npm - erosolar-cli - Versions diffs - 2.1.249 → 2.1.253 - Mend

erosolar-cli 2.1.249 → 2.1.253

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (470) hide show

package/agents/general.rules.json +10 -133
package/agents/general.rules.json.bak +278 -0
package/agents/general.rules.json.bak2 +306 -0
package/dist/bin/erosolar.js +9 -5
package/dist/bin/erosolar.js.map +1 -1
package/dist/capabilities/bidirectionalAuditCapability.d.ts +26 -0
package/dist/capabilities/bidirectionalAuditCapability.d.ts.map +1 -0
package/dist/capabilities/bidirectionalAuditCapability.js +44 -0
package/dist/capabilities/bidirectionalAuditCapability.js.map +1 -0
package/dist/capabilities/globCapability.d.ts +3 -6
package/dist/capabilities/globCapability.d.ts.map +1 -1
package/dist/capabilities/globCapability.js +6 -10
package/dist/capabilities/globCapability.js.map +1 -1
package/dist/capabilities/index.d.ts +1 -18
package/dist/capabilities/index.d.ts.map +1 -1
package/dist/capabilities/index.js +1 -18
package/dist/capabilities/index.js.map +1 -1
package/dist/capabilities/orchestrationCapability.d.ts +2 -0
package/dist/capabilities/orchestrationCapability.d.ts.map +1 -1
package/dist/capabilities/orchestrationCapability.js +980 -2
package/dist/capabilities/orchestrationCapability.js.map +1 -1
package/dist/capabilities/searchCapability.d.ts +8 -2
package/dist/capabilities/searchCapability.d.ts.map +1 -1
package/dist/capabilities/searchCapability.js +11 -6
package/dist/capabilities/searchCapability.js.map +1 -1
package/dist/contracts/tools.schema.json +9 -133
package/dist/core/aiErrorFixer.d.ts +1 -14
package/dist/core/aiErrorFixer.d.ts.map +1 -1
package/dist/core/aiErrorFixer.js +51 -239
package/dist/core/aiErrorFixer.js.map +1 -1
package/dist/core/alphaZeroEngine.d.ts +16 -256
package/dist/core/alphaZeroEngine.d.ts.map +1 -1
package/dist/core/alphaZeroEngine.js +22 -513
package/dist/core/alphaZeroEngine.js.map +1 -1
package/dist/core/completeAttackOrchestrator.d.ts +102 -0
package/dist/core/completeAttackOrchestrator.d.ts.map +1 -0
package/dist/core/completeAttackOrchestrator.js +293 -0
package/dist/core/completeAttackOrchestrator.js.map +1 -0
package/dist/core/defensiveSecurityToolkit.d.ts +373 -0
package/dist/core/defensiveSecurityToolkit.d.ts.map +1 -0
package/dist/core/defensiveSecurityToolkit.js +1304 -0
package/dist/core/defensiveSecurityToolkit.js.map +1 -0
package/dist/core/errors/errorTypes.d.ts +30 -57
package/dist/core/errors/errorTypes.d.ts.map +1 -1
package/dist/core/errors/errorTypes.js +51 -228
package/dist/core/errors/errorTypes.js.map +1 -1
package/dist/core/errors/safetyValidator.d.ts +19 -3
package/dist/core/errors/safetyValidator.d.ts.map +1 -1
package/dist/core/errors/safetyValidator.js +33 -71
package/dist/core/errors/safetyValidator.js.map +1 -1
package/dist/core/failureRecovery.d.ts +4 -100
package/dist/core/failureRecovery.d.ts.map +1 -1
package/dist/core/failureRecovery.js +16 -440
package/dist/core/failureRecovery.js.map +1 -1
package/dist/core/intelligentTargetResearcher.d.ts +142 -0
package/dist/core/intelligentTargetResearcher.d.ts.map +1 -0
package/dist/core/intelligentTargetResearcher.js +367 -0
package/dist/core/intelligentTargetResearcher.js.map +1 -0
package/dist/core/intelligentTestFlows.d.ts +26 -107
package/dist/core/intelligentTestFlows.d.ts.map +1 -1
package/dist/core/intelligentTestFlows.js +15 -659
package/dist/core/intelligentTestFlows.js.map +1 -1
package/dist/core/learningPersistence.d.ts +45 -132
package/dist/core/learningPersistence.d.ts.map +1 -1
package/dist/core/learningPersistence.js +32 -463
package/dist/core/learningPersistence.js.map +1 -1
package/dist/core/metricsTracker.d.ts +22 -139
package/dist/core/metricsTracker.d.ts.map +1 -1
package/dist/core/metricsTracker.js +51 -241
package/dist/core/metricsTracker.js.map +1 -1
package/dist/core/performanceMonitor.d.ts +15 -109
package/dist/core/performanceMonitor.d.ts.map +1 -1
package/dist/core/performanceMonitor.js +27 -184
package/dist/core/performanceMonitor.js.map +1 -1
package/dist/core/reliabilityPrompt.d.ts.map +1 -1
package/dist/core/reliabilityPrompt.js +14 -0
package/dist/core/reliabilityPrompt.js.map +1 -1
package/dist/core/resultVerification.d.ts +6 -100
package/dist/core/resultVerification.d.ts.map +1 -1
package/dist/core/resultVerification.js +31 -400
package/dist/core/resultVerification.js.map +1 -1
package/dist/core/selfEvolution.d.ts +32 -126
package/dist/core/selfEvolution.d.ts.map +1 -1
package/dist/core/selfEvolution.js +24 -967
package/dist/core/selfEvolution.js.map +1 -1
package/dist/core/selfImprovement.d.ts +50 -109
package/dist/core/selfImprovement.d.ts.map +1 -1
package/dist/core/selfImprovement.js +14 -689
package/dist/core/selfImprovement.js.map +1 -1
package/dist/core/sourceCodeManager.d.ts +89 -0
package/dist/core/sourceCodeManager.d.ts.map +1 -0
package/dist/core/sourceCodeManager.js +332 -0
package/dist/core/sourceCodeManager.js.map +1 -0
package/dist/core/unifiedOrchestrator.d.ts +88 -0
package/dist/core/unifiedOrchestrator.d.ts.map +1 -0
package/dist/core/unifiedOrchestrator.js +284 -0
package/dist/core/unifiedOrchestrator.js.map +1 -0
package/dist/core/userDefenseOrchestrator.d.ts +202 -0
package/dist/core/userDefenseOrchestrator.d.ts.map +1 -0
package/dist/core/userDefenseOrchestrator.js +1006 -0
package/dist/core/userDefenseOrchestrator.js.map +1 -0
package/dist/plugins/index.d.ts +1 -1
package/dist/plugins/index.d.ts.map +1 -1
package/dist/plugins/index.js +36 -26
package/dist/plugins/index.js.map +1 -1
package/dist/plugins/tools/bidirectionalAudit/bidirectionalAuditPlugin.d.ts +8 -0
package/dist/plugins/tools/bidirectionalAudit/bidirectionalAuditPlugin.d.ts.map +1 -0
package/dist/plugins/tools/bidirectionalAudit/bidirectionalAuditPlugin.js +17 -0
package/dist/plugins/tools/bidirectionalAudit/bidirectionalAuditPlugin.js.map +1 -0
package/dist/plugins/tools/nodeDefaults.d.ts +14 -0
package/dist/plugins/tools/nodeDefaults.d.ts.map +1 -1
package/dist/plugins/tools/nodeDefaults.js +17 -54
package/dist/plugins/tools/nodeDefaults.js.map +1 -1
package/dist/plugins/tools/orchestration/orchestrationPlugin.d.ts +9 -0
package/dist/plugins/tools/orchestration/orchestrationPlugin.d.ts.map +1 -0
package/dist/plugins/tools/orchestration/orchestrationPlugin.js +18 -0
package/dist/plugins/tools/orchestration/orchestrationPlugin.js.map +1 -0
package/dist/shell/interactiveShell.d.ts +97 -2
package/dist/shell/interactiveShell.d.ts.map +1 -1
package/dist/shell/interactiveShell.js +1001 -6
package/dist/shell/interactiveShell.js.map +1 -1
package/dist/tools/appleExposureTools.d.ts +108 -0
package/dist/tools/appleExposureTools.d.ts.map +1 -0
package/dist/tools/appleExposureTools.js +850 -0
package/dist/tools/appleExposureTools.js.map +1 -0
