npm - mpx-scan - Versions diffs - 1.2.1 → 1.3.1 - Mend

mpx-scan 1.2.1 → 1.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (17) hide show

package/README.md +110 -147
package/bin/cli.js +177 -19
package/package.json +19 -15
package/src/index.js +67 -1
package/src/reporters/json.js +3 -1
package/src/reporters/pdf.js +218 -0
package/src/reporters/terminal.js +26 -0
package/src/scanners/cookies.js +1 -1
package/src/scanners/dns.js +27 -6
package/src/scanners/exposed-files.js +1 -1
package/src/scanners/fingerprint.js +1 -1
package/src/scanners/headers.js +1 -1
package/src/scanners/redirects.js +9 -9
package/src/scanners/server.js +3 -3
package/src/scanners/sri.js +1 -1
package/src/schema.js +47 -0
package/src/update.js +68 -0

package/README.md CHANGED Viewed

@@ -1,26 +1,25 @@
 # mpx-scan 🔍
-**Professional website security scanner for developers and AI agents**
+**Professional website security scanner for developers and AI agents.**
 Check your site's security headers, SSL/TLS configuration, DNS settings, and get actionable fix suggestions — all from your terminal.
 Part of the [Mesaplex](https://mesaplex.com) developer toolchain.
 [![npm version](https://img.shields.io/npm/v/mpx-scan.svg)](https://www.npmjs.com/package/mpx-scan)
-[![License](https://img.shields.io/badge/license-Dual-blue.svg)](LICENSE)
+[![License: Dual](https://img.shields.io/badge/license-Dual-blue.svg)](LICENSE)
+[![Node.js](https://img.shields.io/badge/node-%3E%3D18-brightgreen.svg)](https://nodejs.org)
-## ✨ Features
+## Features
 - **Zero-config security scanning** — just point it at a URL
 - **Beautiful terminal output** with color-coded results
 - **Structured JSON output** — `--json` for CI/CD and AI agent consumption
-- **MCP server** — integrates with any MCP-compatible AI agent (Claude, GPT, Cursor, etc.)
+- **MCP server** — integrates with any MCP-compatible AI agent (Claude, Cursor, Windsurf, etc.)
 - **Actionable fix suggestions** — copy-paste config for nginx, Apache, Caddy, Cloudflare
 - **Batch scanning** — pipe URLs from stdin
 - **Self-documenting** — `--schema` returns machine-readable tool description
-- **Fast** — scans complete in seconds
 - **Zero native dependencies** — installs cleanly everywhere
-- **CI/CD ready** — predictable exit codes and JSON output
 ### Security Checks
@@ -30,23 +29,42 @@ Part of the [Mesaplex](https://mesaplex.com) developer toolchain.
 - ✅ Server information leakage
 - ✅ CORS misconfiguration
 - ✅ Mixed content detection
-- ✅ DNS security (DNSSEC, CAA records) — *Pro only*
-- ✅ Subresource Integrity (SRI) — *Pro only*
-- ✅ Open redirect detection — *Pro only*
-- ✅ Exposed sensitive files — *Pro only*
+- ✅ DNS security (DNSSEC, CAA records) — *Pro*
+- ✅ Subresource Integrity (SRI) — *Pro*
+- ✅ Open redirect detection — *Pro*
+- ✅ Exposed sensitive files — *Pro*
-## 🚀 Quick Start
+## Installation
+```bash
+npm install -g mpx-scan
+```
+Or run directly with npx:
 ```bash
-# Run once without installing
 npx mpx-scan https://example.com
+```
-# Or install globally
-npm install -g mpx-scan
+**Requirements:** Node.js 18+ · No native dependencies · macOS, Linux, Windows
+## Quick Start
+```bash
+# Basic scan
 mpx-scan https://example.com
+# JSON output
+mpx-scan https://example.com --json
+# Fix suggestions for nginx
+mpx-scan https://example.com --fix nginx
+# Deep scan (Pro)
+mpx-scan https://example.com --full
 ```
-## 📖 Usage
+## Usage
 ### Basic Scan
@@ -65,7 +83,7 @@ Returns structured JSON to stdout (progress/status goes to stderr):
 ```json
 {
   "mpxScan": {
-    "version": "1.1.0",
+    "version": "1.3.0",
     "scannedAt": "2026-02-16T22:00:00.000Z",
     "scanDuration": 350
   },
@@ -90,7 +108,7 @@ Returns structured JSON to stdout (progress/status goes to stderr):
 }
 ```
-### Get Fix Suggestions
+### Fix Suggestions
 ```bash
 mpx-scan https://example.com --fix nginx
@@ -99,18 +117,27 @@ mpx-scan https://example.com --fix caddy
 mpx-scan https://example.com --fix cloudflare
 ```
-### Deep Scan (Pro)
+### Brief Output
 ```bash
-mpx-scan https://example.com --full
+mpx-scan https://example.com --brief
 ```
-### Brief Output
+### PDF Export
 ```bash
-mpx-scan https://example.com --brief
+# Generate PDF report (auto-named)
+mpx-scan https://example.com --pdf
+# Specify output filename
+mpx-scan https://example.com --pdf report.pdf
+# Combine with JSON output
+mpx-scan https://example.com --json --pdf report.pdf
 ```
+Generates a professional PDF report with color-coded findings, severity grades, and actionable recommendations.
