kramscan 0.1.0 → 0.2.0

package/dist/core/ai-client.js

@@ -4,9 +4,54 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.createAIClient = createAIClient;
+exports.generateExecutiveSummary = generateExecutiveSummary;
 const openai_1 = __importDefault(require("openai"));
 const sdk_1 = __importDefault(require("@anthropic-ai/sdk"));
+const generative_ai_1 = require("@google/generative-ai");
+const mistralai_1 = require("@mistralai/mistralai");
 const config_1 = require("./config");
+function getApiKeyFromEnv(provider) {
+    const envVars = {
+        openai: process.env.OPENAI_API_KEY || "",
+        anthropic: process.env.ANTHROPIC_API_KEY || "",
+        gemini: process.env.GEMINI_API_KEY || "",
+        mistral: process.env.MISTRAL_API_KEY || "",
+        openrouter: process.env.OPENROUTER_API_KEY || "",
+        kimi: process.env.KIMI_API_KEY || "",
+        groq: process.env.GROQ_API_KEY || "",
+    };
+    return envVars[provider] || "";
+}
+async function createAIClient() {
+    const config = await (0, config_1.getConfig)();
+    if (!config.ai.enabled) {
+        throw new Error("AI analysis is not enabled. Run 'kramscan onboard' first.");
+    }
+    const provider = config.ai.provider;
+    const apiKey = config.ai.apiKey || getApiKeyFromEnv(provider);
+    const model = config.ai.defaultModel;
+    if (!apiKey) {
+        throw new Error(`No API key configured for ${provider}. Run 'kramscan onboard' or set ${provider.toUpperCase()}_API_KEY environment variable.`);
+    }
+    switch (provider) {
+        case "openai":
+            return new OpenAIClient(apiKey, model);
+        case "anthropic":
+            return new AnthropicClient(apiKey, model);
+        case "gemini":
+            return new GeminiClient(apiKey, model);
+        case "openrouter":
+            return new OpenRouterClient(apiKey, model);
+        case "mistral":
+            return new MistralClient(apiKey, model);
+        case "kimi":
+            return new KimiClient(apiKey, model);
+        case "groq":
+            return new GroqClient(apiKey, model);
+        default:
+            throw new Error(`Unsupported AI provider: ${provider}`);
+    }
+}
 class OpenAIClient {
     client;
     model;
@@ -14,13 +59,14 @@ class OpenAIClient {
         this.client = new openai_1.default({ apiKey });
         this.model = model;
     }
-    async analyze(prompt) {
+    async analyze(prompt, systemPrompt) {
         const response = await this.client.chat.completions.create({
             model: this.model,
             messages: [
                 {
                     role: "system",
-                    content: "You are a security expert analyzing web application vulnerabilities. Provide detailed, actionable insights.",
+                    content: systemPrompt ||
+                        "You are a security expert analyzing web application vulnerabilities. Provide detailed, actionable insights.",
                 },
                 { role: "user", content: prompt },
             ],
@@ -44,7 +90,7 @@ class AnthropicClient {
         this.client = new sdk_1.default({ apiKey });
         this.model = model;
     }
-    async analyze(prompt) {
+    async analyze(prompt, systemPrompt) {
         const response = await this.client.messages.create({
             model: this.model,
             max_tokens: 4096,
@@ -54,7 +100,8 @@ class AnthropicClient {
                     content: prompt,
                 },
             ],
-            system: "You are a security expert analyzing web application vulnerabilities. Provide detailed, actionable insights.",
+            system: systemPrompt ||
+                "You are a security expert analyzing web application vulnerabilities. Provide detailed, actionable insights.",
         });
         const content = response.content[0]?.type === "text" ? response.content[0].text : "";
         return {
@@ -67,23 +114,187 @@ class AnthropicClient {
         };
     }
 }
-function createAIClient() {
-    const config = (0, config_1.getConfig)();
-    if (!config.ai.enabled) {
-        throw new Error("AI analysis is not enabled. Run 'kramscan onboard' first.");
+class GeminiClient {
+    client;
+    model;
+    constructor(apiKey, model) {
+        this.client = new generative_ai_1.GoogleGenerativeAI(apiKey);
+        this.model = model;
     }
-    const provider = config.ai.provider;
-    const apiKey = config.ai.apiKey;
-    const model = config.ai.defaultModel;
-    if (!apiKey) {
-        throw new Error(`No API key configured for ${provider}. Run 'kramscan onboard' to set it up.`);
+    async analyze(prompt, systemPrompt) {
+        const generativeModel = this.client.getGenerativeModel({ model: this.model });
+        const result = await generativeModel.generateContent([
+            systemPrompt || "You are a security expert analyzing web application vulnerabilities. Provide detailed, actionable insights.",
+            prompt
+        ]);
+        const response = await result.response;
+        const content = response.text();
+        return {
+            content,
+            usage: {
+                promptTokens: response.usageMetadata?.promptTokenCount || 0,
+                completionTokens: response.usageMetadata?.candidatesTokenCount || 0,
+                totalTokens: response.usageMetadata?.totalTokenCount || 0,
+            },
+        };
     }
-    switch (provider) {
-        case "openai":
-            return new OpenAIClient(apiKey, model);
-        case "anthropic":
-            return new AnthropicClient(apiKey, model);
-        default:
-            throw new Error(`Unsupported AI provider: ${provider}`);
