npm - kramscan - Versions diffs - 0.1.1 → 0.2.0 - Mend

kramscan 0.1.1 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (72) hide show

package/README.md +392 -236
package/dist/agent/confirmation.d.ts +5 -1
package/dist/agent/confirmation.js +29 -9
package/dist/agent/context.js +2 -3
package/dist/agent/orchestrator.d.ts +2 -0
package/dist/agent/orchestrator.js +50 -8
package/dist/agent/prompts/system.d.ts +1 -1
package/dist/agent/prompts/system.js +5 -7
package/dist/agent/skills/health-check.js +22 -2
package/dist/agent/skills/index.d.ts +1 -0
package/dist/agent/skills/index.js +3 -1
package/dist/agent/skills/verify-finding.d.ts +17 -0
package/dist/agent/skills/verify-finding.js +91 -0
package/dist/agent/skills/web-scan.js +46 -0
package/dist/cli.js +150 -149
package/dist/commands/agent.js +38 -38
package/dist/commands/ai.d.ts +2 -0
package/dist/commands/ai.js +112 -0
package/dist/commands/analyze.js +103 -54
package/dist/commands/config.js +55 -29
package/dist/commands/doctor.js +20 -15
package/dist/commands/onboard.js +188 -141
package/dist/commands/report.js +68 -76
package/dist/commands/scan.js +261 -81
package/dist/commands/scans.d.ts +2 -0
package/dist/commands/scans.js +51 -0
package/dist/core/ai-client.d.ts +6 -1
package/dist/core/ai-client.js +80 -12
package/dist/core/ai-payloads.d.ts +17 -0
package/dist/core/ai-payloads.js +54 -0
package/dist/core/config-schema.d.ts +197 -0
package/dist/core/config-schema.js +68 -0
package/dist/core/config-schema.test.d.ts +1 -0
package/dist/core/config-schema.test.js +151 -0
package/dist/core/config.d.ts +8 -31
package/dist/core/config.js +68 -11
package/dist/core/errors.d.ts +71 -0
package/dist/core/errors.js +162 -0
package/dist/core/scan-index.d.ts +19 -0
package/dist/core/scan-index.js +52 -0
package/dist/core/scan-storage.d.ts +11 -0
package/dist/core/scan-storage.js +69 -0
package/dist/core/scanner.d.ts +95 -13
package/dist/core/scanner.js +336 -248
package/dist/core/vulnerability-detector.d.ts +3 -0
package/dist/core/vulnerability-detector.js +25 -15
package/dist/core/vulnerability-detector.test.d.ts +1 -0
package/dist/core/vulnerability-detector.test.js +210 -0
package/dist/index.js +3 -0
package/dist/plugins/PluginManager.d.ts +27 -0
package/dist/plugins/PluginManager.js +166 -0
package/dist/plugins/index.d.ts +7 -0
package/dist/plugins/index.js +19 -0
package/dist/plugins/types.d.ts +55 -0
package/dist/plugins/types.js +25 -0
package/dist/plugins/vulnerabilities/CSRFPlugin.d.ts +8 -0
package/dist/plugins/vulnerabilities/CSRFPlugin.js +34 -0
package/dist/plugins/vulnerabilities/SQLInjectionPlugin.d.ts +11 -0
package/dist/plugins/vulnerabilities/SQLInjectionPlugin.js +109 -0
package/dist/plugins/vulnerabilities/SecurityHeadersPlugin.d.ts +11 -0
package/dist/plugins/vulnerabilities/SecurityHeadersPlugin.js +63 -0
package/dist/plugins/vulnerabilities/SensitiveDataPlugin.d.ts +9 -0
package/dist/plugins/vulnerabilities/SensitiveDataPlugin.js +32 -0
package/dist/plugins/vulnerabilities/XSSPlugin.d.ts +15 -0
package/dist/plugins/vulnerabilities/XSSPlugin.js +81 -0
package/dist/reports/PdfGenerator.d.ts +36 -0
package/dist/reports/PdfGenerator.js +379 -0
package/dist/utils/logger.d.ts +33 -1
package/dist/utils/logger.js +127 -8
package/dist/utils/theme.d.ts +55 -0
package/dist/utils/theme.js +195 -0
package/package.json +1 -1

