domsniper 0.1.0

package/src/core/features/marketplace.ts

@@ -0,0 +1,69 @@
+import { assertValidDomain } from "../validate.js";
+
+export interface MarketplaceListing {
+  source: string;
+  listed: boolean;
+  price: number | null;
+  currency: string;
+  url: string | null;
+  error: string | null;
+}
+
+async function checkEstibot(domain: string): Promise<MarketplaceListing> {
+  try {
+    const resp = await fetch(
+      `https://www.estibot.com/api/v1/appraisal?domain=${encodeURIComponent(domain)}`,
+      { signal: AbortSignal.timeout(8000) }
+    );
+    if (!resp.ok) {
+      return { source: "estibot", listed: false, price: null, currency: "USD", url: null, error: `HTTP ${resp.status}` };
+    }
+    const text = await resp.text();
+    // Estibot returns estimated value, not a listing
+    const match = text.match(/"appraised_value"\s*:\s*(\d+)/);
+    const value = match?.[1] ? parseInt(match[1], 10) : null;
+    return {
+      source: "estibot",
+      listed: false,
+      price: value,
+      currency: "USD",
+      url: `https://www.estibot.com/appraisal/${encodeURIComponent(domain)}`,
+      error: null,
+    };
+  } catch (err: unknown) {
+    return { source: "estibot", listed: false, price: null, currency: "USD", url: null, error: err instanceof Error ? err.message : "Failed" };
+  }
+}
+
+async function checkSedo(domain: string): Promise<MarketplaceListing> {
+  try {
+    const resp = await fetch(
+      `https://sedo.com/search/searchresult.php?keyword=${encodeURIComponent(domain)}&trackingid=domain-sniper`,
+      { signal: AbortSignal.timeout(8000), headers: { "User-Agent": "DomainSniper/2.0" } }
+    );
+    const listed = resp.ok;
+    return {
+      source: "sedo",
+      listed,
+      price: null,
+      currency: "USD",
+      url: `https://sedo.com/search/details/?domain=${encodeURIComponent(domain)}`,
+      error: null,
+    };
+  } catch (err: unknown) {
+    return { source: "sedo", listed: false, price: null, currency: "USD", url: null, error: err instanceof Error ? err.message : "Failed" };
+  }
+}
+
+export async function checkMarketplaces(domain: string): Promise<MarketplaceListing[]> {
+  assertValidDomain(domain);
+  const results = await Promise.allSettled([
+    checkEstibot(domain),
+    checkSedo(domain),
+  ]);
+  return results.map((r) =>
+    r.status === "fulfilled"
+      ? r.value
+      : { source: "unknown", listed: false, price: null, currency: "USD", url: null, error: r.reason?.message || "Failed" }
+  );
+}

package/src/core/features/path-scanner.ts

@@ -0,0 +1,123 @@
+import { assertValidDomain } from "../validate.js";
+
+export interface PathScanResult {
+  domain: string;
+  findings: PathFinding[];
+  scannedPaths: number;
+  error: string | null;
+}
+
+export interface PathFinding {
+  path: string;
+  status: number;
+  severity: "critical" | "high" | "medium" | "low" | "info";
+  description: string;
+  size: number | null;
+}
+
+const SENSITIVE_PATHS: { path: string; severity: "critical" | "high" | "medium" | "low" | "info"; description: string }[] = [
+  // Critical — secrets and credentials
+  { path: "/.env", severity: "critical", description: "Environment file — may contain API keys and passwords" },
+  { path: "/.env.local", severity: "critical", description: "Local environment file" },
+  { path: "/.env.production", severity: "critical", description: "Production environment file" },
+  { path: "/.git/config", severity: "critical", description: "Git config exposed — repo may be cloneable" },
+  { path: "/.git/HEAD", severity: "critical", description: "Git HEAD exposed — confirms .git directory" },
+  { path: "/wp-config.php.bak", severity: "critical", description: "WordPress config backup with DB credentials" },
+  { path: "/.aws/credentials", severity: "critical", description: "AWS credentials file" },
+  { path: "/config.json", severity: "high", description: "Configuration file possibly containing secrets" },
