npm - erosolar-cli - Versions diffs - 1.7.344 → 1.7.346 - Mend

erosolar-cli 1.7.344 → 1.7.346

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (328) hide show

package/README.md +148 -24
package/dist/alpha-zero/agentWrapper.d.ts +84 -0
package/dist/alpha-zero/agentWrapper.d.ts.map +1 -0
package/dist/alpha-zero/agentWrapper.js +171 -0
package/dist/alpha-zero/agentWrapper.js.map +1 -0
package/dist/alpha-zero/codeEvaluator.d.ts +25 -0
package/dist/alpha-zero/codeEvaluator.d.ts.map +1 -0
package/dist/alpha-zero/codeEvaluator.js +273 -0
package/dist/alpha-zero/codeEvaluator.js.map +1 -0
package/dist/alpha-zero/competitiveRunner.d.ts +66 -0
package/dist/alpha-zero/competitiveRunner.d.ts.map +1 -0
package/dist/alpha-zero/competitiveRunner.js +224 -0
package/dist/alpha-zero/competitiveRunner.js.map +1 -0
package/dist/alpha-zero/index.d.ts +67 -0
package/dist/alpha-zero/index.d.ts.map +1 -0
package/dist/alpha-zero/index.js +99 -0
package/dist/alpha-zero/index.js.map +1 -0
package/dist/alpha-zero/introspection.d.ts +128 -0
package/dist/alpha-zero/introspection.d.ts.map +1 -0
package/dist/alpha-zero/introspection.js +300 -0
package/dist/alpha-zero/introspection.js.map +1 -0
package/dist/alpha-zero/metricsTracker.d.ts +71 -0
package/dist/alpha-zero/metricsTracker.d.ts.map +1 -0
package/dist/{core → alpha-zero}/metricsTracker.js +5 -2
package/dist/alpha-zero/metricsTracker.js.map +1 -0
package/dist/alpha-zero/security/core.d.ts +125 -0
package/dist/alpha-zero/security/core.d.ts.map +1 -0
package/dist/alpha-zero/security/core.js +271 -0
package/dist/alpha-zero/security/core.js.map +1 -0
package/dist/alpha-zero/security/google.d.ts +125 -0
package/dist/alpha-zero/security/google.d.ts.map +1 -0
package/dist/alpha-zero/security/google.js +311 -0
package/dist/alpha-zero/security/google.js.map +1 -0
package/dist/alpha-zero/security/googleLoader.d.ts +17 -0
package/dist/alpha-zero/security/googleLoader.d.ts.map +1 -0
package/dist/alpha-zero/security/googleLoader.js +41 -0
package/dist/alpha-zero/security/googleLoader.js.map +1 -0
package/dist/alpha-zero/security/index.d.ts +29 -0
package/dist/alpha-zero/security/index.d.ts.map +1 -0
package/dist/alpha-zero/security/index.js +32 -0
package/dist/alpha-zero/security/index.js.map +1 -0
package/dist/alpha-zero/security/simulation.d.ts +124 -0
package/dist/alpha-zero/security/simulation.d.ts.map +1 -0
package/dist/alpha-zero/security/simulation.js +277 -0
package/dist/alpha-zero/security/simulation.js.map +1 -0
package/dist/alpha-zero/selfModification.d.ts +109 -0
package/dist/alpha-zero/selfModification.d.ts.map +1 -0
package/dist/alpha-zero/selfModification.js +233 -0
package/dist/alpha-zero/selfModification.js.map +1 -0
package/dist/alpha-zero/types.d.ts +170 -0
package/dist/alpha-zero/types.d.ts.map +1 -0
package/dist/alpha-zero/types.js +31 -0
package/dist/alpha-zero/types.js.map +1 -0
package/dist/bin/erosolar.js +21 -5
package/dist/bin/erosolar.js.map +1 -1
package/dist/capabilities/agentSpawningCapability.d.ts.map +1 -1
package/dist/capabilities/agentSpawningCapability.js +31 -56
package/dist/capabilities/agentSpawningCapability.js.map +1 -1
package/dist/capabilities/securityTestingCapability.d.ts +13 -0
package/dist/capabilities/securityTestingCapability.d.ts.map +1 -0
package/dist/capabilities/securityTestingCapability.js +25 -0
package/dist/capabilities/securityTestingCapability.js.map +1 -0
package/dist/contracts/agent-schemas.json +15 -0
package/dist/contracts/tools.schema.json +9 -0
package/dist/core/agent.d.ts +2 -2
package/dist/core/agent.d.ts.map +1 -1
package/dist/core/agent.js.map +1 -1
package/dist/core/aiFlowOptimizer.d.ts +26 -0
package/dist/core/aiFlowOptimizer.d.ts.map +1 -0
package/dist/core/aiFlowOptimizer.js +31 -0
package/dist/core/aiFlowOptimizer.js.map +1 -0
package/dist/core/aiOptimizationEngine.d.ts +158 -0
package/dist/core/aiOptimizationEngine.d.ts.map +1 -0
package/dist/core/aiOptimizationEngine.js +428 -0
package/dist/core/aiOptimizationEngine.js.map +1 -0
package/dist/core/aiOptimizationIntegration.d.ts +93 -0
package/dist/core/aiOptimizationIntegration.d.ts.map +1 -0
package/dist/core/aiOptimizationIntegration.js +250 -0
package/dist/core/aiOptimizationIntegration.js.map +1 -0
package/dist/core/customCommands.d.ts +0 -1
package/dist/core/customCommands.d.ts.map +1 -1
package/dist/core/customCommands.js +0 -3
package/dist/core/customCommands.js.map +1 -1
package/dist/core/enhancedErrorRecovery.d.ts +100 -0
package/dist/core/enhancedErrorRecovery.d.ts.map +1 -0
package/dist/core/enhancedErrorRecovery.js +345 -0
package/dist/core/enhancedErrorRecovery.js.map +1 -0
package/dist/core/hooksSystem.d.ts +65 -0
package/dist/core/hooksSystem.d.ts.map +1 -0
package/dist/core/hooksSystem.js +273 -0
package/dist/core/hooksSystem.js.map +1 -0
package/dist/core/memorySystem.d.ts +48 -0
package/dist/core/memorySystem.d.ts.map +1 -0
package/dist/core/memorySystem.js +271 -0
package/dist/core/memorySystem.js.map +1 -0
package/dist/core/sessionStore.d.ts +0 -2
package/dist/core/sessionStore.d.ts.map +1 -1
package/dist/core/sessionStore.js +0 -1
package/dist/core/sessionStore.js.map +1 -1
package/dist/core/toolPreconditions.d.ts.map +1 -1
package/dist/core/toolPreconditions.js +14 -0
package/dist/core/toolPreconditions.js.map +1 -1
package/dist/core/toolRuntime.d.ts +1 -22
package/dist/core/toolRuntime.d.ts.map +1 -1
package/dist/core/toolRuntime.js +5 -0
package/dist/core/toolRuntime.js.map +1 -1
package/dist/core/toolValidation.d.ts.map +1 -1
package/dist/core/toolValidation.js +3 -14
package/dist/core/toolValidation.js.map +1 -1
package/dist/core/unified/errors.d.ts +189 -0
package/dist/core/unified/errors.d.ts.map +1 -0
package/dist/core/unified/errors.js +497 -0
package/dist/core/unified/errors.js.map +1 -0
package/dist/core/unified/index.d.ts +19 -0
package/dist/core/unified/index.d.ts.map +1 -0
package/dist/core/unified/index.js +68 -0
package/dist/core/unified/index.js.map +1 -0
package/dist/core/unified/schema.d.ts +101 -0
package/dist/core/unified/schema.d.ts.map +1 -0
package/dist/core/unified/schema.js +350 -0
package/dist/core/unified/schema.js.map +1 -0
package/dist/core/unified/toolRuntime.d.ts +179 -0
package/dist/core/unified/toolRuntime.d.ts.map +1 -0
package/dist/core/unified/toolRuntime.js +517 -0
package/dist/core/unified/toolRuntime.js.map +1 -0
package/dist/core/unified/tools.d.ts +127 -0
package/dist/core/unified/tools.d.ts.map +1 -0
package/dist/core/unified/tools.js +1333 -0
package/dist/core/unified/tools.js.map +1 -0
package/dist/core/unified/types.d.ts +352 -0
package/dist/core/unified/types.d.ts.map +1 -0
package/dist/core/unified/types.js +12 -0
package/dist/core/unified/types.js.map +1 -0
package/dist/core/unified/version.d.ts +209 -0
package/dist/core/unified/version.d.ts.map +1 -0
package/dist/core/unified/version.js +454 -0
package/dist/core/unified/version.js.map +1 -0
package/dist/core/validationRunner.d.ts +3 -1
package/dist/core/validationRunner.d.ts.map +1 -1
