erosolar-cli 1.7.341 → 1.7.343

package/dist/alpha-zero/security/google.js

@@ -1,311 +0,0 @@
-/**
- * Google Infrastructure Persistence Vector Research
- *
- * OPTIONAL MODULE - Only loaded when Google security research is enabled.
- *
- * Provides research tools for identifying persistence mechanisms
- * in Google Cloud Platform and Google Workspace environments.
- *
- * AUTHORIZATION: Designed for authorized red team engagements and
- * penetration testing of Google infrastructure under contract.
- *
- * Principal Investigator: Bo Shang
- * Framework: erosolar-cli
- */
-import { AuthorizationScope } from './core.js';
-/**
- * Google services for persistence research
- */
-export var GoogleService;
-(function (GoogleService) {
-    // Google Cloud Platform
-    GoogleService["GCP_COMPUTE"] = "gcp_compute_engine";
-    GoogleService["GCP_GKE"] = "gcp_kubernetes_engine";
-    GoogleService["GCP_CLOUD_FUNCTIONS"] = "gcp_cloud_functions";
-    GoogleService["GCP_IAM"] = "gcp_iam";
-    GoogleService["GCP_SERVICE_ACCOUNTS"] = "gcp_service_accounts";
-    GoogleService["GCP_CLOUD_STORAGE"] = "gcp_cloud_storage";
-    GoogleService["GCP_SECRETS_MANAGER"] = "gcp_secrets_manager";
-    // Google Workspace
-    GoogleService["WORKSPACE_GMAIL"] = "workspace_gmail";
-    GoogleService["WORKSPACE_DRIVE"] = "workspace_drive";
-    GoogleService["WORKSPACE_ADMIN"] = "workspace_admin";
-    GoogleService["WORKSPACE_APPS_SCRIPT"] = "workspace_apps_script";
-    // Google Identity
-    GoogleService["GOOGLE_OAUTH"] = "google_oauth";
-})(GoogleService || (GoogleService = {}));
-/**
- * Categories of persistence mechanisms
- */
-export var PersistenceCategory;
-(function (PersistenceCategory) {
-    PersistenceCategory["SERVICE_ACCOUNT_ABUSE"] = "service_account_abuse";
-    PersistenceCategory["IAM_POLICY_MODIFICATION"] = "iam_policy_modification";
-    PersistenceCategory["OAUTH_APP_CONSENT"] = "oauth_app_consent";
-    PersistenceCategory["API_KEYS"] = "api_keys";
-    PersistenceCategory["CLOUD_FUNCTION_TRIGGER"] = "cloud_function_trigger";
-    PersistenceCategory["APPS_SCRIPT_TRIGGER"] = "apps_script_trigger";
-    PersistenceCategory["DELEGATION_ABUSE"] = "delegation_abuse";
-})(PersistenceCategory || (PersistenceCategory = {}));
-/**
- * GCP Persistence Vectors
- */
-export const GCP_PERSISTENCE_VECTORS = {
-    sa_key_creation: {
-        name: 'Service Account Key Creation',
-        service: GoogleService.GCP_SERVICE_ACCOUNTS,
-        category: PersistenceCategory.SERVICE_ACCOUNT_ABUSE,
-        description: 'Create keys for service accounts to maintain API access',
-        techniqueId: 'T1098.001',
-        requiredPermissions: ['iam.serviceAccountKeys.create'],
-        detectionMethods: ['Cloud Audit Logs', 'Security Command Center'],
-        mitigations: ['Use Workload Identity', 'Key rotation policies'],
-        stealthRating: 2,
-    },
-    iam_binding: {
-        name: 'IAM Policy Binding',
-        service: GoogleService.GCP_IAM,
-        category: PersistenceCategory.IAM_POLICY_MODIFICATION,
-        description: 'Add IAM bindings for persistent access',
-        techniqueId: 'T1098.001',
-        requiredPermissions: ['resourcemanager.projects.setIamPolicy'],
-        detectionMethods: ['IAM audit logs', 'Policy monitoring'],
-        mitigations: ['IAM Recommender', 'Least privilege'],
-        stealthRating: 1,
-    },
-    cloud_function_backdoor: {
-        name: 'Cloud Function Backdoor',
-        service: GoogleService.GCP_CLOUD_FUNCTIONS,
-        category: PersistenceCategory.CLOUD_FUNCTION_TRIGGER,
-        description: 'Deploy function as persistent callback',
-        techniqueId: 'T1059',
-        requiredPermissions: ['cloudfunctions.functions.create'],
-        detectionMethods: ['Function deployment logs', 'Network monitoring'],
-        mitigations: ['Function allowlisting', 'Binary authorization'],
-        stealthRating: 3,
-    },
-};
-/**
- * Workspace Persistence Vectors
- */
-export const WORKSPACE_PERSISTENCE_VECTORS = {
-    oauth_consent: {
-        name: 'OAuth App Consent Persistence',
-        service: GoogleService.GOOGLE_OAUTH,
-        category: PersistenceCategory.OAUTH_APP_CONSENT,
-        description: 'Persist via OAuth app with broad scope consent',
-        techniqueId: 'T1550.001',
-        requiredPermissions: ['OAuth consent grant'],
-        detectionMethods: ['OAuth audit logs', 'App access reviews'],
-        mitigations: ['OAuth app restrictions', 'Consent monitoring'],
-        stealthRating: 4,
-    },
-    apps_script_trigger: {
-        name: 'Apps Script Trigger Persistence',
-        service: GoogleService.WORKSPACE_APPS_SCRIPT,
-        category: PersistenceCategory.APPS_SCRIPT_TRIGGER,
-        description: 'Create time/event triggers in Apps Script',
-        techniqueId: 'T1053',
-        requiredPermissions: ['Script Editor access'],
-        detectionMethods: ['Apps Script audit logs', 'Trigger inventory'],
-        mitigations: ['Apps Script restrictions', 'Trigger monitoring'],
-        stealthRating: 4,
-    },
-    drive_sharing: {
-        name: 'Drive Sharing Persistence',
-        service: GoogleService.WORKSPACE_DRIVE,
-        category: PersistenceCategory.DELEGATION_ABUSE,
-        description: 'Maintain access via shared drive permissions',
-        techniqueId: 'T1213',
-        requiredPermissions: ['Drive sharing permissions'],
-        detectionMethods: ['Drive audit logs', 'Sharing reports'],
-        mitigations: ['External sharing restrictions', 'DLP policies'],
-        stealthRating: 3,
-    },
-};
-/**
- * Google Persistence Researcher
- */
-export class GooglePersistenceResearcher {
-    authorization;
-    verbose;
-    testResults = [];
-    constructor(authorization, verbose = false) {
-        this.authorization = authorization;
-        this.verbose = verbose;
-    }
-    /**
-     * Check authorization
-     */
-    checkAuthorization() {
-        if (!this.authorization) {
-            throw new Error('No authorization record.');
-        }
-        const allowed = [
