muaddib-scanner 2.10.101 → 2.11.0

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "muaddib-scanner",
-  "version": "2.10.101",
+  "version": "2.11.0",
   "description": "Supply-chain threat detection & response for npm & PyPI/Python",
   "main": "src/index.js",
   "bin": {

package/src/ioc/scraper.js

@@ -1037,7 +1037,8 @@ async function runScraper() {
     scrapeDatadogIOCs(),
     scrapeOSSFMaliciousPackages(osvResult.knownIds),
     scrapeGitHubAdvisory(),
-    scrapeOSVPyPIDataDump()
+    scrapeOSVPyPIDataDump(),
+    scrapeAikidoMalwareFeed()
   ]);
 
   const shaiHuludResult = results[0];
@@ -1045,6 +1046,7 @@ async function runScraper() {
   const ossfPackages = results[2];
   const githubPackages = results[3];
   const pypiPackages = results[4];
+  const aikidoResult = results[5];
 
   // Log aggregated warnings
   if (_noVersionSkipCount > 0) {
@@ -1057,7 +1059,8 @@ async function runScraper() {
     ...shaiHuludResult.packages,
     ...datadogResult.packages,
     ...ossfPackages,
-    ...githubPackages
+    ...githubPackages,
+    ...aikidoResult.packages
   ];
 
   // Merge all hashes
@@ -1069,7 +1072,7 @@ async function runScraper() {
   // Smart deduplication: build map of best entry per key
   // For duplicates, keep the one with highest confidence, then most recent date
   const dedupSpinner = new Spinner();
-  dedupSpinner.start('Deduplicating ' + allPackages.length + ' npm + ' + pypiPackages.length + ' PyPI entries...');
+  dedupSpinner.start('Deduplicating ' + allPackages.length + ' npm + ' + (pypiPackages.length + (aikidoResult.pypi_packages || []).length) + ' PyPI entries...');
   const dedupMap = new Map();
 
   // Seed with existing IOCs (with sanitization of stale comma-in-version entries)
@@ -1091,11 +1094,34 @@ async function runScraper() {
     dedupMap.set(key, pkg);
   }
 
