erosolar-cli 1.7.55 → 1.7.56
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/dist/active-stack-security.d.ts +0 -110
- package/dist/active-stack-security.js +0 -313
- package/dist/active-stack-security.js.map +0 -1
- package/dist/advanced-targeting.d.ts +0 -113
- package/dist/advanced-targeting.js +0 -252
- package/dist/advanced-targeting.js.map +0 -1
- package/dist/bin/adapters/node/index.js +0 -33
- package/dist/bin/adapters/types.js +0 -1
- package/dist/bin/alpha-zero/agentWrapper.js +0 -165
- package/dist/bin/alpha-zero/codeEvaluator.js +0 -272
- package/dist/bin/alpha-zero/competitiveRunner.js +0 -219
- package/dist/bin/alpha-zero/index.js +0 -98
- package/dist/bin/alpha-zero/introspection.js +0 -298
- package/dist/bin/alpha-zero/metricsTracker.js +0 -207
- package/dist/bin/alpha-zero/security/core.js +0 -269
- package/dist/bin/alpha-zero/security/google.js +0 -308
- package/dist/bin/alpha-zero/security/googleLoader.js +0 -40
- package/dist/bin/alpha-zero/security/index.js +0 -31
- package/dist/bin/alpha-zero/security/simulation.js +0 -274
- package/dist/bin/alpha-zero/selfModification.js +0 -231
- package/dist/bin/alpha-zero/types.js +0 -30
- package/dist/bin/bin/erosolar-optimized.js +0 -205
- package/dist/bin/capabilities/agentSpawningCapability.js +0 -116
- package/dist/bin/capabilities/bashCapability.js +0 -22
- package/dist/bin/capabilities/cloudCapability.js +0 -36
- package/dist/bin/capabilities/codeAnalysisCapability.js +0 -22
- package/dist/bin/capabilities/codeQualityCapability.js +0 -23
- package/dist/bin/capabilities/dependencySecurityCapability.js +0 -22
- package/dist/bin/capabilities/devCapability.js +0 -22
- package/dist/bin/capabilities/editCapability.js +0 -28
- package/dist/bin/capabilities/emailCapability.js +0 -20
- package/dist/bin/capabilities/enhancedGitCapability.js +0 -221
- package/dist/bin/capabilities/filesystemCapability.js +0 -22
- package/dist/bin/capabilities/globCapability.js +0 -28
- package/dist/bin/capabilities/interactionCapability.js +0 -20
- package/dist/bin/capabilities/learnCapability.js +0 -22
- package/dist/bin/capabilities/mcpCapability.js +0 -20
- package/dist/bin/capabilities/notebookCapability.js +0 -28
- package/dist/bin/capabilities/planningCapability.js +0 -27
- package/dist/bin/capabilities/refactoringCapability.js +0 -23
- package/dist/bin/capabilities/repoChecksCapability.js +0 -22
- package/dist/bin/capabilities/searchCapability.js +0 -22
- package/dist/bin/capabilities/skillCapability.js +0 -76
- package/dist/bin/capabilities/taskManagementCapability.js +0 -20
- package/dist/bin/capabilities/testingCapability.js +0 -23
- package/dist/bin/capabilities/toolManifest.js +0 -159
- package/dist/bin/capabilities/toolRegistry.js +0 -114
- package/dist/bin/capabilities/webCapability.js +0 -20
- package/dist/bin/config.js +0 -139
- package/dist/bin/contracts/v1/agent.js +0 -7
- package/dist/bin/contracts/v1/agentProfileManifest.js +0 -8
- package/dist/bin/contracts/v1/agentRules.js +0 -9
- package/dist/bin/contracts/v1/toolAccess.js +0 -8
- package/dist/bin/erosolar-optimized.d.ts +0 -12
- package/dist/bin/erosolar-optimized.d.ts.map +0 -1
- package/dist/bin/erosolar-optimized.js +0 -239
- package/dist/bin/erosolar-optimized.js.map +0 -1
- package/dist/bin/headless/headlessApp.js +0 -172
- package/dist/bin/mcp/config.js +0 -202
- package/dist/bin/mcp/stdioClient.js +0 -172
- package/dist/bin/mcp/toolBridge.js +0 -104
- package/dist/bin/mcp/types.js +0 -1
- package/dist/bin/plugins/index.js +0 -113
- package/dist/bin/plugins/providers/anthropic/index.js +0 -25
- package/dist/bin/plugins/providers/deepseek/index.js +0 -24
- package/dist/bin/plugins/providers/google/index.js +0 -26
- package/dist/bin/plugins/providers/index.js +0 -19
- package/dist/bin/plugins/providers/ollama/index.js +0 -59
- package/dist/bin/plugins/providers/openai/index.js +0 -26
- package/dist/bin/plugins/providers/xai/index.js +0 -24
- package/dist/bin/plugins/tools/agentSpawning/agentSpawningPlugin.js +0 -8
- package/dist/bin/plugins/tools/bash/localBashPlugin.js +0 -13
- package/dist/bin/plugins/tools/checks/localRepoChecksPlugin.js +0 -13
- package/dist/bin/plugins/tools/cloud/cloudPlugin.js +0 -13
- package/dist/bin/plugins/tools/codeAnalysis/codeAnalysisPlugin.js +0 -13
- package/dist/bin/plugins/tools/codeQuality/codeQualityPlugin.js +0 -13
- package/dist/bin/plugins/tools/dependency/dependencyPlugin.js +0 -11
- package/dist/bin/plugins/tools/development/devPlugin.js +0 -13
- package/dist/bin/plugins/tools/edit/editPlugin.js +0 -14
- package/dist/bin/plugins/tools/email/emailPlugin.js +0 -11
- package/dist/bin/plugins/tools/enhancedGit/enhancedGitPlugin.js +0 -8
- package/dist/bin/plugins/tools/filesystem/localFilesystemPlugin.js +0 -13
- package/dist/bin/plugins/tools/glob/globPlugin.js +0 -14
- package/dist/bin/plugins/tools/index.js +0 -2
- package/dist/bin/plugins/tools/interaction/interactionPlugin.js +0 -11
- package/dist/bin/plugins/tools/learn/learnPlugin.js +0 -13
- package/dist/bin/plugins/tools/mcp/mcpPlugin.js +0 -8
- package/dist/bin/plugins/tools/nodeDefaults.js +0 -56
- package/dist/bin/plugins/tools/notebook/notebookPlugin.js +0 -14
- package/dist/bin/plugins/tools/planning/planningPlugin.js +0 -14
- package/dist/bin/plugins/tools/refactoring/refactoringPlugin.js +0 -11
- package/dist/bin/plugins/tools/registry.js +0 -57
- package/dist/bin/plugins/tools/search/localSearchPlugin.js +0 -13
- package/dist/bin/plugins/tools/skills/skillPlugin.js +0 -8
- package/dist/bin/plugins/tools/taskManagement/taskManagementPlugin.js +0 -11
- package/dist/bin/plugins/tools/testing/testingPlugin.js +0 -11
- package/dist/bin/plugins/tools/web/webPlugin.js +0 -11
- package/dist/bin/providers/anthropicProvider.js +0 -329
- package/dist/bin/providers/googleProvider.js +0 -203
- package/dist/bin/providers/openaiChatCompletionsProvider.js +0 -208
- package/dist/bin/providers/openaiResponsesProvider.js +0 -249
- package/dist/bin/providers/providerFactory.js +0 -24
- package/dist/bin/runtime/agentController.js +0 -321
- package/dist/bin/runtime/agentHost.js +0 -153
- package/dist/bin/runtime/agentSession.js +0 -195
- package/dist/bin/runtime/node.js +0 -10
- package/dist/bin/runtime/universal.js +0 -28
- package/dist/bin/skills/skillRepository.js +0 -236
- package/dist/bin/skills/types.js +0 -1
- package/dist/bin/subagents/taskRunner.js +0 -269
- package/dist/bin/tools/backgroundBashTools.js +0 -211
- package/dist/bin/tools/bashTools.js +0 -159
- package/dist/bin/tools/cloudTools.js +0 -864
- package/dist/bin/tools/codeAnalysisTools.js +0 -641
- package/dist/bin/tools/codeQualityTools.js +0 -294
- package/dist/bin/tools/dependencyTools.js +0 -282
- package/dist/bin/tools/devTools.js +0 -238
- package/dist/bin/tools/diffUtils.js +0 -137
- package/dist/bin/tools/editTools.js +0 -134
- package/dist/bin/tools/emailTools.js +0 -448
- package/dist/bin/tools/fileTools.js +0 -282
- package/dist/bin/tools/globTools.js +0 -173
- package/dist/bin/tools/grepTools.js +0 -332
- package/dist/bin/tools/interactionTools.js +0 -170
- package/dist/bin/tools/learnTools.js +0 -1818
- package/dist/bin/tools/notebookEditTools.js +0 -196
- package/dist/bin/tools/planningTools.js +0 -46
- package/dist/bin/tools/refactoringTools.js +0 -293
- package/dist/bin/tools/repoChecksTools.js +0 -160
- package/dist/bin/tools/searchTools.js +0 -206
- package/dist/bin/tools/skillTools.js +0 -177
- package/dist/bin/tools/taskManagementTools.js +0 -156
- package/dist/bin/tools/testingTools.js +0 -232
- package/dist/bin/tools/webTools.js +0 -480
- package/dist/bin/workspace.js +0 -106
- package/dist/bin/workspace.validator.js +0 -213
- package/dist/capabilities/offensiveSecurityCapability.d.ts +0 -26
- package/dist/capabilities/offensiveSecurityCapability.d.ts.map +0 -1
- package/dist/capabilities/offensiveSecurityCapability.js +0 -58
- package/dist/capabilities/offensiveSecurityCapability.js.map +0 -1
