kramscan 0.1.0 → 0.2.0

package/dist/core/vulnerability-detector.test.js

@@ -0,0 +1,210 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const vulnerability_detector_1 = require("./vulnerability-detector");
+describe("VulnerabilityDetector", () => {
+    let detector;
+    beforeEach(() => {
+        detector = new vulnerability_detector_1.VulnerabilityDetector();
+    });
+    // ─── detectXSS ─────────────────────────────────────────────────
+    describe("detectXSS", () => {
+        it("should detect reflected XSS when payload is in response", () => {
+            const payload = "<script>alert('XSS')</script>";
+            detector.detectXSS("https://example.com/search?q=test", "q", payload, `<html><body>${payload}</body></html>`);
+            const vulns = detector.getVulnerabilities();
+            expect(vulns).toHaveLength(1);
+            expect(vulns[0].type).toBe("xss");
+            expect(vulns[0].severity).toBe("high");
+            expect(vulns[0].cwe).toBe("CWE-79");
+        });
+        it("should not report XSS when payload is not reflected", () => {
+            detector.detectXSS("https://example.com/search", "q", "<script>alert(1)</script>", "<html><body>Safe content</body></html>");
+            expect(detector.getVulnerabilities()).toHaveLength(0);
+        });
+        it("should report XSS for each detection call (no deduplication)", () => {
+            const payload = "<script>alert('XSS')</script>";
+            const response = `<html>${payload}</html>`;
+            detector.detectXSS("https://example.com", "q", payload, response);
+            detector.detectXSS("https://example.com", "q", payload, response);
+            // XSS detection does not deduplicate — each call adds a separate finding
+            expect(detector.getVulnerabilities()).toHaveLength(2);
+        });
+    });
+    // ─── detectSQLi ────────────────────────────────────────────────
+    describe("detectSQLi", () => {
+        it("should detect SQL injection from error messages", () => {
+            detector.detectSQLi("https://example.com/users?id=1", "id", "You have an error in your SQL syntax near '1'");
+            const vulns = detector.getVulnerabilities();
+            expect(vulns).toHaveLength(1);
+            expect(vulns[0].type).toBe("sqli");
+            expect(vulns[0].severity).toBe("critical");
+            expect(vulns[0].cwe).toBe("CWE-89");
+        });
+        it("should detect PostgreSQL errors", () => {
+            detector.detectSQLi("https://example.com/api", "q", "ERROR: PostgreSQL syntax error at position 42");
+            expect(detector.getVulnerabilities()).toHaveLength(1);
+        });
+        it("should not report when no SQL errors found", () => {
+            detector.detectSQLi("https://example.com", "q", "<html><body>Normal content</body></html>");
+            expect(detector.getVulnerabilities()).toHaveLength(0);
+        });
+        it("should deduplicate SQLi findings for the same URL", () => {
+            detector.detectSQLi("https://example.com", "id", "SQL syntax error");
+            detector.detectSQLi("https://example.com", "name", "ORA-00933 error");
+            expect(detector.getVulnerabilities()).toHaveLength(1);
+        });
+    });
+    // ─── detectBlindSQLi ───────────────────────────────────────────
+    describe("detectBlindSQLi", () => {
+        it("should detect time-based blind SQLi when delay exceeds threshold", () => {
+            detector.detectBlindSQLi("https://example.com", "id", 500, 4000);
+            const vulns = detector.getVulnerabilities();
+            expect(vulns).toHaveLength(1);
+            expect(vulns[0].type).toBe("sqli");
+            expect(vulns[0].title).toContain("Blind");
+        });
+        it("should not report when delay is within threshold", () => {
+            detector.detectBlindSQLi("https://example.com", "id", 500, 2000);
+            expect(detector.getVulnerabilities()).toHaveLength(0);
+        });
+    });
+    // ─── detectCSRF ────────────────────────────────────────────────
+    describe("detectCSRF", () => {
+        it("should detect missing CSRF token", () => {
+            detector.detectCSRF("https://example.com/form", '<form method="POST"><input name="email" /></form>');
+            const vulns = detector.getVulnerabilities();
+            expect(vulns).toHaveLength(1);
+            expect(vulns[0].type).toBe("csrf");
+            expect(vulns[0].severity).toBe("medium");
+        });
+        it("should not report when CSRF token is present", () => {
+            detector.detectCSRF("https://example.com/form", '<form method="POST"><input name="csrf_token" /><input name="email" /></form>');
+            expect(detector.getVulnerabilities()).toHaveLength(0);
+        });
+        it("should recognize _token as a valid CSRF token", () => {
+            detector.detectCSRF("https://example.com", '<form><input name="_token" value="abc123" /></form>');
+            expect(detector.getVulnerabilities()).toHaveLength(0);
+        });
+    });
+    // ─── analyzeSecurityHeaders ────────────────────────────────────
+    describe("analyzeSecurityHeaders", () => {
+        it("should detect missing security headers", () => {
+            detector.analyzeSecurityHeaders("https://example.com", {});
+            const vulns = detector.getVulnerabilities();
+            expect(vulns.length).toBeGreaterThanOrEqual(3);
+            expect(vulns.every((v) => v.type === "header")).toBe(true);
+        });
+        it("should not report when all headers are present", () => {
+            detector.analyzeSecurityHeaders("https://example.com", {