-  // Merge new IOCs with smart replacement (with input validation)
+  // Merge new IOCs with smart replacement (with input validation).
+  // Source-aware: each entry accumulates a `sources: [{name, added_at}]` array
+  // tracking every feed that reported this (name, version). A package
+  // reported by >= 3 distinct sources is treated as confidence-max
+  // (used by `getSourceConfidence` for webhook gating).
   let addedPackages = 0;
   let upgradedPackages = 0;
   let skippedInvalid = 0;
   let skippedNeverWildcard = 0;
+  function appendSource(target, pkg) {
+    if (!Array.isArray(target.sources)) target.sources = [];
+    const newSrc = pkg.source || (pkg.freshness && pkg.freshness.source) || 'unknown';
+    if (!target.sources.some(s => s.name === newSrc)) {
+      target.sources.push({
+        name: newSrc,
+        added_at: (pkg.freshness && pkg.freshness.added_at) || pkg.published || new Date().toISOString()
+      });
+    }
+  }
+  function seedSources(pkg) {
+    if (!Array.isArray(pkg.sources)) {
+      const src = pkg.source || (pkg.freshness && pkg.freshness.source) || 'unknown';
+      pkg.sources = [{
+        name: src,
+        added_at: (pkg.freshness && pkg.freshness.added_at) || pkg.published || new Date().toISOString()
+      }];
+    }
+  }
   for (const pkg of allPackages) {
     if (!validateIOCEntry(pkg.name, pkg.version, 'npm')) {
       skippedInvalid++;
@@ -1108,21 +1134,28 @@ async function runScraper() {
     }
     const key = pkg.name + '@' + pkg.version;
     if (!dedupMap.has(key)) {
+      seedSources(pkg);
       dedupMap.set(key, pkg);
       addedPackages++;
     } else {
       const existing = dedupMap.get(key);
+      // Always accumulate source attribution before any replacement decision.
+      seedSources(existing);
+      appendSource(existing, pkg);
       const existingConf = CONFIDENCE_ORDER[existing.confidence] || 0;
       const newConf = CONFIDENCE_ORDER[pkg.confidence] || 0;
       if (newConf > existingConf) {
-        dedupMap.set(key, pkg);
+        // Replace with the higher-confidence entry but preserve the merged sources list
+        const mergedSources = existing.sources;
+        dedupMap.set(key, Object.assign({}, pkg, { sources: mergedSources }));
         upgradedPackages++;
       } else if (newConf === existingConf) {
         // Same confidence: keep most recent
         const existingDate = existing.published || (existing.freshness && existing.freshness.added_at) || '';
         const newDate = pkg.published || (pkg.freshness && pkg.freshness.added_at) || '';
         if (newDate > existingDate) {
-          dedupMap.set(key, pkg);
+          const mergedSources = existing.sources;
+          dedupMap.set(key, Object.assign({}, pkg, { sources: mergedSources }));
           upgradedPackages++;
         }
       }
@@ -1139,21 +1172,27 @@ async function runScraper() {
     pypiDedupMap.set(key, pkg);
   }
   let addedPyPIPackages = 0;
-  for (const pkg of pypiPackages) {
+  // Merge Aikido PyPI feed into the same loop
+  const allPyPIPackages = pypiPackages.concat(aikidoResult.pypi_packages || []);
+  for (const pkg of allPyPIPackages) {
     if (!validateIOCEntry(pkg.name, pkg.version, 'pypi')) {
       skippedInvalid++;
       continue;
     }
     const key = pkg.name + '@' + pkg.version;
     if (!pypiDedupMap.has(key)) {
+      seedSources(pkg);
       pypiDedupMap.set(key, pkg);
       addedPyPIPackages++;
     } else {
       const existing = pypiDedupMap.get(key);
+      seedSources(existing);
+      appendSource(existing, pkg);
       const existingConf = CONFIDENCE_ORDER[existing.confidence] || 0;
       const newConf = CONFIDENCE_ORDER[pkg.confidence] || 0;
       if (newConf > existingConf) {
-        pypiDedupMap.set(key, pkg);
+        const mergedSources = existing.sources;
+        pypiDedupMap.set(key, Object.assign({}, pkg, { sources: mergedSources }));
       }
     }
   }
@@ -1298,6 +1337,80 @@ async function runScraper() {
   };
 }
 
