erosolar-cli 1.7.326 → 1.7.327

package/dist/security/assessment/vulnerabilityAssessment.js

@@ -1,315 +0,0 @@
-/**
- * Vulnerability Assessment Engine
- *
- * Provides vulnerability scanning and risk assessment capabilities
- * for authorized security research and testing.
- *
- * LEGAL NOTICE:
- * For authorized security research, penetration testing, and red team exercises only.
- */
-/**
- * Vulnerability Assessment Engine
- */
-export class VulnerabilityAssessmentEngine {
-    vulnerabilityDatabase;
-    constructor() {
-        this.vulnerabilityDatabase = new Map();
-        this.initializeVulnerabilityDatabase();
-    }
-    /**
-     * Scan for vulnerabilities
-     */
-    async scanVulnerabilities(request) {
-        // In a real implementation, this would perform actual scanning
-        // For demonstration, we return simulated results
-        const vulnerabilities = this.generateSimulatedVulnerabilities(request);
-        const summary = this.calculateVulnerabilitySummary(vulnerabilities);
-        return {
-            targetType: request.targetType,
-            targetUrl: request.targetUrl,
-            scanDepth: request.scanDepth,
-            scanDate: new Date().toISOString(),
-            vulnerabilities,
-            summary
-        };
-    }
-    /**
-     * Assess security risks
-     */
-    async assessRisk(request) {
-        const riskScore = this.calculateRiskScore(request.findings, request.context);
-        const riskLevel = this.determineRiskLevel(riskScore);
-        const recommendations = this.generateRiskRecommendations(request.findings, riskLevel);
-        const priorityActions = this.generatePriorityActions(riskLevel);
-        return {
-            findings: request.findings,
-            context: request.context,
-            riskScore,
-            riskLevel,
-            recommendations,
-            priorityActions
-        };
-    }
-    /**
-     * Get vulnerability by ID
-     */
-    getVulnerability(vulnerabilityId) {
-        return this.vulnerabilityDatabase.get(vulnerabilityId);
-    }
-    /**
-     * List all vulnerabilities
-     */
-    listVulnerabilities() {
-        return Array.from(this.vulnerabilityDatabase.values());
-    }
-    /**
-     * Generate simulated vulnerabilities for demonstration
-     */
-    generateSimulatedVulnerabilities(request) {
-        const vulnerabilities = [];
-        // Common web application vulnerabilities
-        if (request.targetType === 'web_application') {
-            vulnerabilities.push({
-                id: 'sql-injection',
-                name: 'SQL Injection',
-                severity: 'high',
-                category: 'injection',
-                description: 'Application is vulnerable to SQL injection attacks',
-                impact: 'Potential database compromise and data exfiltration',
-                remediation: 'Implement parameterized queries and input validation',
-                cvssScore: 8.5,
-                references: ['https://owasp.org/www-community/attacks/SQL_Injection']
-            }, {
-                id: 'xss',
-                name: 'Cross-Site Scripting',
-                severity: 'medium',
-                category: 'client-side',
-                description: 'Application does not properly sanitize user input',
-                impact: 'Session hijacking and client-side code execution',
-                remediation: 'Implement proper input sanitization and output encoding',
-                cvssScore: 6.1,
-                references: ['https://owasp.org/www-community/attacks/xss/']
-            });
-        }
-        // API vulnerabilities
-        if (request.targetType === 'api') {
-            vulnerabilities.push({
-                id: 'broken-auth',
-                name: 'Broken Authentication',
-                severity: 'high',
-                category: 'authentication',
-                description: 'API authentication mechanisms are weak or broken',
-                impact: 'Unauthorized access to sensitive data and functionality',
-                remediation: 'Implement strong authentication and session management',
-                cvssScore: 8.2,
-                references: ['https://owasp.org/www-project-api-security/']
-            });
-        }
-        // Infrastructure vulnerabilities
-        if (request.targetType === 'infrastructure') {
-            vulnerabilities.push({
-                id: 'weak-ssh',
-                name: 'Weak SSH Configuration',
-                severity: 'medium',