package/dist/core/validationRunner.js.map +1 -1
package/dist/headless/headlessApp.d.ts.map +1 -1
package/dist/headless/headlessApp.js +0 -21
package/dist/headless/headlessApp.js.map +1 -1
package/dist/mcp/sseClient.d.ts.map +1 -1
package/dist/mcp/sseClient.js +18 -9
package/dist/mcp/sseClient.js.map +1 -1
package/dist/plugins/tools/build/buildPlugin.d.ts +6 -0
package/dist/plugins/tools/build/buildPlugin.d.ts.map +1 -1
package/dist/plugins/tools/build/buildPlugin.js +10 -4
package/dist/plugins/tools/build/buildPlugin.js.map +1 -1
package/dist/plugins/tools/nodeDefaults.d.ts.map +1 -1
package/dist/plugins/tools/nodeDefaults.js +2 -0
package/dist/plugins/tools/nodeDefaults.js.map +1 -1
package/dist/plugins/tools/security/securityPlugin.d.ts +3 -0
package/dist/plugins/tools/security/securityPlugin.d.ts.map +1 -0
package/dist/plugins/tools/security/securityPlugin.js +12 -0
package/dist/plugins/tools/security/securityPlugin.js.map +1 -0
package/dist/runtime/agentSession.d.ts +2 -2
package/dist/runtime/agentSession.d.ts.map +1 -1
package/dist/runtime/agentSession.js +2 -2
package/dist/runtime/agentSession.js.map +1 -1
package/dist/security/active-stack-security.d.ts +112 -0
package/dist/security/active-stack-security.d.ts.map +1 -0
package/dist/security/active-stack-security.js +296 -0
package/dist/security/active-stack-security.js.map +1 -0
package/dist/security/advanced-persistence-research.d.ts +92 -0
package/dist/security/advanced-persistence-research.d.ts.map +1 -0
package/dist/security/advanced-persistence-research.js +195 -0
package/dist/security/advanced-persistence-research.js.map +1 -0
package/dist/security/advanced-targeting.d.ts +119 -0
package/dist/security/advanced-targeting.d.ts.map +1 -0
package/dist/security/advanced-targeting.js +233 -0
package/dist/security/advanced-targeting.js.map +1 -0
package/dist/security/assessment/vulnerabilityAssessment.d.ts +104 -0
package/dist/security/assessment/vulnerabilityAssessment.d.ts.map +1 -0
package/dist/security/assessment/vulnerabilityAssessment.js +315 -0
package/dist/security/assessment/vulnerabilityAssessment.js.map +1 -0
package/dist/security/authorization/securityAuthorization.d.ts +88 -0
package/dist/security/authorization/securityAuthorization.d.ts.map +1 -0
package/dist/security/authorization/securityAuthorization.js +172 -0
package/dist/security/authorization/securityAuthorization.js.map +1 -0
package/dist/security/comprehensive-targeting.d.ts +85 -0
package/dist/security/comprehensive-targeting.d.ts.map +1 -0
package/dist/security/comprehensive-targeting.js +438 -0
package/dist/security/comprehensive-targeting.js.map +1 -0
package/dist/security/global-security-integration.d.ts +91 -0
package/dist/security/global-security-integration.d.ts.map +1 -0
package/dist/security/global-security-integration.js +218 -0
package/dist/security/global-security-integration.js.map +1 -0
package/dist/security/index.d.ts +38 -0
package/dist/security/index.d.ts.map +1 -0
package/dist/security/index.js +47 -0
package/dist/security/index.js.map +1 -0
package/dist/security/persistence-analyzer.d.ts +56 -0
package/dist/security/persistence-analyzer.d.ts.map +1 -0
package/dist/security/persistence-analyzer.js +187 -0
package/dist/security/persistence-analyzer.js.map +1 -0
package/dist/security/persistence-cli.d.ts +36 -0
package/dist/security/persistence-cli.d.ts.map +1 -0
package/dist/security/persistence-cli.js +160 -0
package/dist/security/persistence-cli.js.map +1 -0
package/dist/security/persistence-research.d.ts +92 -0
package/dist/security/persistence-research.d.ts.map +1 -0
package/dist/security/persistence-research.js +364 -0
package/dist/security/persistence-research.js.map +1 -0
package/dist/security/research/persistenceResearch.d.ts +97 -0
package/dist/security/research/persistenceResearch.d.ts.map +1 -0
package/dist/security/research/persistenceResearch.js +282 -0
package/dist/security/research/persistenceResearch.js.map +1 -0
package/dist/security/security-integration.d.ts +74 -0
package/dist/security/security-integration.d.ts.map +1 -0
package/dist/security/security-integration.js +137 -0
package/dist/security/security-integration.js.map +1 -0
package/dist/security/security-testing-framework.d.ts +112 -0
package/dist/security/security-testing-framework.d.ts.map +1 -0
package/dist/security/security-testing-framework.js +364 -0
package/dist/security/security-testing-framework.js.map +1 -0
package/dist/security/simulation/attackSimulation.d.ts +93 -0
package/dist/security/simulation/attackSimulation.d.ts.map +1 -0
package/dist/security/simulation/attackSimulation.js +341 -0
package/dist/security/simulation/attackSimulation.js.map +1 -0
package/dist/security/strategic-operations.d.ts +100 -0
package/dist/security/strategic-operations.d.ts.map +1 -0
package/dist/security/strategic-operations.js +276 -0
package/dist/security/strategic-operations.js.map +1 -0
package/dist/security/tool-security-wrapper.d.ts +58 -0
package/dist/security/tool-security-wrapper.d.ts.map +1 -0
package/dist/security/tool-security-wrapper.js +156 -0
package/dist/security/tool-security-wrapper.js.map +1 -0
package/dist/shell/claudeCodeStreamHandler.d.ts +145 -0
package/dist/shell/claudeCodeStreamHandler.d.ts.map +1 -0
package/dist/shell/claudeCodeStreamHandler.js +322 -0
package/dist/shell/claudeCodeStreamHandler.js.map +1 -0
package/dist/shell/inputQueueManager.d.ts +144 -0
package/dist/shell/inputQueueManager.d.ts.map +1 -0
package/dist/shell/inputQueueManager.js +290 -0
package/dist/shell/inputQueueManager.js.map +1 -0
package/dist/shell/interactiveShell.d.ts +7 -19
package/dist/shell/interactiveShell.d.ts.map +1 -1
package/dist/shell/interactiveShell.js +166 -271
package/dist/shell/interactiveShell.js.map +1 -1
package/dist/shell/metricsTracker.d.ts +60 -0
package/dist/shell/metricsTracker.d.ts.map +1 -0
package/dist/shell/metricsTracker.js +119 -0
package/dist/shell/metricsTracker.js.map +1 -0
package/dist/shell/shellApp.d.ts +0 -2
package/dist/shell/shellApp.d.ts.map +1 -1
package/dist/shell/shellApp.js +9 -82
package/dist/shell/shellApp.js.map +1 -1
package/dist/shell/streamingOutputManager.d.ts +115 -0
package/dist/shell/streamingOutputManager.d.ts.map +1 -0
package/dist/shell/streamingOutputManager.js +225 -0
package/dist/shell/streamingOutputManager.js.map +1 -0
package/dist/shell/systemPrompt.d.ts.map +1 -1
package/dist/shell/systemPrompt.js +4 -1
package/dist/shell/systemPrompt.js.map +1 -1
package/dist/shell/terminalInput.d.ts +120 -218
package/dist/shell/terminalInput.d.ts.map +1 -1
package/dist/shell/terminalInput.js +537 -932
package/dist/shell/terminalInput.js.map +1 -1
package/dist/shell/terminalInputAdapter.d.ts +21 -99
package/dist/shell/terminalInputAdapter.d.ts.map +1 -1
package/dist/shell/terminalInputAdapter.js +30 -135
package/dist/shell/terminalInputAdapter.js.map +1 -1
package/dist/subagents/taskRunner.d.ts +1 -7
package/dist/subagents/taskRunner.d.ts.map +1 -1
package/dist/subagents/taskRunner.js +47 -180