package/dist/utils/theme.js ADDED Viewed

@@ -0,0 +1,195 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.theme = exports.CLI_VERSION = void 0;
+exports.printBanner = printBanner;
+exports.printInfo = printInfo;
+exports.getSeverityColor = getSeverityColor;
+exports.displayScanSummary = displayScanSummary;
+const chalk_1 = __importDefault(require("chalk"));
+const path = __importStar(require("path"));
+const fs = __importStar(require("fs"));
+// Read version from package.json (single source of truth)
+function getPackageVersion() {
+    try {
+        const pkgPath = path.resolve(__dirname, "..", "..", "package.json");
+        const pkg = JSON.parse(fs.readFileSync(pkgPath, "utf-8"));
+        return pkg.version || "0.0.0";
+    }
+    catch {
+        return "0.0.0";
+    }
+}
+exports.CLI_VERSION = getPackageVersion();
+exports.theme = {
+    // Colors
+    brand: chalk_1.default.hex("#00D1FF"),
+    error: chalk_1.default.red.bold,
+    success: chalk_1.default.green,
+    warning: chalk_1.default.yellow,
+    info: chalk_1.default.blue,
+    dim: chalk_1.default.gray,
+    gray: chalk_1.default.gray,
+    white: chalk_1.default.white,
+    cyan: chalk_1.default.cyan,
+    brightWhite: chalk_1.default.white.bold,
+    brightCyan: chalk_1.default.cyan.bold,
+    brightMagenta: chalk_1.default.magenta.bold,
+    brightBlue: chalk_1.default.blue.bold,
+    brightGreen: chalk_1.default.green.bold,
+    brightYellow: chalk_1.default.yellow.bold,
+    brightRed: chalk_1.default.red.bold,
+    // Severity colors
+    critical: chalk_1.default.red.bold,
+    high: chalk_1.default.red,
+    medium: chalk_1.default.yellow,
+    low: chalk_1.default.blue,
+    infoSeverity: chalk_1.default.gray,
+    yellow: chalk_1.default.yellow,
+    green: chalk_1.default.green,
+};
+// ─── ASCII Art Banner ──────────────────────────────────────────────
+function printBanner() {
+    const lines = [
+        `██╗  ██╗██████╗  █████╗ ███╗   ███╗███████╗ ██████╗ █████╗ ███╗   ██╗`,
+        `██║ ██╔╝██╔══██╗██╔══██╗████╗ ████║██╔════╝██╔════╝██╔══██╗████╗  ██║`,
+        `█████╔╝ ██████╔╝███████║██╔████╔██║███████╗██║     ███████║██╔██╗ ██║`,
+        `██╔═██╗ ██╔══██╗██╔══██║██║╚██╔╝██║╚════██║██║     ██╔══██║██║╚██╗██║`,
+        `██║  ██╗██║  ██║██║  ██║██║ ╚═╝ ██║███████║╚██████╗██║  ██║██║ ╚████║`,
+        `╚═╝  ╚═╝╚═╝  ╚═╝╚═╝  ╚═╝╚═╝     ╚═╝╚══════╝ ╚═════╝╚═╝  ╚═╝╚═╝  ╚═══╝`,
+    ];
+    console.log("");
+    lines.forEach((line, i) => {
+        const shade = i % 2 === 0 ? exports.theme.brightWhite : exports.theme.dim;
+        console.log(`  ${shade(line)}`);
+    });
+    console.log("");
+}
+// ─── Dashboard Info ────────────────────────────────────────────────
+function printInfo() {
+    console.log(`  ${exports.theme.dim("───────────────────────────────────────────────────────")}`);
+    console.log(`  ${exports.theme.brightWhite(" KramScan")} ${exports.theme.gray(`v${exports.CLI_VERSION}`)}  ${exports.theme.dim("|")}  ${exports.theme.cyan("AI-Powered Web Security Scanner")}`);
+    console.log(`  ${exports.theme.dim("───────────────────────────────────────────────────────")}`);
+    console.log("");
+    console.log(`  ${exports.theme.brightYellow("Tips for getting started:")}`);
+    console.log(`  ${exports.theme.white("1.")} ${exports.theme.gray("Run")} ${exports.theme.cyan("kramscan onboard")} ${exports.theme.gray("to configure your API keys.")}`);
+    console.log(`  ${exports.theme.white("2.")} ${exports.theme.gray("Run")} ${exports.theme.cyan("kramscan scan <url>")} ${exports.theme.gray("to scan a target.")}`);
+    console.log(`  ${exports.theme.white("3.")} ${exports.theme.gray("Run")} ${exports.theme.cyan("kramscan --help")} ${exports.theme.gray("for all commands.")}`);
+    console.log("");
+}
+// ─── Severity Color Helper ─────────────────────────────────────────
+function getSeverityColor(severity) {
+    const s = severity.toLowerCase();
+    if (s === "critical")
+        return exports.theme.critical;
+    if (s === "high")
+        return exports.theme.high;
+    if (s === "medium")