- package/dist/capabilities/realSecurityCapability.d.ts +0 -26
- package/dist/capabilities/realSecurityCapability.d.ts.map +0 -1
- package/dist/capabilities/realSecurityCapability.js +0 -53
- package/dist/capabilities/realSecurityCapability.js.map +0 -1
- package/dist/capabilities/securityCapability.d.ts +0 -32
- package/dist/capabilities/securityCapability.d.ts.map +0 -1
- package/dist/capabilities/securityCapability.js +0 -57
- package/dist/capabilities/securityCapability.js.map +0 -1
- package/dist/capabilities/ultimateSecurityCapability.d.ts +0 -42
- package/dist/capabilities/ultimateSecurityCapability.d.ts.map +0 -1
- package/dist/capabilities/ultimateSecurityCapability.js +0 -96
- package/dist/capabilities/ultimateSecurityCapability.js.map +0 -1
- package/dist/core/designThoughtCheck.d.ts +0 -196
- package/dist/core/designThoughtCheck.d.ts.map +0 -1
- package/dist/core/designThoughtCheck.js +0 -287
- package/dist/core/designThoughtCheck.js.map +0 -1
- package/dist/core/designThoughtCheckEngine.d.ts +0 -58
- package/dist/core/designThoughtCheckEngine.d.ts.map +0 -1
- package/dist/core/designThoughtCheckEngine.js +0 -358
- package/dist/core/designThoughtCheckEngine.js.map +0 -1
- package/dist/core/designThoughtCheckIntegration.d.ts +0 -103
- package/dist/core/designThoughtCheckIntegration.d.ts.map +0 -1
- package/dist/core/designThoughtCheckIntegration.js +0 -207
- package/dist/core/designThoughtCheckIntegration.js.map +0 -1
- package/dist/core/intelligenceTools.d.ts +0 -19
- package/dist/core/intelligenceTools.d.ts.map +0 -1
- package/dist/core/intelligenceTools.js +0 -453
- package/dist/core/intelligenceTools.js.map +0 -1
- package/dist/core/operationalTools.d.ts +0 -19
- package/dist/core/operationalTools.d.ts.map +0 -1
- package/dist/core/operationalTools.js +0 -467
- package/dist/core/operationalTools.js.map +0 -1
- package/dist/offensive/core/offensive-engine.d.ts +0 -171
- package/dist/offensive/core/offensive-engine.d.ts.map +0 -1
- package/dist/offensive/core/offensive-engine.js +0 -345
- package/dist/offensive/core/offensive-engine.js.map +0 -1
- package/dist/offensive/core/offensive-integration.d.ts +0 -129
- package/dist/offensive/core/offensive-integration.d.ts.map +0 -1
- package/dist/offensive/core/offensive-integration.js +0 -364
- package/dist/offensive/core/offensive-integration.js.map +0 -1
- package/dist/offensive/core/offensive-tools.d.ts +0 -55
- package/dist/offensive/core/offensive-tools.d.ts.map +0 -1
- package/dist/offensive/core/offensive-tools.js +0 -438
- package/dist/offensive/core/offensive-tools.js.map +0 -1
- package/dist/offensive/offensive-cli.d.ts +0 -48
- package/dist/offensive/offensive-cli.d.ts.map +0 -1
- package/dist/offensive/offensive-cli.js +0 -233
- package/dist/offensive/offensive-cli.js.map +0 -1
- package/dist/security/apt-simulation-cli.d.ts +0 -57
- package/dist/security/apt-simulation-cli.d.ts.map +0 -1
- package/dist/security/apt-simulation-cli.js +0 -278
- package/dist/security/apt-simulation-cli.js.map +0 -1
- package/dist/security/apt-simulation-engine-complete.d.ts +0 -97
- package/dist/security/apt-simulation-engine-complete.d.ts.map +0 -1
- package/dist/security/apt-simulation-engine-complete.js +0 -441
- package/dist/security/apt-simulation-engine-complete.js.map +0 -1
- package/dist/security/apt-simulation-engine.d.ts +0 -97
- package/dist/security/apt-simulation-engine.d.ts.map +0 -1
- package/dist/security/apt-simulation-engine.js +0 -441
- package/dist/security/apt-simulation-engine.js.map +0 -1
- package/dist/security/authorization.d.ts +0 -45
- package/dist/security/authorization.d.ts.map +0 -1
- package/dist/security/authorization.js +0 -128
- package/dist/security/authorization.js.map +0 -1
- package/dist/security/comprehensive-security-research.d.ts +0 -84
- package/dist/security/comprehensive-security-research.d.ts.map +0 -1
- package/dist/security/comprehensive-security-research.js +0 -211
- package/dist/security/comprehensive-security-research.js.map +0 -1
- package/dist/security/offensive/exploitationEngine.d.ts +0 -54
- package/dist/security/offensive/exploitationEngine.d.ts.map +0 -1
- package/dist/security/offensive/exploitationEngine.js +0 -263
- package/dist/security/offensive/exploitationEngine.js.map +0 -1
- package/dist/security/real/networkExploitation.d.ts +0 -92
- package/dist/security/real/networkExploitation.d.ts.map +0 -1
- package/dist/security/real/networkExploitation.js +0 -316
- package/dist/security/real/networkExploitation.js.map +0 -1
- package/dist/security/real/persistenceImplementation.d.ts +0 -62
- package/dist/security/real/persistenceImplementation.d.ts.map +0 -1
- package/dist/security/real/persistenceImplementation.js +0 -323
- package/dist/security/real/persistenceImplementation.js.map +0 -1
- package/dist/security/real/vulnerabilityScanner.d.ts +0 -73
- package/dist/security/real/vulnerabilityScanner.d.ts.map +0 -1
- package/dist/security/real/vulnerabilityScanner.js +0 -341
- package/dist/security/real/vulnerabilityScanner.js.map +0 -1
- package/dist/shell/capturePastePatch.d.ts +0 -9
- package/dist/shell/capturePastePatch.d.ts.map +0 -1
- package/dist/shell/capturePastePatch.js +0 -98
- package/dist/shell/capturePastePatch.js.map +0 -1
- package/dist/shell/enhancedInteractiveShell.d.ts +0 -90
- package/dist/shell/enhancedInteractiveShell.d.ts.map +0 -1
- package/dist/shell/enhancedInteractiveShell.js +0 -248
- package/dist/shell/enhancedInteractiveShell.js.map +0 -1
- package/dist/shell/inputProcessor.d.ts +0 -56
- package/dist/shell/inputProcessor.d.ts.map +0 -1
- package/dist/shell/inputProcessor.js +0 -172
- package/dist/shell/inputProcessor.js.map +0 -1
- package/dist/shell/interactiveShell-patch.d.ts +0 -27
- package/dist/shell/interactiveShell-patch.d.ts.map +0 -1
- package/dist/shell/interactiveShell-patch.js +0 -38
- package/dist/shell/interactiveShell-patch.js.map +0 -1
- package/dist/shell/interactiveShell-robust.d.ts +0 -26
- package/dist/shell/interactiveShell-robust.d.ts.map +0 -1
- package/dist/shell/interactiveShell-robust.js +0 -34
- package/dist/shell/interactiveShell-robust.js.map +0 -1
- package/dist/shell/multiLinePasteManager.d.ts +0 -106
- package/dist/shell/multiLinePasteManager.d.ts.map +0 -1
- package/dist/shell/multiLinePasteManager.js +0 -308
- package/dist/shell/multiLinePasteManager.js.map +0 -1
- package/dist/shell/processInputBlockPatch.d.ts +0 -8
- package/dist/shell/processInputBlockPatch.d.ts.map +0 -1
- package/dist/shell/processInputBlockPatch.js +0 -133
- package/dist/shell/processInputBlockPatch.js.map +0 -1
- package/dist/shell/unifiedInputProcessor.d.ts +0 -23
- package/dist/shell/unifiedInputProcessor.d.ts.map +0 -1
- package/dist/shell/unifiedInputProcessor.js +0 -92
- package/dist/shell/unifiedInputProcessor.js.map +0 -1
- package/dist/tools/enhancedSecurityTools.d.ts +0 -19
- package/dist/tools/enhancedSecurityTools.d.ts.map +0 -1
- package/dist/tools/enhancedSecurityTools.js +0 -215
- package/dist/tools/enhancedSecurityTools.js.map +0 -1
- package/dist/tools/offensiveSecurityTools.d.ts +0 -16
- package/dist/tools/offensiveSecurityTools.d.ts.map +0 -1
- package/dist/tools/offensiveSecurityTools.js +0 -285
- package/dist/tools/offensiveSecurityTools.js.map +0 -1
- package/dist/tools/realSecurityTools.d.ts +0 -18
- package/dist/tools/realSecurityTools.d.ts.map +0 -1
- package/dist/tools/realSecurityTools.js +0 -468
- package/dist/tools/realSecurityTools.js.map +0 -1
- package/dist/tools/securityTools.d.ts +0 -20
- package/dist/tools/securityTools.d.ts.map +0 -1
- package/dist/tools/securityTools.js +0 -449
- package/dist/tools/securityTools.js.map +0 -1
|
@@ -1,441 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* APT Simulation Engine
|
|
3
|
-
*
|
|
4
|
-
* Comprehensive framework for simulating Advanced Persistent Threat campaigns
|
|
5
|
-
* from initial access through persistence and data exfiltration.