package/dist/subagents/taskRunner.js.map +1 -1
package/dist/tools/securityTools.d.ts +22 -0
package/dist/tools/securityTools.d.ts.map +1 -0
package/dist/tools/securityTools.js +448 -0
package/dist/tools/securityTools.js.map +1 -0
package/dist/ui/ShellUIAdapter.d.ts +1 -7
package/dist/ui/ShellUIAdapter.d.ts.map +1 -1
package/dist/ui/ShellUIAdapter.js +18 -42
package/dist/ui/ShellUIAdapter.js.map +1 -1
package/dist/ui/display.d.ts +45 -24
package/dist/ui/display.d.ts.map +1 -1
package/dist/ui/display.js +259 -140
package/dist/ui/display.js.map +1 -1
package/dist/ui/persistentPrompt.d.ts +50 -0
package/dist/ui/persistentPrompt.d.ts.map +1 -0
package/dist/ui/persistentPrompt.js +92 -0
package/dist/ui/persistentPrompt.js.map +1 -0
package/dist/ui/terminalUISchema.d.ts +195 -0
package/dist/ui/terminalUISchema.d.ts.map +1 -0
package/dist/ui/terminalUISchema.js +113 -0
package/dist/ui/terminalUISchema.js.map +1 -0
package/dist/ui/theme.d.ts.map +1 -1
package/dist/ui/theme.js +8 -6
package/dist/ui/theme.js.map +1 -1
package/dist/ui/toolDisplay.d.ts +158 -0
package/dist/ui/toolDisplay.d.ts.map +1 -1
package/dist/ui/toolDisplay.js +348 -0
package/dist/ui/toolDisplay.js.map +1 -1
package/dist/ui/unified/layout.d.ts +0 -20
package/dist/ui/unified/layout.d.ts.map +1 -1
package/dist/ui/unified/layout.js +216 -29
package/dist/ui/unified/layout.js.map +1 -1
package/package.json +4 -4
package/scripts/deploy-security-capabilities.js +178 -0
package/dist/core/hooks.d.ts +0 -113
package/dist/core/hooks.d.ts.map +0 -1
package/dist/core/hooks.js +0 -267
package/dist/core/hooks.js.map +0 -1
package/dist/core/metricsTracker.d.ts +0 -122
package/dist/core/metricsTracker.d.ts.map +0 -1
package/dist/core/metricsTracker.js.map +0 -1
package/dist/core/securityAssessment.d.ts +0 -91
package/dist/core/securityAssessment.d.ts.map +0 -1
package/dist/core/securityAssessment.js +0 -580
package/dist/core/securityAssessment.js.map +0 -1
package/dist/core/verification.d.ts +0 -137
package/dist/core/verification.d.ts.map +0 -1
package/dist/core/verification.js +0 -323
package/dist/core/verification.js.map +0 -1
package/dist/subagents/agentConfig.d.ts +0 -27
package/dist/subagents/agentConfig.d.ts.map +0 -1
package/dist/subagents/agentConfig.js +0 -89
package/dist/subagents/agentConfig.js.map +0 -1
package/dist/subagents/agentRegistry.d.ts +0 -33
package/dist/subagents/agentRegistry.d.ts.map +0 -1
package/dist/subagents/agentRegistry.js +0 -162
package/dist/subagents/agentRegistry.js.map +0 -1
package/dist/utils/frontmatter.d.ts +0 -10
package/dist/utils/frontmatter.d.ts.map +0 -1
package/dist/utils/frontmatter.js +0 -78
package/dist/utils/frontmatter.js.map +0 -1

package/dist/security/active-stack-security.js ADDED Viewed

@@ -0,0 +1,296 @@
+/**
+ * Active Stack Security Module
+ *
+ * Ensures Erosolar CLI only operates on the active stack and nothing else.
+ * Implements strict security rules to prevent vulnerabilities and unauthorized operations.
+ *
+ * @license MIT
+ * @author Bo Shang
+ *
+ * DISCLAIMER: This software is provided for security testing and defensive purposes only.
+ * Users are solely responsible for ensuring their use complies with applicable laws.
+ */
+export class ActiveStackSecurity {
+    config;
+    securityLog = [];
+    constructor(config) {
+        this.config = {
+            enabled: true,
+            allowedScopes: {
+                cwd: true,
+                nodeProjects: true,
+                gitRepos: true,
+                tempDirs: true,
+            },
+            blockedOperations: {
+                systemFiles: true,
+                unauthorizedNetworking: true,
+                outOfScopeFiles: true,
+                privilegedOps: true,
+            },
+            validation: {
+                workspaceContext: true,
+                pathValidation: true,
+                patternDetection: true,
+                securityLogging: true,
+            },
+            ...config,
+        };
+    }
+    /**
+     * Validate a file operation
+     */
+    validateFileOperation(filePath, operation) {
+        if (!this.config.enabled) {
+            return { allowed: true, severity: 'low' };
+        }
+        const normalizedPath = this.resolvePath(filePath);
+        const cwd = process.cwd();
+        // Check if path is within allowed scopes
+        const scopeCheck = this.validatePathScope(normalizedPath, cwd);
+        if (!scopeCheck.allowed) {
+            this.logSecurityEvent({
+                type: 'file_operation_blocked',
+                severity: 'high',
+                operation,
+                filePath: normalizedPath,
+                reason: scopeCheck.reason || 'Unknown reason',
+                timestamp: new Date(),
+            });
+            return scopeCheck;
+        }
+        // Check for suspicious patterns
+        const patternCheck = this.detectSuspiciousPatterns(normalizedPath);
+        if (!patternCheck.allowed) {
+            this.logSecurityEvent({
+                type: 'suspicious_pattern_detected',
+                severity: patternCheck.severity,
+                operation,
+                filePath: normalizedPath,
+                reason: patternCheck.reason || 'Unknown reason',
+                timestamp: new Date(),
+            });
+            return patternCheck;
+        }
+        // Check for system file protection
+        const systemCheck = this.validateSystemFileProtection(normalizedPath);
+        if (!systemCheck.allowed) {
+            this.logSecurityEvent({
+                type: 'system_file_protection',
+                severity: systemCheck.severity,
+                operation,
+                filePath: normalizedPath,
+                reason: systemCheck.reason || 'Unknown reason',
+                timestamp: new Date(),
+            });
+            return systemCheck;
+        }
+        return { allowed: true, severity: 'low' };
+    }
+    /**
+     * Validate a network operation
+     */
+    validateNetworkOperation(target, operation) {
+        if (!this.config.enabled) {
+            return { allowed: true, severity: 'low' };
+        }
+        // Check for localhost/127.0.0.1 operations (allowed for development)
+        if (this.isLocalhost(target)) {
+            return { allowed: true, severity: 'low' };
+        }
+        // Check for suspicious domains
+        const domainCheck = this.validateDomain(target);
+        if (!domainCheck.allowed) {
+            this.logSecurityEvent({
+                type: 'network_operation_blocked',
+                severity: domainCheck.severity,
+                operation,
+                target,
+                reason: domainCheck.reason || 'Unknown reason',
+                timestamp: new Date(),
+            });
+            return domainCheck;
+        }
+        return { allowed: true, severity: 'low' };
+    }
+    /**
+     * Validate a command execution
+     */
+    validateCommandExecution(command) {