-                category: 'configuration',
-                description: 'SSH service allows weak authentication methods',
-                impact: 'Potential unauthorized system access',
-                remediation: 'Disable weak ciphers and enforce key-based authentication',
-                cvssScore: 5.9
-            });
-        }
-        // Adjust based on scan depth
-        if (request.scanDepth === 'quick') {
-            return vulnerabilities.slice(0, 2);
-        }
-        else if (request.scanDepth === 'standard') {
-            return vulnerabilities;
-        }
-        else {
-            // Deep scan - add more vulnerabilities
-            vulnerabilities.push({
-                id: 'info-leak',
-                name: 'Information Disclosure',
-                severity: 'low',
-                category: 'information',
-                description: 'Application discloses sensitive information in error messages',
-                impact: 'Information leakage that could aid attackers',
-                remediation: 'Implement proper error handling and information disclosure controls',
-                cvssScore: 3.5
-            });
-            return vulnerabilities;
-        }
-    }
-    /**
-     * Calculate vulnerability summary
-     */
-    calculateVulnerabilitySummary(vulnerabilities) {
-        const severityWeights = {
-            critical: 10,
-            high: 7,
-            medium: 4,
-            low: 1,
-            info: 0
-        };
-        let criticalCount = 0;
-        let highCount = 0;
-        let mediumCount = 0;
-        let lowCount = 0;
-        let totalWeight = 0;
-        for (const vuln of vulnerabilities) {
-            switch (vuln.severity) {
-                case 'critical':
-                    criticalCount++;
-                    totalWeight += severityWeights.critical;
-                    break;
-                case 'high':
-                    highCount++;
-                    totalWeight += severityWeights.high;
-                    break;
-                case 'medium':
-                    mediumCount++;
-                    totalWeight += severityWeights.medium;
-                    break;
-                case 'low':
-                    lowCount++;
-                    totalWeight += severityWeights.low;
-                    break;
-            }
-        }
-        const maxPossibleWeight = vulnerabilities.length * severityWeights.critical;
-        const riskScore = maxPossibleWeight > 0 ? (totalWeight / maxPossibleWeight) * 10 : 0;
-        return {
-            totalVulnerabilities: vulnerabilities.length,
-            criticalCount,
-            highCount,
-            mediumCount,
-            lowCount,
-            riskScore: Math.round(riskScore * 10) / 10
-        };
-    }
-    /**
-     * Calculate risk score
-     */
-    calculateRiskScore(findings, context) {
-        let baseScore = 0;
-        // Context multiplier
-        const contextMultipliers = {
-            'production': 1.5,
-            'staging': 1.0,
-            'development': 0.5,
-            'test': 0.3
-        };
-        const contextMultiplier = contextMultipliers[context] || 1.0;
-        // Analyze findings
-        for (const finding of findings) {
-            const findingLower = finding.toLowerCase();
-            if (findingLower.includes('critical') || findingLower.includes('high risk')) {
-                baseScore += 8;
-            }
-            else if (findingLower.includes('medium') || findingLower.includes('moderate')) {
-                baseScore += 5;
-            }
-            else if (findingLower.includes('low')) {
-                baseScore += 2;
-            }
-            else {
-                baseScore += 1;
-            }
-            // Additional risk factors
-            if (findingLower.includes('data') && findingLower.includes('exposure')) {
-                baseScore += 3;
-            }
-            if (findingLower.includes('authentication') && findingLower.includes('bypass')) {
-                baseScore += 4;
-            }
-            if (findingLower.includes('remote') && findingLower.includes('code')) {
-                baseScore += 6;
-            }
-        }
-        return Math.min(10, (baseScore / Math.max(1, findings.length)) * contextMultiplier);
-    }
-    /**
-     * Determine risk level
-     */
-    determineRiskLevel(riskScore) {
-        if (riskScore >= 8)
-            return 'critical';
-        if (riskScore >= 6)
