npm - secure-scan - Versions diffs - 1.2.2 - Mend

secure-scan 1.2.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (569) hide show

package/README.md +564 -0
package/dist/ai/aiAnalyzer.d.ts +99 -0
package/dist/ai/aiAnalyzer.d.ts.map +1 -0
package/dist/ai/aiAnalyzer.js +669 -0
package/dist/ai/aiAnalyzer.js.map +1 -0
package/dist/ai/index.d.ts +5 -0
package/dist/ai/index.d.ts.map +1 -0
package/dist/ai/index.js +21 -0
package/dist/ai/index.js.map +1 -0
package/dist/analyzers/base/baseAnalyzer.d.ts +44 -0
package/dist/analyzers/base/baseAnalyzer.d.ts.map +1 -0
package/dist/analyzers/base/baseAnalyzer.js +53 -0
package/dist/analyzers/base/baseAnalyzer.js.map +1 -0
package/dist/analyzers/base/index.d.ts +5 -0
package/dist/analyzers/base/index.d.ts.map +1 -0
package/dist/analyzers/base/index.js +21 -0
package/dist/analyzers/base/index.js.map +1 -0
package/dist/analyzers/c-cpp/cppAnalyzer.d.ts +60 -0
package/dist/analyzers/c-cpp/cppAnalyzer.d.ts.map +1 -0
package/dist/analyzers/c-cpp/cppAnalyzer.js +218 -0
package/dist/analyzers/c-cpp/cppAnalyzer.js.map +1 -0
package/dist/analyzers/c-cpp/index.d.ts +5 -0
package/dist/analyzers/c-cpp/index.d.ts.map +1 -0
package/dist/analyzers/c-cpp/index.js +21 -0
package/dist/analyzers/c-cpp/index.js.map +1 -0
package/dist/analyzers/core/engine/index.d.ts +5 -0
package/dist/analyzers/core/engine/index.d.ts.map +1 -0
package/dist/analyzers/core/engine/index.js +21 -0
package/dist/analyzers/core/engine/index.js.map +1 -0
package/dist/analyzers/core/engine/ruleEngine.d.ts +46 -0
package/dist/analyzers/core/engine/ruleEngine.d.ts.map +1 -0
package/dist/analyzers/core/engine/ruleEngine.js +173 -0
package/dist/analyzers/core/engine/ruleEngine.js.map +1 -0
package/dist/analyzers/core/index.d.ts +8 -0
package/dist/analyzers/core/index.d.ts.map +1 -0
package/dist/analyzers/core/index.js +24 -0
package/dist/analyzers/core/index.js.map +1 -0
package/dist/analyzers/core/scanner/fileScanner.d.ts +31 -0
package/dist/analyzers/core/scanner/fileScanner.d.ts.map +1 -0
package/dist/analyzers/core/scanner/fileScanner.js +199 -0
package/dist/analyzers/core/scanner/fileScanner.js.map +1 -0
package/dist/analyzers/core/scanner/index.d.ts +5 -0
package/dist/analyzers/core/scanner/index.d.ts.map +1 -0
package/dist/analyzers/core/scanner/index.js +21 -0
package/dist/analyzers/core/scanner/index.js.map +1 -0
package/dist/analyzers/core/scoring/index.d.ts +5 -0
package/dist/analyzers/core/scoring/index.d.ts.map +1 -0
package/dist/analyzers/core/scoring/index.js +21 -0
package/dist/analyzers/core/scoring/index.js.map +1 -0
package/dist/analyzers/core/scoring/riskScoring.d.ts +49 -0
package/dist/analyzers/core/scoring/riskScoring.d.ts.map +1 -0
package/dist/analyzers/core/scoring/riskScoring.js +180 -0
package/dist/analyzers/core/scoring/riskScoring.js.map +1 -0
package/dist/analyzers/core/securityScanner.d.ts +47 -0
package/dist/analyzers/core/securityScanner.d.ts.map +1 -0
package/dist/analyzers/core/securityScanner.js +298 -0
package/dist/analyzers/core/securityScanner.js.map +1 -0
package/dist/analyzers/csharp/csharpAnalyzer.d.ts +64 -0
package/dist/analyzers/csharp/csharpAnalyzer.d.ts.map +1 -0
package/dist/analyzers/csharp/csharpAnalyzer.js +232 -0
package/dist/analyzers/csharp/csharpAnalyzer.js.map +1 -0
package/dist/analyzers/csharp/index.d.ts +5 -0
package/dist/analyzers/csharp/index.d.ts.map +1 -0
package/dist/analyzers/csharp/index.js +21 -0
package/dist/analyzers/csharp/index.js.map +1 -0
package/dist/analyzers/iac/iacAnalyzer.d.ts +36 -0
package/dist/analyzers/iac/iacAnalyzer.d.ts.map +1 -0
package/dist/analyzers/iac/iacAnalyzer.js +182 -0
package/dist/analyzers/iac/iacAnalyzer.js.map +1 -0
package/dist/analyzers/iac/index.d.ts +5 -0
package/dist/analyzers/iac/index.d.ts.map +1 -0
package/dist/analyzers/iac/index.js +21 -0
package/dist/analyzers/iac/index.js.map +1 -0
package/dist/analyzers/index.d.ts +30 -0
package/dist/analyzers/index.d.ts.map +1 -0
package/dist/analyzers/index.js +80 -0
package/dist/analyzers/index.js.map +1 -0
package/dist/analyzers/java/index.d.ts +5 -0
package/dist/analyzers/java/index.d.ts.map +1 -0
package/dist/analyzers/java/index.js +21 -0
package/dist/analyzers/java/index.js.map +1 -0
package/dist/analyzers/java/javaAnalyzer.d.ts +64 -0
package/dist/analyzers/java/javaAnalyzer.d.ts.map +1 -0
package/dist/analyzers/java/javaAnalyzer.js +224 -0
package/dist/analyzers/java/javaAnalyzer.js.map +1 -0
package/dist/analyzers/javascript/astUtils.d.ts +170 -0
package/dist/analyzers/javascript/astUtils.d.ts.map +1 -0
package/dist/analyzers/javascript/astUtils.js +700 -0
package/dist/analyzers/javascript/astUtils.js.map +1 -0
package/dist/analyzers/javascript/index.d.ts +18 -0
package/dist/analyzers/javascript/index.d.ts.map +1 -0
package/dist/analyzers/javascript/index.js +50 -0
package/dist/analyzers/javascript/index.js.map +1 -0
package/dist/analyzers/javascript/javascriptAnalyzer.d.ts +111 -0
package/dist/analyzers/javascript/javascriptAnalyzer.d.ts.map +1 -0
package/dist/analyzers/javascript/javascriptAnalyzer.js +860 -0
package/dist/analyzers/javascript/javascriptAnalyzer.js.map +1 -0
package/dist/analyzers/javascript/malwareDetector.d.ts +102 -0
package/dist/analyzers/javascript/malwareDetector.d.ts.map +1 -0
package/dist/analyzers/javascript/malwareDetector.js +616 -0
package/dist/analyzers/javascript/malwareDetector.js.map +1 -0
package/dist/analyzers/javascript/packageJsonAnalyzer.d.ts +87 -0
package/dist/analyzers/javascript/packageJsonAnalyzer.d.ts.map +1 -0
package/dist/analyzers/javascript/packageJsonAnalyzer.js +553 -0
package/dist/analyzers/javascript/packageJsonAnalyzer.js.map +1 -0
package/dist/analyzers/javascript/taintAnalyzer.d.ts +120 -0
package/dist/analyzers/javascript/taintAnalyzer.d.ts.map +1 -0
package/dist/analyzers/javascript/taintAnalyzer.js +526 -0
package/dist/analyzers/javascript/taintAnalyzer.js.map +1 -0
package/dist/analyzers/php/index.d.ts +5 -0
package/dist/analyzers/php/index.d.ts.map +1 -0
package/dist/analyzers/php/index.js +21 -0
package/dist/analyzers/php/index.js.map +1 -0
package/dist/analyzers/php/phpAnalyzer.d.ts +56 -0
package/dist/analyzers/php/phpAnalyzer.d.ts.map +1 -0
package/dist/analyzers/php/phpAnalyzer.js +202 -0
package/dist/analyzers/php/phpAnalyzer.js.map +1 -0
package/dist/analyzers/python/index.d.ts +5 -0
package/dist/analyzers/python/index.d.ts.map +1 -0
