npm - secure-scan - Versions diffs - 1.2.2 - Mend

secure-scan 1.2.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (569) hide show

package/README.md +564 -0
package/dist/ai/aiAnalyzer.d.ts +99 -0
package/dist/ai/aiAnalyzer.d.ts.map +1 -0
package/dist/ai/aiAnalyzer.js +669 -0
package/dist/ai/aiAnalyzer.js.map +1 -0
package/dist/ai/index.d.ts +5 -0
package/dist/ai/index.d.ts.map +1 -0
package/dist/ai/index.js +21 -0
package/dist/ai/index.js.map +1 -0
package/dist/analyzers/base/baseAnalyzer.d.ts +44 -0
package/dist/analyzers/base/baseAnalyzer.d.ts.map +1 -0
package/dist/analyzers/base/baseAnalyzer.js +53 -0
package/dist/analyzers/base/baseAnalyzer.js.map +1 -0
package/dist/analyzers/base/index.d.ts +5 -0
package/dist/analyzers/base/index.d.ts.map +1 -0
package/dist/analyzers/base/index.js +21 -0
package/dist/analyzers/base/index.js.map +1 -0
package/dist/analyzers/c-cpp/cppAnalyzer.d.ts +60 -0
package/dist/analyzers/c-cpp/cppAnalyzer.d.ts.map +1 -0
package/dist/analyzers/c-cpp/cppAnalyzer.js +218 -0
package/dist/analyzers/c-cpp/cppAnalyzer.js.map +1 -0
package/dist/analyzers/c-cpp/index.d.ts +5 -0
package/dist/analyzers/c-cpp/index.d.ts.map +1 -0
package/dist/analyzers/c-cpp/index.js +21 -0
package/dist/analyzers/c-cpp/index.js.map +1 -0
package/dist/analyzers/core/engine/index.d.ts +5 -0
package/dist/analyzers/core/engine/index.d.ts.map +1 -0
package/dist/analyzers/core/engine/index.js +21 -0
package/dist/analyzers/core/engine/index.js.map +1 -0
package/dist/analyzers/core/engine/ruleEngine.d.ts +46 -0
package/dist/analyzers/core/engine/ruleEngine.d.ts.map +1 -0
package/dist/analyzers/core/engine/ruleEngine.js +173 -0
package/dist/analyzers/core/engine/ruleEngine.js.map +1 -0
package/dist/analyzers/core/index.d.ts +8 -0
package/dist/analyzers/core/index.d.ts.map +1 -0
package/dist/analyzers/core/index.js +24 -0
package/dist/analyzers/core/index.js.map +1 -0
package/dist/analyzers/core/scanner/fileScanner.d.ts +31 -0
package/dist/analyzers/core/scanner/fileScanner.d.ts.map +1 -0
package/dist/analyzers/core/scanner/fileScanner.js +199 -0
package/dist/analyzers/core/scanner/fileScanner.js.map +1 -0
package/dist/analyzers/core/scanner/index.d.ts +5 -0
package/dist/analyzers/core/scanner/index.d.ts.map +1 -0
package/dist/analyzers/core/scanner/index.js +21 -0
package/dist/analyzers/core/scanner/index.js.map +1 -0
package/dist/analyzers/core/scoring/index.d.ts +5 -0
package/dist/analyzers/core/scoring/index.d.ts.map +1 -0
package/dist/analyzers/core/scoring/index.js +21 -0
package/dist/analyzers/core/scoring/index.js.map +1 -0
package/dist/analyzers/core/scoring/riskScoring.d.ts +49 -0
package/dist/analyzers/core/scoring/riskScoring.d.ts.map +1 -0
package/dist/analyzers/core/scoring/riskScoring.js +180 -0
package/dist/analyzers/core/scoring/riskScoring.js.map +1 -0
package/dist/analyzers/core/securityScanner.d.ts +47 -0
package/dist/analyzers/core/securityScanner.d.ts.map +1 -0
package/dist/analyzers/core/securityScanner.js +298 -0
package/dist/analyzers/core/securityScanner.js.map +1 -0
package/dist/analyzers/csharp/csharpAnalyzer.d.ts +64 -0
package/dist/analyzers/csharp/csharpAnalyzer.d.ts.map +1 -0
package/dist/analyzers/csharp/csharpAnalyzer.js +232 -0
package/dist/analyzers/csharp/csharpAnalyzer.js.map +1 -0
package/dist/analyzers/csharp/index.d.ts +5 -0
package/dist/analyzers/csharp/index.d.ts.map +1 -0
package/dist/analyzers/csharp/index.js +21 -0
package/dist/analyzers/csharp/index.js.map +1 -0
package/dist/analyzers/iac/iacAnalyzer.d.ts +36 -0
package/dist/analyzers/iac/iacAnalyzer.d.ts.map +1 -0
package/dist/analyzers/iac/iacAnalyzer.js +182 -0
package/dist/analyzers/iac/iacAnalyzer.js.map +1 -0
package/dist/analyzers/iac/index.d.ts +5 -0
package/dist/analyzers/iac/index.d.ts.map +1 -0
package/dist/analyzers/iac/index.js +21 -0
package/dist/analyzers/iac/index.js.map +1 -0
package/dist/analyzers/index.d.ts +30 -0
package/dist/analyzers/index.d.ts.map +1 -0
package/dist/analyzers/index.js +80 -0
package/dist/analyzers/index.js.map +1 -0
package/dist/analyzers/java/index.d.ts +5 -0
package/dist/analyzers/java/index.d.ts.map +1 -0
package/dist/analyzers/java/index.js +21 -0
package/dist/analyzers/java/index.js.map +1 -0
package/dist/analyzers/java/javaAnalyzer.d.ts +64 -0
package/dist/analyzers/java/javaAnalyzer.d.ts.map +1 -0
package/dist/analyzers/java/javaAnalyzer.js +224 -0
package/dist/analyzers/java/javaAnalyzer.js.map +1 -0
package/dist/analyzers/javascript/astUtils.d.ts +170 -0
package/dist/analyzers/javascript/astUtils.d.ts.map +1 -0
package/dist/analyzers/javascript/astUtils.js +700 -0
package/dist/analyzers/javascript/astUtils.js.map +1 -0
package/dist/analyzers/javascript/index.d.ts +18 -0
package/dist/analyzers/javascript/index.d.ts.map +1 -0
package/dist/analyzers/javascript/index.js +50 -0
package/dist/analyzers/javascript/index.js.map +1 -0
package/dist/analyzers/javascript/javascriptAnalyzer.d.ts +111 -0
package/dist/analyzers/javascript/javascriptAnalyzer.d.ts.map +1 -0
package/dist/analyzers/javascript/javascriptAnalyzer.js +860 -0
package/dist/analyzers/javascript/javascriptAnalyzer.js.map +1 -0
package/dist/analyzers/javascript/malwareDetector.d.ts +102 -0
package/dist/analyzers/javascript/malwareDetector.d.ts.map +1 -0
package/dist/analyzers/javascript/malwareDetector.js +616 -0
package/dist/analyzers/javascript/malwareDetector.js.map +1 -0
package/dist/analyzers/javascript/packageJsonAnalyzer.d.ts +87 -0
package/dist/analyzers/javascript/packageJsonAnalyzer.d.ts.map +1 -0
package/dist/analyzers/javascript/packageJsonAnalyzer.js +553 -0
package/dist/analyzers/javascript/packageJsonAnalyzer.js.map +1 -0
package/dist/analyzers/javascript/taintAnalyzer.d.ts +120 -0
package/dist/analyzers/javascript/taintAnalyzer.d.ts.map +1 -0
package/dist/analyzers/javascript/taintAnalyzer.js +526 -0
package/dist/analyzers/javascript/taintAnalyzer.js.map +1 -0
package/dist/analyzers/php/index.d.ts +5 -0