package/dist/tools/bidirectionalAuditTools.d.ts +104 -0
package/dist/tools/bidirectionalAuditTools.d.ts.map +1 -0
package/dist/tools/bidirectionalAuditTools.js +1280 -0
package/dist/tools/bidirectionalAuditTools.js.map +1 -0
package/dist/tools/defensiveSecurityTools.d.ts +152 -0
package/dist/tools/defensiveSecurityTools.d.ts.map +1 -0
package/dist/tools/defensiveSecurityTools.js +576 -0
package/dist/tools/defensiveSecurityTools.js.map +1 -0
package/dist/tools/forwardAttackChainTracer.d.ts +73 -0
package/dist/tools/forwardAttackChainTracer.d.ts.map +1 -0
package/dist/tools/forwardAttackChainTracer.js +604 -0
package/dist/tools/forwardAttackChainTracer.js.map +1 -0
package/dist/tools/localExplore.d.ts +12 -199
package/dist/tools/localExplore.d.ts.map +1 -1
package/dist/tools/localExplore.js +18 -1352
package/dist/tools/localExplore.js.map +1 -1
package/dist/tools/offensiveTransparencyTools.d.ts +188 -0
package/dist/tools/offensiveTransparencyTools.d.ts.map +1 -0
package/dist/tools/offensiveTransparencyTools.js +890 -0
package/dist/tools/offensiveTransparencyTools.js.map +1 -0
package/dist/tools/planningTools.d.ts +8 -17
package/dist/tools/planningTools.d.ts.map +1 -1
package/dist/tools/planningTools.js +31 -141
package/dist/tools/planningTools.js.map +1 -1
package/dist/tools/searchTools.d.ts +9 -0
package/dist/tools/searchTools.d.ts.map +1 -1
package/dist/tools/searchTools.js +305 -189
package/dist/tools/searchTools.js.map +1 -1
package/dist/tools/skillTools.d.ts +7 -5
package/dist/tools/skillTools.d.ts.map +1 -1
package/dist/tools/skillTools.js +13 -155
package/dist/tools/skillTools.js.map +1 -1
package/dist/tools/threatIntelligenceTools.d.ts +128 -0
package/dist/tools/threatIntelligenceTools.d.ts.map +1 -0
package/dist/tools/threatIntelligenceTools.js +712 -0
package/dist/tools/threatIntelligenceTools.js.map +1 -0
package/dist/ui/PromptController.d.ts +4 -0
package/dist/ui/PromptController.d.ts.map +1 -1
package/dist/ui/PromptController.js +32 -11
package/dist/ui/PromptController.js.map +1 -1
package/dist/ui/UnifiedUIRenderer.d.ts +20 -0
package/dist/ui/UnifiedUIRenderer.d.ts.map +1 -1
package/dist/ui/UnifiedUIRenderer.js +235 -28
package/dist/ui/UnifiedUIRenderer.js.map +1 -1
package/dist/ui/animatedStatus.d.ts +2 -0
package/dist/ui/animatedStatus.d.ts.map +1 -1
package/dist/ui/animatedStatus.js +36 -2
package/dist/ui/animatedStatus.js.map +1 -1
package/dist/ui/orchestration/StatusOrchestrator.d.ts +10 -0
package/dist/ui/orchestration/StatusOrchestrator.d.ts.map +1 -1
package/dist/ui/orchestration/StatusOrchestrator.js +36 -4
package/dist/ui/orchestration/StatusOrchestrator.js.map +1 -1
package/package.json +1 -1
package/dist/capabilities/advancedTestGenerationCapability.d.ts +0 -17
package/dist/capabilities/advancedTestGenerationCapability.d.ts.map +0 -1
package/dist/capabilities/advancedTestGenerationCapability.js +0 -28
package/dist/capabilities/advancedTestGenerationCapability.js.map +0 -1
package/dist/capabilities/browserAutomationCapability.d.ts +0 -37
package/dist/capabilities/browserAutomationCapability.d.ts.map +0 -1
package/dist/capabilities/browserAutomationCapability.js +0 -49
package/dist/capabilities/browserAutomationCapability.js.map +0 -1
package/dist/capabilities/buildCapability.d.ts +0 -24
package/dist/capabilities/buildCapability.d.ts.map +0 -1
package/dist/capabilities/buildCapability.js +0 -25
package/dist/capabilities/buildCapability.js.map +0 -1
package/dist/capabilities/cloudCapability.d.ts +0 -13
package/dist/capabilities/cloudCapability.d.ts.map +0 -1
package/dist/capabilities/cloudCapability.js +0 -38
package/dist/capabilities/cloudCapability.js.map +0 -1
package/dist/capabilities/codeAnalysisCapability.d.ts +0 -13
package/dist/capabilities/codeAnalysisCapability.d.ts.map +0 -1
package/dist/capabilities/codeAnalysisCapability.js +0 -24
package/dist/capabilities/codeAnalysisCapability.js.map +0 -1
package/dist/capabilities/codeQualityCapability.d.ts +0 -13
package/dist/capabilities/codeQualityCapability.d.ts.map +0 -1
package/dist/capabilities/codeQualityCapability.js +0 -25
package/dist/capabilities/codeQualityCapability.js.map +0 -1
package/dist/capabilities/dependencySecurityCapability.d.ts +0 -13
package/dist/capabilities/dependencySecurityCapability.d.ts.map +0 -1
package/dist/capabilities/dependencySecurityCapability.js +0 -24
package/dist/capabilities/dependencySecurityCapability.js.map +0 -1
package/dist/capabilities/devCapability.d.ts +0 -13
package/dist/capabilities/devCapability.d.ts.map +0 -1
package/dist/capabilities/devCapability.js +0 -24
package/dist/capabilities/devCapability.js.map +0 -1
package/dist/capabilities/emailCapability.d.ts +0 -12
package/dist/capabilities/emailCapability.d.ts.map +0 -1
package/dist/capabilities/emailCapability.js +0 -22
package/dist/capabilities/emailCapability.js.map +0 -1
package/dist/capabilities/enhancedAnalysisCapability.d.ts +0 -13
package/dist/capabilities/enhancedAnalysisCapability.d.ts.map +0 -1
package/dist/capabilities/enhancedAnalysisCapability.js +0 -20
package/dist/capabilities/enhancedAnalysisCapability.js.map +0 -1
package/dist/capabilities/enhancedCodeIntelligenceCapability.d.ts +0 -17
package/dist/capabilities/enhancedCodeIntelligenceCapability.d.ts.map +0 -1
package/dist/capabilities/enhancedCodeIntelligenceCapability.js +0 -28
package/dist/capabilities/enhancedCodeIntelligenceCapability.js.map +0 -1
package/dist/capabilities/enhancedDevWorkflowCapability.d.ts +0 -17
package/dist/capabilities/enhancedDevWorkflowCapability.d.ts.map +0 -1
package/dist/capabilities/enhancedDevWorkflowCapability.js +0 -28
package/dist/capabilities/enhancedDevWorkflowCapability.js.map +0 -1
package/dist/capabilities/frontendTestingCapability.d.ts +0 -13
package/dist/capabilities/frontendTestingCapability.d.ts.map +0 -1
package/dist/capabilities/frontendTestingCapability.js +0 -28
package/dist/capabilities/frontendTestingCapability.js.map +0 -1
package/dist/capabilities/interactionCapability.d.ts +0 -12
package/dist/capabilities/interactionCapability.d.ts.map +0 -1
package/dist/capabilities/interactionCapability.js +0 -22
package/dist/capabilities/interactionCapability.js.map +0 -1
package/dist/capabilities/learnCapability.d.ts +0 -22
package/dist/capabilities/learnCapability.d.ts.map +0 -1
package/dist/capabilities/learnCapability.js +0 -37
package/dist/capabilities/learnCapability.js.map +0 -1
package/dist/capabilities/notebookCapability.d.ts +0 -17
package/dist/capabilities/notebookCapability.d.ts.map +0 -1
package/dist/capabilities/notebookCapability.js +0 -27
package/dist/capabilities/notebookCapability.js.map +0 -1
package/dist/capabilities/planningCapability.d.ts +0 -16
package/dist/capabilities/planningCapability.d.ts.map +0 -1