+// ============================================
+// SOURCE 6: Aikido Open Source Malware Feed (npm + PyPI)
+// Free flat JSON feed at malware-list.aikido.dev. Each entry:
+//   { package_name, version, reason: 'MALWARE'|'TELEMETRY'|'PROTESTWARE' }
+// Source: https://github.com/AikidoSec/safe-chain (open-source consumer)
+// ============================================
+async function scrapeAikidoMalwareFeed() {
+  console.log('[SCRAPER] Aikido Open Source Malware Feed...');
+  const npmPackages = [];
+  const pypiPackages = [];
+
+  // npm
+  try {
+    const { status, data } = await fetchJSON('https://malware-list.aikido.dev/malware_predictions.json');
+    if (status === 200 && Array.isArray(data)) {
+      for (const entry of data) {
+        if (!entry || typeof entry.package_name !== 'string') continue;
+        // Only keep MALWARE; TELEMETRY/PROTESTWARE are policy decisions, not security
+        if (entry.reason !== 'MALWARE') continue;
+        const ver = (entry.version && entry.version !== '') ? String(entry.version) : '*';
+        npmPackages.push({
+          id: 'AIKIDO-' + entry.package_name + '-' + ver,
+          name: entry.package_name,
+          version: ver,
+          severity: 'critical',
+          confidence: 'high',
+          source: 'aikido',
+          description: 'Flagged by Aikido Open Source Malware Feed',
+          references: ['https://malware-list.aikido.dev/malware_predictions.json',
+                       'https://www.aikido.dev/code/malware-detection-in-dependencies'],
+          mitre: 'T1195.002',
+          freshness: createFreshness('aikido', 'high')
+        });
+      }
+      console.log('[SCRAPER]   ' + npmPackages.length + ' npm MALWARE entries from Aikido');
+    } else {
+      console.log('[SCRAPER]   Aikido npm feed: HTTP ' + status);
+    }
+  } catch (e) {
+    console.log('[SCRAPER]   Aikido npm error: ' + e.message);
+  }
+
+  // PyPI
+  try {
+    const { status, data } = await fetchJSON('https://malware-list.aikido.dev/malware_pypi.json');
+    if (status === 200 && Array.isArray(data)) {
+      for (const entry of data) {
+        if (!entry || typeof entry.package_name !== 'string') continue;
+        if (entry.reason !== 'MALWARE') continue;
+        const ver = (entry.version && entry.version !== '') ? String(entry.version) : '*';
+        pypiPackages.push({
+          id: 'AIKIDO-PYPI-' + entry.package_name + '-' + ver,
+          name: entry.package_name,
+          version: ver,
+          severity: 'critical',
+          confidence: 'high',
+          source: 'aikido',
+          description: 'Flagged by Aikido Open Source Malware Feed',
+          references: ['https://malware-list.aikido.dev/malware_pypi.json'],
+          mitre: 'T1195.002',
+          freshness: createFreshness('aikido', 'high')
+        });
+      }
+      console.log('[SCRAPER]   ' + pypiPackages.length + ' PyPI MALWARE entries from Aikido');
+    } else {
+      console.log('[SCRAPER]   Aikido PyPI feed: HTTP ' + status);
+    }
+  } catch (e) {
+    console.log('[SCRAPER]   Aikido PyPI error: ' + e.message);
+  }
+
+  return { packages: npmPackages, pypi_packages: pypiPackages };
+}
+
 // ============================================
 // SOURCE 5: OSV.dev Lightweight API
 // Used by `muaddib update` (fast, no zip download)
@@ -1388,9 +1501,36 @@ async function queryOSVBatch(packageNames) {
 function getNoVersionSkipCount() { return _noVersionSkipCount; }
 function resetNoVersionSkipCount() { _noVersionSkipCount = 0; }
 
+/**
+ * Source-aware confidence: a package reported by N distinct feeds is more
+ * confident than one reported by a single source. Used by webhook gating
+ * and the /diff command to prioritize multi-confirmed alerts.
+ *
+ * Tiers:
+ *   N >= 3 → 'high'   (cross-confirmed, alert immediately)
+ *   N === 2 → 'medium' (single-corroboration, alert with sandbox confirm)
+ *   N <= 1 → 'low'    (single-feed only, log + sandbox before alert)
+ *
+ * @param {object} pkg - IOC package entry (with optional `sources` array)
+ * @returns {{ tier: 'high'|'medium'|'low', count: number, sources: string[] }}
+ */
+function getSourceConfidence(pkg) {
+  if (!pkg) return { tier: 'low', count: 0, sources: [] };
+  const sources = Array.isArray(pkg.sources) && pkg.sources.length > 0
+    ? pkg.sources.map(s => s.name || 'unknown')
+    : [pkg.source || (pkg.freshness && pkg.freshness.source) || 'unknown'];
+  const unique = Array.from(new Set(sources));
+  let tier = 'low';
+  if (unique.length >= 3) tier = 'high';
+  else if (unique.length === 2) tier = 'medium';
+  return { tier, count: unique.length, sources: unique };
+}
+
 module.exports = {
   runScraper, scrapeShaiHuludDetector, scrapeDatadogIOCs,
+  scrapeAikidoMalwareFeed,
   scrapeOSVLightweightAPI, queryOSVBatch,
+  getSourceConfidence,
   // Pure utility functions (exported for testing)
   parseCSVLine, parseCSV, extractVersions, parseOSVEntry,
   createFreshness, isAllowedRedirect,