-            AuthorizationScope.OWNED_SYSTEMS,
-            AuthorizationScope.PENTEST_ENGAGEMENT,
-            AuthorizationScope.RED_TEAM,
-            AuthorizationScope.BUG_BOUNTY,
-        ];
-        if (!allowed.includes(this.authorization.scope)) {
-            throw new Error('Google research requires pentest/red team authorization.');
-        }
-    }
-    /**
-     * Get all Google persistence vectors
-     */
-    getAllVectors() {
-        return { ...GCP_PERSISTENCE_VECTORS, ...WORKSPACE_PERSISTENCE_VECTORS };
-    }
-    /**
-     * Get vectors by service
-     */
-    getVectorsByService(service) {
-        const all = this.getAllVectors();
-        return Object.values(all).filter(v => v.service === service);
-    }
-    /**
-     * Get vectors by category
-     */
-    getVectorsByCategory(category) {
-        const all = this.getAllVectors();
-        return Object.values(all).filter(v => v.category === category);
-    }
-    /**
-     * Get stealthy vectors
-     */
-    getStealthyVectors(minRating = 3) {
-        const all = this.getAllVectors();
-        return Object.values(all).filter(v => v.stealthRating >= minRating);
-    }
-    /**
-     * Analyze a persistence vector
-     */
-    analyzeVector(vectorId, targetProject) {
-        this.checkAuthorization();
-        const allVectors = this.getAllVectors();
-        if (!(vectorId in allVectors)) {
-            throw new Error(`Unknown vector: ${vectorId}`);
-        }
-        const vector = allVectors[vectorId];
-        if (!vector) {
-            throw new Error(`Unknown vector ID: ${vectorId}`);
-        }
-        const result = {
-            vector,
-            targetProject,
-            timestamp: Date.now(),
-            testable: true,
-            permissionsVerified: [],
-            missingPermissions: [],
-            detectionRisk: vector.stealthRating < 3 ? 'medium' : 'low',
-            notes: `Analysis for ${vector.name}`,
-        };
-        if (this.verbose) {
-            console.log(`[Google] Analyzing ${vector.name}`);
-            console.log(`  Service: ${vector.service}`);
-            console.log(`  Stealth: ${vector.stealthRating}/5`);
-        }
-        this.testResults.push(result);
-        return result;
-    }
-    /**
-     * Generate attack playbook
-     */
-    generateAttackPlaybook(targetProject, vectors) {
-        this.checkAuthorization();
-        const useVectors = vectors || Object.values(this.getAllVectors());
-        // Sort by stealth rating (stealthiest first)
-        const sorted = [...useVectors].sort((a, b) => b.stealthRating - a.stealthRating);
-        return {
-            target: targetProject,
-            generated: new Date().toISOString(),
-            authorization: {
-                scope: this.authorization.scope,
-                authorizedBy: this.authorization.authorizedBy,
-            },
-            vectors: sorted.map(v => ({
-                name: v.name,
-                service: v.service,
-                category: v.category,
-                stealthRating: v.stealthRating,
-                requiredPermissions: v.requiredPermissions,
-                detectionMethods: v.detectionMethods,
-            })),
-            recommendedOrder: sorted.map(v => v.name),
-            detectionCoverage: Array.from(new Set(sorted.flatMap(v => v.detectionMethods))),
-        };
-    }
-    /**
-     * Generate detection report (blue team)
-     */
-    generateDetectionReport() {
-        this.checkAuthorization();
-        const allVectors = this.getAllVectors();
-        const lines = [
-            '# Google Infrastructure Detection Guide',
-            '',
-            `Generated: ${new Date().toISOString()}`,
-            '',
-            '## Overview',
-            '',
-            `This guide covers ${Object.keys(allVectors).length} persistence vectors.`,
-            '',
-            '## Detection Methods',
-            '',
-        ];
-        // Group by detection method
-        const detectionMap = {};
-        for (const vector of Object.values(allVectors)) {
-            for (const method of vector.detectionMethods) {
-                if (!detectionMap[method]) {
-                    detectionMap[method] = [];
-                }
-                detectionMap[method].push(vector.name);
-            }
-        }
-        for (const [method, vectorNames] of Object.entries(detectionMap).sort()) {
-            lines.push(`### ${method}`);
-            lines.push('');
-            lines.push('Detects:');
-            for (const name of vectorNames) {
-                lines.push(`- ${name}`);
-            }
-            lines.push('');
-        }
-        lines.push('## Vectors by Stealth Rating');
-        lines.push('');
-        for (let rating = 5; rating >= 1; rating--) {
-            const vectorsAtRating = Object.values(allVectors).filter(v => v.stealthRating === rating);
-            if (vectorsAtRating.length > 0) {
-                lines.push(`### Stealth ${rating}/5`);
-                for (const v of vectorsAtRating) {
-                    lines.push(`- ${v.name} (${v.service})`);
-                }
-                lines.push('');
-            }
-        }
-        return lines.join('\n');
-    }
-}
-/**
- * Create Google authorization
- */
-export function createGoogleAuthorization(engagementType, authorizedBy, targetProject = '*', scopeNotes = '') {
-    const scopeMap = {
-        bug_bounty: AuthorizationScope.BUG_BOUNTY,
-        pentest: AuthorizationScope.PENTEST_ENGAGEMENT,
-        red_team: AuthorizationScope.RED_TEAM,
-        owned: AuthorizationScope.OWNED_SYSTEMS,
-    };
-    return {
-        scope: scopeMap[engagementType] || AuthorizationScope.PENTEST_ENGAGEMENT,
-        targetDomain: `*.googleapis.com,${targetProject}.iam.gserviceaccount.com`,
-        authorizedBy,
-        authorizationDate: new Date().toISOString(),
-        scopeLimitations: [],
-        outOfScope: [],
-        notes: scopeNotes || `Google ${engagementType} engagement`,
-    };
-}
-//# sourceMappingURL=google.js.map