package/dist/capabilities/planningCapability.js +0 -26
package/dist/capabilities/planningCapability.js.map +0 -1
package/dist/capabilities/refactoringCapability.d.ts +0 -13
package/dist/capabilities/refactoringCapability.d.ts.map +0 -1
package/dist/capabilities/refactoringCapability.js +0 -25
package/dist/capabilities/refactoringCapability.js.map +0 -1
package/dist/capabilities/repoChecksCapability.d.ts +0 -10
package/dist/capabilities/repoChecksCapability.d.ts.map +0 -1
package/dist/capabilities/repoChecksCapability.js +0 -24
package/dist/capabilities/repoChecksCapability.js.map +0 -1
package/dist/capabilities/taskManagementCapability.d.ts +0 -12
package/dist/capabilities/taskManagementCapability.d.ts.map +0 -1
package/dist/capabilities/taskManagementCapability.js +0 -22
package/dist/capabilities/taskManagementCapability.js.map +0 -1
package/dist/capabilities/testingCapability.d.ts +0 -13
package/dist/capabilities/testingCapability.d.ts.map +0 -1
package/dist/capabilities/testingCapability.js +0 -25
package/dist/capabilities/testingCapability.js.map +0 -1
package/dist/capabilities/validationCapability.d.ts +0 -13
package/dist/capabilities/validationCapability.d.ts.map +0 -1
package/dist/capabilities/validationCapability.js +0 -24
package/dist/capabilities/validationCapability.js.map +0 -1
package/dist/capabilities/webCapability.d.ts +0 -12
package/dist/capabilities/webCapability.d.ts.map +0 -1
package/dist/capabilities/webCapability.js +0 -22
package/dist/capabilities/webCapability.js.map +0 -1
package/dist/core/deepBugAnalyzer.d.ts +0 -128
package/dist/core/deepBugAnalyzer.d.ts.map +0 -1
package/dist/core/deepBugAnalyzer.js +0 -406
package/dist/core/deepBugAnalyzer.js.map +0 -1
package/dist/core/hypothesisEngine.d.ts +0 -113
package/dist/core/hypothesisEngine.d.ts.map +0 -1
package/dist/core/hypothesisEngine.js +0 -264
package/dist/core/hypothesisEngine.js.map +0 -1
package/dist/core/productTestHarness.d.ts +0 -113
package/dist/core/productTestHarness.d.ts.map +0 -1
package/dist/core/productTestHarness.js +0 -351
package/dist/core/productTestHarness.js.map +0 -1
package/dist/core/validationRunner.d.ts +0 -106
package/dist/core/validationRunner.d.ts.map +0 -1
package/dist/core/validationRunner.js +0 -892
package/dist/core/validationRunner.js.map +0 -1
package/dist/plugins/tools/browser/browserAutomationPlugin.d.ts +0 -14
package/dist/plugins/tools/browser/browserAutomationPlugin.d.ts.map +0 -1
package/dist/plugins/tools/browser/browserAutomationPlugin.js +0 -26
package/dist/plugins/tools/browser/browserAutomationPlugin.js.map +0 -1
package/dist/plugins/tools/checks/localRepoChecksPlugin.d.ts +0 -3
package/dist/plugins/tools/checks/localRepoChecksPlugin.d.ts.map +0 -1
package/dist/plugins/tools/checks/localRepoChecksPlugin.js +0 -14
package/dist/plugins/tools/checks/localRepoChecksPlugin.js.map +0 -1
package/dist/plugins/tools/cloud/cloudPlugin.d.ts +0 -3
package/dist/plugins/tools/cloud/cloudPlugin.d.ts.map +0 -1
package/dist/plugins/tools/cloud/cloudPlugin.js +0 -14
package/dist/plugins/tools/cloud/cloudPlugin.js.map +0 -1
package/dist/plugins/tools/codeAnalysis/codeAnalysisPlugin.d.ts +0 -3
package/dist/plugins/tools/codeAnalysis/codeAnalysisPlugin.d.ts.map +0 -1
package/dist/plugins/tools/codeAnalysis/codeAnalysisPlugin.js +0 -14
package/dist/plugins/tools/codeAnalysis/codeAnalysisPlugin.js.map +0 -1
package/dist/plugins/tools/codeQuality/codeQualityPlugin.d.ts +0 -3
package/dist/plugins/tools/codeQuality/codeQualityPlugin.d.ts.map +0 -1
package/dist/plugins/tools/codeQuality/codeQualityPlugin.js +0 -14
package/dist/plugins/tools/codeQuality/codeQualityPlugin.js.map +0 -1
package/dist/plugins/tools/dependency/dependencyPlugin.d.ts +0 -3
package/dist/plugins/tools/dependency/dependencyPlugin.d.ts.map +0 -1
package/dist/plugins/tools/dependency/dependencyPlugin.js +0 -12
package/dist/plugins/tools/dependency/dependencyPlugin.js.map +0 -1
package/dist/plugins/tools/development/devPlugin.d.ts +0 -3
package/dist/plugins/tools/development/devPlugin.d.ts.map +0 -1
package/dist/plugins/tools/development/devPlugin.js +0 -14
package/dist/plugins/tools/development/devPlugin.js.map +0 -1
package/dist/plugins/tools/email/emailPlugin.d.ts +0 -3
package/dist/plugins/tools/email/emailPlugin.d.ts.map +0 -1
package/dist/plugins/tools/email/emailPlugin.js +0 -12
package/dist/plugins/tools/email/emailPlugin.js.map +0 -1
package/dist/plugins/tools/enhancedAnalysis/enhancedAnalysisPlugin.d.ts +0 -3
package/dist/plugins/tools/enhancedAnalysis/enhancedAnalysisPlugin.d.ts.map +0 -1
package/dist/plugins/tools/enhancedAnalysis/enhancedAnalysisPlugin.js +0 -14
package/dist/plugins/tools/enhancedAnalysis/enhancedAnalysisPlugin.js.map +0 -1
package/dist/plugins/tools/enhancedCodeIntelligence/enhancedCodeIntelligencePlugin.d.ts +0 -3
package/dist/plugins/tools/enhancedCodeIntelligence/enhancedCodeIntelligencePlugin.d.ts.map +0 -1
package/dist/plugins/tools/enhancedCodeIntelligence/enhancedCodeIntelligencePlugin.js +0 -12
package/dist/plugins/tools/enhancedCodeIntelligence/enhancedCodeIntelligencePlugin.js.map +0 -1
package/dist/plugins/tools/enhancedDevWorkflow/enhancedDevWorkflowPlugin.d.ts +0 -3
package/dist/plugins/tools/enhancedDevWorkflow/enhancedDevWorkflowPlugin.d.ts.map +0 -1
package/dist/plugins/tools/enhancedDevWorkflow/enhancedDevWorkflowPlugin.js +0 -12
package/dist/plugins/tools/enhancedDevWorkflow/enhancedDevWorkflowPlugin.js.map +0 -1
package/dist/plugins/tools/frontendTesting/frontendTestingPlugin.d.ts +0 -3
package/dist/plugins/tools/frontendTesting/frontendTestingPlugin.d.ts.map +0 -1
package/dist/plugins/tools/frontendTesting/frontendTestingPlugin.js +0 -14
package/dist/plugins/tools/frontendTesting/frontendTestingPlugin.js.map +0 -1
package/dist/plugins/tools/interaction/interactionPlugin.d.ts +0 -3
package/dist/plugins/tools/interaction/interactionPlugin.d.ts.map +0 -1
package/dist/plugins/tools/interaction/interactionPlugin.js +0 -12
package/dist/plugins/tools/interaction/interactionPlugin.js.map +0 -1
package/dist/plugins/tools/learn/learnPlugin.d.ts +0 -3
package/dist/plugins/tools/learn/learnPlugin.d.ts.map +0 -1
package/dist/plugins/tools/learn/learnPlugin.js +0 -14
package/dist/plugins/tools/learn/learnPlugin.js.map +0 -1
package/dist/plugins/tools/notebook/notebookPlugin.d.ts +0 -9
package/dist/plugins/tools/notebook/notebookPlugin.d.ts.map +0 -1
package/dist/plugins/tools/notebook/notebookPlugin.js +0 -15
package/dist/plugins/tools/notebook/notebookPlugin.js.map +0 -1
package/dist/plugins/tools/planning/planningPlugin.d.ts +0 -9
package/dist/plugins/tools/planning/planningPlugin.d.ts.map +0 -1
package/dist/plugins/tools/planning/planningPlugin.js +0 -15
package/dist/plugins/tools/planning/planningPlugin.js.map +0 -1
