npm - secure-scan - Versions diffs - 1.2.2 - Mend

secure-scan 1.2.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (569) hide show

package/README.md +564 -0
package/dist/ai/aiAnalyzer.d.ts +99 -0
package/dist/ai/aiAnalyzer.d.ts.map +1 -0
package/dist/ai/aiAnalyzer.js +669 -0
package/dist/ai/aiAnalyzer.js.map +1 -0
package/dist/ai/index.d.ts +5 -0
package/dist/ai/index.d.ts.map +1 -0
package/dist/ai/index.js +21 -0
package/dist/ai/index.js.map +1 -0
package/dist/analyzers/base/baseAnalyzer.d.ts +44 -0
package/dist/analyzers/base/baseAnalyzer.d.ts.map +1 -0
package/dist/analyzers/base/baseAnalyzer.js +53 -0
package/dist/analyzers/base/baseAnalyzer.js.map +1 -0
package/dist/analyzers/base/index.d.ts +5 -0
package/dist/analyzers/base/index.d.ts.map +1 -0
package/dist/analyzers/base/index.js +21 -0
package/dist/analyzers/base/index.js.map +1 -0
package/dist/analyzers/c-cpp/cppAnalyzer.d.ts +60 -0
package/dist/analyzers/c-cpp/cppAnalyzer.d.ts.map +1 -0
package/dist/analyzers/c-cpp/cppAnalyzer.js +218 -0
package/dist/analyzers/c-cpp/cppAnalyzer.js.map +1 -0
package/dist/analyzers/c-cpp/index.d.ts +5 -0
package/dist/analyzers/c-cpp/index.d.ts.map +1 -0
package/dist/analyzers/c-cpp/index.js +21 -0
package/dist/analyzers/c-cpp/index.js.map +1 -0
package/dist/analyzers/core/engine/index.d.ts +5 -0
package/dist/analyzers/core/engine/index.d.ts.map +1 -0
package/dist/analyzers/core/engine/index.js +21 -0
package/dist/analyzers/core/engine/index.js.map +1 -0
package/dist/analyzers/core/engine/ruleEngine.d.ts +46 -0
package/dist/analyzers/core/engine/ruleEngine.d.ts.map +1 -0
package/dist/analyzers/core/engine/ruleEngine.js +173 -0
package/dist/analyzers/core/engine/ruleEngine.js.map +1 -0
package/dist/analyzers/core/index.d.ts +8 -0
package/dist/analyzers/core/index.d.ts.map +1 -0
package/dist/analyzers/core/index.js +24 -0
package/dist/analyzers/core/index.js.map +1 -0
package/dist/analyzers/core/scanner/fileScanner.d.ts +31 -0
package/dist/analyzers/core/scanner/fileScanner.d.ts.map +1 -0
package/dist/analyzers/core/scanner/fileScanner.js +199 -0
package/dist/analyzers/core/scanner/fileScanner.js.map +1 -0
package/dist/analyzers/core/scanner/index.d.ts +5 -0
package/dist/analyzers/core/scanner/index.d.ts.map +1 -0
package/dist/analyzers/core/scanner/index.js +21 -0
package/dist/analyzers/core/scanner/index.js.map +1 -0
package/dist/analyzers/core/scoring/index.d.ts +5 -0
package/dist/analyzers/core/scoring/index.d.ts.map +1 -0
package/dist/analyzers/core/scoring/index.js +21 -0
package/dist/analyzers/core/scoring/index.js.map +1 -0
package/dist/analyzers/core/scoring/riskScoring.d.ts +49 -0
package/dist/analyzers/core/scoring/riskScoring.d.ts.map +1 -0
package/dist/analyzers/core/scoring/riskScoring.js +180 -0
package/dist/analyzers/core/scoring/riskScoring.js.map +1 -0
package/dist/analyzers/core/securityScanner.d.ts +47 -0
package/dist/analyzers/core/securityScanner.d.ts.map +1 -0
package/dist/analyzers/core/securityScanner.js +298 -0
package/dist/analyzers/core/securityScanner.js.map +1 -0
package/dist/analyzers/csharp/csharpAnalyzer.d.ts +64 -0
package/dist/analyzers/csharp/csharpAnalyzer.d.ts.map +1 -0
package/dist/analyzers/csharp/csharpAnalyzer.js +232 -0
package/dist/analyzers/csharp/csharpAnalyzer.js.map +1 -0
package/dist/analyzers/csharp/index.d.ts +5 -0
package/dist/analyzers/csharp/index.d.ts.map +1 -0
package/dist/analyzers/csharp/index.js +21 -0
package/dist/analyzers/csharp/index.js.map +1 -0
package/dist/analyzers/iac/iacAnalyzer.d.ts +36 -0
package/dist/analyzers/iac/iacAnalyzer.d.ts.map +1 -0
package/dist/analyzers/iac/iacAnalyzer.js +182 -0
package/dist/analyzers/iac/iacAnalyzer.js.map +1 -0
package/dist/analyzers/iac/index.d.ts +5 -0
package/dist/analyzers/iac/index.d.ts.map +1 -0
package/dist/analyzers/iac/index.js +21 -0
package/dist/analyzers/iac/index.js.map +1 -0
package/dist/analyzers/index.d.ts +30 -0
package/dist/analyzers/index.d.ts.map +1 -0
package/dist/analyzers/index.js +80 -0
package/dist/analyzers/index.js.map +1 -0
package/dist/analyzers/java/index.d.ts +5 -0
package/dist/analyzers/java/index.d.ts.map +1 -0
package/dist/analyzers/java/index.js +21 -0
package/dist/analyzers/java/index.js.map +1 -0
package/dist/analyzers/java/javaAnalyzer.d.ts +64 -0
package/dist/analyzers/java/javaAnalyzer.d.ts.map +1 -0
package/dist/analyzers/java/javaAnalyzer.js +224 -0
package/dist/analyzers/java/javaAnalyzer.js.map +1 -0
package/dist/analyzers/javascript/astUtils.d.ts +170 -0
package/dist/analyzers/javascript/astUtils.d.ts.map +1 -0
package/dist/analyzers/javascript/astUtils.js +700 -0
package/dist/analyzers/javascript/astUtils.js.map +1 -0
package/dist/analyzers/javascript/index.d.ts +18 -0
package/dist/analyzers/javascript/index.d.ts.map +1 -0
package/dist/analyzers/javascript/index.js +50 -0
package/dist/analyzers/javascript/index.js.map +1 -0
package/dist/analyzers/javascript/javascriptAnalyzer.d.ts +111 -0
package/dist/analyzers/javascript/javascriptAnalyzer.d.ts.map +1 -0
package/dist/analyzers/javascript/javascriptAnalyzer.js +860 -0
package/dist/analyzers/javascript/javascriptAnalyzer.js.map +1 -0
package/dist/analyzers/javascript/malwareDetector.d.ts +102 -0
package/dist/analyzers/javascript/malwareDetector.d.ts.map +1 -0
package/dist/analyzers/javascript/malwareDetector.js +616 -0
package/dist/analyzers/javascript/malwareDetector.js.map +1 -0
package/dist/analyzers/javascript/packageJsonAnalyzer.d.ts +87 -0
package/dist/analyzers/javascript/packageJsonAnalyzer.d.ts.map +1 -0
package/dist/analyzers/javascript/packageJsonAnalyzer.js +553 -0
package/dist/analyzers/javascript/packageJsonAnalyzer.js.map +1 -0
package/dist/analyzers/javascript/taintAnalyzer.d.ts +120 -0
package/dist/analyzers/javascript/taintAnalyzer.d.ts.map +1 -0
package/dist/analyzers/javascript/taintAnalyzer.js +526 -0
package/dist/analyzers/javascript/taintAnalyzer.js.map +1 -0
package/dist/analyzers/php/index.d.ts +5 -0
package/dist/analyzers/php/index.d.ts.map +1 -0
package/dist/analyzers/php/index.js +21 -0
package/dist/analyzers/php/index.js.map +1 -0
package/dist/analyzers/php/phpAnalyzer.d.ts +56 -0
package/dist/analyzers/php/phpAnalyzer.d.ts.map +1 -0