package/dist/analyzers/python/index.js +21 -0
package/dist/analyzers/python/index.js.map +1 -0
package/dist/analyzers/python/pythonAnalyzer.d.ts +64 -0
package/dist/analyzers/python/pythonAnalyzer.d.ts.map +1 -0
package/dist/analyzers/python/pythonAnalyzer.js +226 -0
package/dist/analyzers/python/pythonAnalyzer.js.map +1 -0
package/dist/cli/index.d.ts +7 -0
package/dist/cli/index.d.ts.map +1 -0
package/dist/cli/index.js +281 -0
package/dist/cli/index.js.map +1 -0
package/dist/core/engine/index.d.ts +5 -0
package/dist/core/engine/index.d.ts.map +1 -0
package/dist/core/engine/index.js +21 -0
package/dist/core/engine/index.js.map +1 -0
package/dist/core/engine/ruleEngine.d.ts +46 -0
package/dist/core/engine/ruleEngine.d.ts.map +1 -0
package/dist/core/engine/ruleEngine.js +173 -0
package/dist/core/engine/ruleEngine.js.map +1 -0
package/dist/core/index.d.ts +8 -0
package/dist/core/index.d.ts.map +1 -0
package/dist/core/index.js +24 -0
package/dist/core/index.js.map +1 -0
package/dist/core/scanner/fileScanner.d.ts +31 -0
package/dist/core/scanner/fileScanner.d.ts.map +1 -0
package/dist/core/scanner/fileScanner.js +199 -0
package/dist/core/scanner/fileScanner.js.map +1 -0
package/dist/core/scanner/index.d.ts +5 -0
package/dist/core/scanner/index.d.ts.map +1 -0
package/dist/core/scanner/index.js +21 -0
package/dist/core/scanner/index.js.map +1 -0
package/dist/core/scoring/index.d.ts +5 -0
package/dist/core/scoring/index.d.ts.map +1 -0
package/dist/core/scoring/index.js +21 -0
package/dist/core/scoring/index.js.map +1 -0
package/dist/core/scoring/riskScoring.d.ts +49 -0
package/dist/core/scoring/riskScoring.d.ts.map +1 -0
package/dist/core/scoring/riskScoring.js +180 -0
package/dist/core/scoring/riskScoring.js.map +1 -0
package/dist/core/securityScanner.d.ts +47 -0
package/dist/core/securityScanner.d.ts.map +1 -0
package/dist/core/securityScanner.js +298 -0
package/dist/core/securityScanner.js.map +1 -0
package/dist/dependencies/aiDependencyAnalyzer.d.ts +96 -0
package/dist/dependencies/aiDependencyAnalyzer.d.ts.map +1 -0
package/dist/dependencies/aiDependencyAnalyzer.js +435 -0
package/dist/dependencies/aiDependencyAnalyzer.js.map +1 -0
package/dist/dependencies/database/cveDatabase.d.ts +32 -0
package/dist/dependencies/database/cveDatabase.d.ts.map +1 -0
package/dist/dependencies/database/cveDatabase.js +393 -0
package/dist/dependencies/database/cveDatabase.js.map +1 -0
package/dist/dependencies/database/index.d.ts +6 -0
package/dist/dependencies/database/index.d.ts.map +1 -0
package/dist/dependencies/database/index.js +22 -0
package/dist/dependencies/database/index.js.map +1 -0
package/dist/dependencies/database/maliciousPackages.d.ts +43 -0
package/dist/dependencies/database/maliciousPackages.d.ts.map +1 -0
package/dist/dependencies/database/maliciousPackages.js +279 -0
package/dist/dependencies/database/maliciousPackages.js.map +1 -0
package/dist/dependencies/dependencyAnalyzer.d.ts +74 -0
package/dist/dependencies/dependencyAnalyzer.d.ts.map +1 -0
package/dist/dependencies/dependencyAnalyzer.js +349 -0
package/dist/dependencies/dependencyAnalyzer.js.map +1 -0
package/dist/dependencies/detectors/index.d.ts +7 -0
package/dist/dependencies/detectors/index.d.ts.map +1 -0
package/dist/dependencies/detectors/index.js +28 -0
package/dist/dependencies/detectors/index.js.map +1 -0
package/dist/dependencies/detectors/securityStandards.d.ts +15 -0
package/dist/dependencies/detectors/securityStandards.d.ts.map +1 -0
package/dist/dependencies/detectors/securityStandards.js +178 -0
package/dist/dependencies/detectors/securityStandards.js.map +1 -0
package/dist/dependencies/detectors/vulnerabilityDetector.d.ts +53 -0
package/dist/dependencies/detectors/vulnerabilityDetector.d.ts.map +1 -0
package/dist/dependencies/detectors/vulnerabilityDetector.js +289 -0
package/dist/dependencies/detectors/vulnerabilityDetector.js.map +1 -0
package/dist/dependencies/index.d.ts +14 -0
package/dist/dependencies/index.d.ts.map +1 -0
package/dist/dependencies/index.js +43 -0
package/dist/dependencies/index.js.map +1 -0
package/dist/dependencies/installed/index.d.ts +8 -0
package/dist/dependencies/installed/index.d.ts.map +1 -0
package/dist/dependencies/installed/index.js +24 -0
package/dist/dependencies/installed/index.js.map +1 -0
package/dist/dependencies/installed/installedScanner.d.ts +91 -0
package/dist/dependencies/installed/installedScanner.d.ts.map +1 -0
package/dist/dependencies/installed/installedScanner.js +766 -0
package/dist/dependencies/installed/installedScanner.js.map +1 -0
package/dist/dependencies/installed/malwarePatterns.d.ts +32 -0
package/dist/dependencies/installed/malwarePatterns.d.ts.map +1 -0
package/dist/dependencies/installed/malwarePatterns.js +480 -0
package/dist/dependencies/installed/malwarePatterns.js.map +1 -0
package/dist/dependencies/installed/types.d.ts +274 -0
package/dist/dependencies/installed/types.d.ts.map +1 -0
package/dist/dependencies/installed/types.js +7 -0
package/dist/dependencies/installed/types.js.map +1 -0
package/dist/dependencies/parsers/base/baseParser.d.ts +44 -0
package/dist/dependencies/parsers/base/baseParser.d.ts.map +1 -0
package/dist/dependencies/parsers/base/baseParser.js +80 -0
package/dist/dependencies/parsers/base/baseParser.js.map +1 -0
package/dist/dependencies/parsers/base/index.d.ts +6 -0
package/dist/dependencies/parsers/base/index.d.ts.map +1 -0
package/dist/dependencies/parsers/base/index.js +27 -0
package/dist/dependencies/parsers/base/index.js.map +1 -0
package/dist/dependencies/parsers/cpp/cppParser.d.ts +36 -0
package/dist/dependencies/parsers/cpp/cppParser.d.ts.map +1 -0
package/dist/dependencies/parsers/cpp/cppParser.js +196 -0
package/dist/dependencies/parsers/cpp/cppParser.js.map +1 -0
package/dist/dependencies/parsers/cpp/index.d.ts +6 -0
package/dist/dependencies/parsers/cpp/index.d.ts.map +1 -0
package/dist/dependencies/parsers/cpp/index.js +27 -0
package/dist/dependencies/parsers/cpp/index.js.map +1 -0
package/dist/dependencies/parsers/csharp/csharpParser.d.ts +32 -0
package/dist/dependencies/parsers/csharp/csharpParser.d.ts.map +1 -0
package/dist/dependencies/parsers/csharp/csharpParser.js +125 -0
package/dist/dependencies/parsers/csharp/csharpParser.js.map +1 -0
package/dist/dependencies/parsers/csharp/index.d.ts +6 -0
package/dist/dependencies/parsers/csharp/index.d.ts.map +1 -0