package/src/ioc/updater.js

@@ -136,7 +136,9 @@ function mergeIOCs(target, source) {
     target._hashSet = new Set(target.hashes);
     target._markerSet = new Set(target.markers);
     target._fileSet = new Set(target.files);
+    target._stringIocSet = new Set((target.stringIocs || []).map(s => s.string));
   }
+  if (!target.stringIocs) target.stringIocs = [];
 
   let added = 0;
 
@@ -184,6 +186,16 @@ function mergeIOCs(target, source) {
     }
   }
 
+  // Merge string IOCs (YARA-style)
+  for (const sIoc of source.stringIocs || []) {
+    const literal = sIoc && typeof sIoc.string === 'string' ? sIoc.string : null;
+    if (!literal) continue;
+    if (!target._stringIocSet.has(literal)) {
+      target.stringIocs.push(sIoc);
+      target._stringIocSet.add(literal);
+    }
+  }
+
   return added;
 }
 
@@ -207,7 +219,9 @@ function loadCachedIOCs() {
     pypi_packages: [],
     hashes: yamlIOCs.hashes.map(function(h) { return h.sha256; }),
     markers: yamlIOCs.markers.map(function(m) { return m.pattern; }),
-    files: yamlIOCs.files.map(function(f) { return f.name; })
+    files: yamlIOCs.files.map(function(f) { return f.name; }),
+    // string-IOCs from string-iocs.yaml (YARA-style high-precision artifacts)
+    stringIocs: Array.isArray(yamlIOCs.stringIocs) ? [...yamlIOCs.stringIocs] : []
   };
 
   // Priority 2a: Local scraped IOCs (full enriched file)
@@ -349,6 +363,11 @@ function createOptimizedIOCs(iocs) {
   // Set for suspicious files
   const filesSet = new Set(iocs.files);
 
+  // String IOCs (YARA-style): keep both array (for metadata) and Map keyed by string
+  // for O(1) campaign lookup once a substring match has been confirmed.
+  const stringIocsArr = Array.isArray(iocs.stringIocs) ? iocs.stringIocs : [];
+  const stringIocsMap = new Map(stringIocsArr.map(s => [s.string, s]));
+
   return {
     // Optimized structures (npm)
     packagesMap,
@@ -360,6 +379,9 @@ function createOptimizedIOCs(iocs) {
     hashesSet,
     markersSet,
     filesSet,
+    // String IOCs (YARA-style)
+    stringIocs: stringIocsArr,
+    stringIocsMap,
     // Original arrays for compatibility
     packages: iocs.packages,
     pypi_packages: iocs.pypi_packages || [],

package/src/ioc/yaml-loader.js

@@ -34,7 +34,10 @@ function loadYAMLIOCs() {
     packages: [],
     hashes: [],
     markers: [],
-    files: []
+    files: [],
+    // string-IOCs (YARA-style high-precision artifacts) — see iocs/string-iocs.yaml
+    // Each entry: { string, campaign, severity, source, description }
+    stringIocs: []
   };
 
   // Dedup sets for O(1) lookup during loading
@@ -42,6 +45,7 @@ function loadYAMLIOCs() {
   const seenHashes = new Set();
   const seenMarkers = new Set();
   const seenFiles = new Set();
+  const seenStrings = new Set();
 
   // Charger packages.yaml
   loadPackagesYAML(path.join(IOCS_DIR, 'packages.yaml'), iocs, seenPkgs);
@@ -52,9 +56,53 @@ function loadYAMLIOCs() {
   // Charger hashes.yaml
   loadHashesYAML(path.join(IOCS_DIR, 'hashes.yaml'), iocs, seenHashes, seenMarkers, seenFiles);
 
