAAC,EAAE,WAAW,EAAE,4CAA4C,EAAE,UAAU,EAAE,IAAI,EAAE;IAClI,EAAE,OAAO,EAAE,gBAAgB,EAAE,MAAM,EAAE,CAAC,oBAAoB,CAAC,EAAE,WAAW,EAAE,wBAAwB,EAAE,UAAU,EAAE,IAAI,EAAE;IACtH,EAAE,OAAO,EAAE,iBAAiB,EAAE,MAAM,EAAE,CAAC,kBAAkB,CAAC,EAAE,WAAW,EAAE,gCAAgC,EAAE,UAAU,EAAE,IAAI,EAAE;IAC7H,EAAE,OAAO,EAAE,eAAe,EAAE,MAAM,EAAE,CAAC,sBAAsB,CAAC,EAAE,WAAW,EAAE,sBAAsB,EAAE,UAAU,EAAE,IAAI,EAAE;IACrH,EAAE,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,CAAC,cAAc,CAAC,EAAE,WAAW,EAAE,mCAAmC,EAAE,UAAU,EAAE,IAAI,EAAE;IACpH,EAAE,OAAO,EAAE,YAAY,EAAE,MAAM,EAAE,CAAC,kBAAkB,EAAE,cAAc,CAAC,EAAE,WAAW,EAAE,uBAAuB,EAAE,UAAU,EAAE,IAAI,EAAE;IAC/H,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,EAAE,CAAC,gBAAgB,CAAC,EAAE,WAAW,EAAE,uBAAuB,EAAE,UAAU,EAAE,IAAI,EAAE;IAC3G,EAAE,OAAO,EAAE,oBAAoB,EAAE,MAAM,EAAE,CAAC,mBAAmB,CAAC,EAAE,WAAW,EAAE,sCAAsC,EAAE,UAAU,EAAE,IAAI,EAAE;IACvI,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,gBAAgB,CAAC,EAAE,WAAW,EAAE,oBAAoB,EAAE,UAAU,EAAE,IAAI,EAAE;IACtG,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,EAAE,CAAC,sBAAsB,CAAC,EAAE,WAAW,EAAE,2BAA2B,EAAE,UAAU,EAAE,IAAI,EAAE;IACrH,EAAE,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,CAAC,eAAe,CAAC,EAAE,WAAW,EAAE,qBAAqB,EAAE,UAAU,EAAE,IAAI,EAAE;IACvG,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC,YAAY,EAAE,kBAAkB,CAAC,EAAE,WAAW,EAAE,oBAAoB,EAAE,UAAU,EAAE,IAAI,EAAE;IACrH,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,gBAAgB,CAAC,EAAE,WAAW,EAAE,WAAW,EAAE,UAAU,EAAE,IAAI,EAAE;IAC7F,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,EAAE,CAAC,YAAY,CAAC,EAAE,WAAW,EAAE,qBAAqB,EAAE,UAAU,EAAE,IAAI,EAAE;IACrG,EAAE,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,CAAC,eAAe,CAAC,EAAE,WAAW,EAAE,gBAAgB,EAAE,UAAU,EAAE,IAAI,EAAE;IAClG,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,EAAE,CAAC,iBAAiB,CAAC,EAAE,WAAW,EAAE,iBAAiB,EAAE,UAAU,EAAE,IAAI,EAAE;IACvG,EAAE,OAAO,EAAE,aAAa,EAAE,MAAM,EAAE,CAAC,mBAAmB,CAAC,EAAE,WAAW,EAAE,iBAAiB,EAAE,UAAU,EAAE,IAAI,EAAE;IAC3G,EAAE,