+                "content-security-policy": "default-src 'self'",
+                "x-frame-options": "DENY",
+                "strict-transport-security": "max-age=31536000",
+                "x-content-type-options": "nosniff",
+                "referrer-policy": "strict-origin-when-cross-origin",
+                "permissions-policy": "camera=()",
+            });
+            expect(detector.getVulnerabilities()).toHaveLength(0);
+        });
+        it("should only check headers once per host", () => {
+            detector.analyzeSecurityHeaders("https://example.com/page1", {});
+            const count1 = detector.getVulnerabilities().length;
+            detector.analyzeSecurityHeaders("https://example.com/page2", {});
+            const count2 = detector.getVulnerabilities().length;
+            expect(count2).toBe(count1);
+        });
+    });
+    // ─── detectSensitiveData ──────────────────────────────────────
+    describe("detectSensitiveData", () => {
+        it("should detect exposed AWS access keys", () => {
+            detector.detectSensitiveData("https://example.com", 'config = { key: "AKIAIOSFODNN7EXAMPLE" }');
+            const vulns = detector.getVulnerabilities();
+            expect(vulns).toHaveLength(1);
+            expect(vulns[0].type).toBe("sensitive_data");
+            expect(vulns[0].severity).toBe("critical");
+        });
+        it("should detect exposed JWT tokens", () => {
+            detector.detectSensitiveData("https://example.com", 'let token = "eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiIxMjM0NTY3ODkwIn0"');
+            const vulns = detector.getVulnerabilities();
+            expect(vulns).toHaveLength(1);
+            expect(vulns[0].title).toContain("JWT");
+        });
+        it("should detect private keys", () => {
+            detector.detectSensitiveData("https://example.com", "-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAK...");
+            const vulns = detector.getVulnerabilities();
+            expect(vulns).toHaveLength(1);
+            expect(vulns[0].severity).toBe("critical");
+        });
+        it("should not report on clean responses", () => {
+            detector.detectSensitiveData("https://example.com", "<html><body>Hello World</body></html>");
+            expect(detector.getVulnerabilities()).toHaveLength(0);
+        });
+    });
+    // ─── getSummary ────────────────────────────────────────────────
+    describe("getSummary", () => {
+        it("should return correct severity counts", () => {
+            // Add mixed severity vulns
+            detector.addVulnerability({
+                type: "xss", severity: "high", title: "XSS",
+                description: "test", url: "https://example.com",
+            });
+            detector.addVulnerability({
+                type: "sqli", severity: "critical", title: "SQLi",
+                description: "test", url: "https://example.com",
+            });
+            detector.addVulnerability({
+                type: "header", severity: "low", title: "Header",
+                description: "test", url: "https://example.com",
+            });
+            detector.addVulnerability({
+                type: "info", severity: "info", title: "Info",
+                description: "test", url: "https://example.com",
+            });
+            const summary = detector.getSummary();
+            expect(summary.total).toBe(4);
+            expect(summary.critical).toBe(1);
+            expect(summary.high).toBe(1);
+            expect(summary.low).toBe(1);
+            expect(summary.info).toBe(1);
+            expect(summary.medium).toBe(0);
+        });
+        it("should return zeros when no vulnerabilities", () => {
+            const summary = detector.getSummary();
+            expect(summary.total).toBe(0);
+            expect(summary.critical).toBe(0);
+        });
+    });
+    // ─── clear ─────────────────────────────────────────────────────
+    describe("clear", () => {
+        it("should remove all vulnerabilities and reset state", () => {
+            detector.addVulnerability({
+                type: "xss", severity: "high", title: "XSS",
+                description: "test", url: "https://example.com",
+            });
+            expect(detector.getVulnerabilities()).toHaveLength(1);
+            detector.clear();
+            expect(detector.getVulnerabilities()).toHaveLength(0);
+            expect(detector.getSummary().total).toBe(0);
+        });
+        it("should allow re-detecting after clear", () => {
+            detector.analyzeSecurityHeaders("https://example.com", {});
+            const count1 = detector.getVulnerabilities().length;
+            detector.clear();
+            detector.analyzeSecurityHeaders("https://example.com", {});
+            const count2 = detector.getVulnerabilities().length;
+            expect(count2).toBe(count1);
+        });
+    });
+    // ─── Callback ──────────────────────────────────────────────────
+    describe("onVulnerabilityFound callback", () => {
+        it("should call callback when vulnerability is added", () => {
+            const callback = jest.fn();
+            detector.setOnVulnerabilityFound(callback);
+            detector.addVulnerability({
+                type: "xss", severity: "high", title: "XSS",
+                description: "test", url: "https://example.com",
+            });
+            expect(callback).toHaveBeenCalledTimes(1);
+            expect(callback).toHaveBeenCalledWith(expect.objectContaining({ type: "xss", severity: "high" }));
+        });
+    });
+});