-            return 'high';
-        if (riskScore >= 4)
-            return 'medium';
-        return 'low';
-    }
-    /**
-     * Generate risk recommendations
-     */
-    generateRiskRecommendations(findings, riskLevel) {
-        const recommendations = [];
-        recommendations.push(`Address ${riskLevel} risk findings immediately`);
-        if (findings.some(f => f.toLowerCase().includes('injection'))) {
-            recommendations.push('Implement input validation and parameterized queries');
-        }
-        if (findings.some(f => f.toLowerCase().includes('authentication'))) {
-            recommendations.push('Strengthen authentication mechanisms and session management');
-        }
-        if (findings.some(f => f.toLowerCase().includes('data'))) {
-            recommendations.push('Implement data protection and encryption controls');
-        }
-        recommendations.push('Conduct regular security assessments', 'Implement security monitoring and alerting', 'Provide security awareness training');
-        return recommendations;
-    }
-    /**
-     * Generate priority actions
-     */
-    generatePriorityActions(riskLevel) {
-        const actions = [];
-        switch (riskLevel) {
-            case 'critical':
-                actions.push('Immediate remediation required', 'Consider temporary service suspension', 'Engage incident response team');
-                break;
-            case 'high':
-                actions.push('Remediate within 24-48 hours', 'Implement compensating controls', 'Increase monitoring and alerting');
-                break;
-            case 'medium':
-                actions.push('Remediate within 1-2 weeks', 'Schedule security review', 'Update risk assessment');
-                break;
-            case 'low':
-                actions.push('Address in next development cycle', 'Document for future reference', 'Monitor for changes in risk level');
-                break;
-        }
-        return actions;
-    }
-    /**
-     * Initialize vulnerability database
-     */
-    initializeVulnerabilityDatabase() {
-        // This would be populated with real vulnerability data
-        // For demonstration, we use a minimal set
-        const vulnerabilities = [
-            {
-                id: 'sql-injection',
-                name: 'SQL Injection',
-                severity: 'high',
-                category: 'injection',
-                description: 'Application is vulnerable to SQL injection attacks',
-                impact: 'Potential database compromise and data exfiltration',
-                remediation: 'Implement parameterized queries and input validation',
-                cvssScore: 8.5
-            },
-            {
-                id: 'xss',
-                name: 'Cross-Site Scripting',
-                severity: 'medium',
-                category: 'client-side',
-                description: 'Application does not properly sanitize user input',
-                impact: 'Session hijacking and client-side code execution',
-                remediation: 'Implement proper input sanitization and output encoding',
-                cvssScore: 6.1
-            }
-        ];
-        for (const vuln of vulnerabilities) {
-            this.vulnerabilityDatabase.set(vuln.id, vuln);
-        }
-    }
-}
-//# sourceMappingURL=vulnerabilityAssessment.js.map

package/dist/security/assessment/vulnerabilityAssessment.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"vulnerabilityAssessment.js","sourceRoot":"","sources":["../../../src/security/assessment/vulnerabilityAssessment.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAkDH;;GAEG;AACH,MAAM,OAAO,6BAA6B;IAChC,qBAAqB,CAA6B;IAE1D;QACE,IAAI,CAAC,qBAAqB,GAAG,IAAI,GAAG,EAAE,CAAC;QACvC,IAAI,CAAC,+BAA+B,EAAE,CAAC;IACzC,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,mBAAmB,CAAC,OAAiC;QACzD,+DAA+D;QAC/D,iDAAiD;QACjD,MAAM,eAAe,GAAG,IAAI,CAAC,gCAAgC,CAAC,OAAO,CAAC,CAAC;QAEvE,MAAM,OAAO,GAAG,IAAI,CAAC,6BAA6B,CAAC,eAAe,CAAC,CAAC;QAEpE,OAAO;YACL,UAAU,EAAE,OAAO,CAAC,UAAU;YAC9B,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,QAAQ,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YAClC,eAAe;YACf,OAAO;SACR,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,UAAU,CAAC,OAA8B;QAC7C,MAAM,SAAS,GAAG,IAAI,CAAC,kBAAkB,CAAC,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC;QAC7E,MAAM,SAAS,GAAG,IAAI,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAC;QACrD,MAAM,eAAe,GAAG,IAAI,CAAC,2BAA2B,CAAC,OAAO,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