package/dist/analyzers/php/index.d.ts.map +1 -0
package/dist/analyzers/php/index.js +21 -0
package/dist/analyzers/php/index.js.map +1 -0
package/dist/analyzers/php/phpAnalyzer.d.ts +56 -0
package/dist/analyzers/php/phpAnalyzer.d.ts.map +1 -0
package/dist/analyzers/php/phpAnalyzer.js +202 -0
package/dist/analyzers/php/phpAnalyzer.js.map +1 -0
package/dist/analyzers/python/index.d.ts +5 -0
package/dist/analyzers/python/index.d.ts.map +1 -0
package/dist/analyzers/python/index.js +21 -0
package/dist/analyzers/python/index.js.map +1 -0
package/dist/analyzers/python/pythonAnalyzer.d.ts +64 -0
package/dist/analyzers/python/pythonAnalyzer.d.ts.map +1 -0
package/dist/analyzers/python/pythonAnalyzer.js +226 -0
package/dist/analyzers/python/pythonAnalyzer.js.map +1 -0
package/dist/cli/index.d.ts +7 -0
package/dist/cli/index.d.ts.map +1 -0
package/dist/cli/index.js +281 -0
package/dist/cli/index.js.map +1 -0
package/dist/core/engine/index.d.ts +5 -0
package/dist/core/engine/index.d.ts.map +1 -0
package/dist/core/engine/index.js +21 -0
package/dist/core/engine/index.js.map +1 -0
package/dist/core/engine/ruleEngine.d.ts +46 -0
package/dist/core/engine/ruleEngine.d.ts.map +1 -0
package/dist/core/engine/ruleEngine.js +173 -0
package/dist/core/engine/ruleEngine.js.map +1 -0
package/dist/core/index.d.ts +8 -0
package/dist/core/index.d.ts.map +1 -0
package/dist/core/index.js +24 -0
package/dist/core/index.js.map +1 -0
package/dist/core/scanner/fileScanner.d.ts +31 -0
package/dist/core/scanner/fileScanner.d.ts.map +1 -0
package/dist/core/scanner/fileScanner.js +199 -0
package/dist/core/scanner/fileScanner.js.map +1 -0
package/dist/core/scanner/index.d.ts +5 -0
package/dist/core/scanner/index.d.ts.map +1 -0
package/dist/core/scanner/index.js +21 -0
package/dist/core/scanner/index.js.map +1 -0
package/dist/core/scoring/index.d.ts +5 -0
package/dist/core/scoring/index.d.ts.map +1 -0
package/dist/core/scoring/index.js +21 -0
package/dist/core/scoring/index.js.map +1 -0
package/dist/core/scoring/riskScoring.d.ts +49 -0
package/dist/core/scoring/riskScoring.d.ts.map +1 -0
package/dist/core/scoring/riskScoring.js +180 -0
package/dist/core/scoring/riskScoring.js.map +1 -0
package/dist/core/securityScanner.d.ts +47 -0
package/dist/core/securityScanner.d.ts.map +1 -0
package/dist/core/securityScanner.js +298 -0
package/dist/core/securityScanner.js.map +1 -0
package/dist/dependencies/aiDependencyAnalyzer.d.ts +96 -0
package/dist/dependencies/aiDependencyAnalyzer.d.ts.map +1 -0
package/dist/dependencies/aiDependencyAnalyzer.js +435 -0
package/dist/dependencies/aiDependencyAnalyzer.js.map +1 -0
package/dist/dependencies/database/cveDatabase.d.ts +32 -0
package/dist/dependencies/database/cveDatabase.d.ts.map +1 -0
package/dist/dependencies/database/cveDatabase.js +393 -0
package/dist/dependencies/database/cveDatabase.js.map +1 -0
package/dist/dependencies/database/index.d.ts +6 -0
package/dist/dependencies/database/index.d.ts.map +1 -0
package/dist/dependencies/database/index.js +22 -0
package/dist/dependencies/database/index.js.map +1 -0
package/dist/dependencies/database/maliciousPackages.d.ts +43 -0
package/dist/dependencies/database/maliciousPackages.d.ts.map +1 -0
package/dist/dependencies/database/maliciousPackages.js +279 -0
package/dist/dependencies/database/maliciousPackages.js.map +1 -0
package/dist/dependencies/dependencyAnalyzer.d.ts +74 -0
package/dist/dependencies/dependencyAnalyzer.d.ts.map +1 -0
package/dist/dependencies/dependencyAnalyzer.js +349 -0
package/dist/dependencies/dependencyAnalyzer.js.map +1 -0
package/dist/dependencies/detectors/index.d.ts +7 -0
package/dist/dependencies/detectors/index.d.ts.map +1 -0
package/dist/dependencies/detectors/index.js +28 -0
package/dist/dependencies/detectors/index.js.map +1 -0
package/dist/dependencies/detectors/securityStandards.d.ts +15 -0
package/dist/dependencies/detectors/securityStandards.d.ts.map +1 -0
package/dist/dependencies/detectors/securityStandards.js +178 -0
package/dist/dependencies/detectors/securityStandards.js.map +1 -0
package/dist/dependencies/detectors/vulnerabilityDetector.d.ts +53 -0
package/dist/dependencies/detectors/vulnerabilityDetector.d.ts.map +1 -0
package/dist/dependencies/detectors/vulnerabilityDetector.js +289 -0
package/dist/dependencies/detectors/vulnerabilityDetector.js.map +1 -0
package/dist/dependencies/index.d.ts +14 -0
package/dist/dependencies/index.d.ts.map +1 -0
package/dist/dependencies/index.js +43 -0
package/dist/dependencies/index.js.map +1 -0
package/dist/dependencies/installed/index.d.ts +8 -0
package/dist/dependencies/installed/index.d.ts.map +1 -0
package/dist/dependencies/installed/index.js +24 -0
package/dist/dependencies/installed/index.js.map +1 -0
package/dist/dependencies/installed/installedScanner.d.ts +91 -0
package/dist/dependencies/installed/installedScanner.d.ts.map +1 -0
package/dist/dependencies/installed/installedScanner.js +766 -0
package/dist/dependencies/installed/installedScanner.js.map +1 -0
package/dist/dependencies/installed/malwarePatterns.d.ts +32 -0
package/dist/dependencies/installed/malwarePatterns.d.ts.map +1 -0
package/dist/dependencies/installed/malwarePatterns.js +480 -0
package/dist/dependencies/installed/malwarePatterns.js.map +1 -0
package/dist/dependencies/installed/types.d.ts +274 -0
package/dist/dependencies/installed/types.d.ts.map +1 -0
package/dist/dependencies/installed/types.js +7 -0
package/dist/dependencies/installed/types.js.map +1 -0
package/dist/dependencies/parsers/base/baseParser.d.ts +44 -0
package/dist/dependencies/parsers/base/baseParser.d.ts.map +1 -0
package/dist/dependencies/parsers/base/baseParser.js +80 -0
package/dist/dependencies/parsers/base/baseParser.js.map +1 -0
package/dist/dependencies/parsers/base/index.d.ts +6 -0
package/dist/dependencies/parsers/base/index.d.ts.map +1 -0
package/dist/dependencies/parsers/base/index.js +27 -0
package/dist/dependencies/parsers/base/index.js.map +1 -0
