npm - s3db.js - Versions diffs - 13.6.0 → 14.0.2 - Mend

s3db.js 13.6.0 → 14.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (193) hide show

package/README.md +139 -43
package/dist/s3db.cjs +72425 -38970
package/dist/s3db.cjs.map +1 -1
package/dist/s3db.es.js +72177 -38764
package/dist/s3db.es.js.map +1 -1
package/mcp/lib/base-handler.js +157 -0
package/mcp/lib/handlers/connection-handler.js +280 -0
package/mcp/lib/handlers/query-handler.js +533 -0
package/mcp/lib/handlers/resource-handler.js +428 -0
package/mcp/lib/tool-registry.js +336 -0
package/mcp/lib/tools/connection-tools.js +161 -0
package/mcp/lib/tools/query-tools.js +267 -0
package/mcp/lib/tools/resource-tools.js +404 -0
package/package.json +94 -49
package/src/clients/memory-client.class.js +346 -191
package/src/clients/memory-storage.class.js +300 -84
package/src/clients/s3-client.class.js +7 -6
package/src/concerns/geo-encoding.js +19 -2
package/src/concerns/ip.js +59 -9
package/src/concerns/money.js +8 -1
package/src/concerns/password-hashing.js +49 -8
package/src/concerns/plugin-storage.js +186 -18
package/src/concerns/storage-drivers/filesystem-driver.js +284 -0
package/src/database.class.js +139 -29
package/src/errors.js +332 -42
package/src/plugins/api/auth/oidc-auth.js +66 -17
package/src/plugins/api/auth/strategies/base-strategy.class.js +74 -0
package/src/plugins/api/auth/strategies/factory.class.js +63 -0
package/src/plugins/api/auth/strategies/global-strategy.class.js +44 -0
package/src/plugins/api/auth/strategies/path-based-strategy.class.js +83 -0
package/src/plugins/api/auth/strategies/path-rules-strategy.class.js +118 -0
package/src/plugins/api/concerns/failban-manager.js +106 -57
package/src/plugins/api/concerns/opengraph-helper.js +116 -0
package/src/plugins/api/concerns/route-context.js +601 -0
package/src/plugins/api/concerns/state-machine.js +288 -0
package/src/plugins/api/index.js +180 -41
package/src/plugins/api/routes/auth-routes.js +198 -30
package/src/plugins/api/routes/resource-routes.js +19 -4
package/src/plugins/api/server/health-manager.class.js +163 -0
package/src/plugins/api/server/middleware-chain.class.js +310 -0
package/src/plugins/api/server/router.class.js +472 -0
package/src/plugins/api/server.js +280 -1303
package/src/plugins/api/utils/custom-routes.js +17 -5
package/src/plugins/api/utils/guards.js +76 -17
package/src/plugins/api/utils/openapi-generator-cached.class.js +133 -0
package/src/plugins/api/utils/openapi-generator.js +7 -6
package/src/plugins/api/utils/template-engine.js +77 -3
package/src/plugins/audit.plugin.js +30 -8
package/src/plugins/backup.plugin.js +110 -14
package/src/plugins/cache/cache.class.js +22 -5
package/src/plugins/cache/filesystem-cache.class.js +116 -19
package/src/plugins/cache/memory-cache.class.js +211 -57
package/src/plugins/cache/multi-tier-cache.class.js +371 -0
package/src/plugins/cache/partition-aware-filesystem-cache.class.js +168 -47
package/src/plugins/cache/redis-cache.class.js +552 -0
package/src/plugins/cache/s3-cache.class.js +17 -8
package/src/plugins/cache.plugin.js +176 -61
package/src/plugins/cloud-inventory/drivers/alibaba-driver.js +8 -1
package/src/plugins/cloud-inventory/drivers/aws-driver.js +60 -29
package/src/plugins/cloud-inventory/drivers/azure-driver.js +8 -1
package/src/plugins/cloud-inventory/drivers/base-driver.js +16 -2
package/src/plugins/cloud-inventory/drivers/cloudflare-driver.js +8 -1
package/src/plugins/cloud-inventory/drivers/digitalocean-driver.js +8 -1
package/src/plugins/cloud-inventory/drivers/hetzner-driver.js +8 -1
package/src/plugins/cloud-inventory/drivers/linode-driver.js +8 -1
package/src/plugins/cloud-inventory/drivers/mongodb-atlas-driver.js +8 -1
package/src/plugins/cloud-inventory/drivers/vultr-driver.js +8 -1
package/src/plugins/cloud-inventory/index.js +29 -8