|
|
6
|
-
*
|
|
7
|
-
* Based on MITRE ATT&CK framework and real-world APT tactics.
|
|
8
|
-
*/
|
|
9
|
-
/**
|
|
10
|
-
* APT Simulation Engine Class
|
|
11
|
-
*/
|
|
12
|
-
export class APTSimulationEngine {
|
|
13
|
-
attackPhases;
|
|
14
|
-
techniques;
|
|
15
|
-
constructor() {
|
|
16
|
-
this.attackPhases = this.initializeAttackPhases();
|
|
17
|
-
this.techniques = this.initializeTechniques();
|
|
18
|
-
}
|
|
19
|
-
/**
|
|
20
|
-
* Initialize APT attack phases based on MITRE ATT&CK
|
|
21
|
-
*/
|
|
22
|
-
initializeAttackPhases() {
|
|
23
|
-
return [
|
|
24
|
-
{
|
|
25
|
-
id: 'reconnaissance',
|
|
26
|
-
name: 'Reconnaissance',
|
|
27
|
-
mitreId: 'TA0043',
|
|
28
|
-
description: 'Gathering information about the target environment',
|
|
29
|
-
techniques: [],
|
|
30
|
-
objectives: [
|
|
31
|
-
'Identify target systems and services',
|
|
32
|
-
'Gather network topology information',
|
|
33
|
-
'Collect user and system information'
|
|
34
|
-
],
|
|
35
|
-
successCriteria: [
|
|
36
|
-
'Target information successfully gathered',
|
|
37
|
-
'Network mapping completed',
|
|
38
|
-
'Vulnerability assessment performed'
|
|
39
|
-
]
|
|
40
|
-
},
|
|
41
|
-
{
|
|
42
|
-
id: 'initial-access',
|
|
43
|
-
name: 'Initial Access',
|
|
44
|
-
mitreId: 'TA0001',
|
|
45
|
-
description: 'Gaining initial foothold in the target environment',
|
|
46
|
-
techniques: [],
|
|
47
|
-
objectives: [
|
|
48
|
-
'Establish initial access to target systems',
|
|
49
|
-
'Bypass perimeter defenses',
|
|
50
|
-
'Execute initial payload'
|
|
51
|
-
],
|
|
52
|
-
successCriteria: [
|
|
53
|
-
'Initial access established',
|
|
54
|
-
'Payload successfully executed',
|
|
55
|
-
'Command and control established'
|
|
56
|
-
]
|
|
57
|
-
},
|
|
58
|
-
{
|
|
59
|
-
id: 'execution',
|
|
60
|
-
name: 'Execution',
|
|
61
|
-
mitreId: 'TA0002',
|
|
62
|
-
description: 'Running malicious code on target systems',
|
|
63
|
-
techniques: [],
|
|
64
|
-
objectives: [
|
|
65
|
-
'Execute malicious code',
|
|
66
|
-
'Establish persistence mechanisms',
|
|
67
|
-
'Escalate privileges'
|
|
68
|
-
],
|
|
69
|
-
successCriteria: [
|
|
70
|
-
'Code execution achieved',
|
|
71
|
-
'Persistence established',
|
|
72
|
-
'Privilege escalation successful'
|
|
73
|
-
]
|
|
74
|
-
},
|
|
75
|
-
{
|
|
76
|
-
id: 'persistence',
|
|
77
|
-
name: 'Persistence',
|
|
78
|
-
mitreId: 'TA0003',
|
|
79
|
-
description: 'Maintaining access across system restarts and disruptions',
|
|
80
|
-
techniques: [],
|
|
81
|
-
objectives: [
|
|
82
|
-
'Establish multiple persistence mechanisms',
|
|
83
|
-
'Survive system reboots and updates',
|
|
84
|
-
'Maintain long-term access'
|
|
85
|
-
],
|
|
86
|
-
successCriteria: [
|
|
87
|
-
'Multiple persistence methods established',
|
|
88
|
-
'Access maintained after system events',
|
|
89
|
-
'Stealth maintained'
|
|
90
|
-
]
|
|
91
|
-
},
|
|
92
|
-
{
|
|
93
|
-
id: 'privilege-escalation',
|
|
94
|
-
name: 'Privilege Escalation',
|
|
95
|
-
mitreId: 'TA0004',
|
|
96
|
-
description: 'Gaining higher-level permissions on target systems',
|
|
97
|
-
techniques: [],
|
|
98
|
-
objectives: [
|
|
99
|
-
'Escalate to administrative privileges',
|
|
100
|
-
'Bypass user account controls',
|
|
101
|
-
'Access protected resources'
|
|
102
|
-
],
|
|
103
|
-
successCriteria: [
|
|
104
|
-
'Administrative access achieved',
|
|
105
|
-
'Protected resources accessed',
|
|
106
|
-
'Privilege escalation undetected'
|
|
107
|
-
]
|
|
108
|
-
},
|
|
109
|
-
{
|
|
110
|
-
id: 'defense-evasion',
|
|
111
|
-
name: 'Defense Evasion',
|
|
112
|
-
mitreId: 'TA0005',
|
|
113
|
-
description: 'Avoiding detection by security controls',
|
|
114
|
-
techniques: [],
|
|
115
|
-
objectives: [
|
|
116
|
-
'Bypass antivirus and EDR solutions',
|
|
117
|
-
'Evade network monitoring',
|
|
118
|
-
'Hide malicious activity'
|
|
119
|
-
],
|
|
120
|
-
successCriteria: [
|
|
121
|
-
'Security controls bypassed',
|
|
122
|
-
'Activities remain undetected',
|
|
123
|
-
'Forensic evidence minimized'
|
|
124
|
-
]
|
|
125
|
-
},
|
|
126
|
-
{
|
|
127
|
-
id: 'credential-access',
|
|
128
|
-
name: 'Credential Access',
|
|
129
|
-
mitreId: 'TA0006',
|
|
130
|
-
description: 'Stealing credentials like account names and passwords',
|
|
131
|
-
techniques: [],
|
|
132
|
-
objectives: [
|
|
133
|
-
'Extract user credentials',
|
|
134
|
-
'Access password stores',
|
|
135
|
-
'Capture authentication tokens'
|
|
136
|
-
],
|
|
137
|
-
successCriteria: [
|
|
138
|
-
'Credentials successfully extracted',
|
|
139
|
-
'Authentication mechanisms compromised',
|
|
140
|
-
'Access to additional systems gained'
|
|
141
|
-
]
|
|
142
|
-
},
|
|
143
|
-
{
|
|
144
|
-
id: 'discovery',
|
|
145
|
-
name: 'Discovery',
|
|
146
|
-
mitreId: 'TA0007',
|
|
147
|
-
description: 'Learning about the target environment',
|
|
148
|
-
techniques: [],
|
|
149
|
-
objectives: [
|
|
150
|
-
'Map network topology',
|
|
151
|
-
'Identify valuable assets',
|
|
152
|
-
'Discover security controls'
|
|
153
|
-
],
|
|
154
|
-
successCriteria: [
|
|
155
|
-
'Environment fully mapped',
|
|
156
|
-
'Critical assets identified',
|
|
157
|
-
'Security controls documented'
|
|
158
|
-
]
|
|
159
|
-
},
|
|
160
|
-
{
|
|
161
|
-
id: 'lateral-movement',
|
|
162
|
-
name: 'Lateral Movement',
|
|
163
|
-
mitreId: 'TA0008',
|
|
164
|
-
description: 'Moving through the target environment',
|
|
165
|
-
techniques: [],
|
|
166
|
-
objectives: [
|
|
167
|
-
'Move between systems',
|
|
168
|
-
'Access additional network segments',
|
|
169
|
-
'Establish foothold on critical systems'
|
|
170
|
-
],
|
|
171
|
-
successCriteria: [
|
|
172
|
-
'Multiple systems compromised',
|
|
173
|
-
'Network segments traversed',
|
|
174
|
-
'Critical systems accessed'
|
|
175
|