package/dist/analyzers/php/phpAnalyzer.js +202 -0
package/dist/analyzers/php/phpAnalyzer.js.map +1 -0
package/dist/analyzers/python/index.d.ts +5 -0
package/dist/analyzers/python/index.d.ts.map +1 -0
package/dist/analyzers/python/index.js +21 -0
package/dist/analyzers/python/index.js.map +1 -0
package/dist/analyzers/python/pythonAnalyzer.d.ts +64 -0
package/dist/analyzers/python/pythonAnalyzer.d.ts.map +1 -0
package/dist/analyzers/python/pythonAnalyzer.js +226 -0
package/dist/analyzers/python/pythonAnalyzer.js.map +1 -0
package/dist/cli/index.d.ts +7 -0
package/dist/cli/index.d.ts.map +1 -0
package/dist/cli/index.js +281 -0
package/dist/cli/index.js.map +1 -0
package/dist/core/engine/index.d.ts +5 -0
package/dist/core/engine/index.d.ts.map +1 -0
package/dist/core/engine/index.js +21 -0
package/dist/core/engine/index.js.map +1 -0
package/dist/core/engine/ruleEngine.d.ts +46 -0
package/dist/core/engine/ruleEngine.d.ts.map +1 -0
package/dist/core/engine/ruleEngine.js +173 -0
package/dist/core/engine/ruleEngine.js.map +1 -0
package/dist/core/index.d.ts +8 -0
package/dist/core/index.d.ts.map +1 -0
package/dist/core/index.js +24 -0
package/dist/core/index.js.map +1 -0
package/dist/core/scanner/fileScanner.d.ts +31 -0
package/dist/core/scanner/fileScanner.d.ts.map +1 -0
package/dist/core/scanner/fileScanner.js +199 -0
package/dist/core/scanner/fileScanner.js.map +1 -0
package/dist/core/scanner/index.d.ts +5 -0
package/dist/core/scanner/index.d.ts.map +1 -0
package/dist/core/scanner/index.js +21 -0
package/dist/core/scanner/index.js.map +1 -0
package/dist/core/scoring/index.d.ts +5 -0
package/dist/core/scoring/index.d.ts.map +1 -0
package/dist/core/scoring/index.js +21 -0
package/dist/core/scoring/index.js.map +1 -0
package/dist/core/scoring/riskScoring.d.ts +49 -0
package/dist/core/scoring/riskScoring.d.ts.map +1 -0
package/dist/core/scoring/riskScoring.js +180 -0
package/dist/core/scoring/riskScoring.js.map +1 -0
package/dist/core/securityScanner.d.ts +47 -0
package/dist/core/securityScanner.d.ts.map +1 -0
package/dist/core/securityScanner.js +298 -0
package/dist/core/securityScanner.js.map +1 -0
package/dist/dependencies/aiDependencyAnalyzer.d.ts +96 -0
package/dist/dependencies/aiDependencyAnalyzer.d.ts.map +1 -0
package/dist/dependencies/aiDependencyAnalyzer.js +435 -0
package/dist/dependencies/aiDependencyAnalyzer.js.map +1 -0
package/dist/dependencies/database/cveDatabase.d.ts +32 -0
package/dist/dependencies/database/cveDatabase.d.ts.map +1 -0
package/dist/dependencies/database/cveDatabase.js +393 -0
package/dist/dependencies/database/cveDatabase.js.map +1 -0
package/dist/dependencies/database/index.d.ts +6 -0
package/dist/dependencies/database/index.d.ts.map +1 -0
package/dist/dependencies/database/index.js +22 -0
package/dist/dependencies/database/index.js.map +1 -0
package/dist/dependencies/database/maliciousPackages.d.ts +43 -0
package/dist/dependencies/database/maliciousPackages.d.ts.map +1 -0
package/dist/dependencies/database/maliciousPackages.js +279 -0
package/dist/dependencies/database/maliciousPackages.js.map +1 -0
package/dist/dependencies/dependencyAnalyzer.d.ts +74 -0
package/dist/dependencies/dependencyAnalyzer.d.ts.map +1 -0
package/dist/dependencies/dependencyAnalyzer.js +349 -0
package/dist/dependencies/dependencyAnalyzer.js.map +1 -0
package/dist/dependencies/detectors/index.d.ts +7 -0
package/dist/dependencies/detectors/index.d.ts.map +1 -0
package/dist/dependencies/detectors/index.js +28 -0
package/dist/dependencies/detectors/index.js.map +1 -0
package/dist/dependencies/detectors/securityStandards.d.ts +15 -0
package/dist/dependencies/detectors/securityStandards.d.ts.map +1 -0
package/dist/dependencies/detectors/securityStandards.js +178 -0
package/dist/dependencies/detectors/securityStandards.js.map +1 -0
package/dist/dependencies/detectors/vulnerabilityDetector.d.ts +53 -0
package/dist/dependencies/detectors/vulnerabilityDetector.d.ts.map +1 -0
package/dist/dependencies/detectors/vulnerabilityDetector.js +289 -0
package/dist/dependencies/detectors/vulnerabilityDetector.js.map +1 -0
package/dist/dependencies/index.d.ts +14 -0
package/dist/dependencies/index.d.ts.map +1 -0
package/dist/dependencies/index.js +43 -0
package/dist/dependencies/index.js.map +1 -0
package/dist/dependencies/installed/index.d.ts +8 -0
package/dist/dependencies/installed/index.d.ts.map +1 -0
package/dist/dependencies/installed/index.js +24 -0
package/dist/dependencies/installed/index.js.map +1 -0
package/dist/dependencies/installed/installedScanner.d.ts +91 -0
package/dist/dependencies/installed/installedScanner.d.ts.map +1 -0
package/dist/dependencies/installed/installedScanner.js +766 -0
package/dist/dependencies/installed/installedScanner.js.map +1 -0
package/dist/dependencies/installed/malwarePatterns.d.ts +32 -0
package/dist/dependencies/installed/malwarePatterns.d.ts.map +1 -0
package/dist/dependencies/installed/malwarePatterns.js +480 -0
package/dist/dependencies/installed/malwarePatterns.js.map +1 -0
package/dist/dependencies/installed/types.d.ts +274 -0
package/dist/dependencies/installed/types.d.ts.map +1 -0
package/dist/dependencies/installed/types.js +7 -0
package/dist/dependencies/installed/types.js.map +1 -0
package/dist/dependencies/parsers/base/baseParser.d.ts +44 -0
package/dist/dependencies/parsers/base/baseParser.d.ts.map +1 -0
package/dist/dependencies/parsers/base/baseParser.js +80 -0
package/dist/dependencies/parsers/base/baseParser.js.map +1 -0
package/dist/dependencies/parsers/base/index.d.ts +6 -0
package/dist/dependencies/parsers/base/index.d.ts.map +1 -0
package/dist/dependencies/parsers/base/index.js +27 -0
package/dist/dependencies/parsers/base/index.js.map +1 -0
package/dist/dependencies/parsers/cpp/cppParser.d.ts +36 -0
package/dist/dependencies/parsers/cpp/cppParser.d.ts.map +1 -0
package/dist/dependencies/parsers/cpp/cppParser.js +196 -0
package/dist/dependencies/parsers/cpp/cppParser.js.map +1 -0
package/dist/dependencies/parsers/cpp/index.d.ts +6 -0
package/dist/dependencies/parsers/cpp/index.d.ts.map +1 -0
package/dist/dependencies/parsers/cpp/index.js +27 -0
package/dist/dependencies/parsers/cpp/index.js.map +1 -0
package/dist/dependencies/parsers/csharp/csharpParser.d.ts +32 -0
