erosolar-cli 1.7.333 → 1.7.334

package/dist/security/assessment/vulnerabilityAssessment.js

@@ -0,0 +1,315 @@
+/**
+ * Vulnerability Assessment Engine
+ *
+ * Provides vulnerability scanning and risk assessment capabilities
+ * for authorized security research and testing.
+ *
+ * LEGAL NOTICE:
+ * For authorized security research, penetration testing, and red team exercises only.
+ */
+/**
+ * Vulnerability Assessment Engine
+ */
+export class VulnerabilityAssessmentEngine {
+    vulnerabilityDatabase;
+    constructor() {
+        this.vulnerabilityDatabase = new Map();
+        this.initializeVulnerabilityDatabase();
+    }
+    /**
+     * Scan for vulnerabilities
+     */
+    async scanVulnerabilities(request) {
+        // In a real implementation, this would perform actual scanning
+        // For demonstration, we return simulated results
+        const vulnerabilities = this.generateSimulatedVulnerabilities(request);
+        const summary = this.calculateVulnerabilitySummary(vulnerabilities);
+        return {
+            targetType: request.targetType,
+            targetUrl: request.targetUrl,
+            scanDepth: request.scanDepth,
+            scanDate: new Date().toISOString(),
+            vulnerabilities,
+            summary
+        };
+    }
+    /**
+     * Assess security risks
+     */
+    async assessRisk(request) {
+        const riskScore = this.calculateRiskScore(request.findings, request.context);
+        const riskLevel = this.determineRiskLevel(riskScore);
+        const recommendations = this.generateRiskRecommendations(request.findings, riskLevel);
+        const priorityActions = this.generatePriorityActions(riskLevel);
+        return {
+            findings: request.findings,
+            context: request.context,
+            riskScore,
+            riskLevel,
+            recommendations,
+            priorityActions
+        };
+    }
+    /**
+     * Get vulnerability by ID
+     */
+    getVulnerability(vulnerabilityId) {
+        return this.vulnerabilityDatabase.get(vulnerabilityId);
+    }
+    /**
+     * List all vulnerabilities
+     */
+    listVulnerabilities() {
+        return Array.from(this.vulnerabilityDatabase.values());
+    }
+    /**
+     * Generate simulated vulnerabilities for demonstration
+     */
+    generateSimulatedVulnerabilities(request) {
+        const vulnerabilities = [];
+        // Common web application vulnerabilities
+        if (request.targetType === 'web_application') {
+            vulnerabilities.push({
+                id: 'sql-injection',
+                name: 'SQL Injection',
+                severity: 'high',
+                category: 'injection',
+                description: 'Application is vulnerable to SQL injection attacks',
+                impact: 'Potential database compromise and data exfiltration',
+                remediation: 'Implement parameterized queries and input validation',
+                cvssScore: 8.5,
+                references: ['https://owasp.org/www-community/attacks/SQL_Injection']
+            }, {
+                id: 'xss',
+                name: 'Cross-Site Scripting',
+                severity: 'medium',
+                category: 'client-side',
+                description: 'Application does not properly sanitize user input',
+                impact: 'Session hijacking and client-side code execution',
+                remediation: 'Implement proper input sanitization and output encoding',
+                cvssScore: 6.1,
+                references: ['https://owasp.org/www-community/attacks/xss/']
+            });
+        }
+        // API vulnerabilities
+        if (request.targetType === 'api') {
+            vulnerabilities.push({
+                id: 'broken-auth',
+                name: 'Broken Authentication',
+                severity: 'high',
+                category: 'authentication',
+                description: 'API authentication mechanisms are weak or broken',
+                impact: 'Unauthorized access to sensitive data and functionality',
+                remediation: 'Implement strong authentication and session management',
+                cvssScore: 8.2,
+                references: ['https://owasp.org/www-project-api-security/']
+            });
+        }
+        // Infrastructure vulnerabilities
+        if (request.targetType === 'infrastructure') {
+            vulnerabilities.push({
+                id: 'weak-ssh',
+                name: 'Weak SSH Configuration',
+                severity: 'medium',