+  // Charger string-iocs.yaml (YARA-style)
+  loadStringIocsYAML(path.join(IOCS_DIR, 'string-iocs.yaml'), iocs, seenStrings);
+
   return iocs;
 }
 
+/**
+ * Load YARA-style string IOCs from string-iocs.yaml.
+ * Each entry must satisfy the inclusion criteria documented in that file:
+ *   - length >= 6 chars
+ *   - confirmed in >= 1 sample malware
+ *   - absent from benign corpus
+ *   - unique enough that substring match is decisive
+ * Length floor enforced here (defense-in-depth) — anything shorter is dropped
+ * silently with a single warning to avoid spamming the console.
+ */
+function loadStringIocsYAML(filePath, iocs, seenStrings) {
+  if (!fs.existsSync(filePath)) return;
+  const MIN_STRING_LEN = 6;
+  let dropped = 0;
+
+  try {
+    const data = yaml.load(readVerifiedYAML(filePath), { schema: yaml.JSON_SCHEMA });
+    if (!data || !Array.isArray(data.strings)) return;
+
+    for (const s of data.strings) {
+      if (!s || typeof s.string !== 'string') { dropped++; continue; }
+      const literal = s.string;
+      if (literal.length < MIN_STRING_LEN) { dropped++; continue; }
+      if (seenStrings.has(literal)) continue;
+      seenStrings.add(literal);
+      iocs.stringIocs.push({
+        string: literal,
+        campaign: typeof s.campaign === 'string' ? s.campaign : 'unknown',
+        severity: (s.severity === 'HIGH' || s.severity === 'MEDIUM') ? s.severity : 'CRITICAL',
+        source: typeof s.source === 'string' ? s.source : '',
+        description: typeof s.description === 'string' ? s.description : ''
+      });
+    }
+    if (dropped > 0) {
+      console.error(`[WARN] string-iocs.yaml: ${dropped} entries dropped (missing string field or below ${MIN_STRING_LEN} chars)`);
+    }
+  } catch (e) {
+    console.error('[WARN] Erreur parsing string-iocs.yaml:', e.message);
+  }
+}
+
 function loadPackagesYAML(filePath, iocs, seenPkgs) {
   if (!fs.existsSync(filePath)) return;
 

package/src/pipeline/executor.js

@@ -6,6 +6,9 @@ const { analyzeAST } = require('../scanner/ast.js');
 const { detectObfuscation } = require('../scanner/obfuscation.js');
 const { scanDependencies } = require('../scanner/dependencies.js');
 const { scanHashes } = require('../scanner/hash.js');
+const { scanIocStrings } = require('../scanner/ioc-strings.js');
+const { scanAntiForensic } = require('../scanner/anti-forensic.js');
+const { scanStubPackage } = require('../scanner/stub-package.js');
 const { analyzeDataFlow } = require('../scanner/dataflow.js');
 const { scanTyposquatting, findPyPITyposquatMatch } = require('../scanner/typosquat.js');
 const { scanGitHubActions } = require('../scanner/github-actions.js');
@@ -183,7 +186,8 @@ async function execute(targetPath, options, pythonDeps, warnings) {
     'scanPackageJson', 'scanShellScripts', 'analyzeAST', 'detectObfuscation',
     'scanDependencies', 'scanHashes', 'analyzeDataFlow', 'scanTyposquatting',
     'scanGitHubActions', 'matchPythonIOCs', 'checkPyPITyposquatting',
-    'scanEntropy', 'scanAIConfig'
+    'scanEntropy', 'scanAIConfig', 'scanIocStrings', 'scanAntiForensic',
+    'scanStubPackage'
   ];
 