-
]
|
|
176
|
-
},
|
|
177
|
-
{
|
|
178
|
-
id: 'collection',
|
|
179
|
-
name: 'Collection',
|
|
180
|
-
mitreId: 'TA0009',
|
|
181
|
-
description: 'Gathering target data of interest',
|
|
182
|
-
techniques: [],
|
|
183
|
-
objectives: [
|
|
184
|
-
'Identify valuable data',
|
|
185
|
-
'Stage data for exfiltration',
|
|
186
|
-
'Compress and encrypt collected data'
|
|
187
|
-
],
|
|
188
|
-
successCriteria: [
|
|
189
|
-
'Target data identified and collected',
|
|
190
|
-
'Data prepared for exfiltration',
|
|
191
|
-
'Collection activities undetected'
|
|
192
|
-
]
|
|
193
|
-
},
|
|
194
|
-
{
|
|
195
|
-
id: 'exfiltration',
|
|
196
|
-
name: 'Exfiltration',
|
|
197
|
-
mitreId: 'TA0010',
|
|
198
|
-
description: 'Stealing and removing data from the target environment',
|
|
199
|
-
techniques: [],
|
|
200
|
-
objectives: [
|
|
201
|
-
'Transfer data to external systems',
|
|
202
|
-
'Evade data loss prevention',
|
|
203
|
-
'Cover exfiltration tracks'
|
|
204
|
-
],
|
|
205
|
-
successCriteria: [
|
|
206
|
-
'Data successfully exfiltrated',
|
|
207
|
-
'Exfiltration undetected',
|
|
208
|
-
'Evidence of theft minimized'
|
|
209
|
-
]
|
|
210
|
-
},
|
|
211
|
-
{
|
|
212
|
-
id: 'command-and-control',
|
|
213
|
-
name: 'Command and Control',
|
|
214
|
-
mitreId: 'TA0011',
|
|
215
|
-
description: 'Communicating with compromised systems',
|
|
216
|
-
techniques: [],
|
|
217
|
-
objectives: [
|
|
218
|
-
'Establish communication channels',
|
|
219
|
-
'Maintain remote access',
|
|
220
|
-
'Evade network monitoring'
|
|
221
|
-
],
|
|
222
|
-
successCriteria: [
|
|
223
|
-
'Reliable C2 channels established',
|
|
224
|
-
'Communication encrypted and hidden',
|
|
225
|
-
'C2 infrastructure resilient'
|
|
226
|
-
]
|
|
227
|
-
}
|
|
228
|
-
];
|
|
229
|
-
}
|
|
230
|
-
/**
|
|
231
|
-
* Initialize APT techniques based on MITRE ATT&CK
|
|
232
|
-
*/
|
|
233
|
-
initializeTechniques() {
|
|
234
|
-
return [
|
|
235
|
-
// Initial Access Techniques
|
|
236
|
-
{
|
|
237
|
-
id: 'spearphishing-attachment',
|
|
238
|
-
name: 'Spearphishing Attachment',
|
|
239
|
-
mitreId: 'T1566.001',
|
|
240
|
-
phase: 'initial-access',
|
|
241
|
-
description: 'Send spearphishing emails with malicious attachments',
|
|
242
|
-
implementation: [
|
|
243
|
-
'Craft convincing email with malicious attachment',
|
|
244
|
-
'Use social engineering to encourage opening',
|
|
245
|
-
'Execute payload when attachment is opened'
|
|
246
|
-
],
|
|
247
|
-
detectionMethods: [
|
|
248
|
-
'Email security gateways',
|
|
249
|
-
'Endpoint detection and response',
|
|
250
|
-
'User behavior analytics'
|
|
251
|
-
],
|
|
252
|
-
countermeasures: [
|
|
253
|
-
'User security awareness training',
|
|
254
|
-
'Email filtering and sandboxing',
|
|
255
|
-
'Application whitelisting'
|
|
256
|
-
],
|
|
257
|
-
riskLevel: 'high'
|
|
258
|
-
},
|
|
259
|
-
{
|
|
260
|
-
id: 'exploit-public-facing-app',
|
|
261
|
-
name: 'Exploit Public-Facing Application',
|
|
262
|
-
mitreId: 'T1190',
|
|
263
|
-
phase: 'initial-access',
|
|
264
|
-
description: 'Exploit vulnerabilities in internet-facing systems',
|
|
265
|
-
implementation: [
|
|
266
|
-
'Scan for vulnerable services',
|
|
267
|
-
'Exploit known vulnerabilities',
|
|
268
|
-
'Establish initial foothold'
|
|
269
|
-
],
|
|
270
|
-
detectionMethods: [
|
|
271
|
-
'Web application firewalls',
|
|
272
|
-
'Intrusion detection systems',
|
|
273
|
-
'Vulnerability scanning'
|
|
274
|
-
],
|
|
275
|
-
countermeasures: [
|
|
276
|
-
'Regular patching and updates',
|
|
277
|
-
'Web application security testing',
|
|
278
|
-
'Network segmentation'
|
|
279
|
-
],
|
|
280
|
-
riskLevel: 'critical'
|
|
281
|
-
},
|
|
282
|
-
// Persistence Techniques
|
|
283
|
-
{
|
|
284
|
-
id: 'scheduled-task',
|
|
285
|
-
name: 'Scheduled Task',
|
|
286
|
-
mitreId: 'T1053.005',
|
|
287
|
-
phase: 'persistence',
|
|
288
|
-
description: 'Create scheduled tasks for persistence',
|
|
289
|
-
implementation: [
|
|
290
|
-
'Create scheduled task via schtasks or Task Scheduler',
|
|
291
|
-
'Configure task to run with SYSTEM privileges',
|
|
292
|
-
'Set trigger conditions for execution'
|
|
293
|
-
],
|
|
294
|
-
detectionMethods: [
|
|
295
|
-
'Monitor Task Scheduler events',
|
|
296
|
-
'Review scheduled task configurations',
|
|
297
|
-
'Check for unusual task actions'
|
|
298
|
-
],
|
|
299
|
-
countermeasures: [
|
|
300
|
-
'Monitor scheduled task creation',
|
|
301
|
-
'Implement application control',
|
|
302
|
-
'Regular system auditing'
|
|
303
|
-
],
|
|
304
|
-
riskLevel: 'high'
|
|
305
|
-
},
|
|
306
|
-
{
|
|
307
|
-
id: 'registry-run-keys',
|
|
308
|
-
name: 'Registry Run Keys',
|
|
309
|
-
mitreId: 'T1547.001',
|
|
310
|
-
phase: 'persistence',
|
|
311
|
-
description: 'Add entries to registry run keys for persistence',
|
|
312
|
-
implementation: [
|
|
313
|
-
'Modify HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Run',
|
|
314
|
-
'Modify HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Run',
|
|
315
|
-
'Use registry keys to launch malicious executables'
|
|
316
|
-
],
|
|
317
|
-
detectionMethods: [
|
|
318
|
-
'Monitor registry modifications',
|
|
319
|
-
'Review run key entries',
|
|
320
|
-
'Check for suspicious executable paths'
|
|
321
|
-
],
|
|
322
|
-
countermeasures: [
|
|
323
|
-
'Registry monitoring and auditing',
|
|
324
|
-
'Application control policies',
|
|
325
|
-
'Regular system reviews'
|
|
326
|
-
],
|
|
327
|
-
riskLevel: 'high'
|
|
328
|
-
},
|
|
329
|
-
// Lateral Movement Techniques
|
|
330
|
-
{
|
|
331
|
-
id: 'windows-admin-shares',
|
|
332
|
-
name: 'Windows Admin Shares',
|
|
333
|
-
mitreId: 'T1021.002',
|
|
334
|
-
phase: 'lateral-movement',
|
|
335
|
-
description: 'Use Windows administrative shares for lateral movement',