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,CAAC,cAAc,EAAE,uBAAuB,CAAC,EAAE,WAAW,EAAE,4CAA4C,EAAE,UAAU,EAAE,IAAI,EAAE;IACtJ,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,eAAe,CAAC,EAAE,WAAW,EAAE,yBAAyB,EAAE,UAAU,EAAE,IAAI,EAAE;IACvG,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,EAAE,CAAC,iBAAiB,CAAC,EAAE,WAAW,EAAE,+BAA+B,EAAE,UAAU,EAAE,IAAI,EAAE;IACrH,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,EAAE,CAAC,gBAAgB,CAAC,EAAE,WAAW,EAAE,yCAAyC,EAAE,UAAU,EAAE,IAAI,EAAE;IAC9H,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC,eAAe,CAAC,EAAE,WAAW,EAAE,oDAAoD,EAAE,UAAU,EAAE,IAAI,EAAE;IACpI,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC,kBAAkB,CAAC,EAAE,WAAW,EAAE,eAAe,EAAE,UAAU,EAAE,IAAI,EAAE;IAClG,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC,YAAY,CAAC,EAAE,WAAW,EAAE,mBAAmB,EAAE,UAAU,EAAE,IAAI,EAAE;IAChG,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,YAAY,CAAC,EAAE,WAAW,EAAE,uCAAuC,EAAE,UAAU,EAAE,IAAI,EAAE;IACnH,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,EAAE,CAAC,yBAAyB,CAAC,EAAE,WAAW,EAAE,6BAA6B,EAAE,UAAU,EAAE,IAAI,EAAE;IAC3H,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,EAAE,CAAC,iBAAiB,CAAC,EAAE,WAAW,EAAE,uBAAuB,EAAE,UAAU,EAAE,IAAI,EAAE;IAC7G,EAAE,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,CAAC,qBAAqB,CAAC,EAAE,WAAW,EAAE,kBAAkB,EAAE,UAAU,EAAE,IAAI,EAAE;IAC1G,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,EAAE,CAAC,gBAAgB,EAAE,uBAAuB,CAAC,EAAE,WAAW,EAAE,wBAAwB,EAAE,UAAU,EAAE,IAAI,EAAE;IACtI,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,EAAE,CAAC,sBAAsB,CAAC,EAAE,WAAW,EAAE,gCAAgC,EAAE,UAAU,EAAE,IAAI,EAAE;IAC1H,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,yBAAyB,CAAC,EAAE,WAAW,EAAE,6CAA6C,EAAE,UAAU,EAAE,IAAI,EAAE;IACxI,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,EAAE,CAAC,iBAAiB,CAAC,EAAE,WAAW,EAAE,sCAAsC,EAAE,UAAU,EAAE,IAAI,EAAE;IAC5H,EAAE,OAAO,EAAE,iBAAiB,EAAE,MAAM,EAAE,CAAC,qBAAqB,CAAC,EAAE,WAAW,EAAE,wBAAwB,EAAE,UAAU,EAAE,IAAI,EAAE;CACzH,CAAC"}

