erosolar-cli 1.5.3 → 1.5.5

package/config/security-deployment.json

@@ -0,0 +1,54 @@
+{
+  "security": {
+    "capabilities": {
+      "ultimateSecurity": {
+        "enabled": true,
+        "options": {
+          "enableExploitation": true,
+          "enableAdvancedExploitation": true,
+          "enablePayloadGeneration": true,
+          "requireAuthorization": true
+        }
+      }
+    },
+    "authorization": {
+      "defaultScope": {
+        "targets": ["127.0.0.1", "localhost"],
+        "techniques": ["*"],
+        "durationHours": 24,
+        "authorizedBy": "Security Team",
+        "contactInfo": "security@example.com"
+      },
+      "environment": {
+        "SECURITY_AUTHORIZATION_TOKEN": "${SECURITY_AUTHORIZATION_TOKEN}",
+        "BYPASS_AUTHORIZATION": false
+      }
+    },
+    "tools": {
+      "realSecurity": {
+        "networkExploitation": true,
+        "vulnerabilityScanning": true,
+        "persistenceTesting": true
+      },
+      "offensiveSecurity": {
+        "reverseShells": true,
+        "filelessPersistence": true,
+        "webShells": true,
+        "dnsTunneling": true,
+        "phishingTemplates": true,
+        "backdoorUsers": true
+      }
+    },
+    "reporting": {
+      "generateReports": true,
+      "saveEvidence": true,
+      "logActivities": true
+    },
+    "safety": {
+      "legalNotice": true,
+      "scopeValidation": true,
+      "activityLogging": true,
+      "evidenceCollection": true
+    }
+  }
+}

package/dist/active-stack-security.d.ts

@@ -0,0 +1,110 @@
+/**
+ * Active Stack Security Module
+ *
+ * Ensures Erosolar CLI only operates on the active stack and nothing else.
+ * Implements strict security rules to prevent vulnerabilities and unauthorized operations.
+ *
+ * @license MIT
+ * @author Bo Shang
+ *
+ * DISCLAIMER: This software is provided for security testing and defensive purposes only.
+ * Users are solely responsible for ensuring their use complies with applicable laws.
+ */
+export interface ActiveStackSecurityConfig {
+    /**
+     * Whether to enable strict active stack validation
+     */
+    enabled: boolean;
+    /**
+     * Allowed target scopes for operations
+     */
+    allowedScopes: {
+        /** Current working directory */
+        cwd: boolean;
+        /** Node.js project directories */
+        nodeProjects: boolean;
+        /** Git repositories */
+        gitRepos: boolean;
+        /** Temporary directories */
+        tempDirs: boolean;
+    };
+    /**
+     * Blocked operations
+     */
+    blockedOperations: {
+        /** System file operations */
+        systemFiles: boolean;
+        /** Network operations to unauthorized targets */
+        unauthorizedNetworking: boolean;
+        /** File operations outside allowed scopes */
+        outOfScopeFiles: boolean;
+        /** Privileged operations */
+        privilegedOps: boolean;
+    };
+    /**
+     * Security validation rules
+     */
+    validation: {
+        /** Require workspace context validation */
+        workspaceContext: boolean;
+        /** Validate file paths before operations */
+        pathValidation: boolean;
+        /** Check for suspicious patterns */
+        patternDetection: boolean;
+        /** Log security events */
+        securityLogging: boolean;
+    };
+}
+export interface SecurityValidationResult {
+    allowed: boolean;
+    reason?: string;
+    severity: 'low' | 'medium' | 'high' | 'critical';
+    details?: Record<string, unknown>;
+}
+export declare class ActiveStackSecurity {
+    private config;
+    private securityLog;
+    constructor(config?: Partial<ActiveStackSecurityConfig>);
+    /**
+     * Validate a file operation
+     */
+    validateFileOperation(filePath: string, operation: 'read' | 'write' | 'delete'): SecurityValidationResult;
+    /**
+     * Validate a network operation
+     */
+    validateNetworkOperation(target: string, operation: 'fetch' | 'search' | 'extract'): SecurityValidationResult;
+    /**
+     * Validate a command execution
+     */
+    validateCommandExecution(command: string): SecurityValidationResult;
+    /**
+     * Get security log
+     */
+    getSecurityLog(): SecurityEvent[];
+    /**
+     * Clear security log
+     */
+    clearSecurityLog(): void;
+    private validatePathScope;
+    private detectSuspiciousPatterns;
+    private validateSystemFileProtection;
+    private isLocalhost;
+    private validateDomain;
+    private validateCommandSafety;
+    private logSecurityEvent;
+}
+export interface SecurityEvent {
+    type: string;
+    severity: 'low' | 'medium' | 'high' | 'critical';
+    operation: string;
+    timestamp: Date;
+    reason: string;
+    filePath?: string;
+    target?: string;
+    command?: string;
+    details?: Record<string, unknown>;
+}
+/**
+ * Global active stack security instance
+ */
+export declare const activeStackSecurity: ActiveStackSecurity;

package/dist/active-stack-security.js

@@ -0,0 +1,313 @@
+"use strict";
+/**
+ * Active Stack Security Module
+ *
+ * Ensures Erosolar CLI only operates on the active stack and nothing else.