package/dist/dependencies/parsers/cpp/cppParser.d.ts +36 -0
package/dist/dependencies/parsers/cpp/cppParser.d.ts.map +1 -0
package/dist/dependencies/parsers/cpp/cppParser.js +196 -0
package/dist/dependencies/parsers/cpp/cppParser.js.map +1 -0
package/dist/dependencies/parsers/cpp/index.d.ts +6 -0
package/dist/dependencies/parsers/cpp/index.d.ts.map +1 -0
package/dist/dependencies/parsers/cpp/index.js +27 -0
package/dist/dependencies/parsers/cpp/index.js.map +1 -0
package/dist/dependencies/parsers/csharp/csharpParser.d.ts +32 -0
package/dist/dependencies/parsers/csharp/csharpParser.d.ts.map +1 -0
package/dist/dependencies/parsers/csharp/csharpParser.js +125 -0
package/dist/dependencies/parsers/csharp/csharpParser.js.map +1 -0
package/dist/dependencies/parsers/csharp/index.d.ts +6 -0
package/dist/dependencies/parsers/csharp/index.d.ts.map +1 -0
package/dist/dependencies/parsers/csharp/index.js +27 -0
package/dist/dependencies/parsers/csharp/index.js.map +1 -0
package/dist/dependencies/parsers/index.d.ts +24 -0
package/dist/dependencies/parsers/index.d.ts.map +1 -0
package/dist/dependencies/parsers/index.js +69 -0
package/dist/dependencies/parsers/index.js.map +1 -0
package/dist/dependencies/parsers/java/index.d.ts +6 -0
package/dist/dependencies/parsers/java/index.d.ts.map +1 -0
package/dist/dependencies/parsers/java/index.js +27 -0
package/dist/dependencies/parsers/java/index.js.map +1 -0
package/dist/dependencies/parsers/java/javaParser.d.ts +32 -0
package/dist/dependencies/parsers/java/javaParser.d.ts.map +1 -0
package/dist/dependencies/parsers/java/javaParser.js +168 -0
package/dist/dependencies/parsers/java/javaParser.js.map +1 -0
package/dist/dependencies/parsers/javascript/index.d.ts +6 -0
package/dist/dependencies/parsers/javascript/index.d.ts.map +1 -0
package/dist/dependencies/parsers/javascript/index.js +27 -0
package/dist/dependencies/parsers/javascript/index.js.map +1 -0
package/dist/dependencies/parsers/javascript/javascriptParser.d.ts +55 -0
package/dist/dependencies/parsers/javascript/javascriptParser.d.ts.map +1 -0
package/dist/dependencies/parsers/javascript/javascriptParser.js +266 -0
package/dist/dependencies/parsers/javascript/javascriptParser.js.map +1 -0
package/dist/dependencies/parsers/php/index.d.ts +6 -0
package/dist/dependencies/parsers/php/index.d.ts.map +1 -0
package/dist/dependencies/parsers/php/index.js +27 -0
package/dist/dependencies/parsers/php/index.js.map +1 -0
package/dist/dependencies/parsers/php/phpParser.d.ts +35 -0
package/dist/dependencies/parsers/php/phpParser.d.ts.map +1 -0
package/dist/dependencies/parsers/php/phpParser.js +162 -0
package/dist/dependencies/parsers/php/phpParser.js.map +1 -0
package/dist/dependencies/parsers/python/index.d.ts +6 -0
package/dist/dependencies/parsers/python/index.d.ts.map +1 -0
package/dist/dependencies/parsers/python/index.js +27 -0
package/dist/dependencies/parsers/python/index.js.map +1 -0
package/dist/dependencies/parsers/python/pythonParser.d.ts +60 -0
package/dist/dependencies/parsers/python/pythonParser.d.ts.map +1 -0
package/dist/dependencies/parsers/python/pythonParser.js +336 -0
package/dist/dependencies/parsers/python/pythonParser.js.map +1 -0
package/dist/dependencies/types.d.ts +280 -0
package/dist/dependencies/types.d.ts.map +1 -0
package/dist/dependencies/types.js +59 -0
package/dist/dependencies/types.js.map +1 -0
package/dist/i18n/index.d.ts +2 -0
package/dist/i18n/index.d.ts.map +1 -0
package/dist/i18n/index.js +18 -0
package/dist/i18n/index.js.map +1 -0
package/dist/i18n/translations.d.ts +55 -0
package/dist/i18n/translations.d.ts.map +1 -0
package/dist/i18n/translations.js +119 -0
package/dist/i18n/translations.js.map +1 -0
package/dist/index.d.ts +14 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +36 -0
package/dist/index.js.map +1 -0
package/dist/reports/dependencyReportGenerator.d.ts +20 -0
package/dist/reports/dependencyReportGenerator.d.ts.map +1 -0
package/dist/reports/dependencyReportGenerator.js +690 -0
package/dist/reports/dependencyReportGenerator.js.map +1 -0
package/dist/reports/htmlReportGenerator.d.ts +43 -0
package/dist/reports/htmlReportGenerator.d.ts.map +1 -0
package/dist/reports/htmlReportGenerator.js +793 -0
package/dist/reports/htmlReportGenerator.js.map +1 -0
package/dist/reports/index.d.ts +7 -0
package/dist/reports/index.d.ts.map +1 -0
package/dist/reports/index.js +23 -0
package/dist/reports/index.js.map +1 -0
package/dist/reports/installedDepsReportGenerator.d.ts +14 -0
package/dist/reports/installedDepsReportGenerator.d.ts.map +1 -0
package/dist/reports/installedDepsReportGenerator.js +872 -0
package/dist/reports/installedDepsReportGenerator.js.map +1 -0
package/dist/rules/index.d.ts +31 -0
package/dist/rules/index.d.ts.map +1 -0
package/dist/rules/index.js +95 -0
package/dist/rules/index.js.map +1 -0
package/dist/rules/malware/categories/backdoors.d.ts +12 -0
package/dist/rules/malware/categories/backdoors.d.ts.map +1 -0
package/dist/rules/malware/categories/backdoors.js +163 -0
package/dist/rules/malware/categories/backdoors.js.map +1 -0
package/dist/rules/malware/categories/cryptominers.d.ts +13 -0
package/dist/rules/malware/categories/cryptominers.d.ts.map +1 -0
package/dist/rules/malware/categories/cryptominers.js +415 -0
package/dist/rules/malware/categories/cryptominers.js.map +1 -0
package/dist/rules/malware/categories/exfiltration.d.ts +20 -0
package/dist/rules/malware/categories/exfiltration.d.ts.map +1 -0
package/dist/rules/malware/categories/exfiltration.js +658 -0
package/dist/rules/malware/categories/exfiltration.js.map +1 -0
package/dist/rules/malware/categories/keyloggers.d.ts +19 -0
package/dist/rules/malware/categories/keyloggers.d.ts.map +1 -0
package/dist/rules/malware/categories/keyloggers.js +763 -0
package/dist/rules/malware/categories/keyloggers.js.map +1 -0
package/dist/rules/malware/categories/loaders.d.ts +20 -0
package/dist/rules/malware/categories/loaders.d.ts.map +1 -0
