secure-scan 1.2.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (569) hide show
  1. package/README.md +564 -0
  2. package/dist/ai/aiAnalyzer.d.ts +99 -0
  3. package/dist/ai/aiAnalyzer.d.ts.map +1 -0
  4. package/dist/ai/aiAnalyzer.js +669 -0
  5. package/dist/ai/aiAnalyzer.js.map +1 -0
  6. package/dist/ai/index.d.ts +5 -0
  7. package/dist/ai/index.d.ts.map +1 -0
  8. package/dist/ai/index.js +21 -0
  9. package/dist/ai/index.js.map +1 -0
  10. package/dist/analyzers/base/baseAnalyzer.d.ts +44 -0
  11. package/dist/analyzers/base/baseAnalyzer.d.ts.map +1 -0
  12. package/dist/analyzers/base/baseAnalyzer.js +53 -0
  13. package/dist/analyzers/base/baseAnalyzer.js.map +1 -0
  14. package/dist/analyzers/base/index.d.ts +5 -0
  15. package/dist/analyzers/base/index.d.ts.map +1 -0
  16. package/dist/analyzers/base/index.js +21 -0
  17. package/dist/analyzers/base/index.js.map +1 -0
  18. package/dist/analyzers/c-cpp/cppAnalyzer.d.ts +60 -0
  19. package/dist/analyzers/c-cpp/cppAnalyzer.d.ts.map +1 -0
  20. package/dist/analyzers/c-cpp/cppAnalyzer.js +218 -0
  21. package/dist/analyzers/c-cpp/cppAnalyzer.js.map +1 -0
  22. package/dist/analyzers/c-cpp/index.d.ts +5 -0
  23. package/dist/analyzers/c-cpp/index.d.ts.map +1 -0
  24. package/dist/analyzers/c-cpp/index.js +21 -0
  25. package/dist/analyzers/c-cpp/index.js.map +1 -0
  26. package/dist/analyzers/core/engine/index.d.ts +5 -0
  27. package/dist/analyzers/core/engine/index.d.ts.map +1 -0
  28. package/dist/analyzers/core/engine/index.js +21 -0
  29. package/dist/analyzers/core/engine/index.js.map +1 -0
  30. package/dist/analyzers/core/engine/ruleEngine.d.ts +46 -0
  31. package/dist/analyzers/core/engine/ruleEngine.d.ts.map +1 -0
  32. package/dist/analyzers/core/engine/ruleEngine.js +173 -0
  33. package/dist/analyzers/core/engine/ruleEngine.js.map +1 -0
  34. package/dist/analyzers/core/index.d.ts +8 -0
  35. package/dist/analyzers/core/index.d.ts.map +1 -0
  36. package/dist/analyzers/core/index.js +24 -0
  37. package/dist/analyzers/core/index.js.map +1 -0
  38. package/dist/analyzers/core/scanner/fileScanner.d.ts +31 -0
  39. package/dist/analyzers/core/scanner/fileScanner.d.ts.map +1 -0
  40. package/dist/analyzers/core/scanner/fileScanner.js +199 -0
  41. package/dist/analyzers/core/scanner/fileScanner.js.map +1 -0
  42. package/dist/analyzers/core/scanner/index.d.ts +5 -0
  43. package/dist/analyzers/core/scanner/index.d.ts.map +1 -0
  44. package/dist/analyzers/core/scanner/index.js +21 -0
  45. package/dist/analyzers/core/scanner/index.js.map +1 -0
  46. package/dist/analyzers/core/scoring/index.d.ts +5 -0
  47. package/dist/analyzers/core/scoring/index.d.ts.map +1 -0
  48. package/dist/analyzers/core/scoring/index.js +21 -0
  49. package/dist/analyzers/core/scoring/index.js.map +1 -0
  50. package/dist/analyzers/core/scoring/riskScoring.d.ts +49 -0
  51. package/dist/analyzers/core/scoring/riskScoring.d.ts.map +1 -0
  52. package/dist/analyzers/core/scoring/riskScoring.js +180 -0
  53. package/dist/analyzers/core/scoring/riskScoring.js.map +1 -0
  54. package/dist/analyzers/core/securityScanner.d.ts +47 -0
  55. package/dist/analyzers/core/securityScanner.d.ts.map +1 -0