|
|
336
|
-
implementation: [
|
|
337
|
-
'Access administrative shares (C$, ADMIN$)',
|
|
338
|
-
'Copy tools and payloads to remote systems',
|
|
339
|
-
'Execute commands remotely'
|
|
340
|
-
],
|
|
341
|
-
detectionMethods: [
|
|
342
|
-
'Monitor SMB connections',
|
|
343
|
-
'Review share access logs',
|
|
344
|
-
'Detect unusual file transfers'
|
|
345
|
-
],
|
|
346
|
-
countermeasures: [
|
|
347
|
-
'Restrict administrative share access',
|
|
348
|
-
'Network segmentation',
|
|
349
|
-
'Monitor SMB traffic'
|
|
350
|
-
],
|
|
351
|
-
riskLevel: 'medium'
|
|
352
|
-
},
|
|
353
|
-
// Exfiltration Techniques
|
|
354
|
-
{
|
|
355
|
-
id: 'exfiltration-over-c2-channel',
|
|
356
|
-
name: 'Exfiltration Over C2 Channel',
|
|
357
|
-
mitreId: 'T1041',
|
|
358
|
-
phase: 'exfiltration',
|
|
359
|
-
description: 'Exfiltrate data through existing command and control channels',
|
|
360
|
-
implementation: [
|
|
361
|
-
'Encrypt and compress target data',
|
|
362
|
-
'Transfer data through C2 channels',
|
|
363
|
-
'Use stealthy transfer methods'
|
|
364
|
-
],
|
|
365
|
-
detectionMethods: [
|
|
366
|
-
'Network traffic analysis',
|
|
367
|
-
'Data loss prevention systems',
|
|
368
|
-
'Anomaly detection'
|
|
369
|
-
],
|
|
370
|
-
countermeasures: [
|
|
371
|
-
'Network monitoring and filtering',
|
|
372
|
-
'Data classification and protection',
|
|
373
|
-
'Outbound traffic inspection'
|
|
374
|
-
],
|
|
375
|
-
riskLevel: 'high'
|
|
376
|
-
}
|
|
377
|
-
];
|
|
378
|
-
}
|
|
379
|
-
/**
|
|
380
|
-
* Get techniques by attack phase
|
|
381
|
-
*/
|
|
382
|
-
getTechniquesByPhase(phaseId) {
|
|
383
|
-
return this.techniques.filter(tech => tech.phase === phaseId);
|
|
384
|
-
}
|
|
385
|
-
/**
|
|
386
|
-
* Get all attack phases
|
|
387
|
-
*/
|
|
388
|
-
getAttackPhases() {
|
|
389
|
-
return this.attackPhases.map(phase => ({
|
|
390
|
-
...phase,
|
|
391
|
-
techniques: this.getTechniquesByPhase(phase.id)
|
|
392
|
-
}));
|
|
393
|
-
}
|
|
394
|
-
/**
|
|
395
|
-
* Generate APT simulation scenario
|
|
396
|
-
*/
|
|
397
|
-
generateScenario(config) {
|
|
398
|
-
const selectedTechniques = [];
|
|
399
|
-
// Filter techniques based on configuration
|
|
400
|
-
this.techniques.forEach(technique => {
|
|
401
|
-
if (this.shouldIncludeTechnique(technique, config)) {
|
|
402
|
-
selectedTechniques.push(technique);
|
|
403
|
-
}
|
|
404
|
-
});
|
|
405
|
-
return selectedTechniques;
|
|
406
|
-
}
|
|
407
|
-
/**
|
|
408
|
-
* Determine if technique should be included in simulation
|
|
409
|
-
*/
|
|
410
|
-
shouldIncludeTechnique(technique, config) {
|
|
411
|
-
// Filter by scope
|
|
412
|
-
if (config.simulationScope !== 'full' && technique.phase !== config.simulationScope) {
|
|
413
|
-
return false;
|
|
414
|
-
}
|
|
415
|
-
// Filter by platform
|
|
416
|
-
if (config.targetPlatform === 'windows' && technique.id.includes('linux')) {
|
|
417
|
-
return false;
|
|
418
|
-
}
|
|
419
|
-
if (config.targetPlatform === 'linux' && technique.id.includes('windows')) {
|
|
420
|
-
return false;
|
|
421
|
-
}
|
|
422
|
-
// Filter by complexity
|
|
423
|
-
if (config.complexity === 'basic' && technique.riskLevel === 'critical') {
|
|
424
|
-
return false;
|
|
425
|
-
}
|
|
426
|
-
return true;
|
|
427
|
-
}
|
|
428
|
-
/**
|
|
429
|
-
* Simulate APT attack campaign
|
|
430
|
-
*/
|
|
431
|
-
async simulateAttack(config) {
|
|
432
|
-
const simulationId = this.generateSimulationId();
|
|
433
|
-
const selectedTechniques = this.generateScenario(config);
|
|
434
|
-
const detectionEvents = [];
|
|
435
|
-
const evidence = [];
|
|
436
|
-
console.log(`Starting APT Simulation: ${simulationId}`);
|
|
437
|
-
console.log(`Target Platform: ${config.targetPlatform}`);
|
|
438
|
-
console.log(`Simulation Scope);
|
|
439
|
-
}
|
|
440
|
-
}
|
|
441
|
-
//# sourceMappingURL=apt-simulation-engine.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"apt-simulation-engine.js","sourceRoot":"","sources":["../../src/security/apt-simulation-engine.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AA4DH;;GAEG;AACH,MAAM,OAAO,mBAAmB;IACtB,YAAY,CAAmB;IAC/B,UAAU,CAAiB;IAEnC;QACE,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC,sBAAsB,EAAE,CAAC;QAClD,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,oBAAoB,EAAE,CAAC;IAChD,CAAC;IAED;;OAEG;IACK,sBAAsB;QAC5B,OAAO;YACL;gBACE,EAAE,EAAE,gBAAgB;gBACpB,IAAI,EAAE,gBAAgB;gBACtB,OAAO,EAAE,QAAQ;gBACjB,WAAW,EAAE,oDAAoD;gBACjE,UAAU,EAAE,EAAE;gBACd,UAAU,EAAE;oBACV,sCAAsC;oBACtC,qCAAqC;oBACrC,qCAAqC;iBACtC;gBACD,eAAe,EAAE;oBACf,0CAA0C;oBAC1C,2BAA2B;oBAC3B,oCAAoC;iBACrC;aACF;YACD;gBACE,EAAE,EAAE,gBAAgB;gBACpB,IAAI,EAAE,gBAAgB;gBACtB,OAAO,EAAE,QAAQ;gBACjB,WAAW,EAAE,oDAAoD;gBACjE,UAAU,EAAE,EAAE;gBACd,UAAU,EAAE;oBACV,4CAA4C;oBAC5C,2BAA2B;oBAC3B,yBAAyB;iBAC1B;gBACD,eAAe,EAAE;oBACf,4BAA4B;oBAC5B,+BAA+B;oBAC/B,iCAAiC;iBAClC;aACF;YACD;gBACE,EAAE,EAAE,WAAW;gBACf,IAAI,EAAE,WAAW;gBACjB,OAAO,EAAE,QAAQ;gBACjB,WAAW,EAAE,0CAA0C;gBACvD,UAAU,EAAE,EAAE;gBACd,UAAU,EAAE;oBACV,wBAAwB;oBACxB,kCAAkC;oBAClC,qBAAqB;iBACtB;gBACD,eAAe,EAAE;oBACf,yBAAyB;oBACzB,yBAAyB;oBACzB,iCAAiC;iBAClC;aACF;YACD;gBACE,EAAE,EAAE,aAAa;gBACjB,IAAI,EAAE,aAAa;gBACnB,OAAO,EAAE,QAAQ;gBACjB,WAAW,EAAE,2DAA2D;gBACxE,UAAU,EAAE,EAAE;gBACd,UAAU,EAAE;oBACV,2CAA2C;oBAC3C,oCAAoC;oBACpC,2BAA2B;iBAC5B;gBACD,eAAe,EAAE;oBACf,0CAA0C;oBAC1C,uCAAuC;oBACvC,oBAAoB;iBACrB;aACF;YACD;gBACE,EAAE,EAAE,sBAAsB;gBAC1B,IAAI,EAAE,sBAAsB;gBAC5B,OAAO,EAAE,QAAQ;gBACjB,WAAW,EAAE,oDAAoD;gBACjE,UAAU,EAAE,EAAE;gBACd,UAAU,EAAE;oBACV,uCAAuC;oBACvC,8BAA8B;oBAC9B,4BAA4B;iBAC7B;gBACD,eAAe,EAAE;oBACf,gCAAgC;oBAChC,8BAA8B;oBAC9B,iCAAiC;iBAClC;aACF;YACD;gBACE,EAAE,EAAE,iBAAiB;gBACrB,IAAI,EAAE,iBAAiB;gBACvB,OAAO,EAAE,QAAQ;gBACjB,WAAW,EAAE,yCAAyC;gBACtD,UAAU,EAAE,EAAE;gBACd,UAAU,EAAE;oBACV,oCAAoC;oBACpC,0BAA0B;oBAC1B,yBAAyB;iBAC1B;gBACD,eAAe,EAAE;oBACf,4BAA4B;oBAC5B,8BAA8B;oBAC9B,6BAA6B;iBAC9B;aACF;YACD;gBACE,EAAE,EAAE,mBAAmB;gBACvB,IAAI,EAAE,mBAAmB;gBACzB,OAAO,EAAE,QAAQ;gBACjB,WAAW,EAAE,uDAAuD;gBACpE,UAAU,EAAE,EAAE;gBACd,UAAU,EAAE;oBACV,0BAA0B;oBAC1B,wBAAwB;oBACxB,+BAA+B;iBAChC;gBACD,eAAe,EAAE;oBACf,oCAAoC;oBACpC,uCAAuC;oBACvC,qCAAqC;iBACtC;aACF;YACD;gBACE,EAAE,EAAE,WAAW;gBACf,IAAI,EAAE,WAAW;gBACjB,OAAO,EAAE,QAAQ;gBACjB,WAAW,EAAE,uCAAuC;gBACpD,UAAU,EAAE,EAAE;gBACd,UAAU,EAAE;oBACV,sBAAsB;oBACtB,0BAA0B;oBAC1B,4BAA4B;iBAC7B;gBACD,eAAe,EAAE;oBACf,0BAA0B;oBAC1B,4BAA4B;oBAC5B,8BAA8B;iBAC/B;aACF;YACD;gBACE,EAAE,EAAE,kBAAkB;gBACtB,IAAI,EAAE,kBAAkB;gBACxB,OAAO,EAAE,QAAQ;gBACjB,WAAW,EAAE,uCAAuC;gBACpD,UAAU,EAAE,EAAE;gBACd,UAAU,EAAE;oBACV,sBAAsB;oBACtB,oCAAoC;oBACpC,wCAAwC;iBACzC;gBACD,eAAe,EAAE;oBACf,8BAA8B;oBAC9B,4BAA4B;oBAC5B,2BAA2B;iBAC5B;aACF;YACD;gBACE,EAAE,EAAE,YAAY;gBAChB,IAAI,EAAE,YAAY;gBAClB,OAAO,EAAE,QAAQ;gBACjB,WAAW,EAAE,mCAAmC;gBAChD,UAAU,EAAE,EAAE;gBACd,UAAU,EAAE;oBACV,wBAAwB;oBACxB,6BAA6B;oBAC7B,qCAAqC;iBACtC;gBACD,eAAe,EAAE;oBACf,sCAAsC;oBACtC,gCAAgC;oBAChC,kCAAkC;iBACnC;aACF;YACD;gBACE,EAAE,EAAE,cAAc;gBAClB,IAAI,EAAE,cAAc;gBACpB,OAAO,EAAE,QAAQ;gBACjB,WAAW,EAAE,wDAAwD;gBACrE,UAAU,EAAE,EAAE;gBACd,UAAU,EAAE;oBACV,mCAAmC;oBACnC,4BAA4B;oBAC5B,2BAA2B;iBAC5B;gBACD,eAAe,EAAE;oBACf,+BAA+B;oBAC/B,yBAAyB;oBACzB,6BAA6B;iBAC9B;aACF;YACD;gBACE,EAAE,EAAE,qBAAqB;gBACzB,IAAI,EAAE,qBAAqB;gBAC3B,OAAO,EAAE,QAAQ;gBACjB,WAAW,EAAE,wCAAwC;gBACrD,UAAU,EAAE,EAAE;gBACd,UAAU,EAAE;oBACV,kCAAkC;oBAClC,wBAAwB;oBACxB,0BAA0B;iBAC3B;gBACD,eAAe,EAAE;oBACf,kCAAkC;oBAClC,oCAAoC;oBACpC,6BAA6B;iBAC9B;aACF;SACF,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,oBAAoB;QAC1B,OAAO;YACL,4BAA4B;YAC5B;gBACE,EAAE,EAAE,0BAA0B;gBAC9B,IAAI,EAAE,0BAA0B;gBAChC,OAAO,EAAE,WAAW;gBACpB,KAAK,EAAE,gBAAgB;gBACvB,WAAW,EAAE,sDAAsD;gBACnE,cAAc,EAAE;oBACd,kDAAkD;oBAClD,6CAA6C;oBAC7C,2CAA2C;iBAC5C;gBACD,gBAAgB,EAAE;oBAChB,yBAAyB;oBACzB,iCAAiC;oBACjC,yBAAyB;iBAC1B;gBACD,eAAe,EAAE;oBACf,kCAAkC;oBAClC,gCAAgC;oBAChC,0BAA0B;iBAC3B;gBACD,SAAS,EAAE,MAAM;aAClB;YACD;gBACE,EAAE,EAAE,2BAA2B;gBAC/B,IAAI,EAAE,mCAAmC;gBACzC,OAAO,EAAE,OAAO;gBAChB,KAAK,EAAE,gBAAgB;gBACvB,WAAW,EAAE,oDAAoD;gBACjE,cAAc,EAAE;oBACd,8BAA8B;oBAC9B,+BAA+B;oBAC/B,4BAA4B;iBAC7B;gBACD,gBAAgB,EAAE;oBAChB,2BAA2B;oBAC3B,6BAA6B;oBAC7B,wBAAwB;iBACzB;gBACD,eAAe,EAAE;oBACf,8BAA8B;oBAC9B,kCAAkC;oBAClC,sBAAsB;iBACvB;gBACD,SAAS,EAAE,UAAU;aACtB;YAED,yBAAyB;YACzB;gBACE,EAAE,EAAE,gBAAgB;gBACpB,IAAI,EAAE,gBAAgB;gBACtB,OAAO,EAAE,WAAW;gBACpB,KAAK,EAAE,aAAa;gBACpB,WAAW,EAAE,wCAAwC;gBACrD,cAAc,EAAE;oBACd,sDAAsD;oBACtD,8CAA8C;oBAC9C,sCAAsC;iBACvC;gBACD,gBAAgB,EAAE;oBAChB,+BAA+B;oBAC/B,sCAAsC;oBACtC,gCAAgC;iBACjC;gBACD,eAAe,EAAE;oBACf,iCAAiC;oBACjC,+BAA+B;oBAC/B,yBAAyB;iBAC1B;gBACD,SAAS,EAAE,MAAM;aAClB;YACD;gBACE,EAAE,EAAE,mBAAmB;gBACvB,IAAI,EAAE,mBAAmB;gBACzB,OAAO,EAAE,WAAW;gBACpB,KAAK,EAAE,aAAa;gBACpB,WAAW,EAAE,kDAAkD;gBAC/D,cAAc,EAAE;oBACd,6EAA6E;oBAC7E,8EAA8E;oBAC9E,mDAAmD;iBACpD;gBACD,gBAAgB,EAAE;oBAChB,gCAAgC;oBAChC,wBAAwB;oBACxB,uCAAuC;iBACxC;gBACD,eAAe,EAAE;oBACf,kCAAkC;oBAClC,8BAA8B;oBAC9B,wBAAwB;iBACzB;gBACD,SAAS,EAAE,MAAM;aAClB;YAED,8BAA8B;YAC9B;gBACE,EAAE,EAAE,sBAAsB;gBAC1B,IAAI,EAAE,sBAAsB;gBAC5B,OAAO,EAAE,WAAW;gBACpB,KAAK,EAAE,kBAAkB;gBACzB,WAAW,EAAE,wDAAwD;gBACrE,cAAc,EAAE;oBACd,2CAA2C;oBAC3C,2CAA2C;oBAC3C,2BAA2B;iBAC5B;gBACD,gBAAgB,EAAE;oBAChB,yBAAyB;oBACzB,0BAA0B;oBAC1B,+BAA+B;iBAChC;gBACD,eAAe,EAAE;oBACf,sCAAsC;oBACtC,sBAAsB;oBACtB,qBAAqB;iBACtB;gBACD,SAAS,EAAE,QAAQ;aACpB;YAED,0BAA0B;YAC1B;gBACE,EAAE,EAAE,8BAA8B;gBAClC,IAAI,EAAE,8BAA8B;gBACpC,OAAO,EAAE,OAAO;gBAChB,KAAK,EAAE,cAAc;gBACrB,WAAW,EAAE,+DAA+D;gBAC5E,cAAc,EAAE;oBACd,kCAAkC;oBAClC,mCAAmC;oBACnC,+BAA+B;iBAChC;gBACD,gBAAgB,EAAE;oBAChB,0BAA0B;oBAC1B,8BAA8B;oBAC9B,mBAAmB;iBACpB;gBACD,eAAe,EAAE;oBACf,kCAAkC;oBAClC,oCAAoC;oBACpC,6BAA6B;iBAC9B;gBACD,SAAS,EAAE,MAAM;aAClB;SACF,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,oBAAoB,CAAC,OAAe;QAClC,OAAO,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,KAAK,OAAO,CAAC,CAAC;IAChE,CAAC;IAED;;OAEG;IACH,eAAe;QACb,OAAO,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;YACrC,GAAG,KAAK;YACR,UAAU,EAAE,IAAI,CAAC,oBAAoB,CAAC,KAAK,CAAC,EAAE,CAAC;SAChD,CAAC,CAAC,CAAC;IACN,CAAC;IAED;;OAEG;IACH,gBAAgB,CAAC,MAA2B;QAC1C,MAAM,kBAAkB,GAAmB,EAAE,CAAC;QAE9C,2CAA2C;QAC3C,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE;YAClC,IAAI,IAAI,CAAC,sBAAsB,CAAC,SAAS,EAAE,MAAM,CAAC,EAAE,CAAC;gBACnD,kBAAkB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YACrC,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,OAAO,kBAAkB,CAAC;IAC5B,CAAC;IAED;;OAEG;IACK,sBAAsB,CAAC,SAAuB,EAAE,MAA2B;QACjF,kBAAkB;QAClB,IAAI,MAAM,CAAC,eAAe,KAAK,MAAM,IAAI,SAAS,CAAC,KAAK,KAAK,MAAM,CAAC,eAAe,EAAE,CAAC;YACpF,OAAO,KAAK,CAAC;QACf,CAAC;QAED,qBAAqB;QACrB,IAAI,MAAM,CAAC,cAAc,KAAK,SAAS,IAAI,SAAS,CAAC,EAAE,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;YAC1E,OAAO,KAAK,CAAC;QACf,CAAC;QACD,IAAI,MAAM,CAAC,cAAc,KAAK,OAAO,IAAI,SAAS,CAAC,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;YAC1E,OAAO,KAAK,CAAC;QACf,CAAC;QAED,uBAAuB;QACvB,IAAI,MAAM,CAAC,UAAU,KAAK,OAAO,IAAI,SAAS,CAAC,SAAS,KAAK,UAAU,EAAE,CAAC;YACxE,OAAO,KAAK,CAAC;QACf,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,cAAc,CAAC,MAA2B;QAC9C,MAAM,YAAY,GAAG,IAAI,CAAC,oBAAoB,EAAE,CAAC;QACjD,MAAM,kBAAkB,GAAG,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;QACzD,MAAM,eAAe,GAAqB,EAAE,CAAC;QAC7C,MAAM,QAAQ,GAAyB,EAAE,CAAC;QAE1C,OAAO,CAAC,GAAG,CAAC,4BAA4B,YAAY,EAAE,CAAC,CAAC;QACxD,OAAO,CAAC,GAAG,CAAC,oBAAoB,MAAM,CAAC,cAAc,EAAE,CAAC,CAAC;QACzD,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAA,CAAA;IAAA,CAAC,AAAD;CAAA"}
|
|
@@ -1,45 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* Authorization Framework for Security Testing
|
|
3
|
-
*
|
|
4
|
-
* Provides authorization validation and scope management for security tools.