;QACtF,MAAM,eAAe,GAAG,IAAI,CAAC,uBAAuB,CAAC,SAAS,CAAC,CAAC;QAEhE,OAAO;YACL,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,SAAS;YACT,SAAS;YACT,eAAe;YACf,eAAe;SAChB,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,gBAAgB,CAAC,eAAuB;QACtC,OAAO,IAAI,CAAC,qBAAqB,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;IACzD,CAAC;IAED;;OAEG;IACH,mBAAmB;QACjB,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,qBAAqB,CAAC,MAAM,EAAE,CAAC,CAAC;IACzD,CAAC;IAED;;OAEG;IACK,gCAAgC,CAAC,OAAiC;QACxE,MAAM,eAAe,GAAoB,EAAE,CAAC;QAE5C,yCAAyC;QACzC,IAAI,OAAO,CAAC,UAAU,KAAK,iBAAiB,EAAE,CAAC;YAC7C,eAAe,CAAC,IAAI,CAClB;gBACE,EAAE,EAAE,eAAe;gBACnB,IAAI,EAAE,eAAe;gBACrB,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,WAAW;gBACrB,WAAW,EAAE,oDAAoD;gBACjE,MAAM,EAAE,qDAAqD;gBAC7D,WAAW,EAAE,sDAAsD;gBACnE,SAAS,EAAE,GAAG;gBACd,UAAU,EAAE,CAAC,uDAAuD,CAAC;aACtE,EACD;gBACE,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,sBAAsB;gBAC5B,QAAQ,EAAE,QAAQ;gBAClB,QAAQ,EAAE,aAAa;gBACvB,WAAW,EAAE,mDAAmD;gBAChE,MAAM,EAAE,kDAAkD;gBAC1D,WAAW,EAAE,yDAAyD;gBACtE,SAAS,EAAE,GAAG;gBACd,UAAU,EAAE,CAAC,8CAA8C,CAAC;aAC7D,CACF,CAAC;QACJ,CAAC;QAED,sBAAsB;QACtB,IAAI,OAAO,CAAC,UAAU,KAAK,KAAK,EAAE,CAAC;YACjC,eAAe,CAAC,IAAI,CAClB;gBACE,EAAE,EAAE,aAAa;gBACjB,IAAI,EAAE,uBAAuB;gBAC7B,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,gBAAgB;gBAC1B,WAAW,EAAE,kDAAkD;gBAC/D,MAAM,EAAE,yDAAyD;gBACjE,WAAW,EAAE,wDAAwD;gBACrE,SAAS,EAAE,GAAG;gBACd,UAAU,EAAE,CAAC,6CAA6C,CAAC;aAC5D,CACF,CAAC;QACJ,CAAC;QAED,iCAAiC;QACjC,IAAI,OAAO,CAAC,UAAU,KAAK,gBAAgB,EAAE,CAAC;YAC5C,eAAe,CAAC,IAAI,CAClB;gBACE,EAAE,EAAE,UAAU;gBACd,IAAI,EAAE,wBAAwB;gBAC9B,QAAQ,EAAE,QAAQ;gBAClB,QAAQ,EAAE,eAAe;gBACzB,WAAW,EAAE,gDAAgD;gBAC7D,MAAM,EAAE,sCAAsC;gBAC9C,WAAW,EAAE,2DAA2D;gBACxE,SAAS,EAAE,GAAG;aACf,CACF,CAAC;QACJ,CAAC;QAED,6BAA6B;QAC7B,IAAI,OAAO,CAAC,SAAS,KAAK,OAAO,EAAE,CAAC;YAClC,OAAO,eAAe,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QACrC,CAAC;aAAM,IAAI,OAAO,CAAC,SAAS,KAAK,UAAU,EAAE,CAAC;YAC5C,OAAO,eAAe,CAAC;QACzB,CAAC;aAAM,CAAC;YACN,uCAAuC;YACvC,eAAe,CAAC,IAAI,CAClB;gBACE,EAAE,EAAE,WAAW;gBACf,IAAI,EAAE,wBAAwB;gBAC9B,QAAQ,EAAE,KAAK;gBACf,QAAQ,EAAE,aAAa;gBACvB,WAAW,EAAE,+DAA+D;gBAC5E,MAAM,EAAE,8CAA8C;gBACtD,WAAW,EAAE,qEAAqE;gBAClF,SAAS,EAAE,GAAG;aACf,CACF,CAAC;YACF,OAAO,eAAe,CAAC;QACzB,CAAC;IACH,CAAC;IAED;;OAEG;IACK,6BAA6B,CAAC,eAAgC;QAQpE,MAAM,eAAe,GAAG;YACtB,QAAQ,EAAE,EAAE;YACZ,IAAI,EAAE,CAAC;YACP,MAAM,EAAE,CAAC;YACT,GAAG,EAAE,CAAC;YACN,IAAI,EAAE,CAAC;SACR,CAAC;QAEF,IAAI,aAAa,GAAG,CAAC,CAAC;QACtB,IAAI,SAAS,GAAG,CAAC,CAAC;QAClB,IAAI,WAAW,GAAG,CAAC,CAAC;QACpB,IAAI,QAAQ,GAAG,CAAC,CAAC;QACjB,IAAI,WAAW,GAAG,CAAC,CAAC;QAEpB,KAAK,MAAM,IAAI,IAAI,eAAe,EAAE,CAAC;YACnC,QAAQ,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACtB,KAAK,UAAU;oBACb,aAAa,EAAE,CAAC;oBAChB,WAAW,IAAI,eAAe,CAAC,QAAQ,CAAC;oBACxC,MAAM;gBACR,KAAK,MAAM;oBACT,SAAS,EAAE,CAAC;oBACZ,WAAW,IAAI,eAAe,CAAC,IAAI,CAAC;oBACpC,MAAM;gBACR,KAAK,QAAQ;oBACX,WAAW,EAAE,CAAC;oBACd,WAAW,IAAI,eAAe,CAAC,MAAM,CAAC;oBACtC,MAAM;gBACR,KAAK,KAAK;oBACR,QAAQ,EAAE,CAAC;oBACX,WAAW,IAAI,eAAe,CAAC,GAAG,CAAC;oBACnC,MAAM;YACV,CAAC;QACH,CAAC;QAED,MAAM,iBAAiB,GAAG,eAAe,CAAC,MAAM,GAAG,eAAe,CAAC,QAAQ,CAAC;QAC5E,MAAM,SAAS,GAAG,iBAAiB,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,WAAW,GAAG,iBAAiB,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAErF,OAAO;YACL,oBAAoB,EAAE,eAAe,CAAC,MAAM;YAC5C,aAAa;YACb,SAAS;YACT,WAAW;YACX,QAAQ;YACR,SAAS,EAAE,IAAI,CAAC,KAAK,CAAC,SAAS,GAAG,EAAE,CAAC,GAAG,EAAE;SAC3C,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,kBAAkB,CAAC,QAAkB,EAAE,OAAe;QAC5D,IAAI,SAAS,GAAG,CAAC,CAAC;QAElB,qBAAqB;QACrB,MAAM,kBAAkB,GAAG;YACzB,YAAY,EAAE,GAAG;YACjB,SAAS,EAAE,GAAG;YACd,aAAa,EAAE,GAAG;YAClB,MAAM,EAAE,GAAG;SACZ,CAAC;QAEF,MAAM,iBAAiB,GAAG,kBAAkB,CAAC,OAA0C,CAAC,IAAI,GAAG,CAAC;QAEhG,mBAAmB;QACnB,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,MAAM,YAAY,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC;YAE3C,IAAI,YAAY,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,YAAY,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;gBAC5E,SAAS,IAAI,CAAC,CAAC;YACjB,CAAC;iBAAM,IAAI,YAAY,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,YAAY,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;gBAChF,SAAS,IAAI,CAAC,CAAC;YACjB,CAAC;iBAAM,IAAI,YAAY,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;gBACxC,SAAS,IAAI,CAAC,CAAC;YACjB,CAAC;iBAAM,CAAC;gBACN,SAAS,IAAI,CAAC,CAAC;YACjB,CAAC;YAED,0BAA0B;YAC1B,IAAI,YAAY,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,YAAY,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;gBACvE,SAAS,IAAI,CAAC,CAAC;YACjB,CAAC;YACD,IAAI,YAAY,CAAC,QAAQ,CAAC,gBAAgB,CAAC,IAAI,YAAY,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC/E,SAAS,IAAI,CAAC,CAAC;YACjB,CAAC;YACD,IAAI,YAAY,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,YAAY,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;gBACrE,SAAS,IAAI,CAAC,CAAC;YACjB,CAAC;QACH,CAAC;QAED,OAAO,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,GAAG,iBAAiB,CAAC,CAAC;IACtF,CAAC;IAED;;OAEG;IACK,kBAAkB,CAAC,SAAiB;QAC1C,IAAI,SAAS,IAAI,CAAC;YAAE,OAAO,UAAU,CAAC;QACtC,IAAI,SAAS,IAAI,CAAC;YAAE,OAAO,MAAM,CAAC;QAClC,IAAI,SAAS,IAAI,CAAC;YAAE,OAAO,QAAQ,CAAC;QACpC,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;OAEG;IACK,2BAA2B,CAAC,QAAkB,EAAE,SAAiB;QACvE,MAAM,eAAe,GAAa,EAAE,CAAC;QAErC,eAAe,CAAC,IAAI,CAAC,WAAW,SAAS,4BAA4B,CAAC,CAAC;QAEvE,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC,EAAE,CAAC;YAC9D,eAAe,CAAC,IAAI,CAAC,sDAAsD,CAAC,CAAC;QAC/E,CAAC;QAED,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,gBAAgB,CAAC,CAAC,EAAE,CAAC;YACnE,eAAe,CAAC,IAAI,CAAC,6DAA6D,CAAC,CAAC;QACtF,CAAC;QAED,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC;YACzD,eAAe,CAAC,IAAI,CAAC,mDAAmD,CAAC,CAAC;QAC5E,CAAC;QAED,eAAe,CAAC,IAAI,CAClB,sCAAsC,EACtC,4CAA4C,EAC5C,qCAAqC,CACtC,CAAC;QAEF,OAAO,eAAe,CAAC;IACzB,CAAC;IAED;;OAEG;IACK,uBAAuB,CAAC,SAAiB;QAC/C,MAAM,OAAO,GAAa,EAAE,CAAC;QAE7B,QAAQ,SAAS,EAAE,CAAC;YAClB,KAAK,UAAU;gBACb,OAAO,CAAC,IAAI,CACV,gCAAgC,EAChC,uCAAuC,EACvC,+BAA+B,CAChC,CAAC;gBACF,MAAM;YACR,KAAK,MAAM;gBACT,OAAO,CAAC,IAAI,CACV,8BAA8B,EAC9B,iCAAiC,EACjC,kCAAkC,CACnC,CAAC;gBACF,MAAM;YACR,KAAK,QAAQ;gBACX,OAAO,CAAC,IAAI,CACV,4BAA4B,EAC5B,0BAA0B,EAC1B,wBAAwB,CACzB,CAAC;gBACF,MAAM;YACR,KAAK,KAAK;gBACR,OAAO,CAAC,IAAI,CACV,mCAAmC,EACnC,+BAA+B,EAC/B,mCAAmC,CACpC,CAAC;gBACF,MAAM;QACV,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;OAEG;IACK,+BAA+B;QACrC,uDAAuD;QACvD,0CAA0C;QAC1C,MAAM,eAAe,GAAoB;YACvC;gBACE,EAAE,EAAE,eAAe;gBACnB,IAAI,EAAE,eAAe;gBACrB,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,WAAW;gBACrB,WAAW,EAAE,oDAAoD;gBACjE,MAAM,EAAE,qDAAqD;gBAC7D,WAAW,EAAE,sDAAsD;gBACnE,SAAS,EAAE,GAAG;aACf;YACD;gBACE,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,sBAAsB;gBAC5B,QAAQ,EAAE,QAAQ;gBAClB,QAAQ,EAAE,aAAa;gBACvB,WAAW,EAAE,mDAAmD;gBAChE,MAAM,EAAE,kDAAkD;gBAC1D,WAAW,EAAE,yDAAyD;gBACtE,SAAS,EAAE,GAAG;aACf;SACF,CAAC;QAEF,KAAK,MAAM,IAAI,IAAI,eAAe,EAAE,CAAC;YACnC,IAAI,CAAC,qBAAqB,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC;QAChD,CAAC;IACH,CAAC;CACF"}

package/dist/security/authorization/securityAuthorization.d.ts

@@ -1,88 +0,0 @@
-/**
- * Security Authorization Engine
- *
- * Manages authorization and scope validation for security research activities.
- * Ensures all security testing is properly authorized and within defined scope.
- *
- * LEGAL NOTICE:
- * All security research must be properly authorized and scoped.
- * Unauthorized security testing is illegal and unethical.
- */
-export interface AuthorizationRequest {
-    authorizationType: 'bug_bounty' | 'pentest' | 'red_team' | 'ctf' | 'educational';
-    targetDomain: string;
-    authorizedBy: string;
-    scopeLimitations?: string[];
-    outOfScope?: string[];
-    expirationDate?: string;
-}
-export interface AuthorizationRecord {
-    authorizationType: string;
-    targetDomain: string;
-    authorizedBy: string;
-    scopeLimitations: string[];
-    outOfScope: string[];
-    authorizationDate: string;
-    expirationDate?: string;
-    status: 'authorized' | 'pending' | 'revoked';
-    authorizationId: string;
-}
-export interface ScopeValidationRequest {
-    activity: string;
-    target: string;
-}
-export interface ScopeValidationResult {
-    activity: string;
-    target: string;
-    valid: boolean;
-    reason?: string;
-    scopeCheck: string;
-}
-/**
- * Security Authorization Engine
- */
-export declare class SecurityAuthorizationEngine {
-    private authorizations;
-    constructor();
-    /**
-     * Create security research authorization
-     */
-    createAuthorization(request: AuthorizationRequest): Promise<AuthorizationRecord>;
-    /**
-     * Validate if an activity is within authorized scope
-     */
-    validateScope(request: ScopeValidationRequest): Promise<ScopeValidationResult>;
-    /**
-     * Get authorization by ID
-     */
-    getAuthorization(authorizationId: string): AuthorizationRecord | undefined;
-    /**
-     * List all authorizations
-     */
-    listAuthorizations(): AuthorizationRecord[];
-    /**
-     * Revoke authorization
-     */
-    revokeAuthorization(authorizationId: string): boolean;