package/dist/index.js

@@ -1,6 +1,9 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 const cli_1 = require("./cli");
+const errors_1 = require("./core/errors");
+// Ensure uncaught exceptions and unhandled rejections produce useful output
+(0, errors_1.setupGlobalErrorHandlers)();
 (0, cli_1.run)().catch((err) => {
     console.error("Fatal error:", err);
     process.exit(1);

package/dist/plugins/PluginManager.d.ts

@@ -0,0 +1,27 @@
+import { VulnerabilityPlugin, PluginContext, FormData } from "./types";
+import { Vulnerability } from "../core/vulnerability-detector";
+export interface PluginExecutionResult {
+    plugin: string;
+    vulnerabilities: Vulnerability[];
+    errors: Array<{
+        url: string;
+        error: string;
+    }>;
+    duration: number;
+}
+export declare class PluginManager {
+    private plugins;
+    private enabledPlugins;
+    register(plugin: VulnerabilityPlugin): void;
+    unregister(pluginName: string): boolean;
+    enable(pluginName: string): boolean;
+    disable(pluginName: string): boolean;
+    getPlugin(name: string): VulnerabilityPlugin | undefined;
+    getAllPlugins(): VulnerabilityPlugin[];
+    getEnabledPlugins(): VulnerabilityPlugin[];
+    testParameter(context: PluginContext, param: string, value: string): Promise<PluginExecutionResult[]>;
+    testFormInput(context: PluginContext, formData: FormData): Promise<PluginExecutionResult[]>;
+    analyzeContent(context: PluginContext, content: string): Promise<PluginExecutionResult[]>;
+    analyzeHeaders(context: PluginContext, headers: Record<string, string>): Promise<PluginExecutionResult[]>;
+}
+export declare const pluginManager: PluginManager;