+                category: 'configuration',
+                description: 'SSH service allows weak authentication methods',
+                impact: 'Potential unauthorized system access',
+                remediation: 'Disable weak ciphers and enforce key-based authentication',
+                cvssScore: 5.9
+            });
+        }
+        // Adjust based on scan depth
+        if (request.scanDepth === 'quick') {
+            return vulnerabilities.slice(0, 2);
+        }
+        else if (request.scanDepth === 'standard') {
+            return vulnerabilities;
+        }
+        else {
+            // Deep scan - add more vulnerabilities
+            vulnerabilities.push({
+                id: 'info-leak',
+                name: 'Information Disclosure',
+                severity: 'low',
+                category: 'information',
+                description: 'Application discloses sensitive information in error messages',
+                impact: 'Information leakage that could aid attackers',
+                remediation: 'Implement proper error handling and information disclosure controls',
+                cvssScore: 3.5
+            });
+            return vulnerabilities;
+        }
+    }
+    /**
+     * Calculate vulnerability summary
+     */
+    calculateVulnerabilitySummary(vulnerabilities) {
+        const severityWeights = {
+            critical: 10,
+            high: 7,
+            medium: 4,
+            low: 1,
+            info: 0
+        };
+        let criticalCount = 0;
+        let highCount = 0;
+        let mediumCount = 0;
+        let lowCount = 0;
+        let totalWeight = 0;
+        for (const vuln of vulnerabilities) {
+            switch (vuln.severity) {
+                case 'critical':
+                    criticalCount++;
+                    totalWeight += severityWeights.critical;
+                    break;
+                case 'high':
+                    highCount++;
+                    totalWeight += severityWeights.high;
+                    break;
+                case 'medium':
+                    mediumCount++;
+                    totalWeight += severityWeights.medium;
+                    break;
+                case 'low':
+                    lowCount++;
+                    totalWeight += severityWeights.low;
+                    break;
+            }
+        }
+        const maxPossibleWeight = vulnerabilities.length * severityWeights.critical;
+        const riskScore = maxPossibleWeight > 0 ? (totalWeight / maxPossibleWeight) * 10 : 0;
+        return {
+            totalVulnerabilities: vulnerabilities.length,
+            criticalCount,
+            highCount,
+            mediumCount,
+            lowCount,
+            riskScore: Math.round(riskScore * 10) / 10
+        };
+    }
+    /**
+     * Calculate risk score
+     */
+    calculateRiskScore(findings, context) {
+        let baseScore = 0;
+        // Context multiplier
+        const contextMultipliers = {
+            'production': 1.5,
+            'staging': 1.0,
+            'development': 0.5,
+            'test': 0.3
+        };
+        const contextMultiplier = contextMultipliers[context] || 1.0;
+        // Analyze findings
+        for (const finding of findings) {
+            const findingLower = finding.toLowerCase();
+            if (findingLower.includes('critical') || findingLower.includes('high risk')) {
+                baseScore += 8;
+            }
+            else if (findingLower.includes('medium') || findingLower.includes('moderate')) {
+                baseScore += 5;
+            }
+            else if (findingLower.includes('low')) {
+                baseScore += 2;
+            }
+            else {
+                baseScore += 1;
+            }
+            // Additional risk factors
+            if (findingLower.includes('data') && findingLower.includes('exposure')) {
+                baseScore += 3;
+            }
+            if (findingLower.includes('authentication') && findingLower.includes('bypass')) {
+                baseScore += 4;
+            }
+            if (findingLower.includes('remote') && findingLower.includes('code')) {
+                baseScore += 6;
+            }
+        }
+        return Math.min(10, (baseScore / Math.max(1, findings.length)) * contextMultiplier);
+    }
+    /**
+     * Determine risk level
+     */
+    determineRiskLevel(riskScore) {
+        if (riskScore >= 8)
+            return 'critical';
+        if (riskScore >= 6)