-    /**
-     * Generate unique authorization ID
-     */
-    private generateAuthorizationId;
-    /**
-     * Find relevant authorization for target
-     */
-    private findRelevantAuthorization;
-    /**
-     * Check if activity is out of scope
-     */
-    private isActivityOutOfScope;
-    /**
-     * Check scope limitations
-     */
-    private checkScopeLimitations;
-    /**
-     * Check if activity is potentially destructive
-     */
-    private isDestructiveActivity;
-}
-//# sourceMappingURL=securityAuthorization.d.ts.map

package/dist/security/authorization/securityAuthorization.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"securityAuthorization.d.ts","sourceRoot":"","sources":["../../../src/security/authorization/securityAuthorization.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,MAAM,WAAW,oBAAoB;IACnC,iBAAiB,EAAE,YAAY,GAAG,SAAS,GAAG,UAAU,GAAG,KAAK,GAAG,aAAa,CAAC;IACjF,YAAY,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE,MAAM,CAAC;IACrB,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC5B,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IACtB,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAED,MAAM,WAAW,mBAAmB;IAClC,iBAAiB,EAAE,MAAM,CAAC;IAC1B,YAAY,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE,MAAM,CAAC;IACrB,gBAAgB,EAAE,MAAM,EAAE,CAAC;IAC3B,UAAU,EAAE,MAAM,EAAE,CAAC;IACrB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,MAAM,EAAE,YAAY,GAAG,SAAS,GAAG,SAAS,CAAC;IAC7C,eAAe,EAAE,MAAM,CAAC;CACzB;AAED,MAAM,WAAW,sBAAsB;IACrC,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,qBAAqB;IACpC,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,OAAO,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,UAAU,EAAE,MAAM,CAAC;CACpB;AAED;;GAEG;AACH,qBAAa,2BAA2B;IACtC,OAAO,CAAC,cAAc,CAAmC;;IAMzD;;OAEG;IACG,mBAAmB,CAAC,OAAO,EAAE,oBAAoB,GAAG,OAAO,CAAC,mBAAmB,CAAC;IAkBtF;;OAEG;IACG,aAAa,CAAC,OAAO,EAAE,sBAAsB,GAAG,OAAO,CAAC,qBAAqB,CAAC;IAyDpF;;OAEG;IACH,gBAAgB,CAAC,eAAe,EAAE,MAAM,GAAG,mBAAmB,GAAG,SAAS;IAI1E;;OAEG;IACH,kBAAkB,IAAI,mBAAmB,EAAE;IAI3C;;OAEG;IACH,mBAAmB,CAAC,eAAe,EAAE,MAAM,GAAG,OAAO;IASrD;;OAEG;IACH,OAAO,CAAC,uBAAuB;IAI/B;;OAEG;IACH,OAAO,CAAC,yBAAyB;IAYjC;;OAEG;IACH,OAAO,CAAC,oBAAoB;IAO5B;;OAEG;IACH,OAAO,CAAC,qBAAqB;IAsB7B;;OAEG;IACH,OAAO,CAAC,qBAAqB;CAQ9B"}

package/dist/security/authorization/securityAuthorization.js

@@ -1,172 +0,0 @@
-/**
- * Security Authorization Engine
- *
- * Manages authorization and scope validation for security research activities.
- * Ensures all security testing is properly authorized and within defined scope.
- *
- * LEGAL NOTICE:
- * All security research must be properly authorized and scoped.
- * Unauthorized security testing is illegal and unethical.
- */
-/**
- * Security Authorization Engine
- */
-export class SecurityAuthorizationEngine {
-    authorizations;
-    constructor() {
-        this.authorizations = new Map();
-    }
-    /**
-     * Create security research authorization
-     */
-    async createAuthorization(request) {
-        const authorization = {
-            authorizationType: request.authorizationType,
-            targetDomain: request.targetDomain,
-            authorizedBy: request.authorizedBy,
-            scopeLimitations: request.scopeLimitations || [],
-            outOfScope: request.outOfScope || [],
-            authorizationDate: new Date().toISOString(),
-            expirationDate: request.expirationDate,
-            status: 'authorized',
-            authorizationId: this.generateAuthorizationId()
-        };
-        this.authorizations.set(authorization.authorizationId, authorization);
-        return authorization;
-    }
-    /**
-     * Validate if an activity is within authorized scope
-     */
-    async validateScope(request) {
-        // Find relevant authorization
-        const authorization = this.findRelevantAuthorization(request.target);
-        if (!authorization) {
-            return {
-                activity: request.activity,
-                target: request.target,
-                valid: false,
-                reason: 'No authorization found for target',
-                scopeCheck: 'Manual validation required - no authorization record found'
-            };
-        }
-        // Check if authorization is still valid
-        if (authorization.expirationDate && new Date(authorization.expirationDate) < new Date()) {
-            return {
-                activity: request.activity,
-                target: request.target,
-                valid: false,