package/src/plugins/cloud-inventory/registry.js +64 -42
package/src/plugins/cloud-inventory.plugin.js +240 -138
package/src/plugins/concerns/plugin-dependencies.js +54 -0
package/src/plugins/concerns/resource-names.js +100 -0
package/src/plugins/consumers/index.js +10 -2
package/src/plugins/consumers/sqs-consumer.js +12 -2
package/src/plugins/cookie-farm-suite.plugin.js +278 -0
package/src/plugins/cookie-farm.errors.js +73 -0
package/src/plugins/cookie-farm.plugin.js +869 -0
package/src/plugins/costs.plugin.js +7 -1
package/src/plugins/eventual-consistency/analytics.js +94 -19
package/src/plugins/eventual-consistency/config.js +15 -7
package/src/plugins/eventual-consistency/consolidation.js +29 -11
package/src/plugins/eventual-consistency/garbage-collection.js +3 -1
package/src/plugins/eventual-consistency/helpers.js +39 -14
package/src/plugins/eventual-consistency/install.js +21 -2
package/src/plugins/eventual-consistency/utils.js +32 -10
package/src/plugins/fulltext.plugin.js +38 -11
package/src/plugins/geo.plugin.js +61 -9
package/src/plugins/identity/concerns/config.js +61 -0
package/src/plugins/identity/concerns/mfa-manager.js +15 -2
package/src/plugins/identity/concerns/rate-limit.js +124 -0
package/src/plugins/identity/concerns/resource-schemas.js +9 -1
package/src/plugins/identity/concerns/token-generator.js +29 -4
package/src/plugins/identity/drivers/auth-driver.interface.js +76 -0
package/src/plugins/identity/drivers/client-credentials-driver.js +127 -0
package/src/plugins/identity/drivers/index.js +18 -0
package/src/plugins/identity/drivers/password-driver.js +122 -0
package/src/plugins/identity/email-service.js +17 -2
package/src/plugins/identity/index.js +413 -69
package/src/plugins/identity/oauth2-server.js +413 -30
package/src/plugins/identity/oidc-discovery.js +16 -8
package/src/plugins/identity/rsa-keys.js +115 -35
package/src/plugins/identity/server.js +166 -45
package/src/plugins/identity/session-manager.js +53 -7
package/src/plugins/identity/ui/pages/mfa-verification.js +17 -15
package/src/plugins/identity/ui/routes.js +363 -255
package/src/plugins/importer/index.js +153 -20
package/src/plugins/index.js +9 -2
package/src/plugins/kubernetes-inventory/index.js +6 -0
package/src/plugins/kubernetes-inventory/k8s-driver.js +867 -0
package/src/plugins/kubernetes-inventory/resource-types.js +274 -0
package/src/plugins/kubernetes-inventory.plugin.js +980 -0
package/src/plugins/metrics.plugin.js +64 -16
package/src/plugins/ml/base-model.class.js +25 -15
package/src/plugins/ml/regression-model.class.js +1 -1
package/src/plugins/ml.errors.js +57 -25
package/src/plugins/ml.plugin.js +28 -4
package/src/plugins/namespace.js +210 -0
package/src/plugins/plugin.class.js +180 -8
package/src/plugins/puppeteer/console-monitor.js +729 -0
package/src/plugins/puppeteer/cookie-manager.js +492 -0
package/src/plugins/puppeteer/network-monitor.js +816 -0
package/src/plugins/puppeteer/performance-manager.js +746 -0
package/src/plugins/puppeteer/proxy-manager.js +478 -0
package/src/plugins/puppeteer/stealth-manager.js +556 -0
package/src/plugins/puppeteer.errors.js +81 -0
package/src/plugins/puppeteer.plugin.js +1327 -0
package/src/plugins/queue-consumer.plugin.js +69 -14
package/src/plugins/recon/behaviors/uptime-behavior.js +691 -0
package/src/plugins/recon/concerns/command-runner.js +148 -0
package/src/plugins/recon/concerns/diff-detector.js +372 -0
package/src/plugins/recon/concerns/fingerprint-builder.js +307 -0
package/src/plugins/recon/concerns/process-manager.js +338 -0
package/src/plugins/recon/concerns/report-generator.js +478 -0
package/src/plugins/recon/concerns/security-analyzer.js +571 -0
package/src/plugins/recon/concerns/target-normalizer.js +68 -0
package/src/plugins/recon/config/defaults.js +321 -0
package/src/plugins/recon/config/resources.js +370 -0
