erosolar-cli 1.7.356 → 1.7.358
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +24 -148
- package/dist/bin/erosolar.js +5 -21
- package/dist/bin/erosolar.js.map +1 -1
- package/dist/capabilities/agentSpawningCapability.d.ts.map +1 -1
- package/dist/capabilities/agentSpawningCapability.js +56 -31
- package/dist/capabilities/agentSpawningCapability.js.map +1 -1
- package/dist/contracts/agent-schemas.json +0 -15
- package/dist/contracts/tools.schema.json +0 -9
- package/dist/core/agent.d.ts +2 -2
- package/dist/core/agent.d.ts.map +1 -1
- package/dist/core/agent.js.map +1 -1
- package/dist/core/customCommands.d.ts +1 -0
- package/dist/core/customCommands.d.ts.map +1 -1
- package/dist/core/customCommands.js +3 -0
- package/dist/core/customCommands.js.map +1 -1
- package/dist/core/hooks.d.ts +113 -0
- package/dist/core/hooks.d.ts.map +1 -0
- package/dist/core/hooks.js +267 -0
- package/dist/core/hooks.js.map +1 -0
- package/dist/core/metricsTracker.d.ts +122 -0
- package/dist/core/metricsTracker.d.ts.map +1 -0
- package/dist/{alpha-zero → core}/metricsTracker.js +2 -5
- package/dist/core/metricsTracker.js.map +1 -0
- package/dist/core/securityAssessment.d.ts +91 -0
- package/dist/core/securityAssessment.d.ts.map +1 -0
- package/dist/core/securityAssessment.js +580 -0
- package/dist/core/securityAssessment.js.map +1 -0
- package/dist/core/sessionStore.d.ts +2 -0
- package/dist/core/sessionStore.d.ts.map +1 -1
- package/dist/core/sessionStore.js +1 -0
- package/dist/core/sessionStore.js.map +1 -1
- package/dist/core/toolPreconditions.d.ts.map +1 -1
- package/dist/core/toolPreconditions.js +0 -14
- package/dist/core/toolPreconditions.js.map +1 -1
- package/dist/core/toolRuntime.d.ts +22 -1
- package/dist/core/toolRuntime.d.ts.map +1 -1
- package/dist/core/toolRuntime.js +0 -5
- package/dist/core/toolRuntime.js.map +1 -1
- package/dist/core/toolValidation.d.ts.map +1 -1
- package/dist/core/toolValidation.js +14 -3
- package/dist/core/toolValidation.js.map +1 -1
- package/dist/core/validationRunner.d.ts +1 -3
- package/dist/core/validationRunner.d.ts.map +1 -1
- package/dist/core/validationRunner.js.map +1 -1
- package/dist/core/verification.d.ts +137 -0
- package/dist/core/verification.d.ts.map +1 -0
- package/dist/core/verification.js +323 -0
- package/dist/core/verification.js.map +1 -0
- package/dist/headless/headlessApp.d.ts.map +1 -1
- package/dist/headless/headlessApp.js +21 -0
- package/dist/headless/headlessApp.js.map +1 -1
- package/dist/mcp/sseClient.d.ts.map +1 -1
- package/dist/mcp/sseClient.js +9 -18
- package/dist/mcp/sseClient.js.map +1 -1
- package/dist/plugins/tools/build/buildPlugin.d.ts +0 -6
- package/dist/plugins/tools/build/buildPlugin.d.ts.map +1 -1
- package/dist/plugins/tools/build/buildPlugin.js +4 -10
- package/dist/plugins/tools/build/buildPlugin.js.map +1 -1
- package/dist/plugins/tools/nodeDefaults.d.ts.map +1 -1
- package/dist/plugins/tools/nodeDefaults.js +0 -2
- package/dist/plugins/tools/nodeDefaults.js.map +1 -1
- package/dist/runtime/agentSession.d.ts +2 -2
- package/dist/runtime/agentSession.d.ts.map +1 -1
- package/dist/runtime/agentSession.js +2 -2
- package/dist/runtime/agentSession.js.map +1 -1
- package/dist/shell/interactiveShell.d.ts +41 -7
- package/dist/shell/interactiveShell.d.ts.map +1 -1
- package/dist/shell/interactiveShell.js +399 -166
- package/dist/shell/interactiveShell.js.map +1 -1
- package/dist/shell/shellApp.d.ts +2 -0
- package/dist/shell/shellApp.d.ts.map +1 -1
- package/dist/shell/shellApp.js +82 -9
- package/dist/shell/shellApp.js.map +1 -1
- package/dist/shell/systemPrompt.d.ts.map +1 -1
- package/dist/shell/systemPrompt.js +1 -4
- package/dist/shell/systemPrompt.js.map +1 -1
- package/dist/shell/terminalInput.d.ts +250 -125
- package/dist/shell/terminalInput.d.ts.map +1 -1
- package/dist/shell/terminalInput.js +1061 -612
- package/dist/shell/terminalInput.js.map +1 -1
- package/dist/shell/terminalInputAdapter.d.ts +106 -24
- package/dist/shell/terminalInputAdapter.d.ts.map +1 -1
- package/dist/shell/terminalInputAdapter.js +137 -30
- package/dist/shell/terminalInputAdapter.js.map +1 -1
- package/dist/subagents/agentConfig.d.ts +27 -0
- package/dist/subagents/agentConfig.d.ts.map +1 -0
- package/dist/subagents/agentConfig.js +89 -0
- package/dist/subagents/agentConfig.js.map +1 -0
- package/dist/subagents/agentRegistry.d.ts +33 -0
- package/dist/subagents/agentRegistry.d.ts.map +1 -0
- package/dist/subagents/agentRegistry.js +162 -0
- package/dist/subagents/agentRegistry.js.map +1 -0
- package/dist/subagents/taskRunner.d.ts +7 -1
- package/dist/subagents/taskRunner.d.ts.map +1 -1
- package/dist/subagents/taskRunner.js +200 -49
- package/dist/subagents/taskRunner.js.map +1 -1
- package/dist/ui/ShellUIAdapter.d.ts +7 -1
- package/dist/ui/ShellUIAdapter.d.ts.map +1 -1
- package/dist/ui/ShellUIAdapter.js +42 -18
- package/dist/ui/ShellUIAdapter.js.map +1 -1
- package/dist/ui/display.d.ts +24 -45
- package/dist/ui/display.d.ts.map +1 -1
- package/dist/ui/display.js +148 -274
- package/dist/ui/display.js.map +1 -1
- package/dist/ui/theme.d.ts.map +1 -1
- package/dist/ui/theme.js +6 -8
- package/dist/ui/theme.js.map +1 -1
- package/dist/ui/toolDisplay.d.ts +0 -158
- package/dist/ui/toolDisplay.d.ts.map +1 -1
- package/dist/ui/toolDisplay.js +0 -348
- package/dist/ui/toolDisplay.js.map +1 -1
- package/dist/ui/unified/layout.d.ts +20 -0
- package/dist/ui/unified/layout.d.ts.map +1 -1
- package/dist/ui/unified/layout.js +105 -216
- package/dist/ui/unified/layout.js.map +1 -1
- package/dist/utils/frontmatter.d.ts +10 -0
- package/dist/utils/frontmatter.d.ts.map +1 -0
- package/dist/utils/frontmatter.js +78 -0
- package/dist/utils/frontmatter.js.map +1 -0
- package/package.json +4 -4
- package/dist/alpha-zero/agentWrapper.d.ts +0 -84