package/dist/dependencies/parsers/csharp/index.js +27 -0
package/dist/dependencies/parsers/csharp/index.js.map +1 -0
package/dist/dependencies/parsers/index.d.ts +24 -0
package/dist/dependencies/parsers/index.d.ts.map +1 -0
package/dist/dependencies/parsers/index.js +69 -0
package/dist/dependencies/parsers/index.js.map +1 -0
package/dist/dependencies/parsers/java/index.d.ts +6 -0
package/dist/dependencies/parsers/java/index.d.ts.map +1 -0
package/dist/dependencies/parsers/java/index.js +27 -0
package/dist/dependencies/parsers/java/index.js.map +1 -0
package/dist/dependencies/parsers/java/javaParser.d.ts +32 -0
package/dist/dependencies/parsers/java/javaParser.d.ts.map +1 -0
package/dist/dependencies/parsers/java/javaParser.js +168 -0
package/dist/dependencies/parsers/java/javaParser.js.map +1 -0
package/dist/dependencies/parsers/javascript/index.d.ts +6 -0
package/dist/dependencies/parsers/javascript/index.d.ts.map +1 -0
package/dist/dependencies/parsers/javascript/index.js +27 -0
package/dist/dependencies/parsers/javascript/index.js.map +1 -0
package/dist/dependencies/parsers/javascript/javascriptParser.d.ts +55 -0
package/dist/dependencies/parsers/javascript/javascriptParser.d.ts.map +1 -0
package/dist/dependencies/parsers/javascript/javascriptParser.js +266 -0
package/dist/dependencies/parsers/javascript/javascriptParser.js.map +1 -0
package/dist/dependencies/parsers/php/index.d.ts +6 -0
package/dist/dependencies/parsers/php/index.d.ts.map +1 -0
package/dist/dependencies/parsers/php/index.js +27 -0
package/dist/dependencies/parsers/php/index.js.map +1 -0
package/dist/dependencies/parsers/php/phpParser.d.ts +35 -0
package/dist/dependencies/parsers/php/phpParser.d.ts.map +1 -0
package/dist/dependencies/parsers/php/phpParser.js +162 -0
package/dist/dependencies/parsers/php/phpParser.js.map +1 -0
package/dist/dependencies/parsers/python/index.d.ts +6 -0
package/dist/dependencies/parsers/python/index.d.ts.map +1 -0
package/dist/dependencies/parsers/python/index.js +27 -0
package/dist/dependencies/parsers/python/index.js.map +1 -0
package/dist/dependencies/parsers/python/pythonParser.d.ts +60 -0
package/dist/dependencies/parsers/python/pythonParser.d.ts.map +1 -0
package/dist/dependencies/parsers/python/pythonParser.js +336 -0
package/dist/dependencies/parsers/python/pythonParser.js.map +1 -0
package/dist/dependencies/types.d.ts +280 -0
package/dist/dependencies/types.d.ts.map +1 -0
package/dist/dependencies/types.js +59 -0
package/dist/dependencies/types.js.map +1 -0
package/dist/i18n/index.d.ts +2 -0
package/dist/i18n/index.d.ts.map +1 -0
package/dist/i18n/index.js +18 -0
package/dist/i18n/index.js.map +1 -0
package/dist/i18n/translations.d.ts +55 -0
package/dist/i18n/translations.d.ts.map +1 -0
package/dist/i18n/translations.js +119 -0
package/dist/i18n/translations.js.map +1 -0
package/dist/index.d.ts +14 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +36 -0
package/dist/index.js.map +1 -0
package/dist/reports/dependencyReportGenerator.d.ts +20 -0
package/dist/reports/dependencyReportGenerator.d.ts.map +1 -0
package/dist/reports/dependencyReportGenerator.js +690 -0
package/dist/reports/dependencyReportGenerator.js.map +1 -0
package/dist/reports/htmlReportGenerator.d.ts +43 -0
package/dist/reports/htmlReportGenerator.d.ts.map +1 -0
package/dist/reports/htmlReportGenerator.js +793 -0
package/dist/reports/htmlReportGenerator.js.map +1 -0
package/dist/reports/index.d.ts +7 -0
package/dist/reports/index.d.ts.map +1 -0
package/dist/reports/index.js +23 -0
package/dist/reports/index.js.map +1 -0
package/dist/reports/installedDepsReportGenerator.d.ts +14 -0
package/dist/reports/installedDepsReportGenerator.d.ts.map +1 -0
package/dist/reports/installedDepsReportGenerator.js +872 -0
package/dist/reports/installedDepsReportGenerator.js.map +1 -0
package/dist/rules/index.d.ts +31 -0
package/dist/rules/index.d.ts.map +1 -0
package/dist/rules/index.js +95 -0
package/dist/rules/index.js.map +1 -0
package/dist/rules/malware/categories/backdoors.d.ts +12 -0
package/dist/rules/malware/categories/backdoors.d.ts.map +1 -0
package/dist/rules/malware/categories/backdoors.js +163 -0
package/dist/rules/malware/categories/backdoors.js.map +1 -0
package/dist/rules/malware/categories/cryptominers.d.ts +13 -0
package/dist/rules/malware/categories/cryptominers.d.ts.map +1 -0
package/dist/rules/malware/categories/cryptominers.js +415 -0
package/dist/rules/malware/categories/cryptominers.js.map +1 -0
package/dist/rules/malware/categories/exfiltration.d.ts +20 -0
package/dist/rules/malware/categories/exfiltration.d.ts.map +1 -0
package/dist/rules/malware/categories/exfiltration.js +658 -0
package/dist/rules/malware/categories/exfiltration.js.map +1 -0
package/dist/rules/malware/categories/keyloggers.d.ts +19 -0
package/dist/rules/malware/categories/keyloggers.d.ts.map +1 -0
package/dist/rules/malware/categories/keyloggers.js +763 -0
package/dist/rules/malware/categories/keyloggers.js.map +1 -0
package/dist/rules/malware/categories/loaders.d.ts +20 -0
package/dist/rules/malware/categories/loaders.d.ts.map +1 -0
package/dist/rules/malware/categories/loaders.js +702 -0
package/dist/rules/malware/categories/loaders.js.map +1 -0
package/dist/rules/malware/categories/network.d.ts +19 -0
package/dist/rules/malware/categories/network.d.ts.map +1 -0
package/dist/rules/malware/categories/network.js +622 -0
package/dist/rules/malware/categories/network.js.map +1 -0
package/dist/rules/malware/categories/obfuscation.d.ts +22 -0
package/dist/rules/malware/categories/obfuscation.d.ts.map +1 -0
package/dist/rules/malware/categories/obfuscation.js +766 -0
package/dist/rules/malware/categories/obfuscation.js.map +1 -0
package/dist/rules/malware/constants/index.d.ts +281 -0
package/dist/rules/malware/constants/index.d.ts.map +1 -0
package/dist/rules/malware/constants/index.js +327 -0
package/dist/rules/malware/constants/index.js.map +1 -0
package/dist/rules/malware/engine/index.d.ts +178 -0
package/dist/rules/malware/engine/index.d.ts.map +1 -0
package/dist/rules/malware/engine/index.js +552 -0
package/dist/rules/malware/engine/index.js.map +1 -0
package/dist/rules/malware/index.d.ts +205 -0
package/dist/rules/malware/index.d.ts.map +1 -0
package/dist/rules/malware/index.js +837 -0
package/dist/rules/malware/index.js.map +1 -0
package/dist/rules/malware/scoring/index.d.ts +84 -0