package/src/plugins/recon/index.js +778 -0
package/src/plugins/recon/managers/dependency-manager.js +174 -0
package/src/plugins/recon/managers/scheduler-manager.js +179 -0
package/src/plugins/recon/managers/storage-manager.js +745 -0
package/src/plugins/recon/managers/target-manager.js +274 -0
package/src/plugins/recon/stages/asn-stage.js +314 -0
package/src/plugins/recon/stages/certificate-stage.js +84 -0
package/src/plugins/recon/stages/dns-stage.js +107 -0
package/src/plugins/recon/stages/dnsdumpster-stage.js +362 -0
package/src/plugins/recon/stages/fingerprint-stage.js +71 -0
package/src/plugins/recon/stages/google-dorks-stage.js +440 -0
package/src/plugins/recon/stages/http-stage.js +89 -0
package/src/plugins/recon/stages/latency-stage.js +148 -0
package/src/plugins/recon/stages/massdns-stage.js +302 -0
package/src/plugins/recon/stages/osint-stage.js +1373 -0
package/src/plugins/recon/stages/ports-stage.js +169 -0
package/src/plugins/recon/stages/screenshot-stage.js +94 -0
package/src/plugins/recon/stages/secrets-stage.js +514 -0
package/src/plugins/recon/stages/subdomains-stage.js +295 -0
package/src/plugins/recon/stages/tls-audit-stage.js +78 -0
package/src/plugins/recon/stages/vulnerability-stage.js +78 -0
package/src/plugins/recon/stages/web-discovery-stage.js +113 -0
package/src/plugins/recon/stages/whois-stage.js +349 -0
package/src/plugins/recon.plugin.js +75 -0
package/src/plugins/recon.plugin.js.backup +2635 -0
package/src/plugins/relation.errors.js +87 -14
package/src/plugins/replicator.plugin.js +514 -137
package/src/plugins/replicators/base-replicator.class.js +89 -1
package/src/plugins/replicators/bigquery-replicator.class.js +66 -22
package/src/plugins/replicators/dynamodb-replicator.class.js +22 -15
package/src/plugins/replicators/mongodb-replicator.class.js +22 -15
package/src/plugins/replicators/mysql-replicator.class.js +52 -17
package/src/plugins/replicators/planetscale-replicator.class.js +30 -4
package/src/plugins/replicators/postgres-replicator.class.js +62 -27
package/src/plugins/replicators/s3db-replicator.class.js +25 -18
package/src/plugins/replicators/schema-sync.helper.js +3 -3
package/src/plugins/replicators/sqs-replicator.class.js +8 -2
package/src/plugins/replicators/turso-replicator.class.js +23 -3
package/src/plugins/replicators/webhook-replicator.class.js +42 -4
package/src/plugins/s3-queue.plugin.js +464 -65
package/src/plugins/scheduler.plugin.js +20 -6
package/src/plugins/state-machine.plugin.js +40 -9
package/src/plugins/tfstate/README.md +126 -126
package/src/plugins/tfstate/base-driver.js +28 -4
package/src/plugins/tfstate/errors.js +65 -10
package/src/plugins/tfstate/filesystem-driver.js +52 -8
package/src/plugins/tfstate/index.js +163 -90
package/src/plugins/tfstate/s3-driver.js +64 -6
package/src/plugins/ttl.plugin.js +72 -17
package/src/plugins/vector/distances.js +18 -12
package/src/plugins/vector/kmeans.js +26 -4
package/src/resource.class.js +115 -19
package/src/testing/factory.class.js +20 -3
package/src/testing/seeder.class.js +7 -1
package/src/clients/memory-client.md +0 -917
package/src/plugins/cloud-inventory/drivers/mock-drivers.js +0 -449

package/src/plugins/recon/stages/massdns-stage.js ADDED Viewed

@@ -0,0 +1,302 @@
+/**
+ * MassDNS Stage
+ *
+ * High-performance DNS resolver for mass subdomain enumeration
+ *
+ * Discovers:
+ * - Subdomains via wordlist-based brute force
+ * - A/AAAA records
+ * - Fast resolution (1000s of queries per second)
+ *
+ * Uses 100% free CLI tool:
+ * - massdns (https://github.com/blechschmidt/massdns)
+ */
+export class MassDNSStage {
+  constructor(plugin) {
+    this.plugin = plugin;
+    this.commandRunner = plugin.commandRunner;
+    this.config = plugin.config;
+  }
+  /**
+   * Execute MassDNS lookup
+   * @param {Object} target - Target object with host property
+   * @param {Object} options - MassDNS options