package/dist/dependencies/parsers/csharp/csharpParser.d.ts.map +1 -0
package/dist/dependencies/parsers/csharp/csharpParser.js +125 -0
package/dist/dependencies/parsers/csharp/csharpParser.js.map +1 -0
package/dist/dependencies/parsers/csharp/index.d.ts +6 -0
package/dist/dependencies/parsers/csharp/index.d.ts.map +1 -0
package/dist/dependencies/parsers/csharp/index.js +27 -0
package/dist/dependencies/parsers/csharp/index.js.map +1 -0
package/dist/dependencies/parsers/index.d.ts +24 -0
package/dist/dependencies/parsers/index.d.ts.map +1 -0
package/dist/dependencies/parsers/index.js +69 -0
package/dist/dependencies/parsers/index.js.map +1 -0
package/dist/dependencies/parsers/java/index.d.ts +6 -0
package/dist/dependencies/parsers/java/index.d.ts.map +1 -0
package/dist/dependencies/parsers/java/index.js +27 -0
package/dist/dependencies/parsers/java/index.js.map +1 -0
package/dist/dependencies/parsers/java/javaParser.d.ts +32 -0
package/dist/dependencies/parsers/java/javaParser.d.ts.map +1 -0
package/dist/dependencies/parsers/java/javaParser.js +168 -0
package/dist/dependencies/parsers/java/javaParser.js.map +1 -0
package/dist/dependencies/parsers/javascript/index.d.ts +6 -0
package/dist/dependencies/parsers/javascript/index.d.ts.map +1 -0
package/dist/dependencies/parsers/javascript/index.js +27 -0
package/dist/dependencies/parsers/javascript/index.js.map +1 -0
package/dist/dependencies/parsers/javascript/javascriptParser.d.ts +55 -0
package/dist/dependencies/parsers/javascript/javascriptParser.d.ts.map +1 -0
package/dist/dependencies/parsers/javascript/javascriptParser.js +266 -0
package/dist/dependencies/parsers/javascript/javascriptParser.js.map +1 -0
package/dist/dependencies/parsers/php/index.d.ts +6 -0
package/dist/dependencies/parsers/php/index.d.ts.map +1 -0
package/dist/dependencies/parsers/php/index.js +27 -0
package/dist/dependencies/parsers/php/index.js.map +1 -0
package/dist/dependencies/parsers/php/phpParser.d.ts +35 -0
package/dist/dependencies/parsers/php/phpParser.d.ts.map +1 -0
package/dist/dependencies/parsers/php/phpParser.js +162 -0
package/dist/dependencies/parsers/php/phpParser.js.map +1 -0
package/dist/dependencies/parsers/python/index.d.ts +6 -0
package/dist/dependencies/parsers/python/index.d.ts.map +1 -0
package/dist/dependencies/parsers/python/index.js +27 -0
package/dist/dependencies/parsers/python/index.js.map +1 -0
package/dist/dependencies/parsers/python/pythonParser.d.ts +60 -0
package/dist/dependencies/parsers/python/pythonParser.d.ts.map +1 -0
package/dist/dependencies/parsers/python/pythonParser.js +336 -0
package/dist/dependencies/parsers/python/pythonParser.js.map +1 -0
package/dist/dependencies/types.d.ts +280 -0
package/dist/dependencies/types.d.ts.map +1 -0
package/dist/dependencies/types.js +59 -0
package/dist/dependencies/types.js.map +1 -0
package/dist/i18n/index.d.ts +2 -0
package/dist/i18n/index.d.ts.map +1 -0
package/dist/i18n/index.js +18 -0
package/dist/i18n/index.js.map +1 -0
package/dist/i18n/translations.d.ts +55 -0
package/dist/i18n/translations.d.ts.map +1 -0
package/dist/i18n/translations.js +119 -0
package/dist/i18n/translations.js.map +1 -0
package/dist/index.d.ts +14 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +36 -0
package/dist/index.js.map +1 -0
package/dist/reports/dependencyReportGenerator.d.ts +20 -0
package/dist/reports/dependencyReportGenerator.d.ts.map +1 -0
package/dist/reports/dependencyReportGenerator.js +690 -0
package/dist/reports/dependencyReportGenerator.js.map +1 -0
package/dist/reports/htmlReportGenerator.d.ts +43 -0
package/dist/reports/htmlReportGenerator.d.ts.map +1 -0
package/dist/reports/htmlReportGenerator.js +793 -0
package/dist/reports/htmlReportGenerator.js.map +1 -0
package/dist/reports/index.d.ts +7 -0
package/dist/reports/index.d.ts.map +1 -0
package/dist/reports/index.js +23 -0
package/dist/reports/index.js.map +1 -0
package/dist/reports/installedDepsReportGenerator.d.ts +14 -0
package/dist/reports/installedDepsReportGenerator.d.ts.map +1 -0
package/dist/reports/installedDepsReportGenerator.js +872 -0
package/dist/reports/installedDepsReportGenerator.js.map +1 -0
package/dist/rules/index.d.ts +31 -0
package/dist/rules/index.d.ts.map +1 -0
package/dist/rules/index.js +95 -0
package/dist/rules/index.js.map +1 -0
package/dist/rules/malware/categories/backdoors.d.ts +12 -0
package/dist/rules/malware/categories/backdoors.d.ts.map +1 -0
package/dist/rules/malware/categories/backdoors.js +163 -0
package/dist/rules/malware/categories/backdoors.js.map +1 -0
package/dist/rules/malware/categories/cryptominers.d.ts +13 -0
package/dist/rules/malware/categories/cryptominers.d.ts.map +1 -0
package/dist/rules/malware/categories/cryptominers.js +415 -0
package/dist/rules/malware/categories/cryptominers.js.map +1 -0
package/dist/rules/malware/categories/exfiltration.d.ts +20 -0
package/dist/rules/malware/categories/exfiltration.d.ts.map +1 -0
package/dist/rules/malware/categories/exfiltration.js +658 -0
package/dist/rules/malware/categories/exfiltration.js.map +1 -0
package/dist/rules/malware/categories/keyloggers.d.ts +19 -0
package/dist/rules/malware/categories/keyloggers.d.ts.map +1 -0
package/dist/rules/malware/categories/keyloggers.js +763 -0
package/dist/rules/malware/categories/keyloggers.js.map +1 -0
package/dist/rules/malware/categories/loaders.d.ts +20 -0
package/dist/rules/malware/categories/loaders.d.ts.map +1 -0
package/dist/rules/malware/categories/loaders.js +702 -0
package/dist/rules/malware/categories/loaders.js.map +1 -0
package/dist/rules/malware/categories/network.d.ts +19 -0
package/dist/rules/malware/categories/network.d.ts.map +1 -0
package/dist/rules/malware/categories/network.js +622 -0
package/dist/rules/malware/categories/network.js.map +1 -0
package/dist/rules/malware/categories/obfuscation.d.ts +22 -0
package/dist/rules/malware/categories/obfuscation.d.ts.map +1 -0
package/dist/rules/malware/categories/obfuscation.js +766 -0
package/dist/rules/malware/categories/obfuscation.js.map +1 -0
package/dist/rules/malware/constants/index.d.ts +281 -0
package/dist/rules/malware/constants/index.d.ts.map +1 -0
package/dist/rules/malware/constants/index.js +327 -0