+}
+class OpenRouterClient {
+    client;
+    model;
+    constructor(apiKey, model) {
+        this.client = new openai_1.default({
+            apiKey,
+            baseURL: "https://openrouter.ai/api/v1",
+        });
+        this.model = model;
+    }
+    async analyze(prompt, systemPrompt) {
+        const response = await this.client.chat.completions.create({
+            model: this.model,
+            messages: [
+                {
+                    role: "system",
+                    content: systemPrompt || "You are a security expert analyzing web application vulnerabilities. Provide detailed, actionable insights.",
+                },
+                { role: "user", content: prompt },
+            ],
+            temperature: 0.3,
+        });
+        const content = response.choices[0]?.message?.content || "";
+        return {
+            content,
+            usage: {
+                promptTokens: response.usage?.prompt_tokens || 0,
+                completionTokens: response.usage?.completion_tokens || 0,
+                totalTokens: response.usage?.total_tokens || 0,
+            },
+        };
+    }
+}
+class MistralClient {
+    client;
+    model;
+    constructor(apiKey, model) {
+        this.client = new mistralai_1.Mistral({ apiKey });
+        this.model = model;
     }
+    async analyze(prompt, systemPrompt) {
+        const response = await this.client.chat.complete({
+            model: this.model,
+            messages: [
+                {
+                    role: "system",
+                    content: systemPrompt || "You are a security expert analyzing web application vulnerabilities. Provide detailed, actionable insights.",
+                },
+                { role: "user", content: prompt },
+            ],
+        });
+        const content = typeof response.choices?.[0]?.message?.content === "string"
+            ? response.choices[0].message.content
+            : "";
+        return {
+            content,
+            usage: {
+                promptTokens: response.usage?.promptTokens || 0,
+                completionTokens: response.usage?.completionTokens || 0,
+                totalTokens: response.usage?.totalTokens || 0,
+            },
+        };
+    }
+}
+class KimiClient {
+    client;
+    model;
+    constructor(apiKey, model) {
+        this.client = new openai_1.default({
+            apiKey,
+            baseURL: "https://api.moonshot.cn/v1",
+        });
+        this.model = model;
+    }
+    async analyze(prompt, systemPrompt) {
+        const response = await this.client.chat.completions.create({
+            model: this.model,
+            messages: [
+                {
+                    role: "system",
+                    content: systemPrompt || "You are a security expert analyzing web application vulnerabilities. Provide detailed, actionable insights.",
+                },
+                { role: "user", content: prompt },
+            ],
+            temperature: 0.3,
+        });
+        const content = response.choices[0]?.message?.content || "";
+        return {
+            content,
+            usage: {
+                promptTokens: response.usage?.prompt_tokens || 0,
+                completionTokens: response.usage?.completion_tokens || 0,
+                totalTokens: response.usage?.total_tokens || 0,
+            },
+        };
+    }
+}
+class GroqClient {
+    client;
+    model;
+    constructor(apiKey, model) {
+        this.client = new openai_1.default({
+            apiKey,
+            baseURL: "https://api.groq.com/openai/v1",
+        });
+        this.model = model;
+    }
+    async analyze(prompt, systemPrompt) {
+        const response = await this.client.chat.completions.create({
+            model: this.model,
+            messages: [
+                {
+                    role: "system",
+                    content: systemPrompt || "You are a security expert analyzing web application vulnerabilities. Provide detailed, actionable insights.",
+                },
+                { role: "user", content: prompt },
+            ],
+            temperature: 0.3,
+        });
+        const content = response.choices[0]?.message?.content || "";
+        return {
+            content,
+            usage: {
+                promptTokens: response.usage?.prompt_tokens || 0,
+                completionTokens: response.usage?.completion_tokens || 0,
+                totalTokens: response.usage?.total_tokens || 0,
+            },
+        };
+    }
+}
+/**
+ * Generates a high-level executive summary of the scan results using AI.
+ */
+async function generateExecutiveSummary(client, result) {
+    const vulnSummary = result.vulnerabilities.map(v => `- [${v.severity.toUpperCase()}] ${v.title} on ${v.url}`).join("\n");
+    const prompt = `
+Please provide a professional executive summary for a web security scan.
+
+Target: ${result.target}
+Scan Date: ${result.timestamp}
+Total Vulnerabilities: ${result.summary.total}
+Critical: ${result.summary.critical}
+High: ${result.summary.high}
+Medium: ${result.summary.medium}
+Low: ${result.summary.low}
+
+Detailed Findings:
+${vulnSummary}
+
+The summary should:
+1. Briefly state the overall security posture.
+2. Highlight the most critical risks.
+3. Provide high-level recommendations for management.
+4. Be concise (max 3-4 paragraphs).
+`;
+    const systemPrompt = "You are a senior cybersecurity consultant writing for a non-technical executive audience. Focus on business risk and impact.";
+    const response = await client.analyze(prompt, systemPrompt);
+    return response.content;
 }