package/dist/rules/malware/categories/loaders.js +702 -0
package/dist/rules/malware/categories/loaders.js.map +1 -0
package/dist/rules/malware/categories/network.d.ts +19 -0
package/dist/rules/malware/categories/network.d.ts.map +1 -0
package/dist/rules/malware/categories/network.js +622 -0
package/dist/rules/malware/categories/network.js.map +1 -0
package/dist/rules/malware/categories/obfuscation.d.ts +22 -0
package/dist/rules/malware/categories/obfuscation.d.ts.map +1 -0
package/dist/rules/malware/categories/obfuscation.js +766 -0
package/dist/rules/malware/categories/obfuscation.js.map +1 -0
package/dist/rules/malware/constants/index.d.ts +281 -0
package/dist/rules/malware/constants/index.d.ts.map +1 -0
package/dist/rules/malware/constants/index.js +327 -0
package/dist/rules/malware/constants/index.js.map +1 -0
package/dist/rules/malware/engine/index.d.ts +178 -0
package/dist/rules/malware/engine/index.d.ts.map +1 -0
package/dist/rules/malware/engine/index.js +552 -0
package/dist/rules/malware/engine/index.js.map +1 -0
package/dist/rules/malware/index.d.ts +205 -0
package/dist/rules/malware/index.d.ts.map +1 -0
package/dist/rules/malware/index.js +837 -0
package/dist/rules/malware/index.js.map +1 -0
package/dist/rules/malware/scoring/index.d.ts +84 -0
package/dist/rules/malware/scoring/index.d.ts.map +1 -0
package/dist/rules/malware/scoring/index.js +441 -0
package/dist/rules/malware/scoring/index.js.map +1 -0
package/dist/rules/malware/types/index.d.ts +616 -0
package/dist/rules/malware/types/index.d.ts.map +1 -0
package/dist/rules/malware/types/index.js +155 -0
package/dist/rules/malware/types/index.js.map +1 -0
package/dist/rules/malware/utils/index.d.ts +117 -0
package/dist/rules/malware/utils/index.d.ts.map +1 -0
package/dist/rules/malware/utils/index.js +514 -0
package/dist/rules/malware/utils/index.js.map +1 -0
package/dist/rules/standards.d.ts +26 -0
package/dist/rules/standards.d.ts.map +1 -0
package/dist/rules/standards.js +352 -0
package/dist/rules/standards.js.map +1 -0
package/dist/rules/vulnerabilities/constants/index.d.ts +835 -0
package/dist/rules/vulnerabilities/constants/index.d.ts.map +1 -0
package/dist/rules/vulnerabilities/constants/index.js +544 -0
package/dist/rules/vulnerabilities/constants/index.js.map +1 -0
package/dist/rules/vulnerabilities/engine/index.d.ts +145 -0
package/dist/rules/vulnerabilities/engine/index.d.ts.map +1 -0
package/dist/rules/vulnerabilities/engine/index.js +581 -0
package/dist/rules/vulnerabilities/engine/index.js.map +1 -0
package/dist/rules/vulnerabilities/index.d.ts +148 -0
package/dist/rules/vulnerabilities/index.d.ts.map +1 -0
package/dist/rules/vulnerabilities/index.js +252 -0
package/dist/rules/vulnerabilities/index.js.map +1 -0
package/dist/rules/vulnerabilities/rules/authentication.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/authentication.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/authentication.js +419 -0
package/dist/rules/vulnerabilities/rules/authentication.js.map +1 -0
package/dist/rules/vulnerabilities/rules/commandInjection.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/commandInjection.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/commandInjection.js +300 -0
package/dist/rules/vulnerabilities/rules/commandInjection.js.map +1 -0
package/dist/rules/vulnerabilities/rules/csrf.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/csrf.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/csrf.js +261 -0
package/dist/rules/vulnerabilities/rules/csrf.js.map +1 -0
package/dist/rules/vulnerabilities/rules/deserialization.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/deserialization.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/deserialization.js +336 -0
package/dist/rules/vulnerabilities/rules/deserialization.js.map +1 -0
package/dist/rules/vulnerabilities/rules/fileUpload.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/fileUpload.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/fileUpload.js +325 -0
package/dist/rules/vulnerabilities/rules/fileUpload.js.map +1 -0
package/dist/rules/vulnerabilities/rules/hardcodedSecrets.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/hardcodedSecrets.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/hardcodedSecrets.js +446 -0
package/dist/rules/vulnerabilities/rules/hardcodedSecrets.js.map +1 -0
package/dist/rules/vulnerabilities/rules/index.d.ts +17 -0
package/dist/rules/vulnerabilities/rules/index.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/index.js +47 -0
package/dist/rules/vulnerabilities/rules/index.js.map +1 -0
package/dist/rules/vulnerabilities/rules/pathTraversal.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/pathTraversal.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/pathTraversal.js +351 -0
package/dist/rules/vulnerabilities/rules/pathTraversal.js.map +1 -0
package/dist/rules/vulnerabilities/rules/prototypePollution.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/prototypePollution.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/prototypePollution.js +272 -0
package/dist/rules/vulnerabilities/rules/prototypePollution.js.map +1 -0
package/dist/rules/vulnerabilities/rules/securityMisconfiguration.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/securityMisconfiguration.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/securityMisconfiguration.js +438 -0
package/dist/rules/vulnerabilities/rules/securityMisconfiguration.js.map +1 -0
package/dist/rules/vulnerabilities/rules/sqlInjection.d.ts +12 -0
package/dist/rules/vulnerabilities/rules/sqlInjection.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/sqlInjection.js +636 -0
package/dist/rules/vulnerabilities/rules/sqlInjection.js.map +1 -0
package/dist/rules/vulnerabilities/rules/ssrf.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/ssrf.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/ssrf.js +401 -0
package/dist/rules/vulnerabilities/rules/ssrf.js.map +1 -0