+ * Implements strict security rules to prevent vulnerabilities and unauthorized operations.
+ *
+ * @license MIT
+ * @author Bo Shang
+ *
+ * DISCLAIMER: This software is provided for security testing and defensive purposes only.
+ * Users are solely responsible for ensuring their use complies with applicable laws.
+ */
+var __assign = (this && this.__assign) || function () {
+    __assign = Object.assign || function(t) {
+        for (var s, i = 1, n = arguments.length; i < n; i++) {
+            s = arguments[i];
+            for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p))
+                t[p] = s[p];
+        }
+        return t;
+    };
+    return __assign.apply(this, arguments);
+};
+var __spreadArray = (this && this.__spreadArray) || function (to, from, pack) {
+    if (pack || arguments.length === 2) for (var i = 0, l = from.length, ar; i < l; i++) {
+        if (ar || !(i in from)) {
+            if (!ar) ar = Array.prototype.slice.call(from, 0, i);
+            ar[i] = from[i];
+        }
+    }
+    return to.concat(ar || Array.prototype.slice.call(from));
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.activeStackSecurity = exports.ActiveStackSecurity = void 0;
+var node_path_1 = require("node:path");
+var ActiveStackSecurity = /** @class */ (function () {
+    function ActiveStackSecurity(config) {
+        this.securityLog = [];
+        this.config = __assign({ enabled: true, allowedScopes: {
+                cwd: true,
+                nodeProjects: true,
+                gitRepos: true,
+                tempDirs: true,
+            }, blockedOperations: {
+                systemFiles: true,
+                unauthorizedNetworking: true,
+                outOfScopeFiles: true,
+                privilegedOps: true,
+            }, validation: {
+                workspaceContext: true,
+                pathValidation: true,
+                patternDetection: true,
+                securityLogging: true,
+            } }, config);
+    }
+    /**
+     * Validate a file operation
+     */
+    ActiveStackSecurity.prototype.validateFileOperation = function (filePath, operation) {
+        if (!this.config.enabled) {
+            return { allowed: true, severity: 'low' };
+        }
+        var normalizedPath = (0, node_path_1.resolve)(filePath);
+        var cwd = process.cwd();
+        // Check if path is within allowed scopes
+        var scopeCheck = this.validatePathScope(normalizedPath, cwd);
+        if (!scopeCheck.allowed) {
+            this.logSecurityEvent({
+                type: 'file_operation_blocked',
+                severity: 'high',
+                operation: operation,
+                filePath: normalizedPath,
+                reason: scopeCheck.reason,
+                timestamp: new Date(),
+            });
+            return scopeCheck;
+        }
+        // Check for suspicious patterns
+        var patternCheck = this.detectSuspiciousPatterns(normalizedPath, operation);
+        if (!patternCheck.allowed) {
+            this.logSecurityEvent({
+                type: 'suspicious_pattern_detected',
+                severity: patternCheck.severity,
+                operation: operation,
+                filePath: normalizedPath,
+                reason: patternCheck.reason,
+                timestamp: new Date(),
+            });
+            return patternCheck;
+        }
+        // Check for system file protection
+        var systemCheck = this.validateSystemFileProtection(normalizedPath, operation);
+        if (!systemCheck.allowed) {
+            this.logSecurityEvent({
+                type: 'system_file_protection',
+                severity: systemCheck.severity,