+  { path: "/config.yaml", severity: "high", description: "YAML configuration file" },
+  // High — admin and debug
+  { path: "/wp-admin/", severity: "high", description: "WordPress admin panel" },
+  { path: "/admin/", severity: "high", description: "Admin panel" },
+  { path: "/phpinfo.php", severity: "high", description: "PHP info page — exposes server configuration" },
+  { path: "/server-status", severity: "high", description: "Apache server status page" },
+  { path: "/server-info", severity: "high", description: "Apache server info page" },
+  { path: "/.htpasswd", severity: "high", description: "htpasswd file with hashed credentials" },
+  { path: "/debug/", severity: "high", description: "Debug endpoint" },
+  { path: "/_debug/", severity: "high", description: "Debug endpoint" },
+  { path: "/actuator", severity: "high", description: "Spring Boot actuator endpoints" },
+  { path: "/actuator/health", severity: "medium", description: "Spring Boot health endpoint" },
+  { path: "/actuator/env", severity: "critical", description: "Spring Boot environment — may expose secrets" },
+  // Medium — information disclosure
+  { path: "/robots.txt", severity: "info", description: "Robots.txt — may reveal hidden paths" },
+  { path: "/sitemap.xml", severity: "info", description: "Sitemap — shows site structure" },
+  { path: "/.DS_Store", severity: "medium", description: "macOS directory metadata — leaks filenames" },
+  { path: "/crossdomain.xml", severity: "medium", description: "Flash crossdomain policy" },
+  { path: "/security.txt", severity: "info", description: "Security contact information" },
+  { path: "/.well-known/security.txt", severity: "info", description: "Security contact (standard location)" },
+  { path: "/package.json", severity: "medium", description: "Node.js package manifest — shows dependencies" },
+  { path: "/composer.json", severity: "medium", description: "PHP Composer manifest" },
+  { path: "/Gemfile", severity: "medium", description: "Ruby Gemfile" },
+  { path: "/wp-json/", severity: "low", description: "WordPress REST API" },
+  { path: "/api/", severity: "info", description: "API endpoint" },
+  { path: "/graphql", severity: "medium", description: "GraphQL endpoint — may allow introspection" },
+  { path: "/swagger.json", severity: "medium", description: "Swagger/OpenAPI spec" },
+  { path: "/api-docs", severity: "medium", description: "API documentation endpoint" },
+  { path: "/.well-known/openid-configuration", severity: "info", description: "OpenID Connect configuration" },
+  { path: "/backup.sql", severity: "critical", description: "SQL database backup" },
+  { path: "/dump.sql", severity: "critical", description: "SQL database dump" },
+  { path: "/db.sql", severity: "critical", description: "SQL database file" },
+];
+
+export async function scanPaths(
+  domain: string,
+  paths: typeof SENSITIVE_PATHS = SENSITIVE_PATHS,
+  concurrency: number = 5
+): Promise<PathScanResult> {
+  assertValidDomain(domain);
+
+  const result: PathScanResult = {
+    domain, findings: [], scannedPaths: 0, error: null,
+  };
+
+  try {
+    for (let i = 0; i < paths.length; i += concurrency) {
+      const batch = paths.slice(i, i + concurrency);
+      const batchResults = await Promise.all(
+        batch.map(async (p) => {
+          result.scannedPaths++;
+          try {
+            const resp = await fetch(`https://${domain}${p.path}`, {
+              method: "HEAD",
+              redirect: "manual",
+              signal: AbortSignal.timeout(5000),
+              headers: { "User-Agent": "DomainSniper/2.0" },
+            });
+
+            // 200 = found, 403 = exists but forbidden (still interesting)
+            if (resp.status === 200 || resp.status === 403) {
+              const size = resp.headers.get("content-length");
+              return {
+                path: p.path,
+                status: resp.status,
+                severity: p.severity,
+                description: resp.status === 403