- package/dist/alpha-zero/agentWrapper.d.ts.map +0 -1
- package/dist/alpha-zero/agentWrapper.js +0 -171
- package/dist/alpha-zero/agentWrapper.js.map +0 -1
- package/dist/alpha-zero/codeEvaluator.d.ts +0 -25
- package/dist/alpha-zero/codeEvaluator.d.ts.map +0 -1
- package/dist/alpha-zero/codeEvaluator.js +0 -273
- package/dist/alpha-zero/codeEvaluator.js.map +0 -1
- package/dist/alpha-zero/competitiveRunner.d.ts +0 -66
- package/dist/alpha-zero/competitiveRunner.d.ts.map +0 -1
- package/dist/alpha-zero/competitiveRunner.js +0 -224
- package/dist/alpha-zero/competitiveRunner.js.map +0 -1
- package/dist/alpha-zero/index.d.ts +0 -67
- package/dist/alpha-zero/index.d.ts.map +0 -1
- package/dist/alpha-zero/index.js +0 -99
- package/dist/alpha-zero/index.js.map +0 -1
- package/dist/alpha-zero/introspection.d.ts +0 -128
- package/dist/alpha-zero/introspection.d.ts.map +0 -1
- package/dist/alpha-zero/introspection.js +0 -300
- package/dist/alpha-zero/introspection.js.map +0 -1
- package/dist/alpha-zero/metricsTracker.d.ts +0 -71
- package/dist/alpha-zero/metricsTracker.d.ts.map +0 -1
- package/dist/alpha-zero/metricsTracker.js.map +0 -1
- package/dist/alpha-zero/security/core.d.ts +0 -125
- package/dist/alpha-zero/security/core.d.ts.map +0 -1
- package/dist/alpha-zero/security/core.js +0 -271
- package/dist/alpha-zero/security/core.js.map +0 -1
- package/dist/alpha-zero/security/google.d.ts +0 -125
- package/dist/alpha-zero/security/google.d.ts.map +0 -1
- package/dist/alpha-zero/security/google.js +0 -311
- package/dist/alpha-zero/security/google.js.map +0 -1
- package/dist/alpha-zero/security/googleLoader.d.ts +0 -17
- package/dist/alpha-zero/security/googleLoader.d.ts.map +0 -1
- package/dist/alpha-zero/security/googleLoader.js +0 -41
- package/dist/alpha-zero/security/googleLoader.js.map +0 -1
- package/dist/alpha-zero/security/index.d.ts +0 -29
- package/dist/alpha-zero/security/index.d.ts.map +0 -1
- package/dist/alpha-zero/security/index.js +0 -32
- package/dist/alpha-zero/security/index.js.map +0 -1
- package/dist/alpha-zero/security/simulation.d.ts +0 -124
- package/dist/alpha-zero/security/simulation.d.ts.map +0 -1
- package/dist/alpha-zero/security/simulation.js +0 -277
- package/dist/alpha-zero/security/simulation.js.map +0 -1
- package/dist/alpha-zero/selfModification.d.ts +0 -109
- package/dist/alpha-zero/selfModification.d.ts.map +0 -1
- package/dist/alpha-zero/selfModification.js +0 -233
- package/dist/alpha-zero/selfModification.js.map +0 -1
- package/dist/alpha-zero/types.d.ts +0 -170
- package/dist/alpha-zero/types.d.ts.map +0 -1
- package/dist/alpha-zero/types.js +0 -31
- package/dist/alpha-zero/types.js.map +0 -1
- package/dist/capabilities/securityTestingCapability.d.ts +0 -13
- package/dist/capabilities/securityTestingCapability.d.ts.map +0 -1
- package/dist/capabilities/securityTestingCapability.js +0 -25
- package/dist/capabilities/securityTestingCapability.js.map +0 -1
- package/dist/core/aiFlowOptimizer.d.ts +0 -26
- package/dist/core/aiFlowOptimizer.d.ts.map +0 -1
- package/dist/core/aiFlowOptimizer.js +0 -31
- package/dist/core/aiFlowOptimizer.js.map +0 -1
- package/dist/core/aiOptimizationEngine.d.ts +0 -158
- package/dist/core/aiOptimizationEngine.d.ts.map +0 -1
- package/dist/core/aiOptimizationEngine.js +0 -428
- package/dist/core/aiOptimizationEngine.js.map +0 -1
- package/dist/core/aiOptimizationIntegration.d.ts +0 -93
- package/dist/core/aiOptimizationIntegration.d.ts.map +0 -1
- package/dist/core/aiOptimizationIntegration.js +0 -250
- package/dist/core/aiOptimizationIntegration.js.map +0 -1
- package/dist/core/enhancedErrorRecovery.d.ts +0 -100
- package/dist/core/enhancedErrorRecovery.d.ts.map +0 -1
- package/dist/core/enhancedErrorRecovery.js +0 -345
- package/dist/core/enhancedErrorRecovery.js.map +0 -1
- package/dist/core/hooksSystem.d.ts +0 -65
- package/dist/core/hooksSystem.d.ts.map +0 -1
- package/dist/core/hooksSystem.js +0 -273
- package/dist/core/hooksSystem.js.map +0 -1
- package/dist/core/memorySystem.d.ts +0 -48
- package/dist/core/memorySystem.d.ts.map +0 -1
- package/dist/core/memorySystem.js +0 -271
- package/dist/core/memorySystem.js.map +0 -1
- package/dist/core/unified/errors.d.ts +0 -189
- package/dist/core/unified/errors.d.ts.map +0 -1
- package/dist/core/unified/errors.js +0 -497
- package/dist/core/unified/errors.js.map +0 -1
- package/dist/core/unified/index.d.ts +0 -19
- package/dist/core/unified/index.d.ts.map +0 -1
- package/dist/core/unified/index.js +0 -68
- package/dist/core/unified/index.js.map +0 -1
- package/dist/core/unified/schema.d.ts +0 -101
- package/dist/core/unified/schema.d.ts.map +0 -1
- package/dist/core/unified/schema.js +0 -350
- package/dist/core/unified/schema.js.map +0 -1
- package/dist/core/unified/toolRuntime.d.ts +0 -179
- package/dist/core/unified/toolRuntime.d.ts.map +0 -1
- package/dist/core/unified/toolRuntime.js +0 -517
- package/dist/core/unified/toolRuntime.js.map +0 -1
- package/dist/core/unified/tools.d.ts +0 -127
- package/dist/core/unified/tools.d.ts.map +0 -1
- package/dist/core/unified/tools.js +0 -1333
- package/dist/core/unified/tools.js.map +0 -1
- package/dist/core/unified/types.d.ts +0 -352
- package/dist/core/unified/types.d.ts.map +0 -1
- package/dist/core/unified/types.js +0 -12
- package/dist/core/unified/types.js.map +0 -1
- package/dist/core/unified/version.d.ts +0 -209
- package/dist/core/unified/version.d.ts.map +0 -1
- package/dist/core/unified/version.js +0 -454
- package/dist/core/unified/version.js.map +0 -1
- package/dist/plugins/tools/security/securityPlugin.d.ts +0 -3
- package/dist/plugins/tools/security/securityPlugin.d.ts.map +0 -1
- package/dist/plugins/tools/security/securityPlugin.js +0 -12
- package/dist/plugins/tools/security/securityPlugin.js.map +0 -1
- package/dist/security/active-stack-security.d.ts +0 -112