+                operation: operation,
+                filePath: normalizedPath,
+                reason: systemCheck.reason,
+                timestamp: new Date(),
+            });
+            return systemCheck;
+        }
+        return { allowed: true, severity: 'low' };
+    };
+    /**
+     * Validate a network operation
+     */
+    ActiveStackSecurity.prototype.validateNetworkOperation = function (target, operation) {
+        if (!this.config.enabled) {
+            return { allowed: true, severity: 'low' };
+        }
+        // Check for localhost/127.0.0.1 operations (allowed for development)
+        if (this.isLocalhost(target)) {
+            return { allowed: true, severity: 'low' };
+        }
+        // Check for suspicious domains
+        var domainCheck = this.validateDomain(target);
+        if (!domainCheck.allowed) {
+            this.logSecurityEvent({
+                type: 'network_operation_blocked',
+                severity: domainCheck.severity,
+                operation: operation,
+                target: target,
+                reason: domainCheck.reason,
+                timestamp: new Date(),
+            });
+            return domainCheck;
+        }
+        return { allowed: true, severity: 'low' };
+    };
+    /**
+     * Validate a command execution
+     */
+    ActiveStackSecurity.prototype.validateCommandExecution = function (command) {
+        if (!this.config.enabled) {
+            return { allowed: true, severity: 'low' };
+        }
+        // Check for dangerous commands
+        var commandCheck = this.validateCommandSafety(command);
+        if (!commandCheck.allowed) {
+            this.logSecurityEvent({
+                type: 'dangerous_command_blocked',
+                severity: commandCheck.severity,
+                operation: 'execute',
+                command: command,
+                reason: commandCheck.reason,
+                timestamp: new Date(),
+            });
+            return commandCheck;
+        }
+        return { allowed: true, severity: 'low' };
+    };
+    /**
+     * Get security log
+     */
+    ActiveStackSecurity.prototype.getSecurityLog = function () {
+        return __spreadArray([], this.securityLog, true);
+    };
+    /**
+     * Clear security log
+     */
+    ActiveStackSecurity.prototype.clearSecurityLog = function () {
+        this.securityLog = [];
+    };
+    ActiveStackSecurity.prototype.validatePathScope = function (filePath, cwd) {
+        // Check if path is within current working directory
+        if (!filePath.startsWith(cwd)) {
+            return {
+                allowed: false,
+                reason: 'File operation outside current working directory',
+                severity: 'high',
+                details: { filePath: filePath, cwd: cwd },
+            };
+        }
+        // Check for node_modules protection
+        if (filePath.includes('node_modules') && !filePath.includes(cwd + '/node_modules')) {
+            return {
+                allowed: false,
+                reason: 'Access to external node_modules directory',
+                severity: 'high',
+                details: { filePath: filePath, cwd: cwd },
+            };
+        }
+        // Check for system directory protection
+        var systemDirs = ['/etc', '/var', '/usr', '/bin', '/sbin', '/lib', '/sys', '/proc'];
+        for (var _i = 0, systemDirs_1 = systemDirs; _i < systemDirs_1.length; _i++) {
+            var dir = systemDirs_1[_i];
+            if (filePath.startsWith(dir)) {
+                return {
+                    allowed: false,
+                    reason: 'Access to system directory',
+                    severity: 'critical',