package/dist/plugins/PluginManager.js

@@ -0,0 +1,166 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.pluginManager = exports.PluginManager = void 0;
+class PluginManager {
+    plugins = new Map();
+    enabledPlugins = new Set();
+    register(plugin) {
+        this.plugins.set(plugin.name, plugin);
+        if (plugin.enabled) {
+            this.enabledPlugins.add(plugin.name);
+        }
+    }
+    unregister(pluginName) {
+        this.enabledPlugins.delete(pluginName);
+        return this.plugins.delete(pluginName);
+    }
+    enable(pluginName) {
+        if (this.plugins.has(pluginName)) {
+            this.enabledPlugins.add(pluginName);
+            return true;
+        }
+        return false;
+    }
+    disable(pluginName) {
+        return this.enabledPlugins.delete(pluginName);
+    }
+    getPlugin(name) {
+        return this.plugins.get(name);
+    }
+    getAllPlugins() {
+        return Array.from(this.plugins.values());
+    }
+    getEnabledPlugins() {
+        return Array.from(this.enabledPlugins)
+            .map(name => this.plugins.get(name))
+            .filter((p) => p !== undefined);
+    }
+    async testParameter(context, param, value) {
+        const results = [];
+        for (const plugin of this.getEnabledPlugins()) {
+            if (!plugin.testParameter)
+                continue;
+            const startTime = Date.now();
+            const vulnerabilities = [];
+            const errors = [];
+            try {
+                const result = await plugin.testParameter(context, param, value);
+                if (result.found && result.vulnerability) {
+                    vulnerabilities.push(result.vulnerability);
+                }
+                if (result.error) {
+                    errors.push({ url: context.url, error: result.error });
+                }
+            }
+            catch (error) {
+                errors.push({
+                    url: context.url,
+                    error: error.message
+                });
+            }
+            results.push({
+                plugin: plugin.name,
+                vulnerabilities,
+                errors,
+                duration: Date.now() - startTime,
+            });
+        }
+        return results;
+    }
+    async testFormInput(context, formData) {
+        const results = [];
+        for (const plugin of this.getEnabledPlugins()) {
+            if (!plugin.testFormInput)
+                continue;
+            const startTime = Date.now();
+            const vulnerabilities = [];
+            const errors = [];
+            try {
+                const result = await plugin.testFormInput(context, formData);
+                if (result.found && result.vulnerability) {
+                    vulnerabilities.push(result.vulnerability);
+                }
+                if (result.error) {
+                    errors.push({ url: context.url, error: result.error });
+                }
+            }
+            catch (error) {
+                errors.push({
+                    url: context.url,
+                    error: error.message
+                });
+            }
+            results.push({
+                plugin: plugin.name,
+                vulnerabilities,
+                errors,
+                duration: Date.now() - startTime,
+            });
+        }
+        return results;
+    }
+    async analyzeContent(context, content) {
+        const results = [];
+        for (const plugin of this.getEnabledPlugins()) {
+            if (!plugin.analyzeContent)
+                continue;
+            const startTime = Date.now();
+            const errors = [];
+            try {
+                const vulnerabilities = await plugin.analyzeContent(context, content);
+                results.push({
+                    plugin: plugin.name,
+                    vulnerabilities,
+                    errors,
+                    duration: Date.now() - startTime,
+                });
+            }
+            catch (error) {
+                errors.push({
+                    url: context.url,
+                    error: error.message
+                });
+                results.push({
+                    plugin: plugin.name,
+                    vulnerabilities: [],
+                    errors,
+                    duration: Date.now() - startTime,
+                });
+            }
+        }
+        return results;
+    }
+    async analyzeHeaders(context, headers) {
+        const results = [];
+        for (const plugin of this.getEnabledPlugins()) {
+            if (!plugin.analyzeHeaders)
+                continue;
+            const startTime = Date.now();
+            const errors = [];
+            try {
+                const vulnerabilities = await plugin.analyzeHeaders(context, headers);
+                results.push({
+                    plugin: plugin.name,
+                    vulnerabilities,
+                    errors,
+                    duration: Date.now() - startTime,
+                });
+            }
+            catch (error) {
+                errors.push({
+                    url: context.url,
+                    error: error.message
+                });
+                results.push({
+                    plugin: plugin.name,
+                    vulnerabilities: [],
+                    errors,
+                    duration: Date.now() - startTime,
+                });
+            }
+        }
+        return results;
+    }
+}
+exports.PluginManager = PluginManager;
+exports.pluginManager = new PluginManager();