package/dist/rules/malware/scoring/index.d.ts.map +1 -0
package/dist/rules/malware/scoring/index.js +441 -0
package/dist/rules/malware/scoring/index.js.map +1 -0
package/dist/rules/malware/types/index.d.ts +616 -0
package/dist/rules/malware/types/index.d.ts.map +1 -0
package/dist/rules/malware/types/index.js +155 -0
package/dist/rules/malware/types/index.js.map +1 -0
package/dist/rules/malware/utils/index.d.ts +117 -0
package/dist/rules/malware/utils/index.d.ts.map +1 -0
package/dist/rules/malware/utils/index.js +514 -0
package/dist/rules/malware/utils/index.js.map +1 -0
package/dist/rules/standards.d.ts +26 -0
package/dist/rules/standards.d.ts.map +1 -0
package/dist/rules/standards.js +352 -0
package/dist/rules/standards.js.map +1 -0
package/dist/rules/vulnerabilities/constants/index.d.ts +835 -0
package/dist/rules/vulnerabilities/constants/index.d.ts.map +1 -0
package/dist/rules/vulnerabilities/constants/index.js +544 -0
package/dist/rules/vulnerabilities/constants/index.js.map +1 -0
package/dist/rules/vulnerabilities/engine/index.d.ts +145 -0
package/dist/rules/vulnerabilities/engine/index.d.ts.map +1 -0
package/dist/rules/vulnerabilities/engine/index.js +581 -0
package/dist/rules/vulnerabilities/engine/index.js.map +1 -0
package/dist/rules/vulnerabilities/index.d.ts +148 -0
package/dist/rules/vulnerabilities/index.d.ts.map +1 -0
package/dist/rules/vulnerabilities/index.js +252 -0
package/dist/rules/vulnerabilities/index.js.map +1 -0
package/dist/rules/vulnerabilities/rules/authentication.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/authentication.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/authentication.js +419 -0
package/dist/rules/vulnerabilities/rules/authentication.js.map +1 -0
package/dist/rules/vulnerabilities/rules/commandInjection.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/commandInjection.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/commandInjection.js +300 -0
package/dist/rules/vulnerabilities/rules/commandInjection.js.map +1 -0
package/dist/rules/vulnerabilities/rules/csrf.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/csrf.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/csrf.js +261 -0
package/dist/rules/vulnerabilities/rules/csrf.js.map +1 -0
package/dist/rules/vulnerabilities/rules/deserialization.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/deserialization.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/deserialization.js +336 -0
package/dist/rules/vulnerabilities/rules/deserialization.js.map +1 -0
package/dist/rules/vulnerabilities/rules/fileUpload.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/fileUpload.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/fileUpload.js +325 -0
package/dist/rules/vulnerabilities/rules/fileUpload.js.map +1 -0
package/dist/rules/vulnerabilities/rules/hardcodedSecrets.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/hardcodedSecrets.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/hardcodedSecrets.js +446 -0
package/dist/rules/vulnerabilities/rules/hardcodedSecrets.js.map +1 -0
package/dist/rules/vulnerabilities/rules/index.d.ts +17 -0
package/dist/rules/vulnerabilities/rules/index.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/index.js +47 -0
package/dist/rules/vulnerabilities/rules/index.js.map +1 -0
package/dist/rules/vulnerabilities/rules/pathTraversal.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/pathTraversal.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/pathTraversal.js +351 -0
package/dist/rules/vulnerabilities/rules/pathTraversal.js.map +1 -0
package/dist/rules/vulnerabilities/rules/prototypePollution.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/prototypePollution.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/prototypePollution.js +272 -0
package/dist/rules/vulnerabilities/rules/prototypePollution.js.map +1 -0
package/dist/rules/vulnerabilities/rules/securityMisconfiguration.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/securityMisconfiguration.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/securityMisconfiguration.js +438 -0
package/dist/rules/vulnerabilities/rules/securityMisconfiguration.js.map +1 -0
package/dist/rules/vulnerabilities/rules/sqlInjection.d.ts +12 -0
package/dist/rules/vulnerabilities/rules/sqlInjection.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/sqlInjection.js +636 -0
package/dist/rules/vulnerabilities/rules/sqlInjection.js.map +1 -0
package/dist/rules/vulnerabilities/rules/ssrf.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/ssrf.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/ssrf.js +401 -0
package/dist/rules/vulnerabilities/rules/ssrf.js.map +1 -0
package/dist/rules/vulnerabilities/rules/xss.d.ts +11 -0
package/dist/rules/vulnerabilities/rules/xss.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/xss.js +724 -0
package/dist/rules/vulnerabilities/rules/xss.js.map +1 -0
package/dist/rules/vulnerabilities/scoring/index.d.ts +80 -0
package/dist/rules/vulnerabilities/scoring/index.d.ts.map +1 -0
package/dist/rules/vulnerabilities/scoring/index.js +414 -0
package/dist/rules/vulnerabilities/scoring/index.js.map +1 -0
package/dist/rules/vulnerabilities/types/index.d.ts +830 -0
package/dist/rules/vulnerabilities/types/index.d.ts.map +1 -0
package/dist/rules/vulnerabilities/types/index.js +164 -0
package/dist/rules/vulnerabilities/types/index.js.map +1 -0
package/dist/rules/vulnerabilities/utils/index.d.ts +206 -0
package/dist/rules/vulnerabilities/utils/index.d.ts.map +1 -0
package/dist/rules/vulnerabilities/utils/index.js +615 -0
package/dist/rules/vulnerabilities/utils/index.js.map +1 -0
package/dist/types/index.d.ts +359 -0
package/dist/types/index.d.ts.map +1 -0
package/dist/types/index.js +61 -0
package/dist/types/index.js.map +1 -0
package/dist/utils/index.d.ts +82 -0
package/dist/utils/index.d.ts.map +1 -0
package/dist/utils/index.js +326 -0
package/dist/utils/index.js.map +1 -0
package/dist/utils/logger.d.ts +40 -0
package/dist/utils/logger.d.ts.map +1 -0
package/dist/utils/logger.js +139 -0
package/dist/utils/logger.js.map +1 -0
package/docs/ARCHITECTURE.md +320 -0
package/docs/V1.2.1-IA_Performances.md +116 -0
package/docs/images/WIN_Defender.png +0 -0
package/package.json +68 -0
package/secure-scan.config.json +134 -0
package/secure-scan.sln +29 -0