- package/dist/security/active-stack-security.d.ts.map +0 -1
- package/dist/security/active-stack-security.js +0 -296
- package/dist/security/active-stack-security.js.map +0 -1
- package/dist/security/advanced-persistence-research.d.ts +0 -92
- package/dist/security/advanced-persistence-research.d.ts.map +0 -1
- package/dist/security/advanced-persistence-research.js +0 -195
- package/dist/security/advanced-persistence-research.js.map +0 -1
- package/dist/security/advanced-targeting.d.ts +0 -119
- package/dist/security/advanced-targeting.d.ts.map +0 -1
- package/dist/security/advanced-targeting.js +0 -233
- package/dist/security/advanced-targeting.js.map +0 -1
- package/dist/security/assessment/vulnerabilityAssessment.d.ts +0 -104
- package/dist/security/assessment/vulnerabilityAssessment.d.ts.map +0 -1
- package/dist/security/assessment/vulnerabilityAssessment.js +0 -315
- package/dist/security/assessment/vulnerabilityAssessment.js.map +0 -1
- package/dist/security/authorization/securityAuthorization.d.ts +0 -88
- package/dist/security/authorization/securityAuthorization.d.ts.map +0 -1
- package/dist/security/authorization/securityAuthorization.js +0 -172
- package/dist/security/authorization/securityAuthorization.js.map +0 -1
- package/dist/security/comprehensive-targeting.d.ts +0 -85
- package/dist/security/comprehensive-targeting.d.ts.map +0 -1
- package/dist/security/comprehensive-targeting.js +0 -438
- package/dist/security/comprehensive-targeting.js.map +0 -1
- package/dist/security/global-security-integration.d.ts +0 -91
- package/dist/security/global-security-integration.d.ts.map +0 -1
- package/dist/security/global-security-integration.js +0 -218
- package/dist/security/global-security-integration.js.map +0 -1
- package/dist/security/index.d.ts +0 -38
- package/dist/security/index.d.ts.map +0 -1
- package/dist/security/index.js +0 -47
- package/dist/security/index.js.map +0 -1
- package/dist/security/persistence-analyzer.d.ts +0 -56
- package/dist/security/persistence-analyzer.d.ts.map +0 -1
- package/dist/security/persistence-analyzer.js +0 -187
- package/dist/security/persistence-analyzer.js.map +0 -1
- package/dist/security/persistence-cli.d.ts +0 -36
- package/dist/security/persistence-cli.d.ts.map +0 -1
- package/dist/security/persistence-cli.js +0 -160
- package/dist/security/persistence-cli.js.map +0 -1
- package/dist/security/persistence-research.d.ts +0 -92
- package/dist/security/persistence-research.d.ts.map +0 -1
- package/dist/security/persistence-research.js +0 -364
- package/dist/security/persistence-research.js.map +0 -1
- package/dist/security/research/persistenceResearch.d.ts +0 -97
- package/dist/security/research/persistenceResearch.d.ts.map +0 -1
- package/dist/security/research/persistenceResearch.js +0 -282
- package/dist/security/research/persistenceResearch.js.map +0 -1
- package/dist/security/security-integration.d.ts +0 -74
- package/dist/security/security-integration.d.ts.map +0 -1
- package/dist/security/security-integration.js +0 -137
- package/dist/security/security-integration.js.map +0 -1
- package/dist/security/security-testing-framework.d.ts +0 -112
- package/dist/security/security-testing-framework.d.ts.map +0 -1
- package/dist/security/security-testing-framework.js +0 -364
- package/dist/security/security-testing-framework.js.map +0 -1
- package/dist/security/simulation/attackSimulation.d.ts +0 -93
- package/dist/security/simulation/attackSimulation.d.ts.map +0 -1
- package/dist/security/simulation/attackSimulation.js +0 -341
- package/dist/security/simulation/attackSimulation.js.map +0 -1
- package/dist/security/strategic-operations.d.ts +0 -100
- package/dist/security/strategic-operations.d.ts.map +0 -1
- package/dist/security/strategic-operations.js +0 -276
- package/dist/security/strategic-operations.js.map +0 -1
- package/dist/security/tool-security-wrapper.d.ts +0 -58
- package/dist/security/tool-security-wrapper.d.ts.map +0 -1
- package/dist/security/tool-security-wrapper.js +0 -156
- package/dist/security/tool-security-wrapper.js.map +0 -1
- package/dist/shell/claudeCodeStreamHandler.d.ts +0 -145
- package/dist/shell/claudeCodeStreamHandler.d.ts.map +0 -1
- package/dist/shell/claudeCodeStreamHandler.js +0 -322
- package/dist/shell/claudeCodeStreamHandler.js.map +0 -1
- package/dist/shell/inputQueueManager.d.ts +0 -144
- package/dist/shell/inputQueueManager.d.ts.map +0 -1
- package/dist/shell/inputQueueManager.js +0 -290
- package/dist/shell/inputQueueManager.js.map +0 -1
- package/dist/shell/metricsTracker.d.ts +0 -60
- package/dist/shell/metricsTracker.d.ts.map +0 -1
- package/dist/shell/metricsTracker.js +0 -119
- package/dist/shell/metricsTracker.js.map +0 -1
- package/dist/shell/streamingOutputManager.d.ts +0 -115
- package/dist/shell/streamingOutputManager.d.ts.map +0 -1
- package/dist/shell/streamingOutputManager.js +0 -225
- package/dist/shell/streamingOutputManager.js.map +0 -1
- package/dist/tools/securityTools.d.ts +0 -22
- package/dist/tools/securityTools.d.ts.map +0 -1
- package/dist/tools/securityTools.js +0 -448
- package/dist/tools/securityTools.js.map +0 -1
- package/dist/ui/persistentPrompt.d.ts +0 -50
- package/dist/ui/persistentPrompt.d.ts.map +0 -1
- package/dist/ui/persistentPrompt.js +0 -92
- package/dist/ui/persistentPrompt.js.map +0 -1
- package/dist/ui/terminalUISchema.d.ts +0 -195
- package/dist/ui/terminalUISchema.d.ts.map +0 -1
- package/dist/ui/terminalUISchema.js +0 -113
- package/dist/ui/terminalUISchema.js.map +0 -1
- package/scripts/deploy-security-capabilities.js +0 -178
|
@@ -1,271 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* Core Security Research Framework
|
|
3
|
-
*
|
|
4
|
-
* Base authorization system and reconnaissance capabilities.
|
|
5
|
-
* All operations require explicit authorization.