package/dist/core/ai-payloads.d.ts

@@ -0,0 +1,17 @@
+import { AIClient } from "./ai-client";
+export type PayloadType = "xss" | "sqli" | "cmdi" | "lfi";
+export interface ContextInfo {
+    htmlContext?: string;
+    tagName?: string;
+    attributeName?: string;
+    parameterName: string;
+    url: string;
+}
+export declare class PayloadGenerator {
+    private aiClient;
+    constructor(aiClient: AIClient);
+    /**
+     * Generates a list of contextual payloads based on the provided HTML context.
+     */
+    generatePayloads(type: PayloadType, context: ContextInfo): Promise<string[]>;
+}

package/dist/core/ai-payloads.js

@@ -0,0 +1,54 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.PayloadGenerator = void 0;
+class PayloadGenerator {
+    aiClient;
+    constructor(aiClient) {
+        this.aiClient = aiClient;
+    }
+    /**
+     * Generates a list of contextual payloads based on the provided HTML context.
+     */
+    async generatePayloads(type, context) {
+        const systemPrompt = `You are an expert penetration tester. Your task is to generate 5 highly effective, specialized payloads to test for ${type.toUpperCase()} vulnerabilities.
+Focus on bypass techniques relevant to the provided HTML/parameter context.
+Format your response as a simple JSON array of strings: ["payload1", "payload2", ...]
+Do not include any explanations, just the JSON array.`;
+        const prompt = `
+Generate 5 ${type.toUpperCase()} payloads for:
+Parameter: ${context.parameterName}
+URL: ${context.url}
+${context.htmlContext ? `HTML Context: ${context.htmlContext}` : ""}
+${context.tagName ? `Inside Tag: ${context.tagName}` : ""}
+${context.attributeName ? `Inside Attribute: ${context.attributeName}` : ""}
+
+Consider:
+1. Filter bypasses (WAF, sanitizers).
+2. Escape sequences if inside a string or attribute.
+3. Breaking out of tags if applicable.
+4. Non-standard encoding (URL/HTML entities) if likely needed.
+`;
+        try {
+            const response = await this.aiClient.analyze(prompt, systemPrompt);
+            const content = response.content.trim();
+            // Try to parse JSON array from the response
+            const match = content.match(/\[.*\]/s);
+            if (match) {
+                const payloads = JSON.parse(match[0]);
+                if (Array.isArray(payloads)) {
+                    return payloads.map(p => String(p));
+                }
+            }
+            // Fallback: split by newlines if JSON parsing fails
+            return content.split("\n")
+                .map(line => line.replace(/^[\d.-]\s*/, "").trim())
+                .filter(line => line.length > 0)
+                .slice(0, 5);
+        }
+        catch (error) {
+            console.error(`Error generating AI payloads: ${error.message}`);
+            return [];
+        }
+    }
+}
+exports.PayloadGenerator = PayloadGenerator;