   const settledResults = await Promise.allSettled([
@@ -199,7 +203,10 @@ async function execute(targetPath, options, pythonDeps, warnings) {
     yieldThen(() => matchPythonIOCs(pythonDeps, targetPath)),
     yieldThen(() => checkPyPITyposquatting(pythonDeps, targetPath)),
     withTimeout(() => scanEntropy(targetPath, { entropyThreshold: options.entropyThreshold || undefined }), 'scanEntropy'),
-    yieldThen(() => scanAIConfig(targetPath))
+    yieldThen(() => scanAIConfig(targetPath)),
+    yieldThen(() => scanIocStrings(targetPath)),
+    withTimeout(() => scanAntiForensic(targetPath), 'scanAntiForensic'),
+    yieldThen(() => scanStubPackage(targetPath))
   ]);
 
   // Extract results: use empty array for rejected scanners, log errors
@@ -224,7 +231,10 @@ async function execute(targetPath, options, pythonDeps, warnings) {
     pythonThreats,
     pypiTyposquatThreats,
     entropyThreats,
-    aiConfigThreats
+    aiConfigThreats,
+    iocStringThreats,
+    antiForensicThreats,
+    stubPackageThreats
   ] = scanResult;
 
   // Emit warning if file count cap was hit + quick-scan overflow files
@@ -291,6 +301,9 @@ async function execute(targetPath, options, pythonDeps, warnings) {
     ...pypiTyposquatThreats,
     ...entropyThreats,
     ...aiConfigThreats,
+    ...iocStringThreats,
+    ...antiForensicThreats,
+    ...stubPackageThreats,
     ...crossFileFlows.filter(f => f && f.sourceFile && f.sinkFile).map(f => ({
       type: f.type,
       severity: f.severity,

package/src/pipeline/processor.js

@@ -3,7 +3,7 @@ const path = require('path');
 const { getRule } = require('../rules/index.js');
 const { getPlaybook } = require('../response/playbooks.js');
 const { computeReachableFiles } = require('../scanner/reachability.js');
-const { applyFPReductions, applyCompoundBoosts, calculateRiskScore, getSeverityWeights, applyContextualFPCaps } = require('../scoring.js');
+const { applyFPReductions, applyCompoundBoosts, calculateRiskScore, getSeverityWeights, applyContextualFPCaps, applySingleFireCriticalFloor, applyReputationFactor } = require('../scoring.js');
 const { buildIntentPairs } = require('../intent-graph.js');
 const { debugLog } = require('../utils.js');
 
@@ -319,6 +319,32 @@ async function process(threats, targetPath, options, pythonDeps, warnings, scann
       ' → score=' + result.summary.riskScore);
   }
 
+  // Hybrid v3 Phase 1: single-fire critical floor — applied AFTER contextual
+  // caps so a deterministic IOC match (known_malicious_hash, lifecycle_shell_pipe…)
+  // stays CRITICAL even if the package also matches a benign FP cluster.
+  const sfTriggers = applySingleFireCriticalFloor(result);
+  if (sfTriggers.length > 0) {
+    debugLog('[SF-FLOOR] ' + (packageName || targetPath) + ': ' +
+      sfTriggers.map(t => t.type + '/' + t.severity).join(', ') +
+      ' → score=' + result.summary.riskScore);
+  }
+
+  // Hybrid v3 Phase 4: metadata-first reputation factor — multiplies the score
+  // by a factor in [0.10, 1.5] derived from npm registry signals. Applied LAST
+  // so all severity logic completes first; the factor is the final, package-
+  // wide context filter. Gated behind MUADDIB_METADATA_FACTOR=1; no-op when
+  // metadata is absent (CLI scans, offline) or the gate is off.
+  // NOTE: this module's exported function is named `process`, which shadows
+  // the global `process` inside its body. Use globalThis.process.env to reach
+  // the real environment.
+  if (globalThis.process.env.MUADDIB_METADATA_FACTOR === '1') {
+    const repAdjust = applyReputationFactor(result, _pkgMeta && _pkgMeta.npmRegistryMeta);
+    if (repAdjust) {
+      debugLog('[META-FACTOR] ' + (packageName || targetPath) + ': factor=' +
+        repAdjust.factor.toFixed(2) + ' (' + repAdjust.oldScore + ' → ' + repAdjust.newScore + ')');
+    }
+  }
+
   return {
     result,
     deduped,