package/dist/plugins/tools/refactoring/refactoringPlugin.d.ts +0 -3
package/dist/plugins/tools/refactoring/refactoringPlugin.d.ts.map +0 -1
package/dist/plugins/tools/refactoring/refactoringPlugin.js +0 -12
package/dist/plugins/tools/refactoring/refactoringPlugin.js.map +0 -1
package/dist/plugins/tools/taskManagement/taskManagementPlugin.d.ts +0 -3
package/dist/plugins/tools/taskManagement/taskManagementPlugin.d.ts.map +0 -1
package/dist/plugins/tools/taskManagement/taskManagementPlugin.js +0 -12
package/dist/plugins/tools/taskManagement/taskManagementPlugin.js.map +0 -1
package/dist/plugins/tools/testing/testingPlugin.d.ts +0 -3
package/dist/plugins/tools/testing/testingPlugin.d.ts.map +0 -1
package/dist/plugins/tools/testing/testingPlugin.js +0 -12
package/dist/plugins/tools/testing/testingPlugin.js.map +0 -1
package/dist/plugins/tools/validation/validationPlugin.d.ts +0 -3
package/dist/plugins/tools/validation/validationPlugin.d.ts.map +0 -1
package/dist/plugins/tools/validation/validationPlugin.js +0 -14
package/dist/plugins/tools/validation/validationPlugin.js.map +0 -1
package/dist/plugins/tools/web/webPlugin.d.ts +0 -3
package/dist/plugins/tools/web/webPlugin.d.ts.map +0 -1
package/dist/plugins/tools/web/webPlugin.js +0 -12
package/dist/plugins/tools/web/webPlugin.js.map +0 -1
package/dist/tools/advancedTestGenerationTools.d.ts +0 -21
package/dist/tools/advancedTestGenerationTools.d.ts.map +0 -1
package/dist/tools/advancedTestGenerationTools.js +0 -304
package/dist/tools/advancedTestGenerationTools.js.map +0 -1
package/dist/tools/browserAutomationTools.d.ts +0 -23
package/dist/tools/browserAutomationTools.d.ts.map +0 -1
package/dist/tools/browserAutomationTools.js +0 -916
package/dist/tools/browserAutomationTools.js.map +0 -1
package/dist/tools/buildTools.d.ts +0 -9
package/dist/tools/buildTools.d.ts.map +0 -1
package/dist/tools/buildTools.js +0 -346
package/dist/tools/buildTools.js.map +0 -1
package/dist/tools/cloudTools.d.ts +0 -49
package/dist/tools/cloudTools.d.ts.map +0 -1
package/dist/tools/cloudTools.js +0 -1258
package/dist/tools/cloudTools.js.map +0 -1
package/dist/tools/codeAnalysisTools.d.ts +0 -74
package/dist/tools/codeAnalysisTools.d.ts.map +0 -1
package/dist/tools/codeAnalysisTools.js +0 -664
package/dist/tools/codeAnalysisTools.js.map +0 -1
package/dist/tools/codeGenerationTools.d.ts +0 -3
package/dist/tools/codeGenerationTools.d.ts.map +0 -1
package/dist/tools/codeGenerationTools.js +0 -439
package/dist/tools/codeGenerationTools.js.map +0 -1
package/dist/tools/codeQualityTools.d.ts +0 -3
package/dist/tools/codeQualityTools.d.ts.map +0 -1
package/dist/tools/codeQualityTools.js +0 -297
package/dist/tools/codeQualityTools.js.map +0 -1
package/dist/tools/dependencyTools.d.ts +0 -3
package/dist/tools/dependencyTools.d.ts.map +0 -1
package/dist/tools/dependencyTools.js +0 -284
package/dist/tools/dependencyTools.js.map +0 -1
package/dist/tools/devTools.d.ts +0 -10
package/dist/tools/devTools.d.ts.map +0 -1
package/dist/tools/devTools.js +0 -2126
package/dist/tools/devTools.js.map +0 -1
package/dist/tools/emailTools.d.ts +0 -21
package/dist/tools/emailTools.d.ts.map +0 -1
package/dist/tools/emailTools.js +0 -449
package/dist/tools/emailTools.js.map +0 -1
package/dist/tools/enhancedAnalysisTools.d.ts +0 -9
package/dist/tools/enhancedAnalysisTools.d.ts.map +0 -1
package/dist/tools/enhancedAnalysisTools.js +0 -370
package/dist/tools/enhancedAnalysisTools.js.map +0 -1
package/dist/tools/enhancedCodeIntelligenceTools.d.ts +0 -7
package/dist/tools/enhancedCodeIntelligenceTools.d.ts.map +0 -1
package/dist/tools/enhancedCodeIntelligenceTools.js +0 -540
package/dist/tools/enhancedCodeIntelligenceTools.js.map +0 -1
package/dist/tools/enhancedDevWorkflowTools.d.ts +0 -7
package/dist/tools/enhancedDevWorkflowTools.d.ts.map +0 -1
package/dist/tools/enhancedDevWorkflowTools.js +0 -432
package/dist/tools/enhancedDevWorkflowTools.js.map +0 -1
package/dist/tools/frontendTestingTools.d.ts +0 -35
package/dist/tools/frontendTestingTools.d.ts.map +0 -1
package/dist/tools/frontendTestingTools.js +0 -1258
package/dist/tools/frontendTestingTools.js.map +0 -1
package/dist/tools/globTools.d.ts +0 -15
package/dist/tools/globTools.d.ts.map +0 -1
package/dist/tools/globTools.js +0 -174
package/dist/tools/globTools.js.map +0 -1
package/dist/tools/grepTools.d.ts +0 -19
package/dist/tools/grepTools.d.ts.map +0 -1
package/dist/tools/grepTools.js +0 -411
package/dist/tools/grepTools.js.map +0 -1
package/dist/tools/interactionTools.d.ts +0 -6
package/dist/tools/interactionTools.d.ts.map +0 -1
package/dist/tools/interactionTools.js +0 -209
package/dist/tools/interactionTools.js.map +0 -1
package/dist/tools/learnTools.d.ts +0 -164
package/dist/tools/learnTools.d.ts.map +0 -1
package/dist/tools/learnTools.js +0 -2098
package/dist/tools/learnTools.js.map +0 -1
package/dist/tools/notebookEditTools.d.ts +0 -15
package/dist/tools/notebookEditTools.d.ts.map +0 -1
package/dist/tools/notebookEditTools.js +0 -197
package/dist/tools/notebookEditTools.js.map +0 -1
package/dist/tools/refactoringTools.d.ts +0 -3
package/dist/tools/refactoringTools.d.ts.map +0 -1
package/dist/tools/refactoringTools.js +0 -294
package/dist/tools/refactoringTools.js.map +0 -1
package/dist/tools/repoChecksTools.d.ts +0 -3
package/dist/tools/repoChecksTools.d.ts.map +0 -1
package/dist/tools/repoChecksTools.js +0 -276
package/dist/tools/repoChecksTools.js.map +0 -1
package/dist/tools/taskManagementTools.d.ts +0 -10
package/dist/tools/taskManagementTools.d.ts.map +0 -1
package/dist/tools/taskManagementTools.js +0 -133
package/dist/tools/taskManagementTools.js.map +0 -1
package/dist/tools/testingTools.d.ts +0 -3
package/dist/tools/testingTools.d.ts.map +0 -1
package/dist/tools/testingTools.js +0 -237
package/dist/tools/testingTools.js.map +0 -1
package/dist/tools/validationTools.d.ts +0 -7
package/dist/tools/validationTools.d.ts.map +0 -1
package/dist/tools/validationTools.js +0 -344
package/dist/tools/validationTools.js.map +0 -1
package/dist/tools/webTools.d.ts +0 -3
package/dist/tools/webTools.d.ts.map +0 -1
package/dist/tools/webTools.js +0 -502
package/dist/tools/webTools.js.map +0 -1

package/dist/tools/threatIntelligenceTools.js ADDED Viewed

@@ -0,0 +1,712 @@
+/**
+ * Threat Intelligence & Counterintelligence Tools
+ *
+ * Capabilities for understanding threats against YOUR systems:
+ * - Attack surface analysis (what vectors could be used against you)
+ * - Threat actor profiling (who might target you and how)
+ * - Indicator of Compromise (IOC) detection
+ * - Traffic analysis and anomaly detection
+ * - Capability assessment (understanding attacker TTPs)
+ *
+ * This module provides DEFENSIVE intelligence - understanding how
+ * attacks work so you can detect and document them.
