mpx-scan 1.0.0

package/LICENSE

@@ -0,0 +1,32 @@
+Mesaplex Dual License
+
+Copyright (c) 2026 Mesaplex
+
+This software is available under two licensing options:
+
+1. FREE TIER (Personal Use)
+   - 3 scans per day
+   - Basic security checks (headers, SSL, server)
+   - Personal and non-commercial use only
+   - No JSON export or advanced features
+   
+   Permission is granted to use this software for personal, non-commercial
+   purposes subject to the daily scan limit.
+
+2. PRO LICENSE (Commercial Use)
+   - Unlimited scans
+   - All security checks (DNS, cookies, SRI, exposed files, etc.)
+   - JSON/CSV export
+   - CI/CD integration
+   - Commercial use allowed
+   - Priority support
+   
+   To obtain a Pro license, visit: https://mesaplex.com/mpx-scan
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,277 @@
+# mpx-scan 🔍
+
+**Professional website security scanner for developers**
+
+Check your site's security headers, SSL/TLS configuration, DNS settings, and get actionable fix suggestions — all from your terminal.
+
+Part of the [Mesaplex](https://mesaplex.com) developer toolchain.
+
+[![npm version](https://img.shields.io/npm/v/mpx-scan.svg)](https://www.npmjs.com/package/mpx-scan)
+[![License](https://img.shields.io/badge/license-Dual-blue.svg)](LICENSE)
+
+## ✨ Features
+
+- **Zero-config security scanning** — just point it at a URL
+- **Beautiful terminal output** with color-coded results
+- **Actionable fix suggestions** — copy-paste config for nginx, Apache, Caddy, Cloudflare
+- **Fast** — scans complete in seconds
+- **Zero native dependencies** — installs cleanly everywhere
+- **CI/CD ready** — JSON output and exit codes for automated testing
+
+### Security Checks
+
+- ✅ HTTP security headers (CSP, HSTS, X-Frame-Options, etc.)
+- ✅ SSL/TLS certificate validity, expiration, protocol version
+- ✅ Cookie security flags (Secure, HttpOnly, SameSite)
+- ✅ Server information leakage
+- ✅ CORS misconfiguration
+- ✅ Mixed content detection
+- ✅ DNS security (DNSSEC, CAA records) — *Pro only*
+- ✅ Subresource Integrity (SRI) — *Pro only*
+- ✅ Open redirect detection — *Pro only*
+- ✅ Exposed sensitive files — *Pro only*
+
+## 🚀 Quick Start
+
+```bash
+# Run once without installing
+npx mpx-scan https://example.com
+
+# Or install globally
+npm install -g mpx-scan
+mpx-scan https://example.com
+```
+
+## 📖 Usage
+
+### Basic Scan
+
+```bash
+mpx-scan https://example.com
+```
+
+![Example output](https://example.com/mpx-scan-demo.gif)
+
+### Get Fix Suggestions
+
+```bash
+mpx-scan https://example.com --fix nginx
+mpx-scan https://example.com --fix apache
+mpx-scan https://example.com --fix caddy
+mpx-scan https://example.com --fix cloudflare
+```
+
+Generates copy-paste configuration snippets for your platform.
+
+### Deep Scan (Pro)
+
+```bash
+mpx-scan https://example.com --full
+```
+
+Runs all security checks including DNS, cookies, SRI, exposed files.
+
+### JSON Output (Pro)
+
+```bash
+mpx-scan https://example.com --json
+```
+
+Perfect for CI/CD pipelines:
+
+```json
+{
+  "mpxScan": {
+    "version": "1.0.0",
+    "scannedAt": "2026-02-15T22:00:00.000Z"
+  },
+  "target": {
+    "url": "https://example.com",
+    "hostname": "example.com"
+  },
+  "score": {
+    "grade": "B",
+    "numeric": 72.5,
+    "maxScore": 100,
+    "percentage": 73
+  },
+  "summary": {
+    "passed": 12,
+    "warnings": 3,
+    "failed": 2
+  }
+}
+```
+
+### Brief Output
+
+```bash
+mpx-scan https://example.com --brief
+```
+
+One-line summary — great for monitoring multiple sites.
+
+## 🎯 Use Cases
+
+### Local Development
+
+```bash
+mpx-scan http://localhost:3000 --fix nginx
+```
+
+Check your security before deploying.