+                  ? `${p.description} (403 Forbidden — exists but protected)`
+                  : p.description,
+                size: size ? parseInt(size, 10) : null,
+              };
+            }
+            return null;
+          } catch {
+            return null;
+          }
+        })
+      );
+
+      for (const r of batchResults) {
+        if (r) result.findings.push(r);
+      }
+    }
+
+    // Sort by severity
+    const severityOrder: Record<string, number> = { critical: 0, high: 1, medium: 2, low: 3, info: 4 };
+    result.findings.sort((a, b) => (severityOrder[a.severity] ?? 5) - (severityOrder[b.severity] ?? 5));
+
+    return result;
+  } catch (err: unknown) {
+    result.error = err instanceof Error ? err.message : "Path scan failed";
+    return result;
+  }
+}
+
+export { SENSITIVE_PATHS };

package/src/core/features/port-scanner.ts

@@ -0,0 +1,132 @@
+import { assertValidDomain } from "../validate.js";
+import { connect } from "net";
+
+export interface PortResult {
+  port: number;
+  service: string;
+  open: boolean;
+  banner: string | null;
+}
+
+export interface PortScanResult {
+  domain: string;
+  ip: string | null;
+  openPorts: PortResult[];
+  closedCount: number;
+  scanTime: number;
+  error: string | null;
+}
+
+const COMMON_PORTS: { port: number; service: string }[] = [
+  { port: 21, service: "FTP" },
+  { port: 22, service: "SSH" },
+  { port: 25, service: "SMTP" },
+  { port: 53, service: "DNS" },
+  { port: 80, service: "HTTP" },
+  { port: 110, service: "POP3" },
+  { port: 143, service: "IMAP" },
+  { port: 443, service: "HTTPS" },
+  { port: 465, service: "SMTPS" },
+  { port: 587, service: "Submission" },
+  { port: 993, service: "IMAPS" },
+  { port: 995, service: "POP3S" },
+  { port: 3000, service: "Dev Server" },
+  { port: 3306, service: "MySQL" },
+  { port: 5432, service: "PostgreSQL" },
+  { port: 6379, service: "Redis" },
+  { port: 8080, service: "HTTP Alt" },
+  { port: 8443, service: "HTTPS Alt" },
+  { port: 27017, service: "MongoDB" },
+  { port: 9200, service: "Elasticsearch" },
+];
+
+function checkPort(host: string, port: number, timeoutMs: number = 3000): Promise<{ open: boolean; banner: string | null }> {
+  return new Promise((resolve) => {
+    const socket = connect({ host, port });
+    let banner: string | null = null;
+
+    const timer = setTimeout(() => {
+      socket.destroy();
+      resolve({ open: false, banner: null });
+    }, timeoutMs);
+
+    socket.on("connect", () => {
+      clearTimeout(timer);
+      // Try to grab a banner (wait briefly for data)
+      const bannerTimer = setTimeout(() => {
+        socket.destroy();
+        resolve({ open: true, banner });
+      }, 1500);
+
+      socket.once("data", (data) => {
+        clearTimeout(bannerTimer);
+        banner = data.toString("utf-8").trim().slice(0, 200);
+        socket.destroy();
+        resolve({ open: true, banner });
+      });
+    });
+
+    socket.on("error", () => {
+      clearTimeout(timer);
+      socket.destroy();
+      resolve({ open: false, banner: null });
+    });
+  });
+}
+
+export async function scanPorts(
+  domain: string,
+  ports: { port: number; service: string }[] = COMMON_PORTS,
+  concurrency: number = 10
+): Promise<PortScanResult> {
+  assertValidDomain(domain);
+  const startTime = Date.now();
+
+  const result: PortScanResult = {
+    domain,
+    ip: null,
+    openPorts: [],
+    closedCount: 0,
+    scanTime: 0,
+    error: null,
+  };
+
+  try {
+    // Resolve domain to IP first
+    const { execFile } = await import("child_process");
+    const { promisify } = await import("util");
+    const execFileAsync = promisify(execFile);
+    try {
+      const { stdout } = await execFileAsync("dig", ["+short", domain, "A"], { timeout: 5000 });
+      result.ip = stdout.trim().split("\n")[0] || null;
+    } catch {}
+
+    const host = result.ip || domain;
+
+    // Scan in batches