package/src/response/playbooks.js

@@ -128,6 +128,27 @@ const PLAYBOOKS = {
   shai_hulud_marker:
     'CRITIQUE: Marqueur Shai-Hulud detecte. Package compromis. Supprimer immediatement et regenerer tous les tokens.',
 
+  ioc_string_match:
+    'CRITIQUE: String IOC YARA-style matched (campagne malware connue). Verifier le fichier signale et le champ campaign. Si match dans node_modules, considerer le package compromis. Source du IOC dans `iocs/string-iocs.yaml`.',
+
+  anti_forensic_xor_autodelete:
+    'CRITIQUE: Pattern complet anti-forensique (XOR + self-delete + decoy write) dans un seul fichier. Style Axios npm 2026-03 / csec autodelete. Considerer le package compromis. Inspecter le fichier signale et regenerer tous les secrets si le code a deja tourne.',
+
+  anti_forensic_partial:
+    'ATTENTION: 2 patterns anti-forensiques sur 3 dans un meme fichier. Soit malware en cours de developpement, soit faux positif sur lib de crypto/build qui combine XOR + ecriture .bak. Inspection manuelle requise.',
+
+  stub_package_external_payload:
+    'CRITIQUE: Package stub avec dep URL externe + lifecycle hook = pattern ltidi chain. Le code malveillant est dans la dep externe, pas le tarball npm. Bloquer le package + resoudre la dep externe pour audit.',
+
+  stub_package_external_dep:
+    'ATTENTION: Package stub avec dep URL externe (sans lifecycle). Lib legitime qui pull un payload via URL devrait re-exporter la dep. Inspecter la dep cible avant install.',
+
+  axios_family:
+    'CRITIQUE: Famille Axios/csec confirmee (IOC + lifecycle + anti-forensic). Bloquer le package, regenerer tous les secrets, isoler les machines qui ont fait `npm install` recemment.',
+
+  stub_with_string_ioc:
+    'CRITIQUE: Package stub + IOC string connu = staging chain-attack confirme. Bloquer le package + sa dep externe. Regenerer secrets si install effectue.',
+
   known_malicious_hash:
     'CRITIQUE: Fichier malveillant confirme par hash. Supprimer immediatement. Considerer la machine compromise.',
 