+
+### CI/CD Integration
+
+```yaml
+# .github/workflows/security.yml
+name: Security Scan
+on: [push]
+jobs:
+  scan:
+    runs-on: ubuntu-latest
+    steps:
+      - run: npx mpx-scan https://mysite.com --json
+```
+
+### Batch Scanning (Pro)
+
+```bash
+for site in site1.com site2.com site3.com; do
+  mpx-scan $site --json >> security-report.jsonl
+done
+```
+
+## 📊 Free vs Pro
+
+| Feature | Free | Pro |
+|---------|------|-----|
+| **Daily scans** | 3 | Unlimited |
+| **Security headers** | ✅ | ✅ |
+| **SSL/TLS checks** | ✅ | ✅ |
+| **Server info checks** | ✅ | ✅ |
+| **DNS security** | ❌ | ✅ |
+| **Cookie security** | ❌ | ✅ |
+| **SRI checks** | ❌ | ✅ |
+| **Exposed files** | ❌ | ✅ |
+| **Mixed content** | ❌ | ✅ |
+| **JSON export** | ❌ | ✅ |
+| **Batch scanning** | ❌ | ✅ |
+| **CI/CD integration** | ❌ | ✅ |
+
+**Upgrade to Pro:** [https://mesaplex.com/mpx-scan](https://mesaplex.com/mpx-scan)
+
+## 🔐 License Management
+
+### Check License Status
+
+```bash
+mpx-scan license
+```
+
+### Activate Pro License
+
+```bash
+mpx-scan activate MPX-PRO-XXXXXXXXXXXXXXXX
+```
+
+### Deactivate
+
+```bash
+mpx-scan deactivate
+```
+
+## 🛠️ CLI Options
+
+```
+Usage: mpx-scan [url] [options]
+
+Arguments:
+  url                      URL to scan
+
+Options:
+  -V, --version            output the version number
+  --full                   Run all checks (Pro only)
+  --json                   Output as JSON (Pro only)
+  --brief                  Brief output (one-line summary)
+  --fix <platform>         Generate fix config (nginx, apache, caddy, cloudflare)
+  --timeout <seconds>      Connection timeout (default: "10")
+  -h, --help               display help for command
+
+Commands:
+  license                  Manage your mpx-scan license
+  activate <key>           Activate a Pro license
+  deactivate               Deactivate license
+```
+
+## 📦 Installation
+
+### Global Install
+
+```bash
+npm install -g mpx-scan
+```
+
+### Project Dependency
+
+```bash
+npm install --save-dev mpx-scan
+```
+
+Add to `package.json`:
+
+```json
+{
+  "scripts": {
+    "security": "mpx-scan https://mysite.com"
+  }
+}
+```
+
+### Requirements
+
+- Node.js 18.0.0 or higher
+- No other dependencies required for scanning
+- Works on macOS, Linux, Windows
+
+## 🧪 Testing
+
+```bash
+npm test
+```
+
+Runs the built-in test suite for core scanning logic.
+
+## 🤝 Contributing
+
+This is a commercial product with a free tier. Security improvements and bug fixes are welcome!
+
+## 📄 License
+
+Dual License: Free tier for personal use, Pro license for commercial use and advanced features.
+
+See [LICENSE](LICENSE) for full terms.
+
+## 🔗 Links
+
+- **Website:** [https://mesaplex.com/mpx-scan](https://mesaplex.com/mpx-scan)
+- **Documentation:** [https://docs.mesaplex.com/mpx-scan](https://docs.mesaplex.com/mpx-scan)
+- **Support:** support@mesaplex.com
+- **Twitter:** [@mesaplex](https://twitter.com/mesaplex)
+
+## 🐛 Known Issues
+
+None currently! Report issues via email: support@mesaplex.com
+
+## 📚 Related Tools
+
+Part of the Mesaplex developer toolchain:
+
+- **mpx-scan** — Security scanner (you are here)
+- **mpx-api** — API testing toolkit *(coming soon)*
+- **mpx-perf** — Performance profiler *(coming soon)*
+- **mpx-deploy** — Deployment automation *(coming soon)*
+
+---
+
+**Made with ❤️ by [Mesaplex](https://mesaplex.com)**

package/bin/cli.js

@@ -0,0 +1,211 @@
+#!/usr/bin/env node
+
+/**
+ * mpx-scan CLI
+ * 
+ * Professional website security scanner
+ * Part of the Mesaplex developer toolchain
+ */
+
+const { Command } = require('commander');
+const chalk = require('chalk');
+const { scan } = require('../src/index');
+const { formatReport, formatBrief } = require('../src/reporters/terminal');
+const { formatJSON } = require('../src/reporters/json');
+const { generateFixes, PLATFORMS } = require('../src/generators/fixes');
+const { 
+  getLicense, 
+  activateLicense, 
+  deactivateLicense, 
+  checkRateLimit, 
+  recordScan,
+  FREE_DAILY_LIMIT 