package/dist/plugins/index.d.ts

@@ -0,0 +1,7 @@
+export { VulnerabilityPlugin, PluginContext, BaseVulnerabilityPlugin, VulnerabilityTestResult, FormData } from "./types";
+export { PluginManager, PluginExecutionResult, pluginManager } from "./PluginManager";
+export { XSSPlugin } from "./vulnerabilities/XSSPlugin";
+export { SQLInjectionPlugin } from "./vulnerabilities/SQLInjectionPlugin";
+export { SecurityHeadersPlugin } from "./vulnerabilities/SecurityHeadersPlugin";
+export { SensitiveDataPlugin } from "./vulnerabilities/SensitiveDataPlugin";
+export { CSRFPlugin } from "./vulnerabilities/CSRFPlugin";

package/dist/plugins/index.js

@@ -0,0 +1,19 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CSRFPlugin = exports.SensitiveDataPlugin = exports.SecurityHeadersPlugin = exports.SQLInjectionPlugin = exports.XSSPlugin = exports.pluginManager = exports.PluginManager = exports.BaseVulnerabilityPlugin = void 0;
+var types_1 = require("./types");
+Object.defineProperty(exports, "BaseVulnerabilityPlugin", { enumerable: true, get: function () { return types_1.BaseVulnerabilityPlugin; } });
+var PluginManager_1 = require("./PluginManager");
+Object.defineProperty(exports, "PluginManager", { enumerable: true, get: function () { return PluginManager_1.PluginManager; } });
+Object.defineProperty(exports, "pluginManager", { enumerable: true, get: function () { return PluginManager_1.pluginManager; } });
+// Vulnerability plugins
+var XSSPlugin_1 = require("./vulnerabilities/XSSPlugin");
+Object.defineProperty(exports, "XSSPlugin", { enumerable: true, get: function () { return XSSPlugin_1.XSSPlugin; } });
+var SQLInjectionPlugin_1 = require("./vulnerabilities/SQLInjectionPlugin");
+Object.defineProperty(exports, "SQLInjectionPlugin", { enumerable: true, get: function () { return SQLInjectionPlugin_1.SQLInjectionPlugin; } });
+var SecurityHeadersPlugin_1 = require("./vulnerabilities/SecurityHeadersPlugin");
+Object.defineProperty(exports, "SecurityHeadersPlugin", { enumerable: true, get: function () { return SecurityHeadersPlugin_1.SecurityHeadersPlugin; } });
+var SensitiveDataPlugin_1 = require("./vulnerabilities/SensitiveDataPlugin");
+Object.defineProperty(exports, "SensitiveDataPlugin", { enumerable: true, get: function () { return SensitiveDataPlugin_1.SensitiveDataPlugin; } });
+var CSRFPlugin_1 = require("./vulnerabilities/CSRFPlugin");
+Object.defineProperty(exports, "CSRFPlugin", { enumerable: true, get: function () { return CSRFPlugin_1.CSRFPlugin; } });

package/dist/plugins/types.d.ts

@@ -0,0 +1,55 @@
+import { Page } from "puppeteer";
+import { Vulnerability, VulnerabilityType, Severity } from "../core/vulnerability-detector";
+export interface PluginContext {
+    page: Page;
+    url: string;
+    baseUrl: string;
+    timeout: number;
+    userAgent: string;
+    payloadGenerator?: any;
+}
+export interface VulnerabilityTestResult {
+    found: boolean;
+    vulnerability?: Vulnerability;
+    error?: string;
+}
+export interface VulnerabilityPlugin {
+    readonly name: string;
+    readonly type: VulnerabilityType;
+    readonly description: string;
+    readonly enabled: boolean;
+    /**
+     * Test a URL parameter for this vulnerability
+     */
+    testParameter?(context: PluginContext, param: string, value: string): Promise<VulnerabilityTestResult>;
+    /**
+     * Test a form input for this vulnerability
+     */
+    testFormInput?(context: PluginContext, formData: FormData): Promise<VulnerabilityTestResult>;
+    /**
+     * Analyze page content for this vulnerability
+     */
+    analyzeContent?(context: PluginContext, content: string): Promise<Vulnerability[]>;
+    /**
+     * Analyze HTTP headers for this vulnerability
+     */
+    analyzeHeaders?(context: PluginContext, headers: Record<string, string>): Promise<Vulnerability[]>;
+}
+export interface FormData {
+    action: string;
+    method: string;
+    inputs: Array<{
+        name: string;
+        type: string;
+        value?: string;
+    }>;
+}
+export declare abstract class BaseVulnerabilityPlugin implements VulnerabilityPlugin {
+    abstract readonly name: string;
+    abstract readonly type: VulnerabilityType;
+    abstract readonly description: string;
+    enabled: boolean;
+    protected createVulnerability(title: string, description: string, url: string, severity: Severity, evidence?: string, remediation?: string, cwe?: string): Vulnerability;
+    protected success(vulnerability: Vulnerability): VulnerabilityTestResult;
+    protected failure(error?: string): VulnerabilityTestResult;
+}