|
|
6
|
-
*
|
|
7
|
-
* Principal Investigator: Bo Shang
|
|
8
|
-
* Framework: erosolar-cli
|
|
9
|
-
*/
|
|
10
|
-
import * as dns from 'dns/promises';
|
|
11
|
-
import * as net from 'net';
|
|
12
|
-
/**
|
|
13
|
-
* Scope of authorization for security testing
|
|
14
|
-
*/
|
|
15
|
-
export var AuthorizationScope;
|
|
16
|
-
(function (AuthorizationScope) {
|
|
17
|
-
AuthorizationScope["OWNED_SYSTEMS"] = "owned_systems";
|
|
18
|
-
AuthorizationScope["BUG_BOUNTY"] = "bug_bounty";
|
|
19
|
-
AuthorizationScope["PENTEST_ENGAGEMENT"] = "pentest_engagement";
|
|
20
|
-
AuthorizationScope["CTF_COMPETITION"] = "ctf_competition";
|
|
21
|
-
AuthorizationScope["RED_TEAM"] = "red_team";
|
|
22
|
-
AuthorizationScope["EDUCATIONAL"] = "educational";
|
|
23
|
-
})(AuthorizationScope || (AuthorizationScope = {}));
|
|
24
|
-
const DEFAULT_CONFIG = {
|
|
25
|
-
dataDir: '.security_research',
|
|
26
|
-
verbose: false,
|
|
27
|
-
};
|
|
28
|
-
/**
|
|
29
|
-
* Security Research Engine
|
|
30
|
-
*
|
|
31
|
-
* All operations require explicit authorization records.
|
|
32
|
-
*/
|
|
33
|
-
export class SecurityResearchEngine {
|
|
34
|
-
config;
|
|
35
|
-
authorization = null;
|
|
36
|
-
findings = [];
|
|
37
|
-
reconResults = [];
|
|
38
|
-
constructor(config = {}) {
|
|
39
|
-
this.config = { ...DEFAULT_CONFIG, ...config };
|
|
40
|
-
}
|
|
41
|
-
/**
|
|
42
|
-
* Set authorization for testing
|
|
43
|
-
*/
|
|
44
|
-
setAuthorization(authorization) {
|
|
45
|
-
this.authorization = authorization;
|
|
46
|
-
if (this.config.verbose) {
|
|
47
|
-
console.log(`[Authorization] Set for ${authorization.targetDomain}`);
|
|
48
|
-
}
|
|
49
|
-
}
|
|
50
|
-
/**
|
|
51
|
-
* Check if authorization is valid
|
|
52
|
-
*/
|
|
53
|
-
checkAuthorization(target) {
|
|
54
|
-
if (!this.authorization) {
|
|
55
|
-
throw new Error('No authorization record set.');
|
|
56
|
-
}
|
|
57
|
-
// Check expiration
|
|
58
|
-
if (this.authorization.expirationDate) {
|
|
59
|
-
const exp = new Date(this.authorization.expirationDate);
|
|
60
|
-
if (new Date() > exp) {
|
|
61
|
-
throw new Error('Authorization has expired.');
|
|
62
|
-
}
|
|
63
|
-
}
|
|
64
|
-
// Check scope
|
|
65
|
-
const inScope = this.authorization.targetDomain.includes(target) ||
|
|
66
|
-
target.endsWith(this.authorization.targetDomain);
|
|
67
|
-
const outOfScope = this.authorization.outOfScope.some(oos => target.includes(oos));
|
|
68
|
-
if (!inScope || outOfScope) {
|
|
69
|
-
throw new Error(`Target ${target} is not within authorized scope.`);
|
|
70
|
-
}
|
|
71
|
-
}
|
|
72
|
-
/**
|
|
73
|
-
* Perform passive reconnaissance
|
|
74
|
-
*/
|
|
75
|
-
async passiveRecon(target) {
|
|
76
|
-
this.checkAuthorization(target);
|
|
77
|
-
if (this.config.verbose) {
|
|
78
|
-
console.log(`[Recon] Starting passive recon on ${target}`);
|
|
79
|
-
}
|
|
80
|
-
const result = {
|
|
81
|
-
target,
|
|
82
|
-
timestamp: Date.now(),
|
|
83
|
-
dnsRecords: {},
|
|
84
|
-
openPorts: [],
|
|
85
|
-
sslInfo: {},
|
|
86
|
-
httpHeaders: {},
|
|
87
|
-
technologies: [],
|
|
88
|
-
subdomains: [],
|
|
89
|
-
potentialVectors: [],
|
|
90
|
-
};
|
|
91
|
-
// DNS lookup
|
|
92
|
-
try {
|
|
93
|
-
result.dnsRecords['A'] = await dns.resolve4(target);
|
|
94
|
-
}
|
|
95
|
-
catch { /* ignore */ }
|
|
96
|
-
try {
|
|
97
|
-
result.dnsRecords['MX'] = (await dns.resolveMx(target)).map(r => r.exchange);
|
|
98
|
-
}
|
|
99
|
-
catch { /* ignore */ }
|
|
100
|
-
try {
|
|
101
|
-
result.dnsRecords['TXT'] = await dns.resolveTxt(target).then(r => r.flat());
|
|
102
|
-
}
|
|
103
|
-
catch { /* ignore */ }
|
|
104
|
-
// Common subdomain patterns
|
|
105
|
-
const prefixes = ['www', 'mail', 'api', 'dev', 'staging', 'admin'];
|
|
106
|
-
result.subdomains = prefixes.map(p => `${p}.${target}`);
|
|
107
|
-
this.reconResults.push(result);
|
|
108
|
-
return result;
|
|
109
|
-
}
|
|
110
|
-
/**
|
|
111
|
-
* Perform active reconnaissance (requires stronger authorization)
|
|
112
|
-
*/
|
|
113
|
-
async activeRecon(target, ports = [80, 443, 8080, 8443]) {
|
|
114
|
-
this.checkAuthorization(target);
|
|
115
|
-
// Active recon requires stronger authorization
|
|
116
|
-
const allowed = [
|
|
117
|
-
AuthorizationScope.OWNED_SYSTEMS,
|
|
118
|
-
AuthorizationScope.PENTEST_ENGAGEMENT,
|
|
119
|
-
AuthorizationScope.RED_TEAM,
|
|
120
|
-
AuthorizationScope.CTF_COMPETITION,
|
|
121
|
-
];
|
|
122
|
-
if (!allowed.includes(this.authorization.scope)) {
|
|
123
|
-
throw new Error('Active recon requires stronger authorization.');
|
|
124
|
-
}
|
|
125
|
-
const result = await this.passiveRecon(target);
|
|
126
|
-
// Port scan
|
|
127
|
-
result.openPorts = await this.scanPorts(target, ports);
|
|
128
|
-
// Identify vectors
|
|
129
|
-
result.potentialVectors = this.identifyVectors(result);
|
|
130
|
-
return result;
|
|
131
|
-
}
|
|
132
|
-
/**
|
|
133
|
-
* Scan ports
|
|
134
|
-
*/
|
|
135
|
-
async scanPorts(host, ports) {
|
|
136
|
-
const checkPort = (port) => {
|
|
137
|
-
return new Promise(resolve => {
|
|
138
|
-