package/dist/rules/vulnerabilities/rules/xss.d.ts +11 -0
package/dist/rules/vulnerabilities/rules/xss.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/xss.js +724 -0
package/dist/rules/vulnerabilities/rules/xss.js.map +1 -0
package/dist/rules/vulnerabilities/scoring/index.d.ts +80 -0
package/dist/rules/vulnerabilities/scoring/index.d.ts.map +1 -0
package/dist/rules/vulnerabilities/scoring/index.js +414 -0
package/dist/rules/vulnerabilities/scoring/index.js.map +1 -0
package/dist/rules/vulnerabilities/types/index.d.ts +830 -0
package/dist/rules/vulnerabilities/types/index.d.ts.map +1 -0
package/dist/rules/vulnerabilities/types/index.js +164 -0
package/dist/rules/vulnerabilities/types/index.js.map +1 -0
package/dist/rules/vulnerabilities/utils/index.d.ts +206 -0
package/dist/rules/vulnerabilities/utils/index.d.ts.map +1 -0
package/dist/rules/vulnerabilities/utils/index.js +615 -0
package/dist/rules/vulnerabilities/utils/index.js.map +1 -0
package/dist/types/index.d.ts +359 -0
package/dist/types/index.d.ts.map +1 -0
package/dist/types/index.js +61 -0
package/dist/types/index.js.map +1 -0
package/dist/utils/index.d.ts +82 -0
package/dist/utils/index.d.ts.map +1 -0
package/dist/utils/index.js +326 -0
package/dist/utils/index.js.map +1 -0
package/dist/utils/logger.d.ts +40 -0
package/dist/utils/logger.d.ts.map +1 -0
package/dist/utils/logger.js +139 -0
package/dist/utils/logger.js.map +1 -0
package/docs/ARCHITECTURE.md +320 -0
package/docs/V1.2.1-IA_Performances.md +116 -0
package/docs/images/WIN_Defender.png +0 -0
package/package.json +68 -0
package/secure-scan.config.json +134 -0
package/secure-scan.sln +29 -0
package/src/ai/aiAnalyzer.ts +714 -0
package/src/ai/index.ts +5 -0
package/src/analyzers/base/baseAnalyzer.ts +66 -0
package/src/analyzers/base/index.ts +5 -0
package/src/analyzers/c-cpp/cppAnalyzer.ts +308 -0
package/src/analyzers/c-cpp/index.ts +5 -0
package/src/analyzers/core/engine/index.ts +5 -0
package/src/analyzers/core/engine/ruleEngine.ts +221 -0
package/src/analyzers/core/index.ts +8 -0
package/src/analyzers/core/scanner/fileScanner.ts +204 -0
package/src/analyzers/core/scanner/index.ts +5 -0
package/src/analyzers/core/scoring/index.ts +5 -0
package/src/analyzers/core/scoring/riskScoring.ts +198 -0
package/src/analyzers/core/securityScanner.ts +321 -0
package/src/analyzers/csharp/csharpAnalyzer.ts +328 -0
package/src/analyzers/csharp/index.ts +5 -0
package/src/analyzers/iac/iacAnalyzer.ts +318 -0
package/src/analyzers/iac/index.ts +5 -0
package/src/analyzers/index.ts +67 -0
package/src/analyzers/java/index.ts +5 -0
package/src/analyzers/java/javaAnalyzer.ts +320 -0
package/src/analyzers/javascript/PROMPT_JS_ANALYZER.md +267 -0
package/src/analyzers/javascript/astUtils.ts +789 -0
package/src/analyzers/javascript/index.ts +50 -0
package/src/analyzers/javascript/javascriptAnalyzer.ts +984 -0
package/src/analyzers/javascript/malwareDetector.ts +697 -0
package/src/analyzers/javascript/packageJsonAnalyzer.ts +626 -0
package/src/analyzers/javascript/taintAnalyzer.ts +630 -0
package/src/analyzers/php/index.ts +5 -0
package/src/analyzers/php/phpAnalyzer.ts +280 -0
package/src/analyzers/python/index.ts +5 -0
package/src/analyzers/python/pythonAnalyzer.ts +319 -0
package/src/cli/index.ts +276 -0
package/src/dependencies/aiDependencyAnalyzer.ts +496 -0
package/src/dependencies/database/cveDatabase.ts +426 -0
package/src/dependencies/database/index.ts +6 -0
package/src/dependencies/database/maliciousPackages.ts +286 -0
package/src/dependencies/dependencyAnalyzer.ts +394 -0
package/src/dependencies/detectors/index.ts +7 -0
package/src/dependencies/detectors/securityStandards.ts +200 -0
package/src/dependencies/detectors/vulnerabilityDetector.ts +343 -0
package/src/dependencies/index.ts +27 -0
package/src/dependencies/installed/index.ts +8 -0
package/src/dependencies/installed/installedScanner.ts +821 -0
package/src/dependencies/installed/malwarePatterns.ts +492 -0
package/src/dependencies/installed/types.ts +287 -0
package/src/dependencies/parsers/base/baseParser.ts +108 -0
package/src/dependencies/parsers/base/index.ts +6 -0
package/src/dependencies/parsers/cpp/cppParser.ts +245 -0
package/src/dependencies/parsers/cpp/index.ts +6 -0
package/src/dependencies/parsers/csharp/csharpParser.ts +151 -0
package/src/dependencies/parsers/csharp/index.ts +6 -0
package/src/dependencies/parsers/index.ts +56 -0
package/src/dependencies/parsers/java/index.ts +6 -0
package/src/dependencies/parsers/java/javaParser.ts +203 -0
package/src/dependencies/parsers/javascript/index.ts +6 -0
package/src/dependencies/parsers/javascript/javascriptParser.ts +362 -0
package/src/dependencies/parsers/php/index.ts +6 -0
package/src/dependencies/parsers/php/phpParser.ts +208 -0
package/src/dependencies/parsers/python/index.ts +6 -0
package/src/dependencies/parsers/python/pythonParser.ts +437 -0
package/src/dependencies/types.ts +330 -0
package/src/i18n/index.ts +1 -0
package/src/i18n/translations.ts +194 -0
package/src/index.ts +16 -0
package/src/reports/dependencyReportGenerator.ts +717 -0
package/src/reports/htmlReportGenerator.ts +781 -0
package/src/reports/index.ts +7 -0
package/src/reports/installedDepsReportGenerator.ts +899 -0
package/src/rules/index.ts +58 -0
package/src/rules/malware/INFO.md +287 -0
package/src/rules/malware/categories/backdoors.ts +174 -0
package/src/rules/malware/categories/cryptominers.ts +434 -0
package/src/rules/malware/categories/exfiltration.ts +677 -0
package/src/rules/malware/categories/keyloggers.ts +780 -0
package/src/rules/malware/categories/loaders.ts +721 -0
package/src/rules/malware/categories/network.ts +639 -0
package/src/rules/malware/categories/obfuscation.ts +788 -0
package/src/rules/malware/constants/index.ts +358 -0
package/src/rules/malware/engine/index.ts +758 -0
package/src/rules/malware/index.ts +928 -0
package/src/rules/malware/scoring/index.ts +549 -0
package/src/rules/malware/types/index.ts +752 -0