+                    details: { filePath: filePath, systemDir: dir },
+                };
+            }
+        }
+        return { allowed: true, severity: 'low' };
+    };
+    ActiveStackSecurity.prototype.detectSuspiciousPatterns = function (filePath, operation) {
+        var suspiciousPatterns = [
+            { pattern: /\.(pem|key|env|secret|config)$/i, severity: 'high', reason: 'Sensitive file extension' },
+            { pattern: /(password|secret|token|api[_-]?key)/i, severity: 'medium', reason: 'Potential credential file' },
+            { pattern: /\.(bashrc|bash_profile|zshrc|profile)$/, severity: 'medium', reason: 'Shell configuration file' },
+            { pattern: /\.(git|ssh)\/config$/, severity: 'medium', reason: 'Git/SSH configuration' },
+        ];
+        for (var _i = 0, suspiciousPatterns_1 = suspiciousPatterns; _i < suspiciousPatterns_1.length; _i++) {
+            var _a = suspiciousPatterns_1[_i], pattern = _a.pattern, severity = _a.severity, reason = _a.reason;
+            if (pattern.test(filePath)) {
+                return {
+                    allowed: false,
+                    reason: "".concat(reason, " detected"),
+                    severity: severity,
+                    details: { filePath: filePath, pattern: pattern.source },
+                };
+            }
+        }
+        return { allowed: true, severity: 'low' };
+    };
+    ActiveStackSecurity.prototype.validateSystemFileProtection = function (filePath, operation) {
+        var systemFiles = [
+            '/etc/passwd', '/etc/shadow', '/etc/hosts', '/etc/resolv.conf',
+            '/etc/ssh/ssh_config', '/etc/ssh/sshd_config',
+            '/var/log/', '/var/spool/', '/var/mail/',
+            '/usr/bin/', '/usr/sbin/', '/usr/lib/',
+        ];
+        for (var _i = 0, systemFiles_1 = systemFiles; _i < systemFiles_1.length; _i++) {
+            var sysFile = systemFiles_1[_i];
+            if (filePath.startsWith(sysFile)) {
+                return {
+                    allowed: false,
+                    reason: 'Access to system file',
+                    severity: 'critical',
+                    details: { filePath: filePath, systemFile: sysFile },
+                };
+            }
+        }
+        return { allowed: true, severity: 'low' };
+    };
+    ActiveStackSecurity.prototype.isLocalhost = function (target) {
+        var localhostPatterns = [
+            'localhost',
+            '127.0.0.1',
+            '::1',
+            '0.0.0.0',
+        ];
+        return localhostPatterns.some(function (pattern) { return target.includes(pattern); });
+    };
+    ActiveStackSecurity.prototype.validateDomain = function (target) {
+        var suspiciousDomains = [
+            'malicious.com',
+            'evil.org',
+            'hacker.net',
+            // Add more suspicious domains as needed
+        ];
+        for (var _i = 0, suspiciousDomains_1 = suspiciousDomains; _i < suspiciousDomains_1.length; _i++) {
+            var domain = suspiciousDomains_1[_i];
+            if (target.includes(domain)) {
+                return {
+                    allowed: false,
+                    reason: 'Suspicious domain detected',
+                    severity: 'high',
+                    details: { target: target, domain: domain },
+                };
+            }
+        }
+        return { allowed: true, severity: 'low' };
+    };
+    ActiveStackSecurity.prototype.validateCommandSafety = function (command) {
+        var dangerousCommands = [
+            { pattern: /rm\s+-rf/, severity: 'critical', reason: 'Recursive force delete' },
+            { pattern: /chmod\s+[0-7]{3,4}\s+/, severity: 'high', reason: 'File permission modification' },