const socket = new net.Socket();
|
|
139
|
-
socket.setTimeout(2000);
|
|
140
|
-
socket.on('connect', () => {
|
|
141
|
-
socket.destroy();
|
|
142
|
-
resolve(true);
|
|
143
|
-
});
|
|
144
|
-
socket.on('error', () => {
|
|
145
|
-
socket.destroy();
|
|
146
|
-
resolve(false);
|
|
147
|
-
});
|
|
148
|
-
socket.on('timeout', () => {
|
|
149
|
-
socket.destroy();
|
|
150
|
-
resolve(false);
|
|
151
|
-
});
|
|
152
|
-
socket.connect(port, host);
|
|
153
|
-
});
|
|
154
|
-
};
|
|
155
|
-
const results = await Promise.all(ports.map(async (port) => {
|
|
156
|
-
const isOpen = await checkPort(port);
|
|
157
|
-
return isOpen ? port : null;
|
|
158
|
-
}));
|
|
159
|
-
return results.filter((p) => p !== null);
|
|
160
|
-
}
|
|
161
|
-
/**
|
|
162
|
-
* Identify potential attack vectors
|
|
163
|
-
*/
|
|
164
|
-
identifyVectors(recon) {
|
|
165
|
-
const vectors = [];
|
|
166
|
-
// Missing security headers (would need HTTP request to determine)
|
|
167
|
-
// Placeholder for now
|
|
168
|
-
vectors.push('Check for missing security headers');
|
|
169
|
-
// Open ports analysis
|
|
170
|
-
if (recon.openPorts.includes(21)) {
|
|
171
|
-
vectors.push('FTP port open - check for anonymous access');
|
|
172
|
-
}
|
|
173
|
-
if (recon.openPorts.includes(22)) {
|
|
174
|
-
vectors.push('SSH port open - check for weak credentials');
|
|
175
|
-
}
|
|
176
|
-
return vectors;
|
|
177
|
-
}
|
|
178
|
-
/**
|
|
179
|
-
* Analyze for vulnerabilities
|
|
180
|
-
*/
|
|
181
|
-
analyzeForVulnerabilities(recon) {
|
|
182
|
-
this.checkAuthorization(recon.target);
|
|
183
|
-
const findings = [];
|
|
184
|
-
// Example: missing HSTS (would need actual HTTP response)
|
|
185
|
-
findings.push({
|
|
186
|
-
title: 'Missing HSTS Header (Verify Required)',
|
|
187
|
-
severity: 'medium',
|
|
188
|
-
category: 'config',
|
|
189
|
-
description: 'Verify HSTS header is present.',
|
|
190
|
-
evidence: 'Requires HTTP response analysis',
|
|
191
|
-
remediation: 'Add Strict-Transport-Security header',
|
|
192
|
-
cweId: 'CWE-319',
|
|
193
|
-
});
|
|
194
|
-
this.findings.push(...findings);
|
|
195
|
-
return findings;
|
|
196
|
-
}
|
|
197
|
-
/**
|
|
198
|
-
* Generate report
|
|
199
|
-
*/
|
|
200
|
-
generateReport(format = 'text') {
|
|
201
|
-
if (format === 'json') {
|
|
202
|
-
return JSON.stringify({
|
|
203
|
-
generated: new Date().toISOString(),
|
|
204
|
-
authorization: this.authorization,
|
|
205
|
-
findings: this.findings,
|
|
206
|
-
reconResults: this.reconResults,
|
|
207
|
-
}, null, 2);
|
|
208
|
-
}
|
|
209
|
-
const lines = [
|
|
210
|
-
'='.repeat(60),
|
|
211
|
-
'SECURITY RESEARCH REPORT',
|
|
212
|
-
'='.repeat(60),
|
|
213
|
-
`Generated: ${new Date().toISOString()}`,
|
|
214
|
-
];
|
|
215
|
-
if (this.authorization) {
|
|
216
|
-
lines.push(`Target: ${this.authorization.targetDomain}`);
|
|
217
|
-
lines.push(`Scope: ${this.authorization.scope}`);
|
|
218
|
-
}
|
|
219
|
-
if (this.findings.length > 0) {
|
|
220
|
-
lines.push('', `Findings: ${this.findings.length}`);
|
|
221
|
-
for (const f of this.findings) {
|
|
222
|
-
lines.push(` [${f.severity.toUpperCase()}] ${f.title}`);
|
|
223
|
-
}
|
|
224
|
-
}
|
|
225
|
-
return lines.join('\n');
|
|
226
|
-
}
|
|
227
|
-
}
|
|
228
|
-
/**
|
|
229
|
-
* Create bug bounty authorization
|
|
230
|
-
*/
|
|
231
|
-
export function createBugBountyAuthorization(targetDomain, programName, scopeLimitations = [], outOfScope = []) {
|
|
232
|
-
return {
|
|
233
|
-
scope: AuthorizationScope.BUG_BOUNTY,
|
|
234
|
-
targetDomain,
|
|
235
|
-
authorizedBy: `Bug Bounty: ${programName}`,
|
|
236
|
-
authorizationDate: new Date().toISOString(),
|
|
237
|
-
scopeLimitations,
|
|
238
|
-
outOfScope,
|
|
239
|
-
notes: 'Testing authorized under bug bounty program terms',
|
|
240
|
-
};
|
|
241
|
-
}
|
|
242
|
-
/**
|
|
243
|
-
* Create pentest authorization
|
|
244
|
-
*/
|
|
245
|
-
export function createPentestAuthorization(targetDomain, clientName, engagementId, expirationDate) {
|
|
246
|
-
return {
|
|
247
|
-
scope: AuthorizationScope.PENTEST_ENGAGEMENT,
|
|
248
|
-
targetDomain,
|
|
249
|
-
authorizedBy: `Client: ${clientName} (${engagementId})`,
|
|
250
|
-
authorizationDate: new Date().toISOString(),
|
|
251
|
-
expirationDate,
|
|
252
|
-
scopeLimitations: [],
|
|
253
|
-
outOfScope: [],
|
|
254
|
-
notes: 'Testing authorized under penetration testing agreement',
|
|
255
|
-
};
|
|
256
|
-
}
|
|
257
|
-
/**
|
|
258
|
-
* Create CTF authorization
|
|
259
|
-
*/
|
|
260
|
-
export function createCtfAuthorization(targetDomain, ctfName) {
|
|
261
|
-
return {
|
|
262
|
-
scope: AuthorizationScope.CTF_COMPETITION,
|
|
263
|
-
targetDomain,
|
|
264
|
-
authorizedBy: `CTF: ${ctfName}`,
|
|
265
|
-
authorizationDate: new Date().toISOString(),
|
|
266
|
-
scopeLimitations: [],
|
|
267
|
-
outOfScope: [],
|
|
268
|
-
notes: 'CTF competition testing',
|
|
269
|
-
};
|
|
270
|
-
}
|
|
271
|
-