+            return 'high';
+        if (riskScore >= 4)
+            return 'medium';
+        return 'low';
+    }
+    /**
+     * Generate risk recommendations
+     */
+    generateRiskRecommendations(findings, riskLevel) {
+        const recommendations = [];
+        recommendations.push(`Address ${riskLevel} risk findings immediately`);
+        if (findings.some(f => f.toLowerCase().includes('injection'))) {
+            recommendations.push('Implement input validation and parameterized queries');
+        }
+        if (findings.some(f => f.toLowerCase().includes('authentication'))) {
+            recommendations.push('Strengthen authentication mechanisms and session management');
+        }
+        if (findings.some(f => f.toLowerCase().includes('data'))) {
+            recommendations.push('Implement data protection and encryption controls');
+        }
+        recommendations.push('Conduct regular security assessments', 'Implement security monitoring and alerting', 'Provide security awareness training');
+        return recommendations;
+    }
+    /**
+     * Generate priority actions
+     */
+    generatePriorityActions(riskLevel) {
+        const actions = [];
+        switch (riskLevel) {
+            case 'critical':
+                actions.push('Immediate remediation required', 'Consider temporary service suspension', 'Engage incident response team');
+                break;
+            case 'high':
+                actions.push('Remediate within 24-48 hours', 'Implement compensating controls', 'Increase monitoring and alerting');
+                break;
+            case 'medium':
+                actions.push('Remediate within 1-2 weeks', 'Schedule security review', 'Update risk assessment');
+                break;
+            case 'low':
+                actions.push('Address in next development cycle', 'Document for future reference', 'Monitor for changes in risk level');
+                break;
+        }
+        return actions;
+    }
+    /**
+     * Initialize vulnerability database
+     */
+    initializeVulnerabilityDatabase() {
+        // This would be populated with real vulnerability data
+        // For demonstration, we use a minimal set
+        const vulnerabilities = [
+            {
+                id: 'sql-injection',
+                name: 'SQL Injection',
+                severity: 'high',
+                category: 'injection',
+                description: 'Application is vulnerable to SQL injection attacks',
+                impact: 'Potential database compromise and data exfiltration',
+                remediation: 'Implement parameterized queries and input validation',
+                cvssScore: 8.5
+            },
+            {
+                id: 'xss',
+                name: 'Cross-Site Scripting',
+                severity: 'medium',
+                category: 'client-side',
+                description: 'Application does not properly sanitize user input',
+                impact: 'Session hijacking and client-side code execution',
+                remediation: 'Implement proper input sanitization and output encoding',
+                cvssScore: 6.1
+            }
+        ];
+        for (const vuln of vulnerabilities) {
+            this.vulnerabilityDatabase.set(vuln.id, vuln);
+        }
+    }
+}
+//# sourceMappingURL=vulnerabilityAssessment.js.map

package/dist/security/assessment/vulnerabilityAssessment.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"vulnerabilityAssessment.js","sourceRoot":"","sources":["../../../src/security/assessment/vulnerabilityAssessment.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAkDH;;GAEG;AACH,MAAM,OAAO,6BAA6B;IAChC,qBAAqB,CAA6B;IAE1D;QACE,IAAI,CAAC,qBAAqB,GAAG,IAAI,GAAG,EAAE,CAAC;QACvC,IAAI,CAAC,+BAA+B,EAAE,CAAC;IACzC,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,mBAAmB,CAAC,OAAiC;QACzD,+DAA+D;QAC/D,iDAAiD;QACjD,MAAM,eAAe,GAAG,IAAI,CAAC,gCAAgC,CAAC,OAAO,CAAC,CAAC;QAEvE,MAAM,OAAO,GAAG,IAAI,CAAC,6BAA6B,CAAC,eAAe,CAAC,CAAC;QAEpE,OAAO;YACL,UAAU,EAAE,OAAO,CAAC,UAAU;YAC9B,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,QAAQ,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YAClC,eAAe;YACf,OAAO;SACR,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,UAAU,CAAC,OAA8B;QAC7C,MAAM,SAAS,GAAG,IAAI,CAAC,kBAAkB,CAAC,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC;QAC7E,MAAM,SAAS,GAAG,IAAI,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAC;QACrD,MAAM,eAAe,GAAG,IAAI,CAAC,2BAA2B,CAAC,OAAO,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