package/dist/rules/malware/constants/index.js.map +1 -0
package/dist/rules/malware/engine/index.d.ts +178 -0
package/dist/rules/malware/engine/index.d.ts.map +1 -0
package/dist/rules/malware/engine/index.js +552 -0
package/dist/rules/malware/engine/index.js.map +1 -0
package/dist/rules/malware/index.d.ts +205 -0
package/dist/rules/malware/index.d.ts.map +1 -0
package/dist/rules/malware/index.js +837 -0
package/dist/rules/malware/index.js.map +1 -0
package/dist/rules/malware/scoring/index.d.ts +84 -0
package/dist/rules/malware/scoring/index.d.ts.map +1 -0
package/dist/rules/malware/scoring/index.js +441 -0
package/dist/rules/malware/scoring/index.js.map +1 -0
package/dist/rules/malware/types/index.d.ts +616 -0
package/dist/rules/malware/types/index.d.ts.map +1 -0
package/dist/rules/malware/types/index.js +155 -0
package/dist/rules/malware/types/index.js.map +1 -0
package/dist/rules/malware/utils/index.d.ts +117 -0
package/dist/rules/malware/utils/index.d.ts.map +1 -0
package/dist/rules/malware/utils/index.js +514 -0
package/dist/rules/malware/utils/index.js.map +1 -0
package/dist/rules/standards.d.ts +26 -0
package/dist/rules/standards.d.ts.map +1 -0
package/dist/rules/standards.js +352 -0
package/dist/rules/standards.js.map +1 -0
package/dist/rules/vulnerabilities/constants/index.d.ts +835 -0
package/dist/rules/vulnerabilities/constants/index.d.ts.map +1 -0
package/dist/rules/vulnerabilities/constants/index.js +544 -0
package/dist/rules/vulnerabilities/constants/index.js.map +1 -0
package/dist/rules/vulnerabilities/engine/index.d.ts +145 -0
package/dist/rules/vulnerabilities/engine/index.d.ts.map +1 -0
package/dist/rules/vulnerabilities/engine/index.js +581 -0
package/dist/rules/vulnerabilities/engine/index.js.map +1 -0
package/dist/rules/vulnerabilities/index.d.ts +148 -0
package/dist/rules/vulnerabilities/index.d.ts.map +1 -0
package/dist/rules/vulnerabilities/index.js +252 -0
package/dist/rules/vulnerabilities/index.js.map +1 -0
package/dist/rules/vulnerabilities/rules/authentication.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/authentication.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/authentication.js +419 -0
package/dist/rules/vulnerabilities/rules/authentication.js.map +1 -0
package/dist/rules/vulnerabilities/rules/commandInjection.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/commandInjection.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/commandInjection.js +300 -0
package/dist/rules/vulnerabilities/rules/commandInjection.js.map +1 -0
package/dist/rules/vulnerabilities/rules/csrf.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/csrf.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/csrf.js +261 -0
package/dist/rules/vulnerabilities/rules/csrf.js.map +1 -0
package/dist/rules/vulnerabilities/rules/deserialization.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/deserialization.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/deserialization.js +336 -0
package/dist/rules/vulnerabilities/rules/deserialization.js.map +1 -0
package/dist/rules/vulnerabilities/rules/fileUpload.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/fileUpload.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/fileUpload.js +325 -0
package/dist/rules/vulnerabilities/rules/fileUpload.js.map +1 -0
package/dist/rules/vulnerabilities/rules/hardcodedSecrets.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/hardcodedSecrets.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/hardcodedSecrets.js +446 -0
package/dist/rules/vulnerabilities/rules/hardcodedSecrets.js.map +1 -0
package/dist/rules/vulnerabilities/rules/index.d.ts +17 -0
package/dist/rules/vulnerabilities/rules/index.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/index.js +47 -0
package/dist/rules/vulnerabilities/rules/index.js.map +1 -0
package/dist/rules/vulnerabilities/rules/pathTraversal.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/pathTraversal.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/pathTraversal.js +351 -0
package/dist/rules/vulnerabilities/rules/pathTraversal.js.map +1 -0
package/dist/rules/vulnerabilities/rules/prototypePollution.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/prototypePollution.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/prototypePollution.js +272 -0
package/dist/rules/vulnerabilities/rules/prototypePollution.js.map +1 -0
package/dist/rules/vulnerabilities/rules/securityMisconfiguration.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/securityMisconfiguration.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/securityMisconfiguration.js +438 -0
package/dist/rules/vulnerabilities/rules/securityMisconfiguration.js.map +1 -0
package/dist/rules/vulnerabilities/rules/sqlInjection.d.ts +12 -0
package/dist/rules/vulnerabilities/rules/sqlInjection.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/sqlInjection.js +636 -0
package/dist/rules/vulnerabilities/rules/sqlInjection.js.map +1 -0
package/dist/rules/vulnerabilities/rules/ssrf.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/ssrf.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/ssrf.js +401 -0
package/dist/rules/vulnerabilities/rules/ssrf.js.map +1 -0
package/dist/rules/vulnerabilities/rules/xss.d.ts +11 -0
package/dist/rules/vulnerabilities/rules/xss.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/xss.js +724 -0
package/dist/rules/vulnerabilities/rules/xss.js.map +1 -0
package/dist/rules/vulnerabilities/scoring/index.d.ts +80 -0
package/dist/rules/vulnerabilities/scoring/index.d.ts.map +1 -0
package/dist/rules/vulnerabilities/scoring/index.js +414 -0
package/dist/rules/vulnerabilities/scoring/index.js.map +1 -0
package/dist/rules/vulnerabilities/types/index.d.ts +830 -0
package/dist/rules/vulnerabilities/types/index.d.ts.map +1 -0
package/dist/rules/vulnerabilities/types/index.js +164 -0
package/dist/rules/vulnerabilities/types/index.js.map +1 -0
package/dist/rules/vulnerabilities/utils/index.d.ts +206 -0
package/dist/rules/vulnerabilities/utils/index.d.ts.map +1 -0
package/dist/rules/vulnerabilities/utils/index.js +615 -0
package/dist/rules/vulnerabilities/utils/index.js.map +1 -0
package/dist/types/index.d.ts +359 -0