+        if (!this.config.enabled) {
+            return { allowed: true, severity: 'low' };
+        }
+        // Check for dangerous commands
+        const commandCheck = this.validateCommandSafety(command);
+        if (!commandCheck.allowed) {
+            this.logSecurityEvent({
+                type: 'dangerous_command_blocked',
+                severity: commandCheck.severity,
+                operation: 'execute',
+                command,
+                reason: commandCheck.reason || 'Unknown reason',
+                timestamp: new Date(),
+            });
+            return commandCheck;
+        }
+        return { allowed: true, severity: 'low' };
+    }
+    /**
+     * Get security log
+     */
+    getSecurityLog() {
+        return [...this.securityLog];
+    }
+    /**
+     * Clear security log
+     */
+    clearSecurityLog() {
+        this.securityLog = [];
+    }
+    validatePathScope(filePath, cwd) {
+        // Check if path is within current working directory
+        if (!filePath.startsWith(cwd)) {
+            return {
+                allowed: false,
+                reason: 'File operation outside current working directory',
+                severity: 'high',
+                details: { filePath, cwd },
+            };
+        }
+        // Check for node_modules protection
+        if (filePath.includes('node_modules') && !filePath.includes(`${cwd}/node_modules`)) {
+            return {
+                allowed: false,
+                reason: 'Access to external node_modules directory',
+                severity: 'high',
+                details: { filePath, cwd },
+            };
+        }
+        // Check for system directory protection
+        const systemDirs = ['/etc', '/var', '/usr', '/bin', '/sbin', '/lib', '/sys', '/proc'];
+        for (const dir of systemDirs) {
+            if (filePath.startsWith(dir)) {
+                return {
+                    allowed: false,
+                    reason: 'Access to system directory',
+                    severity: 'critical',
+                    details: { filePath, systemDir: dir },
+                };
+            }
+        }
+        return { allowed: true, severity: 'low' };
+    }
+    detectSuspiciousPatterns(filePath) {
+        const suspiciousPatterns = [
+            { pattern: /\.(pem|key|env|secret|config)$/i, severity: 'high', reason: 'Sensitive file extension' },
+            { pattern: /(password|secret|token|api[_-]?key)/i, severity: 'medium', reason: 'Potential credential file' },
+            { pattern: /\.(bashrc|bash_profile|zshrc|profile)$/, severity: 'medium', reason: 'Shell configuration file' },
+            { pattern: /\.(git|ssh)\/config$/, severity: 'medium', reason: 'Git/SSH configuration' },
+        ];
+        for (const { pattern, severity, reason } of suspiciousPatterns) {
+            if (pattern.test(filePath)) {
+                return {
+                    allowed: false,
+                    reason: `${reason} detected`,
+                    severity: severity,
+                    details: { filePath, pattern: pattern.source },
+                };
+            }
+        }
+        return { allowed: true, severity: 'low' };
+    }
+    validateSystemFileProtection(filePath) {
+        const systemFiles = [
+            '/etc/passwd', '/etc/shadow', '/etc/hosts', '/etc/resolv.conf',
+            '/etc/ssh/ssh_config', '/etc/ssh/sshd_config',
+            '/var/log/', '/var/spool/', '/var/mail/',
+            '/usr/bin/', '/usr/sbin/', '/usr/lib/',
+        ];
+        for (const sysFile of systemFiles) {
+            if (filePath.startsWith(sysFile)) {
+                return {
+                    allowed: false,
+                    reason: 'Access to system file',
+                    severity: 'critical',
+                    details: { filePath, systemFile: sysFile },
+                };
+            }
+        }
+        return { allowed: true, severity: 'low' };
+    }
+    isLocalhost(target) {
+        const localhostPatterns = [
+            'localhost',
+            '127.0.0.1',
+            '::1',
+            '0.0.0.0',
+        ];
+        return localhostPatterns.some(pattern => target.includes(pattern));
+    }
+    validateDomain(target) {
+        const suspiciousDomains = [
+            'malicious.com',
+            'evil.org',
+            'hacker.net',
+            // Add more suspicious domains as needed
+        ];
+        for (const domain of suspiciousDomains) {
+            if (target.includes(domain)) {
+                return {
+                    allowed: false,
+                    reason: 'Suspicious domain detected',
+                    severity: 'high',
+                    details: { target, domain },
+                };
+            }
+        }
+        return { allowed: true, severity: 'low' };
+    }
+    validateCommandSafety(command) {
+        const dangerousCommands = [
+            { pattern: /rm\s+-rf/, severity: 'critical', reason: 'Recursive force delete' },
+            { pattern: /chmod\s+[0-7]{3,4}\s+/, severity: 'high', reason: 'File permission modification' },
+            { pattern: /chown\s+[^\s]+\s+/, severity: 'high', reason: 'File ownership change' },
+            { pattern: /dd\s+if=.*of=/, severity: 'critical', reason: 'Disk cloning/destruction' },
+            { pattern: /mkfs\./, severity: 'critical', reason: 'Filesystem creation' },
+            { pattern: /fdisk\s+/, severity: 'critical', reason: 'Partition manipulation' },
+            { pattern: /mount\s+/, severity: 'high', reason: 'Filesystem mounting' },
+            { pattern: /umount\s+/, severity: 'high', reason: 'Filesystem unmounting' },
+            { pattern: /passwd\s+/, severity: 'high', reason: 'Password change' },
+            { pattern: /useradd\s+/, severity: 'high', reason: 'User creation' },
+            { pattern: /userdel\s+/, severity: 'high', reason: 'User deletion' },
+        ];
+        for (const { pattern, severity, reason } of dangerousCommands) {
+            if (pattern.test(command)) {
+                return {
+                    allowed: false,
+                    reason: `${reason} command detected`,
+                    severity: severity,
+                    details: { command, pattern: pattern.source },
+                };
+            }
+        }
+        return { allowed: true, severity: 'low' };
+    }
+    logSecurityEvent(event) {
+        if (this.config.validation.securityLogging) {
+            this.securityLog.push(event);
+            // Keep log size manageable
+            if (this.securityLog.length > 1000) {
+                this.securityLog = this.securityLog.slice(-500);
+            }
+        }
+    }
+    resolvePath(filePath) {
+        // Simple path resolution - in a real implementation, use path.resolve
+        if (filePath.startsWith('/')) {
+            return filePath;
+        }
+        return `${process.cwd()}/${filePath}`;