package/src/rules/malware/utils/index.ts +643 -0
package/src/rules/standards.ts +372 -0
package/src/rules/vulnerabilities/PROMPT_VULNERABILITIES.md +226 -0
package/src/rules/vulnerabilities/constants/index.ts +625 -0
package/src/rules/vulnerabilities/engine/index.ts +831 -0
package/src/rules/vulnerabilities/index.ts +312 -0
package/src/rules/vulnerabilities/rules/authentication.ts +426 -0
package/src/rules/vulnerabilities/rules/commandInjection.ts +307 -0
package/src/rules/vulnerabilities/rules/csrf.ts +268 -0
package/src/rules/vulnerabilities/rules/deserialization.ts +343 -0
package/src/rules/vulnerabilities/rules/fileUpload.ts +332 -0
package/src/rules/vulnerabilities/rules/hardcodedSecrets.ts +453 -0
package/src/rules/vulnerabilities/rules/index.ts +17 -0
package/src/rules/vulnerabilities/rules/pathTraversal.ts +358 -0
package/src/rules/vulnerabilities/rules/prototypePollution.ts +279 -0
package/src/rules/vulnerabilities/rules/securityMisconfiguration.ts +445 -0
package/src/rules/vulnerabilities/rules/sqlInjection.ts +669 -0
package/src/rules/vulnerabilities/rules/ssrf.ts +408 -0
package/src/rules/vulnerabilities/rules/xss.ts +753 -0
package/src/rules/vulnerabilities/scoring/index.ts +543 -0
package/src/rules/vulnerabilities/types/index.ts +1004 -0
package/src/rules/vulnerabilities/utils/index.ts +709 -0
package/src/types/index.ts +391 -0
package/src/utils/index.ts +306 -0
package/src/utils/logger.ts +150 -0
package/test-installed-scanner.ts +136 -0
package/tsconfig.json +30 -0

package/src/rules/malware/scoring/index.ts ADDED Viewed

@@ -0,0 +1,549 @@
+/**
+ * @fileoverview Malware Score Calculator
+ * @module rules/malware/scoring
+ *
+ * Dynamic scoring system for malware detection that calculates risk scores
+ * based on multiple factors including pattern matches, obfuscation level,
+ * network indicators, and rule correlation.
+ */
+import {
+  MalwareRule,
+  MalwareScore,
+  MalwareScoreBreakdown,
+  MalwareSeverity,
+  PatternMatch,
+  AnalysisContext,
+  MalwareFinding,
+  IScoreCalculator,
+  ConfidenceLevel
+} from '../types';
+import {
+  SCORE_THRESHOLDS,
+  RISK_LEVELS,
+  DEFAULT_SCORING_WEIGHTS,
+  LIMITS
+} from '../constants';
+import {
+  calculateEntropy,
+  detectObfuscationLevel,
+  detectEnvironmentChecks
+} from '../utils';
+// ============================================================================
+// SCORE CALCULATOR IMPLEMENTATION
+// ============================================================================
+/**
+ * Malware Score Calculator
+ * Implements dynamic scoring based on multiple risk factors
+ */
+export class MalwareScoreCalculator implements IScoreCalculator {
+  private weights: typeof DEFAULT_SCORING_WEIGHTS;
+  constructor(customWeights?: Partial<typeof DEFAULT_SCORING_WEIGHTS>) {
+    this.weights = { ...DEFAULT_SCORING_WEIGHTS, ...customWeights };
+  }
+  /**
+   * Calculate malware score for a finding
+   */
+  calculateScore(
+    rule: MalwareRule,
+    matches: PatternMatch[],
+    context: AnalysisContext
+  ): MalwareScore {
+    const breakdown = this.calculateBreakdown(rule, matches, context);
+    const totalScore = this.calculateTotalScore(breakdown);
+    const severity = this.scoreToSeverity(totalScore);
+    const riskLevel = this.scoreToRiskLevel(totalScore);
+    return {
+      score: Math.round(totalScore),
+      breakdown,
+      calculatedSeverity: severity,
+      riskLevel,
+      explanation: this.generateExplanation(breakdown, matches.length)
+    };
+  }
+  /**
+   * Calculate score breakdown
+   */
+  private calculateBreakdown(
+    rule: MalwareRule,
+    matches: PatternMatch[],
+    context: AnalysisContext
+  ): MalwareScoreBreakdown {
+    // Base score from rule definition
+    const baseScore = rule.baseScore ?? this.getDefaultBaseScore(rule.severity);
+    // Pattern match score - more matches = higher confidence
+    const patternScore = this.calculatePatternScore(matches, rule);
+    // Obfuscation score
+    const obfuscationScore = this.calculateObfuscationScore(context);
+    // Network indicator score
+    const networkScore = this.calculateNetworkScore(context.content, matches);
+    // Execution indicator score
+    const executionScore = this.calculateExecutionScore(context.content, matches);
+    // Persistence indicator score
+    const persistenceScore = this.calculatePersistenceScore(context.content, matches);
+    // Correlation score (boost from related findings)
+    const correlationScore = this.calculateCorrelationScore(
+      rule,
+      context.previousFindings || [],
+      context.relatedFindings || []
+    );
+    // False positive penalty
+    const falsePositivePenalty = this.calculateFalsePositivePenalty(
+      rule,
+      context
+    );
+    return {
+      baseScore,
+      patternScore,
+      obfuscationScore,
+      networkScore,
+      executionScore,
+      persistenceScore,
+      correlationScore,
+      falsePositivePenalty,
+      totalScore: 0 // Will be calculated
+    };
+  }
+  /**
+   * Calculate total score from breakdown
+   */
+  private calculateTotalScore(breakdown: MalwareScoreBreakdown): number {
+    const weighted = (
+      breakdown.baseScore * 0.3 +
+      breakdown.patternScore * this.weights.patternCount +
+      breakdown.obfuscationScore * this.weights.obfuscation +
+      breakdown.networkScore * this.weights.networkAccess +
+      breakdown.executionScore * this.weights.commandExecution +
+      breakdown.persistenceScore * this.weights.persistence +
+      breakdown.correlationScore * 0.1
+    );
+    const penalized = weighted - breakdown.falsePositivePenalty;
+    const total = Math.max(0, Math.min(100, penalized));
+    // Update breakdown with total
+    breakdown.totalScore = total;
+    return total;
+  }
+  /**
+   * Get default base score from severity
+   */
+  private getDefaultBaseScore(severity: MalwareSeverity): number {
+    switch (severity) {