  56. package/dist/analyzers/core/securityScanner.js +298 -0
  57. package/dist/analyzers/core/securityScanner.js.map +1 -0
  58. package/dist/analyzers/csharp/csharpAnalyzer.d.ts +64 -0
  59. package/dist/analyzers/csharp/csharpAnalyzer.d.ts.map +1 -0
  60. package/dist/analyzers/csharp/csharpAnalyzer.js +232 -0
  61. package/dist/analyzers/csharp/csharpAnalyzer.js.map +1 -0
  62. package/dist/analyzers/csharp/index.d.ts +5 -0
  63. package/dist/analyzers/csharp/index.d.ts.map +1 -0
  64. package/dist/analyzers/csharp/index.js +21 -0
  65. package/dist/analyzers/csharp/index.js.map +1 -0
  66. package/dist/analyzers/iac/iacAnalyzer.d.ts +36 -0
  67. package/dist/analyzers/iac/iacAnalyzer.d.ts.map +1 -0
  68. package/dist/analyzers/iac/iacAnalyzer.js +182 -0
  69. package/dist/analyzers/iac/iacAnalyzer.js.map +1 -0
  70. package/dist/analyzers/iac/index.d.ts +5 -0
  71. package/dist/analyzers/iac/index.d.ts.map +1 -0
  72. package/dist/analyzers/iac/index.js +21 -0
  73. package/dist/analyzers/iac/index.js.map +1 -0
  74. package/dist/analyzers/index.d.ts +30 -0
  75. package/dist/analyzers/index.d.ts.map +1 -0
  76. package/dist/analyzers/index.js +80 -0
  77. package/dist/analyzers/index.js.map +1 -0
  78. package/dist/analyzers/java/index.d.ts +5 -0
  79. package/dist/analyzers/java/index.d.ts.map +1 -0
  80. package/dist/analyzers/java/index.js +21 -0
  81. package/dist/analyzers/java/index.js.map +1 -0
  82. package/dist/analyzers/java/javaAnalyzer.d.ts +64 -0
  83. package/dist/analyzers/java/javaAnalyzer.d.ts.map +1 -0
  84. package/dist/analyzers/java/javaAnalyzer.js +224 -0
  85. package/dist/analyzers/java/javaAnalyzer.js.map +1 -0
  86. package/dist/analyzers/javascript/astUtils.d.ts +170 -0
  87. package/dist/analyzers/javascript/astUtils.d.ts.map +1 -0
  88. package/dist/analyzers/javascript/astUtils.js +700 -0
  89. package/dist/analyzers/javascript/astUtils.js.map +1 -0
  90. package/dist/analyzers/javascript/index.d.ts +18 -0
  91. package/dist/analyzers/javascript/index.d.ts.map +1 -0
  92. package/dist/analyzers/javascript/index.js +50 -0
  93. package/dist/analyzers/javascript/index.js.map +1 -0
  94. package/dist/analyzers/javascript/javascriptAnalyzer.d.ts +111 -0
  95. package/dist/analyzers/javascript/javascriptAnalyzer.d.ts.map +1 -0
  96. package/dist/analyzers/javascript/javascriptAnalyzer.js +860 -0
  97. package/dist/analyzers/javascript/javascriptAnalyzer.js.map +1 -0
  98. package/dist/analyzers/javascript/malwareDetector.d.ts +102 -0
  99. package/dist/analyzers/javascript/malwareDetector.d.ts.map +1 -0
  100. package/dist/analyzers/javascript/malwareDetector.js +616 -0
  101. package/dist/analyzers/javascript/malwareDetector.js.map +1 -0
  102. package/dist/analyzers/javascript/packageJsonAnalyzer.d.ts +87 -0
  103. package/dist/analyzers/javascript/packageJsonAnalyzer.d.ts.map +1 -0
  104. package/dist/analyzers/javascript/packageJsonAnalyzer.js +553 -0
  105. package/dist/analyzers/javascript/packageJsonAnalyzer.js.map +1 -0
  106. package/dist/analyzers/javascript/taintAnalyzer.d.ts +120 -0
  107. package/dist/analyzers/javascript/taintAnalyzer.d.ts.map +1 -0
  108. package/dist/analyzers/javascript/taintAnalyzer.js +526 -0