+    }
+}
+/**
+ * Global active stack security instance
+ */
+export const activeStackSecurity = new ActiveStackSecurity();
+//# sourceMappingURL=active-stack-security.js.map

package/dist/security/active-stack-security.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"active-stack-security.js","sourceRoot":"","sources":["../../src/security/active-stack-security.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AA0DH,MAAM,OAAO,mBAAmB;IACtB,MAAM,CAA4B;IAClC,WAAW,GAAoB,EAAE,CAAC;IAE1C,YAAY,MAA2C;QACrD,IAAI,CAAC,MAAM,GAAG;YACZ,OAAO,EAAE,IAAI;YACb,aAAa,EAAE;gBACb,GAAG,EAAE,IAAI;gBACT,YAAY,EAAE,IAAI;gBAClB,QAAQ,EAAE,IAAI;gBACd,QAAQ,EAAE,IAAI;aACf;YACD,iBAAiB,EAAE;gBACjB,WAAW,EAAE,IAAI;gBACjB,sBAAsB,EAAE,IAAI;gBAC5B,eAAe,EAAE,IAAI;gBACrB,aAAa,EAAE,IAAI;aACpB;YACD,UAAU,EAAE;gBACV,gBAAgB,EAAE,IAAI;gBACtB,cAAc,EAAE,IAAI;gBACpB,gBAAgB,EAAE,IAAI;gBACtB,eAAe,EAAE,IAAI;aACtB;YACD,GAAG,MAAM;SACV,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,qBAAqB,CAAC,QAAgB,EAAE,SAAsC;QAC5E,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACzB,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC;QAC5C,CAAC;QAED,MAAM,cAAc,GAAG,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC;QAClD,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,EAAE,CAAC;QAE1B,yCAAyC;QACzC,MAAM,UAAU,GAAG,IAAI,CAAC,iBAAiB,CAAC,cAAc,EAAE,GAAG,CAAC,CAAC;QAC/D,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,CAAC;YACxB,IAAI,CAAC,gBAAgB,CAAC;gBACpB,IAAI,EAAE,wBAAwB;gBAC9B,QAAQ,EAAE,MAAM;gBAChB,SAAS;gBACT,QAAQ,EAAE,cAAc;gBACxB,MAAM,EAAE,UAAU,CAAC,MAAM,IAAI,gBAAgB;gBAC7C,SAAS,EAAE,IAAI,IAAI,EAAE;aACtB,CAAC,CAAC;YACH,OAAO,UAAU,CAAC;QACpB,CAAC;QAED,gCAAgC;QAChC,MAAM,YAAY,GAAG,IAAI,CAAC,wBAAwB,CAAC,cAAc,CAAC,CAAC;QACnE,IAAI,CAAC,YAAY,CAAC,OAAO,EAAE,CAAC;YAC1B,IAAI,CAAC,gBAAgB,CAAC;gBACpB,IAAI,EAAE,6BAA6B;gBACnC,QAAQ,EAAE,YAAY,CAAC,QAAQ;gBAC/B,SAAS;gBACT,QAAQ,EAAE,cAAc;gBACxB,MAAM,EAAE,YAAY,CAAC,MAAM,IAAI,gBAAgB;gBAC/C,SAAS,EAAE,IAAI,IAAI,EAAE;aACtB,CAAC,CAAC;YACH,OAAO,YAAY,CAAC;QACtB,CAAC;QAED,mCAAmC;QACnC,MAAM,WAAW,GAAG,IAAI,CAAC,4BAA4B,CAAC,cAAc,CAAC,CAAC;QACtE,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,CAAC;YACzB,IAAI,CAAC,gBAAgB,CAAC;gBACpB,IAAI,EAAE,wBAAwB;gBAC9B,QAAQ,EAAE,WAAW,CAAC,QAAQ;gBAC9B,SAAS;gBACT,QAAQ,EAAE,cAAc;gBACxB,MAAM,EAAE,WAAW,CAAC,MAAM,IAAI,gBAAgB;gBAC9C,SAAS,EAAE,IAAI,IAAI,EAAE;aACtB,CAAC,CAAC;YACH,OAAO,WAAW,CAAC;QACrB,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC;IAC5C,CAAC;IAED;;OAEG;IACH,wBAAwB,CAAC,MAAc,EAAE,SAAyC;QAChF,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACzB,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC;QAC5C,CAAC;QAED,qEAAqE;QACrE,IAAI,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,EAAE,CAAC;YAC7B,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC;QAC5C,CAAC;QAED,+BAA+B;QAC/B,MAAM,WAAW,GAAG,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;QAChD,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,CAAC;YACzB,IAAI,CAAC,gBAAgB,CAAC;gBACpB,IAAI,EAAE,2BAA2B;gBACjC,QAAQ,EAAE,WAAW,CAAC,QAAQ;gBAC9B,SAAS;gBACT,MAAM;gBACN,MAAM,EAAE,WAAW,CAAC,MAAM,IAAI,gBAAgB;gBAC9C,SAAS,EAAE,IAAI,IAAI,EAAE;aACtB,CAAC,CAAC;YACH,OAAO,WAAW,CAAC;QACrB,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC;IAC5C,CAAC;IAED;;OAEG;IACH,wBAAwB,CAAC,OAAe;QACtC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACzB,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC;QAC5C,CAAC;QAED,+BAA+B;QAC/B,MAAM,YAAY,GAAG,IAAI,CAAC,qBAAqB,CAAC,OAAO,CAAC,CAAC;QACzD,IAAI,CAAC,YAAY,CAAC,OAAO,EAAE,CAAC;YAC1B,IAAI,CAAC,gBAAgB,CAAC;gBACpB,IAAI,EAAE,2BAA2B;gBACjC,QAAQ,EAAE,YAAY,CAAC,QAAQ;gBAC/B,SAAS,EAAE,SAAS;gBACpB,OAAO;gBACP,MAAM,EAAE,YAAY,CAAC,MAAM,IAAI,gBAAgB;gBAC/C,SAAS,EAAE,IAAI,IAAI,EAAE;aACtB,CAAC,CAAC;YACH,OAAO,YAAY,CAAC;QACtB,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC;IAC5C,CAAC;IAED;;OAEG;IACH,cAAc;QACZ,OAAO,CAAC,GAAG,IAAI,CAAC,WAAW,CAAC,CAAC;IAC/B,CAAC;IAED;;OAEG;IACH,gBAAgB;QACd,IAAI,CAAC,WAAW,GAAG,EAAE,CAAC;IACxB,CAAC;IAEO,iBAAiB,CAAC,QAAgB,EAAE,GAAW;QACrD,oDAAoD;QACpD,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YAC9B,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,MAAM,EAAE,kDAAkD;gBAC1D,QAAQ,EAAE,MAAM;gBAChB,OAAO,EAAE,EAAE,QAAQ,EAAE,GAAG,EAAE;aAC3B,CAAC;QACJ,CAAC;QAED,oCAAoC;QACpC,IAAI,QAAQ,CAAC,QAAQ,CAAC,cAAc,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,GAAG,GAAK,eAAe,CAAC,EAAE,CAAC;YACrF,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,MAAM,EAAE,2CAA2C;gBACnD,QAAQ,EAAE,MAAM;gBAChB,OAAO,EAAE,EAAE,QAAQ,EAAE,GAAG,EAAE;aAC3B,CAAC;QACJ,CAAC;QAED,wCAAwC;QACxC,MAAM,UAAU,GAAG,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC;QACtF,KAAK,MAAM,GAAG,IAAI,UAAU,EAAE,CAAC;YAC7B,IAAI,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC7B,OAAO;oBACL,OAAO,EAAE,KAAK;oBACd,MAAM,EAAE,4BAA4B;oBACpC,QAAQ,EAAE,UAAU;oBACpB,OAAO,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,GAAG,EAAE;iBACtC,CAAC;YACJ,CAAC;QACH,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC;IAC5C,CAAC;IAEO,wBAAwB,CAAC,QAAgB;QAC/C,MAAM,kBAAkB,GAAG;YACzB,EAAE,OAAO,EAAE,iCAAiC,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,0BAA0B,EAAE;YACpG,EAAE,OAAO,EAAE,sCAAsC,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE,2BAA2B,EAAE;YAC5G,EAAE,OAAO,EAAE,wCAAwC,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE,0BAA0B,EAAE;YAC7G,EAAE,OAAO,EAAE,sBAAsB,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE,uBAAuB,EAAE;SACzF,CAAC;QAEF,KAAK,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,IAAI,kBAAkB,EAAE,CAAC;YAC/D,IAAI,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC3B,OAAO;oBACL,OAAO,EAAE,KAAK;oBACd,MAAM,EAAE,GAAG,MAAM,WAAW;oBAC5B,QAAQ,EAAE,QAA6B;oBACvC,OAAO,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,OAAO,CAAC,MAAM,EAAE;iBAC/C,CAAC;YACJ,CAAC;QACH,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC;IAC5C,CAAC;IAEO,4BAA4B,CAAC,QAAgB;QACnD,MAAM,WAAW,GAAG;YAClB,aAAa,EAAE,aAAa,EAAE,YAAY,EAAE,kBAAkB;YAC9D,qBAAqB,EAAE,sBAAsB;YAC7C,WAAW,EAAE,aAAa,EAAE,YAAY;YACxC,WAAW,EAAE,YAAY,EAAE,WAAW;SACvC,CAAC;QAEF,KAAK,MAAM,OAAO,IAAI,WAAW,EAAE,CAAC;YAClC,IAAI,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;gBACjC,OAAO;oBACL,OAAO,EAAE,KAAK;oBACd,MAAM,EAAE,uBAAuB;oBAC/B,QAAQ,EAAE,UAAU;oBACpB,OAAO,EAAE,EAAE,QAAQ,EAAE,UAAU,EAAE,OAAO,EAAE;iBAC3C,CAAC;YACJ,CAAC;QACH,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC;IAC5C,CAAC;IAEO,WAAW,CAAC,MAAc;QAChC,MAAM,iBAAiB,GAAG;YACxB,WAAW;YACX,WAAW;YACX,KAAK;YACL,SAAS;SACV,CAAC;QAEF,OAAO,iBAAiB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC;IACrE,CAAC;IAEO,cAAc,CAAC,MAAc;QACnC,MAAM,iBAAiB,GAAG;YACxB,eAAe;YACf,UAAU;YACV,YAAY;YACZ,wCAAwC;SACzC,CAAC;QAEF,KAAK,MAAM,MAAM,IAAI,iBAAiB,EAAE,CAAC;YACvC,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;gBAC5B,OAAO;oBACL,OAAO,EAAE,KAAK;oBACd,MAAM,EAAE,4BAA4B;oBACpC,QAAQ,EAAE,MAAM;oBAChB,OAAO,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE;iBAC5B,CAAC;YACJ,CAAC;QACH,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC;IAC5C,CAAC;IAEO,qBAAqB,CAAC,OAAe;QAC3C,MAAM,iBAAiB,GAAG;YACxB,EAAE,OAAO,EAAE,