omen-sec-cli 1.0.19 → 1.0.20

package/core/discover/stack-detector.js

@@ -1,6 +1,7 @@
 import fs from 'fs/promises';
 import path from 'path';
-import { glob } from 'glob';
+import axios from 'axios';
+import * as cheerio from 'cheerio';
 
 export async function runDiscovery(projectPath = process.cwd()) {
   const discovery = {
@@ -9,18 +10,27 @@ export async function runDiscovery(projectPath = process.cwd()) {
     entrypoints: [],
     boot_strategy: null,
     critical_files: [],
-    dependencies: {}
+    dependencies: {},
+    is_remote: false
   };
 
+  // Check if it's a URL
+  if (projectPath.startsWith('http')) {
+    discovery.is_remote = true;
+    return await runRemoteDiscovery(projectPath, discovery);
+  }
+
   // 1. Load package.json if exists
   try {
     const pkgPath = path.join(projectPath, 'package.json');
-    const pkgData = JSON.parse(await fs.readFile(pkgPath, 'utf-8'));
+    const pkgContent = await fs.readFile(pkgPath, 'utf-8');
+    const pkgData = JSON.parse(pkgContent);
     discovery.dependencies = { ...pkgData.dependencies, ...pkgData.devDependencies };
     
     if (discovery.dependencies['next']) discovery.stack = 'Next.js';
     else if (discovery.dependencies['express']) discovery.stack = 'Node/Express';
     else if (discovery.dependencies['react']) discovery.stack = 'React SPA';
+    else discovery.stack = 'Node.js';
     
     // Boot strategy for Node
     if (pkgData.scripts) {
@@ -33,7 +43,7 @@ export async function runDiscovery(projectPath = process.cwd()) {
   try {
     const requirementsPath = path.join(projectPath, 'requirements.txt');
     await fs.access(requirementsPath);
-    discovery.stack = discovery.stack === 'Unknown' ? 'Python' : discovery.stack;
+    if (discovery.stack === 'Unknown') discovery.stack = 'Python';
     discovery.critical_files.push('requirements.txt');
   } catch (e) {}
 
@@ -46,7 +56,7 @@ export async function runDiscovery(projectPath = process.cwd()) {
   } catch (e) {}
 
   // 4. Find entrypoints
-  const commonEntrypoints = ['server.js', 'app.js', 'index.js', 'src/index.js', 'main.py', 'app.py'];
+  const commonEntrypoints = ['server.js', 'app.js', 'index.js', 'src/index.js', 'main.py', 'app.py', 'index.php'];
   for (const entry of commonEntrypoints) {
     try {
       await fs.access(path.join(projectPath, entry));
@@ -55,13 +65,52 @@ export async function runDiscovery(projectPath = process.cwd()) {
   }
 
   // 5. Critical Security Files
-  const securityFiles = ['.env', '.env.local', '.env.production', '.git/config', 'docker-compose.yml', 'Dockerfile'];
+  const securityFiles = ['.env', '.env.local', '.env.production', '.git/config', 'docker-compose.yml', 'Dockerfile', 'package.json', 'composer.json', 'requirements.txt'];
   for (const file of securityFiles) {
     try {
       await fs.access(path.join(projectPath, file));
-      discovery.critical_files.push(file);
+      if (!discovery.critical_files.includes(file)) discovery.critical_files.push(file);
     } catch (e) {}
   }
 
   return discovery;
 }
+
+async function runRemoteDiscovery(url, discovery) {
+  try {
+    const response = await axios.get(url, {
+      timeout: 10000,
+      validateStatus: () => true,
+      headers: { 'User-Agent': 'OMEN-SEC-CLI/1.0.20 (Discovery)' }
+    });
+
+    const headers = response.headers;
+    const html = response.data || '';
+
+    // Header-based detection
+    if (headers['x-powered-by']) discovery.stack = headers['x-powered-by'];
+    if (headers['server']) discovery.stack = headers['server'];
+
+    // HTML-based detection
+    if (html.includes('next-head') || html.includes('_next/static')) discovery.stack = 'Next.js';
+    else if (html.includes('react-root') || html.includes('data-react')) discovery.stack = 'React';
+    else if (html.includes('wp-content')) discovery.stack = 'WordPress';
+    else if (html.includes('nuxt')) discovery.stack = 'Nuxt.js';
+
+    // Entrypoints as routes
+    const $ = cheerio.load(html);
+    $('a').each((i, el) => {
+      const href = $(el).attr('href');
+      if (href && !href.startsWith('#') && !href.startsWith('http') && discovery.entrypoints.length < 5) {
+        discovery.entrypoints.push(href);
+      }
+    });
+
+    discovery.entrypoints = [...new Set(discovery.entrypoints)];
+    discovery.boot_strategy = 'Remote URL';
+
+  } catch (err) {
+    discovery.stack = 'Unknown (Remote unreachable)';
+  }
+  return discovery;
+}