package/dist/alpha-zero/security/google.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"google.js","sourceRoot":"","sources":["../../../src/alpha-zero/security/google.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,EAAuB,kBAAkB,EAAE,MAAM,WAAW,CAAC;AAEpE;;GAEG;AACH,MAAM,CAAN,IAAY,aAkBX;AAlBD,WAAY,aAAa;IACvB,wBAAwB;IACxB,mDAAkC,CAAA;IAClC,kDAAiC,CAAA;IACjC,4DAA2C,CAAA;IAC3C,oCAAmB,CAAA;IACnB,8DAA6C,CAAA;IAC7C,wDAAuC,CAAA;IACvC,4DAA2C,CAAA;IAE3C,mBAAmB;IACnB,oDAAmC,CAAA;IACnC,oDAAmC,CAAA;IACnC,oDAAmC,CAAA;IACnC,gEAA+C,CAAA;IAE/C,kBAAkB;IAClB,8CAA6B,CAAA;AAC/B,CAAC,EAlBW,aAAa,KAAb,aAAa,QAkBxB;AAED;;GAEG;AACH,MAAM,CAAN,IAAY,mBAQX;AARD,WAAY,mBAAmB;IAC7B,sEAA+C,CAAA;IAC/C,0EAAmD,CAAA;IACnD,8DAAuC,CAAA;IACvC,4CAAqB,CAAA;IACrB,wEAAiD,CAAA;IACjD,kEAA2C,CAAA;IAC3C,4DAAqC,CAAA;AACvC,CAAC,EARW,mBAAmB,KAAnB,mBAAmB,QAQ9B;AA+BD;;GAEG;AACH,MAAM,CAAC,MAAM,uBAAuB,GAAsC;IACxE,eAAe,EAAE;QACf,IAAI,EAAE,8BAA8B;QACpC,OAAO,EAAE,aAAa,CAAC,oBAAoB;QAC3C,QAAQ,EAAE,mBAAmB,CAAC,qBAAqB;QACnD,WAAW,EAAE,yDAAyD;QACtE,WAAW,EAAE,WAAW;QACxB,mBAAmB,EAAE,CAAC,+BAA+B,CAAC;QACtD,gBAAgB,EAAE,CAAC,kBAAkB,EAAE,yBAAyB,CAAC;QACjE,WAAW,EAAE,CAAC,uBAAuB,EAAE,uBAAuB,CAAC;QAC/D,aAAa,EAAE,CAAC;KACjB;IACD,WAAW,EAAE;QACX,IAAI,EAAE,oBAAoB;QAC1B,OAAO,EAAE,aAAa,CAAC,OAAO;QAC9B,QAAQ,EAAE,mBAAmB,CAAC,uBAAuB;QACrD,WAAW,EAAE,wCAAwC;QACrD,WAAW,EAAE,WAAW;QACxB,mBAAmB,EAAE,CAAC,uCAAuC,CAAC;QAC9D,gBAAgB,EAAE,CAAC,gBAAgB,EAAE,mBAAmB,CAAC;QACzD,WAAW,EAAE,CAAC,iBAAiB,EAAE,iBAAiB,CAAC;QACnD,aAAa,EAAE,CAAC;KACjB;IACD,uBAAuB,EAAE;QACvB,IAAI,EAAE,yBAAyB;QAC/B,OAAO,EAAE,aAAa,CAAC,mBAAmB;QAC1C,QAAQ,EAAE,mBAAmB,CAAC,sBAAsB;QACpD,WAAW,EAAE,wCAAwC;QACrD,WAAW,EAAE,OAAO;QACpB,mBAAmB,EAAE,CAAC,iCAAiC,CAAC;QACxD,gBAAgB,EAAE,CAAC,0BAA0B,EAAE,oBAAoB,CAAC;QACpE,WAAW,EAAE,CAAC,uBAAuB,EAAE,sBAAsB,CAAC;QAC9D,aAAa,EAAE,CAAC;KACjB;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,6BAA6B,GAAsC;IAC9E,aAAa,EAAE;QACb,IAAI,EAAE,+BAA+B;QACrC,OAAO,EAAE,aAAa,CAAC,YAAY;QACnC,QAAQ,EAAE,mBAAmB,CAAC,iBAAiB;QAC/C,WAAW,EAAE,gDAAgD;QAC7D,WAAW,EAAE,WAAW;QACxB,mBAAmB,EAAE,CAAC,qBAAqB,CAAC;QAC5C,gBAAgB,EAAE,CAAC,kBAAkB,EAAE,oBAAoB,CAAC;QAC5D,WAAW,EAAE,CAAC,wBAAwB,EAAE,oBAAoB,CAAC;QAC7D,aAAa,EAAE,CAAC;KACjB;IACD,mBAAmB,EAAE;QACnB,IAAI,EAAE,iCAAiC;QACvC,OAAO,EAAE,aAAa,CAAC,qBAAqB;QAC5C,QAAQ,EAAE,mBAAmB,CAAC,mBAAmB;QACjD,WAAW,EAAE,2CAA2C;QACxD,WAAW,EAAE,OAAO;QACpB,mBAAmB,EAAE,CAAC,sBAAsB,CAAC;QAC7C,gBAAgB,EAAE,CAAC,wBAAwB,EAAE,mBAAmB,CAAC;QACjE,WAAW,EAAE,CAAC,0BAA0B,EAAE,oBAAoB,CAAC;QAC/D,aAAa,EAAE,CAAC;KACjB;IACD,aAAa,EAAE;QACb,IAAI,EAAE,2BAA2B;QACjC,OAAO,EAAE,aAAa,CAAC,eAAe;QACtC,QAAQ,EAAE,mBAAmB,CAAC,gBAAgB;QAC9C,WAAW,EAAE,8CAA8C;QAC3D,WAAW,EAAE,OAAO;QACpB,mBAAmB,EAAE,CAAC,2BAA2B,CAAC;QAClD,gBAAgB,EAAE,CAAC,kBAAkB,EAAE,iBAAiB,CAAC;QACzD,WAAW,EAAE,CAAC,+BAA+B,EAAE,cAAc,CAAC;QAC9D,aAAa,EAAE,CAAC;KACjB;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,OAAO,2BAA2B;IAC9B,aAAa,CAAsB;IACnC,OAAO,CAAU;IAClB,WAAW,GAA4B,EAAE,CAAC;IAEjD,YAAY,aAAkC,EAAE,OAAO,GAAG,KAAK