 ### Batch Scanning
 ```bash
@@ -127,7 +154,38 @@ mpx-scan --schema
 Returns a JSON schema describing all commands, flags, inputs, and outputs — designed for AI agent tool discovery.
-## 🤖 AI Agent Usage
+### CLI Reference
+```
+Usage: mpx-scan [url] [options]
+Arguments:
+  url                      URL to scan
+Options:
+  -V, --version            Output version number
+  --json                   Output as structured JSON
+  --full                   Run all checks (Pro only)
+  --brief                  Brief one-line output
+  --quiet, -q              Minimal output (no banners)
+  --no-color               Disable ANSI color codes
+  --batch                  Read URLs from stdin (one per line)
+  --schema                 Output JSON schema for tool discovery
+  --pdf [filename]         Export results as a PDF report
+  --fix <platform>         Generate fix config (nginx, apache, caddy, cloudflare)
+  --timeout <seconds>      Connection timeout (default: 10)
+  --ci                     CI mode: exit 1 if below --min-score
+  --min-score <score>      Minimum score for CI mode (default: 70)
+  -h, --help               Display help
+Commands:
+  license                  Show license status
+  activate <key>           Activate Pro license
+  deactivate               Return to free tier
+  mcp                      Start MCP stdio server
+```
+## AI Agent Usage
 mpx-scan is designed to be used by AI agents as well as humans.
@@ -151,36 +209,16 @@ The MCP server exposes these tools:
 - **`generate_fixes`** — Scan and generate platform-specific fix config
 - **`get_schema`** — Get full tool schema
-### Programmatic Usage
-```bash
-# JSON output for parsing
-mpx-scan https://example.com --json
-# Batch processing
-cat urls.txt | mpx-scan --batch --json
-# Schema discovery
-mpx-scan --schema
-# Quiet mode (no banners, progress goes to stderr)
-mpx-scan https://example.com --json --quiet
-```
 ### Exit Codes
 | Code | Meaning |
 |------|---------|
-| 0 | Scan complete, no security issues found |
-| 1 | Scan complete, security issues found |
-| 2 | Invalid arguments |
-| 3 | Configuration error (license, rate limit) |
-| 4 | Network/connectivity error |
+| 0 | Success, no issues found |
+| 1 | Issues found or error |
+| 2 | Invalid usage or bad arguments |
 ### Error Responses (JSON mode)
-When `--json` is used, errors return structured JSON:
 ```json
 {
   "error": "Description of what went wrong",
@@ -193,14 +231,11 @@ Error codes: `ERR_NETWORK`, `ERR_SCAN`, `ERR_RATE_LIMIT`, `ERR_PRO_REQUIRED`, `E
 ### Automation Tips
 - Use `--json` for machine-parseable output (stdout only, no ANSI)
-- Use `--no-color` to strip ANSI codes from human-readable output
 - Use `--quiet` to suppress banners and progress info
-- Pipe `--batch --json` for JSONL (one result per line) processing
+- Use `--batch --json` for JSONL processing
 - Check exit codes for pass/fail decisions in CI/CD
-## 🎯 Use Cases
-### CI/CD Integration
+## CI/CD Integration
 ```yaml
 # .github/workflows/security.yml
@@ -213,38 +248,25 @@ jobs:
       - run: npx mpx-scan https://mysite.com --ci --min-score 70 --json
 ```
-### Monitoring Script
-```bash
-#!/bin/bash
-for site in site1.com site2.com site3.com; do
-  result=$(npx mpx-scan "$site" --json 2>/dev/null)
-  grade=$(echo "$result" | jq -r '.score.grade')
-  echo "$site: $grade"
-done
-```
-## 📊 Free vs Pro
+## Free vs Pro
 | Feature | Free | Pro |
 |---------|------|-----|
-| **Daily scans** | 3 | Unlimited |
-| **Security headers** | ✅ | ✅ |
-| **SSL/TLS checks** | ✅ | ✅ |
-| **Server info checks** | ✅ | ✅ |
-| **JSON output** | ✅ | ✅ |
-| **Batch scanning** | ✅ | ✅ |
-| **MCP server** | ✅ | ✅ |
-| **DNS security** | ❌ | ✅ |