package/core/engine-v2.js

@@ -23,33 +23,49 @@ export async function plan() {
   const state = await loadState();
   const discovery = state.discovery;
 
-  if (!discovery || !discovery.stack) {
+  if (!discovery || !discovery.stack || discovery.stack === 'Unknown') {
     console.log(chalk.red('No discovery data found. Run "omen discover" first.'));
     return;
   }
 
   const plan = {
     steps: [
-      { id: 'static', action: 'Static Analysis', status: 'pending' },
-      { id: 'dependencies', action: 'Dependency Audit', status: 'pending' }
+      { id: 'static', action: 'Static Analysis', status: 'pending' }
     ]
   };
 
-  if (discovery.boot_strategy) {
+  // If local, check for dependencies
+  if (!discovery.is_remote) {
+    plan.steps.push({ id: 'dependencies', action: 'Dependency Audit', status: 'pending' });
+  }
+
+  if (discovery.boot_strategy && discovery.boot_strategy !== 'Remote URL') {
     plan.steps.push({ id: 'boot', action: `Boot App (${discovery.boot_strategy})`, status: 'pending' });
     plan.steps.push({ id: 'dynamic', action: 'Dynamic Analysis (Localhost)', status: 'pending' });
+  } else if (discovery.is_remote) {
+    plan.steps.push({ id: 'dynamic', action: 'Dynamic Analysis (Remote)', status: 'pending' });
   }
 
   console.log(chalk.white(`Plan generated with ${plan.steps.length} steps.`));
+  // IMPORTANTE: Retornar o plano e salvar no estado
   await saveState({ plan });
   return plan;
 }
 
 export async function execute() {
   console.log(chalk.bold.cyan('\n--- Phase 3: Execution ---'));
-  const state = await loadState();
+  
+  // Recarregar o estado para garantir que temos o plano
+  let state = await loadState();
+  
+  if (!state.plan || !state.plan.steps || state.plan.steps.length === 0) {
+    console.log(chalk.yellow('No plan found in state. Attempting to generate one...'));
+    await plan();
+    state = await loadState(); // Recarregar após plan()
+  }
+
   if (!state.plan || !state.plan.steps) {
-    console.log(chalk.red('No plan found. Run "omen plan" first.'));
+    console.log(chalk.red('Failed to generate or load plan. Run "omen discover" first.'));
     return;
   }
 
@@ -59,12 +75,18 @@ export async function execute() {
   for (const step of state.plan.steps) {
     console.log(chalk.yellow(`\nExecuting: ${step.action}...`));
     
-    if (step.id === 'static') {
+    if (step.id === 'static' && !state.discovery.is_remote) {
       const localResult = await scanLocalProject();
       vulnerabilities.push(...localResult.vulnerabilities);
       executionLogs.push(`Static analysis scanned ${localResult.localFilesScanned} files.`);
     }
 
+    if (step.id === 'dynamic' && state.discovery.is_remote) {
+      const dynamicResult = await scanRemoteTarget(state.discovery.path);
+      vulnerabilities.push(...dynamicResult.vulnerabilities);
+      executionLogs.push(`Dynamic analysis performed on ${state.discovery.path}`);
+    }
+
     if (step.id === 'boot') {
       const bootResult = await bootLocalApp(state.discovery.boot_strategy);
       if (!bootResult.success) {
@@ -106,11 +128,13 @@ export async function execute() {
   const resultData = { 
     execution, 
     score, 
-    vulnerabilities, 
+    vulnerabilities: vulnerabilities || [], 
     riskLevel: score < 40 ? 'Critical' : score < 70 ? 'High' : score < 90 ? 'Medium' : 'Low',
     timestamp: new Date().toISOString(),
     target: state.discovery?.path || process.cwd(),
-    scan_id: `OMEN-${Date.now()}`
+    scan_id: `OMEN-${Date.now()}`,
+    discovery: state.discovery || {},
+    plan: state.plan || {}
   };
 