package/src/ai/aiAnalyzer.ts +714 -0
package/src/ai/index.ts +5 -0
package/src/analyzers/base/baseAnalyzer.ts +66 -0
package/src/analyzers/base/index.ts +5 -0
package/src/analyzers/c-cpp/cppAnalyzer.ts +308 -0
package/src/analyzers/c-cpp/index.ts +5 -0
package/src/analyzers/core/engine/index.ts +5 -0
package/src/analyzers/core/engine/ruleEngine.ts +221 -0
package/src/analyzers/core/index.ts +8 -0
package/src/analyzers/core/scanner/fileScanner.ts +204 -0
package/src/analyzers/core/scanner/index.ts +5 -0
package/src/analyzers/core/scoring/index.ts +5 -0
package/src/analyzers/core/scoring/riskScoring.ts +198 -0
package/src/analyzers/core/securityScanner.ts +321 -0
package/src/analyzers/csharp/csharpAnalyzer.ts +328 -0
package/src/analyzers/csharp/index.ts +5 -0
package/src/analyzers/iac/iacAnalyzer.ts +318 -0
package/src/analyzers/iac/index.ts +5 -0
package/src/analyzers/index.ts +67 -0
package/src/analyzers/java/index.ts +5 -0
package/src/analyzers/java/javaAnalyzer.ts +320 -0
package/src/analyzers/javascript/PROMPT_JS_ANALYZER.md +267 -0
package/src/analyzers/javascript/astUtils.ts +789 -0
package/src/analyzers/javascript/index.ts +50 -0
package/src/analyzers/javascript/javascriptAnalyzer.ts +984 -0
package/src/analyzers/javascript/malwareDetector.ts +697 -0
package/src/analyzers/javascript/packageJsonAnalyzer.ts +626 -0
package/src/analyzers/javascript/taintAnalyzer.ts +630 -0
package/src/analyzers/php/index.ts +5 -0
package/src/analyzers/php/phpAnalyzer.ts +280 -0
package/src/analyzers/python/index.ts +5 -0
package/src/analyzers/python/pythonAnalyzer.ts +319 -0
package/src/cli/index.ts +276 -0
package/src/dependencies/aiDependencyAnalyzer.ts +496 -0
package/src/dependencies/database/cveDatabase.ts +426 -0
package/src/dependencies/database/index.ts +6 -0
package/src/dependencies/database/maliciousPackages.ts +286 -0
package/src/dependencies/dependencyAnalyzer.ts +394 -0
package/src/dependencies/detectors/index.ts +7 -0
package/src/dependencies/detectors/securityStandards.ts +200 -0
package/src/dependencies/detectors/vulnerabilityDetector.ts +343 -0
package/src/dependencies/index.ts +27 -0
package/src/dependencies/installed/index.ts +8 -0
package/src/dependencies/installed/installedScanner.ts +821 -0
package/src/dependencies/installed/malwarePatterns.ts +492 -0
package/src/dependencies/installed/types.ts +287 -0
package/src/dependencies/parsers/base/baseParser.ts +108 -0
package/src/dependencies/parsers/base/index.ts +6 -0
package/src/dependencies/parsers/cpp/cppParser.ts +245 -0
package/src/dependencies/parsers/cpp/index.ts +6 -0
package/src/dependencies/parsers/csharp/csharpParser.ts +151 -0
package/src/dependencies/parsers/csharp/index.ts +6 -0
package/src/dependencies/parsers/index.ts +56 -0
package/src/dependencies/parsers/java/index.ts +6 -0
package/src/dependencies/parsers/java/javaParser.ts +203 -0
package/src/dependencies/parsers/javascript/index.ts +6 -0
package/src/dependencies/parsers/javascript/javascriptParser.ts +362 -0
package/src/dependencies/parsers/php/index.ts +6 -0
package/src/dependencies/parsers/php/phpParser.ts +208 -0
package/src/dependencies/parsers/python/index.ts +6 -0
package/src/dependencies/parsers/python/pythonParser.ts +437 -0
package/src/dependencies/types.ts +330 -0
package/src/i18n/index.ts +1 -0
package/src/i18n/translations.ts +194 -0
package/src/index.ts +16 -0
package/src/reports/dependencyReportGenerator.ts +717 -0
package/src/reports/htmlReportGenerator.ts +781 -0
package/src/reports/index.ts +7 -0
package/src/reports/installedDepsReportGenerator.ts +899 -0
package/src/rules/index.ts +58 -0
package/src/rules/malware/INFO.md +287 -0
package/src/rules/malware/categories/backdoors.ts +174 -0
package/src/rules/malware/categories/cryptominers.ts +434 -0
package/src/rules/malware/categories/exfiltration.ts +677 -0
package/src/rules/malware/categories/keyloggers.ts +780 -0
package/src/rules/malware/categories/loaders.ts +721 -0
package/src/rules/malware/categories/network.ts +639 -0
package/src/rules/malware/categories/obfuscation.ts +788 -0
package/src/rules/malware/constants/index.ts +358 -0
package/src/rules/malware/engine/index.ts +758 -0
package/src/rules/malware/index.ts +928 -0
package/src/rules/malware/scoring/index.ts +549 -0
package/src/rules/malware/types/index.ts +752 -0
package/src/rules/malware/utils/index.ts +643 -0
package/src/rules/standards.ts +372 -0
package/src/rules/vulnerabilities/PROMPT_VULNERABILITIES.md +226 -0
package/src/rules/vulnerabilities/constants/index.ts +625 -0
package/src/rules/vulnerabilities/engine/index.ts +831 -0
package/src/rules/vulnerabilities/index.ts +312 -0
package/src/rules/vulnerabilities/rules/authentication.ts +426 -0
package/src/rules/vulnerabilities/rules/commandInjection.ts +307 -0
package/src/rules/vulnerabilities/rules/csrf.ts +268 -0
package/src/rules/vulnerabilities/rules/deserialization.ts +343 -0
package/src/rules/vulnerabilities/rules/fileUpload.ts +332 -0
package/src/rules/vulnerabilities/rules/hardcodedSecrets.ts +453 -0
package/src/rules/vulnerabilities/rules/index.ts +17 -0
package/src/rules/vulnerabilities/rules/pathTraversal.ts +358 -0
package/src/rules/vulnerabilities/rules/prototypePollution.ts +279 -0
package/src/rules/vulnerabilities/rules/securityMisconfiguration.ts +445 -0
package/src/rules/vulnerabilities/rules/sqlInjection.ts +669 -0
package/src/rules/vulnerabilities/rules/ssrf.ts +408 -0
package/src/rules/vulnerabilities/rules/xss.ts +753 -0
package/src/rules/vulnerabilities/scoring/index.ts +543 -0
package/src/rules/vulnerabilities/types/index.ts +1004 -0
package/src/rules/vulnerabilities/utils/index.ts +709 -0
package/src/types/index.ts +391 -0
package/src/utils/index.ts +306 -0
package/src/utils/logger.ts +150 -0
package/test-installed-scanner.ts +136 -0
package/tsconfig.json +30 -0

package/src/rules/standards.ts ADDED Viewed

@@ -0,0 +1,372 @@
+/**
+ * Security Standards Database
+ * OWASP Top 10, CWE, MITRE ATT&CK, SANS Top 25
+ */
+import { SecurityStandard, ThreatType } from '../types';
+/**
+ * OWASP Top 10 2021
+ */
+export const OWASP_TOP_10: Record<string, SecurityStandard> = {
+  'A01:2021': {
+    name: 'OWASP',
+    id: 'A01:2021',
+    title: 'Broken Access Control',
+    description: 'Access control enforces policy such that users cannot act outside of their intended permissions.',