-| **Cookie security** | ❌ | ✅ |
-| **SRI checks** | ❌ | ✅ |
-| **Exposed files** | ❌ | ✅ |
-| **Mixed content** | ❌ | ✅ |
-| **Full scan (--full)** | ❌ | ✅ |
-**Upgrade to Pro:** [https://mesaplex.com/mpx-scan](https://mesaplex.com/mpx-scan)
-## 🔐 License Management
+| Daily scans | 3 | Unlimited |
+| Security headers | ✅ | ✅ |
+| SSL/TLS checks | ✅ | ✅ |
+| Server info checks | ✅ | ✅ |
+| JSON output | ✅ | ✅ |
+| Batch scanning | ✅ | ✅ |
+| MCP server | ✅ | ✅ |
+| DNS security | ❌ | ✅ |
+| Cookie security | ❌ | ✅ |
+| SRI checks | ❌ | ✅ |
+| Exposed files | ❌ | ✅ |
+| Mixed content | ❌ | ✅ |
+| Full scan (`--full`) | ❌ | ✅ |
+### License Management
 ```bash
 mpx-scan license                         # Check status
@@ -252,83 +274,24 @@ mpx-scan activate MPX-PRO-XXXXXXXX      # Activate Pro
 mpx-scan deactivate                      # Return to free tier
 ```
-## 🛠️ CLI Reference
-```
-Usage: mpx-scan [url] [options]
-Arguments:
-  url                      URL to scan
-Options:
-  -V, --version            Output version number
-  --json                   Output as structured JSON
-  --full                   Run all checks (Pro only)
-  --brief                  Brief one-line output
-  --quiet, -q              Minimal output (no banners)
-  --no-color               Disable ANSI color codes
-  --batch                  Read URLs from stdin (one per line)
-  --schema                 Output JSON schema for tool discovery
-  --fix <platform>         Generate fix config (nginx, apache, caddy, cloudflare)
-  --timeout <seconds>      Connection timeout (default: 10)
-  --ci                     CI mode: exit 1 if below --min-score
-  --min-score <score>      Minimum score for CI mode (default: 70)
-  -h, --help               Display help
-Commands:
-  license                  Show license status
-  activate <key>           Activate Pro license
-  deactivate               Return to free tier
-  mcp                      Start MCP stdio server
-```
-## 📦 Installation
-```bash
-# Global
-npm install -g mpx-scan
-# Project dependency
-npm install --save-dev mpx-scan
-# One-off with npx
-npx mpx-scan https://example.com
-```
-### Requirements
-- Node.js 18.0.0 or higher
-- No native dependencies
-- Works on macOS, Linux, Windows
-## 🧪 Testing
-```bash
-npm test
-```
-## 🤝 Contributing
-Security improvements and bug fixes are welcome!
-## 📄 License
+**Upgrade to Pro:** [https://mesaplex.com/mpx-scan](https://mesaplex.com/mpx-scan)
-Dual License: Free tier for personal use, Pro license for commercial use and advanced features.
+## License
-See [LICENSE](LICENSE) for full terms.
+Dual License — Free tier for personal use, Pro license for commercial use and advanced features. See [LICENSE](LICENSE) for full terms.
-## 🔗 Links
+## Links
-- **Website:** [https://mesaplex.com/mpx-scan](https://mesaplex.com/mpx-scan)
+- **Website:** [https://mesaplex.com](https://mesaplex.com)
 - **npm:** [https://www.npmjs.com/package/mpx-scan](https://www.npmjs.com/package/mpx-scan)
 - **GitHub:** [https://github.com/mesaplexdev/mpx-scan](https://github.com/mesaplexdev/mpx-scan)
 - **Support:** support@mesaplex.com
-## 📚 Related Tools
+### Related Tools
-- **mpx-scan** — Security scanner (you are here)
-- **[mpx-api](https://www.npmjs.com/package/mpx-api)** — API testing toolkit
-- **[mpx-db](https://www.npmjs.com/package/mpx-db)** — Database toolkit
+- **[mpx-api](https://www.npmjs.com/package/mpx-api)** — API testing, mocking, and documentation
+- **[mpx-db](https://www.npmjs.com/package/mpx-db)** — Database management CLI
+- **[mpx-secrets-audit](https://www.npmjs.com/package/mpx-secrets-audit)** — Secret lifecycle tracking and audit
 ---