  109. package/dist/analyzers/javascript/taintAnalyzer.js.map +1 -0
  110. package/dist/analyzers/php/index.d.ts +5 -0
  111. package/dist/analyzers/php/index.d.ts.map +1 -0
  112. package/dist/analyzers/php/index.js +21 -0
  113. package/dist/analyzers/php/index.js.map +1 -0
  114. package/dist/analyzers/php/phpAnalyzer.d.ts +56 -0
  115. package/dist/analyzers/php/phpAnalyzer.d.ts.map +1 -0
  116. package/dist/analyzers/php/phpAnalyzer.js +202 -0
  117. package/dist/analyzers/php/phpAnalyzer.js.map +1 -0
  118. package/dist/analyzers/python/index.d.ts +5 -0
  119. package/dist/analyzers/python/index.d.ts.map +1 -0
  120. package/dist/analyzers/python/index.js +21 -0
  121. package/dist/analyzers/python/index.js.map +1 -0
  122. package/dist/analyzers/python/pythonAnalyzer.d.ts +64 -0
  123. package/dist/analyzers/python/pythonAnalyzer.d.ts.map +1 -0
  124. package/dist/analyzers/python/pythonAnalyzer.js +226 -0
  125. package/dist/analyzers/python/pythonAnalyzer.js.map +1 -0
  126. package/dist/cli/index.d.ts +7 -0
  127. package/dist/cli/index.d.ts.map +1 -0
  128. package/dist/cli/index.js +281 -0
  129. package/dist/cli/index.js.map +1 -0
  130. package/dist/core/engine/index.d.ts +5 -0
  131. package/dist/core/engine/index.d.ts.map +1 -0
  132. package/dist/core/engine/index.js +21 -0
  133. package/dist/core/engine/index.js.map +1 -0
  134. package/dist/core/engine/ruleEngine.d.ts +46 -0
  135. package/dist/core/engine/ruleEngine.d.ts.map +1 -0
  136. package/dist/core/engine/ruleEngine.js +173 -0
  137. package/dist/core/engine/ruleEngine.js.map +1 -0
  138. package/dist/core/index.d.ts +8 -0
  139. package/dist/core/index.d.ts.map +1 -0
  140. package/dist/core/index.js +24 -0
  141. package/dist/core/index.js.map +1 -0
  142. package/dist/core/scanner/fileScanner.d.ts +31 -0
  143. package/dist/core/scanner/fileScanner.d.ts.map +1 -0
  144. package/dist/core/scanner/fileScanner.js +199 -0
  145. package/dist/core/scanner/fileScanner.js.map +1 -0
  146. package/dist/core/scanner/index.d.ts +5 -0
  147. package/dist/core/scanner/index.d.ts.map +1 -0
  148. package/dist/core/scanner/index.js +21 -0
  149. package/dist/core/scanner/index.js.map +1 -0
  150. package/dist/core/scoring/index.d.ts +5 -0
  151. package/dist/core/scoring/index.d.ts.map +1 -0
  152. package/dist/core/scoring/index.js +21 -0
  153. package/dist/core/scoring/index.js.map +1 -0
  154. package/dist/core/scoring/riskScoring.d.ts +49 -0
  155. package/dist/core/scoring/riskScoring.d.ts.map +1 -0
  156. package/dist/core/scoring/riskScoring.js +180 -0
  157. package/dist/core/scoring/riskScoring.js.map +1 -0
  158. package/dist/core/securityScanner.d.ts +47 -0
  159. package/dist/core/securityScanner.d.ts.map +1 -0
  160. package/dist/core/securityScanner.js +298 -0
  161. package/dist/core/securityScanner.js.map +1 -0
  162. package/dist/dependencies/aiDependencyAnalyzer.d.ts +96 -0
  163. package/dist/dependencies/aiDependencyAnalyzer.d.ts.map +1 -0
  164. package/dist/dependencies/aiDependencyAnalyzer.js +435 -0
  165. package/dist/dependencies/aiDependencyAnalyzer.js.map +1 -0
  166. package/dist/dependencies/database/cveDatabase.d.ts +32 -0