package/dist/core/config-schema.d.ts

@@ -0,0 +1,197 @@
+import { z } from "zod";
+export declare const AiProviderNameSchema: z.ZodEnum<["openai", "anthropic", "gemini", "openrouter", "mistral", "kimi", "groq"]>;
+export declare const ReportFormatSchema: z.ZodEnum<["word", "txt", "json"]>;
+export declare const SeverityThresholdSchema: z.ZodEnum<["info", "low", "medium", "high", "critical"]>;
+export declare const ScanProfileSchema: z.ZodObject<{
+    depth: z.ZodNumber;
+    timeout: z.ZodNumber;
+    maxPages: z.ZodNumber;
+    maxLinksPerPage: z.ZodNumber;
+}, "strip", z.ZodTypeAny, {
+    depth: number;
+    timeout: number;
+    maxPages: number;
+    maxLinksPerPage: number;
+}, {
+    depth: number;
+    timeout: number;
+    maxPages: number;
+    maxLinksPerPage: number;
+}>;
+export type ScanProfile = z.infer<typeof ScanProfileSchema>;
+export declare const defaultScanProfiles: Record<string, ScanProfile>;
+export declare const ConfigSchema: z.ZodObject<{
+    ai: z.ZodObject<{
+        provider: z.ZodDefault<z.ZodEnum<["openai", "anthropic", "gemini", "openrouter", "mistral", "kimi", "groq"]>>;
+        apiKey: z.ZodDefault<z.ZodString>;
+        defaultModel: z.ZodDefault<z.ZodString>;
+        enabled: z.ZodDefault<z.ZodBoolean>;
+    }, "strip", z.ZodTypeAny, {
+        provider: "openai" | "anthropic" | "gemini" | "openrouter" | "mistral" | "kimi" | "groq";
+        apiKey: string;
+        defaultModel: string;
+        enabled: boolean;
+    }, {
+        provider?: "openai" | "anthropic" | "gemini" | "openrouter" | "mistral" | "kimi" | "groq" | undefined;
+        apiKey?: string | undefined;
+        defaultModel?: string | undefined;
+        enabled?: boolean | undefined;
+    }>;
+    scan: z.ZodObject<{
+        defaultTimeout: z.ZodDefault<z.ZodNumber>;
+        maxThreads: z.ZodDefault<z.ZodNumber>;
+        userAgent: z.ZodDefault<z.ZodString>;
+        followRedirects: z.ZodDefault<z.ZodBoolean>;
+        verifySSL: z.ZodDefault<z.ZodBoolean>;
+        rateLimitPerSecond: z.ZodDefault<z.ZodNumber>;
+        strictScope: z.ZodDefault<z.ZodBoolean>;
+        profiles: z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodObject<{
+            depth: z.ZodNumber;
+            timeout: z.ZodNumber;
+            maxPages: z.ZodNumber;
+            maxLinksPerPage: z.ZodNumber;
+        }, "strip", z.ZodTypeAny, {
+            depth: number;
+            timeout: number;
+            maxPages: number;
+            maxLinksPerPage: number;
+        }, {
+            depth: number;
+            timeout: number;
+            maxPages: number;
+            maxLinksPerPage: number;
+        }>>>;
+        defaultProfile: z.ZodDefault<z.ZodString>;
+    }, "strip", z.ZodTypeAny, {
+        defaultTimeout: number;
+        maxThreads: number;
+        userAgent: string;
+        followRedirects: boolean;
+        verifySSL: boolean;
+        rateLimitPerSecond: number;
+        strictScope: boolean;
+        profiles: Record<string, {
+            depth: number;
+            timeout: number;
+            maxPages: number;
+            maxLinksPerPage: number;
+        }>;
+        defaultProfile: string;
+    }, {
+        defaultTimeout?: number | undefined;
+        maxThreads?: number | undefined;
+        userAgent?: string | undefined;
+        followRedirects?: boolean | undefined;
+        verifySSL?: boolean | undefined;
+        rateLimitPerSecond?: number | undefined;
+        strictScope?: boolean | undefined;
+        profiles?: Record<string, {
+            depth: number;
+            timeout: number;
+            maxPages: number;
+            maxLinksPerPage: number;
+        }> | undefined;
+        defaultProfile?: string | undefined;
+    }>;
+    report: z.ZodObject<{
+        defaultFormat: z.ZodDefault<z.ZodEnum<["word", "txt", "json"]>>;