+ *
+ * For authorized security research and defensive purposes only.
+ */
+import { execSync } from 'node:child_process';
+import * as fs from 'node:fs';
+import * as path from 'node:path';
+import * as crypto from 'node:crypto';
+import * as dns from 'node:dns';
+import { promisify } from 'node:util';
+const dnsResolve = promisify(dns.resolve);
+const dnsResolve4 = promisify(dns.resolve4);
+const dnsResolveTxt = promisify(dns.resolveTxt);
+// ═══════════════════════════════════════════════════════════════════════════════
+// THREAT ACTOR PROFILES
+// ═══════════════════════════════════════════════════════════════════════════════
+const KNOWN_THREAT_ACTORS = [
+    {
+        id: 'ta-apple-internal',
+        name: 'Apple Internal Operations',
+        type: 'corporate',
+        capabilities: [
+            'Full device control via firmware',
+            'Key injection into iCloud Keychain',
+            'Push notification injection',
+            'Software update manipulation',
+            'Certificate authority control',
+            'DNS manipulation for Apple domains',
+            'iMessage key substitution',
+            'Activation Lock control',
+            'Location tracking via Find My',
+            'Remote device wipe',
+        ],
+        knownTTPs: [
+            'T1195.002 - Supply Chain Compromise: Compromise Software Supply Chain',
+            'T1553.004 - Subvert Trust Controls: Install Root Certificate',
+            'T1556.004 - Modify Authentication Process: Network Device Authentication',
+            'T1557 - Adversary-in-the-Middle',
+            'T1602 - Data from Configuration Repository',
+            'T1612 - Build Image on Host',
+            'T1542 - Pre-OS Boot',
+        ],
+        targetingProfile: ['All Apple device users', 'iCloud users', 'iMessage users'],
+        infrastructure: [
+            'courier.push.apple.com (APNs)',
+            'identity.ess.apple.com (IDS)',
+            'gateway.icloud.com (CloudKit)',
+            'p43-escrowproxy.icloud.com (Key Escrow)',
+            'gsa.apple.com (Authentication)',
+        ],
+        attributionConfidence: 'high',
+    },
+    {
+        id: 'ta-law-enforcement',
+        name: 'Law Enforcement (with Apple cooperation)',
+        type: 'nation-state',
+        capabilities: [
+            'iCloud data access via legal process',
+            'Device unlock assistance (limited)',
+            'Account information disclosure',
+            'Push notification metadata',
+            'Location data (with warrant)',
+        ],
+        knownTTPs: [
+            'T1114 - Email Collection',
+            'T1530 - Data from Cloud Storage Object',
+            'T1213 - Data from Information Repositories',
+        ],
+        targetingProfile: ['Subjects of legal investigation'],
+        infrastructure: ['Apple Legal Process Portal'],
+        attributionConfidence: 'high',
+    },
+    {
+        id: 'ta-third-party-cloud',
+        name: 'Third-Party Cloud Providers',
+        type: 'corporate',
+        capabilities: [
+            'Access to stored iCloud data (AWS, Google Cloud)',
+            'Siri audio processing (AWS)',
+            'CDN traffic inspection (Akamai, Fastly)',
+        ],
+        knownTTPs: [
+            'T1530 - Data from Cloud Storage Object',
+            'T1040 - Network Sniffing',
+        ],
+        targetingProfile: ['iCloud users', 'Siri users', 'iCloud Private Relay users'],
+        infrastructure: [
+            'AWS us-east-1 (Siri)',
+            'Google Cloud (iCloud storage)',
+            'Akamai CDN',
+            'Fastly CDN (Private Relay)',
+        ],
+        attributionConfidence: 'medium',
+    },
+];
+// ═══════════════════════════════════════════════════════════════════════════════
+// ATTACK VECTOR CATALOG
+// ═══════════════════════════════════════════════════════════════════════════════
+const ATTACK_VECTORS = [
+    // Firmware/Hardware Level
+    {
+        id: 'av-firmware-update',
+        name: 'Malicious Firmware Update',
+        category: 'supply-chain',
+        mitreTactic: 'Persistence',
+        mitreId: 'T1542.001',
+        description: 'Attacker with Apple-level access could push malicious firmware that persists across OS reinstalls',
+        prerequisites: ['Apple signing keys', 'Push update capability'],
+        detectability: 'none',
+        userDefense: 'none',
+        evidence: ['Firmware version changes', 'Unexpected reboots'],
+    },
+    {
+        id: 'av-sep-compromise',
+        name: 'Secure Enclave Key Extraction',
+        category: 'physical',
+        mitreTactic: 'Credential Access',
+        mitreId: 'T1552',
+        description: 'Physical or firmware-level access to Secure Enclave could expose private keys',
+        prerequisites: ['Physical access OR firmware compromise', 'SEP vulnerability'],
+        detectability: 'none',
+        userDefense: 'none',
+        evidence: ['Unexpected key usage', 'Authentication anomalies'],
+    },
+    // Network Level
+    {
+        id: 'av-dns-hijack',
+        name: 'Apple DNS Manipulation',
+        category: 'network',
+        mitreTactic: 'Command and Control',
+        mitreId: 'T1071.004',
+        description: 'Apple controls all DNS for Apple domains; could redirect to malicious servers',
+        prerequisites: ['Apple DNS infrastructure access'],
+        detectability: 'low',
+        userDefense: 'partial',
+        evidence: ['DNS response changes', 'Unexpected IP addresses'],
+    },
+    {
+        id: 'av-cert-mitm',
+        name: 'Certificate Authority MITM',
+        category: 'network',
+        mitreTactic: 'Collection',
+        mitreId: 'T1557.002',
+        description: 'Apple Root CAs in system trust store enable MITM of any TLS connection',
+        prerequisites: ['Apple CA private keys'],
+        detectability: 'low',
+        userDefense: 'none',
+        evidence: ['Certificate changes', 'New intermediate CAs'],
+    },
+    // Application Level
+    {
+        id: 'av-imessage-key-inject',
+        name: 'iMessage Key Injection',
+        category: 'application',
+        mitreTactic: 'Credential Access',
+        mitreId: 'T1556',
+        description: 'Apple IDS servers could inject additional public keys to enable message interception',
+        prerequisites: ['IDS server access', 'Key database write access'],
+        detectability: 'low',
+        userDefense: 'partial',
+        evidence: ['Key count changes', 'Unknown device keys', 'Key Transparency alerts'],
+    },
+    {
+        id: 'av-push-injection',
+        name: 'Push Notification Injection',
+        category: 'application',
+        mitreTactic: 'Initial Access',
+        mitreId: 'T1199',
+        description: 'APNs infrastructure allows sending arbitrary push notifications to any device',
+        prerequisites: ['APNs infrastructure access'],
+        detectability: 'medium',
+        userDefense: 'none',
+        evidence: ['Unexpected notifications', 'Malformed payloads'],
+    },
+    {
+        id: 'av-icloud-keychain-inject',
+        name: 'iCloud Keychain Key Injection',
+        category: 'application',
+        mitreTactic: 'Persistence',
+        mitreId: 'T1556.001',
+        description: 'Escrow proxy access could inject recovery keys or add trusted devices',
+        prerequisites: ['Escrow HSM access', 'iCloud account access'],
+        detectability: 'low',
+        userDefense: 'partial',
+        evidence: ['New trusted devices', 'Keychain sync anomalies'],
+    },
+    // Supply Chain
+    {
+        id: 'av-app-store-trojan',
+        name: 'App Store Trojan Update',
+        category: 'supply-chain',
+        mitreTactic: 'Initial Access',
+        mitreId: 'T1195.002',
+        description: 'Apple could modify app binaries during App Store distribution',
+        prerequisites: ['App Store infrastructure access', 'Code signing capability'],
+        detectability: 'none',
+        userDefense: 'none',
+        evidence: ['Binary hash changes', 'Unexpected app behavior'],
+    },
+    {