;QAC7D,IAAI,CAAC,aAAa,GAAG,aAAa,CAAC;QACnC,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;IAED;;OAEG;IACK,kBAAkB;QACxB,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,CAAC;YACxB,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;QAC9C,CAAC;QAED,MAAM,OAAO,GAAG;YACd,kBAAkB,CAAC,aAAa;YAChC,kBAAkB,CAAC,kBAAkB;YACrC,kBAAkB,CAAC,QAAQ;YAC3B,kBAAkB,CAAC,UAAU;SAC9B,CAAC;QAEF,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,EAAE,CAAC;YAChD,MAAM,IAAI,KAAK,CAAC,0DAA0D,CAAC,CAAC;QAC9E,CAAC;IACH,CAAC;IAED;;OAEG;IACH,aAAa;QACX,OAAO,EAAE,GAAG,uBAAuB,EAAE,GAAG,6BAA6B,EAAE,CAAC;IAC1E,CAAC;IAED;;OAEG;IACH,mBAAmB,CAAC,OAAsB;QACxC,MAAM,GAAG,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC;QACjC,OAAO,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,KAAK,OAAO,CAAC,CAAC;IAC/D,CAAC;IAED;;OAEG;IACH,oBAAoB,CAAC,QAA6B;QAChD,MAAM,GAAG,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC;QACjC,OAAO,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC;IACjE,CAAC;IAED;;OAEG;IACH,kBAAkB,CAAC,SAAS,GAAG,CAAC;QAC9B,MAAM,GAAG,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC;QACjC,OAAO,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,aAAa,IAAI,SAAS,CAAC,CAAC;IACtE,CAAC;IAED;;OAEG;IACH,aAAa,CAAC,QAAgB,EAAE,aAAqB;QACnD,IAAI,CAAC,kBAAkB,EAAE,CAAC;QAE1B,MAAM,UAAU,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC;QACxC,IAAI,CAAC,CAAC,QAAQ,IAAI,UAAU,CAAC,EAAE,CAAC;YAC9B,MAAM,IAAI,KAAK,CAAC,mBAAmB,QAAQ,EAAE,CAAC,CAAC;QACjD,CAAC;QAED,MAAM,MAAM,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC;QAEpC,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,KAAK,CAAC,sBAAsB,QAAQ,EAAE,CAAC,CAAC;QACpD,CAAC;QAED,MAAM,MAAM,GAA0B;YACpC,MAAM;YACN,aAAa;YACb,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;YACrB,QAAQ,EAAE,IAAI;YACd,mBAAmB,EAAE,EAAE;YACvB,kBAAkB,EAAE,EAAE;YACtB,aAAa,EAAE,MAAM,CAAC,aAAa,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,KAAK;YAC1D,KAAK,EAAE,gBAAgB,MAAM,CAAC,IAAI,EAAE;SACrC,CAAC;QAEF,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;YACjB,OAAO,CAAC,GAAG,CAAC,sBAAsB,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;YACjD,OAAO,CAAC,GAAG,CAAC,cAAc,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC;YAC5C,OAAO,CAAC,GAAG,CAAC,cAAc,MAAM,CAAC,aAAa,IAAI,CAAC,CAAC;QACtD,CAAC;QAED,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC9B,OAAO,MAAM,CAAC;IAChB,CAAC;IAED;;OAEG;IACH,sBAAsB,CACpB,aAAqB,EACrB,OAA6B;QAE7B,IAAI,CAAC,kBAAkB,EAAE,CAAC;QAE1B,MAAM,UAAU,GAAG,OAAO,IAAI,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,aAAa,EAAE,CAAC,CAAC;QAElE,6CAA6C;QAC7C,MAAM,MAAM,GAAG,CAAC,GAAG,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,GAAG,CAAC,CAAC,aAAa,CAAC,CAAC;QAEjF,OAAO;YACL,MAAM,EAAE,aAAa;YACrB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,aAAa,EAAE;gBACb,KAAK,EAAE,IAAI,CAAC,aAAa,CAAC,KAAK;gBAC/B,YAAY,EAAE,IAAI,CAAC,aAAa,CAAC,YAAY;aAC9C;YACD,OAAO,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;gBACxB,