//# sourceMappingURL=core.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"core.js","sourceRoot":"","sources":["../../../src/alpha-zero/security/core.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,KAAK,GAAG,MAAM,cAAc,CAAC;AACpC,OAAO,KAAK,GAAG,MAAM,KAAK,CAAC;AAE3B;;GAEG;AACH,MAAM,CAAN,IAAY,kBAOX;AAPD,WAAY,kBAAkB;IAC5B,qDAA+B,CAAA;IAC/B,+CAAyB,CAAA;IACzB,+DAAyC,CAAA;IACzC,yDAAmC,CAAA;IACnC,2CAAqB,CAAA;IACrB,iDAA2B,CAAA;AAC7B,CAAC,EAPW,kBAAkB,KAAlB,kBAAkB,QAO7B;AAsDD,MAAM,cAAc,GAA2B;IAC7C,OAAO,EAAE,oBAAoB;IAC7B,OAAO,EAAE,KAAK;CACf,CAAC;AAEF;;;;GAIG;AACH,MAAM,OAAO,sBAAsB;IACzB,MAAM,CAAyB;IAC/B,aAAa,GAA+B,IAAI,CAAC;IAClD,QAAQ,GAA2B,EAAE,CAAC;IACtC,YAAY,GAAkB,EAAE,CAAC;IAExC,YAAY,SAA0C,EAAE;QACtD,IAAI,CAAC,MAAM,GAAG,EAAE,GAAG,cAAc,EAAE,GAAG,MAAM,EAAE,CAAC;IACjD,CAAC;IAED;;OAEG;IACH,gBAAgB,CAAC,aAAkC;QACjD,IAAI,CAAC,aAAa,GAAG,aAAa,CAAC;QACnC,IAAI,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACxB,OAAO,CAAC,GAAG,CAAC,2BAA2B,aAAa,CAAC,YAAY,EAAE,CAAC,CAAC;QACvE,CAAC;IACH,CAAC;IAED;;OAEG;IACK,kBAAkB,CAAC,MAAc;QACvC,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,CAAC;YACxB,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;QAClD,CAAC;QAED,mBAAmB;QACnB,IAAI,IAAI,CAAC,aAAa,CAAC,cAAc,EAAE,CAAC;YACtC,MAAM,GAAG,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,cAAc,CAAC,CAAC;YACxD,IAAI,IAAI,IAAI,EAAE,GAAG,GAAG,EAAE,CAAC;gBACrB,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;YAChD,CAAC;QACH,CAAC;QAED,cAAc;QACd,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,CAAC,YAAY,CAAC,QAAQ,CAAC,MAAM,CAAC;YAChD,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,aAAa,CAAC,YAAY,CAAC,CAAC;QACjE,MAAM,UAAU,GAAG,IAAI,CAAC,aAAa,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC;QAEnF,IAAI,CAAC,OAAO,IAAI,UAAU,EAAE,CAAC;YAC3B,MAAM,IAAI,KAAK,CAAC,UAAU,MAAM,kCAAkC,CAAC,CAAC;QACtE,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,YAAY,CAAC,MAAc;QAC/B,IAAI,CAAC,kBAAkB,CAAC,MAAM,CAAC,CAAC;QAEhC,IAAI,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACxB,OAAO,CAAC,GAAG,CAAC,qCAAqC,MAAM,EAAE,CAAC,CAAC;QAC7D,CAAC;QAED,MAAM,MAAM,GAAgB;YAC1B,MAAM;YACN,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;YACrB,UAAU,EAAE,EAAE;YACd,SAAS,EAAE,EAAE;YACb,OAAO,EAAE,EAAE;YACX,WAAW,EAAE,EAAE;YACf,YAAY,EAAE,EAAE;YAChB,UAAU,EAAE,EAAE;YACd,gBAAgB,EAAE,EAAE;SACrB,CAAC;QAEF,aAAa;QACb,IAAI,CAAC;YACH,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,GAAG,MAAM,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QACtD,CAAC;QAAC,MAAM,CAAC,CAAC,YAAY,CAAC,CAAC;QAExB,IAAI,CAAC;YACH,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;QAC/E,CAAC;QAAC,MAAM,CAAC,CAAC,YAAY,CAAC,CAAC;QAExB,IAAI,CAAC;YACH,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,GAAG,MAAM,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAC9E,CAAC;QAAC,MAAM,CAAC,CAAC,YAAY,CAAC,CAAC;QAExB,4BAA4B;QAC5B,MAAM,QAAQ,GAAG,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC;QACnE,MAAM,CAAC,UAAU,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,MAAM,EAAE,CAAC,CAAC;QAExD,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC/B,OAAO,MAAM,CAAC;IAChB,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,WAAW,CAAC,MAAc,EAAE,QAAkB,CAAC,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,IAAI,CAAC;QACvE,IAAI,CAAC,kBAAkB,CAAC,MAAM,CAAC,CAAC;QAEhC,+CAA+C;QAC/C,MAAM,OAAO,GAAG;YACd,kBAAkB,CAAC,aAAa;YAChC,kBAAkB,CAAC,kBAAkB;YACrC,kBAAkB,CAAC,QAAQ;YAC3B,kBAAkB,CAAC,eAAe;SACnC,CAAC;QAEF,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,aAAc,CAAC,KAAK,CAAC,EAAE,CAAC;YACjD,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;QACnE,CAAC;QAED,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;QAE/C,YAAY;QACZ,MAAM,CAAC,SAAS,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;QAEvD,mBAAmB;QACnB,MAAM,CAAC,gBAAgB,GAAG,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC;QAEvD,OAAO,MAAM,CAAC;IAChB,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,SAAS,CAAC,IAAY,EAAE,KAAe;QACnD,MAAM,SAAS,GAAG,CAAC,IAAY,EAAoB,EAAE;YACnD,OAAO,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE;gBAC3B,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,MAAM,EAAE,CAAC;gBAChC,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;gBAExB,MAAM,CAAC,EAAE,CAAC,SAAS,EAAE,GAAG,EAAE;oBACxB,MAAM,CAAC,OAAO,EAAE,CAAC;oBACjB,OAAO,CAAC,IAAI,CAAC,CAAC;gBAChB,CAAC,CAAC,CAAC;gBAEH,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,GAAG,EAAE;oBACtB,MAAM,CAAC,OAAO,EAAE,CAAC;oBACjB,OAAO,CAAC,KAAK,CAAC,CAAC;gBACjB,CAAC,CAAC,CAAC;gBAEH,MAAM,CAAC,EAAE,CAAC,SAAS,EAAE,GAAG,EAAE;oBACxB,MAAM,CAAC,OAAO,EAAE,CAAC;oBACjB,OAAO,CAAC,KAAK,CAAC,CAAC;gBACjB,CAAC,CAAC,CAAC;gBAEH,MAAM,CAAC,OAAO,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;YAC7B,CAAC,CAAC,CAAC;QACL,CAAC,CAAC;QAEF,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,KAAK,EAAC,IAAI,EAAC,EAAE;YACvD,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,CAAC;YACrC,OAAO,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC;QAC9B,CAAC,CAAC,CAAC,CAAC;QAEJ,OAAO,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAe,EAAE,CAAC,CAAC,KAAK,IAAI,CAAC,CAAC;IACxD,CAAC;IAED;;OAEG;IACK,eAAe,CAAC,KAAkB;QACxC,MAAM,OAAO,GAAa,EAAE,CAAC;QAE7B,kEAAkE;QAClE,sBAAsB;QACtB,OAAO,CAAC,IAAI,CAAC,oCAAoC,CAAC,CAAC;QAEnD,sBAAsB;QACtB,IAAI,KAAK,CAAC,SAAS,CAAC,QAAQ,CAAC,EAAE,CAAC,EAAE,CAAC;YACjC,OAAO,CAAC,IAAI,CAAC,4CAA4C,CAAC,CAAC;QAC7D,CAAC;QACD,IAAI,KAAK,CAAC,SAAS,CAAC,QAAQ,CAAC,EAAE,CAAC,EAAE,CAAC;YACjC,OAAO,CAAC,IAAI,CAAC,4CAA4C,CAAC,CAAC;QAC7D,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;OAEG;IACH,yBAAyB,CAAC,KAAkB;QAC1C,IAAI,CAAC,kBAAkB,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAEtC,MAAM,QAAQ,GAA2B,EAAE,CAAC;QAE5C,0DAA0D;QAC1D,QAAQ,CAAC,IAAI,CAAC;YACZ,KAAK,EAAE,uCAAuC;YAC9C,QAAQ,EAAE,QAAQ;YAClB,QAAQ,EAAE,QAAQ;YAClB,WAAW,EAAE,gCAAgC;YAC7C,QAAQ,EAAE,iCAAiC;YAC3C,WAAW,EAAE,sCAAsC;YACnD,KAAK,EAAE,SAAS;SACjB,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,QAAQ,CAAC,CAAC;QAChC,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED;;OAEG;IACH,cAAc,CAAC,SAA0B,MAAM;QAC7C,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;YACtB,OAAO,IAAI,CAAC,SAAS,CAAC;gBACpB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACnC,aAAa,EAAE,IAAI,CAAC,aAAa;gBACjC,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,YAAY,EAAE,IAAI,CAAC,YAAY;aAChC,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;QACd,CAAC;QAED,MAAM,KAAK,GAAG;YACZ,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;YACd,0BAA0B;YAC1B,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;YACd,cAAc,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,EAAE;SACzC,CAAC;QAEF,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;YACvB,KAAK,CAAC,IAAI,CAAC,WAAW,IAAI,CAAC,aAAa,CAAC,YAAY,EAAE,CAAC,CAAC;YACzD,KAAK,CAAC,IAAI,CAAC,UAAU,IAAI,CAAC,aAAa,CAAC,KAAK,EAAE,CAAC,CAAC;QACnD,CAAC;QAED,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC7B,KAAK,CAAC,IAAI,CAAC,EAAE,EAAE,aAAa,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;YACpD,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;gBAC9B,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC;YAC3D,CAAC;QACH,CAAC;QAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;CACF;AAED;;GAEG;AACH,MAAM,UAAU,4BAA4B,CAC1C,YAAoB,EACpB,WAAmB,EACnB,mBAA6B,EAAE,EAC/B,aAAuB,EAAE;IAEzB,OAAO;QACL,KAAK,EAAE,kBAAkB,CAAC,UAAU;QACpC,YAAY;QACZ,YAAY,EAAE,eAAe,WAAW,EAAE;QAC1C,iBAAiB,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QAC3C,gBAAgB;QAChB,UAAU;QACV,KAAK,EAAE,mDAAmD;KAC3D,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,0BAA0B,CACxC,YAAoB,EACpB,UAAkB,EAClB,YAAoB,EACpB,cAAsB;IAEtB,OAAO;QACL,KAAK,EAAE,kBAAkB,CAAC,kBAAkB;QAC5C,YAAY;QACZ,YAAY,EAAE,WAAW,UAAU,KAAK,YAAY,GAAG;QACvD,iBAAiB,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QAC3C,cAAc;QACd,gBAAgB,EAAE,EAAE;QACpB,UAAU,EAAE,EAAE;QACd,KAAK,EAAE,wDAAwD;KAChE,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,sBAAsB,CACpC,YAAoB,EACpB,OAAe;IAEf,OAAO;QACL,KAAK,EAAE,kBAAkB,CAAC,eAAe;QACzC,YAAY;QACZ,YAAY,EAAE,QAAQ,OAAO,EAAE;QAC/B,iBAAiB,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QAC3C,gBAAgB,EAAE,EAAE;QACpB,UAAU,EAAE,EAAE;QACd,KAAK,EAAE,yBAAyB;KACjC,CAAC;AACJ,CAAC"}
|
|
@@ -1,125 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* Google Infrastructure Persistence Vector Research
|
|
3
|
-
*
|
|
4
|
-
* OPTIONAL MODULE - Only loaded when Google security research is enabled.
|
|
5
|
-
*
|
|
6
|
-
* Provides research tools for identifying persistence mechanisms
|
|
7
|
-
* in Google Cloud Platform and Google Workspace environments.
|
|
8
|
-
*
|
|
9
|
-
* AUTHORIZATION: Designed for authorized red team engagements and
|
|
10
|
-
* penetration testing of Google infrastructure under contract.
|
|
11
|
-
*
|
|
12
|
-
* Principal Investigator: Bo Shang
|
|
13
|
-
* Framework: erosolar-cli
|
|
14
|
-
*/
|
|
15
|
-
import { AuthorizationRecord } from './core.js';
|
|
16
|
-
/**
|
|
17
|
-
* Google services for persistence research
|
|
18
|
-
*/
|
|
19
|
-
export declare enum GoogleService {
|
|
20
|
-
GCP_COMPUTE = "gcp_compute_engine",
|
|
21
|
-
GCP_GKE = "gcp_kubernetes_engine",
|
|
22
|
-
GCP_CLOUD_FUNCTIONS = "gcp_cloud_functions",
|
|
23
|
-
GCP_IAM = "gcp_iam",
|
|
24
|
-
GCP_SERVICE_ACCOUNTS = "gcp_service_accounts",
|
|
25
|
-
GCP_CLOUD_STORAGE = "gcp_cloud_storage",
|
|
26
|
-
GCP_SECRETS_MANAGER = "gcp_secrets_manager",
|
|
27
|
-
WORKSPACE_GMAIL = "workspace_gmail",
|
|
28
|
-
WORKSPACE_DRIVE = "workspace_drive",
|
|
29
|
-
WORKSPACE_ADMIN = "workspace_admin",
|
|
30
|
-
WORKSPACE_APPS_SCRIPT = "workspace_apps_script",
|
|
31
|
-
GOOGLE_OAUTH = "google_oauth"
|
|
32
|
-
}
|
|
33
|
-
/**
|
|
34
|
-
* Categories of persistence mechanisms
|
|
35
|
-
*/
|
|
36
|
-
export declare enum PersistenceCategory {
|
|
37
|
-
SERVICE_ACCOUNT_ABUSE = "service_account_abuse",
|
|
38
|
-
IAM_POLICY_MODIFICATION = "iam_policy_modification",
|
|
39
|
-
OAUTH_APP_CONSENT = "oauth_app_consent",
|
|
40
|
-
API_KEYS = "api_keys",
|
|
41
|
-
CLOUD_FUNCTION_TRIGGER = "cloud_function_trigger",
|
|
42
|
-
APPS_SCRIPT_TRIGGER = "apps_script_trigger",
|
|
43
|
-
DELEGATION_ABUSE = "delegation_abuse"
|
|
44
|
-
}
|
|
45
|
-
/**
|
|
46
|
-
* Persistence vector definition
|
|
47
|
-
*/
|
|
48
|
-
export interface PersistenceVector {
|
|
49
|
-
name: string;
|
|
50
|
-
service: GoogleService;
|
|
51
|
-
category: PersistenceCategory;