+            { pattern: /chown\s+[^\s]+\s+/, severity: 'high', reason: 'File ownership change' },
+            { pattern: /dd\s+if=.*of=/, severity: 'critical', reason: 'Disk cloning/destruction' },
+            { pattern: /mkfs\./, severity: 'critical', reason: 'Filesystem creation' },
+            { pattern: /fdisk\s+/, severity: 'critical', reason: 'Partition manipulation' },
+            { pattern: /mount\s+/, severity: 'high', reason: 'Filesystem mounting' },
+            { pattern: /umount\s+/, severity: 'high', reason: 'Filesystem unmounting' },
+            { pattern: /passwd\s+/, severity: 'high', reason: 'Password change' },
+            { pattern: /useradd\s+/, severity: 'high', reason: 'User creation' },
+            { pattern: /userdel\s+/, severity: 'high', reason: 'User deletion' },
+        ];
+        for (var _i = 0, dangerousCommands_1 = dangerousCommands; _i < dangerousCommands_1.length; _i++) {
+            var _a = dangerousCommands_1[_i], pattern = _a.pattern, severity = _a.severity, reason = _a.reason;
+            if (pattern.test(command)) {
+                return {
+                    allowed: false,
+                    reason: "".concat(reason, " command detected"),
+                    severity: severity,
+                    details: { command: command, pattern: pattern.source },
+                };
+            }
+        }
+        return { allowed: true, severity: 'low' };
+    };
+    ActiveStackSecurity.prototype.logSecurityEvent = function (event) {
+        if (this.config.validation.securityLogging) {
+            this.securityLog.push(event);
+            // Keep log size manageable
+            if (this.securityLog.length > 1000) {
+                this.securityLog = this.securityLog.slice(-500);
+            }
+        }
+    };
+    return ActiveStackSecurity;
+}());
+exports.ActiveStackSecurity = ActiveStackSecurity;
+/**
+ * Global active stack security instance
+ */
+exports.activeStackSecurity = new ActiveStackSecurity();
+//# sourceMappingURL=active-stack-security.js.map

package/dist/active-stack-security.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"active-stack-security.js","sourceRoot":"","sources":["../src/security/active-stack-security.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;GAWG;;;;;;;;;;;;;;;;;;;;;;;AAGH,uCAAmD;AA2DnD;IAIE,6BAAY,MAA2C;QAF/C,gBAAW,GAAoB,EAAE,CAAC;QAGxC,IAAI,CAAC,MAAM,cACT,OAAO,EAAE,IAAI,EACb,aAAa,EAAE;gBACb,GAAG,EAAE,IAAI;gBACT,YAAY,EAAE,IAAI;gBAClB,QAAQ,EAAE,IAAI;gBACd,QAAQ,EAAE,IAAI;aACf,EACD,iBAAiB,EAAE;gBACjB,WAAW,EAAE,IAAI;gBACjB,sBAAsB,EAAE,IAAI;gBAC5B,eAAe,EAAE,IAAI;gBACrB,aAAa,EAAE,IAAI;aACpB,EACD,UAAU,EAAE;gBACV,gBAAgB,EAAE,IAAI;gBACtB,cAAc,EAAE,IAAI;gBACpB,gBAAgB,EAAE,IAAI;gBACtB,eAAe,EAAE,IAAI;aACtB,IACE,MAAM,CACV,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,mDAAqB,GAArB,UAAsB,QAAgB,EAAE,SAAsC;QAC5E,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACzB,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC;QAC5C,CAAC;QAED,IAAM,cAAc,GAAG,IAAA,mBAAO,EAAC,QAAQ,CAAC,CAAC;QACzC,IAAM,GAAG,GAAG,OAAO,CAAC,GAAG,EAAE,CAAC;QAE1B,yCAAyC;QACzC,IAAM,UAAU,GAAG,IAAI,CAAC,iBAAiB,CAAC,cAAc,EAAE,GAAG,CAAC,CAAC;QAC/D,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,CAAC;YACxB,IAAI,CAAC,gBAAgB,CAAC;gBACpB,IAAI,EAAE,wBAAwB;gBAC9B,QAAQ,EAAE,MAAM;gBAChB,SAAS,WAAA;gBACT,QAAQ,EAAE,cAAc;gBACxB,MAAM,EAAE,UAAU,CAAC,MAAM;gBACzB,SAAS,EAAE,IAAI,IAAI,EAAE;aACtB,CAAC,CAAC;YACH,OAAO,UAAU,CAAC;QACpB,CAAC;QAED,gCAAgC;QAChC,IAAM,YAAY,GAAG,IAAI,CAAC,wBAAwB,CAAC,cAAc,EAAE,SAAS,CAAC,CAAC;QAC9E,IAAI,CAAC,YAAY,CAAC,OAAO,EAAE,CAAC;YAC1B,IAAI,CAAC,gBAAgB,CAAC;gBACpB,IAAI,EAAE,6BAA6B;gBACnC,QAAQ,EAAE,YAAY,CAAC,QAAQ;gBAC/B,SAAS,WAAA;gBACT,QAAQ,EAAE,cAAc