package/dist/types/index.d.ts.map +1 -0
package/dist/types/index.js +61 -0
package/dist/types/index.js.map +1 -0
package/dist/utils/index.d.ts +82 -0
package/dist/utils/index.d.ts.map +1 -0
package/dist/utils/index.js +326 -0
package/dist/utils/index.js.map +1 -0
package/dist/utils/logger.d.ts +40 -0
package/dist/utils/logger.d.ts.map +1 -0
package/dist/utils/logger.js +139 -0
package/dist/utils/logger.js.map +1 -0
package/docs/ARCHITECTURE.md +320 -0
package/docs/V1.2.1-IA_Performances.md +116 -0
package/docs/images/WIN_Defender.png +0 -0
package/package.json +68 -0
package/secure-scan.config.json +134 -0
package/secure-scan.sln +29 -0
package/src/ai/aiAnalyzer.ts +714 -0
package/src/ai/index.ts +5 -0
package/src/analyzers/base/baseAnalyzer.ts +66 -0
package/src/analyzers/base/index.ts +5 -0
package/src/analyzers/c-cpp/cppAnalyzer.ts +308 -0
package/src/analyzers/c-cpp/index.ts +5 -0
package/src/analyzers/core/engine/index.ts +5 -0
package/src/analyzers/core/engine/ruleEngine.ts +221 -0
package/src/analyzers/core/index.ts +8 -0
package/src/analyzers/core/scanner/fileScanner.ts +204 -0
package/src/analyzers/core/scanner/index.ts +5 -0
package/src/analyzers/core/scoring/index.ts +5 -0
package/src/analyzers/core/scoring/riskScoring.ts +198 -0
package/src/analyzers/core/securityScanner.ts +321 -0
package/src/analyzers/csharp/csharpAnalyzer.ts +328 -0
package/src/analyzers/csharp/index.ts +5 -0
package/src/analyzers/iac/iacAnalyzer.ts +318 -0
package/src/analyzers/iac/index.ts +5 -0
package/src/analyzers/index.ts +67 -0
package/src/analyzers/java/index.ts +5 -0
package/src/analyzers/java/javaAnalyzer.ts +320 -0
package/src/analyzers/javascript/PROMPT_JS_ANALYZER.md +267 -0
package/src/analyzers/javascript/astUtils.ts +789 -0
package/src/analyzers/javascript/index.ts +50 -0
package/src/analyzers/javascript/javascriptAnalyzer.ts +984 -0
package/src/analyzers/javascript/malwareDetector.ts +697 -0
package/src/analyzers/javascript/packageJsonAnalyzer.ts +626 -0
package/src/analyzers/javascript/taintAnalyzer.ts +630 -0
package/src/analyzers/php/index.ts +5 -0
package/src/analyzers/php/phpAnalyzer.ts +280 -0
package/src/analyzers/python/index.ts +5 -0
package/src/analyzers/python/pythonAnalyzer.ts +319 -0
package/src/cli/index.ts +276 -0
package/src/dependencies/aiDependencyAnalyzer.ts +496 -0
package/src/dependencies/database/cveDatabase.ts +426 -0
package/src/dependencies/database/index.ts +6 -0
package/src/dependencies/database/maliciousPackages.ts +286 -0
package/src/dependencies/dependencyAnalyzer.ts +394 -0
package/src/dependencies/detectors/index.ts +7 -0
package/src/dependencies/detectors/securityStandards.ts +200 -0
package/src/dependencies/detectors/vulnerabilityDetector.ts +343 -0
package/src/dependencies/index.ts +27 -0
package/src/dependencies/installed/index.ts +8 -0
package/src/dependencies/installed/installedScanner.ts +821 -0
package/src/dependencies/installed/malwarePatterns.ts +492 -0
package/src/dependencies/installed/types.ts +287 -0
package/src/dependencies/parsers/base/baseParser.ts +108 -0
package/src/dependencies/parsers/base/index.ts +6 -0
package/src/dependencies/parsers/cpp/cppParser.ts +245 -0
package/src/dependencies/parsers/cpp/index.ts +6 -0
package/src/dependencies/parsers/csharp/csharpParser.ts +151 -0
package/src/dependencies/parsers/csharp/index.ts +6 -0
package/src/dependencies/parsers/index.ts +56 -0
package/src/dependencies/parsers/java/index.ts +6 -0
package/src/dependencies/parsers/java/javaParser.ts +203 -0
package/src/dependencies/parsers/javascript/index.ts +6 -0
package/src/dependencies/parsers/javascript/javascriptParser.ts +362 -0
package/src/dependencies/parsers/php/index.ts +6 -0
package/src/dependencies/parsers/php/phpParser.ts +208 -0
package/src/dependencies/parsers/python/index.ts +6 -0
package/src/dependencies/parsers/python/pythonParser.ts +437 -0
package/src/dependencies/types.ts +330 -0
package/src/i18n/index.ts +1 -0
package/src/i18n/translations.ts +194 -0
package/src/index.ts +16 -0
package/src/reports/dependencyReportGenerator.ts +717 -0
package/src/reports/htmlReportGenerator.ts +781 -0
package/src/reports/index.ts +7 -0
package/src/reports/installedDepsReportGenerator.ts +899 -0
package/src/rules/index.ts +58 -0
package/src/rules/malware/INFO.md +287 -0
package/src/rules/malware/categories/backdoors.ts +174 -0
package/src/rules/malware/categories/cryptominers.ts +434 -0
package/src/rules/malware/categories/exfiltration.ts +677 -0
package/src/rules/malware/categories/keyloggers.ts +780 -0
package/src/rules/malware/categories/loaders.ts +721 -0
package/src/rules/malware/categories/network.ts +639 -0
package/src/rules/malware/categories/obfuscation.ts +788 -0
package/src/rules/malware/constants/index.ts +358 -0
package/src/rules/malware/engine/index.ts +758 -0
package/src/rules/malware/index.ts +928 -0
package/src/rules/malware/scoring/index.ts +549 -0
package/src/rules/malware/types/index.ts +752 -0
package/src/rules/malware/utils/index.ts +643 -0
package/src/rules/standards.ts +372 -0
package/src/rules/vulnerabilities/PROMPT_VULNERABILITIES.md +226 -0
package/src/rules/vulnerabilities/constants/index.ts +625 -0
package/src/rules/vulnerabilities/engine/index.ts +831 -0
package/src/rules/vulnerabilities/index.ts +312 -0
package/src/rules/vulnerabilities/rules/authentication.ts +426 -0
package/src/rules/vulnerabilities/rules/commandInjection.ts +307 -0
package/src/rules/vulnerabilities/rules/csrf.ts +268 -0
package/src/rules/vulnerabilities/rules/deserialization.ts +343 -0
package/src/rules/vulnerabilities/rules/fileUpload.ts +332 -0
package/src/rules/vulnerabilities/rules/hardcodedSecrets.ts +453 -0
package/src/rules/vulnerabilities/rules/index.ts +17 -0
package/src/rules/vulnerabilities/rules/pathTraversal.ts +358 -0
package/src/rules/vulnerabilities/rules/prototypePollution.ts +279 -0
package/src/rules/vulnerabilities/rules/securityMisconfiguration.ts +445 -0
package/src/rules/vulnerabilities/rules/sqlInjection.ts +669 -0
package/src/rules/vulnerabilities/rules/ssrf.ts +408 -0
package/src/rules/vulnerabilities/rules/xss.ts +753 -0
package/src/rules/vulnerabilities/scoring/index.ts +543 -0