+    for (let i = 0; i < ports.length; i += concurrency) {
+      const batch = ports.slice(i, i + concurrency);
+      const batchResults = await Promise.all(
+        batch.map(async (p) => {
+          const { open, banner } = await checkPort(host, p.port);
+          return { port: p.port, service: p.service, open, banner };
+        })
+      );
+
+      for (const r of batchResults) {
+        if (r.open) {
+          result.openPorts.push(r);
+        } else {
+          result.closedCount++;
+        }
+      }
+    }
+  } catch (err: unknown) {
+    result.error = err instanceof Error ? err.message : "Port scan failed";
+  }
+
+  result.scanTime = Date.now() - startTime;
+  return result;
+}
+
+export { COMMON_PORTS };

package/src/core/features/portfolio-bulk.ts

@@ -0,0 +1,125 @@
+import {
+  getPortfolioDomains,
+  updatePortfolioStatus,
+  updatePortfolioCategory,
+  addTransaction,
+  removePortfolioDomain,
+  type PortfolioStatus,
+  type TransactionType,
+  type DbPortfolioDomain,
+} from "../db.js";
+import { writeFileSync } from "fs";
+import { getTaxExportData, getPortfolioPnL, getDomainPnL, getTransactions } from "../db.js";
+
+export interface BulkResult {
+  total: number;
+  success: number;
+  failed: number;
+  errors: string[];
+}
+
+export function bulkUpdateStatus(domains: string[], status: PortfolioStatus): BulkResult {
+  const result: BulkResult = { total: domains.length, success: 0, failed: 0, errors: [] };
+  for (const domain of domains) {
+    try {
+      updatePortfolioStatus(domain, status);
+      result.success++;
+    } catch (err: unknown) {
+      result.failed++;
+      result.errors.push(`${domain}: ${err instanceof Error ? err.message : "failed"}`);
+    }
+  }
+  return result;
+}
+
+export function bulkUpdateCategory(domains: string[], category: string): BulkResult {
+  const result: BulkResult = { total: domains.length, success: 0, failed: 0, errors: [] };
+  for (const domain of domains) {
+    try {
+      updatePortfolioCategory(domain, category);
+      result.success++;
+    } catch (err: unknown) {
+      result.failed++;
+      result.errors.push(`${domain}: ${err instanceof Error ? err.message : "failed"}`);
+    }
+  }
+  return result;
+}
+
+export function bulkAddTransaction(
+  domains: string[],
+  type: TransactionType,
+  amount: number,
+  description: string = "",
+  date?: string
+): BulkResult {
+  const result: BulkResult = { total: domains.length, success: 0, failed: 0, errors: [] };
+  for (const domain of domains) {
+    try {
+      addTransaction(domain, type, amount, description, date);
+      result.success++;
+    } catch (err: unknown) {
+      result.failed++;
+      result.errors.push(`${domain}: ${err instanceof Error ? err.message : "failed"}`);
+    }
+  }
+  return result;
+}
+
+export function bulkRemove(domains: string[]): BulkResult {
+  const result: BulkResult = { total: domains.length, success: 0, failed: 0, errors: [] };
+  for (const domain of domains) {
+    try {
+      removePortfolioDomain(domain);
+      result.success++;
+    } catch (err: unknown) {
+      result.failed++;
+      result.errors.push(`${domain}: ${err instanceof Error ? err.message : "failed"}`);
+    }
+  }
+  return result;
+}
+
+// ─── Export ──────────────────────────────────────────────
+
+export function exportPortfolioCSV(filePath: string): string {
+  const domains = getPortfolioDomains();
+  const headers = ["domain", "registrar", "status", "category", "purchase_date", "expiry_date", "purchase_price", "renewal_price", "estimated_value", "currency", "auto_renew", "tags", "notes"];
+  const rows = domains.map((d) =>
+    headers.map((h) => {
+      const val = String((d as any)[h] ?? "");
+      return val.includes(",") || val.includes('"') ? `"${val.replace(/"/g, '""')}"` : val;
+    }).join(",")
+  );
+  const csv = [headers.join(","), ...rows].join("\n");
+  writeFileSync(filePath, csv, "utf-8");
+  return filePath;
+}
+
+export function exportTaxCSV(filePath: string, year: number): string {