   await saveState(resultData);

package/core/remote-scanner.js

@@ -15,7 +15,7 @@ export async function scanRemoteTarget(targetUrl) {
     const response = await axios.get(targetUrl, {
       timeout: 15000,
       validateStatus: () => true,
-      headers: { 'User-Agent': 'OMEN-SEC-CLI/1.0.19 (Security Audit)' }
+      headers: { 'User-Agent': 'OMEN-SEC-CLI/1.0.20 (Security Audit)' }
     });
 
     serverStatus = response.status;
@@ -338,7 +338,7 @@ export async function scanRemoteTarget(targetUrl) {
           const res = await axios.get(testUrl.href, { 
             timeout: 5000, 
             validateStatus: () => true,
-            headers: { 'User-Agent': 'OMEN-SEC-CLI/1.0.19 (Security Audit)' }
+            headers: { 'User-Agent': 'OMEN-SEC-CLI/1.0.20 (Security Audit)' }
           });
           
           const evidence = {

package/core/reporters/fix-plan-reporter.js

@@ -41,6 +41,6 @@ export function generateFixPlan(scanData) {
     });
   }
 
-  md += `\n*Gerado automaticamente pelo OMEN SEC-CLI v1.0.19 - Protocolo Zero-Copy AI Ativo*\n`;
+  md += `\n*Gerado automaticamente pelo OMEN SEC-CLI v1.0.20 - Protocolo Zero-Copy AI Ativo*\n`;
   return md;
 }

package/core/ui-server.js

@@ -44,6 +44,10 @@ export async function startUIServer() {
           <title>OMEN SEC-CLI Evidence Center</title>
           <script src="https://cdn.tailwindcss.com"></script>
           <link href="https://fonts.googleapis.com/css2?family=JetBrains+Mono:wght@400;700&family=Inter:wght@400;600;800&display=swap" rel="stylesheet">
+          <script>
+            // Ensure data safety for JS
+            const report = ${JSON.stringify(report)};
+          </script>
           <style>
               body { background-color: #0a0a0c; color: #e0e0e0; font-family: 'Inter', sans-serif; }
               .mono { font-family: 'JetBrains Mono', monospace; }
@@ -124,10 +128,10 @@ export async function startUIServer() {
                               <span class="w-2 h-2 bg-blue-500 rounded-full mr-2"></span> Phase Intelligence
                           </h2>
                           <div class="space-y-4 text-sm">
-                              <div class="flex justify-between border-b border-gray-800 pb-2"> <span class="text-gray-500">Stack Detected</span> <span class="text-gray-300 font-bold">${report.discovery?.stack || 'N/A'}</span> </div>
-                              <div class="flex justify-between border-b border-gray-800 pb-2"> <span class="text-gray-500">Boot Strategy</span> <span class="mono text-gray-300">${report.discovery?.boot_strategy || 'None'}</span> </div>
-                              <div class="flex justify-between border-b border-gray-800 pb-2"> <span class="text-gray-500">Execution Steps</span> <span class="text-gray-300">${(report.plan?.steps || []).length} steps</span> </div>
-                              <div class="flex justify-between border-b border-gray-800 pb-2"> <span class="text-gray-500">Last Scan Status</span> <span class="text-green-500 font-bold uppercase">${report.execution?.status || 'N/A'}</span> </div>
+                              <div class="flex justify-between border-b border-gray-800 pb-2"> <span class="text-gray-500">Stack Detected</span> <span class="text-gray-300 font-bold">${(report && report.discovery && report.discovery.stack) || 'N/A'}</span> </div>