+   * @returns {Promise<Object>} MassDNS results
+   */
+  async execute(target, options = {}) {
+    const result = {
+      status: 'ok',
+      host: target.host,
+      subdomains: [],
+      resolvedCount: 0,
+      totalAttempts: 0,
+      errors: {}
+    };
+    // Track individual tool results for artifact persistence
+    const individual = {
+      massdns: { status: 'ok', raw: null, subdomains: [], resolvedCount: 0 },
+      wordlist: { status: 'ok', path: null, entriesUsed: 0 }
+    };
+    // Check if massdns is available
+    const isAvailable = await this.commandRunner.isAvailable('massdns');
+    if (!isAvailable) {
+      result.status = 'unavailable';
+      result.errors.massdns = 'massdns not found in PATH';
+      individual.massdns.status = 'unavailable';
+      return {
+        _individual: individual,
+        _aggregated: result,
+        ...result
+      };
+    }
+    // Check if wordlist is provided
+    const wordlist = options.wordlist || this.config.massdns?.wordlist;
+    if (!wordlist) {
+      result.status = 'error';
+      result.errors.wordlist = 'No wordlist provided for massdns';
+      individual.wordlist.status = 'error';
+      return {
+        _individual: individual,
+        _aggregated: result,
+        ...result
+      };
+    }
+    individual.wordlist.path = wordlist;
+    // Check if resolvers file exists
+    const resolvers = options.resolvers || this.config.massdns?.resolvers || '/etc/resolv.conf';
+    try {
+      // Generate domain list from wordlist
+      const domainList = await this.generateDomainList(target.host, wordlist, options);
+      if (domainList.length === 0) {
+        result.status = 'empty';
+        result.errors.domains = 'No domains generated from wordlist';
+        individual.wordlist.status = 'empty';
+        return {
+          _individual: individual,
+          _aggregated: result,
+          ...result
+        };
+      }
+      result.totalAttempts = domainList.length;
+      individual.wordlist.entriesUsed = domainList.length;
+      // Run massdns
+      const massdnsResults = await this.runMassDNS(domainList, resolvers, options);
+      result.subdomains = massdnsResults.subdomains;
+      result.resolvedCount = massdnsResults.resolvedCount;
+      individual.massdns.subdomains = massdnsResults.subdomains;
+      individual.massdns.resolvedCount = massdnsResults.resolvedCount;
+      // Save raw output if persistRawOutput is enabled
+      if (this.config?.storage?.persistRawOutput && massdnsResults.raw) {
+        individual.massdns.raw = massdnsResults.raw;
+      }
+      if (result.resolvedCount === 0) {
+        result.status = 'empty';
+      }
+    } catch (error) {
+      result.status = 'error';
+      result.errors.general = error.message;
+      individual.massdns.status = 'error';
+    }
+    return {
+      _individual: individual,
+      _aggregated: result,
+      ...result // Root level for compatibility
+    };
+  }
+  /**
+   * Generate domain list from wordlist
+   * Reads wordlist and appends target domain to each entry
+   */
+  async generateDomainList(domain, wordlistPath, options = {}) {
+    const maxSubdomains = options.maxSubdomains || 1000;
+    try {
+      // Use cat to read wordlist
+      const catRun = await this.commandRunner.run('cat', [wordlistPath], {
+        timeout: 5000,
+        maxBuffer: 10 * 1024 * 1024
+      });
+      if (!catRun.ok || !catRun.stdout) {
+        return [];
+      }
+      // Parse wordlist and append domain
+      const words = catRun.stdout
+        .split('\n')
+        .map(line => line.trim())
+        .filter(line => line.length > 0 && !line.startsWith('#'))
+        .slice(0, maxSubdomains);
+      return words.map(word => `${word}.${domain}`);
+    } catch (error) {
+      return [];