|
|
5
|
-
*/
|
|
6
|
-
export interface AuthorizationScope {
|
|
7
|
-
targets: string[];
|
|
8
|
-
techniques: string[];
|
|
9
|
-
startTime: Date;
|
|
10
|
-
endTime: Date;
|
|
11
|
-
authorizedBy: string;
|
|
12
|
-
contactInfo: string;
|
|
13
|
-
}
|
|
14
|
-
export interface AuthorizationResult {
|
|
15
|
-
authorized: boolean;
|
|
16
|
-
reason?: string;
|
|
17
|
-
scope?: AuthorizationScope;
|
|
18
|
-
}
|
|
19
|
-
/**
|
|
20
|
-
* Authorization Manager for Security Testing
|
|
21
|
-
*/
|
|
22
|
-
export declare class AuthorizationManager {
|
|
23
|
-
private activeAuthorizations;
|
|
24
|
-
/**
|
|
25
|
-
* Request authorization for security testing
|
|
26
|
-
*/
|
|
27
|
-
requestAuthorization(scope: AuthorizationScope, authorizationToken?: string): AuthorizationResult;
|
|
28
|
-
/**
|
|
29
|
-
* Validate if a specific operation is authorized
|
|
30
|
-
*/
|
|
31
|
-
validateOperation(target: string, technique: string): AuthorizationResult;
|
|
32
|
-
/**
|
|
33
|
-
* Get current authorization status
|
|
34
|
-
*/
|
|
35
|
-
getAuthorizationStatus(): AuthorizationResult;
|
|
36
|
-
/**
|
|
37
|
-
* Clear current authorization
|
|
38
|
-
*/
|
|
39
|
-
clearAuthorization(): void;
|
|
40
|
-
/**
|
|
41
|
-
* Generate authorization report
|
|
42
|
-
*/
|
|
43
|
-
generateAuthorizationReport(): string;
|
|
44
|
-
}
|
|
45
|
-
//# sourceMappingURL=authorization.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"authorization.d.ts","sourceRoot":"","sources":["../../src/security/authorization.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,MAAM,WAAW,kBAAkB;IACjC,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,UAAU,EAAE,MAAM,EAAE,CAAC;IACrB,SAAS,EAAE,IAAI,CAAC;IAChB,OAAO,EAAE,IAAI,CAAC;IACd,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,mBAAmB;IAClC,UAAU,EAAE,OAAO,CAAC;IACpB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,KAAK,CAAC,EAAE,kBAAkB,CAAC;CAC5B;AAED;;GAEG;AACH,qBAAa,oBAAoB;IAC/B,OAAO,CAAC,oBAAoB,CAA8C;IAE1E;;OAEG;IACH,oBAAoB,CAClB,KAAK,EAAE,kBAAkB,EACzB,kBAAkB,CAAC,EAAE,MAAM,GAC1B,mBAAmB;IA+CtB;;OAEG;IACH,iBAAiB,CACf,MAAM,EAAE,MAAM,EACd,SAAS,EAAE,MAAM,GAChB,mBAAmB;IA8CtB;;OAEG;IACH,sBAAsB,IAAI,mBAAmB;IAa7C;;OAEG;IACH,kBAAkB,IAAI,IAAI;IAI1B;;OAEG;IACH,2BAA2B,IAAI,MAAM;CAmBtC"}
|
|
@@ -1,128 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* Authorization Framework for Security Testing
|
|
3
|
-
*
|
|
4
|
-
* Provides authorization validation and scope management for security tools.
|
|
5
|
-
*/
|
|
6
|
-
/**
|
|
7
|
-
* Authorization Manager for Security Testing
|
|
8
|
-
*/
|
|
9
|
-
export class AuthorizationManager {
|
|
10
|
-
activeAuthorizations = new Map();
|
|
11
|
-
/**
|
|
12
|
-
* Request authorization for security testing
|
|
13
|
-
*/
|
|
14
|
-
requestAuthorization(scope, authorizationToken) {
|
|
15
|
-
// In production, this would validate against an authorization service
|
|
16
|
-
// For now, we'll use environment variables for demo
|
|
17
|
-
const envToken = process.env.SECURITY_AUTHORIZATION_TOKEN;
|
|
18
|
-
const bypassAuth = process.env.BYPASS_AUTHORIZATION === 'true';
|
|
19
|
-
if (bypassAuth) {
|
|
20
|
-
console.warn('⚠️ AUTHORIZATION BYPASSED - FOR DEVELOPMENT ONLY');
|
|
21
|
-
this.activeAuthorizations.set('default', scope);
|
|
22
|
-
return { authorized: true, scope };
|
|
23
|
-
}
|
|
24
|
-
if (!envToken && !authorizationToken) {
|
|
25
|
-
return {
|
|
26
|
-
authorized: false,
|
|
27
|
-
reason: 'No authorization token provided. Set SECURITY_AUTHORIZATION_TOKEN environment variable.'