UAAU,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,EAAE,wBAAwB,EAAE;YAC/E,EAAE,OAAO,EAAE,uBAAuB,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,8BAA8B,EAAE;YAC9F,EAAE,OAAO,EAAE,mBAAmB,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,uBAAuB,EAAE;YACnF,EAAE,OAAO,EAAE,eAAe,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,EAAE,0BAA0B,EAAE;YACtF,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,EAAE,qBAAqB,EAAE;YAC1E,EAAE,OAAO,EAAE,UAAU,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,EAAE,wBAAwB,EAAE;YAC/E,EAAE,OAAO,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,qBAAqB,EAAE;YACxE,EAAE,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,uBAAuB,EAAE;YAC3E,EAAE,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,iBAAiB,EAAE;YACrE,EAAE,OAAO,EAAE,YAAY,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,eAAe,EAAE;YACpE,EAAE,OAAO,EAAE,YAAY,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,eAAe,EAAE;SACrE,CAAC;QAEF,KAAK,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,IAAI,iBAAiB,EAAE,CAAC;YAC9D,IAAI,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC1B,OAAO;oBACL,OAAO,EAAE,KAAK;oBACd,MAAM,EAAE,GAAG,MAAM,mBAAmB;oBACpC,QAAQ,EAAE,QAA+B;oBACzC,OAAO,EAAE,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC,MAAM,EAAE;iBAC9C,CAAC;YACJ,CAAC;QACH,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC;IAC5C,CAAC;IAEO,gBAAgB,CAAC,KAAoB;QAC3C,IAAI,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,eAAe,EAAE,CAAC;YAC3C,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAE7B,2BAA2B;YAC3B,IAAI,IAAI,CAAC,WAAW,CAAC,MAAM,GAAG,IAAI,EAAE,CAAC;gBACnC,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC;YAClD,CAAC;QACH,CAAC;IACH,CAAC;IAEO,WAAW,CAAC,QAAgB;QAClC,sEAAsE;QACtE,IAAI,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YAC7B,OAAO,QAAQ,CAAC;QAClB,CAAC;QACD,OAAO,GAAG,OAAO,CAAC,GAAG,EAAI,IAAM,QAAQ,EAAE,CAAC;IAC5C,CAAC;CACF;AAcD;;GAEG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAAG,IAAI,mBAAmB,EAAE,CAAC"}

package/dist/security/advanced-persistence-research.d.ts ADDED Viewed

@@ -0,0 +1,92 @@
+/**
+ * Advanced Persistence Research Toolkit
+ *
+ * Enhanced persistence mechanism analysis for comprehensive security research
+ * across enterprise environments, cloud platforms, and nation-state level targets.
+ *
+ * This module extends the existing persistence research with:
+ * - Advanced enterprise persistence techniques
+ * - Cloud platform persistence (AWS, Azure, GCP)
+ * - Container and orchestration persistence
+ * - Network and infrastructure persistence
+ * - Detection evasion and anti-forensics
+ *
+ * LEGAL NOTICE:
+ * For authorized security research, penetration testing, and red team exercises only.
+ * Requires explicit authorization and scope definition.
+ */
+export interface AdvancedPersistenceTechnique {
+    id: string;
+    name: string;
+    category: PersistenceCategory;
+    platform: Platform;
+    complexity: 'low' | 'medium' | 'high' | 'advanced';
+    stealth: number;
+    detectionDifficulty: 'easy' | 'medium' | 'hard' | 'very-hard';
+    mitreIds: string[];
+    description: string;
+    implementation: string[];
+    detectionMethods: string[];
+    countermeasures: string[];
+    indicators: string[];
+    tools: string[];
+}
+export declare enum PersistenceCategory {
+    ENTERPRISE = "enterprise",
+    CLOUD = "cloud",
+    CONTAINER = "container",
+    NETWORK = "network",
+    MEMORY = "memory",
+    BIOS_UEFI = "bios_uefi",
+    HARDWARE = "hardware",
+    SUPPLY_CHAIN = "supply_chain"
+}
+export declare enum Platform {
+    WINDOWS = "windows",
+    LINUX = "linux",
+    MACOS = "macos",
+    CROSS_PLATFORM = "cross-platform",
+    AWS = "aws",
+    AZURE = "azure",
+    GCP = "gcp",
+    KUBERNETES = "kubernetes",
+    DOCKER = "docker",
+    VMWARE = "vmware",
+    NETWORK = "network"
+}
+/**
+ * Advanced Enterprise Persistence Techniques
+ */
+export declare const ENTERPRISE_PERSISTENCE_TECHNIQUES: AdvancedPersistenceTechnique[];
+/**
+ * Cloud Platform Persistence Techniques
+ */
+export declare const CLOUD_PERSISTENCE_TECHNIQUES: AdvancedPersistenceTechnique[];
+/**
+ * Advanced Persistence Research Engine
+ */
+export declare class AdvancedPersistenceResearchEngine {
+    private techniques;
+    constructor();
+    /**
+     * Get techniques by platform
+     */
+    getTechniquesByPlatform(platform: Platform): AdvancedPersistenceTechnique[];
+    /**
+     * Get techniques by category
+     */
+    getTechniquesByCategory(category: PersistenceCategory): AdvancedPersistenceTechnique[];
+    /**
+     * Get techniques by stealth rating
+     */
+    getTechniquesByStealth(minStealth: number): AdvancedPersistenceTechnique[];
+    /**
+     * Generate comprehensive persistence research report
+     */
+    generateResearchReport(targetPlatforms: Platform[]): string;
+}
+/**
+ * Create a comprehensive persistence research toolkit
+ */
+export declare function createPersistenceResearchToolkit(): AdvancedPersistenceResearchEngine;
+//# sourceMappingURL=advanced-persistence-research.d.ts.map

package/dist/security/advanced-persistence-research.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"advanced-persistence-research.d.ts","sourceRoot":"","sources":["../../src/security/advanced-persistence-research.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,MAAM,WAAW,4BAA4B;IAC3C,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,mBAAmB,CAAC;IAC9B,QAAQ,EAAE,QAAQ,CAAC;IACnB,UAAU,EAAE,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU,CAAC;IACnD,OAAO,EAAE,MAAM,CAAC;IAChB,mBAAmB,EAAE,MAAM,GAAG,QAAQ,GAAG,MAAM,GAAG,WAAW,CAAC;IAC9D,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;IACpB,cAAc,EAAE,MAAM,EAAE,CAAC;IACzB,gBAAgB,EAAE,MAAM,EAAE,CAAC;IAC3B,eAAe,EAAE,MAAM,EAAE,CAAC;IAC1B,UAAU,EAAE,MAAM,EAAE,CAAC;IACrB,KAAK,EAAE,MAAM,EAAE,CAAC;CACjB;AAED,oBAAY,mBAAmB;IAC7B,UAAU,eAAe;IACzB,KAAK,UAAU;IACf,SAAS,cAAc;IACvB,OAAO,YAAY;IACnB,MAAM,WAAW;IACjB,SAAS,cAAc;IACvB,QAAQ,aAAa;IACrB,YAAY,iBAAiB;CAC9B;AAED,oBAAY,QAAQ;IAClB,OAAO,YAAY;IACnB,KAAK,UAAU;IACf,KAAK,UAAU;IACf,cAAc,mBAAmB;IACjC,GAAG,QAAQ;IACX,KAAK,UAAU;IACf,GAAG,QAAQ;IACX,UAAU,eAAe;IACzB,MAAM,WAAW;IACjB,MAAM,WAAW;IACjB,OAAO,YAAY;CACpB;AAED;;GAEG;AACH,eAAO,MAAM,iCAAiC,EAAE,4BAA4B,EAmC3E,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,4BAA4B,EAAE,4BAA4B,EAmCtE,CAAC;AAEF;;GAEG;AACH,qBAAa,iCAAiC;IAC5C,OAAO,CAAC,UAAU,CAAiC;;IASnD;;OAEG;IACH,uBAAuB,CAAC,QAAQ,EAAE,QAAQ,GAAG,4BAA4B,EAAE;IAI3E;;OAEG;IACH,uBAAuB,CAAC,QAAQ,EAAE,mBAAmB,GAAG,4BAA4B,EAAE;IAItF;;OAEG;IACH,sBAAsB,CAAC,UAAU,EAAE,MAAM,GAAG,4BAA4B,EAAE;IAI1E;;OAEG;IACH,sBAAsB,CAAC,eAAe,EAAE,QAAQ,EAAE,GAAG,MAAM;CA0C5D;AAED;;GAEG;AACH,wBAAgB,gCAAgC,sCAE/C"}

package/dist/security/advanced-persistence-research.js ADDED Viewed

@@ -0,0 +1,195 @@
+/**
+ * Advanced Persistence Research Toolkit
+ *
+ * Enhanced persistence mechanism analysis for comprehensive security research
+ * across enterprise environments, cloud platforms, and nation-state level targets.