+        return exports.theme.medium;
+    if (s === "low")
+        return exports.theme.low;
+    return exports.theme.infoSeverity;
+}
+// ─── Scan Summary Display ──────────────────────────────────────────
+function displayScanSummary(result) {
+    const { target, duration, metadata, summary, vulnerabilities, filepath, pdfPath } = result;
+    // Scan Summary
+    console.log("");
+    console.log(exports.theme.brightWhite.bold("📊 Scan Summary"));
+    console.log(exports.theme.gray("─".repeat(50)));
+    console.log("");
+    console.log(exports.theme.white("Target:"), exports.theme.cyan(target));
+    console.log(exports.theme.white("Duration:"), exports.theme.cyan(`${(duration / 1000).toFixed(2)}s`));
+    console.log(exports.theme.white("URLs Crawled:"), exports.theme.cyan(metadata.crawledUrls));
+    console.log(exports.theme.white("Forms Tested:"), exports.theme.cyan(metadata.testedForms));
+    console.log(exports.theme.white("Requests Made:"), exports.theme.cyan(metadata.requestsMade));
+    console.log("");
+    // Vulnerability summary
+    console.log(exports.theme.brightWhite.bold("🛡️  Vulnerabilities Found"));
+    console.log(exports.theme.gray("─".repeat(50)));
+    console.log("");
+    if (summary.total === 0) {
+        console.log(exports.theme.success("✓ No vulnerabilities found!"));
+    }
+    else {
+        if (summary.critical > 0)
+            console.log(exports.theme.critical(`  ${summary.critical} Critical`), exports.theme.gray("- Immediate action required"));
+        if (summary.high > 0)
+            console.log(exports.theme.high(`  ${summary.high} High`), exports.theme.gray("- Should be fixed soon"));
+        if (summary.medium > 0)
+            console.log(exports.theme.medium(`  ${summary.medium} Medium`), exports.theme.gray("- Fix when possible"));
+        if (summary.low > 0)
+            console.log(exports.theme.low(`  ${summary.low} Low`), exports.theme.gray("- Minor issues"));
+        if (summary.info > 0)
+            console.log(exports.theme.infoSeverity(`  ${summary.info} Info`), exports.theme.gray("- Informational"));
+    }
+    console.log("");
+    console.log(exports.theme.gray("Results saved to:"), exports.theme.white(filepath));
+    if (pdfPath) {
+        console.log(exports.theme.gray("PDF report saved to:"), exports.theme.white(pdfPath));
+    }
+    console.log("");
+    // Show top vulnerabilities
+    if (vulnerabilities.length > 0) {
+        console.log(exports.theme.brightWhite.bold("🔴 Top Findings"));
+        console.log(exports.theme.gray("─".repeat(50)));
+        console.log("");
+        const topVulns = vulnerabilities
+            .sort((a, b) => {
+            const severityOrder = { critical: 0, high: 1, medium: 2, low: 3, info: 4 };
+            return severityOrder[a.severity] - severityOrder[b.severity];
+        })
+            .slice(0, 5);
+        for (const vuln of topVulns) {
+            const severityColor = getSeverityColor(vuln.severity);
+            console.log(severityColor(`[${vuln.severity.toUpperCase()}]`), exports.theme.brightWhite.bold(vuln.title));
+            console.log(exports.theme.gray(`  ${vuln.url}`));
+            console.log(exports.theme.white(`  ${vuln.description}`));
+            console.log("");
+        }
+        if (vulnerabilities.length > 5) {
+            console.log(exports.theme.gray(`  ... and ${vulnerabilities.length - 5} more`));
+            console.log("");
+        }
+    }
+    console.log(exports.theme.cyan("💡 Next steps:"));
+    console.log(exports.theme.white(`  1. Run ${exports.theme.cyan(`kramscan analyze ${filepath}`)} for AI-powered insights`));
+    console.log(exports.theme.white("  2. PDF report is generated automatically after the scan"));
+    console.log("");
+}
+exports.default = exports.theme;

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "kramscan",
-  "version": "0.1.1",
+  "version": "0.2.0",
   "description": "KramScan CLI — AI-powered web app security testing",
   "author": "Akram Shaikh <akramshaikh.me>",
   "license": "MIT",