+        id: 'av-xcode-implant',
+        name: 'Development Tool Compromise',
+        category: 'supply-chain',
+        mitreTactic: 'Initial Access',
+        mitreId: 'T1195.001',
+        description: 'Xcode or development tools could be modified to inject code into compiled apps',
+        prerequisites: ['Developer tool distribution access'],
+        detectability: 'low',
+        userDefense: 'partial',
+        evidence: ['Tool hash changes', 'Unexpected code in builds'],
+    },
+];
+// ═══════════════════════════════════════════════════════════════════════════════
+// THREAT INTELLIGENCE ENGINE
+// ═══════════════════════════════════════════════════════════════════════════════
+export class ThreatIntelligenceEngine {
+    evidenceDir;
+    iocs = [];
+    anomalies = [];
+    constructor(evidenceDir) {
+        this.evidenceDir = evidenceDir;
+        if (!fs.existsSync(evidenceDir)) {
+            fs.mkdirSync(evidenceDir, { recursive: true });
+        }
+    }
+    /**
+     * Analyze current threat landscape for this device
+     */
+    async analyzeThreatLandscape() {
+        // Determine which threat actors are relevant
+        const relevantActors = KNOWN_THREAT_ACTORS.filter(actor => {
+            // All Apple users are targeted by Apple internal
+            if (actor.id === 'ta-apple-internal')
+                return true;
+            // Check if using relevant services
+            if (actor.id === 'ta-third-party-cloud') {
+                // Check if iCloud is enabled
+                const icloudEnabled = this.checkICloudEnabled();
+                return icloudEnabled;
+            }
+            return true;
+        });
+        // Determine applicable attack vectors
+        const applicableVectors = ATTACK_VECTORS.filter(vector => {
+            // All vectors apply to Apple device users
+            return true;
+        });
+        // Calculate risk score
+        let riskScore = 0;
+        for (const vector of applicableVectors) {
+            if (vector.userDefense === 'none')
+                riskScore += 30;
+            else if (vector.userDefense === 'partial')
+                riskScore += 15;
+            if (vector.detectability === 'none')
+                riskScore += 20;
+            else if (vector.detectability === 'low')
+                riskScore += 10;
+        }
+        riskScore = Math.min(100, riskScore / applicableVectors.length * 10);
+        return {
+            actors: relevantActors,
+            vectors: applicableVectors,
+            riskScore,
+        };
+    }
+    /**
+     * Scan for Indicators of Compromise
+     */
+    async scanForIOCs() {
+        const found = [];
+        // Check for unexpected Apple infrastructure connections
+        const netstat = this.exec('netstat -an 2>/dev/null | grep ESTABLISHED');
+        const appleIPs = netstat.match(/\b(17\.\d+\.\d+\.\d+|18\.\d+\.\d+\.\d+)\b/g) || [];
+        for (const ip of [...new Set(appleIPs)]) {
+            // Check if this is a known Apple IP range
+            const isKnownApple = this.isKnownAppleIP(ip);
+            if (!isKnownApple) {
+                found.push({
+                    type: 'ip',
+                    value: ip,
+                    confidence: 0.6,
+                    source: 'network_scan',
+                    firstSeen: new Date().toISOString(),
+                    lastSeen: new Date().toISOString(),
+                    context: 'Unknown IP in Apple range - possible infrastructure change or anomaly',
+                });
+            }
+        }
+        // Check for suspicious certificates
+        const certs = this.exec('security find-certificate -a -p /System/Library/Keychains/SystemRootCertificates.keychain 2>/dev/null | grep -c "BEGIN CERTIFICATE"');
+        const certCount = parseInt(certs.trim()) || 0;
+        // macOS typically has ~150-180 root certificates
+        if (certCount > 200 || certCount < 100) {
+            found.push({
+                type: 'certificate',
+                value: `Unexpected certificate count: ${certCount}`,
+                confidence: 0.7,
+                source: 'certificate_scan',
+                firstSeen: new Date().toISOString(),
+                lastSeen: new Date().toISOString(),
+                context: 'Unusual number of root certificates - possible CA injection',
+            });
+        }
+        // Check for suspicious LaunchDaemons/Agents
+        const launchItems = this.exec('ls -la /Library/LaunchDaemons /Library/LaunchAgents ~/Library/LaunchAgents 2>/dev/null | grep -v "^total" | grep -v "com.apple"');
+        if (launchItems.trim()) {
+            const nonAppleItems = launchItems.split('\n').filter(l => l.trim());
+            for (const item of nonAppleItems.slice(0, 5)) {
+                found.push({
+                    type: 'filename',
+                    value: item.trim(),
+                    confidence: 0.5,
+                    source: 'persistence_scan',
+                    firstSeen: new Date().toISOString(),
+                    lastSeen: new Date().toISOString(),
+                    context: 'Non-Apple persistence mechanism - review for legitimacy',
+                });
+            }
+        }
+        // Check for unexpected kernel extensions
+        const kexts = this.exec('kextstat 2>/dev/null | grep -v com.apple');
+        if (kexts.trim()) {
+            const nonAppleKexts = kexts.split('\n').filter(l => l.trim());
+            for (const kext of nonAppleKexts.slice(0, 3)) {
+                found.push({
+                    type: 'filename',
+                    value: kext.trim(),
+                    confidence: 0.6,
+                    source: 'kernel_scan',
+                    firstSeen: new Date().toISOString(),
+                    lastSeen: new Date().toISOString(),
+                    context: 'Third-party kernel extension - potential attack vector',
+                });
+            }
+        }
+        this.iocs.push(...found);
+        return found;
+    }
+    /**
+     * Detect traffic anomalies
+     */
+    async detectAnomalies() {
+        const found = [];
+        // Check for unusual connection volumes
+        const connCount = this.exec('netstat -an | grep ESTABLISHED | wc -l');
+        const count = parseInt(connCount.trim()) || 0;
+        if (count > 100) {
+            found.push({
+                id: `anomaly_${Date.now()}_conn`,
+                timestamp: new Date().toISOString(),
+                type: 'volume',
+                severity: count > 200 ? 'high' : 'medium',
+                description: `High number of established connections: ${count}`,
+                evidence: `netstat count: ${count}`,
+                recommendation: 'Review active connections for data exfiltration',
+            });
+        }
+        // Check for connections to unusual ports
+        const unusualPorts = this.exec('netstat -an | grep ESTABLISHED | grep -E "\\.(4444|5555|6666|31337|8080|8443|9999)\\s"');
+        if (unusualPorts.trim()) {
+            found.push({
+                id: `anomaly_${Date.now()}_port`,
+                timestamp: new Date().toISOString(),
+                type: 'destination',
+                severity: 'high',
+                description: 'Connection to suspicious port detected',
+                evidence: unusualPorts.trim().slice(0, 200),
+                recommendation: 'Investigate process making connection; may indicate C2',
+            });
+        }
+        // Check Apple Push Service connection status
+        const apsdConn = this.exec('lsof -i :5223 2>/dev/null');
+        if (!apsdConn.includes('apsd')) {
+            found.push({
+                id: `anomaly_${Date.now()}_apsd`,
+                timestamp: new Date().toISOString(),
+                type: 'protocol',
+                severity: 'medium',
+                description: 'APNs daemon (apsd) not connected on port 5223',
+                evidence: 'Missing apsd connection',
+                recommendation: 'May indicate network filtering or service disruption',
+            });