  167. package/dist/dependencies/database/cveDatabase.d.ts.map +1 -0
  168. package/dist/dependencies/database/cveDatabase.js +393 -0
  169. package/dist/dependencies/database/cveDatabase.js.map +1 -0
  170. package/dist/dependencies/database/index.d.ts +6 -0
  171. package/dist/dependencies/database/index.d.ts.map +1 -0
  172. package/dist/dependencies/database/index.js +22 -0
  173. package/dist/dependencies/database/index.js.map +1 -0
  174. package/dist/dependencies/database/maliciousPackages.d.ts +43 -0
  175. package/dist/dependencies/database/maliciousPackages.d.ts.map +1 -0
  176. package/dist/dependencies/database/maliciousPackages.js +279 -0
  177. package/dist/dependencies/database/maliciousPackages.js.map +1 -0
  178. package/dist/dependencies/dependencyAnalyzer.d.ts +74 -0
  179. package/dist/dependencies/dependencyAnalyzer.d.ts.map +1 -0
  180. package/dist/dependencies/dependencyAnalyzer.js +349 -0
  181. package/dist/dependencies/dependencyAnalyzer.js.map +1 -0
  182. package/dist/dependencies/detectors/index.d.ts +7 -0
  183. package/dist/dependencies/detectors/index.d.ts.map +1 -0
  184. package/dist/dependencies/detectors/index.js +28 -0
  185. package/dist/dependencies/detectors/index.js.map +1 -0
  186. package/dist/dependencies/detectors/securityStandards.d.ts +15 -0
  187. package/dist/dependencies/detectors/securityStandards.d.ts.map +1 -0
  188. package/dist/dependencies/detectors/securityStandards.js +178 -0
  189. package/dist/dependencies/detectors/securityStandards.js.map +1 -0
  190. package/dist/dependencies/detectors/vulnerabilityDetector.d.ts +53 -0
  191. package/dist/dependencies/detectors/vulnerabilityDetector.d.ts.map +1 -0
  192. package/dist/dependencies/detectors/vulnerabilityDetector.js +289 -0
  193. package/dist/dependencies/detectors/vulnerabilityDetector.js.map +1 -0
  194. package/dist/dependencies/index.d.ts +14 -0
  195. package/dist/dependencies/index.d.ts.map +1 -0
  196. package/dist/dependencies/index.js +43 -0
  197. package/dist/dependencies/index.js.map +1 -0
  198. package/dist/dependencies/installed/index.d.ts +8 -0
  199. package/dist/dependencies/installed/index.d.ts.map +1 -0
  200. package/dist/dependencies/installed/index.js +24 -0
  201. package/dist/dependencies/installed/index.js.map +1 -0
  202. package/dist/dependencies/installed/installedScanner.d.ts +91 -0
  203. package/dist/dependencies/installed/installedScanner.d.ts.map +1 -0
  204. package/dist/dependencies/installed/installedScanner.js +766 -0
  205. package/dist/dependencies/installed/installedScanner.js.map +1 -0
  206. package/dist/dependencies/installed/malwarePatterns.d.ts +32 -0
  207. package/dist/dependencies/installed/malwarePatterns.d.ts.map +1 -0
  208. package/dist/dependencies/installed/malwarePatterns.js +480 -0
  209. package/dist/dependencies/installed/malwarePatterns.js.map +1 -0
  210. package/dist/dependencies/installed/types.d.ts +274 -0
  211. package/dist/dependencies/installed/types.d.ts.map +1 -0
  212. package/dist/dependencies/installed/types.js +7 -0
  213. package/dist/dependencies/installed/types.js.map +1 -0
  214. package/dist/dependencies/parsers/base/baseParser.d.ts +44 -0
  215. package/dist/dependencies/parsers/base/baseParser.d.ts.map +1 -0