package/src/rules/index.js

@@ -178,6 +178,89 @@ const RULES = {
     ],
     mitre: 'T1195.002'
   },
+  ioc_string_match: {
+    id: 'MUADDIB-IOC-001',
+    name: 'YARA-style String IOC Match',
+    severity: 'CRITICAL',
+    confidence: 'high',
+    description: 'Literal substring uniquement attribuable a une campagne malware connue (XOR key, RAT command name, C2 path, build artifact). Le match en source = signal CRITICAL transverse a toutes les variantes qui reuse le meme stager.',
+    references: [
+      'iocs/string-iocs.yaml',
+      'https://gist.github.com/N3mes1s/0c0fc7a0c23cdb5e1c8f66b208053ed6',
+      'https://unit42.paloaltonetworks.com/axios-supply-chain-attack/',
+      'https://blog.gitguardian.com/three-supply-chain-campaigns-hit-npm-pypi-and-docker-hub-in-48-hours/'
+    ],
+    mitre: 'T1195.002'
+  },
+  anti_forensic_xor_autodelete: {
+    id: 'MUADDIB-AF-001',
+    name: 'Anti-Forensic XOR + Self-Delete + Decoy Write',
+    severity: 'CRITICAL',
+    confidence: 'high',
+    description: 'Compound AST pattern: XOR loop with literal-derived operand + fs.unlink/rename of self file + fs.writeFile to a decoy extension (.md/.bak/.tmp/.txt/.log) all in the same source file. Catches the Axios npm 2026-03 setup.js dropper and the csec autodelete family even when the XOR key string is rotated.',
+    references: [
+      'https://gist.github.com/N3mes1s/0c0fc7a0c23cdb5e1c8f66b208053ed6',
+      'https://unit42.paloaltonetworks.com/axios-supply-chain-attack/'
+    ],
+    mitre: 'T1140'
+  },
+  anti_forensic_partial: {
+    id: 'MUADDIB-AF-002',
+    name: 'Anti-Forensic Partial (2 of 3 patterns)',
+    severity: 'HIGH',
+    confidence: 'medium',
+    description: '2 of 3 anti-forensic patterns in a single file (XOR loop, self-delete, decoy write). Insufficient for CRITICAL alone but elevates a package that already shows other signals.',
+    references: [
+      'https://gist.github.com/N3mes1s/0c0fc7a0c23cdb5e1c8f66b208053ed6'
+    ],
+    mitre: 'T1140'
+  },
+  stub_package_external_payload: {
+    id: 'MUADDIB-STUB-001',
+    name: 'Stub Package + External URL Dep + Lifecycle Hook',
+    severity: 'CRITICAL',
+    confidence: 'high',
+    description: 'Package main file is essentially empty AND declares a non-npm-registry URL dependency AND has an install lifecycle hook. The malicious payload lives in the resolved external dep, not the published tarball. Closes the ltidi chain attack class that bypassed ADR_THRESHOLD=20.',
+    references: [
+      'project_detection_gap_ltidi_chain memory entry',
+      'https://blog.gitguardian.com/three-supply-chain-campaigns-hit-npm-pypi-and-docker-hub-in-48-hours/'
+    ],
+    mitre: 'T1195.002'
+  },
+  stub_package_external_dep: {
+    id: 'MUADDIB-STUB-002',
+    name: 'Stub Package + External URL Dep (no lifecycle)',
+    severity: 'HIGH',
+    confidence: 'medium',
+    description: 'Package main file is essentially empty AND declares a non-npm-registry URL dependency. No lifecycle hook so the payload requires an explicit require() — manual review still warranted because legitimate libs that pull a payload via URL would re-export the dep.',
+    references: [
+      'project_detection_gap_ltidi_chain memory entry'
+    ],
+    mitre: 'T1195.002'
+  },
+  axios_family: {
+    id: 'MUADDIB-COMPOUND-AXIOS',
+    name: 'Axios / csec Family Compound',
+    severity: 'CRITICAL',
+    confidence: 'high',
+    description: 'Compound: IOC string match + lifecycle hook + anti-forensic partial pattern. Identifies the BlueNoroff/Sapphire Sleet Axios family and the csec autodelete family at a single glance.',
+    references: [
+      'https://gist.github.com/N3mes1s/0c0fc7a0c23cdb5e1c8f66b208053ed6',
+      'https://unit42.paloaltonetworks.com/axios-supply-chain-attack/'
+    ],
+    mitre: 'T1195.002'
+  },
+  stub_with_string_ioc: {
+    id: 'MUADDIB-COMPOUND-STUB-IOC',
+    name: 'Stub Package + Known String IOC',
+    severity: 'CRITICAL',
+    confidence: 'high',
+    description: 'Compound: stub package (small main, external URL dep) AND a known string IOC in source. Unambiguous chain-attack staging.',
+    references: [
+      'project_detection_gap_ltidi_chain memory entry'
+    ],
+    mitre: 'T1195.002'
+  },
   lifecycle_script_dependency: {
     id: 'MUADDIB-DEP-004',
     name: 'Lifecycle Script in Dependency',