npm - jaku.sh - Versions diffs - 1.0.0 - Mend

jaku.sh 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (69) hide show

package/LICENSE +52 -0
package/README.md +636 -0
package/action.yml +264 -0
package/bin/jaku +2 -0
package/package.json +62 -0
package/src/agents/ai-agent.js +175 -0
package/src/agents/api-agent.js +95 -0
package/src/agents/base-agent.js +158 -0
package/src/agents/crawl-agent.js +175 -0
package/src/agents/event-bus.js +59 -0
package/src/agents/findings-ledger.js +410 -0
package/src/agents/logic-agent.js +144 -0
package/src/agents/orchestrator.js +323 -0
package/src/agents/qa-agent.js +149 -0
package/src/agents/security-agent.js +211 -0
package/src/cli.js +423 -0
package/src/core/accessibility-checker.js +171 -0
package/src/core/ai/ai-endpoint-detector.js +227 -0
package/src/core/ai/guardrail-prober.js +362 -0
package/src/core/ai/indirect-injector.js +106 -0
package/src/core/ai/jailbreak-tester.js +212 -0
package/src/core/ai/model-dos-tester.js +174 -0
package/src/core/ai/model-fingerprinter.js +246 -0
package/src/core/ai/multi-turn-attacker.js +297 -0
package/src/core/ai/output-analyzer.js +182 -0
package/src/core/ai/prompt-injector.js +543 -0
package/src/core/ai/system-prompt-extractor.js +244 -0
package/src/core/api/api-key-auditor.js +266 -0
package/src/core/api/auth-flow-tester.js +430 -0
package/src/core/api/cors-ws-tester.js +263 -0
package/src/core/api/graphql-tester.js +287 -0
package/src/core/api/oauth-prober.js +343 -0
package/src/core/auth-manager.js +902 -0
package/src/core/broken-flow-detector.js +207 -0
package/src/core/browser-manager.js +119 -0
package/src/core/console-monitor.js +111 -0
package/src/core/crawler.js +430 -0
package/src/core/csr-waiter.js +410 -0
package/src/core/form-validator.js +240 -0
package/src/core/logic/abuse-pattern-scanner.js +291 -0
package/src/core/logic/access-boundary-tester.js +448 -0
package/src/core/logic/business-rule-inferrer.js +196 -0
package/src/core/logic/graphql-auditor.js +298 -0
package/src/core/logic/parameter-polluter.js +212 -0
package/src/core/logic/pricing-exploiter.js +299 -0
package/src/core/logic/race-condition-detector.js +222 -0
package/src/core/logic/workflow-enforcer.js +284 -0
package/src/core/performance-checker.js +204 -0
package/src/core/responsive-checker.js +228 -0
package/src/core/security/cors-prober.js +150 -0
package/src/core/security/csrf-prober.js +217 -0
package/src/core/security/dependency-auditor.js +182 -0
package/src/core/security/file-upload-tester.js +340 -0
package/src/core/security/header-analyzer.js +324 -0
package/src/core/security/infra-scanner.js +391 -0
package/src/core/security/path-traversal.js +112 -0
package/src/core/security/prototype-pollution.js +147 -0
package/src/core/security/secret-detector.js +517 -0
package/src/core/security/sqli-prober.js +257 -0
package/src/core/security/tls-checker.js +223 -0
package/src/core/security/xss-scanner.js +225 -0
package/src/core/test-generator.js +339 -0
package/src/core/test-runner.js +398 -0
package/src/reporting/diff-reporter.js +172 -0
package/src/reporting/report-generator.js +408 -0
package/src/reporting/sarif-generator.js +190 -0
package/src/utils/config.js +57 -0
package/src/utils/finding.js +67 -0
package/src/utils/logger.js +50 -0

package/LICENSE ADDED Viewed

@@ -0,0 +1,52 @@
+Jaku Public License v1.0
+Copyright (c) 2026 Shantanu Pandey (https://github.com/theshantanupandey)
+Permission is hereby granted, free of charge, to any person or organization
+obtaining a copy of this software and associated documentation files (the
+"Software"), to use, copy, modify, merge, publish, distribute, sublicense,
+and/or sell copies of the Software, and to permit persons to whom the Software
+is furnished to do so, subject to the following conditions:
+1. ATTRIBUTION
+   The above copyright notice and this permission notice shall be included in
+   all copies or substantial portions of the Software. Any public-facing use,
+   derivative work, or redistribution must include clear attribution to the
+   original author:
+       "Built with JAKU — https://github.com/theshantanupandey/jaku"
+   This attribution may appear in documentation, README files, about pages,
+   or CLI output, but must be reasonably discoverable by end users.
+2. TRADEMARK & BRANDING
+   The name "JAKU", the JAKU logo, and associated branding are trademarks of
+   Shantanu Pandey. You may NOT use the name "JAKU" or any confusingly similar
+   name in the title or branding of derivative products without prior written
+   permission from the copyright holder. This restriction does not apply to
+   accurate descriptive references (e.g., "based on JAKU" or "compatible with
+   JAKU").
+3. NO WARRANTY
+   THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+   IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+   FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+4. LIMITATION OF LIABILITY
+   IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
+   DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
+   OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
+   USE OR OTHER DEALINGS IN THE SOFTWARE.
+5. RESPONSIBLE USE
+   This software is intended for authorized security testing and quality
+   assurance purposes only. Users are solely responsible for ensuring that
+   their use of the Software complies with all applicable laws, regulations,
+   and the terms of service of any systems being tested. The authors disclaim
+   all liability for unauthorized or malicious use.
+6. CONTRIBUTIONS
+   By submitting contributions (pull requests, patches, issues, or other
+   modifications) to this project, you agree to license your contributions
+   under the same terms as this license, and you represent that you have the
+   right to do so.