+    url: 'https://owasp.org/Top10/A01_2021-Broken_Access_Control/'
+  },
+  'A02:2021': {
+    name: 'OWASP',
+    id: 'A02:2021',
+    title: 'Cryptographic Failures',
+    description: 'Failures related to cryptography which often lead to sensitive data exposure.',
+    url: 'https://owasp.org/Top10/A02_2021-Cryptographic_Failures/'
+  },
+  'A03:2021': {
+    name: 'OWASP',
+    id: 'A03:2021',
+    title: 'Injection',
+    description: 'User-supplied data is not validated, filtered, or sanitized by the application.',
+    url: 'https://owasp.org/Top10/A03_2021-Injection/'
+  },
+  'A04:2021': {
+    name: 'OWASP',
+    id: 'A04:2021',
+    title: 'Insecure Design',
+    description: 'Missing or ineffective control design.',
+    url: 'https://owasp.org/Top10/A04_2021-Insecure_Design/'
+  },
+  'A05:2021': {
+    name: 'OWASP',
+    id: 'A05:2021',
+    title: 'Security Misconfiguration',
+    description: 'Missing appropriate security hardening or improperly configured permissions.',
+    url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/'
+  },
+  'A06:2021': {
+    name: 'OWASP',
+    id: 'A06:2021',
+    title: 'Vulnerable and Outdated Components',
+    description: 'Using components with known vulnerabilities.',
+    url: 'https://owasp.org/Top10/A06_2021-Vulnerable_and_Outdated_Components/'
+  },
+  'A07:2021': {
+    name: 'OWASP',
+    id: 'A07:2021',
+    title: 'Identification and Authentication Failures',
+    description: 'Confirmation of user identity, authentication, and session management.',
+    url: 'https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures/'
+  },
+  'A08:2021': {
+    name: 'OWASP',
+    id: 'A08:2021',
+    title: 'Software and Data Integrity Failures',
+    description: 'Code and infrastructure that does not protect against integrity violations.',
+    url: 'https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures/'
+  },
+  'A09:2021': {
+    name: 'OWASP',
+    id: 'A09:2021',
+    title: 'Security Logging and Monitoring Failures',
+    description: 'Insufficient logging, detection, monitoring, and active response.',
+    url: 'https://owasp.org/Top10/A09_2021-Security_Logging_and_Monitoring_Failures/'
+  },
+  'A10:2021': {
+    name: 'OWASP',
+    id: 'A10:2021',
+    title: 'Server-Side Request Forgery (SSRF)',
+    description: 'SSRF flaws occur when a web application fetches a remote resource without validating the user-supplied URL.',
+    url: 'https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29/'
+  }
+};
+/**
+ * Common Weakness Enumeration (CWE)
+ */
+export const CWE_DATABASE: Record<string, SecurityStandard> = {
+  'CWE-79': {
+    name: 'CWE',
+    id: 'CWE-79',
+    title: 'Improper Neutralization of Input During Web Page Generation (XSS)',
+    description: 'The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page.',
+    url: 'https://cwe.mitre.org/data/definitions/79.html'
+  },
+  'CWE-89': {
+    name: 'CWE',
+    id: 'CWE-89',
+    title: 'SQL Injection',
+    description: 'The software constructs SQL commands using externally-influenced input from an upstream component.',
+    url: 'https://cwe.mitre.org/data/definitions/89.html'
+  },
+  'CWE-78': {
+    name: 'CWE',
+    id: 'CWE-78',
+    title: 'OS Command Injection',
+    description: 'The software constructs OS commands using externally-influenced input without proper neutralization.',
+    url: 'https://cwe.mitre.org/data/definitions/78.html'
+  },
+  'CWE-94': {
+    name: 'CWE',
+    id: 'CWE-94',
+    title: 'Improper Control of Generation of Code (Code Injection)',
+    description: 'The software constructs code segments using externally-influenced input without proper neutralization.',
+    url: 'https://cwe.mitre.org/data/definitions/94.html'
+  },
+  'CWE-502': {
+    name: 'CWE',
+    id: 'CWE-502',
+    title: 'Deserialization of Untrusted Data',
+    description: 'The application deserializes untrusted data without sufficiently verifying that the resulting data will be valid.',
+    url: 'https://cwe.mitre.org/data/definitions/502.html'
+  },
+  'CWE-798': {
+    name: 'CWE',
+    id: 'CWE-798',
+    title: 'Use of Hard-coded Credentials',
+    description: 'The software contains hard-coded credentials, such as passwords or cryptographic keys.',
+    url: 'https://cwe.mitre.org/data/definitions/798.html'
+  },
+  'CWE-22': {
+    name: 'CWE',
+    id: 'CWE-22',
+    title: 'Path Traversal',
+    description: 'The software uses external input to construct a pathname without proper neutralization.',
+    url: 'https://cwe.mitre.org/data/definitions/22.html'
+  },
+  'CWE-327': {
+    name: 'CWE',
+    id: 'CWE-327',
+    title: 'Use of a Broken or Risky Cryptographic Algorithm',
+    description: 'The use of a broken or risky cryptographic algorithm is an unnecessary risk.',
+    url: 'https://cwe.mitre.org/data/definitions/327.html'
+  },
+  'CWE-330': {
+    name: 'CWE',
+    id: 'CWE-330',
+    title: 'Use of Insufficiently Random Values',
+    description: 'The software uses insufficiently random numbers or values in a security context.',
+    url: 'https://cwe.mitre.org/data/definitions/330.html'
+  },
+  'CWE-352': {
+    name: 'CWE',
+    id: 'CWE-352',
+    title: 'Cross-Site Request Forgery (CSRF)',
+    description: 'The web application does not verify that the request was intentionally provided by the user.',
+    url: 'https://cwe.mitre.org/data/definitions/352.html'
+  },
+  'CWE-90': {
+    name: 'CWE',
+    id: 'CWE-90',
+    title: 'LDAP Injection',
+    description: 'The software constructs LDAP statements using externally-influenced input.',
+    url: 'https://cwe.mitre.org/data/definitions/90.html'
+  },
+  'CWE-200': {
+    name: 'CWE',
+    id: 'CWE-200',
+    title: 'Exposure of Sensitive Information',
+    description: 'The software exposes sensitive information to an actor not authorized to have access.',
+    url: 'https://cwe.mitre.org/data/definitions/200.html'
+  },
+  'CWE-506': {
+    name: 'CWE',
+    id: 'CWE-506',
+    title: 'Embedded Malicious Code',
+    description: 'The application contains code that appears to be malicious in nature.',
+    url: 'https://cwe.mitre.org/data/definitions/506.html'
+  },
+  'CWE-912': {
+    name: 'CWE',
+    id: 'CWE-912',
+    title: 'Hidden Functionality',
+    description: 'The software contains functionality that is not documented or accessible through the intended interface.',