+                              <div class="flex justify-between border-b border-gray-800 pb-2"> <span class="text-gray-500">Boot Strategy</span> <span class="mono text-gray-300">${(report && report.discovery && report.discovery.boot_strategy) || 'None'}</span> </div>
+                              <div class="flex justify-between border-b border-gray-800 pb-2"> <span class="text-gray-500">Execution Steps</span> <span class="text-gray-300">${(report && report.plan && report.plan.steps && report.plan.steps.length) || 0} steps</span> </div>
+                              <div class="flex justify-between border-b border-gray-800 pb-2"> <span class="text-gray-500">Last Scan Status</span> <span class="text-green-500 font-bold uppercase">${(report && report.execution && report.execution.status) || 'N/A'}</span> </div>
                           </div>
                       </div>
                   </div>
@@ -222,18 +226,18 @@ export async function startUIServer() {
                       <div class="lg:col-span-2 space-y-8">
                           <div class="card p-6 rounded-xl">
                               <h3 class="text-xl font-bold mb-4">Discovered Assets</h3>
-                              <pre class="mono max-h-[600px]">${(report.discovery?.entrypoints || []).concat(report.discovery?.critical_files || []).join('\n') || 'No assets discovered.'}</pre>
+                              <pre class="mono max-h-[600px]">${((report && report.discovery && report.discovery.entrypoints) || []).concat((report && report.discovery && report.discovery.critical_files) || []).join('\n') || 'No assets discovered.'}</pre>
                           </div>
                       </div>
                       <div class="space-y-8">
                           <div class="card p-6 rounded-xl">
                               <h3 class="text-xl font-bold mb-4">Phase Log</h3>
-                              <pre class="mono text-[10px]">${(report.execution?.logs || []).join('\n') || 'No execution logs.'}</pre>
+                              <pre class="mono text-[10px]">${(report && report.execution && report.execution.logs && report.execution.logs.join('\n')) || 'No execution logs.'}</pre>
                           </div>
                           <div class="card p-6 rounded-xl">
                               <h3 class="text-xl font-bold mb-4">Tech Fingerprint</h3>
                               <div class="flex flex-wrap gap-2">
-                                  ${(report.attack_surface?.tech_stack || report.discovery?.stack ? [report.discovery.stack] : []).map(t => `<span class="px-3 py-1 bg-gray-800 rounded-full text-xs font-bold text-blue-400 border border-gray-700">${t}</span>`).join('') || '<span class="text-gray-500 italic">No stack identified.</span>'}
+                                  ${(report && report.discovery && report.discovery.stack ? [report.discovery.stack] : []).map(t => `<span class="px-3 py-1 bg-gray-800 rounded-full text-xs font-bold text-blue-400 border border-gray-700">${t}</span>`).join('') || '<span class="text-gray-500 italic">No stack identified.</span>'}
                               </div>
                           </div>
                       </div>
@@ -262,7 +266,7 @@ export async function startUIServer() {
               </div>
 