+  const data = getTaxExportData(year);
+  const headers = ["domain", "purchase_date", "purchase_price", "sale_date", "sale_price", "holding_days", "profit", "currency"];
+  const rows = data.map((d) => [
+    d.domain, d.purchaseDate, d.purchasePrice, d.saleDate || "", d.salePrice ?? "", d.holdingDays ?? "", d.profit, d.currency,
+  ].map((v) => {
+    const s = String(v);
+    return s.includes(",") ? `"${s}"` : s;
+  }).join(","));
+  const csv = [headers.join(","), ...rows].join("\n");
+  writeFileSync(filePath, csv, "utf-8");
+  return filePath;
+}
+
+export function exportTransactionsCSV(filePath: string, domain?: string): string {
+  const txns = getTransactions(domain, 1000);
+  const headers = ["id", "domain", "type", "amount", "currency", "description", "date"];
+  const rows = txns.map((t) =>
+    headers.map((h) => {
+      const val = String((t as any)[h] ?? "");
+      return val.includes(",") || val.includes('"') ? `"${val.replace(/"/g, '""')}"` : val;
+    }).join(",")
+  );
+  const csv = [headers.join(","), ...rows].join("\n");
+  writeFileSync(filePath, csv, "utf-8");
+  return filePath;
+}

package/src/core/features/portfolio-monitor.ts

@@ -0,0 +1,214 @@
+import {
+  getPortfolioDomains,
+  createAlert,
+  type DbPortfolioDomain,
+  type AlertSeverity,
+} from "../db.js";
+import { whoisLookup } from "../whois.js";
+import { checkSsl } from "./ssl-check.js";
+import { httpProbe } from "./http-probe.js";
+import { lookupDns } from "./dns-details.js";
+
+export interface HealthCheckResult {
+  domain: string;
+  whoisOk: boolean;
+  dnsOk: boolean;
+  httpOk: boolean;
+  sslOk: boolean;
+  sslDaysLeft: number | null;
+  expiryDaysLeft: number | null;
+  issues: string[];
+  checkedAt: string;
+}
+
+export interface MonitorReport {
+  checked: number;
+  healthy: number;
+  warnings: number;
+  critical: number;
+  results: HealthCheckResult[];
+  alerts: Array<{ domain: string; severity: string; message: string }>;
+}
+
+function daysUntil(dateStr: string | null): number | null {
+  if (!dateStr) return null;
+  try {
+    const d = new Date(dateStr);
+    if (isNaN(d.getTime())) return null;
+    return Math.floor((d.getTime() - Date.now()) / 86400000);
+  } catch { return null; }
+}
+
+export async function checkDomainHealth(domain: string): Promise<HealthCheckResult> {
+  const result: HealthCheckResult = {
+    domain,
+    whoisOk: false,
+    dnsOk: false,
+    httpOk: false,
+    sslOk: false,
+    sslDaysLeft: null,
+    expiryDaysLeft: null,
+    issues: [],
+    checkedAt: new Date().toISOString(),
+  };
+
+  // WHOIS check
+  try {
+    const whois = await whoisLookup(domain);
+    if (!whois.error && !whois.available) {
+      result.whoisOk = true;
+      result.expiryDaysLeft = daysUntil(whois.expiryDate);
+    } else if (whois.available) {
+      result.issues.push("Domain appears unregistered!");
+    }
+  } catch { result.issues.push("WHOIS check failed"); }
+
+  // DNS check
+  try {
+    const dns = await lookupDns(domain);
+    if (dns.a.length > 0 || dns.cname.length > 0) {
+      result.dnsOk = true;
+    } else {
+      result.issues.push("No DNS A/CNAME records");
+    }
+  } catch { result.issues.push("DNS check failed"); }
+
+  // HTTP check
+  try {
+    const probe = await httpProbe(domain);
+    if (probe.reachable && probe.status !== null && probe.status < 500) {
+      result.httpOk = true;
+    } else {
+      result.issues.push(probe.reachable ? `HTTP ${probe.status}` : "Site unreachable");
+    }
+  } catch { result.issues.push("HTTP check failed"); }
+
+  // SSL check
+  try {
+    const ssl = await checkSsl(domain);
+    if (ssl.valid && !ssl.error) {
+      result.sslOk = true;
+      result.sslDaysLeft = ssl.daysUntilExpiry;
+      if (ssl.daysUntilExpiry !== null && ssl.daysUntilExpiry < 30) {
+        result.issues.push(`SSL expires in ${ssl.daysUntilExpiry} days`);
+      }
+    } else {