-                reason: 'Authorization has expired',
-                scopeCheck: 'Authorization expired - renew authorization before proceeding'
-            };
-        }
-        // Check if activity is explicitly out of scope
-        const isOutOfScope = this.isActivityOutOfScope(request.activity, authorization.outOfScope);
-        if (isOutOfScope) {
-            return {
-                activity: request.activity,
-                target: request.target,
-                valid: false,
-                reason: 'Activity is explicitly out of scope',
-                scopeCheck: 'Activity prohibited - explicitly listed as out of scope'
-            };
-        }
-        // Check scope limitations
-        const scopeViolation = this.checkScopeLimitations(request.activity, authorization.scopeLimitations);
-        if (scopeViolation) {
-            return {
-                activity: request.activity,
-                target: request.target,
-                valid: false,
-                reason: scopeViolation,
-                scopeCheck: 'Scope limitation violation - review authorization scope'
-            };
-        }
-        return {
-            activity: request.activity,
-            target: request.target,
-            valid: true,
-            scopeCheck: 'Activity appears to be within authorized scope - proceed with caution'
-        };
-    }
-    /**
-     * Get authorization by ID
-     */
-    getAuthorization(authorizationId) {
-        return this.authorizations.get(authorizationId);
-    }
-    /**
-     * List all authorizations
-     */
-    listAuthorizations() {
-        return Array.from(this.authorizations.values());
-    }
-    /**
-     * Revoke authorization
-     */
-    revokeAuthorization(authorizationId) {
-        const authorization = this.authorizations.get(authorizationId);
-        if (authorization) {
-            authorization.status = 'revoked';
-            return true;
-        }
-        return false;
-    }
-    /**
-     * Generate unique authorization ID
-     */
-    generateAuthorizationId() {
-        return `auth_${Date.now()}_${Math.random().toString(36).substr(2, 9)}`;
-    }
-    /**
-     * Find relevant authorization for target
-     */
-    findRelevantAuthorization(target) {
-        for (const authorization of this.authorizations.values()) {
-            if (authorization.status !== 'authorized')
-                continue;
-            // Simple domain matching - in real implementation, use proper domain matching
-            if (target.includes(authorization.targetDomain) || authorization.targetDomain === '*') {
-                return authorization;
-            }
-        }
-        return undefined;
-    }
-    /**
-     * Check if activity is out of scope
-     */
-    isActivityOutOfScope(activity, outOfScope) {
-        const activityLower = activity.toLowerCase();
-        return outOfScope.some(scope => activityLower.includes(scope.toLowerCase()) || scope.toLowerCase().includes(activityLower));
-    }
-    /**
-     * Check scope limitations
-     */
-    checkScopeLimitations(activity, scopeLimitations) {
-        for (const limitation of scopeLimitations) {
-            const limitationLower = limitation.toLowerCase();
-            const activityLower = activity.toLowerCase();
-            // Check for common limitation patterns
-            if (limitationLower.includes('read-only') && activityLower.includes('write')) {
-                return 'Write operations prohibited in read-only scope';
-            }
-            if (limitationLower.includes('non-destructive') && this.isDestructiveActivity(activityLower)) {
-                return 'Destructive activities prohibited in non-destructive scope';
-            }
-            if (limitationLower.includes('production') && activityLower.includes('staging')) {
-                return 'Staging environment activities prohibited in production-only scope';
-            }
-        }
-        return null;
-    }
-    /**
-     * Check if activity is potentially destructive
-     */
-    isDestructiveActivity(activity) {
-        const destructiveKeywords = [
-            'delete', 'drop', 'remove', 'truncate', 'wipe', 'erase',
-            'destroy', 'overwrite', 'format', 'shutdown', 'reboot'
-        ];
-        return destructiveKeywords.some(keyword => activity.includes(keyword));
-    }
-}
-//# sourceMappingURL=securityAuthorization.js.map