  216. package/dist/dependencies/parsers/base/baseParser.js +80 -0
  217. package/dist/dependencies/parsers/base/baseParser.js.map +1 -0
  218. package/dist/dependencies/parsers/base/index.d.ts +6 -0
  219. package/dist/dependencies/parsers/base/index.d.ts.map +1 -0
  220. package/dist/dependencies/parsers/base/index.js +27 -0
  221. package/dist/dependencies/parsers/base/index.js.map +1 -0
  222. package/dist/dependencies/parsers/cpp/cppParser.d.ts +36 -0
  223. package/dist/dependencies/parsers/cpp/cppParser.d.ts.map +1 -0
  224. package/dist/dependencies/parsers/cpp/cppParser.js +196 -0
  225. package/dist/dependencies/parsers/cpp/cppParser.js.map +1 -0
  226. package/dist/dependencies/parsers/cpp/index.d.ts +6 -0
  227. package/dist/dependencies/parsers/cpp/index.d.ts.map +1 -0
  228. package/dist/dependencies/parsers/cpp/index.js +27 -0
  229. package/dist/dependencies/parsers/cpp/index.js.map +1 -0
  230. package/dist/dependencies/parsers/csharp/csharpParser.d.ts +32 -0
  231. package/dist/dependencies/parsers/csharp/csharpParser.d.ts.map +1 -0
  232. package/dist/dependencies/parsers/csharp/csharpParser.js +125 -0
  233. package/dist/dependencies/parsers/csharp/csharpParser.js.map +1 -0
  234. package/dist/dependencies/parsers/csharp/index.d.ts +6 -0
  235. package/dist/dependencies/parsers/csharp/index.d.ts.map +1 -0
  236. package/dist/dependencies/parsers/csharp/index.js +27 -0
  237. package/dist/dependencies/parsers/csharp/index.js.map +1 -0
  238. package/dist/dependencies/parsers/index.d.ts +24 -0
  239. package/dist/dependencies/parsers/index.d.ts.map +1 -0
  240. package/dist/dependencies/parsers/index.js +69 -0
  241. package/dist/dependencies/parsers/index.js.map +1 -0
  242. package/dist/dependencies/parsers/java/index.d.ts +6 -0
  243. package/dist/dependencies/parsers/java/index.d.ts.map +1 -0
  244. package/dist/dependencies/parsers/java/index.js +27 -0
  245. package/dist/dependencies/parsers/java/index.js.map +1 -0
  246. package/dist/dependencies/parsers/java/javaParser.d.ts +32 -0
  247. package/dist/dependencies/parsers/java/javaParser.d.ts.map +1 -0
  248. package/dist/dependencies/parsers/java/javaParser.js +168 -0
  249. package/dist/dependencies/parsers/java/javaParser.js.map +1 -0
  250. package/dist/dependencies/parsers/javascript/index.d.ts +6 -0
  251. package/dist/dependencies/parsers/javascript/index.d.ts.map +1 -0
  252. package/dist/dependencies/parsers/javascript/index.js +27 -0
  253. package/dist/dependencies/parsers/javascript/index.js.map +1 -0
  254. package/dist/dependencies/parsers/javascript/javascriptParser.d.ts +55 -0
  255. package/dist/dependencies/parsers/javascript/javascriptParser.d.ts.map +1 -0
  256. package/dist/dependencies/parsers/javascript/javascriptParser.js +266 -0
  257. package/dist/dependencies/parsers/javascript/javascriptParser.js.map +1 -0
  258. package/dist/dependencies/parsers/php/index.d.ts +6 -0
  259. package/dist/dependencies/parsers/php/index.d.ts.map +1 -0
  260. package/dist/dependencies/parsers/php/index.js +27 -0
  261. package/dist/dependencies/parsers/php/index.js.map +1 -0
  262. package/dist/dependencies/parsers/php/phpParser.d.ts +35 -0