+      case MalwareSeverity.CRITICAL: return 80;
+      case MalwareSeverity.HIGH: return 60;
+      case MalwareSeverity.MEDIUM: return 40;
+      case MalwareSeverity.LOW: return 20;
+      case MalwareSeverity.INFO: return 10;
+      default: return 30;
+    }
+  }
+  /**
+   * Calculate score from pattern matches
+   */
+  private calculatePatternScore(
+    matches: PatternMatch[],
+    rule: MalwareRule
+  ): number {
+    if (matches.length === 0) return 0;
+    // Base score for having any match
+    let score = 30;
+    // Bonus for multiple matches (diminishing returns)
+    const matchBonus = Math.min(matches.length * 5, 30);
+    score += matchBonus;
+    // Bonus for matches from different patterns
+    const uniquePatterns = new Set(
+      matches.map(m => m.pattern.patternId || JSON.stringify(m.pattern))
+    );
+    const diversityBonus = Math.min(uniquePatterns.size * 10, 20);
+    score += diversityBonus;
+    // Weight by pattern weights if defined
+    const weightedSum = matches.reduce((sum, match) => {
+      return sum + (match.pattern.weight ?? 1);
+    }, 0);
+    const avgWeight = weightedSum / matches.length;
+    score *= avgWeight;
+    return Math.min(score, 100);
+  }
+  /**
+   * Calculate obfuscation score
+   */
+  private calculateObfuscationScore(context: AnalysisContext): number {
+    const obfLevel = detectObfuscationLevel(context.content, context.language);
+    const entropy = calculateEntropy(context.content);
+    // Combine obfuscation level and entropy
+    let score = obfLevel * 60;
+    // High entropy bonus
+    if (entropy > 6.5) {
+      score += 25;
+    } else if (entropy > 5.5) {
+      score += 15;
+    }
+    // Environment check detection
+    const envChecks = detectEnvironmentChecks(context.content);
+    if (envChecks.detected) {
+      score += envChecks.checks.length * 5;
+    }
+    return Math.min(score, 100);
+  }
+  /**
+   * Calculate network indicator score
+   */
+  private calculateNetworkScore(content: string, matches: PatternMatch[]): number {
+    let score = 0;
+    // Check for network-related patterns in matches
+    const networkPatterns = [
+      /fetch|axios|request|http|socket/i,
+      /\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}/,
+      /https?:\/\//i,
+      /websocket|ws:\/\//i
+    ];
+    for (const pattern of networkPatterns) {
+      if (pattern.test(content)) {
+        score += 15;
+      }
+    }
+    // Check for suspicious destinations
+    const suspiciousPatterns = [
+      /pastebin|hastebin|ghostbin/i,
+      /ngrok|serveo|localtunnel/i,
+      /\.onion|\.bit|\.i2p/i
+    ];
+    for (const pattern of suspiciousPatterns) {
+      if (pattern.test(content)) {
+        score += 25;
+      }
+    }
+    return Math.min(score, 100);
+  }
+  /**
+   * Calculate execution indicator score
+   */
+  private calculateExecutionScore(content: string, matches: PatternMatch[]): number {
+    let score = 0;
+    // Direct execution patterns
+    const execPatterns = [
+      { pattern: /eval\s*\(/i, weight: 30 },
+      { pattern: /Function\s*\(/i, weight: 25 },
+      { pattern: /exec\s*\(/i, weight: 30 },
+      { pattern: /system\s*\(/i, weight: 35 },
+      { pattern: /shell_exec/i, weight: 35 },
+      { pattern: /subprocess\./i, weight: 25 },
+      { pattern: /child_process/i, weight: 30 },
+      { pattern: /Process\.Start/i, weight: 30 },
+      { pattern: /Runtime\.exec/i, weight: 30 }
+    ];
+    for (const { pattern, weight } of execPatterns) {
+      if (pattern.test(content)) {
+        score += weight;
+      }
+    }
+    return Math.min(score, 100);
+  }
+  /**
+   * Calculate persistence indicator score
+   */
+  private calculatePersistenceScore(content: string, matches: PatternMatch[]): number {
+    let score = 0;
+    // Persistence patterns
+    const persistencePatterns = [
+      { pattern: /crontab|systemd|launchd/i, weight: 25 },
+      { pattern: /registry|HKEY_/i, weight: 25 },
+      { pattern: /startup|autorun/i, weight: 20 },
+      { pattern: /\.bashrc|\.profile|\.zshrc/i, weight: 20 },
+      { pattern: /scheduled.*task|schtasks/i, weight: 25 },
+      { pattern: /service.*install|daemon/i, weight: 20 }
+    ];
+    for (const { pattern, weight } of persistencePatterns) {
+      if (pattern.test(content)) {
+        score += weight;
+      }
+    }
+    return Math.min(score, 100);
+  }
+  /**
+   * Calculate correlation score from related findings
+   */
+  private calculateCorrelationScore(
+    rule: MalwareRule,
+    previousFindings: MalwareFinding[],
+    relatedFindings: MalwareFinding[]
+  ): number {
+    let score = 0;
+    if (!rule.correlation) {
+      return score;
+    }
+    const allFindings = [...previousFindings, ...relatedFindings];
+    const findingRuleIds = new Set(allFindings.map(f => f.ruleId));
+    // Check for amplifying rules
+    if (rule.correlation.amplifyWith) {
+      for (const amplifyId of rule.correlation.amplifyWith) {
+        if (findingRuleIds.has(amplifyId)) {
+          score += rule.correlation.severityBoost ?? 15;
+        }
+      }
+    }
+    return Math.min(score, 50);
+  }
+  /**
+   * Calculate false positive penalty
+   */
+  private calculateFalsePositivePenalty(
+    rule: MalwareRule,
+    context: AnalysisContext
+  ): number {
+    let penalty = 0;
+    // Vendor code penalty
+    if (context.isVendorCode) {
+      penalty += 20;
+    }
+    // Test file penalty
+    if (context.isTestFile) {
+      penalty += 30;
+    }
+    // Check for false positive patterns
+    if (rule.falsePositivePatterns) {
+      for (const fpPattern of rule.falsePositivePatterns) {
+        if (fpPattern.type === 'regex') {
+          const regex = new RegExp(fpPattern.pattern, fpPattern.flags || 'gi');
+          if (regex.test(context.content)) {
+            penalty += 15;
+          }
+        }
+      }
+    }
+    return Math.min(penalty, 50);