+        companyName: z.ZodDefault<z.ZodString>;
+        includeScreenshots: z.ZodDefault<z.ZodBoolean>;
+        severityThreshold: z.ZodDefault<z.ZodEnum<["info", "low", "medium", "high", "critical"]>>;
+    }, "strip", z.ZodTypeAny, {
+        defaultFormat: "word" | "txt" | "json";
+        companyName: string;
+        includeScreenshots: boolean;
+        severityThreshold: "info" | "low" | "medium" | "high" | "critical";
+    }, {
+        defaultFormat?: "word" | "txt" | "json" | undefined;
+        companyName?: string | undefined;
+        includeScreenshots?: boolean | undefined;
+        severityThreshold?: "info" | "low" | "medium" | "high" | "critical" | undefined;
+    }>;
+    skills: z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodObject<{
+        enabled: z.ZodDefault<z.ZodBoolean>;
+        timeout: z.ZodOptional<z.ZodNumber>;
+    }, "strip", z.ZodTypeAny, {
+        enabled: boolean;
+        timeout?: number | undefined;
+    }, {
+        timeout?: number | undefined;
+        enabled?: boolean | undefined;
+    }>>>;
+    proxy: z.ZodOptional<z.ZodString>;
+}, "strip", z.ZodTypeAny, {
+    ai: {
+        provider: "openai" | "anthropic" | "gemini" | "openrouter" | "mistral" | "kimi" | "groq";
+        apiKey: string;
+        defaultModel: string;
+        enabled: boolean;
+    };
+    scan: {
+        defaultTimeout: number;
+        maxThreads: number;
+        userAgent: string;
+        followRedirects: boolean;
+        verifySSL: boolean;
+        rateLimitPerSecond: number;
+        strictScope: boolean;
+        profiles: Record<string, {
+            depth: number;
+            timeout: number;
+            maxPages: number;
+            maxLinksPerPage: number;
+        }>;
+        defaultProfile: string;
+    };
+    report: {
+        defaultFormat: "word" | "txt" | "json";
+        companyName: string;
+        includeScreenshots: boolean;
+        severityThreshold: "info" | "low" | "medium" | "high" | "critical";
+    };
+    skills: Record<string, {
+        enabled: boolean;
+        timeout?: number | undefined;
+    }>;
+    proxy?: string | undefined;
+}, {
+    ai: {
+        provider?: "openai" | "anthropic" | "gemini" | "openrouter" | "mistral" | "kimi" | "groq" | undefined;
+        apiKey?: string | undefined;
+        defaultModel?: string | undefined;
+        enabled?: boolean | undefined;
+    };
+    scan: {
+        defaultTimeout?: number | undefined;
+        maxThreads?: number | undefined;
+        userAgent?: string | undefined;
+        followRedirects?: boolean | undefined;
+        verifySSL?: boolean | undefined;
+        rateLimitPerSecond?: number | undefined;
+        strictScope?: boolean | undefined;
+        profiles?: Record<string, {
+            depth: number;
+            timeout: number;
+            maxPages: number;
+            maxLinksPerPage: number;
+        }> | undefined;
+        defaultProfile?: string | undefined;
+    };
+    report: {
+        defaultFormat?: "word" | "txt" | "json" | undefined;
+        companyName?: string | undefined;
+        includeScreenshots?: boolean | undefined;
+        severityThreshold?: "info" | "low" | "medium" | "high" | "critical" | undefined;
+    };
+    skills?: Record<string, {
+        timeout?: number | undefined;
+        enabled?: boolean | undefined;
+    }> | undefined;
+    proxy?: string | undefined;
+}>;
+export type Config = z.infer<typeof ConfigSchema>;
+export type AiProviderName = z.infer<typeof AiProviderNameSchema>;
+export type ReportFormat = z.infer<typeof ReportFormatSchema>;
+export declare function validateConfig(config: unknown): Config;
+export declare function validateScanProfile(profile: unknown): ScanProfile;
+export { defaultScanProfiles as scanProfiles };