package/src/rules/vulnerabilities/types/index.ts +1004 -0
package/src/rules/vulnerabilities/utils/index.ts +709 -0
package/src/types/index.ts +391 -0
package/src/utils/index.ts +306 -0
package/src/utils/logger.ts +150 -0
package/test-installed-scanner.ts +136 -0
package/tsconfig.json +30 -0

package/src/rules/malware/utils/index.ts ADDED Viewed

@@ -0,0 +1,643 @@
+/**
+ * @fileoverview Malware Detection Utilities
+ * @module rules/malware/utils
+ *
+ * Core utility functions for malware detection including entropy calculation,
+ * code normalization, obfuscation detection, and pattern matching helpers.
+ */
+import {
+  SupportedLanguage,
+  PatternMatch,
+  SourceLocation,
+  MalwarePattern,
+  PatternType,
+  RegexPattern
+} from '../types';
+import {
+  ENTROPY_THRESHOLDS,
+  OBFUSCATION_INDICATORS,
+  LIMITS
+} from '../constants';
+// ============================================================================
+// ENTROPY CALCULATION
+// ============================================================================
+/**
+ * Calculate Shannon entropy of a string
+ * Higher entropy indicates more randomness/potential obfuscation
+ *
+ * @param content - String to analyze
+ * @returns Entropy value (0-8 for ASCII)
+ */
+export function calculateEntropy(content: string): number {
+  if (!content || content.length === 0) {
+    return 0;
+  }
+  const charFrequency: Map<string, number> = new Map();
+  for (const char of content) {
+    charFrequency.set(char, (charFrequency.get(char) || 0) + 1);
+  }
+  let entropy = 0;
+  const length = content.length;
+  for (const count of Array.from(charFrequency.values())) {
+    const probability = count / length;
+    entropy -= probability * Math.log2(probability);
+  }
+  return entropy;
+}
+/**
+ * Calculate entropy per line and detect anomalies
+ *
+ * @param content - Source code content
+ * @returns Object with average entropy and lines with high entropy
+ */
+export function analyzeEntropyByLine(content: string): {
+  averageEntropy: number;
+  maxEntropy: number;
+  highEntropyLines: Array<{ line: number; entropy: number; content: string }>;
+} {
+  const lines = content.split('\n');
+  const entropies = lines.map(line => calculateEntropy(line));
+  const averageEntropy = entropies.reduce((a, b) => a + b, 0) / entropies.length;
+  const maxEntropy = Math.max(...entropies);
+  const highEntropyLines = lines
+    .map((line, index) => ({
+      line: index + 1,
+      entropy: entropies[index],
+      content: line.substring(0, LIMITS.MAX_SNIPPET_LENGTH)
+    }))
+    .filter(item => item.entropy > ENTROPY_THRESHOLDS.SUSPICIOUS);
+  return { averageEntropy, maxEntropy, highEntropyLines };
+}
+// ============================================================================
+// CODE NORMALIZATION
+// ============================================================================
+/**
+ * Normalize code for analysis by removing common obfuscation patterns
+ * IMPORTANT: This does NOT execute any code
+ *
+ * @param content - Source code to normalize
+ * @param language - Programming language
+ * @returns Normalized code
+ */
+export function normalizeCode(
+  content: string,
+  language: SupportedLanguage
+): string {
+  let normalized = content;
+  // Remove comments based on language
+  normalized = removeComments(normalized, language);
+  // Normalize whitespace
+  normalized = normalizeWhitespace(normalized);
+  // Decode simple escape sequences (safe, no execution)
+  normalized = decodeEscapeSequences(normalized);
+  // Normalize string concatenations
+  normalized = normalizeStringConcatenation(normalized);
+  return normalized;
+}
+/**
+ * Remove comments from code based on language
+ */
+function removeComments(content: string, language: SupportedLanguage): string {
+  let result = content;
+  switch (language) {
+    case SupportedLanguage.JAVASCRIPT:
+    case SupportedLanguage.TYPESCRIPT:
+    case SupportedLanguage.JAVA:
+    case SupportedLanguage.CSHARP:
+    case SupportedLanguage.C:
+    case SupportedLanguage.CPP:
+      // Remove single-line comments
+      result = result.replace(/\/\/.*$/gm, '');
+      // Remove multi-line comments
+      result = result.replace(/\/\*[\s\S]*?\*\//g, '');
+      break;
+    case SupportedLanguage.PYTHON:
+    case SupportedLanguage.RUBY:
+      // Remove single-line comments
+      result = result.replace(/#.*$/gm, '');
+      // Remove docstrings (Python)
+      result = result.replace(/"""[\s\S]*?"""/g, '');
+      result = result.replace(/'''[\s\S]*?'''/g, '');
+      break;
+    case SupportedLanguage.PHP:
+      // Remove single-line comments
+      result = result.replace(/\/\/.*$/gm, '');
+      result = result.replace(/#.*$/gm, '');
+      // Remove multi-line comments
+      result = result.replace(/\/\*[\s\S]*?\*\//g, '');
+      break;
+    case SupportedLanguage.SHELL:
+    case SupportedLanguage.POWERSHELL:
+      result = result.replace(/#.*$/gm, '');
+      break;
+  }
+  return result;
+}
+/**
+ * Normalize whitespace
+ */
+function normalizeWhitespace(content: string): string {
+  return content
+    .replace(/\r\n/g, '\n')
+    .replace(/[ \t]+/g, ' ')
+    .replace(/\n{3,}/g, '\n\n');
+}
+/**
+ * Safely decode escape sequences without execution
+ */
+function decodeEscapeSequences(content: string): string {
+  let result = content;
+  // Decode hex escapes (\x41 -> A)
+  result = result.replace(/\\x([0-9a-fA-F]{2})/g, (_, hex) => {
+    const charCode = parseInt(hex, 16);
+    if (charCode >= 32 && charCode < 127) {
+      return String.fromCharCode(charCode);
+    }
+    return _;
+  });
+  // Decode unicode escapes (\u0041 -> A)
+  result = result.replace(/\\u([0-9a-fA-F]{4})/g, (_, hex) => {
+    const charCode = parseInt(hex, 16);
+    if (charCode >= 32 && charCode < 127) {
+      return String.fromCharCode(charCode);
+    }
+    return _;
+  });
+  return result;
+}
+/**
+ * Normalize string concatenation
+ * "e" + "v" + "a" + "l" -> "eval"
+ */
+function normalizeStringConcatenation(content: string): string {
+  // Match patterns like 'a' + 'b' + 'c'
+  return content.replace(
+    /(['"])(\w)\1\s*\+\s*(['"])(\w)\3(?:\s*\+\s*(['"])(\w)\5)*/g,
+    (match) => {