               <footer class="text-center text-gray-600 mt-16 border-t border-gray-900 pt-8 mb-10">
-                  <p class="text-xs uppercase tracking-widest font-bold mb-2">OMEN Security Framework - v1.0.19</p>
+                  <p class="text-xs uppercase tracking-widest font-bold mb-2">OMEN Security Framework - v1.0.20</p>
                   <p class="text-[10px] text-gray-700 italic">"The eye that never sleeps, the code that never fails."</p>
               </footer>
           </div>

package/omen-reports/omen-fix-plan.md

@@ -0,0 +1,139 @@
+# 🛡️ OMEN Security Fix Plan: https://www.fnstore.com.br/
+
+> **Data do Scan:** 2026-03-24T16:59:36.550Z  
+> **Score Atual:** 71/100  
+> **Vulnerabilidades:** 9
+
+Este documento é um guia passo-a-passo para remediar as falhas encontradas. Após aplicar as correções, execute `omen verify` para confirmar a resolução.
+
+## 🚨 Checklist de Remediação
+
+### [ ] 🟠 [HIGH] Content-Security-Policy Missing
+- **ID:** `REM-VULN-1774371576147-2`  
+- **CWE:** CWE-1022  
+- **Confiança:** high  
+
+#### 🔍 Evidência
+#### 🛠️ Estratégia de Correção
+Define a strict Content-Security-Policy to restrict source domains for scripts, styles, and other resources.
+
+#### ✅ Comando de Verificação
+`npx omen-sec-cli verify --id REM-VULN-1774371576147-2` (ou apenas `omen verify` para checar tudo)
+
+---
+
+### [ ] 🟠 [HIGH] Permissive CORS Policy
+- **ID:** `REM-CORS-1774371576147`  
+- **CWE:** CWE-942  
+- **Confiança:** high  
+
+#### 🔍 Evidência
+- **Detalhe:** Access-Control-Allow-Origin: *  
+#### 🛠️ Estratégia de Correção
+Restrict Access-Control-Allow-Origin to trusted domains only.
+
+#### ✅ Comando de Verificação
+`npx omen-sec-cli verify --id REM-CORS-1774371576147` (ou apenas `omen verify` para checar tudo)
+
+---
+
+### [ ] 🟡 [MEDIUM] Potential Admin Panel Exposure
+- **ID:** `REM-PROBABLE-PANEL-1774371576279`  
+- **CWE:** CWE-284  
+- **Confiança:** low  
+
+#### 🔍 Evidência
+#### 🛠️ Estratégia de Correção
+Restrict access to the admin panel using IP whitelisting or other access control mechanisms.
+
+#### ✅ Comando de Verificação
+`npx omen-sec-cli verify --id REM-PROBABLE-PANEL-1774371576279` (ou apenas `omen verify` para checar tudo)
+
+---
+
+### [ ] 🔵 [LOW] X-Frame-Options Missing
+- **ID:** `REM-VULN-1774371576147-4`  
+- **CWE:** CWE-1021  
+- **Confiança:** high  
+
+#### 🔍 Evidência
+#### 🛠️ Estratégia de Correção
+Set the X-Frame-Options header to DENY or SAMEORIGIN.
+
+#### ✅ Comando de Verificação
+`npx omen-sec-cli verify --id REM-VULN-1774371576147-4` (ou apenas `omen verify` para checar tudo)
+
+---
+
+### [ ] 🔵 [LOW] X-Content-Type-Options Missing
+- **ID:** `REM-VULN-1774371576147-6`  
+- **CWE:** CWE-116  
+- **Confiança:** high  
+
+#### 🔍 Evidência
+#### 🛠️ Estratégia de Correção
+Add the "X-Content-Type-Options: nosniff" header to all responses.
+
+#### ✅ Comando de Verificação
+`npx omen-sec-cli verify --id REM-VULN-1774371576147-6` (ou apenas `omen verify` para checar tudo)
+
+---
+
+### [ ] 🔵 [INFO] Technology Stack Identified
+- **ID:** `REM-TECH-1774371576168`  
+- **CWE:** CWE-200  
+- **Confiança:** high  
+
+#### 🔍 Evidência
+#### 🛠️ Estratégia de Correção
+Minimal tech disclosure is recommended to prevent targeted attacks.
+
+#### ✅ Comando de Verificação
+`npx omen-sec-cli verify --id REM-TECH-1774371576168` (ou apenas `omen verify` para checar tudo)
+
+---
+
+### [ ] 🔵 [INFO] Protected Path Discovered
+- **ID:** `REM-INFO-FORBIDDEN-1774371576298`  
+- **CWE:** CWE-204  
+- **Confiança:** medium  
+
+#### 🔍 Evidência
+#### 🛠️ Estratégia de Correção
+None required, but ensure that the 403 response does not leak information about the internal structure.
+
+#### ✅ Comando de Verificação
+`npx omen-sec-cli verify --id REM-INFO-FORBIDDEN-1774371576298` (ou apenas `omen verify` para checar tudo)
+
+---
+
+### [ ] 🔵 [INFO] Protected Path Discovered
+- **ID:** `REM-INFO-FORBIDDEN-1774371576313`  
+- **CWE:** CWE-204  
+- **Confiança:** medium  
+
+#### 🔍 Evidência
+#### 🛠️ Estratégia de Correção
+None required, but ensure that the 403 response does not leak information about the internal structure.
+
+#### ✅ Comando de Verificação
+`npx omen-sec-cli verify --id REM-INFO-FORBIDDEN-1774371576313` (ou apenas `omen verify` para checar tudo)
+
+---
+
+### [ ] 🔵 [INFO] Protected Path Discovered
+- **ID:** `REM-INFO-FORBIDDEN-1774371576351`  
+- **CWE:** CWE-204  
+- **Confiança:** medium  
+
+#### 🔍 Evidência
+#### 🛠️ Estratégia de Correção
+None required, but ensure that the 403 response does not leak information about the internal structure.
+
+#### ✅ Comando de Verificação
+`npx omen-sec-cli verify --id REM-INFO-FORBIDDEN-1774371576351` (ou apenas `omen verify` para checar tudo)
+
+---
+
+
+*Gerado automaticamente pelo OMEN SEC-CLI v1.0.20 - Protocolo Zero-Copy AI Ativo*