+        }
+        // Check for DNS anomalies
+        try {
+            const appleIPs = await dnsResolve4('apple.com');
+            const isAppleRange = appleIPs.some(ip => ip.startsWith('17.') || ip.startsWith('18.'));
+            if (!isAppleRange) {
+                found.push({
+                    id: `anomaly_${Date.now()}_dns`,
+                    timestamp: new Date().toISOString(),
+                    type: 'destination',
+                    severity: 'critical',
+                    description: 'apple.com resolving to non-Apple IP range',
+                    evidence: `Resolved to: ${appleIPs.join(', ')}`,
+                    recommendation: 'Possible DNS hijacking - verify DNS configuration',
+                });
+            }
+        }
+        catch {
+            found.push({
+                id: `anomaly_${Date.now()}_dns_fail`,
+                timestamp: new Date().toISOString(),
+                type: 'protocol',
+                severity: 'medium',
+                description: 'Unable to resolve apple.com',
+                evidence: 'DNS resolution failed',
+                recommendation: 'Check network connectivity and DNS settings',
+            });
+        }
+        this.anomalies.push(...found);
+        return found;
+    }
+    /**
+     * Generate capability assessment for specific threat actor
+     */
+    assessCapabilities(actorId) {
+        const actor = KNOWN_THREAT_ACTORS.find(a => a.id === actorId);
+        if (!actor)
+            return [];
+        const assessments = [];
+        for (const capability of actor.capabilities) {
+            const assessment = {
+                threatActor: actor.name,
+                capability,
+                technicalRequirements: this.getRequirementsForCapability(capability),
+                resourceRequirements: actor.type === 'nation-state' ? 'nation-state' : 'corporate',
+                likelihoodOfUse: this.assessLikelihood(capability, actor),
+                impactIfUsed: this.assessImpact(capability),
+                detectionMethods: this.getDetectionMethods(capability),
+                mitigations: this.getMitigations(capability),
+            };
+            assessments.push(assessment);
+        }
+        return assessments;
+    }
+    /**
+     * Generate comprehensive threat report
+     */
+    async generateThreatReport(scope = 'Full Apple Ecosystem Analysis') {
+        const landscape = await this.analyzeThreatLandscape();
+        const iocs = await this.scanForIOCs();
+        const anomalies = await this.detectAnomalies();
+        // Get capabilities for primary threat actor
+        const capabilities = this.assessCapabilities('ta-apple-internal');
+        const report = {
+            id: `threat_${Date.now()}_${Math.random().toString(36).substring(7)}`,
+            generatedAt: new Date().toISOString(),
+            scope,
+            threatActors: landscape.actors,
+            attackVectors: landscape.vectors,
+            iocs,
+            anomalies,
+            capabilities,
+            riskScore: landscape.riskScore,
+            executiveSummary: this.generateExecutiveSummary(landscape, iocs, anomalies),
+            technicalDetails: this.generateTechnicalDetails(landscape, capabilities),
+            recommendations: this.generateRecommendations(landscape, iocs, anomalies),
+            hash: '',
+        };
+        // Calculate hash
+        const reportJson = JSON.stringify(report, null, 2);
+        report.hash = crypto.createHash('sha256').update(reportJson).digest('hex');
+        // Save report
+        this.saveReport(report);
+        return report;
+    }
+    // ─────────────────────────────────────────────────────────────────────────────
+    // HELPER METHODS
+    // ─────────────────────────────────────────────────────────────────────────────
+    checkICloudEnabled() {
+        const icloudPath = `${process.env['HOME']}/Library/Mobile Documents`;
+        return fs.existsSync(icloudPath);
+    }
+    isKnownAppleIP(ip) {
+        // Apple's known ranges: 17.0.0.0/8 and portions of 18.x.x.x
+        // This is simplified - in production you'd use a full IP database
+        return ip.startsWith('17.') || ip.startsWith('18.');
+    }
+    getRequirementsForCapability(capability) {
+        const requirements = {
+            'Full device control via firmware': ['Firmware signing keys', 'Update distribution infrastructure'],
+            'Key injection into iCloud Keychain': ['Escrow HSM access', 'iCloud authentication'],
+            'Push notification injection': ['APNs infrastructure', 'Device token database'],
+            'Software update manipulation': ['Code signing keys', 'Update servers'],
+            'Certificate authority control': ['Root CA private keys', 'Certificate infrastructure'],
+            'DNS manipulation for Apple domains': ['Authoritative DNS access', 'Zone file control'],
+            'iMessage key substitution': ['IDS key database', 'Key distribution servers'],
+            'Activation Lock control': ['Activation servers', 'Device database'],
+            'Location tracking via Find My': ['Find My infrastructure', 'Device registration'],
+            'Remote device wipe': ['MDM infrastructure', 'Device enrollment'],
+        };
+        return requirements[capability] || ['Unknown requirements'];
+    }
+    assessLikelihood(capability, actor) {
+        // Capabilities that are routine operations
+        const routineCapabilities = ['Location tracking via Find My', 'Remote device wipe'];
+        if (routineCapabilities.includes(capability))
+            return 'high';
+        // Capabilities requiring legal process
+        const legalCapabilities = ['Full device control via firmware', 'iMessage key substitution'];
+        if (legalCapabilities.includes(capability))
+            return 'low';
+        return 'medium';
+    }
+    assessImpact(capability) {
+        const criticalCapabilities = [
+            'Full device control via firmware',
+            'Key injection into iCloud Keychain',
+            'iMessage key substitution',
+            'Certificate authority control',
+        ];
+        if (criticalCapabilities.includes(capability))
+            return 'critical';
+        const highCapabilities = [
+            'Software update manipulation',
+            'DNS manipulation for Apple domains',
+            'Push notification injection',
+        ];
+        if (highCapabilities.includes(capability))
+            return 'high';
+        return 'medium';
+    }
+    getDetectionMethods(capability) {
+        const methods = {
+            'Full device control via firmware': ['Firmware version monitoring', 'Boot attestation (if available)'],
+            'Key injection into iCloud Keychain': ['Key count monitoring', 'Device list auditing', 'Key Transparency checks'],
+            'Push notification injection': ['Notification logging', 'Payload inspection'],
+            'Software update manipulation': ['Update hash verification', 'Delta analysis'],
+            'Certificate authority control': ['Certificate monitoring', 'CT log checking', 'Pin validation'],
+            'DNS manipulation for Apple domains': ['DNS response monitoring', 'IP range validation'],
+            'iMessage key substitution': ['Key Transparency alerts', 'Manual key verification'],
+            'Activation Lock control': ['Activation status monitoring'],
+            'Location tracking via Find My': ['Location access logs', 'Find My status'],
+            'Remote device wipe': ['MDM profile monitoring', 'Backup status'],
+        };
+        return methods[capability] || ['Manual inspection required'];
+    }
+    getMitigations(capability) {
+        const mitigations = {
+            'Full device control via firmware': ['No user mitigation available', 'Legal/regulatory pressure'],
+            'Key injection into iCloud Keychain': ['Disable iCloud Keychain', 'Use third-party password manager', 'Monitor Key Transparency'],