+} = require('../src/license');
+
+const pkg = require('../package.json');
+
+const program = new Command();
+
+program
+  .name('mpx-scan')
+  .description('Professional website security scanner — check headers, SSL, DNS, and more')
+  .version(pkg.version)
+  .argument('[url]', 'URL to scan')
+  .option('--full', 'Run all checks (Pro only)')
+  .option('--json', 'Output as JSON')
+  .option('--brief', 'Brief output (one-line summary)')
+  .option('--fix <platform>', `Generate fix config for platform (${PLATFORMS.join(', ')})`)
+  .option('--timeout <seconds>', 'Connection timeout', '10')
+  .action(async (url, options) => {
+    // Show help if no URL provided
+    if (!url) {
+      program.help();
+      return;
+    }
+    
+    try {
+      // Check license and rate limits
+      const license = getLicense();
+      const rateLimit = checkRateLimit();
+      
+      // Handle rate limiting
+      if (!rateLimit.allowed) {
+        console.error(chalk.red.bold('\n❌ Daily scan limit reached'));
+        console.error(chalk.yellow(`Free tier: ${FREE_DAILY_LIMIT} scans/day`));
+        console.error(chalk.gray(`Resets: ${new Date(rateLimit.resetsAt).toLocaleString()}\n`));
+        console.error(chalk.blue('Upgrade to Pro for unlimited scans:'));
+        console.error(chalk.blue('  https://mesaplex.com/mpx-scan\n'));
+        process.exit(1);
+      }
+      
+      // Check for Pro-only features
+      if (options.full && license.tier !== 'pro') {
+        console.error(chalk.red.bold('\n❌ --full flag requires Pro license'));
+        console.error(chalk.yellow('Free tier includes: headers, SSL, server checks'));
+        console.error(chalk.yellow('Pro includes: all checks (DNS, cookies, SRI, exposed files, etc.)\n'));
+        console.error(chalk.blue('Upgrade: https://mesaplex.com/mpx-scan\n'));
+        process.exit(1);
+      }
+      
+      if (options.json && license.tier !== 'pro') {
+        console.error(chalk.red.bold('\n❌ --json output requires Pro license\n'));
+        console.error(chalk.blue('Upgrade: https://mesaplex.com/mpx-scan\n'));
+        process.exit(1);
+      }
+      
+      // Show scan info
+      if (!options.json && !options.brief) {
+        console.log('');
+        console.log(chalk.bold.cyan('🔍 Scanning...'));
+        if (license.tier === 'free') {
+          console.log(chalk.gray(`Free tier: ${rateLimit.remaining} scan(s) remaining today\n`));
+        }
+      }
+      
+      // Run scan
+      const results = await scan(url, {
+        timeout: parseInt(options.timeout) * 1000,
+        tier: license.tier,
+        full: options.full
+      });
+      
+      // Record scan for rate limiting
+      recordScan();
+      
+      // Output results
+      if (options.fix) {
+        console.log(generateFixes(options.fix, results));
+      } else if (options.json) {
+        console.log(formatJSON(results, true));
+      } else if (options.brief) {
+        console.log(formatBrief(results));
+      } else {
+        console.log(formatReport(results, options));
+      }
+      
+      // Exit code based on grade (for CI/CD)
+      const gradeToExitCode = {
+        'A+': 0, 'A': 0, 'B': 0, 'C': 0, 'D': 1, 'F': 1
+      };
+      process.exit(gradeToExitCode[results.grade] || 1);
+      
+    } catch (err) {
+      if (options.json) {
+        console.log(JSON.stringify({ error: err.message }, null, 2));
+      } else {
+        console.error(chalk.red.bold('\n❌ Error:'), err.message);
+        console.error('');
+      }
+      process.exit(1);
+    }
+  });
+
+// License management subcommands
+program
+  .command('license')
+  .description('Manage your mpx-scan license')
+  .action(() => {
+    const license = getLicense();
+    
+    console.log('');
+    console.log(chalk.bold('License Status:'));
+    console.log(chalk.gray('─'.repeat(50)));
+    console.log(chalk.bold('Tier:    ') + (license.tier === 'pro' ? chalk.green('Pro ✓') : chalk.yellow('Free')));
+    
+    if (license.tier === 'pro') {