+      const chars = match.match(/['"](\w)['"]/g);
+      if (chars) {
+        const combined = chars.map(c => c[1]).join('');
+        return `"${combined}"`;
+      }
+      return match;
+    }
+  );
+}
+// ============================================================================
+// OBFUSCATION DETECTION
+// ============================================================================
+/**
+ * Detect obfuscation level in code
+ *
+ * @param content - Source code to analyze
+ * @param language - Programming language
+ * @returns Obfuscation score (0-1)
+ */
+export function detectObfuscationLevel(
+  content: string,
+  language: SupportedLanguage
+): number {
+  let score = 0;
+  let maxScore = 0;
+  // Check each obfuscation indicator
+  for (const [name, indicator] of Object.entries(OBFUSCATION_INDICATORS)) {
+    maxScore += (indicator as { weight: number }).weight;
+    if ('pattern' in indicator) {
+      const matches = content.match(indicator.pattern as RegExp);
+      if (matches && matches.length > 0) {
+        // Scale by match density
+        const density = Math.min(matches.length / (content.length / 100), 1);
+        score += indicator.weight * density;
+      }
+    } else if ('threshold' in indicator) {
+      if (name === 'LONG_LINES') {
+        const lines = content.split('\n');
+        const longLines = lines.filter(l => l.length > (indicator.threshold as number));
+        if (longLines.length / lines.length > 0.1) {
+          score += indicator.weight;
+        }
+      } else if (name === 'CHAR_DIVERSITY') {
+        const uniqueChars = new Set(content).size;
+        const diversity = uniqueChars / Math.min(content.length, 256);
+        if (diversity < (indicator.threshold as number)) {
+          score += indicator.weight;
+        }
+      }
+    }
+  }
+  // Check entropy
+  const entropy = calculateEntropy(content);
+  if (entropy > ENTROPY_THRESHOLDS.HIGH_OBFUSCATION) {
+    score += 0.3;
+    maxScore += 0.3;
+  } else if (entropy > ENTROPY_THRESHOLDS.SUSPICIOUS) {
+    score += 0.15;
+    maxScore += 0.15;
+  }
+  // Language-specific checks
+  score += detectLanguageSpecificObfuscation(content, language);
+  maxScore += 0.3;
+  return Math.min(score / maxScore, 1);
+}
+/**
+ * Language-specific obfuscation detection
+ */
+function detectLanguageSpecificObfuscation(
+  content: string,
+  language: SupportedLanguage
+): number {
+  let score = 0;
+  switch (language) {
+    case SupportedLanguage.JAVASCRIPT:
+    case SupportedLanguage.TYPESCRIPT:
+      // JSFuck patterns
+      if (/\[\]!\+/.test(content)) score += 0.15;
+      // JavaScript packer
+      if (/eval\(function\(p,a,c,k,e,/.test(content)) score += 0.15;
+      // Obfuscator.io patterns
+      if (/_0x[a-f0-9]{4,}/gi.test(content)) score += 0.1;
+      break;
+    case SupportedLanguage.PHP:
+      // Base64 + eval/gzinflate
+      if (/eval\s*\(\s*(?:base64_decode|gzinflate|str_rot13)/i.test(content)) score += 0.15;
+      // Variable function calls
+      if (/\$[a-z]+\s*\(/gi.test(content)) score += 0.05;
+      break;
+    case SupportedLanguage.PYTHON:
+      // exec(compile(...))
+      if (/exec\s*\(\s*compile/i.test(content)) score += 0.15;
+      // __import__ obfuscation
+      if (/__import__\s*\([^)]+\)\s*\./gi.test(content)) score += 0.1;
+      break;
+  }
+  return score;
+}
+// ============================================================================
+// ANTI-DEBUGGING DETECTION
+// ============================================================================
+/**
+ * Detect anti-debugging techniques
+ */
+export function detectAntiDebugging(
+  content: string,
+  language: SupportedLanguage
+): { detected: boolean; techniques: string[] } {
+  const techniques: string[] = [];
+  // JavaScript anti-debugging
+  if (language === SupportedLanguage.JAVASCRIPT ||
+      language === SupportedLanguage.TYPESCRIPT) {
+    // Debugger statements
+    if (/\bdebugger\b/.test(content)) {
+      techniques.push('debugger-statement');
+    }
+    // Console detection
+    if (/console\.(log|warn|error)\s*=/.test(content)) {
+      techniques.push('console-override');
+    }
+    // DevTools detection
+    if (/devtools|firebug/i.test(content)) {
+      techniques.push('devtools-detection');
+    }
+    // Performance timing checks
+    if (/performance\.now\s*\(\s*\)|Date\.now\s*\(\s*\)/.test(content) &&
+        /setTimeout|setInterval/.test(content)) {
+      techniques.push('timing-check');
+    }
+    // Function.toString detection
+    if (/toString\s*\(\s*\)\s*\.(?:indexOf|includes|match)/.test(content)) {
+      techniques.push('toString-check');
+    }
+  }
+  // Python anti-debugging
+  if (language === SupportedLanguage.PYTHON) {
+    if (/sys\.(settrace|gettrace)/.test(content)) {
+      techniques.push('trace-detection');
+    }
+    if (/pydevd|pdb\.set_trace/.test(content)) {
+      techniques.push('debugger-detection');
+    }
+  }
+  return {
+    detected: techniques.length > 0,
+    techniques
+  };
+}
+// ============================================================================
+// ENVIRONMENT CHECKS DETECTION
+// ============================================================================
+/**
+ * Detect environment-dependent activation (time bombs, sandbox evasion)
+ */
+export function detectEnvironmentChecks(content: string): {
+  detected: boolean;
+  checks: string[];
+} {
+  const checks: string[] = [];
+  // Time-based activation
+  if (/new Date\s*\(\s*\)|Date\.now\s*\(\s*\)/.test(content)) {
+    if (/getFullYear|getMonth|getDate|getHours/.test(content)) {
+      checks.push('time-based-activation');
+    }
+  }
+  // Environment variable checks
+  if (/process\.env|os\.environ|getenv|Environment\.GetEnvironmentVariable/.test(content)) {
+    checks.push('environment-variable-check');
+  }
+  // CI/CD detection
+  if (/CI|TRAVIS|JENKINS|GITHUB_ACTIONS|GITLAB_CI|CIRCLECI/.test(content)) {
+    checks.push('ci-cd-detection');
+  }
+  // Sandbox/VM detection
+  if (/vmware|virtualbox|sandbox|qemu|xen|hypervisor/i.test(content)) {
+    checks.push('sandbox-detection');
+  }
+  // Production environment checks