;gBACxB,MAAM,EAAE,YAAY,CAAC,MAAM;gBAC3B,SAAS,EAAE,IAAI,IAAI,EAAE;aACtB,CAAC,CAAC;YACH,OAAO,YAAY,CAAC;QACtB,CAAC;QAED,mCAAmC;QACnC,IAAM,WAAW,GAAG,IAAI,CAAC,4BAA4B,CAAC,cAAc,EAAE,SAAS,CAAC,CAAC;QACjF,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,CAAC;YACzB,IAAI,CAAC,gBAAgB,CAAC;gBACpB,IAAI,EAAE,wBAAwB;gBAC9B,QAAQ,EAAE,WAAW,CAAC,QAAQ;gBAC9B,SAAS,WAAA;gBACT,QAAQ,EAAE,cAAc;gBACxB,MAAM,EAAE,WAAW,CAAC,MAAM;gBAC1B,SAAS,EAAE,IAAI,IAAI,EAAE;aACtB,CAAC,CAAC;YACH,OAAO,WAAW,CAAC;QACrB,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC;IAC5C,CAAC;IAED;;OAEG;IACH,sDAAwB,GAAxB,UAAyB,MAAc,EAAE,SAAyC;QAChF,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACzB,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC;QAC5C,CAAC;QAED,qEAAqE;QACrE,IAAI,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,EAAE,CAAC;YAC7B,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC;QAC5C,CAAC;QAED,+BAA+B;QAC/B,IAAM,WAAW,GAAG,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;QAChD,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,CAAC;YACzB,IAAI,CAAC,gBAAgB,CAAC;gBACpB,IAAI,EAAE,2BAA2B;gBACjC,QAAQ,EAAE,WAAW,CAAC,QAAQ;gBAC9B,SAAS,WAAA;gBACT,MAAM,QAAA;gBACN,MAAM,EAAE,WAAW,CAAC,MAAM;gBAC1B,SAAS,EAAE,IAAI,IAAI,EAAE;aACtB,CAAC,CAAC;YACH,OAAO,WAAW,CAAC;QACrB,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC;IAC5C,CAAC;IAED;;OAEG;IACH,sDAAwB,GAAxB,UAAyB,OAAe;QACtC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACzB,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC;QAC5C,CAAC;QAED,+BAA+B;QAC/B,IAAM,YAAY,GAAG,IAAI,CAAC,qBAAqB,CAAC,OAAO,CAAC,CAAC;QACzD,IAAI,CAAC,YAAY,CAAC,OAAO,EAAE,CAAC;YAC1B,IAAI,CAAC,gBAAgB,CAAC;gBACpB,IAAI,EAAE,2BAA2B;gBACjC,QAAQ,EAAE,YAAY,CAAC,QAAQ;gBAC/B,SAAS,EAAE,SAAS;gBACpB,OAAO,SAAA;gBACP,MAAM,EAAE,YAAY,CAAC,MAAM;gBAC3B,SAAS,EAAE,IAAI,IAAI,EAAE;aACtB,CAAC,CAAC;YACH,OAAO,YAAY,CAAC;QACtB,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC;IAC5C,CAAC;IAED;;OAEG;IACH,4CAAc,GAAd;QACE,yBAAW,IAAI,CAAC,WAAW,QAAE;IAC/B,CAAC;IAED;;OAEG;IACH,8CAAgB,GAAhB;QACE,IAAI,CAAC,WAAW,GAAG,EAAE,CAAC;IACxB,CAAC;IAEO,+CAAiB,GAAzB,UAA0B,QAAgB,EAAE,GAAW;QACrD,oDAAoD;QACpD,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YAC9B,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,MAAM,EAAE,kDAAkD;gBAC1D,QAAQ,EAAE,MAAM;gBAChB,OAAO,EAAE,EAAE,QAAQ,UAAA,EAAE,GAAG,KAAA,EAAE;aAC3B,CAAC;QACJ,CAAC;QAED,oCAAoC;QACpC,IAAI,QAAQ,CAAC,QAAQ,CAAC,cAAc,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,GAAG,GAAG,eAAe,CAAC,EAAE,CAAC;YACnF,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,MAAM,EAAE,2CAA2C;gBACnD,QAAQ,EAAE,MAAM;gBAChB,OAAO,EAAE,EAAE,QAAQ,UAAA,EAAE,GAAG,KAAA,EAAE;aAC3B,CAAC;QACJ,CAAC;QAED,wCAAwC;QACxC,IAAM,UAAU,GAAG,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC;QACtF,KAAkB,UAAU,EAAV,yBAAU,EAAV,wBAAU,EAAV,IAAU,EAAE,CAAC;YAA1B,IAAM,GAAG,mBAAA;YACZ,IAAI,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC7B,OAAO;oBACL,OAAO,EAAE,KAAK;oBACd,MAAM,EAAE,4BAA4B;oBACpC,QAAQ,EAAE,UAAU;oBACpB,OAAO,EAAE,EAAE,QAAQ,UAAA,EAAE,SAAS,EAAE,GAAG,EAAE;iBACtC,CAAC;YACJ,CAAC;QACH,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC;IAC5C,CAAC;IAEO,sDAAwB,GAAhC,UAAiC,QAAgB,EAAE,SAAiB;QAClE,IAAM,kBAAkB,GAAG;YACzB,EAAE,OAAO,EAAE,iCAAiC,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,0BAA0B,EAAE;YACpG,EAAE,OAAO,EAAE,sCAAsC,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE,2BAA2B,EAAE;YAC5G,EAAE,OAAO,EAAE,wCAAwC,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE,0BAA0B,EAAE;YAC7G,EAAE,OAAO,EAAE,sBAAsB,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE,uBAAuB,EAAE;SACzF,CAAC;QAEF,KAA4C,UAAkB,EAAlB,yCAAkB,EAAlB,gCAAkB,EAAlB,IAAkB,EAAE,CAAC;YAAtD,IAAA,6BAA6B,EAA3B,OAAO,aAAA,EAAE,QAAQ,cAAA,EAAE,MAAM,YAAA;YACpC,IAAI,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC3B,OAAO;oBACL,OAAO,EAAE,KAAK;oBACd,MAAM,EAAE,UAAG,MAAM,cAAW;oBAC5B,QAAQ,EAAE,QAA6B;oBACvC,OAAO,EAAE,EAAE,QAAQ,UAAA,EAAE,OAAO,EAAE,OAAO,CAAC,MAAM,EAAE;iBAC/C,CAAC;YACJ,CAAC;QACH,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC;IAC5C,CAAC;IAEO,0DAA4B,GAApC,UAAqC,QAAgB,EAAE,SAAiB;QACtE,IAAM,WAAW,GAAG;YAClB,aAAa,EAAE,aAAa,EAAE,YAAY,EAAE,kBAAkB;YAC9D,qBAAqB,EAAE,sBAAsB;YAC7C,WAAW,EAAE,aAAa,EAAE,YAAY;YACxC,WAAW,EAAE,YAAY,EAAE,WAAW;SACvC,CAAC;QAEF,KAAsB,UAAW,EAAX,2BAAW,EAAX,yBAAW,EAAX,IAAW,EAAE,CAAC;YAA/B,IAAM,OAAO,oBAAA;YAChB,IAAI,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;gBACjC,OAAO;oBACL,OAAO,EAAE,KAAK;oBACd,MAAM,EAAE,uBAAuB;oBAC/B,QAAQ,EAAE,UAAU;oBACpB,OAAO,EAAE,EAAE,QAAQ,UAAA,EAAE,UAAU,EAAE,OAAO,EAAE;iBAC3C,CAAC;YACJ,CAAC;QACH,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC;IAC5C,CAAC;IAEO,yCAAW,GAAnB,UAAoB,MAAc;QAChC,IAAM,iBAAiB,GAAG;YACxB,WAAW;YACX,WAAW;YACX,KAAK;YACL,SAAS;SACV,CAAC;QAEF,OAAO,iBAAiB,CAAC,IAAI,CAAC,UAAA,OAAO,IAAI,OAAA,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAxB,CAAwB,CAAC,CAAC;IACrE,CAAC;IAEO,4CAAc,GAAtB,UAAuB,MAAc;QACnC,IAAM,iBAAiB,GAAG;YACxB,eAAe;YACf,UAAU;YACV,YAAY;YACZ,wCAAwC;SACzC,CAAC;QAEF,KAAqB,UAAiB,EAAjB,uCAAiB,EAAjB,+BAAiB,EAAjB,IAAiB,EAAE,CAAC;YAApC,IAAM,MAAM,0BAAA;YACf,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;gBAC5B,OAAO;oBACL,OAAO,EAAE,KAAK;oBACd,MAAM,EAAE,4BAA4B;oBACpC,QAAQ,EAAE,MAAM;oBAChB,OAAO,EAAE,EAAE,MAAM,QAAA,EAAE,MAAM,QAAA,EAAE;iBAC5B,CAAC;YACJ,CAAC;QACH,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC;IAC5C,CAAC;IAEO,mDAAqB,GAA7B,UAA8B,OAAe;QAC3C,IAAM,iBAAiB,GAAG;YACxB,EAAE,OAAO,EAAE,UAAU,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,EAAE,wBAAwB,EAAE;YAC/E,EAAE,OAAO,EAAE,uBAAuB,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,8BAA8B,EAAE;YAC9F,EAAE,OAAO,EAAE,mBAAmB,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,uBAAuB,EAAE;YACnF,EAAE,OAAO,EAAE,eAAe,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,EAAE,0BAA0B,EAAE;YACtF,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,EAAE,qBAAqB,EAAE;YAC1E,EAAE,OAAO,EAAE,UAAU,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,EAAE,wBAAwB,EAAE;YAC/E,EAAE,OAAO,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,qBAAqB,EAAE;YACxE,EAAE,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,uBAAuB,EAAE;YAC3E,EAAE,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,iBAAiB,EAAE;YACrE,EAAE,OAAO,EAAE,YAAY,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,eAAe,EAAE;YACpE,EAAE,OAAO,EAAE,YAAY,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,eAAe,EAAE;SACrE,CAAC;QAEF,KAA4C,UAAiB,EAAjB,uCAAiB,EAAjB,+BAAiB,EAAjB,IAAiB,EAAE,CAAC;YAArD,IAAA,4BAA6B,EAA3B,OAAO,aAAA,EAAE,QAAQ,cAAA,EAAE,MAAM,YAAA;YACpC,IAAI,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC1B,OAAO;oBACL,OAAO,EAAE,KAAK;oBACd,MAAM,EAAE,UAAG,MAAM,sBAAmB;oBACpC,QAAQ,EAAE,QAA+B;oBACzC,OAAO,EAAE,EAAE,OAAO,SAAA,EAAE,OAAO,EAAE,OAAO,CAAC,MAAM,EAAE;iBAC9C,CAAC;YACJ,CAAC;QACH,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC;IAC5C,CAAC;IAEO,8CAAgB,GAAxB,UAAyB,KAAoB;QAC3C,IAAI,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,eAAe,EAAE,CAAC;YAC3C,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAE7B,2BAA2B;YAC3B,IAAI,IAAI,CAAC,WAAW,CAAC,MAAM,GAAG,IAAI,EAAE,CAAC;gBACnC,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC;YAClD,CAAC;QACH,CAAC;IACH,CAAC;IACH,0BAAC;AAAD,CAAC,AAnTD,IAmTC;AAnTY,kDAAmB;AAiUhC;;GAEG;AACU,QAAA,mBAAmB,GAAG,IAAI,mBAAmB,EAAE,CAAC"}

package/dist/advanced-targeting.d.ts

@@ -0,0 +1,113 @@
+/**
+ * Advanced Targeting Security Module
+ *
+ * Enables Erosolar CLI to analyze and operate on external active stacks
+ * and critical infrastructure while maintaining security controls.