+    url: 'https://cwe.mitre.org/data/definitions/912.html'
+  }
+};
+/**
+ * MITRE ATT&CK Techniques
+ */
+export const MITRE_ATTACK: Record<string, SecurityStandard> = {
+  'T1059': {
+    name: 'MITRE',
+    id: 'T1059',
+    title: 'Command and Scripting Interpreter',
+    description: 'Adversaries may abuse command and script interpreters to execute commands.',
+    url: 'https://attack.mitre.org/techniques/T1059/'
+  },
+  'T1071': {
+    name: 'MITRE',
+    id: 'T1071',
+    title: 'Application Layer Protocol',
+    description: 'Adversaries may communicate using application layer protocols to avoid detection.',
+    url: 'https://attack.mitre.org/techniques/T1071/'
+  },
+  'T1027': {
+    name: 'MITRE',
+    id: 'T1027',
+    title: 'Obfuscated Files or Information',
+    description: 'Adversaries may attempt to make files or information difficult to discover or analyze.',
+    url: 'https://attack.mitre.org/techniques/T1027/'
+  },
+  'T1132': {
+    name: 'MITRE',
+    id: 'T1132',
+    title: 'Data Encoding',
+    description: 'Adversaries may encode data to make the content of command and control traffic more difficult to detect.',
+    url: 'https://attack.mitre.org/techniques/T1132/'
+  },
+  'T1041': {
+    name: 'MITRE',
+    id: 'T1041',
+    title: 'Exfiltration Over C2 Channel',
+    description: 'Adversaries may steal data by exfiltrating it over an existing command and control channel.',
+    url: 'https://attack.mitre.org/techniques/T1041/'
+  },
+  'T1496': {
+    name: 'MITRE',
+    id: 'T1496',
+    title: 'Resource Hijacking',
+    description: 'Adversaries may leverage the resources of systems to mine cryptocurrency.',
+    url: 'https://attack.mitre.org/techniques/T1496/'
+  },
+  'T1056': {
+    name: 'MITRE',
+    id: 'T1056',
+    title: 'Input Capture',
+    description: 'Adversaries may use methods of capturing user input to obtain credentials or collect information.',
+    url: 'https://attack.mitre.org/techniques/T1056/'
+  }
+};
+/**
+ * SANS Top 25
+ */
+export const SANS_TOP_25: Record<string, SecurityStandard> = {
+  'SANS-1': {
+    name: 'SANS',
+    id: 'SANS-1',
+    title: 'Out-of-bounds Write',
+    description: 'Writing data past the end, or before the beginning, of the intended buffer.',
+    url: 'https://www.sans.org/top25-software-errors/'
+  },
+  'SANS-2': {
+    name: 'SANS',
+    id: 'SANS-2',
+    title: 'Improper Neutralization of Input During Web Page Generation',
+    description: 'Cross-site scripting (XSS) vulnerabilities.',
+    url: 'https://www.sans.org/top25-software-errors/'
+  },
+  'SANS-3': {
+    name: 'SANS',
+    id: 'SANS-3',
+    title: 'SQL Injection',
+    description: 'SQL injection vulnerabilities in database queries.',
+    url: 'https://www.sans.org/top25-software-errors/'
+  }
+};
+/**
+ * Map threat types to relevant security standards
+ */
+export function getStandardsForThreat(threatType: ThreatType): SecurityStandard[] {
+  const standards: SecurityStandard[] = [];
+  switch (threatType) {
+    case ThreatType.SQL_INJECTION:
+      standards.push(OWASP_TOP_10['A03:2021']);
+      standards.push(CWE_DATABASE['CWE-89']);
+      standards.push(SANS_TOP_25['SANS-3']);
+      break;
+    case ThreatType.COMMAND_INJECTION:
+      standards.push(OWASP_TOP_10['A03:2021']);
+      standards.push(CWE_DATABASE['CWE-78']);
+      standards.push(MITRE_ATTACK['T1059']);
+      break;
+    case ThreatType.XSS:
+      standards.push(OWASP_TOP_10['A03:2021']);
+      standards.push(CWE_DATABASE['CWE-79']);
+      standards.push(SANS_TOP_25['SANS-2']);
+      break;
+    case ThreatType.CSRF:
+      standards.push(OWASP_TOP_10['A01:2021']);
+      standards.push(CWE_DATABASE['CWE-352']);
+      break;
+    case ThreatType.INSECURE_DESERIALIZATION:
+      standards.push(OWASP_TOP_10['A08:2021']);
+      standards.push(CWE_DATABASE['CWE-502']);
+      break;
+    case ThreatType.HARDCODED_CREDENTIALS:
+      standards.push(OWASP_TOP_10['A07:2021']);
+      standards.push(CWE_DATABASE['CWE-798']);
+      break;
+    case ThreatType.PATH_TRAVERSAL:
+      standards.push(OWASP_TOP_10['A01:2021']);
+      standards.push(CWE_DATABASE['CWE-22']);
+      break;
+    case ThreatType.LDAP_INJECTION:
+      standards.push(OWASP_TOP_10['A03:2021']);
+      standards.push(CWE_DATABASE['CWE-90']);
+      break;
+    case ThreatType.INSECURE_CRYPTO:
+      standards.push(OWASP_TOP_10['A02:2021']);
+      standards.push(CWE_DATABASE['CWE-327']);
+      break;
+    case ThreatType.WEAK_RANDOM:
+      standards.push(OWASP_TOP_10['A02:2021']);
+      standards.push(CWE_DATABASE['CWE-330']);
+      break;
+    case ThreatType.DANGEROUS_FUNCTION:
+      standards.push(OWASP_TOP_10['A03:2021']);
+      standards.push(CWE_DATABASE['CWE-94']);
+      break;
+    case ThreatType.BACKDOOR:
+    case ThreatType.REVERSE_SHELL:
+      standards.push(CWE_DATABASE['CWE-506']);
+      standards.push(CWE_DATABASE['CWE-912']);
+      standards.push(MITRE_ATTACK['T1059']);
+      break;
+    case ThreatType.OBFUSCATED_CODE:
+      standards.push(CWE_DATABASE['CWE-506']);
+      standards.push(MITRE_ATTACK['T1027']);
+      break;
+    case ThreatType.CRYPTOMINER:
+      standards.push(CWE_DATABASE['CWE-506']);
+      standards.push(MITRE_ATTACK['T1496']);
+      break;
+    case ThreatType.KEYLOGGER:
+      standards.push(CWE_DATABASE['CWE-506']);
+      standards.push(MITRE_ATTACK['T1056']);
+      break;
+    case ThreatType.DATA_EXFILTRATION:
+      standards.push(CWE_DATABASE['CWE-200']);
+      standards.push(MITRE_ATTACK['T1041']);
+      break;
+    case ThreatType.INFORMATION_DISCLOSURE:
+      standards.push(OWASP_TOP_10['A01:2021']);
+      standards.push(CWE_DATABASE['CWE-200']);
+      break;
+    default:
+      standards.push(OWASP_TOP_10['A05:2021']);
+  }
+  return standards.filter(s => s !== undefined);
+}

package/src/rules/vulnerabilities/PROMPT_VULNERABILITIES.md ADDED Viewed

@@ -0,0 +1,226 @@
+# PROMPT – Diseño y Mejora del Módulo de Reglas de Vulnerabilidades
+## Secure-Scan – src/rules/vulnerabilities
+Asume el rol combinado de:
+- AppSec Engineer
+- Security Architect
+- SAST Engine Designer
+- Auditor de Seguridad
+con experiencia en herramientas SAST empresariales, OWASP, CWE, MITRE ATT&CK y análisis estático avanzado.