package/dist/data/tunneling-signatures.d.ts

@@ -0,0 +1,17 @@
+export interface TunnelSignature {
+    tool: string;
+    pattern: RegExp;
+    description: string;
+    indicators: string[];
+}
+export declare const TUNNEL_SIGNATURES: TunnelSignature[];
+export declare const TUNNEL_THRESHOLDS: {
+    maxLabelLength: number;
+    maxTotalLength: number;
+    maxLabelCount: number;
+    highEntropy: number;
+    normalEntropy: number;
+    suspiciousQueryRate: number;
+    beaconVariance: number;
+};
+//# sourceMappingURL=tunneling-signatures.d.ts.map

package/dist/data/tunneling-signatures.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"tunneling-signatures.d.ts","sourceRoot":"","sources":["../../src/data/tunneling-signatures.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;IACpB,UAAU,EAAE,MAAM,EAAE,CAAC;CACtB;AAED,eAAO,MAAM,iBAAiB,EAAE,eAAe,EAyE9C,CAAC;AAIF,eAAO,MAAM,iBAAiB;;;;;;;;CAQ7B,CAAC"}

package/dist/data/tunneling-signatures.js

@@ -0,0 +1,85 @@
+export const TUNNEL_SIGNATURES = [
+    {
+        tool: "iodine",
+        pattern: /^[a-z0-9]{50,}\./,
+        description: "iodine base32/base64/base128 encoded subdomain labels",
+        indicators: ["long base32 labels", "55-63 char labels", "NULL/CNAME record type"],
+    },
+    {
+        tool: "dns2tcp",
+        pattern: /^[A-Za-z0-9+/=]{20,}\./,
+        description: "dns2tcp base64 encoded labels",
+        indicators: ["base64 encoded labels", "TXT record responses", "KEY record type"],
+    },
+    {
+        tool: "dnscat2",
+        pattern: /^dnscat\./,
+        description: "dnscat2 default prefix pattern",
+        indicators: ["'dnscat.' prefix", "TXT/CNAME/MX record types", "hex-encoded data after prefix"],
+    },
+    {
+        tool: "Cobalt Strike DNS Beacon",
+        pattern: /^[a-f0-9]{2,}\./,
+        description: "Cobalt Strike DNS beacon hex encoding",
+        indicators: ["short hex-encoded labels", "A/AAAA record types", "regular beacon intervals"],
+    },
+    {
+        tool: "OzymanDNS",
+        pattern: /^[A-Za-z0-9+/]{30,}\./,
+        description: "OzymanDNS base64-like encoding",
+        indicators: ["base64 encoded labels", "CNAME record type", "SSH-over-DNS patterns"],
+    },
+    {
+        tool: "DNSExfiltrator",
+        pattern: /^[a-f0-9]{8,}\./,
+        description: "DNSExfiltrator hex-encoded data exfiltration",
+        indicators: ["hex-encoded labels", "TXT record type", "sequential numbering"],
+    },
+    {
+        tool: "Heyoka",
+        pattern: /^[a-z0-9]{40,}\./,
+        description: "Heyoka DNS tunnel encoded data",
+        indicators: ["long encoded labels", "ICMP+DNS combo", "bidirectional tunnel"],
+    },
+    {
+        tool: "NSTX",
+        pattern: /^[a-z0-9]{20,}\./,
+        description: "NSTX IP-over-DNS tunnel encoding",
+        indicators: ["encoded labels", "TXT record type", "IP packet encapsulation"],
+    },
+    {
+        tool: "DeNiSe",
+        pattern: /^[a-z]{30,}\./,
+        description: "DeNiSe DNS tunnel all-alpha encoding",
+        indicators: ["all-alphabetic labels", "unusual length", "CNAME record type"],
+    },
+    {
+        tool: "DNSStager",
+        pattern: /^[a-f0-9]{16,}\./,
+        description: "DNSStager payload delivery via DNS",
+        indicators: ["hex-encoded shellcode chunks", "TXT/AAAA record types", "sequential chunk IDs"],
+    },
+    {
+        tool: "Sliver C2 DNS",
+        pattern: /^[a-z0-9]{32,}\./,
+        description: "Sliver C2 framework DNS implant communication",
+        indicators: ["base32-encoded labels", "multiple record types", "session ID prefixes"],
+    },
+    {
+        tool: "Generic Data Exfiltration",
+        pattern: /^[a-f0-9]{32,}\./,
+        description: "Generic hex-encoded data exfiltration via DNS",
+        indicators: ["hex-only labels", "high query volume", "consistent label lengths"],
+    },
+];
+// ─── Tunneling Detection Thresholds ───
+export const TUNNEL_THRESHOLDS = {
+    maxLabelLength: 40,
+    maxTotalLength: 200,
+    maxLabelCount: 5,
+    highEntropy: 4.0,
+    normalEntropy: 3.5,
+    suspiciousQueryRate: 100, // queries per minute
+    beaconVariance: 0.05, // 5% timing variance = beaconing
+};
+//# sourceMappingURL=tunneling-signatures.js.map