+ *
+ * This module extends the existing persistence research with:
+ * - Advanced enterprise persistence techniques
+ * - Cloud platform persistence (AWS, Azure, GCP)
+ * - Container and orchestration persistence
+ * - Network and infrastructure persistence
+ * - Detection evasion and anti-forensics
+ *
+ * LEGAL NOTICE:
+ * For authorized security research, penetration testing, and red team exercises only.
+ * Requires explicit authorization and scope definition.
+ */
+export var PersistenceCategory;
+(function (PersistenceCategory) {
+    PersistenceCategory["ENTERPRISE"] = "enterprise";
+    PersistenceCategory["CLOUD"] = "cloud";
+    PersistenceCategory["CONTAINER"] = "container";
+    PersistenceCategory["NETWORK"] = "network";
+    PersistenceCategory["MEMORY"] = "memory";
+    PersistenceCategory["BIOS_UEFI"] = "bios_uefi";
+    PersistenceCategory["HARDWARE"] = "hardware";
+    PersistenceCategory["SUPPLY_CHAIN"] = "supply_chain";
+})(PersistenceCategory || (PersistenceCategory = {}));
+export var Platform;
+(function (Platform) {
+    Platform["WINDOWS"] = "windows";
+    Platform["LINUX"] = "linux";
+    Platform["MACOS"] = "macos";
+    Platform["CROSS_PLATFORM"] = "cross-platform";
+    Platform["AWS"] = "aws";
+    Platform["AZURE"] = "azure";
+    Platform["GCP"] = "gcp";
+    Platform["KUBERNETES"] = "kubernetes";
+    Platform["DOCKER"] = "docker";
+    Platform["VMWARE"] = "vmware";
+    Platform["NETWORK"] = "network";
+})(Platform || (Platform = {}));
+/**
+ * Advanced Enterprise Persistence Techniques
+ */
+export const ENTERPRISE_PERSISTENCE_TECHNIQUES = [
+    {
+        id: 'ent-active-directory-golden-ticket',
+        name: 'Active Directory Golden Ticket',
+        category: PersistenceCategory.ENTERPRISE,
+        platform: Platform.WINDOWS,
+        complexity: 'advanced',
+        stealth: 5,
+        detectionDifficulty: 'very-hard',
+        mitreIds: ['T1558.001'],
+        description: 'Forged Kerberos ticket granting ticket (TGT) with unlimited lifetime',
+        implementation: [
+            'Extract krbtgt account hash from domain controller',
+            'Forge TGT with extended lifetime and privileges',
+            'Use forged TGT to access any domain resource'
+        ],
+        detectionMethods: [
+            'Monitor for TGTs with unusual lifetimes (>10 hours)',
+            'Check for TGTs issued from non-DC systems',
+            'Analyze Kerberos event logs for anomalies',
+            'Use Microsoft ATA or Azure Sentinel'
+        ],
+        countermeasures: [
+            'Regularly rotate krbtgt account password (twice)',
+            'Implement LAPS for local admin passwords',
+            'Enable advanced audit policies',
+            'Use Protected Users group'
+        ],
+        indicators: [
+            'Kerberos TGT requests with extended lifetimes',
+            'Authentication from unusual locations',
+            'Multiple failed TGT validation attempts'
+        ],
+        tools: ['Mimikatz', 'Rubeus', 'Impacket']
+    }
+];
+/**
+ * Cloud Platform Persistence Techniques
+ */
+export const CLOUD_PERSISTENCE_TECHNIQUES = [
+    {
+        id: 'cloud-aws-backdoor-role',
+        name: 'AWS IAM Role Backdoor',
+        category: PersistenceCategory.CLOUD,
+        platform: Platform.AWS,
+        complexity: 'medium',
+        stealth: 3,
+        detectionDifficulty: 'medium',
+        mitreIds: ['T1078.004'],
+        description: 'Creates or modifies IAM roles with external entity trust for persistence',
+        implementation: [
+            'Create IAM role with external IDP trust (SAML/OIDC)',
+            'Modify existing role trust policy',
+            'Add cross-account access with broad permissions'
+        ],
+        detectionMethods: [
+            'Monitor CloudTrail for role modifications',
+            'Analyze IAM role trust policies',
+            'Check for external entity trusts',
+            'Use AWS Config rules'
+        ],
+        countermeasures: [
+            'Implement least privilege for IAM roles',
+            'Monitor for external trust modifications',
+            'Use AWS Organizations SCPs',
+            'Regular IAM security assessments'
+        ],
+        indicators: [
+            'IAM role policy modifications',
+            'New external identity provider trusts',
+            'Cross-account role assumptions'
+        ],
+        tools: ['AWS CLI', 'Pacu', 'CloudSploit']
+    }
+];
+/**
+ * Advanced Persistence Research Engine
+ */
+export class AdvancedPersistenceResearchEngine {
+    techniques;
+    constructor() {
+        this.techniques = [
+            ...ENTERPRISE_PERSISTENCE_TECHNIQUES,
+            ...CLOUD_PERSISTENCE_TECHNIQUES
+        ];
+    }
+    /**
+     * Get techniques by platform
+     */
+    getTechniquesByPlatform(platform) {
+        return this.techniques.filter(tech => tech.platform === platform);
+    }
+    /**
+     * Get techniques by category
+     */
+    getTechniquesByCategory(category) {
+        return this.techniques.filter(tech => tech.category === category);
+    }
+    /**
+     * Get techniques by stealth rating
+     */
+    getTechniquesByStealth(minStealth) {
+        return this.techniques.filter(tech => tech.stealth >= minStealth);
+    }
+    /**
+     * Generate comprehensive persistence research report
+     */
+    generateResearchReport(targetPlatforms) {
+        const report = [];
+        report.push('='.repeat(80));
+        report.push('ADVANCED PERSISTENCE RESEARCH REPORT');
+        report.push('='.repeat(80));
+        report.push(`Generated: ${new Date().toISOString()}`);
+        report.push(`Target Platforms: ${targetPlatforms.join(', ')}`);
+        report.push('');
+        for (const platform of targetPlatforms) {
+            const techniques = this.getTechniquesByPlatform(platform);
+            if (techniques.length > 0) {
+                report.push(`## ${platform.toUpperCase()} PERSISTENCE TECHNIQUES`);
+                report.push('');
+                for (const tech of techniques) {