+---
+## 🎯 Objetivo General
+Diseñar e implementar el módulo `src/rules/vulnerabilities`, encargado de la **detección avanzada de vulnerabilidades de seguridad** en proyectos de software, sin ejecutar el código.
+El módulo debe priorizar:
+- Alta cobertura de reglas
+- Alta precisión (mínimos falsos positivos)
+- Detección temprana
+- Explicaciones claras (auditoría + developer-friendly)
+- Soporte multi-lenguaje
+- Escalabilidad y arquitectura modular
+---
+## 🧩 Alcance del Módulo
+El módulo debe detectar:
+### 🔹 Vulnerabilidades de código
+- Errores de validación de entrada
+- Flujos peligrosos de datos
+- Uso inseguro de APIs
+### 🔹 Configuración insegura
+- Archivos YAML / JSON / ENV
+- Configuraciones débiles o peligrosas
+### 🔹 Infraestructura
+- Dockerfiles
+- CI/CD pipelines
+- Archivos de automatización
+---
+## 📚 Estándares Obligatorios
+Cada regla de vulnerabilidad DEBE mapearse cuando aplique a:
+- OWASP Top 10
+- CWE
+- SANS Top 25
+- MITRE ATT&CK
+- CVEs reales (si existen)
+---
+## 🗂️ Clasificación de Vulnerabilidades
+Las vulnerabilidades deben organizarse por:
+- Tipo:
+  - Injection
+  - XSS
+  - Auth / Session
+  - Configuración
+  - Deserialización
+  - Path / File
+- Lenguaje:
+  - JavaScript / TypeScript
+  - Python
+  - PHP
+  - Java
+  - C / C++
+  - C#
+---
+## 🧪 Vulnerabilidades a Implementar Inicialmente
+Crear reglas dedicadas para:
+- SQL Injection
+- Command Injection
+- XSS (DOM, Reflected, Stored)
+- CSRF
+- SSRF
+- Insecure Deserialization
+- Path Traversal
+- Prototype Pollution
+- Insecure Authentication / Session
+- Hardcoded Secrets
+- Unsafe File Upload
+- Security Misconfigurations
+---
+## 🔍 Nivel de Análisis Técnico
+El análisis debe ser **híbrido**, combinando:
+- Regex (fallback)
+- AST
+- CFG / Call Graph
+- Taint Analysis (fuentes → sinks)
+Ejemplos de flujos reales a detectar:
+- `req.body → exec`
+- `userInput → innerHTML`
+- `env → system()`
+Se permite introducir **nuevos analizadores** además de reutilizar los existentes.
+---
+## 🧱 Arquitectura del Módulo (Requisito Crítico)
+### Principios
+- Arquitectura modular
+- Separación clara entre:
+  - Definición de reglas
+  - Lógica de detección
+  - Engine de ejecución
+### Modelo de Regla
+Cada vulnerabilidad debe tener:
+- Un archivo de **regla**
+- Un archivo de **detector**
+Las reglas deben poder:
+- Tener múltiples patrones
+- Ajustar severidad según contexto
+- Correlacionarse con reglas de malware
+---
+## 📁 Estructura de Carpetas Esperada
+Usar estructura **flat** dentro de `/vulnerabilities`, con un punto central:
+src/rules/vulnerabilities/
+├── index.ts # Registro central de reglas
+├── vulnerabilityRule.ts # Interfaces base
+├── engine.ts # Rule engine reutilizable
+├── sqlInjection.ts
+├── xss.ts
+├── csrf.ts
+├── ssrf.ts
+├── misconfig.ts
+└── tests/
+---
+## ⚖️ Severidad y Scoring
+La severidad será **mixta**:
+- Base definida en la regla
+- Ajustada dinámicamente por contexto
+Implementar `vulnerabilityScore` considerando:
+- Explotabilidad
+- Impacto técnico
+- Impacto al negocio
+- Contexto (prod vs dev)
+---
+## 📊 Hallazgos y Reportes
+Cada hallazgo DEBE incluir:
+- Fragmento exacto del código vulnerable
+- Flujo de datos detectado
+- Severidad final
+- Vulnerability score
+- Referencias OWASP / CWE
+- Explicación nivel auditoría
+- Contexto entendible para desarrolladores
+---
+## 🧪 Calidad del Código y Testing
+El código generado debe:
+- Seguir principios SOLID
+- Ser extensible y mantenible
+- Permitir testing aislado por regla
+Tests requeridos:
+- Golden tests con código vulnerable real
+- Casos límite para falsos positivos
+---
+## ⚡ Performance y Seguridad
+El motor de vulnerabilidades debe incluir:
+- Timeouts por regla
+- Límite de nodos AST analizados
+- Protección contra ReDoS
+- Ejecución paralela segura
+No degradar precisión aunque el archivo sea grande o minificado.
+---
+## ✅ Resultado Esperado
+Un módulo de vulnerabilidades:
+- De nivel enterprise
+- Comparable a SAST comerciales
+- Modular, extensible y auditable
+- Preparado para escalar a SaaS
+⚠️ El análisis debe ser estrictamente estático. Nunca ejecutar código analizado.