;QACtF,MAAM,eAAe,GAAG,IAAI,CAAC,uBAAuB,CAAC,SAAS,CAAC,CAAC;QAEhE,OAAO;YACL,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,SAAS;YACT,SAAS;YACT,eAAe;YACf,eAAe;SAChB,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,gBAAgB,CAAC,eAAuB;QACtC,OAAO,IAAI,CAAC,qBAAqB,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;IACzD,CAAC;IAED;;OAEG;IACH,mBAAmB;QACjB,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,qBAAqB,CAAC,MAAM,EAAE,CAAC,CAAC;IACzD,CAAC;IAED;;OAEG;IACK,gCAAgC,CAAC,OAAiC;QACxE,MAAM,eAAe,GAAoB,EAAE,CAAC;QAE5C,yCAAyC;QACzC,IAAI,OAAO,CAAC,UAAU,KAAK,iBAAiB,EAAE,CAAC;YAC7C,eAAe,CAAC,IAAI,CAClB;gBACE,EAAE,EAAE,eAAe;gBACnB,IAAI,EAAE,eAAe;gBACrB,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,WAAW;gBACrB,WAAW,EAAE,oDAAoD;gBACjE,MAAM,EAAE,qDAAqD;gBAC7D,WAAW,EAAE,sDAAsD;gBACnE,SAAS,EAAE,GAAG;gBACd,UAAU,EAAE,CAAC,uDAAuD,CAAC;aACtE,EACD;gBACE,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,sBAAsB;gBAC5B,QAAQ,EAAE,QAAQ;gBAClB,QAAQ,EAAE,aAAa;gBACvB,WAAW,EAAE,mDAAmD;gBAChE,MAAM,EAAE,kDAAkD;gBAC1D,WAAW,EAAE,yDAAyD;gBACtE,SAAS,EAAE,GAAG;gBACd,UAAU,EAAE,CAAC,8CAA8C,CAAC;aAC7D,CACF,CAAC;QACJ,CAAC;QAED,sBAAsB;QACtB,IAAI,OAAO,CAAC,UAAU,KAAK,KAAK,EAAE,CAAC;YACjC,eAAe,CAAC,IAAI,CAClB;gBACE,EAAE,EAAE,aAAa;gBACjB,IAAI,EAAE,uBAAuB;gBAC7B,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,gBAAgB;gBAC1B,WAAW,EAAE,kDAAkD;gBAC/D,MAAM,EAAE,yDAAyD;gBACjE,WAAW,EAAE,wDAAwD;gBACrE,SAAS,EAAE,GAAG;gBACd,UAAU,EAAE,CAAC,6CAA6C,CAAC;aAC5D,CACF,CAAC;QACJ,CAAC;QAED,iCAAiC;QACjC,IAAI,OAAO,CAAC,UAAU,KAAK,gBAAgB,EAAE,CAAC;YAC5C,eAAe,CAAC,IAAI,CAClB;gBACE,EAAE,EAAE,UAAU;gBACd,IAAI,EAAE,wBAAwB;gBAC9B,QAAQ,EAAE,QAAQ;gBAClB,QAAQ,EAAE,eAAe;gBACzB,WAAW,EAAE,gDAAgD;gBAC7D,MAAM,EAAE,sCAAsC;gBAC9C,WAAW,EAAE,2DAA2D;gBACxE,SAAS,EAAE,GAAG;aACf,CACF,CAAC;QACJ,CAAC;QAED,6BAA6B;QAC7B,IAAI,OAAO,CAAC,SAAS,KAAK,OAAO,EAAE,CAAC;YAClC,OAAO,eAAe,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QACrC,CAAC;aAAM,IAAI,OAAO,CAAC,SAAS,KAAK,UAAU,EAAE,CAAC;YAC5C,OAAO,eAAe,CAAC;QACzB,CAAC;aAAM,CAAC;YACN,uCAAuC;YACvC,eAAe,CAAC,IAAI,CAClB;gBACE,EAAE,EAAE,WAAW;gBACf,IAAI,EAAE,wBAAwB;gBAC9B,QAAQ,EAAE,KAAK;gBACf,QAAQ,EAAE,aAAa;gBACvB,WAAW,EAAE,+DAA+D;gBAC5E,MAAM,EAAE,8CAA8C;gBACtD,WAAW,EAAE,qEAAqE;gBAClF,SAAS,EAAE,GAAG;aACf,CACF,CAAC;YACF,OAAO,eAAe,CAAC;QACzB,CAAC;IACH,CAAC;IAED;;OAEG;IACK,6BAA6B,CAAC,eAAgC;QAQpE,MAAM,eAAe,GAAG;YACtB,QAAQ,EAAE,EAAE;YACZ,IAAI,EAAE,CAAC;YACP,MAAM,EAAE,CAAC;YACT,GAAG,EAAE,CAAC;YACN,IAAI,EAAE,CAAC;SACR,CAAC;QAEF,IAAI,aAAa,GAAG,CAAC,CAAC;QACtB,IAAI,SAAS,GAAG,CAAC,CAAC;QAClB,IAAI,WAAW,GAAG,CAAC,CAAC;QACpB,IAAI,QAAQ,GAAG,CAAC,CAAC;QACjB,IAAI,WAAW,GAAG,CAAC,CAAC;QAEpB,KAAK,MAAM,IAAI,IAAI,eAAe,EAAE,CAAC;YACnC,QAAQ,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACtB,KAAK,UAAU;oBACb,aAAa,EAAE,CAAC;oBAChB,WAAW,IAAI,eAAe,CAAC,QAAQ,CAAC;oBACxC,MAAM;gBACR,KAAK,MAAM;oBACT,SAAS,EAAE,CAAC;oBACZ,WAAW,IAAI,eAAe,CAAC,IAAI,CAAC;oBACpC,MAAM;gBACR,KAAK,QAAQ;oBACX,WAAW,EAAE,CAAC;oBACd,WAAW,IAAI,eAAe,CAAC,MAAM,CAAC;oBACtC,MAAM;gBACR,KAAK,KAAK;oBACR,QAAQ,EAAE,CAAC;oBACX,WAAW,IAAI,eAAe,CAAC,GAAG,CAAC;oBACnC,MAAM;YACV,CAAC;QACH,CAAC;QAED,MAAM,iBAAiB,GAAG,eAAe,CAAC,MAAM,GAAG,eAAe,CAAC,QAAQ,CAAC;QAC5E,MAAM,SAAS,GAAG,iBAAiB,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,WAAW,GAAG,iBAAiB,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAErF,OAAO;YACL,oBAAoB,EAAE,eAAe,CAAC,MAAM;YAC5C,aAAa;YACb,SAAS;YACT,WAAW;YACX,QAAQ;YACR,SAAS,EAAE,IAAI,CAAC,KAAK,CAAC,SAAS,GAAG,EAAE,CAAC,GAAG,EAAE;SAC3C,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,kBAAkB,CAAC,QAAkB,EAAE,OAAe;QAC5D,IAAI,SAAS,GAAG,CAAC,CAAC;QAElB,qBAAqB;QACrB,MAAM,kBAAkB,GAAG;YACzB,YAAY,EAAE,GAAG;YACjB,SAAS,EAAE,GAAG;YACd,aAAa,EAAE,GAAG;YAClB,MAAM,EAAE,GAAG;SACZ,CAAC;QAEF,MAAM,iBAAiB,GAAG,kBAAkB,CAAC,OAA0C,CAAC,IAAI,GAAG,CAAC;QAEhG,mBAAmB;QACnB,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,MAAM,YAAY,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC;YAE3C,IAAI,YAAY,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,YAAY,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;gBAC5E,SAAS,IAAI,CAAC,CAAC;YACjB,CAAC;iBAAM,IAAI,YAAY,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,YAAY,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;gBAChF,SAAS,IAAI,CAAC,CAAC;YACjB,CAAC;iBAAM,IAAI,YAAY,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;gBACxC,SAAS,IAAI,CAAC,CAAC;YACjB,CAAC;iBAAM,CAAC;gBACN,SAAS,IAAI,CAAC,CAAC;YACjB,CAAC;YAED,0BAA0B;YAC1B,IAAI,YAAY,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,YAAY,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;gBACvE,SAAS,IAAI,CAAC,CAAC;YACjB,CAAC;YACD,IAAI,YAAY,CAAC,QAAQ,CAAC,gBAAgB,CAAC,IAAI,YAAY,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC/E,SAAS,IAAI,CAAC,CAAC;YACjB,CAAC;YACD,IAAI,YAAY,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,YAAY,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;gBACrE,SAAS,IAAI,CAAC,CAAC;YACjB,CAAC;QACH,CAAC;QAED,OAAO,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,GAAG,iBAAiB,CAAC,CAAC;IACtF,CAAC;IAED;;OAEG;IACK,kBAAkB,CAAC,SAAiB;QAC1C,IAAI,SAAS,IAAI,CAAC;YAAE,OAAO,UAAU,CAAC;QACtC,IAAI,SAAS,IAAI,CAAC;YAAE,OAAO,MAAM,CAAC;QAClC,IAAI,SAAS,IAAI,CAAC;YAAE,OAAO,QAAQ,CAAC;QACpC,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;OAEG;IACK,2BAA2B,CAAC,QAAkB,EAAE,SAAiB;QACvE,MAAM,eAAe,GAAa,EAAE,CAAC;QAErC,eAAe,CAAC,IAAI,CAAC,WAAW,SAAS,4BAA4B,CAAC,CAAC;QAEvE,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC,EAAE,CAAC;YAC9D,eAAe,CAAC,IAAI,CAAC,sDAAsD,CAAC,CAAC;QAC/E,CAAC;QAED,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,gBAAgB,CAAC,CAAC,EAAE,CAAC;YACnE,eAAe,CAAC,IAAI,CAAC,6DAA6D,CAAC,CAAC;QACtF,CAAC;QAED,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC;YACzD,eAAe,CAAC,IAAI,CAAC,mDAAmD,CAAC,CAAC;QAC5E,CAAC;QAED,eAAe,CAAC,IAAI,CAClB,sCAAsC,EACtC,4CAA4C,EAC5C,qCAAqC,CACtC,CAAC;QAEF,OAAO,eAAe,CAAC;IACzB,CAAC;IAED;;OAEG;IACK,uBAAuB,CAAC,SAAiB;QAC/C,MAAM,OAAO,GAAa,EAAE,CAAC;QAE7B,QAAQ,SAAS,EAAE,CAAC;YAClB,KAAK,UAAU;gBACb,OAAO,CAAC,IAAI,CACV,gCAAgC,EAChC,uCAAuC,EACvC,+BAA+B,CAChC,CAAC;gBACF,MAAM;YACR,KAAK,MAAM;gBACT,OAAO,CAAC,IAAI,CACV,8BAA8B,EAC9B,iCAAiC,EACjC,kCAAkC,CACnC,CAAC;gBACF,MAAM;YACR,KAAK,QAAQ;gBACX,OAAO,CAAC,IAAI,CACV,4BAA4B,EAC5B,0BAA0B,EAC1B,wBAAwB,CACzB,CAAC;gBACF,MAAM;YACR,KAAK,KAAK;gBACR,OAAO,CAAC,IAAI,CACV,mCAAmC,EACnC,+BAA+B,EAC/B,mCAAmC,CACpC,CAAC;gBACF,MAAM;QACV,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;OAEG;IACK,+BAA+B;QACrC,uDAAuD;QACvD,0CAA0C;QAC1C,MAAM,eAAe,GAAoB;YACvC;gBACE,EAAE,EAAE,eAAe;gBACnB,IAAI,EAAE,eAAe;gBACrB,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,WAAW;gBACrB,WAAW,EAAE,oDAAoD;gBACjE,MAAM,EAAE,qDAAqD;gBAC7D,WAAW,EAAE,sDAAsD;gBACnE,SAAS,EAAE,GAAG;aACf;YACD;gBACE,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,sBAAsB;gBAC5B,QAAQ,EAAE,QAAQ;gBAClB,QAAQ,EAAE,aAAa;gBACvB,WAAW,EAAE,mDAAmD;gBAChE,MAAM,EAAE,kDAAkD;gBAC1D,WAAW,EAAE,yDAAyD;gBACtE,SAAS,EAAE,GAAG;aACf;SACF,CAAC;QAEF,KAAK,MAAM,IAAI,IAAI,eAAe,EAAE,CAAC;YACnC,IAAI,CAAC,qBAAqB,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC;QAChD,CAAC;IACH,CAAC;CACF"}

package/dist/security/authorization/securityAuthorization.d.ts

@@ -0,0 +1,88 @@
+/**
+ * Security Authorization Engine
+ *
+ * Manages authorization and scope validation for security research activities.
+ * Ensures all security testing is properly authorized and within defined scope.
+ *
+ * LEGAL NOTICE:
+ * All security research must be properly authorized and scoped.
+ * Unauthorized security testing is illegal and unethical.
+ */
+export interface AuthorizationRequest {
+    authorizationType: 'bug_bounty' | 'pentest' | 'red_team' | 'ctf' | 'educational';
+    targetDomain: string;
+    authorizedBy: string;
+    scopeLimitations?: string[];
+    outOfScope?: string[];
+    expirationDate?: string;
+}
+export interface AuthorizationRecord {
+    authorizationType: string;
+    targetDomain: string;
+    authorizedBy: string;
+    scopeLimitations: string[];
+    outOfScope: string[];
+    authorizationDate: string;
+    expirationDate?: string;
+    status: 'authorized' | 'pending' | 'revoked';
+    authorizationId: string;
+}
+export interface ScopeValidationRequest {
+    activity: string;
+    target: string;
+}
+export interface ScopeValidationResult {
+    activity: string;
+    target: string;
+    valid: boolean;
+    reason?: string;
+    scopeCheck: string;
+}
+/**
+ * Security Authorization Engine
+ */
+export declare class SecurityAuthorizationEngine {
+    private authorizations;
+    constructor();
+    /**
+     * Create security research authorization
+     */
+    createAuthorization(request: AuthorizationRequest): Promise<AuthorizationRecord>;
+    /**
+     * Validate if an activity is within authorized scope
+     */
+    validateScope(request: ScopeValidationRequest): Promise<ScopeValidationResult>;
+    /**
+     * Get authorization by ID
+     */
+    getAuthorization(authorizationId: string): AuthorizationRecord | undefined;
+    /**
+     * List all authorizations
+     */
+    listAuthorizations(): AuthorizationRecord[];
+    /**
+     * Revoke authorization
+     */
+    revokeAuthorization(authorizationId: string): boolean;