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,OAAO,EAAE,CAAC,CAAC,OAAO;gBAClB,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,aAAa,EAAE,CAAC,CAAC,aAAa;gBAC9B,mBAAmB,EAAE,CAAC,CAAC,mBAAmB;gBAC1C,gBAAgB,EAAE,CAAC,CAAC,gBAAgB;aACrC,CAAC,CAAC;YACH,gBAAgB,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;YACzC,iBAAiB,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC;SAChF,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,uBAAuB;QACrB,IAAI,CAAC,kBAAkB,EAAE,CAAC;QAE1B,MAAM,UAAU,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC;QACxC,MAAM,KAAK,GAAG;YACZ,yCAAyC;YACzC,EAAE;YACF,cAAc,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,EAAE;YACxC,EAAE;YACF,aAAa;YACb,EAAE;YACF,qBAAqB,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,MAAM,uBAAuB;YAC1E,EAAE;YACF,sBAAsB;YACtB,EAAE;SACH,CAAC;QAEF,4BAA4B;QAC5B,MAAM,YAAY,GAA6B,EAAE,CAAC;QAClD,KAAK,MAAM,MAAM,IAAI,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,EAAE,CAAC;YAC/C,KAAK,MAAM,MAAM,IAAI,MAAM,CAAC,gBAAgB,EAAE,CAAC;gBAC7C,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,EAAE,CAAC;oBAC1B,YAAY,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;gBAC5B,CAAC;gBACD,YAAY,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;YACzC,CAAC;QACH,CAAC;QAED,KAAK,MAAM,CAAC,MAAM,EAAE,WAAW,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC;YACxE,KAAK,CAAC,IAAI,CAAC,OAAO,MAAM,EAAE,CAAC,CAAC;YAC5B,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YACf,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YACvB,KAAK,MAAM,IAAI,IAAI,WAAW,EAAE,CAAC;gBAC/B,KAAK,CAAC,IAAI,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC;YAC1B,CAAC;YACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACjB,CAAC;QAED,KAAK,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC;QAC3C,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAEf,KAAK,IAAI,MAAM,GAAG,CAAC,EAAE,MAAM,IAAI,CAAC,EAAE,MAAM,EAAE,EAAE,CAAC;YAC3C,MAAM,eAAe,GAAG,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,aAAa,KAAK,MAAM,CAAC,CAAC;YAC1F,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC/B,KAAK,CAAC,IAAI,CAAC,eAAe,MAAM,IAAI,CAAC,CAAC;gBACtC,KAAK,MAAM,CAAC,IAAI,eAAe,EAAE,CAAC;oBAChC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,OAAO,GAAG,CAAC,CAAC;gBAC3C,CAAC;gBACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YACjB,CAAC;QACH,CAAC;QAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;CACF;AAED;;GAEG;AACH,MAAM,UAAU,yBAAyB,CACvC,cAA+D,EAC/D,YAAoB,EACpB,aAAa,GAAG,GAAG,EACnB,UAAU,GAAG,EAAE;IAEf,MAAM,QAAQ,GAAuC;QACnD,UAAU,EAAE,kBAAkB,CAAC,UAAU;QACzC,OAAO,EAAE,kBAAkB,CAAC,kBAAkB;QAC9C,QAAQ,EAAE,kBAAkB,CAAC,QAAQ;QACrC,KAAK,EAAE,kBAAkB,CAAC,aAAa;KACxC,CAAC;IAEF,OAAO;QACL,KAAK,EAAE,QAAQ,CAAC,cAAc,CAAC,IAAI,kBAAkB,CAAC,kBAAkB;QACxE,YAAY,EAAE,oBAAoB,aAAa,0BAA0B;QACzE,YAAY;QACZ,iBAAiB,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QAC3C,gBAAgB,EAAE,EAAE;QACpB,UAAU,EAAE,EAAE;QACd,KAAK,EAAE,UAAU,IAAI,UAAU,cAAc,aAAa;KAC3D,CAAC;AACJ,CAAC"}