|
|
28
|
-
};
|
|
29
|
-
}
|
|
30
|
-
if (authorizationToken && authorizationToken !== envToken) {
|
|
31
|
-
return {
|
|
32
|
-
authorized: false,
|
|
33
|
-
reason: 'Invalid authorization token'
|
|
34
|
-
};
|
|
35
|
-
}
|
|
36
|
-
// Validate scope
|
|
37
|
-
if (scope.endTime < new Date()) {
|
|
38
|
-
return {
|
|
39
|
-
authorized: false,
|
|
40
|
-
reason: 'Authorization scope has expired'
|
|
41
|
-
};
|
|
42
|
-
}
|
|
43
|
-
if (scope.targets.length === 0) {
|
|
44
|
-
return {
|
|
45
|
-
authorized: false,
|
|
46
|
-
reason: 'No targets specified in authorization scope'
|
|
47
|
-
};
|
|
48
|
-
}
|
|
49
|
-
this.activeAuthorizations.set('default', scope);
|
|
50
|
-
return { authorized: true, scope };
|
|
51
|
-
}
|
|
52
|
-
/**
|
|
53
|
-
* Validate if a specific operation is authorized
|
|
54
|
-
*/
|
|
55
|
-
validateOperation(target, technique) {
|
|
56
|
-
const scope = this.activeAuthorizations.get('default');
|
|
57
|
-
if (!scope) {
|
|
58
|
-
return {
|
|
59
|
-
authorized: false,
|
|
60
|
-
reason: 'No active authorization scope found'
|
|
61
|
-
};
|
|
62
|
-
}
|
|
63
|
-
// Check if target is authorized
|
|
64
|
-
const targetAuthorized = scope.targets.some(authorizedTarget => target.includes(authorizedTarget) || authorizedTarget === '*');
|
|
65
|
-
if (!targetAuthorized) {
|
|
66
|
-
return {
|
|
67
|
-
authorized: false,
|
|
68
|
-
reason: `Target '${target}' not authorized in scope`
|
|
69
|
-
};
|
|
70
|
-
}
|
|
71
|
-
// Check if technique is authorized
|
|
72
|
-
const techniqueAuthorized = scope.techniques.some(authorizedTechnique => technique.includes(authorizedTechnique) || authorizedTechnique === '*');
|
|
73
|
-
if (!techniqueAuthorized) {
|
|
74
|
-
return {
|
|
75
|
-
authorized: false,
|
|
76
|
-
reason: `Technique '${technique}' not authorized in scope`
|
|
77
|
-
};
|
|
78
|
-
}
|
|
79
|
-
// Check time validity
|
|
80
|
-
const now = new Date();
|
|
81
|
-
if (now < scope.startTime || now > scope.endTime) {
|
|
82
|
-
return {
|
|
83
|
-
authorized: false,
|
|
84
|
-
reason: 'Authorization scope time window invalid'
|
|
85
|
-
};
|
|
86
|
-
}
|
|
87
|
-
return { authorized: true, scope };
|
|
88
|
-
}
|
|
89
|
-
/**
|
|
90
|
-
* Get current authorization status
|
|
91
|
-
*/
|
|
92
|
-
getAuthorizationStatus() {
|
|
93
|
-
const scope = this.activeAuthorizations.get('default');
|
|
94
|
-
if (!scope) {
|
|
95
|
-
return {
|
|
96
|
-
authorized: false,
|
|
97
|
-
reason: 'No active authorization'
|
|
98
|
-
};
|
|
99
|
-
}
|
|
100
|
-
return { authorized: true, scope };
|
|
101
|
-
}
|
|
102
|
-
/**
|
|
103
|
-
* Clear current authorization
|
|
104
|
-
*/
|
|
105
|
-
clearAuthorization() {
|
|
106
|
-
this.activeAuthorizations.delete('default');
|
|
107
|
-
}
|
|
108
|
-
/**
|
|
109
|
-
* Generate authorization report
|
|
110
|
-
*/
|
|
111
|
-
generateAuthorizationReport() {
|
|
112
|
-
const scope = this.activeAuthorizations.get('default');
|
|
113
|
-
if (!scope) {
|
|
114
|
-
return 'No active authorization';
|
|
115
|
-
}
|
|
116
|
-
let report = 'SECURITY AUTHORIZATION REPORT\n';
|
|
117
|
-
report += '='.repeat(50) + '\n';
|
|
118
|
-
report += `Authorized By: ${scope.authorizedBy}\n`;
|
|
119
|
-
report += `Contact: ${scope.contactInfo}\n`;
|
|
120
|
-
report += `Start Time: ${scope.startTime.toISOString()}\n`;
|
|
121
|
-
report += `End Time: ${scope.endTime.toISOString()}\n`;
|
|
122
|
-
report += `\nAuthorized Targets: ${scope.targets.join(', ')}\n`;
|
|
123
|
-
report += `Authorized Techniques: ${scope.techniques.join(', ')}\n`;
|
|
124
|
-
report += `\nStatus: ACTIVE\n`;
|
|
125
|
-
return report;
|
|
126
|
-
}
|
|
127
|
-
}
|
|
128
|
-
//# sourceMappingURL=authorization.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"authorization.js","sourceRoot":"","sources":["../../src/security/authorization.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAiBH;;GAEG;AACH,MAAM,OAAO,oBAAoB;IACvB,oBAAoB,GAAoC,IAAI,GAAG,EAAE,CAAC;IAE1E;;OAEG;IACH,oBAAoB,CAClB,KAAyB,EACzB,kBAA2B;QAE3B,sEAAsE;QACtE,oDAAoD;QAEpD,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,4BAA4B,CAAC;QAC1D,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,CAAC,oBAAoB,KAAK,MAAM,CAAC;QAE/D,IAAI,UAAU,EAAE,CAAC;YACf,OAAO,CAAC,IAAI,CAAC,mDAAmD,CAAC,CAAC;YAClE,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;YAChD,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC;QACrC,CAAC;QAED,IAAI,CAAC,QAAQ,IAAI,CAAC,kBAAkB,EAAE,CAAC;YACrC,OAAO;gBACL,UAAU,EAAE,KAAK;gBACjB,MAAM,EAAE,yFAAyF;aAClG,CAAC;QACJ,CAAC;QAED,IAAI,kBAAkB,IAAI,kBAAkB,KAAK,QAAQ,EAAE,CAAC;YAC1D,OAAO;gBACL,UAAU,EAAE,KAAK;gBACjB,MAAM,EAAE,6BAA6B;aACtC,CAAC;QACJ,CAAC;QAED,iBAAiB;QACjB,IAAI,KAAK,CAAC,OAAO,GAAG,IAAI,IAAI,EAAE,EAAE,CAAC;YAC/B,OAAO;gBACL,UAAU,EAAE,KAAK;gBACjB,MAAM,EAAE,iCAAiC;aAC1C,CAAC;QACJ,CAAC;QAED,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC/B,OAAO;gBACL,UAAU,EAAE,KAAK;gBACjB,MAAM,EAAE,6CAA6C;aACtD,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;QAEhD,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC;IACrC,CAAC;IAED;;OAEG;IACH,iBAAiB,CACf,MAAc,EACd,SAAiB;QAEjB,MAAM,KAAK,GAAG,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QAEvD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO;gBACL,UAAU,EAAE,KAAK;gBACjB,MAAM,EAAE,qCAAqC;aAC9C,CAAC;QACJ,CAAC;QAED,gCAAgC;QAChC,MAAM,gBAAgB,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,gBAAgB,CAAC,EAAE,CAC7D,MAAM,CAAC,QAAQ,CAAC,gBAAgB,CAAC,IAAI,gBAAgB,KAAK,GAAG,CAC9D,CAAC;QAEF,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACtB,OAAO;gBACL,UAAU,EAAE,KAAK;gBACjB,MAAM,EAAE,WAAW,MAAM,2BAA2B;aACrD,CAAC;QACJ,CAAC;QAED,mCAAmC;QACnC,MAAM,mBAAmB,GAAG,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,mBAAmB,CAAC,EAAE,CACtE,SAAS,CAAC,QAAQ,CAAC,mBAAmB,CAAC,IAAI,mBAAmB,KAAK,GAAG,CACvE,CAAC;QAEF,IAAI,CAAC,mBAAmB,EAAE,CAAC;YACzB,OAAO;gBACL,UAAU,EAAE,KAAK;gBACjB,MAAM,EAAE,cAAc,SAAS,2BAA2B;aAC3D,CAAC;QACJ,CAAC;QAED,sBAAsB;QACtB,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,IAAI,GAAG,GAAG,KAAK,CAAC,SAAS,IAAI,GAAG,GAAG,KAAK,CAAC,OAAO,EAAE,CAAC;YACjD,OAAO;gBACL,UAAU,EAAE,KAAK;gBACjB,MAAM,EAAE,yCAAyC;aAClD,CAAC;QACJ,CAAC;QAED,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC;IACrC,CAAC;IAED;;OAEG;IACH,sBAAsB;QACpB,MAAM,KAAK,GAAG,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QAEvD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO;gBACL,UAAU,EAAE,KAAK;gBACjB,MAAM,EAAE,yBAAyB;aAClC,CAAC;QACJ,CAAC;QAED,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC;IACrC,CAAC;IAED;;OAEG;IACH,kBAAkB;QAChB,IAAI,CAAC,oBAAoB,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IAC9C,CAAC;IAED;;OAEG;IACH,2BAA2B;QACzB,MAAM,KAAK,GAAG,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QAEvD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,yBAAyB,CAAC;QACnC,CAAC;QAED,IAAI,MAAM,GAAG,iCAAiC,CAAC;QAC/C,MAAM,IAAI,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC;QAChC,MAAM,IAAI,kBAAkB,KAAK,CAAC,YAAY,IAAI,CAAC;QACnD,MAAM,IAAI,YAAY,KAAK,CAAC,WAAW,IAAI,CAAC;QAC5C,MAAM,IAAI,eAAe,KAAK,CAAC,SAAS,CAAC,WAAW,EAAE,IAAI,CAAC;QAC3D,MAAM,IAAI,aAAa,KAAK,CAAC,OAAO,CAAC,WAAW,EAAE,IAAI,CAAC;QACvD,MAAM,IAAI,yBAAyB,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC;QAChE,MAAM,IAAI,0BAA0B,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC;QACpE,MAAM,IAAI,oBAAoB,CAAC;QAE/B,OAAO,MAAM,CAAC;IAChB,CAAC;CACF"}
|