package/dist/core/config-schema.js

@@ -0,0 +1,68 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.scanProfiles = exports.ConfigSchema = exports.defaultScanProfiles = exports.ScanProfileSchema = exports.SeverityThresholdSchema = exports.ReportFormatSchema = exports.AiProviderNameSchema = void 0;
+exports.validateConfig = validateConfig;
+exports.validateScanProfile = validateScanProfile;
+const zod_1 = require("zod");
+// ─── Zod Schemas ───────────────────────────────────────────────────
+exports.AiProviderNameSchema = zod_1.z.enum([
+    "openai",
+    "anthropic",
+    "gemini",
+    "openrouter",
+    "mistral",
+    "kimi",
+    "groq",
+]);
+exports.ReportFormatSchema = zod_1.z.enum(["word", "txt", "json"]);
+exports.SeverityThresholdSchema = zod_1.z.enum(["info", "low", "medium", "high", "critical"]);
+exports.ScanProfileSchema = zod_1.z.object({
+    depth: zod_1.z.number().int().min(1).max(5),
+    timeout: zod_1.z.number().int().min(1000),
+    maxPages: zod_1.z.number().int().min(1),
+    maxLinksPerPage: zod_1.z.number().int().min(1),
+});
+// Default scan profiles
+exports.defaultScanProfiles = {
+    quick: { depth: 1, timeout: 15000, maxPages: 10, maxLinksPerPage: 20 },
+    balanced: { depth: 2, timeout: 30000, maxPages: 30, maxLinksPerPage: 50 },
+    deep: { depth: 3, timeout: 60000, maxPages: 100, maxLinksPerPage: 100 },
+};
+exports.scanProfiles = exports.defaultScanProfiles;
+exports.ConfigSchema = zod_1.z.object({
+    ai: zod_1.z.object({
+        provider: exports.AiProviderNameSchema.default("openai"),
+        apiKey: zod_1.z.string().default(""),
+        defaultModel: zod_1.z.string().default("gpt-4"),
+        enabled: zod_1.z.boolean().default(false),
+    }),
+    scan: zod_1.z.object({
+        defaultTimeout: zod_1.z.number().int().min(1000).default(30000),
+        maxThreads: zod_1.z.number().int().min(1).max(20).default(5),
+        userAgent: zod_1.z.string().default("KramScan/0.1.1"),
+        followRedirects: zod_1.z.boolean().default(true),
+        verifySSL: zod_1.z.boolean().default(true),
+        rateLimitPerSecond: zod_1.z.number().int().min(1).max(100).default(5),
+        strictScope: zod_1.z.boolean().default(true),
+        profiles: zod_1.z.record(exports.ScanProfileSchema).default(exports.defaultScanProfiles),
+        defaultProfile: zod_1.z.string().default("balanced"),
+    }),
+    report: zod_1.z.object({
+        defaultFormat: exports.ReportFormatSchema.default("word"),
+        companyName: zod_1.z.string().default("Your Company"),
+        includeScreenshots: zod_1.z.boolean().default(false),
+        severityThreshold: exports.SeverityThresholdSchema.default("low"),
+    }),
+    skills: zod_1.z.record(zod_1.z.object({
+        enabled: zod_1.z.boolean().default(true),
+        timeout: zod_1.z.number().int().optional(),
+    })).default({}),
+    proxy: zod_1.z.string().optional(),
+});
+// Validation function
+function validateConfig(config) {
+    return exports.ConfigSchema.parse(config);
+}
+function validateScanProfile(profile) {
+    return exports.ScanProfileSchema.parse(profile);
+}

package/dist/core/config-schema.test.d.ts

@@ -0,0 +1 @@
+export {};