package/dist/alpha-zero/security/googleLoader.d.ts

@@ -1,17 +0,0 @@
-/**
- * Google Security Module Loader
- *
- * Provides lazy loading for the optional Google security research module.
- *
- * Principal Investigator: Bo Shang
- * Framework: erosolar-cli
- */
-/**
- * Check if Google security research module is available
- */
-export declare function isGoogleEnabled(): boolean;
-/**
- * Get the Google security research module (lazy load)
- */
-export declare function getGoogleModule(): Promise<typeof import("./google.js")>;
-//# sourceMappingURL=googleLoader.d.ts.map

package/dist/alpha-zero/security/googleLoader.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"googleLoader.d.ts","sourceRoot":"","sources":["../../../src/alpha-zero/security/googleLoader.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAIH;;GAEG;AACH,wBAAgB,eAAe,IAAI,OAAO,CAWzC;AAED;;GAEG;AACH,wBAAsB,eAAe,0CAYpC"}

package/dist/alpha-zero/security/googleLoader.js

@@ -1,41 +0,0 @@
-/**
- * Google Security Module Loader
- *
- * Provides lazy loading for the optional Google security research module.
- *
- * Principal Investigator: Bo Shang
- * Framework: erosolar-cli
- */
-let googleModule = null;
-/**
- * Check if Google security research module is available
- */
-export function isGoogleEnabled() {
-    if (googleModule !== null) {
-        return true;
-    }
-    try {
-        // Dynamic import check would go here
-        // For now, return true since we're creating the module
-        return true;
-    }
-    catch {
-        return false;
-    }
-}
-/**
- * Get the Google security research module (lazy load)
- */
-export async function getGoogleModule() {
-    if (googleModule === null) {
-        try {
-            googleModule = await import('./google.js');
-        }
-        catch (error) {
-            throw new Error('Google security research module not available. ' +
-                'Ensure google.ts is built and available.');
-        }
-    }
-    return googleModule;
-}
-//# sourceMappingURL=googleLoader.js.map

package/dist/alpha-zero/security/googleLoader.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"googleLoader.js","sourceRoot":"","sources":["../../../src/alpha-zero/security/googleLoader.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,IAAI,YAAY,GAAwC,IAAI,CAAC;AAE7D;;GAEG;AACH,MAAM,UAAU,eAAe;IAC7B,IAAI,YAAY,KAAK,IAAI,EAAE,CAAC;QAC1B,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,CAAC;QACH,qCAAqC;QACrC,uDAAuD;QACvD,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe;IACnC,IAAI,YAAY,KAAK,IAAI,EAAE,CAAC;QAC1B,IAAI,CAAC;YACH,YAAY,GAAG,MAAM,MAAM,CAAC,aAAa,CAAC,CAAC;QAC7C,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,IAAI,KAAK,CACb,iDAAiD;gBACjD,0CAA0C,CAC3C,CAAC;QACJ,CAAC;IACH,CAAC;IACD,OAAO,YAAY,CAAC;AACtB,CAAC"}

package/dist/alpha-zero/security/index.d.ts

@@ -1,29 +0,0 @@
-/**
- * Security Research Module for Alpha Zero 2
- *
- * OPTIONAL MODULE - Only loaded when security research is enabled.
- *
- * A modular security research framework with optional provider-specific extensions.
- * All capabilities require explicit authorization.
- *
- * LEGAL NOTICE:
- * These tools are intended for:
- * - Authorized penetration testing engagements
- * - Bug bounty programs with explicit scope
- * - CTF competitions and security training
- * - Red team exercises with written authorization
- * - Security research on systems you own or have permission to test
- *
- * Structure:
- * - core: Base authorization and reconnaissance (always available)
- * - simulation: Attack simulation framework (always available)
- * - google: Google Cloud/Workspace persistence research (optional)
- *
- * Principal Investigator: Bo Shang
- * Framework: erosolar-cli
- */
-export { AuthorizationScope, type AuthorizationRecord, type ReconResult, type VulnerabilityFinding, SecurityResearchEngine, createBugBountyAuthorization, createPentestAuthorization, createCtfAuthorization, } from './core.js';
-export { AttackCategory, AttackPhase, type AttackVector, type AttackSimulationResult, AttackSimulator, PayloadGenerator, ATTACK_VECTORS, } from './simulation.js';
-export { isGoogleEnabled, getGoogleModule } from './googleLoader.js';
-export declare const SECURITY_VERSION = "1.0.0";
-//# sourceMappingURL=index.d.ts.map