+    }
+  }
+  /**
+   * Run massdns with domain list
+   */
+  async runMassDNS(domainList, resolversFile, options = {}) {
+    const result = {
+      subdomains: [],
+      resolvedCount: 0
+    };
+    try {
+      // Create temporary file with domain list
+      const tempFile = `/tmp/massdns-domains-${Date.now()}.txt`;
+      const domainsContent = domainList.join('\n');
+      // Write domains to temp file
+      const writeRun = await this.commandRunner.run('sh', [
+        '-c',
+        `echo "${domainsContent.replace(/"/g, '\\"')}" > ${tempFile}`
+      ], { timeout: 5000 });
+      if (!writeRun.ok) {
+        return result;
+      }
+      // Run massdns
+      // -r: resolvers file
+      // -t: record type (A)
+      // -o: output format (simple)
+      // -q: quiet
+      const massdnsArgs = [
+        '-r', resolversFile,
+        '-t', 'A',
+        '-o', 'S',
+        '-q',
+        tempFile
+      ];
+      // Add rate limit if specified
+      if (options.rate) {
+        massdnsArgs.unshift('-s', options.rate.toString());
+      }
+      const massdnsRun = await this.commandRunner.run('massdns', massdnsArgs, {
+        timeout: options.timeout || 60000,
+        maxBuffer: 10 * 1024 * 1024
+      });
+      // Cleanup temp file
+      await this.commandRunner.run('rm', ['-f', tempFile], { timeout: 1000 });
+      if (!massdnsRun.ok || !massdnsRun.stdout) {
+        return result;
+      }
+      // Parse massdns output
+      // Format: domain. A ip
+      const subdomains = [];
+      const lines = massdnsRun.stdout.split('\n');
+      for (const line of lines) {
+        const trimmed = line.trim();
+        if (!trimmed) continue;
+        // Parse: subdomain.domain.com. A 1.2.3.4
+        const match = trimmed.match(/^([\w\-\.]+)\.\s+A\s+([\d\.]+)$/);
+        if (match) {
+          const subdomain = match[1].replace(/\.$/, '');
+          const ip = match[2];
+          if (subdomain && ip) {
+            subdomains.push({ subdomain, ip });
+          }
+        }
+      }
+      result.subdomains = subdomains;
+      result.resolvedCount = subdomains.length;
+      result.raw = massdnsRun.stdout;
+    } catch (error) {
+      // Return empty result on error
+    }
+    return result;
+  }
+  /**
+   * Fallback: Use traditional dig-based subdomain enumeration
+   * This is used if massdns is not available
+   */
+  async fallbackDigEnum(domain, wordlist, options = {}) {
+    const result = {
+      subdomains: [],
+      resolvedCount: 0
+    };
+    try {
+      const domainList = await this.generateDomainList(domain, wordlist, options);
+      const maxConcurrent = 10;
+      // Process in batches to avoid overwhelming DNS
+      for (let i = 0; i < domainList.length; i += maxConcurrent) {
+        const batch = domainList.slice(i, i + maxConcurrent);
+        const batchResults = await Promise.all(
+          batch.map(async (subdomain) => {
+            const digRun = await this.commandRunner.run('dig', ['+short', 'A', subdomain], {
+              timeout: 3000
+            });
+            if (digRun.ok && digRun.stdout) {
+              const ips = digRun.stdout
+                .split('\n')
+                .map(line => line.trim())
+                .filter(line => /^\d+\.\d+\.\d+\.\d+$/.test(line));
+              if (ips.length > 0) {
+                return ips.map(ip => ({ subdomain, ip }));
+              }
+            }
+            return [];
+          })
+        );
+        // Flatten and add to result
+        result.subdomains.push(...batchResults.flat());
+        // Small delay between batches
+        await new Promise(resolve => setTimeout(resolve, 100));
+      }
+      result.resolvedCount = result.subdomains.length;
+    } catch (error) {
+      // Return empty result on error
+    }
+    return result;
+  }
+}