package/dist/data/tunneling-signatures.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"tunneling-signatures.js","sourceRoot":"","sources":["../../src/data/tunneling-signatures.ts"],"names":[],"mappings":"AAOA,MAAM,CAAC,MAAM,iBAAiB,GAAsB;IAClD;QACE,IAAI,EAAE,QAAQ;QACd,OAAO,EAAE,kBAAkB;QAC3B,WAAW,EAAE,uDAAuD;QACpE,UAAU,EAAE,CAAC,oBAAoB,EAAE,mBAAmB,EAAE,wBAAwB,CAAC;KAClF;IACD;QACE,IAAI,EAAE,SAAS;QACf,OAAO,EAAE,wBAAwB;QACjC,WAAW,EAAE,+BAA+B;QAC5C,UAAU,EAAE,CAAC,uBAAuB,EAAE,sBAAsB,EAAE,iBAAiB,CAAC;KACjF;IACD;QACE,IAAI,EAAE,SAAS;QACf,OAAO,EAAE,WAAW;QACpB,WAAW,EAAE,gCAAgC;QAC7C,UAAU,EAAE,CAAC,kBAAkB,EAAE,2BAA2B,EAAE,+BAA+B,CAAC;KAC/F;IACD;QACE,IAAI,EAAE,0BAA0B;QAChC,OAAO,EAAE,iBAAiB;QAC1B,WAAW,EAAE,uCAAuC;QACpD,UAAU,EAAE,CAAC,0BAA0B,EAAE,qBAAqB,EAAE,0BAA0B,CAAC;KAC5F;IACD;QACE,IAAI,EAAE,WAAW;QACjB,OAAO,EAAE,uBAAuB;QAChC,WAAW,EAAE,gCAAgC;QAC7C,UAAU,EAAE,CAAC,uBAAuB,EAAE,mBAAmB,EAAE,uBAAuB,CAAC;KACpF;IACD;QACE,IAAI,EAAE,gBAAgB;QACtB,OAAO,EAAE,iBAAiB;QAC1B,WAAW,EAAE,8CAA8C;QAC3D,UAAU,EAAE,CAAC,oBAAoB,EAAE,iBAAiB,EAAE,sBAAsB,CAAC;KAC9E;IACD;QACE,IAAI,EAAE,QAAQ;QACd,OAAO,EAAE,kBAAkB;QAC3B,WAAW,EAAE,gCAAgC;QAC7C,UAAU,EAAE,CAAC,qBAAqB,EAAE,gBAAgB,EAAE,sBAAsB,CAAC;KAC9E;IACD;QACE,IAAI,EAAE,MAAM;QACZ,OAAO,EAAE,kBAAkB;QAC3B,WAAW,EAAE,kCAAkC;QAC/C,UAAU,EAAE,CAAC,gBAAgB,EAAE,iBAAiB,EAAE,yBAAyB,CAAC;KAC7E;IACD;QACE,IAAI,EAAE,QAAQ;QACd,OAAO,EAAE,eAAe;QACxB,WAAW,EAAE,sCAAsC;QACnD,UAAU,EAAE,CAAC,uBAAuB,EAAE,gBAAgB,EAAE,mBAAmB,CAAC;KAC7E;IACD;QACE,IAAI,EAAE,WAAW;QACjB,OAAO,EAAE,kBAAkB;QAC3B,WAAW,EAAE,oCAAoC;QACjD,UAAU,EAAE,CAAC,8BAA8B,EAAE,uBAAuB,EAAE,sBAAsB,CAAC;KAC9F;IACD;QACE,IAAI,EAAE,eAAe;QACrB,OAAO,EAAE,kBAAkB;QAC3B,WAAW,EAAE,+CAA+C;QAC5D,UAAU,EAAE,CAAC,uBAAuB,EAAE,uBAAuB,EAAE,qBAAqB,CAAC;KACtF;IACD;QACE,IAAI,EAAE,2BAA2B;QACjC,OAAO,EAAE,kBAAkB;QAC3B,WAAW,EAAE,+CAA+C;QAC5D,UAAU,EAAE,CAAC,iBAAiB,EAAE,mBAAmB,EAAE,0BAA0B,CAAC;KACjF;CACF,CAAC;AAEF,yCAAyC;AAEzC,MAAM,CAAC,MAAM,iBAAiB,GAAG;IAC/B,cAAc,EAAE,EAAE;IAClB,cAAc,EAAE,GAAG;IACnB,aAAa,EAAE,CAAC;IAChB,WAAW,EAAE,GAAG;IAChB,aAAa,EAAE,GAAG;IAClB,mBAAmB,EAAE,GAAG,EAAE,qBAAqB;IAC/C,cAAc,EAAE,IAAI,EAAE,iCAAiC;CACxD,CAAC"}

package/dist/dns/index.d.ts

@@ -0,0 +1,3 @@
+import type { ToolDef } from "../types/index.js";
+export declare const dnsTools: ToolDef[];
+//# sourceMappingURL=index.d.ts.map

package/dist/dns/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/dns/index.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AAk1CjD,eAAO,MAAM,QAAQ,EAAE,OAAO,EAa7B,CAAC"}