+    /**
+     * Generate unique authorization ID
+     */
+    private generateAuthorizationId;
+    /**
+     * Find relevant authorization for target
+     */
+    private findRelevantAuthorization;
+    /**
+     * Check if activity is out of scope
+     */
+    private isActivityOutOfScope;
+    /**
+     * Check scope limitations
+     */
+    private checkScopeLimitations;
+    /**
+     * Check if activity is potentially destructive
+     */
+    private isDestructiveActivity;
+}
+//# sourceMappingURL=securityAuthorization.d.ts.map

package/dist/security/authorization/securityAuthorization.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"securityAuthorization.d.ts","sourceRoot":"","sources":["../../../src/security/authorization/securityAuthorization.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,MAAM,WAAW,oBAAoB;IACnC,iBAAiB,EAAE,YAAY,GAAG,SAAS,GAAG,UAAU,GAAG,KAAK,GAAG,aAAa,CAAC;IACjF,YAAY,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE,MAAM,CAAC;IACrB,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC5B,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IACtB,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAED,MAAM,WAAW,mBAAmB;IAClC,iBAAiB,EAAE,MAAM,CAAC;IAC1B,YAAY,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE,MAAM,CAAC;IACrB,gBAAgB,EAAE,MAAM,EAAE,CAAC;IAC3B,UAAU,EAAE,MAAM,EAAE,CAAC;IACrB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,MAAM,EAAE,YAAY,GAAG,SAAS,GAAG,SAAS,CAAC;IAC7C,eAAe,EAAE,MAAM,CAAC;CACzB;AAED,MAAM,WAAW,sBAAsB;IACrC,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,qBAAqB;IACpC,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,OAAO,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,UAAU,EAAE,MAAM,CAAC;CACpB;AAED;;GAEG;AACH,qBAAa,2BAA2B;IACtC,OAAO,CAAC,cAAc,CAAmC;;IAMzD;;OAEG;IACG,mBAAmB,CAAC,OAAO,EAAE,oBAAoB,GAAG,OAAO,CAAC,mBAAmB,CAAC;IAkBtF;;OAEG;IACG,aAAa,CAAC,OAAO,EAAE,sBAAsB,GAAG,OAAO,CAAC,qBAAqB,CAAC;IAyDpF;;OAEG;IACH,gBAAgB,CAAC,eAAe,EAAE,MAAM,GAAG,mBAAmB,GAAG,SAAS;IAI1E;;OAEG;IACH,kBAAkB,IAAI,mBAAmB,EAAE;IAI3C;;OAEG;IACH,mBAAmB,CAAC,eAAe,EAAE,MAAM,GAAG,OAAO;IASrD;;OAEG;IACH,OAAO,CAAC,uBAAuB;IAI/B;;OAEG;IACH,OAAO,CAAC,yBAAyB;IAYjC;;OAEG;IACH,OAAO,CAAC,oBAAoB;IAO5B;;OAEG;IACH,OAAO,CAAC,qBAAqB;IAsB7B;;OAEG;IACH,OAAO,CAAC,qBAAqB;CAQ9B"}

package/dist/security/authorization/securityAuthorization.js

@@ -0,0 +1,172 @@
+/**
+ * Security Authorization Engine
+ *
+ * Manages authorization and scope validation for security research activities.
+ * Ensures all security testing is properly authorized and within defined scope.
+ *
+ * LEGAL NOTICE:
+ * All security research must be properly authorized and scoped.
+ * Unauthorized security testing is illegal and unethical.
+ */
+/**
+ * Security Authorization Engine
+ */
+export class SecurityAuthorizationEngine {
+    authorizations;
+    constructor() {
+        this.authorizations = new Map();
+    }
+    /**
+     * Create security research authorization
+     */
+    async createAuthorization(request) {
+        const authorization = {
+            authorizationType: request.authorizationType,
+            targetDomain: request.targetDomain,
+            authorizedBy: request.authorizedBy,
+            scopeLimitations: request.scopeLimitations || [],
+            outOfScope: request.outOfScope || [],
+            authorizationDate: new Date().toISOString(),
+            expirationDate: request.expirationDate,
+            status: 'authorized',
+            authorizationId: this.generateAuthorizationId()
+        };
+        this.authorizations.set(authorization.authorizationId, authorization);
+        return authorization;
+    }
+    /**
+     * Validate if an activity is within authorized scope
+     */
+    async validateScope(request) {
+        // Find relevant authorization
+        const authorization = this.findRelevantAuthorization(request.target);
+        if (!authorization) {
+            return {
+                activity: request.activity,
+                target: request.target,
+                valid: false,
+                reason: 'No authorization found for target',
+                scopeCheck: 'Manual validation required - no authorization record found'
+            };
+        }
+        // Check if authorization is still valid
+        if (authorization.expirationDate && new Date(authorization.expirationDate) < new Date()) {
+            return {
+                activity: request.activity,
+                target: request.target,
+                valid: false,