+  }
+  /**
+   * Convert score to severity
+   */
+  private scoreToSeverity(score: number): MalwareSeverity {
+    if (score >= SCORE_THRESHOLDS.CRITICAL) return MalwareSeverity.CRITICAL;
+    if (score >= SCORE_THRESHOLDS.HIGH) return MalwareSeverity.HIGH;
+    if (score >= SCORE_THRESHOLDS.MEDIUM) return MalwareSeverity.MEDIUM;
+    if (score >= SCORE_THRESHOLDS.LOW) return MalwareSeverity.LOW;
+    return MalwareSeverity.INFO;
+  }
+  /**
+   * Convert score to risk level
+   */
+  private scoreToRiskLevel(score: number): 'critical' | 'high' | 'medium' | 'low' | 'minimal' {
+    if (score >= RISK_LEVELS.CRITICAL.min) return RISK_LEVELS.CRITICAL.label;
+    if (score >= RISK_LEVELS.HIGH.min) return RISK_LEVELS.HIGH.label;
+    if (score >= RISK_LEVELS.MEDIUM.min) return RISK_LEVELS.MEDIUM.label;
+    if (score >= RISK_LEVELS.LOW.min) return RISK_LEVELS.LOW.label;
+    return RISK_LEVELS.MINIMAL.label;
+  }
+  /**
+   * Generate human-readable explanation
+   */
+  private generateExplanation(
+    breakdown: MalwareScoreBreakdown,
+    matchCount: number
+  ): string {
+    const factors: string[] = [];
+    if (breakdown.patternScore > 50) {
+      factors.push(`Strong pattern match (${matchCount} matches)`);
+    } else if (breakdown.patternScore > 20) {
+      factors.push(`Pattern detected (${matchCount} matches)`);
+    }
+    if (breakdown.obfuscationScore > 50) {
+      factors.push('High code obfuscation detected');
+    } else if (breakdown.obfuscationScore > 25) {
+      factors.push('Moderate obfuscation present');
+    }
+    if (breakdown.networkScore > 50) {
+      factors.push('Suspicious network activity indicators');
+    }
+    if (breakdown.executionScore > 50) {
+      factors.push('Dangerous code execution patterns');
+    }
+    if (breakdown.persistenceScore > 25) {
+      factors.push('Persistence mechanism indicators');
+    }
+    if (breakdown.correlationScore > 0) {
+      factors.push('Correlated with other malware indicators');
+    }
+    if (breakdown.falsePositivePenalty > 0) {
+      factors.push('Possible false positive indicators present');
+    }
+    if (factors.length === 0) {
+      return 'Low-confidence detection based on basic pattern matching';
+    }
+    return factors.join('. ') + '.';
+  }
+  /**
+   * Calculate combined score for multiple findings
+   */
+  calculateCombinedScore(findings: MalwareFinding[]): MalwareScore {
+    if (findings.length === 0) {
+      return {
+        score: 0,
+        breakdown: {
+          baseScore: 0,
+          patternScore: 0,
+          obfuscationScore: 0,
+          networkScore: 0,
+          executionScore: 0,
+          persistenceScore: 0,
+          correlationScore: 0,
+          falsePositivePenalty: 0,
+          totalScore: 0
+        },
+        calculatedSeverity: MalwareSeverity.INFO,
+        riskLevel: 'minimal',
+        explanation: 'No findings detected'
+      };
+    }
+    // Aggregate breakdowns
+    const aggregated: MalwareScoreBreakdown = {
+      baseScore: 0,
+      patternScore: 0,
+      obfuscationScore: 0,
+      networkScore: 0,
+      executionScore: 0,
+      persistenceScore: 0,
+      correlationScore: 0,
+      falsePositivePenalty: 0,
+      totalScore: 0
+    };
+    for (const finding of findings) {
+      const b = finding.malwareScore.breakdown;
+      aggregated.baseScore = Math.max(aggregated.baseScore, b.baseScore);
+      aggregated.patternScore += b.patternScore * 0.5;
+      aggregated.obfuscationScore = Math.max(aggregated.obfuscationScore, b.obfuscationScore);
+      aggregated.networkScore = Math.max(aggregated.networkScore, b.networkScore);
+      aggregated.executionScore = Math.max(aggregated.executionScore, b.executionScore);
+      aggregated.persistenceScore = Math.max(aggregated.persistenceScore, b.persistenceScore);
+      aggregated.correlationScore += 5; // Bonus for multiple findings
+    }
+    // Cap values
+    aggregated.patternScore = Math.min(aggregated.patternScore, 100);
+    aggregated.correlationScore = Math.min(aggregated.correlationScore, 50);
+    const totalScore = this.calculateTotalScore(aggregated);
+    const severity = this.scoreToSeverity(totalScore);
+    const riskLevel = this.scoreToRiskLevel(totalScore);
+    return {
+      score: Math.round(totalScore),
+      breakdown: aggregated,
+      calculatedSeverity: severity,
+      riskLevel,
+      explanation: `Combined analysis of ${findings.length} findings. ${this.generateExplanation(aggregated, findings.length)}`
+    };
+  }
+}
+// ============================================================================
+// CONFIDENCE CALCULATOR
+// ============================================================================
+/**
+ * Calculate confidence level based on evidence
+ */
+export function calculateConfidence(
+  matchCount: number,
+  patternDiversity: number,
+  hasContextualEvidence: boolean,
+  hasCorrelation: boolean
+): ConfidenceLevel {
+  let score = 0;
+  // Match count contribution
+  if (matchCount >= 5) score += 30;
+  else if (matchCount >= 3) score += 20;
+  else if (matchCount >= 1) score += 10;
+  // Pattern diversity contribution
+  if (patternDiversity >= 3) score += 25;
+  else if (patternDiversity >= 2) score += 15;
+  else score += 5;
+  // Contextual evidence contribution
+  if (hasContextualEvidence) score += 25;
+  // Correlation contribution
+  if (hasCorrelation) score += 20;
+  // Map to confidence level
+  if (score >= 80) return ConfidenceLevel.CONFIRMED;
+  if (score >= 60) return ConfidenceLevel.HIGH;
+  if (score >= 40) return ConfidenceLevel.MEDIUM;
+  if (score >= 20) return ConfidenceLevel.LOW;
+  return ConfidenceLevel.TENTATIVE;
+}
+// ============================================================================
+// EXPORTS
+// ============================================================================
+export const scoreCalculator = new MalwareScoreCalculator();