+                    report.push(`### ${tech.name}`);
+                    report.push(`- **Stealth**: ${tech.stealth}/5`);
+                    report.push(`- **Complexity**: ${tech.complexity}`);
+                    report.push(`- **Detection Difficulty**: ${tech.detectionDifficulty}`);
+                    report.push(`- **MITRE ATT&CK**: ${tech.mitreIds.join(', ')}`);
+                    report.push(`- **Description**: ${tech.description}`);
+                    report.push('');
+                    report.push('#### Implementation Steps:');
+                    tech.implementation.forEach(step => report.push(`  - ${step}`));
+                    report.push('');
+                    report.push('#### Detection Methods:');
+                    tech.detectionMethods.forEach(method => report.push(`  - ${method}`));
+                    report.push('');
+                    report.push('#### Countermeasures:');
+                    tech.countermeasures.forEach(countermeasure => report.push(`  - ${countermeasure}`));
+                    report.push('');
+                }
+            }
+        }
+        return report.join('\n');
+    }
+}
+/**
+ * Create a comprehensive persistence research toolkit
+ */
+export function createPersistenceResearchToolkit() {
+    return new AdvancedPersistenceResearchEngine();
+}
+//# sourceMappingURL=advanced-persistence-research.js.map

package/dist/security/advanced-persistence-research.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"advanced-persistence-research.js","sourceRoot":"","sources":["../../src/security/advanced-persistence-research.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAmBH,MAAM,CAAN,IAAY,mBASX;AATD,WAAY,mBAAmB;IAC7B,gDAAyB,CAAA;IACzB,sCAAe,CAAA;IACf,8CAAuB,CAAA;IACvB,0CAAmB,CAAA;IACnB,wCAAiB,CAAA;IACjB,8CAAuB,CAAA;IACvB,4CAAqB,CAAA;IACrB,oDAA6B,CAAA;AAC/B,CAAC,EATW,mBAAmB,KAAnB,mBAAmB,QAS9B;AAED,MAAM,CAAN,IAAY,QAYX;AAZD,WAAY,QAAQ;IAClB,+BAAmB,CAAA;IACnB,2BAAe,CAAA;IACf,2BAAe,CAAA;IACf,6CAAiC,CAAA;IACjC,uBAAW,CAAA;IACX,2BAAe,CAAA;IACf,uBAAW,CAAA;IACX,qCAAyB,CAAA;IACzB,6BAAiB,CAAA;IACjB,6BAAiB,CAAA;IACjB,+BAAmB,CAAA;AACrB,CAAC,EAZW,QAAQ,KAAR,QAAQ,QAYnB;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,iCAAiC,GAAmC;IAC/E;QACE,EAAE,EAAE,oCAAoC;QACxC,IAAI,EAAE,gCAAgC;QACtC,QAAQ,EAAE,mBAAmB,CAAC,UAAU;QACxC,QAAQ,EAAE,QAAQ,CAAC,OAAO;QAC1B,UAAU,EAAE,UAAU;QACtB,OAAO,EAAE,CAAC;QACV,mBAAmB,EAAE,WAAW;QAChC,QAAQ,EAAE,CAAC,WAAW,CAAC;QACvB,WAAW,EAAE,sEAAsE;QACnF,cAAc,EAAE;YACd,oDAAoD;YACpD,iDAAiD;YACjD,8CAA8C;SAC/C;QACD,gBAAgB,EAAE;YAChB,qDAAqD;YACrD,2CAA2C;YAC3C,2CAA2C;YAC3C,qCAAqC;SACtC;QACD,eAAe,EAAE;YACf,kDAAkD;YAClD,0CAA0C;YAC1C,gCAAgC;YAChC,2BAA2B;SAC5B;QACD,UAAU,EAAE;YACV,+CAA+C;YAC/C,uCAAuC;YACvC,yCAAyC;SAC1C;QACD,KAAK,EAAE,CAAC,UAAU,EAAE,QAAQ,EAAE,UAAU,CAAC;KAC1C;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,4BAA4B,GAAmC;IAC1E;QACE,EAAE,EAAE,yBAAyB;QAC7B,IAAI,EAAE,uBAAuB;QAC7B,QAAQ,EAAE,mBAAmB,CAAC,KAAK;QACnC,QAAQ,EAAE,QAAQ,CAAC,GAAG;QACtB,UAAU,EAAE,QAAQ;QACpB,OAAO,EAAE,CAAC;QACV,mBAAmB,EAAE,QAAQ;QAC7B,QAAQ,EAAE,CAAC,WAAW,CAAC;QACvB,WAAW,EAAE,0EAA0E;QACvF,cAAc,EAAE;YACd,qDAAqD;YACrD,mCAAmC;YACnC,iDAAiD;SAClD;QACD,gBAAgB,EAAE;YAChB,2CAA2C;YAC3C,iCAAiC;YACjC,kCAAkC;YAClC,sBAAsB;SACvB;QACD,eAAe,EAAE;YACf,yCAAyC;YACzC,0CAA0C;YAC1C,4BAA4B;YAC5B,kCAAkC;SACnC;QACD,UAAU,EAAE;YACV,+BAA+B;YAC/B,uCAAuC;YACvC,gCAAgC;SACjC;QACD,KAAK,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,aAAa,CAAC;KAC1C;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,OAAO,iCAAiC;IACpC,UAAU,CAAiC;IAEnD;QACE,IAAI,CAAC,UAAU,GAAG;YAChB,GAAG,iCAAiC;YACpC,GAAG,4BAA4B;SAChC,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,uBAAuB,CAAC,QAAkB;QACxC,OAAO,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC;IACpE,CAAC;IAED;;OAEG;IACH,uBAAuB,CAAC,QAA6B;QACnD,OAAO,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC;IACpE,CAAC;IAED;;OAEG;IACH,sBAAsB,CAAC,UAAkB;QACvC,OAAO,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,OAAO,IAAI,UAAU,CAAC,CAAC;IACpE,CAAC;IAED;;OAEG;IACH,sBAAsB,CAAC,eAA2B;QAChD,MAAM,MAAM,GAAa,EAAE,CAAC;QAE5B,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;QAC5B,MAAM,CAAC,IAAI,CAAC,sCAAsC,CAAC,CAAC;QACpD,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;QAC5B,MAAM,CAAC,IAAI,CAAC,cAAc,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC;QACtD,MAAM,CAAC,IAAI,CAAC,qBAAqB,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC/D,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAEhB,KAAK,MAAM,QAAQ,IAAI,eAAe,EAAE,CAAC;YACvC,MAAM,UAAU,GAAG,IAAI,CAAC,uBAAuB,CAAC,QAAQ,CAAC,CAAC;YAC1D,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC1B,MAAM,CAAC,IAAI,CAAC,MAAM,QAAQ,CAAC,WAAW,EAAE,yBAAyB,CAAC,CAAC;gBACnE,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBAEhB,KAAK,MAAM,IAAI,IAAI,UAAU,EAAE,CAAC;oBAC9B,MAAM,CAAC,IAAI,CAAC,OAAO,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;oBAChC,MAAM,CAAC,IAAI,CAAC,kBAAkB,IAAI,CAAC,OAAO,IAAI,CAAC,CAAC;oBAChD,MAAM,CAAC,IAAI,CAAC,qBAAqB,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC;oBACpD,MAAM,CAAC,IAAI,CAAC,+BAA+B,IAAI,CAAC,mBAAmB,EAAE,CAAC,CAAC;oBACvE,MAAM,CAAC,IAAI,CAAC,uBAAuB,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;oBAC/D,MAAM,CAAC,IAAI,CAAC,sBAAsB,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC;oBACtD,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;oBAEhB,MAAM,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC;oBAC1C,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC,CAAC;oBAChE,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;oBAEhB,MAAM,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;oBACvC,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,MAAM,EAAE,CAAC,CAAC,CAAC;oBACtE,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;oBAEhB,MAAM,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;oBACrC,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,cAAc,CAAC,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,cAAc,EAAE,CAAC,CAAC,CAAC;oBACrF,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBAClB,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC3B,CAAC;CACF;AAED;;GAEG;AACH,MAAM,UAAU,gCAAgC;IAC9C,OAAO,IAAI,iCAAiC,EAAE,CAAC;AACjD,CAAC"}