+                reason: 'Authorization has expired',
+                scopeCheck: 'Authorization expired - renew authorization before proceeding'
+            };
+        }
+        // Check if activity is explicitly out of scope
+        const isOutOfScope = this.isActivityOutOfScope(request.activity, authorization.outOfScope);
+        if (isOutOfScope) {
+            return {
+                activity: request.activity,
+                target: request.target,
+                valid: false,
+                reason: 'Activity is explicitly out of scope',
+                scopeCheck: 'Activity prohibited - explicitly listed as out of scope'
+            };
+        }
+        // Check scope limitations
+        const scopeViolation = this.checkScopeLimitations(request.activity, authorization.scopeLimitations);
+        if (scopeViolation) {
+            return {
+                activity: request.activity,
+                target: request.target,
+                valid: false,
+                reason: scopeViolation,
+                scopeCheck: 'Scope limitation violation - review authorization scope'
+            };
+        }
+        return {
+            activity: request.activity,
+            target: request.target,
+            valid: true,
+            scopeCheck: 'Activity appears to be within authorized scope - proceed with caution'
+        };
+    }
+    /**
+     * Get authorization by ID
+     */
+    getAuthorization(authorizationId) {
+        return this.authorizations.get(authorizationId);
+    }
+    /**
+     * List all authorizations
+     */
+    listAuthorizations() {
+        return Array.from(this.authorizations.values());
+    }
+    /**
+     * Revoke authorization
+     */
+    revokeAuthorization(authorizationId) {
+        const authorization = this.authorizations.get(authorizationId);
+        if (authorization) {
+            authorization.status = 'revoked';
+            return true;
+        }
+        return false;
+    }
+    /**
+     * Generate unique authorization ID
+     */
+    generateAuthorizationId() {
+        return `auth_${Date.now()}_${Math.random().toString(36).substr(2, 9)}`;
+    }
+    /**
+     * Find relevant authorization for target
+     */
+    findRelevantAuthorization(target) {
+        for (const authorization of this.authorizations.values()) {
+            if (authorization.status !== 'authorized')
+                continue;
+            // Simple domain matching - in real implementation, use proper domain matching
+            if (target.includes(authorization.targetDomain) || authorization.targetDomain === '*') {
+                return authorization;
+            }
+        }
+        return undefined;
+    }
+    /**
+     * Check if activity is out of scope
+     */
+    isActivityOutOfScope(activity, outOfScope) {
+        const activityLower = activity.toLowerCase();
+        return outOfScope.some(scope => activityLower.includes(scope.toLowerCase()) || scope.toLowerCase().includes(activityLower));
+    }
+    /**
+     * Check scope limitations
+     */
+    checkScopeLimitations(activity, scopeLimitations) {
+        for (const limitation of scopeLimitations) {
+            const limitationLower = limitation.toLowerCase();
+            const activityLower = activity.toLowerCase();
+            // Check for common limitation patterns
+            if (limitationLower.includes('read-only') && activityLower.includes('write')) {
+                return 'Write operations prohibited in read-only scope';
+            }
+            if (limitationLower.includes('non-destructive') && this.isDestructiveActivity(activityLower)) {
+                return 'Destructive activities prohibited in non-destructive scope';
+            }
+            if (limitationLower.includes('production') && activityLower.includes('staging')) {
+                return 'Staging environment activities prohibited in production-only scope';
+            }
+        }
+        return null;
+    }
+    /**
+     * Check if activity is potentially destructive
+     */
+    isDestructiveActivity(activity) {
+        const destructiveKeywords = [
+            'delete', 'drop', 'remove', 'truncate', 'wipe', 'erase',
+            'destroy', 'overwrite', 'format', 'shutdown', 'reboot'
+        ];
+        return destructiveKeywords.some(keyword => activity.includes(keyword));
+    }
+}
+//# sourceMappingURL=securityAuthorization.js.map