+  if (/NODE_ENV|RAILS_ENV|APP_ENV|ENVIRONMENT/.test(content) &&
+      /production|prod|live/i.test(content)) {
+    checks.push('production-check');
+  }
+  // User/hostname checks
+  if (/os\.getlogin|getpass\.getuser|socket\.gethostname|Environment\.UserName/.test(content)) {
+    checks.push('user-hostname-check');
+  }
+  return {
+    detected: checks.length > 0,
+    checks
+  };
+}
+// ============================================================================
+// PATTERN MATCHING UTILITIES
+// ============================================================================
+/**
+ * Safe regex matching with timeout protection
+ */
+export async function matchWithTimeout(
+  content: string,
+  pattern: RegExp,
+  timeout: number = LIMITS.REGEX_TIMEOUT
+): Promise<RegExpMatchArray | null> {
+  return new Promise((resolve) => {
+    const timer = setTimeout(() => {
+      resolve(null);
+    }, timeout);
+    try {
+      const result = content.match(pattern);
+      clearTimeout(timer);
+      resolve(result);
+    } catch {
+      clearTimeout(timer);
+      resolve(null);
+    }
+  });
+}
+/**
+ * Apply regex pattern with safety limits
+ */
+export function safeRegexMatch(
+  content: string,
+  pattern: RegexPattern
+): PatternMatch[] {
+  const matches: PatternMatch[] = [];
+  try {
+    const regex = new RegExp(pattern.pattern, pattern.flags || 'g');
+    const maxMatches = pattern.maxMatches || LIMITS.MAX_MATCHES_PER_PATTERN;
+    let match: RegExpExecArray | null;
+    let count = 0;
+    while ((match = regex.exec(content)) !== null && count < maxMatches) {
+      const location = getLocationFromIndex(content, match.index, match[0].length);
+      matches.push({
+        pattern,
+        matchedText: match[0].substring(0, LIMITS.MAX_SNIPPET_LENGTH),
+        location,
+        captures: match.slice(1)
+      });
+      count++;
+      // Prevent infinite loops for zero-width matches
+      if (match[0].length === 0) {
+        regex.lastIndex++;
+      }
+    }
+  } catch (error) {
+    // Log error but don't throw - invalid regex should be handled gracefully
+    console.error(`Invalid regex pattern: ${pattern.pattern}`, error);
+  }
+  return matches;
+}
+/**
+ * Convert string index to line/column location
+ */
+export function getLocationFromIndex(
+  content: string,
+  startIndex: number,
+  length: number
+): SourceLocation {
+  const lines = content.substring(0, startIndex).split('\n');
+  const startLine = lines.length;
+  const startColumn = lines[lines.length - 1].length;
+  const matchedContent = content.substring(startIndex, startIndex + length);
+  const matchedLines = matchedContent.split('\n');
+  const endLine = startLine + matchedLines.length - 1;
+  const endColumn = matchedLines.length === 1
+    ? startColumn + length
+    : matchedLines[matchedLines.length - 1].length;
+  return {
+    filePath: '', // Will be set by caller
+    startLine,
+    endLine,
+    startColumn,
+    endColumn
+  };
+}
+/**
+ * Extract code snippet with context
+ */
+export function extractSnippet(
+  content: string,
+  location: SourceLocation,
+  contextLines: number = LIMITS.CONTEXT_LINES
+): string {
+  const lines = content.split('\n');
+  const startLine = Math.max(0, location.startLine - contextLines - 1);
+  const endLine = Math.min(lines.length, location.endLine + contextLines);
+  return lines
+    .slice(startLine, endLine)
+    .join('\n')
+    .substring(0, LIMITS.MAX_SNIPPET_LENGTH);
+}
+// ============================================================================
+// BASE64 UTILITIES
+// ============================================================================
+/**
+ * Detect and analyze base64 encoded content
+ * Does NOT decode potentially malicious content
+ */
+export function analyzeBase64Content(content: string): {
+  found: boolean;
+  count: number;
+  longestLength: number;
+  locations: SourceLocation[];
+} {
+  const base64Pattern = /['"]([A-Za-z0-9+/]{50,}={0,2})['"]/g;
+  const locations: SourceLocation[] = [];
+  let longestLength = 0;
+  let count = 0;
+  let match;
+  while ((match = base64Pattern.exec(content)) !== null) {
+    count++;
+    longestLength = Math.max(longestLength, match[1].length);
+    locations.push(getLocationFromIndex(content, match.index, match[0].length));
+  }
+  return {
+    found: count > 0,
+    count,
+    longestLength,
+    locations
+  };
+}
+// ============================================================================
+// STRING ANALYSIS
+// ============================================================================
+/**
+ * Extract suspicious strings from code
+ */
+export function extractSuspiciousStrings(content: string): {
+  urls: string[];
+  ips: string[];
+  emails: string[];
+  paths: string[];
+  commands: string[];
+} {
+  const urls: string[] = [];
+  const ips: string[] = [];
+  const emails: string[] = [];
+  const paths: string[] = [];
+  const commands: string[] = [];
+  // URLs
+  const urlPattern = /https?:\/\/[^\s'"<>]+/gi;
+  let match;
+  while ((match = urlPattern.exec(content)) !== null) {
+    urls.push(match[0]);
+  }
+  // IP addresses
+  const ipPattern = /\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b/g;
+  while ((match = ipPattern.exec(content)) !== null) {
+    ips.push(match[0]);
+  }
+  // Email addresses
+  const emailPattern = /[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}/g;
+  while ((match = emailPattern.exec(content)) !== null) {
+    emails.push(match[0]);
+  }
+  // File paths
+  const pathPattern = /(?:\/[\w.-]+)+|(?:[A-Z]:\\[\w\\.-]+)/gi;
+  while ((match = pathPattern.exec(content)) !== null) {
+    paths.push(match[0]);
+  }
+  // Shell commands
+  const cmdPattern = /(?:(?:sh|bash|cmd|powershell)\s+-c\s+['"]?|`)[^'"`]+/gi;
+  while ((match = cmdPattern.exec(content)) !== null) {
+    commands.push(match[0]);
+  }
+  return { urls, ips, emails, paths, commands };
+}
+// ============================================================================
+// EXPORTS
+// ============================================================================
+export {
+  removeComments,
+  normalizeWhitespace,
+  decodeEscapeSequences,
+  normalizeStringConcatenation
+};