package/dist/plugins/types.js

@@ -0,0 +1,25 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.BaseVulnerabilityPlugin = void 0;
+class BaseVulnerabilityPlugin {
+    enabled = true;
+    createVulnerability(title, description, url, severity, evidence, remediation, cwe) {
+        return {
+            type: this.type,
+            severity,
+            title,
+            description,
+            url,
+            evidence,
+            remediation,
+            cwe,
+        };
+    }
+    success(vulnerability) {
+        return { found: true, vulnerability };
+    }
+    failure(error) {
+        return { found: false, error };
+    }
+}
+exports.BaseVulnerabilityPlugin = BaseVulnerabilityPlugin;

package/dist/plugins/vulnerabilities/CSRFPlugin.d.ts

@@ -0,0 +1,8 @@
+import { BaseVulnerabilityPlugin, PluginContext } from "../types";
+export declare class CSRFPlugin extends BaseVulnerabilityPlugin {
+    readonly name = "CSRF Detector";
+    readonly type: "csrf";
+    readonly description = "Detects missing CSRF protection in forms";
+    private readonly csrfTokenPatterns;
+    analyzeContent(context: PluginContext, content: string): Promise<import("../../core/vulnerability-detector").Vulnerability[]>;
+}

package/dist/plugins/vulnerabilities/CSRFPlugin.js

@@ -0,0 +1,34 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CSRFPlugin = void 0;
+const types_1 = require("../types");
+class CSRFPlugin extends types_1.BaseVulnerabilityPlugin {
+    name = "CSRF Detector";
+    type = "csrf";
+    description = "Detects missing CSRF protection in forms";
+    csrfTokenPatterns = [
+        'name="csrf',
+        'name="_token',
+        'name="authenticity_token',
+        'name="_csrf',
+    ];
+    async analyzeContent(context, content) {
+        // Look for forms in the content
+        const formRegex = /<form[^>]*>([\s\S]*?)<\/form>/gi;
+        const forms = content.match(formRegex);
+        if (!forms)
+            return [];
+        const vulnerabilities = [];
+        for (const form of forms) {
+            const hasCSRFToken = this.csrfTokenPatterns.some(pattern => form.toLowerCase().includes(pattern.toLowerCase()));
+            if (!hasCSRFToken) {
+                // Extract form action for better reporting
+                const actionMatch = form.match(/action=["']([^"']*)["']/i);
+                const action = actionMatch ? actionMatch[1] : context.url;
+                vulnerabilities.push(this.createVulnerability("Missing CSRF Protection", "Form lacks CSRF tokens. Attackers can forge requests to perform unauthorized actions.", new URL(action, context.url).toString(), "medium", "Form HTML does not contain CSRF token", "Implement anti-CSRF tokens. Use SameSite cookies.", "CWE-352"));
+            }
+        }
+        return vulnerabilities;
+    }
+}
+exports.CSRFPlugin = CSRFPlugin;

package/dist/plugins/vulnerabilities/SQLInjectionPlugin.d.ts

@@ -0,0 +1,11 @@
+import { BaseVulnerabilityPlugin, PluginContext } from "../types";
+export declare class SQLInjectionPlugin extends BaseVulnerabilityPlugin {
+    readonly name = "SQL Injection Detector";
+    readonly type: "sqli";
+    readonly description = "Detects SQL Injection vulnerabilities";
+    private readonly errorBasedPayloads;
+    private readonly timeBasedPayloads;
+    private getErrorPayloads;
+    private readonly sqlErrors;
+    testParameter(context: PluginContext, param: string, _value: string): Promise<import("../types").VulnerabilityTestResult>;
+}