package/dist/security/authorization/securityAuthorization.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"securityAuthorization.js","sourceRoot":"","sources":["../../../src/security/authorization/securityAuthorization.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAoCH;;GAEG;AACH,MAAM,OAAO,2BAA2B;IAC9B,cAAc,CAAmC;IAEzD;QACE,IAAI,CAAC,cAAc,GAAG,IAAI,GAAG,EAAE,CAAC;IAClC,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,mBAAmB,CAAC,OAA6B;QACrD,MAAM,aAAa,GAAwB;YACzC,iBAAiB,EAAE,OAAO,CAAC,iBAAiB;YAC5C,YAAY,EAAE,OAAO,CAAC,YAAY;YAClC,YAAY,EAAE,OAAO,CAAC,YAAY;YAClC,gBAAgB,EAAE,OAAO,CAAC,gBAAgB,IAAI,EAAE;YAChD,UAAU,EAAE,OAAO,CAAC,UAAU,IAAI,EAAE;YACpC,iBAAiB,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YAC3C,cAAc,EAAE,OAAO,CAAC,cAAc;YACtC,MAAM,EAAE,YAAY;YACpB,eAAe,EAAE,IAAI,CAAC,uBAAuB,EAAE;SAChD,CAAC;QAEF,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,aAAa,CAAC,eAAe,EAAE,aAAa,CAAC,CAAC;QAEtE,OAAO,aAAa,CAAC;IACvB,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,aAAa,CAAC,OAA+B;QACjD,8BAA8B;QAC9B,MAAM,aAAa,GAAG,IAAI,CAAC,yBAAyB,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAErE,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,OAAO;gBACL,QAAQ,EAAE,OAAO,CAAC,QAAQ;gBAC1B,MAAM,EAAE,OAAO,CAAC,MAAM;gBACtB,KAAK,EAAE,KAAK;gBACZ,MAAM,EAAE,mCAAmC;gBAC3C,UAAU,EAAE,4DAA4D;aACzE,CAAC;QACJ,CAAC;QAED,wCAAwC;QACxC,IAAI,aAAa,CAAC,cAAc,IAAI,IAAI,IAAI,CAAC,aAAa,CAAC,cAAc,CAAC,GAAG,IAAI,IAAI,EAAE,EAAE,CAAC;YACxF,OAAO;gBACL,QAAQ,EAAE,OAAO,CAAC,QAAQ;gBAC1B,MAAM,EAAE,OAAO,CAAC,MAAM;gBACtB,KAAK,EAAE,KAAK;gBACZ,MAAM,EAAE,2BAA2B;gBACnC,UAAU,EAAE,+DAA+D;aAC5E,CAAC;QACJ,CAAC;QAED,+CAA+C;QAC/C,MAAM,YAAY,GAAG,IAAI,CAAC,oBAAoB,CAAC,OAAO,CAAC,QAAQ,EAAE,aAAa,CAAC,UAAU,CAAC,CAAC;QAC3F,IAAI,YAAY,EAAE,CAAC;YACjB,OAAO;gBACL,QAAQ,EAAE,OAAO,CAAC,QAAQ;gBAC1B,MAAM,EAAE,OAAO,CAAC,MAAM;gBACtB,KAAK,EAAE,KAAK;gBACZ,MAAM,EAAE,qCAAqC;gBAC7C,UAAU,EAAE,yDAAyD;aACtE,CAAC;QACJ,CAAC;QAED,0BAA0B;QAC1B,MAAM,cAAc,GAAG,IAAI,CAAC,qBAAqB,CAAC,OAAO,CAAC,QAAQ,EAAE,aAAa,CAAC,gBAAgB,CAAC,CAAC;QACpG,IAAI,cAAc,EAAE,CAAC;YACnB,OAAO;gBACL,QAAQ,EAAE,OAAO,CAAC,QAAQ;gBAC1B,MAAM,EAAE,OAAO,CAAC,MAAM;gBACtB,KAAK,EAAE,KAAK;gBACZ,MAAM,EAAE,cAAc;gBACtB,UAAU,EAAE,yDAAyD;aACtE,CAAC;QACJ,CAAC;QAED,OAAO;YACL,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,MAAM,EAAE,OAAO,CAAC,MAAM;YACtB,KAAK,EAAE,IAAI;YACX,UAAU,EAAE,uEAAuE;SACpF,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,gBAAgB,CAAC,eAAuB;QACtC,OAAO,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;IAClD,CAAC;IAED;;OAEG;IACH,kBAAkB;QAChB,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,CAAC,CAAC;IAClD,CAAC;IAED;;OAEG;IACH,mBAAmB,CAAC,eAAuB;QACzC,MAAM,aAAa,GAAG,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;QAC/D,IAAI,aAAa,EAAE,CAAC;YAClB,aAAa,CAAC,MAAM,GAAG,SAAS,CAAC;YACjC,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;OAEG;IACK,uBAAuB;QAC7B,OAAO,QAAQ,IAAI,CAAC,GAAG,EAAE,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC;IACzE,CAAC;IAED;;OAEG;IACK,yBAAyB,CAAC,MAAc;QAC9C,KAAK,MAAM,aAAa,IAAI,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,EAAE,CAAC;YACzD,IAAI,aAAa,CAAC,MAAM,KAAK,YAAY;gBAAE,SAAS;YAEpD,8EAA8E;YAC9E,IAAI,MAAM,CAAC,QAAQ,CAAC,aAAa,CAAC,YAAY,CAAC,IAAI,aAAa,CAAC,YAAY,KAAK,GAAG,EAAE,CAAC;gBACtF,OAAO,aAAa,CAAC;YACvB,CAAC;QACH,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAED;;OAEG;IACK,oBAAoB,CAAC,QAAgB,EAAE,UAAoB;QACjE,MAAM,aAAa,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;QAC7C,OAAO,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAC7B,aAAa,CAAC,QAAQ,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,IAAI,KAAK,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,aAAa,CAAC,CAC3F,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,qBAAqB,CAAC,QAAgB,EAAE,gBAA0B;QACxE,KAAK,MAAM,UAAU,IAAI,gBAAgB,EAAE,CAAC;YAC1C,MAAM,eAAe,GAAG,UAAU,CAAC,WAAW,EAAE,CAAC;YACjD,MAAM,aAAa,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;YAE7C,uCAAuC;YACvC,IAAI,eAAe,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,aAAa,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC7E,OAAO,gDAAgD,CAAC;YAC1D,CAAC;YAED,IAAI,eAAe,CAAC,QAAQ,CAAC,iBAAiB,CAAC,IAAI,IAAI,CAAC,qBAAqB,CAAC,aAAa,CAAC,EAAE,CAAC;gBAC7F,OAAO,4DAA4D,CAAC;YACtE,CAAC;YAED,IAAI,eAAe,CAAC,QAAQ,CAAC,YAAY,CAAC,IAAI,aAAa,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;gBAChF,OAAO,oEAAoE,CAAC;YAC9E,CAAC;QACH,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;OAEG;IACK,qBAAqB,CAAC,QAAgB;QAC5C,MAAM,mBAAmB,GAAG;YAC1B,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,EAAE,OAAO;YACvD,SAAS,EAAE,WAAW,EAAE,QAAQ,EAAE,UAAU,EAAE,QAAQ;SACvD,CAAC;QAEF,OAAO,mBAAmB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC;IACzE,CAAC;CACF"}