+      result.issues.push(ssl.error || "Invalid SSL certificate");
+    }
+  } catch { result.issues.push("SSL check failed"); }
+
+  return result;
+}
+
+export async function runPortfolioHealthCheck(
+  onProgress?: (domain: string, index: number, total: number) => void
+): Promise<MonitorReport> {
+  const domains = getPortfolioDomains();
+  const report: MonitorReport = {
+    checked: 0,
+    healthy: 0,
+    warnings: 0,
+    critical: 0,
+    results: [],
+    alerts: [],
+  };
+
+  for (let i = 0; i < domains.length; i++) {
+    const d = domains[i]!;
+    onProgress?.(d.domain, i, domains.length);
+
+    const health = await checkDomainHealth(d.domain);
+    report.results.push(health);
+    report.checked++;
+
+    // Generate alerts
+    // Domain expiry
+    if (health.expiryDaysLeft !== null) {
+      if (health.expiryDaysLeft <= 7) {
+        const msg = `Domain expires in ${health.expiryDaysLeft} days!`;
+        createAlert(d.domain, "expiry", "critical", msg);
+        report.alerts.push({ domain: d.domain, severity: "critical", message: msg });
+        report.critical++;
+      } else if (health.expiryDaysLeft <= 30) {
+        const msg = `Domain expires in ${health.expiryDaysLeft} days`;
+        createAlert(d.domain, "expiry", "warning", msg);
+        report.alerts.push({ domain: d.domain, severity: "warning", message: msg });
+        report.warnings++;
+      } else if (health.expiryDaysLeft <= 90) {
+        const msg = `Domain expires in ${health.expiryDaysLeft} days`;
+        createAlert(d.domain, "expiry", "info", msg);
+        report.alerts.push({ domain: d.domain, severity: "info", message: msg });
+      }
+    }
+
+    // SSL expiry
+    if (health.sslDaysLeft !== null && health.sslDaysLeft <= 14) {
+      const severity: AlertSeverity = health.sslDaysLeft <= 3 ? "critical" : "warning";
+      const msg = `SSL certificate expires in ${health.sslDaysLeft} days`;
+      createAlert(d.domain, "ssl-expiry", severity, msg);
+      report.alerts.push({ domain: d.domain, severity, message: msg });
+      if (severity === "critical") report.critical++; else report.warnings++;
+    }
+
+    // Site down
+    if (!health.httpOk) {
+      const msg = "Site is unreachable or returning errors";
+      createAlert(d.domain, "downtime", "warning", msg);
+      report.alerts.push({ domain: d.domain, severity: "warning", message: msg });
+      report.warnings++;
+    }
+
+    // DNS missing
+    if (!health.dnsOk) {
+      const msg = "No DNS records found";
+      createAlert(d.domain, "dns", "warning", msg);
+      report.alerts.push({ domain: d.domain, severity: "warning", message: msg });
+      report.warnings++;
+    }
+
+    if (health.issues.length === 0) report.healthy++;
+
+    // Rate limit
+    await new Promise((r) => setTimeout(r, 1000));
+  }
+
+  return report;
+}
+
+export function generateRenewalCalendar(monthsAhead: number = 12): Array<{
+  domain: string;
+  expiryDate: string;
+  daysLeft: number;
+  renewalPrice: number;
+  autoRenew: boolean;
+}> {
+  const domains = getPortfolioDomains();
+  const calendar: Array<{
+    domain: string; expiryDate: string; daysLeft: number; renewalPrice: number; autoRenew: boolean;
+  }> = [];
+
+  const cutoff = Date.now() + monthsAhead * 30 * 86400000;
+
+  for (const d of domains) {
+    if (!d.expiry_date) continue;
+    const expiry = new Date(d.expiry_date).getTime();
+    if (isNaN(expiry)) continue;
+    const daysLeft = Math.floor((expiry - Date.now()) / 86400000);
+    if (daysLeft >= 0 && expiry <= cutoff) {
+      calendar.push({
+        domain: d.domain,
+        expiryDate: d.expiry_date,
+        daysLeft,
+        renewalPrice: d.renewal_price,
+        autoRenew: !!d.auto_renew,
+      });
+    }
+  }
+
+  return calendar.sort((a, b) => a.daysLeft - b.daysLeft);
+}
+
+export function estimateAnnualRenewalCost(): number {
+  const domains = getPortfolioDomains();
+  return domains.reduce((sum, d) => sum + (d.renewal_price || 0), 0);
+}