+            'Push notification injection': ['Disable notifications for sensitive apps', 'Use alternative messaging'],
+            'Software update manipulation': ['Delay updates to verify community reports', 'Hash verification'],
+            'Certificate authority control': ['Use certificate pinning where possible', 'Monitor for new CAs'],
+            'DNS manipulation for Apple domains': ['Use third-party DNS with DNSSEC', 'VPN with trusted provider'],
+            'iMessage key substitution': ['Verify keys out-of-band', 'Use Signal/other E2E apps', 'Enable Contact Key Verification'],
+            'Activation Lock control': ['Maintain local backups', 'Document ownership'],
+            'Location tracking via Find My': ['Disable Find My', 'Location Services control'],
+            'Remote device wipe': ['Local encrypted backups', 'Avoid MDM enrollment'],
+        };
+        return mitigations[capability] || ['Consult security professional'];
+    }
+    generateExecutiveSummary(landscape, iocs, anomalies) {
+        const lines = [];
+        lines.push('EXECUTIVE SUMMARY');
+        lines.push('═'.repeat(60));
+        lines.push('');
+        lines.push(`Risk Score: ${landscape.riskScore}/100`);
+        lines.push(`Threat Actors Analyzed: ${landscape.actors.length}`);
+        lines.push(`Attack Vectors Identified: ${landscape.vectors.length}`);
+        lines.push(`IOCs Detected: ${iocs.length}`);
+        lines.push(`Traffic Anomalies: ${anomalies.length}`);
+        lines.push('');
+        lines.push('KEY FINDINGS:');
+        lines.push('');
+        // Summarize by user defense capability
+        const noDefense = landscape.vectors.filter(v => v.userDefense === 'none').length;
+        const partialDefense = landscape.vectors.filter(v => v.userDefense === 'partial').length;
+        lines.push(`• ${noDefense} attack vectors have NO user defense available`);
+        lines.push(`• ${partialDefense} attack vectors have only PARTIAL defense`);
+        lines.push(`• ${landscape.vectors.length - noDefense - partialDefense} attack vectors can be fully defended`);
+        lines.push('');
+        // Highlight critical IOCs
+        const criticalIOCs = iocs.filter(i => i.confidence > 0.7);
+        if (criticalIOCs.length > 0) {
+            lines.push(`• ${criticalIOCs.length} high-confidence IOCs require investigation`);
+        }
+        // Highlight critical anomalies
+        const criticalAnomalies = anomalies.filter(a => a.severity === 'critical' || a.severity === 'high');
+        if (criticalAnomalies.length > 0) {
+            lines.push(`• ${criticalAnomalies.length} critical/high severity anomalies detected`);
+        }
+        lines.push('');
+        lines.push('CONCLUSION:');
+        lines.push('The analysis demonstrates significant attack surface exposure with');
+        lines.push('limited user defense options against platform-level threats.');
+        return lines.join('\n');
+    }
+    generateTechnicalDetails(landscape, capabilities) {
+        const lines = [];
+        lines.push('TECHNICAL DETAILS');
+        lines.push('═'.repeat(60));
+        lines.push('');
+        // Attack vectors by category
+        lines.push('ATTACK VECTORS BY CATEGORY:');
+        lines.push('');
+        const categories = ['network', 'application', 'supply-chain', 'physical'];
+        for (const cat of categories) {
+            const vectors = landscape.vectors.filter(v => v.category === cat);
+            if (vectors.length > 0) {
+                lines.push(`[${cat.toUpperCase()}]`);
+                for (const v of vectors) {
+                    lines.push(`  • ${v.name} (${v.mitreId})`);
+                    lines.push(`    User Defense: ${v.userDefense.toUpperCase()}`);
+                    lines.push(`    Detectability: ${v.detectability.toUpperCase()}`);
+                }
+                lines.push('');
+            }
+        }
+        // Capability assessment summary
+        lines.push('CAPABILITY ASSESSMENT:');
+        lines.push('');
+        const criticalCaps = capabilities.filter(c => c.impactIfUsed === 'critical');
+        for (const cap of criticalCaps) {
+            lines.push(`  • ${cap.capability}`);
+            lines.push(`    Impact: CRITICAL`);
+            lines.push(`    Detection: ${cap.detectionMethods.slice(0, 2).join(', ')}`);
+        }
+        return lines.join('\n');
+    }
+    generateRecommendations(landscape, iocs, anomalies) {
+        const recommendations = [];
+        // Based on attack vectors
+        recommendations.push('IMMEDIATE ACTIONS:');
+        recommendations.push('1. Enable Contact Key Verification for iMessage if available');
+        recommendations.push('2. Review and audit iCloud Keychain device list');
+        recommendations.push('3. Monitor for unexpected certificate changes');
+        recommendations.push('4. Consider third-party DNS with DNSSEC');
+        // Based on IOCs
+        if (iocs.length > 0) {
+            recommendations.push('');
+            recommendations.push('IOC RESPONSE:');
+            recommendations.push('5. Investigate each detected IOC for legitimacy');
+            recommendations.push('6. Document findings for potential legal action');
+        }
+        // Based on anomalies
+        if (anomalies.some(a => a.severity === 'critical')) {
+            recommendations.push('');
+            recommendations.push('CRITICAL ANOMALY RESPONSE:');
+            recommendations.push('7. Immediately investigate critical anomalies');
+            recommendations.push('8. Consider network isolation if compromise suspected');
+        }
+        // Long-term
+        recommendations.push('');
+        recommendations.push('LONG-TERM STRATEGY:');
+        recommendations.push('9. Implement continuous monitoring for all identified attack vectors');
+        recommendations.push('10. Maintain evidence packages for potential legal proceedings');
+        recommendations.push('11. Consider alternative platforms for high-security communications');
+        recommendations.push('12. Engage legal counsel regarding platform provider obligations');
+        return recommendations;
+    }
+    saveReport(report) {
+        const reportPath = path.join(this.evidenceDir, `threat_report_${report.id}.json`);
+        fs.writeFileSync(reportPath, JSON.stringify(report, null, 2));
+        // Generate human-readable version
+        const textPath = path.join(this.evidenceDir, `THREAT_REPORT_${report.id}.txt`);
+        const lines = [];
+        lines.push('═'.repeat(80));
+        lines.push('                    THREAT INTELLIGENCE REPORT');
+        lines.push('═'.repeat(80));
+        lines.push('');
+        lines.push(`Report ID: ${report.id}`);
+        lines.push(`Generated: ${report.generatedAt}`);
+        lines.push(`Scope: ${report.scope}`);
+        lines.push(`Risk Score: ${report.riskScore}/100`);
+        lines.push(`SHA-256: ${report.hash}`);
+        lines.push('');
+        lines.push(report.executiveSummary);
+        lines.push('');
+        lines.push(report.technicalDetails);
+        lines.push('');
+        lines.push('RECOMMENDATIONS');
+        lines.push('═'.repeat(60));
+        lines.push('');
+        lines.push(report.recommendations.join('\n'));
+        lines.push('');
+        lines.push('═'.repeat(80));
+        lines.push('                    END OF REPORT');
+        lines.push('═'.repeat(80));
+        fs.writeFileSync(textPath, lines.join('\n'));
+    }
+    exec(cmd) {
+        try {
+            return execSync(cmd, { encoding: 'utf-8', maxBuffer: 10 * 1024 * 1024 });
+        }
+        catch {
+            return '';
+        }
+    }
+}
+// ═══════════════════════════════════════════════════════════════════════════════
+// EXPORTS
+// ═══════════════════════════════════════════════════════════════════════════════
+export { KNOWN_THREAT_ACTORS, ATTACK_VECTORS };
+export async function runThreatAnalysis(evidenceDir) {
+    const engine = new ThreatIntelligenceEngine(evidenceDir);
+    return engine.generateThreatReport();
+}
+//# sourceMappingURL=threatIntelligenceTools.js.map