package/dist/alpha-zero/security/index.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/alpha-zero/security/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AAGH,OAAO,EACL,kBAAkB,EAClB,KAAK,mBAAmB,EACxB,KAAK,WAAW,EAChB,KAAK,oBAAoB,EACzB,sBAAsB,EACtB,4BAA4B,EAC5B,0BAA0B,EAC1B,sBAAsB,GACvB,MAAM,WAAW,CAAC;AAGnB,OAAO,EACL,cAAc,EACd,WAAW,EACX,KAAK,YAAY,EACjB,KAAK,sBAAsB,EAC3B,eAAe,EACf,gBAAgB,EAChB,cAAc,GACf,MAAM,iBAAiB,CAAC;AAGzB,OAAO,EAAE,eAAe,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AAErE,eAAO,MAAM,gBAAgB,UAAU,CAAC"}

package/dist/alpha-zero/security/index.js

@@ -1,32 +0,0 @@
-/**
- * Security Research Module for Alpha Zero 2
- *
- * OPTIONAL MODULE - Only loaded when security research is enabled.
- *
- * A modular security research framework with optional provider-specific extensions.
- * All capabilities require explicit authorization.
- *
- * LEGAL NOTICE:
- * These tools are intended for:
- * - Authorized penetration testing engagements
- * - Bug bounty programs with explicit scope
- * - CTF competitions and security training
- * - Red team exercises with written authorization
- * - Security research on systems you own or have permission to test
- *
- * Structure:
- * - core: Base authorization and reconnaissance (always available)
- * - simulation: Attack simulation framework (always available)
- * - google: Google Cloud/Workspace persistence research (optional)
- *
- * Principal Investigator: Bo Shang
- * Framework: erosolar-cli
- */
-// Re-export core security components
-export { AuthorizationScope, SecurityResearchEngine, createBugBountyAuthorization, createPentestAuthorization, createCtfAuthorization, } from './core.js';
-// Re-export simulation components
-export { AttackCategory, AttackPhase, AttackSimulator, PayloadGenerator, ATTACK_VECTORS, } from './simulation.js';
-// Google module is optional - export checker function
-export { isGoogleEnabled, getGoogleModule } from './googleLoader.js';
-export const SECURITY_VERSION = '1.0.0';
-//# sourceMappingURL=index.js.map

package/dist/alpha-zero/security/index.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/alpha-zero/security/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AAEH,qCAAqC;AACrC,OAAO,EACL,kBAAkB,EAIlB,sBAAsB,EACtB,4BAA4B,EAC5B,0BAA0B,EAC1B,sBAAsB,GACvB,MAAM,WAAW,CAAC;AAEnB,kCAAkC;AAClC,OAAO,EACL,cAAc,EACd,WAAW,EAGX,eAAe,EACf,gBAAgB,EAChB,cAAc,GACf,MAAM,iBAAiB,CAAC;AAEzB,sDAAsD;AACtD,OAAO,EAAE,eAAe,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AAErE,MAAM,CAAC,MAAM,gBAAgB,GAAG,OAAO,CAAC"}

package/dist/alpha-zero/security/simulation.d.ts

@@ -1,124 +0,0 @@
-/**
- * Attack Simulation Framework
- *
- * Provides controlled attack simulations for red team exercises.
- * All simulations require explicit authorization.
- *
- * Principal Investigator: Bo Shang
- * Framework: erosolar-cli
- */
-import { AuthorizationRecord } from './core.js';
-/**
- * Categories of attack simulations
- */
-export declare enum AttackCategory {
-    RECONNAISSANCE = "reconnaissance",
-    WEB_APPLICATION = "web_application",
-    AUTHENTICATION = "authentication",
-    INJECTION = "injection",
-    MISCONFIGURATION = "misconfiguration",
-    PRIVILEGE_ESCALATION = "privilege_escalation",
-    DATA_EXFILTRATION = "data_exfiltration"
-}
-/**
- * MITRE ATT&CK inspired attack phases
- */
-export declare enum AttackPhase {
-    INITIAL_ACCESS = "initial_access",
-    EXECUTION = "execution",
-    PERSISTENCE = "persistence",
-    PRIVILEGE_ESCALATION = "privilege_escalation",
-    DEFENSE_EVASION = "defense_evasion",
-    CREDENTIAL_ACCESS = "credential_access",
-    DISCOVERY = "discovery",
-    LATERAL_MOVEMENT = "lateral_movement",
-    COLLECTION = "collection",
-    EXFILTRATION = "exfiltration",
-    IMPACT = "impact"
-}
-/**
- * Attack vector definition
- */
-export interface AttackVector {
-    name: string;
-    category: AttackCategory;
-    phase: AttackPhase;
-    description: string;
-    techniqueId: string;
-    prerequisites: string[];
-    detectionMethods: string[];
-    mitigations: string[];
-}
-/**
- * Attack simulation result
- */
-export interface AttackSimulationResult {
-    vector: AttackVector;
-    target: string;
-    timestamp: number;
-    success: boolean;
-    evidence: string[];
-    artifacts: Record<string, unknown>;
-    detectionTriggered: boolean;
-    durationMs: number;
-    notes: string;
-}
-/**
- * Common attack vectors based on OWASP Top 10 and MITRE ATT&CK
- */
-export declare const ATTACK_VECTORS: Record<string, AttackVector>;
-/**
- * Payload generator for security testing
- */
-export declare class PayloadGenerator {
-    /**
-     * Generate SQL injection test payloads
-     */
-    static sqlInjectionPayloads(): string[];
-    /**
-     * Generate XSS test payloads
-     */
-    static xssPayloads(): string[];
-    /**
-     * Generate path traversal test payloads
-     */
-    static pathTraversalPayloads(): string[];
-    /**
-     * Encode payload
-     */
-    static encodePayload(payload: string, encoding: 'base64' | 'url' | 'hex' | 'none'): string;
-}
-/**
- * Attack simulator
- */
-export declare class AttackSimulator {
-    private authorization;
-    private verbose;
-    results: AttackSimulationResult[];
-    constructor(authorization: AuthorizationRecord, verbose?: boolean);
-    /**
-     * Check authorization
-     */
-    private checkAuthorization;
-    /**
-     * Simulate an attack vector
-     */
-    simulateAttack(target: string, vectorId: string, dryRun?: boolean): Promise<AttackSimulationResult>;
-    /**
-     * Get payloads for a vector
-     */
-    private getPayloadsForVector;
-    /**
-     * Get vectors by category
-     */
-    getVectorsByCategory(category: AttackCategory): AttackVector[];
-    /**
-     * Get vectors by phase
-     */
-    getVectorsByPhase(phase: AttackPhase): AttackVector[];
-    /**
-     * Generate report
-     */
-    generateReport(): string;
-}
-//# sourceMappingURL=simulation.d.ts.map