package/dist/security/authorization/securityAuthorization.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"securityAuthorization.js","sourceRoot":"","sources":["../../../src/security/authorization/securityAuthorization.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAoCH;;GAEG;AACH,MAAM,OAAO,2BAA2B;IAC9B,cAAc,CAAmC;IAEzD;QACE,IAAI,CAAC,cAAc,GAAG,IAAI,GAAG,EAAE,CAAC;IAClC,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,mBAAmB,CAAC,OAA6B;QACrD,MAAM,aAAa,GAAwB;YACzC,iBAAiB,EAAE,OAAO,CAAC,iBAAiB;YAC5C,YAAY,EAAE,OAAO,CAAC,YAAY;YAClC,YAAY,EAAE,OAAO,CAAC,YAAY;YAClC,gBAAgB,EAAE,OAAO,CAAC,gBAAgB,IAAI,EAAE;YAChD,UAAU,EAAE,OAAO,CAAC,UAAU,IAAI,EAAE;YACpC,iBAAiB,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YAC3C,cAAc,EAAE,OAAO,CAAC,cAAc;YACtC,MAAM,EAAE,YAAY;YACpB,eAAe,EAAE,IAAI,CAAC,uBAAuB,EAAE;SAChD,CAAC;QAEF,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,aAAa,CAAC,eAAe,EAAE,aAAa,CAAC,CAAC;QAEtE,OAAO,aAAa,CAAC;IACvB,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,aAAa,CAAC,OAA+B;QACjD,8BAA8B;QAC9B,MAAM,aAAa,GAAG,IAAI,CAAC,yBAAyB,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAErE,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,OAAO;gBACL,QAAQ,EAAE,OAAO,CAAC,QAAQ;gBAC1B,MAAM,EAAE,OAAO,CAAC,MAAM;gBACtB,KAAK,EAAE,KAAK;gBACZ,MAAM,EAAE,mCAAmC;gBAC3C,UAAU,EAAE,4DAA4D;aACzE,CAAC;QACJ,CAAC;QAED,wCAAwC;QACxC,IAAI,aAAa,CAAC,cAAc,IAAI,IAAI,IAAI,CAAC,aAAa,CAAC,cAAc,CAAC,GAAG,IAAI,IAAI,EAAE,EAAE,CAAC;YACxF,OAAO;gBACL,QAAQ,EAAE,OAAO,CAAC,QAAQ;gBAC1B,MAAM,EAAE,OAAO,CAAC,MAAM;gBACtB,KAAK,EAAE,KAAK;gBACZ,MAAM,EAAE,2BAA2B;gBACnC,UAAU,EAAE,+DAA+D;aAC5E,CAAC;QACJ,CAAC;QAED,+CAA+C;QAC/C,MAAM,YAAY,GAAG,IAAI,CAAC,oBAAoB,CAAC,OAAO,CAAC,QAAQ,EAAE,aAAa,CAAC,UAAU,CAAC,CAAC;QAC3F,IAAI,YAAY,EAAE,CAAC;YACjB,OAAO;gBACL,QAAQ,EAAE,OAAO,CAAC,QAAQ;gBAC1B,MAAM,EAAE,OAAO,CAAC,MAAM;gBACtB,KAAK,EAAE,KAAK;gBACZ,MAAM,EAAE,qCAAqC;gBAC7C,UAAU,EAAE,yDAAyD;aACtE,CAAC;QACJ,CAAC;QAED,0BAA0B;QAC1B,MAAM,cAAc,GAAG,IAAI,CAAC,qBAAqB,CAAC,OAAO,CAAC,QAAQ,EAAE,aAAa,CAAC,gBAAgB,CAAC,CAAC;QACpG,IAAI,cAAc,EAAE,CAAC;YACnB,OAAO;gBACL,QAAQ,EAAE,OAAO,CAAC,QAAQ;gBAC1B,MAAM,EAAE,OAAO,CAAC,MAAM;gBACtB,KAAK,EAAE,KAAK;gBACZ,MAAM,EAAE,cAAc;gBACtB,UAAU,EAAE,yDAAyD;aACtE,CAAC;QACJ,CAAC;QAED,OAAO;YACL,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,MAAM,EAAE,OAAO,CAAC,MAAM;YACtB,KAAK,EAAE,IAAI;YACX,UAAU,EAAE,uEAAuE;SACpF,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,gBAAgB,CAAC,eAAuB;QACtC,OAAO,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;IAClD,CAAC;IAED;;OAEG;IACH,kBAAkB;QAChB,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,CAAC,CAAC;IAClD,CAAC;IAED;;OAEG;IACH,mBAAmB,CAAC,eAAuB;QACzC,MAAM,aAAa,GAAG,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;QAC/D,IAAI,aAAa,EAAE,CAAC;YAClB,aAAa,CAAC,MAAM,GAAG,SAAS,CAAC;YACjC,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;OAEG;IACK,uBAAuB;QAC7B,OAAO,QAAQ,IAAI,CAAC,GAAG,EAAE,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC;IACzE,CAAC;IAED;;OAEG;IACK,yBAAyB,CAAC,MAAc;QAC9C,KAAK,MAAM,aAAa,IAAI,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,EAAE,CAAC;YACzD,IAAI,aAAa,CAAC,MAAM,KAAK,YAAY;gBAAE,SAAS;YAEpD,8EAA8E;YAC9E,IAAI,MAAM,CAAC,QAAQ,CAAC,aAAa,CAAC,YAAY,CAAC,IAAI,aAAa,CAAC,YAAY,KAAK,GAAG,EAAE,CAAC;gBACtF,OAAO,aAAa,CAAC;YACvB,CAAC;QACH,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAED;;OAEG;IACK,oBAAoB,CAAC,QAAgB,EAAE,UAAoB;QACjE,MAAM,aAAa,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;QAC7C,OAAO,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAC7B,aAAa,CAAC,QAAQ,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,IAAI,KAAK,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,aAAa,CAAC,CAC3F,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,qBAAqB,CAAC,QAAgB,EAAE,gBAA0B;QACxE,KAAK,MAAM,UAAU,IAAI,gBAAgB,EAAE,CAAC;YAC1C,MAAM,eAAe,GAAG,UAAU,CAAC,WAAW,EAAE,CAAC;YACjD,MAAM,aAAa,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;YAE7C,uCAAuC;YACvC,IAAI,eAAe,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,aAAa,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC7E,OAAO,gDAAgD,CAAC;YAC1D,CAAC;YAED,IAAI,eAAe,CAAC,QAAQ,CAAC,iBAAiB,CAAC,IAAI,IAAI,CAAC,qBAAqB,CAAC,aAAa,CAAC,EAAE,CAAC;gBAC7F,OAAO,4DAA4D,CAAC;YACtE,CAAC;YAED,IAAI,eAAe,CAAC,QAAQ,CAAC,YAAY,CAAC,IAAI,aAAa,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;gBAChF,OAAO,oEAAoE,CAAC;YAC9E,CAAC;QACH,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;OAEG;IACK,qBAAqB,CAAC,QAAgB;QAC5C,MAAM,mBAAmB,GAAG;YAC1B,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,EAAE,OAAO;YACvD,SAAS,EAAE,WAAW,EAAE,QAAQ,EAAE,UAAU,EAAE,QAAQ;SACvD,CAAC;QAEF,OAAO,mBAAmB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC;IACzE,CAAC;CACF"}