  263. package/dist/dependencies/parsers/php/phpParser.d.ts.map +1 -0
  264. package/dist/dependencies/parsers/php/phpParser.js +162 -0
  265. package/dist/dependencies/parsers/php/phpParser.js.map +1 -0
  266. package/dist/dependencies/parsers/python/index.d.ts +6 -0
  267. package/dist/dependencies/parsers/python/index.d.ts.map +1 -0
  268. package/dist/dependencies/parsers/python/index.js +27 -0
  269. package/dist/dependencies/parsers/python/index.js.map +1 -0
  270. package/dist/dependencies/parsers/python/pythonParser.d.ts +60 -0
  271. package/dist/dependencies/parsers/python/pythonParser.d.ts.map +1 -0
  272. package/dist/dependencies/parsers/python/pythonParser.js +336 -0
  273. package/dist/dependencies/parsers/python/pythonParser.js.map +1 -0
  274. package/dist/dependencies/types.d.ts +280 -0
  275. package/dist/dependencies/types.d.ts.map +1 -0
  276. package/dist/dependencies/types.js +59 -0
  277. package/dist/dependencies/types.js.map +1 -0
  278. package/dist/i18n/index.d.ts +2 -0
  279. package/dist/i18n/index.d.ts.map +1 -0
  280. package/dist/i18n/index.js +18 -0
  281. package/dist/i18n/index.js.map +1 -0
  282. package/dist/i18n/translations.d.ts +55 -0
  283. package/dist/i18n/translations.d.ts.map +1 -0
  284. package/dist/i18n/translations.js +119 -0
  285. package/dist/i18n/translations.js.map +1 -0
  286. package/dist/index.d.ts +14 -0
  287. package/dist/index.d.ts.map +1 -0
  288. package/dist/index.js +36 -0
  289. package/dist/index.js.map +1 -0
  290. package/dist/reports/dependencyReportGenerator.d.ts +20 -0
  291. package/dist/reports/dependencyReportGenerator.d.ts.map +1 -0
  292. package/dist/reports/dependencyReportGenerator.js +690 -0
  293. package/dist/reports/dependencyReportGenerator.js.map +1 -0
  294. package/dist/reports/htmlReportGenerator.d.ts +43 -0
  295. package/dist/reports/htmlReportGenerator.d.ts.map +1 -0
  296. package/dist/reports/htmlReportGenerator.js +793 -0
  297. package/dist/reports/htmlReportGenerator.js.map +1 -0
  298. package/dist/reports/index.d.ts +7 -0
  299. package/dist/reports/index.d.ts.map +1 -0
  300. package/dist/reports/index.js +23 -0
  301. package/dist/reports/index.js.map +1 -0
  302. package/dist/reports/installedDepsReportGenerator.d.ts +14 -0
  303. package/dist/reports/installedDepsReportGenerator.d.ts.map +1 -0
  304. package/dist/reports/installedDepsReportGenerator.js +872 -0
  305. package/dist/reports/installedDepsReportGenerator.js.map +1 -0
  306. package/dist/rules/index.d.ts +31 -0
  307. package/dist/rules/index.d.ts.map +1 -0
  308. package/dist/rules/index.js +95 -0
  309. package/dist/rules/index.js.map +1 -0
  310. package/dist/rules/malware/categories/backdoors.d.ts +12 -0
  311. package/dist/rules/malware/categories/backdoors.d.ts.map +1 -0
  312. package/dist/rules/malware/categories/backdoors.js +163 -0
  313. package/dist/rules/malware/categories/backdoors.js.map +1 -0
  314. package/dist/rules/malware/categories/cryptominers.d.ts +13 -0
  315. package/dist/rules/malware/categories/cryptominers.d.ts.map +1 -0
  316. package/dist/rules/malware/categories/cryptominers.js +415 -0
  317. package/dist/rules/malware/categories/cryptominers.js.map +1 -0