+      console.log(chalk.bold('Key:     ') + chalk.gray(license.key));
+      if (license.email) {
+        console.log(chalk.bold('Email:   ') + chalk.gray(license.email));
+      }
+    } else {
+      console.log(chalk.bold('Limit:   ') + chalk.yellow(`${FREE_DAILY_LIMIT} scans/day`));
+      const rateLimit = checkRateLimit();
+      console.log(chalk.bold('Today:   ') + chalk.cyan(`${FREE_DAILY_LIMIT - rateLimit.remaining}/${FREE_DAILY_LIMIT} used`));
+    }
+    
+    console.log(chalk.gray('─'.repeat(50)));
+    
+    if (license.tier === 'free') {
+      console.log('');
+      console.log(chalk.blue('Upgrade to Pro:'));
+      console.log(chalk.blue('  https://mesaplex.com/mpx-scan'));
+      console.log('');
+      console.log(chalk.gray('Activate with: mpx-scan activate <license-key>'));
+    }
+    
+    console.log('');
+  });
+
+program
+  .command('activate')
+  .description('Activate a Pro license')
+  .argument('<key>', 'License key')
+  .option('--email <email>', 'Your email address')
+  .action((key, options) => {
+    try {
+      activateLicense(key, options.email);
+      console.log('');
+      console.log(chalk.green.bold('✓ License activated!'));
+      console.log(chalk.gray('You now have access to:'));
+      console.log(chalk.gray('  • Unlimited scans'));
+      console.log(chalk.gray('  • All security checks'));
+      console.log(chalk.gray('  • JSON/CSV export'));
+      console.log(chalk.gray('  • Batch scanning'));
+      console.log('');
+    } catch (err) {
+      console.error(chalk.red.bold('\n❌ Activation failed:'), err.message);
+      console.error('');
+      process.exit(1);
+    }
+  });
+
+program
+  .command('deactivate')
+  .description('Deactivate license and return to free tier')
+  .action(() => {
+    deactivateLicense();
+    console.log('');
+    console.log(chalk.yellow('License deactivated'));
+    console.log(chalk.gray('You are now on the free tier (3 scans/day)'));
+    console.log('');
+  });
+
+// Examples
+program.addHelpText('after', `
+${chalk.bold('Examples:')}
+  ${chalk.cyan('mpx-scan https://example.com')}           Quick security scan
+  ${chalk.cyan('mpx-scan example.com --full')}            Deep scan (Pro only)
+  ${chalk.cyan('mpx-scan example.com --json')}            JSON output (Pro only)
+  ${chalk.cyan('mpx-scan example.com --fix nginx')}       Generate nginx config
+  ${chalk.cyan('mpx-scan example.com --brief')}           One-line summary
+  ${chalk.cyan('mpx-scan license')}                       Check license status
+  ${chalk.cyan('mpx-scan activate MPX-PRO-XXX')}          Activate Pro license
+
+${chalk.bold('Free vs Pro:')}
+  ${chalk.yellow('Free:')}  3 scans/day, basic checks (headers, SSL, server)
+  ${chalk.green('Pro:')}   Unlimited scans, all checks, JSON export, CI/CD integration
+
+  ${chalk.blue('Upgrade: https://mesaplex.com/mpx-scan')}
+`);
+
+program.parse();

package/package.json

@@ -0,0 +1,45 @@
+{
+  "name": "mpx-scan",
+  "version": "1.0.0",
+  "description": "Professional website security scanner CLI. Check headers, SSL, cookies, DNS, and get actionable fix suggestions. Part of the Mesaplex developer toolchain.",
+  "main": "src/index.js",
+  "bin": {
+    "mpx-scan": "./bin/cli.js"
+  },
+  "scripts": {
+    "test": "node test/run.js",
+    "start": "node bin/cli.js"
+  },
+  "keywords": [
+    "security",
+    "scanner",
+    "headers",
+    "ssl",
+    "tls",
+    "audit",
+    "owasp",
+    "devops",
+    "ci-cd",
+    "mesaplex",
+    "devtools",
+    "security-headers",
+    "ssl-check",
+    "dns-security",
+    "cors"
+  ],
+  "author": "Mesaplex <support@mesaplex.com>",
+  "license": "SEE LICENSE IN LICENSE",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/mesaplexdev/mpx-scan"
+  },
+  "homepage": "https://github.com/mesaplexdev/mpx-scan#readme",
+  "bugs": "https://github.com/mesaplexdev/mpx-scan/issues",
+  "engines": {
+    "node": ">=18.0.0"
+  },
+  "dependencies": {
+    "chalk": "^4.1.2",
+    "commander": "^12.0.0"
+  }
+}