package/dist/alpha-zero/security/simulation.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"simulation.d.ts","sourceRoot":"","sources":["../../../src/alpha-zero/security/simulation.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,mBAAmB,EAAsB,MAAM,WAAW,CAAC;AAEpE;;GAEG;AACH,oBAAY,cAAc;IACxB,cAAc,mBAAmB;IACjC,eAAe,oBAAoB;IACnC,cAAc,mBAAmB;IACjC,SAAS,cAAc;IACvB,gBAAgB,qBAAqB;IACrC,oBAAoB,yBAAyB;IAC7C,iBAAiB,sBAAsB;CACxC;AAED;;GAEG;AACH,oBAAY,WAAW;IACrB,cAAc,mBAAmB;IACjC,SAAS,cAAc;IACvB,WAAW,gBAAgB;IAC3B,oBAAoB,yBAAyB;IAC7C,eAAe,oBAAoB;IACnC,iBAAiB,sBAAsB;IACvC,SAAS,cAAc;IACvB,gBAAgB,qBAAqB;IACrC,UAAU,eAAe;IACzB,YAAY,iBAAiB;IAC7B,MAAM,WAAW;CAClB;AAED;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,cAAc,CAAC;IACzB,KAAK,EAAE,WAAW,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,aAAa,EAAE,MAAM,EAAE,CAAC;IACxB,gBAAgB,EAAE,MAAM,EAAE,CAAC;IAC3B,WAAW,EAAE,MAAM,EAAE,CAAC;CACvB;AAED;;GAEG;AACH,MAAM,WAAW,sBAAsB;IACrC,MAAM,EAAE,YAAY,CAAC;IACrB,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,OAAO,CAAC;IACjB,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACnC,kBAAkB,EAAE,OAAO,CAAC;IAC5B,UAAU,EAAE,MAAM,CAAC;IACnB,KAAK,EAAE,MAAM,CAAC;CACf;AAED;;GAEG;AACH,eAAO,MAAM,cAAc,EAAE,MAAM,CAAC,MAAM,EAAE,YAAY,CAmDvD,CAAC;AAEF;;GAEG;AACH,qBAAa,gBAAgB;IAC3B;;OAEG;IACH,MAAM,CAAC,oBAAoB,IAAI,MAAM,EAAE;IAUvC;;OAEG;IACH,MAAM,CAAC,WAAW,IAAI,MAAM,EAAE;IAS9B;;OAEG;IACH,MAAM,CAAC,qBAAqB,IAAI,MAAM,EAAE;IASxC;;OAEG;IACH,MAAM,CAAC,aAAa,CAAC,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,QAAQ,GAAG,KAAK,GAAG,KAAK,GAAG,MAAM,GAAG,MAAM;CAY3F;AAED;;GAEG;AACH,qBAAa,eAAe;IAC1B,OAAO,CAAC,aAAa,CAAsB;IAC3C,OAAO,CAAC,OAAO,CAAU;IAClB,OAAO,EAAE,sBAAsB,EAAE,CAAM;gBAElC,aAAa,EAAE,mBAAmB,EAAE,OAAO,UAAQ;IAK/D;;OAEG;IACH,OAAO,CAAC,kBAAkB;IAyB1B;;OAEG;IACG,cAAc,CAClB,MAAM,EAAE,MAAM,EACd,QAAQ,EAAE,MAAM,EAChB,MAAM,UAAO,GACZ,OAAO,CAAC,sBAAsB,CAAC;IA6ClC;;OAEG;IACH,OAAO,CAAC,oBAAoB;IAa5B;;OAEG;IACH,oBAAoB,CAAC,QAAQ,EAAE,cAAc,GAAG,YAAY,EAAE;IAI9D;;OAEG;IACH,iBAAiB,CAAC,KAAK,EAAE,WAAW,GAAG,YAAY,EAAE;IAIrD;;OAEG;IACH,cAAc,IAAI,MAAM;CAwBzB"}