pentest-tool-lite 3.7.0 → 3.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/package.json +3 -2
  2. package/src/security/GoogleWebRisk.d.ts +12 -0
  3. package/src/security/GoogleWebRisk.js +58 -0
  4. package/src/security/index.js +2 -0
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "pentest-tool-lite",
3
3
  "description": "Check your website ( or any other website ) for common vulnerabilities.",
4
- "version": "3.7.0",
4
+ "version": "3.8.0",
5
5
  "homepage": "https://pentest-tool-lite.com",
6
6
  "license": "MIT",
7
7
  "author": {
@@ -13,6 +13,7 @@
13
13
  "pentest-tool-lite": "./src/index"
14
14
  },
15
15
  "dependencies": {
16
+ "@google-cloud/web-risk": "^4.0.1",
16
17
  "commander": "^6.0.0",
17
18
  "csso": "^5.0.5",
18
19
  "domhandler": "^4.2.2",
@@ -37,7 +38,7 @@
37
38
  },
38
39
  "devDependencies": {
39
40
  "@types/jest": "^27.0.2",
40
- "@types/node": "^13.13.0",
41
+ "@types/node": "^18.18.4",
41
42
  "@types/node-fetch": "^2.5.7",
42
43
  "@types/uglify-js": "^3.0.4",
43
44
  "@types/xml2js": "^0.4.5",
package/src/security/GoogleWebRisk.d.ts ADDED
@@ -0,0 +1,12 @@
1
+ import Test, { TestParameters, Result } from '../Test';
2
+ /**
3
+ *
4
+ * @see https://cloud.google.com/web-risk
5
+ * @see https://safebrowsing.google.com
6
+ * @see https://transparencyreport.google.com/safe-browsing/search
7
+ */
8
+ declare class GoogleWebRisk extends Test {
9
+ name: string;
10
+ test({ url }: TestParameters): Promise<Result>;
11
+ }
12
+ export default GoogleWebRisk;
package/src/security/GoogleWebRisk.js ADDED
@@ -0,0 +1,58 @@
1
+ "use strict";
2
+ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
3
+ function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
4
+ return new (P || (P = Promise))(function (resolve, reject) {
5
+ function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
6
+ function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
7
+ function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
8
+ step((generator = generator.apply(thisArg, _arguments || [])).next());
9
+ });
10
+ };
11
+ var __importDefault = (this && this.__importDefault) || function (mod) {
12
+ return (mod && mod.__esModule) ? mod : { "default": mod };
13
+ };
14
+ Object.defineProperty(exports, "__esModule", { value: true });
15
+ const web_risk_1 = require("@google-cloud/web-risk");
16
+ const Test_1 = __importDefault(require("../Test"));
17
+ const logger_1 = __importDefault(require("../logger"));
18
+ /**
19
+ *
20
+ * @see https://cloud.google.com/web-risk
21
+ * @see https://safebrowsing.google.com
22
+ * @see https://transparencyreport.google.com/safe-browsing/search
23
+ */
24
+ class GoogleWebRisk extends Test_1.default {
25
+ constructor() {
26
+ super(...arguments);
27
+ this.name = 'GoogleWebRisk';
28
+ }
29
+ test({ url }) {
30
+ return __awaiter(this, void 0, void 0, function* () {
31
+ logger_1.default.info('Starting Google Web Risk test...');
32
+ const client = new web_risk_1.WebRiskServiceClient();
33
+ const request = {
34
+ uri: url,
35
+ threatTypes: [
36
+ web_risk_1.protos.google.cloud.webrisk.v1.ThreatType.MALWARE,
37
+ web_risk_1.protos.google.cloud.webrisk.v1.ThreatType.SOCIAL_ENGINEERING,
38
+ web_risk_1.protos.google.cloud.webrisk.v1.ThreatType.UNWANTED_SOFTWARE,
39
+ ],
40
+ };
41
+ const response = yield client.searchUris(request);
42
+ const { threat } = response[0];
43
+ if (threat !== null) {
44
+ return {
45
+ status: 'ERROR',
46
+ title: this.name,
47
+ description: `This url contains ${threat.threatTypes.join(', ').toLowerCase()}!`,
48
+ };
49
+ }
50
+ return {
51
+ status: 'SUCCESS',
52
+ title: this.name,
53
+ description: 'This URL is safe.',
54
+ };
55
+ });
56
+ }
57
+ }
58
+ exports.default = GoogleWebRisk;
package/src/security/index.js CHANGED
@@ -26,6 +26,7 @@ const ReferrerPolicy_1 = __importDefault(require("./ReferrerPolicy"));
26
26
  const RobotsTXT_1 = __importDefault(require("./RobotsTXT"));
27
27
  const PermissionsPolicy_1 = __importDefault(require("./PermissionsPolicy"));
28
28
  const SSL_1 = __importDefault(require("./SSL"));
29
+ const GoogleWebRisk_1 = __importDefault(require("./GoogleWebRisk"));
29
30
  class Security extends Test_1.default {
30
31
  constructor() {
31
32
  super();
@@ -44,6 +45,7 @@ class Security extends Test_1.default {
44
45
  new ContentEncoding_1.default(),
45
46
  new RobotsTXT_1.default(),
46
47
  new SSL_1.default(),
48
+ new GoogleWebRisk_1.default(),
47
49
  ];
48
50
  }
49
51
  test(params) {