|
|
52
|
-
description: string;
|
|
53
|
-
techniqueId: string;
|
|
54
|
-
requiredPermissions: string[];
|
|
55
|
-
detectionMethods: string[];
|
|
56
|
-
mitigations: string[];
|
|
57
|
-
stealthRating: number;
|
|
58
|
-
}
|
|
59
|
-
/**
|
|
60
|
-
* Persistence test result
|
|
61
|
-
*/
|
|
62
|
-
export interface PersistenceTestResult {
|
|
63
|
-
vector: PersistenceVector;
|
|
64
|
-
targetProject: string;
|
|
65
|
-
timestamp: number;
|
|
66
|
-
testable: boolean;
|
|
67
|
-
permissionsVerified: string[];
|
|
68
|
-
missingPermissions: string[];
|
|
69
|
-
detectionRisk: string;
|
|
70
|
-
notes: string;
|
|
71
|
-
}
|
|
72
|
-
/**
|
|
73
|
-
* GCP Persistence Vectors
|
|
74
|
-
*/
|
|
75
|
-
export declare const GCP_PERSISTENCE_VECTORS: Record<string, PersistenceVector>;
|
|
76
|
-
/**
|
|
77
|
-
* Workspace Persistence Vectors
|
|
78
|
-
*/
|
|
79
|
-
export declare const WORKSPACE_PERSISTENCE_VECTORS: Record<string, PersistenceVector>;
|
|
80
|
-
/**
|
|
81
|
-
* Google Persistence Researcher
|
|
82
|
-
*/
|
|
83
|
-
export declare class GooglePersistenceResearcher {
|
|
84
|
-
private authorization;
|
|
85
|
-
private verbose;
|
|
86
|
-
testResults: PersistenceTestResult[];
|
|
87
|
-
constructor(authorization: AuthorizationRecord, verbose?: boolean);
|
|
88
|
-
/**
|
|
89
|
-
* Check authorization
|
|
90
|
-
*/
|
|
91
|
-
private checkAuthorization;
|
|
92
|
-
/**
|
|
93
|
-
* Get all Google persistence vectors
|
|
94
|
-
*/
|
|
95
|
-
getAllVectors(): Record<string, PersistenceVector>;
|
|
96
|
-
/**
|
|
97
|
-
* Get vectors by service
|
|
98
|
-
*/
|
|
99
|
-
getVectorsByService(service: GoogleService): PersistenceVector[];
|
|
100
|
-
/**
|
|
101
|
-
* Get vectors by category
|
|
102
|
-
*/
|
|
103
|
-
getVectorsByCategory(category: PersistenceCategory): PersistenceVector[];
|
|
104
|
-
/**
|
|
105
|
-
* Get stealthy vectors
|
|
106
|
-
*/
|
|
107
|
-
getStealthyVectors(minRating?: number): PersistenceVector[];
|
|
108
|
-
/**
|
|
109
|
-
* Analyze a persistence vector
|
|
110
|
-
*/
|
|
111
|
-
analyzeVector(vectorId: string, targetProject: string): PersistenceTestResult;
|
|
112
|
-
/**
|
|
113
|
-
* Generate attack playbook
|
|
114
|
-
*/
|
|
115
|
-
generateAttackPlaybook(targetProject: string, vectors?: PersistenceVector[]): Record<string, unknown>;
|
|
116
|
-
/**
|
|
117
|
-
* Generate detection report (blue team)
|
|
118
|
-
*/
|
|
119
|
-
generateDetectionReport(): string;
|
|
120
|
-
}
|
|
121
|
-
/**
|
|
122
|
-
* Create Google authorization
|
|
123
|
-
*/
|
|
124
|
-
export declare function createGoogleAuthorization(engagementType: 'bug_bounty' | 'pentest' | 'red_team' | 'owned', authorizedBy: string, targetProject?: string, scopeNotes?: string): AuthorizationRecord;
|
|
125
|
-
//# sourceMappingURL=google.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"google.d.ts","sourceRoot":"","sources":["../../../src/alpha-zero/security/google.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,EAAE,mBAAmB,EAAsB,MAAM,WAAW,CAAC;AAEpE;;GAEG;AACH,oBAAY,aAAa;IAEvB,WAAW,uBAAuB;IAClC,OAAO,0BAA0B;IACjC,mBAAmB,wBAAwB;IAC3C,OAAO,YAAY;IACnB,oBAAoB,yBAAyB;IAC7C,iBAAiB,sBAAsB;IACvC,mBAAmB,wBAAwB;IAG3C,eAAe,oBAAoB;IACnC,eAAe,oBAAoB;IACnC,eAAe,oBAAoB;IACnC,qBAAqB,0BAA0B;IAG/C,YAAY,iBAAiB;CAC9B;AAED;;GAEG;AACH,oBAAY,mBAAmB;IAC7B,qBAAqB,0BAA0B;IAC/C,uBAAuB,4BAA4B;IACnD,iBAAiB,sBAAsB;IACvC,QAAQ,aAAa;IACrB,sBAAsB,2BAA2B;IACjD,mBAAmB,wBAAwB;IAC3C,gBAAgB,qBAAqB;CACtC;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,aAAa,CAAC;IACvB,QAAQ,EAAE,mBAAmB,CAAC;IAC9B,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,mBAAmB,EAAE,MAAM,EAAE,CAAC;IAC9B,gBAAgB,EAAE,MAAM,EAAE,CAAC;IAC3B,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,aAAa,EAAE,MAAM,CAAC;CACvB;AAED;;GAEG;AACH,MAAM,WAAW,qBAAqB;IACpC,MAAM,EAAE,iBAAiB,CAAC;IAC1B,aAAa,EAAE,MAAM,CAAC;IACtB,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,OAAO,CAAC;IAClB,mBAAmB,EAAE,MAAM,EAAE,CAAC;IAC9B,kBAAkB,EAAE,MAAM,EAAE,CAAC;IAC7B,aAAa,EAAE,MAAM,CAAC;IACtB,KAAK,EAAE,MAAM,CAAC;CACf;AAED;;GAEG;AACH,eAAO,MAAM,uBAAuB,EAAE,MAAM,CAAC,MAAM,EAAE,iBAAiB,CAkCrE,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,6BAA6B,EAAE,MAAM,CAAC,MAAM,EAAE,iBAAiB,CAkC3E,CAAC;AAEF;;GAEG;AACH,qBAAa,2BAA2B;IACtC,OAAO,CAAC,aAAa,CAAsB;IAC3C,OAAO,CAAC,OAAO,CAAU;IAClB,WAAW,EAAE,qBAAqB,EAAE,CAAM;gBAErC,aAAa,EAAE,mBAAmB,EAAE,OAAO,UAAQ;IAK/D;;OAEG;IACH,OAAO,CAAC,kBAAkB;IAiB1B;;OAEG;IACH,aAAa,IAAI,MAAM,CAAC,MAAM,EAAE,iBAAiB,CAAC;IAIlD;;OAEG;IACH,mBAAmB,CAAC,OAAO,EAAE,aAAa,GAAG,iBAAiB,EAAE;IAKhE;;OAEG;IACH,oBAAoB,CAAC,QAAQ,EAAE,mBAAmB,GAAG,iBAAiB,EAAE;IAKxE;;OAEG;IACH,kBAAkB,CAAC,SAAS,SAAI,GAAG,iBAAiB,EAAE;IAKtD;;OAEG;IACH,aAAa,CAAC,QAAQ,EAAE,MAAM,EAAE,aAAa,EAAE,MAAM,GAAG,qBAAqB;IAmC7E;;OAEG;IACH,sBAAsB,CACpB,aAAa,EAAE,MAAM,EACrB,OAAO,CAAC,EAAE,iBAAiB,EAAE,GAC5B,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC;IA4B1B;;OAEG;IACH,uBAAuB,IAAI,MAAM;CAsDlC;AAED;;GAEG;AACH,wBAAgB,yBAAyB,CACvC,cAAc,EAAE,YAAY,GAAG,SAAS,GAAG,UAAU,GAAG,OAAO,EAC/D,YAAY,EAAE,MAAM,EACpB,aAAa,SAAM,EACnB,UAAU,SAAK,GACd,mBAAmB,CAiBrB"}
|