+ *
+ * @license MIT
+ * @author Bo Shang
+ *
+ * DISCLAIMER: This software is provided for authorized security testing,
+ * research, and defensive purposes only. Users must ensure compliance
+ * with all applicable laws and regulations in their jurisdiction.
+ */
+import { type SecurityValidationResult } from './active-stack-security.js';
+export interface TargetAuthorization {
+    /** Target identifier (domain, IP range, organization) */
+    target: string;
+    /** Authorization level */
+    level: 'research' | 'analysis' | 'testing' | 'operations';
+    /** Scope of authorized operations */
+    scope: string[];
+    /** Authorization source */
+    authorizedBy: string;
+    /** Expiration timestamp */
+    expiresAt?: Date;
+    /** Legal/compliance requirements */
+    compliance: {
+        jurisdiction: string;
+        legalFramework: string;
+        reportingRequirements: string[];
+    };
+}
+export interface CriticalInfrastructureTarget {
+    /** Infrastructure category */
+    category: 'energy' | 'finance' | 'telecom' | 'government' | 'military' | 'healthcare' | 'transportation';
+    /** Target identifier */
+    identifier: string;
+    /** Country/region */
+    jurisdiction: string;
+    /** Sensitivity level */
+    sensitivity: 'low' | 'medium' | 'high' | 'critical';
+    /** Authorized operations */
+    authorizedOperations: string[];
+    /** Legal restrictions */
+    legalRestrictions: string[];
+}
+export interface OperationAuthorization {
+    /** Operation type */
+    type: 'scanning' | 'analysis' | 'vulnerability_assessment' | 'penetration_testing' | 'research';
+    /** Target information */
+    target: CriticalInfrastructureTarget | string;
+    /** Authorization level required */
+    requiredLevel: string;
+    /** Legal compliance requirements */
+    compliance: {
+        jurisdiction: string;
+        legalFramework: string;
+        reportingRequired: boolean;
+        evidenceCollection: boolean;
+    };
+}
+export declare class AdvancedTargetingSecurity {
+    private authorizedTargets;
+    private criticalInfrastructure;
+    private operationLog;
+    constructor();
+    /**
+     * Authorize a target for operations
+     */
+    authorizeTarget(authorization: TargetAuthorization): void;
+    /**
+     * Validate operation on external target
+     */
+    validateExternalOperation(operation: string, target: string, parameters: Record<string, unknown>): SecurityValidationResult;
+    /**
+     * Register critical infrastructure target
+     */
+    registerCriticalInfrastructure(target: CriticalInfrastructureTarget): void;
+    /**
+     * Get authorized targets
+     */
+    getAuthorizedTargets(): TargetAuthorization[];
+    /**
+     * Get critical infrastructure targets
+     */
+    getCriticalInfrastructure(): CriticalInfrastructureTarget[];
+    /**
+     * Get operation log
+     */
+    getOperationLog(): AdvancedOperationEvent[];
+    /**
+     * Generate targeting report
+     */
+    generateTargetingReport(): string;
+    private initializeDefaultTargets;
+    private isOperationAuthorized;
+    private validateCriticalInfrastructureOperation;
+    private logAdvancedOperation;
+}
+export interface AdvancedOperationEvent {
+    type: string;
+    severity: 'low' | 'medium' | 'high' | 'critical';
+    operation: string;
+    target: string;
+    timestamp: Date;
+    authorizationLevel?: string;
+    authorizedBy?: string;
+    details?: Record<string, unknown>;
+}
+/**
+ * Global advanced targeting security instance
+ */
+export declare const advancedTargetingSecurity: AdvancedTargetingSecurity;