  318. package/dist/rules/malware/categories/exfiltration.d.ts +20 -0
  319. package/dist/rules/malware/categories/exfiltration.d.ts.map +1 -0
  320. package/dist/rules/malware/categories/exfiltration.js +658 -0
  321. package/dist/rules/malware/categories/exfiltration.js.map +1 -0
  322. package/dist/rules/malware/categories/keyloggers.d.ts +19 -0
  323. package/dist/rules/malware/categories/keyloggers.d.ts.map +1 -0
  324. package/dist/rules/malware/categories/keyloggers.js +763 -0
  325. package/dist/rules/malware/categories/keyloggers.js.map +1 -0
  326. package/dist/rules/malware/categories/loaders.d.ts +20 -0
  327. package/dist/rules/malware/categories/loaders.d.ts.map +1 -0
  328. package/dist/rules/malware/categories/loaders.js +702 -0
  329. package/dist/rules/malware/categories/loaders.js.map +1 -0
  330. package/dist/rules/malware/categories/network.d.ts +19 -0
  331. package/dist/rules/malware/categories/network.d.ts.map +1 -0
  332. package/dist/rules/malware/categories/network.js +622 -0
  333. package/dist/rules/malware/categories/network.js.map +1 -0
  334. package/dist/rules/malware/categories/obfuscation.d.ts +22 -0
  335. package/dist/rules/malware/categories/obfuscation.d.ts.map +1 -0
  336. package/dist/rules/malware/categories/obfuscation.js +766 -0
  337. package/dist/rules/malware/categories/obfuscation.js.map +1 -0
  338. package/dist/rules/malware/constants/index.d.ts +281 -0
  339. package/dist/rules/malware/constants/index.d.ts.map +1 -0
  340. package/dist/rules/malware/constants/index.js +327 -0
  341. package/dist/rules/malware/constants/index.js.map +1 -0
  342. package/dist/rules/malware/engine/index.d.ts +178 -0
  343. package/dist/rules/malware/engine/index.d.ts.map +1 -0
  344. package/dist/rules/malware/engine/index.js +552 -0
  345. package/dist/rules/malware/engine/index.js.map +1 -0
  346. package/dist/rules/malware/index.d.ts +205 -0
  347. package/dist/rules/malware/index.d.ts.map +1 -0
  348. package/dist/rules/malware/index.js +837 -0
  349. package/dist/rules/malware/index.js.map +1 -0
  350. package/dist/rules/malware/scoring/index.d.ts +84 -0
  351. package/dist/rules/malware/scoring/index.d.ts.map +1 -0
  352. package/dist/rules/malware/scoring/index.js +441 -0
  353. package/dist/rules/malware/scoring/index.js.map +1 -0
  354. package/dist/rules/malware/types/index.d.ts +616 -0
  355. package/dist/rules/malware/types/index.d.ts.map +1 -0
  356. package/dist/rules/malware/types/index.js +155 -0
  357. package/dist/rules/malware/types/index.js.map +1 -0
  358. package/dist/rules/malware/utils/index.d.ts +117 -0
  359. package/dist/rules/malware/utils/index.d.ts.map +1 -0
  360. package/dist/rules/malware/utils/index.js +514 -0
  361. package/dist/rules/malware/utils/index.js.map +1 -0
  362. package/dist/rules/standards.d.ts +26 -0
  363. package/dist/rules/standards.d.ts.map +1 -0
  364. package/dist/rules/standards.js +352 -0
  365. package/dist/rules/standards.js.map +1 -0
  366. package/dist/rules/vulnerabilities/constants/index.d.ts +835 -0
  367. package/dist/rules/vulnerabilities/constants/index.d.ts.map +1 -0
  368. package/dist/rules/vulnerabilities/constants/index.js +544 -0
  369. package/dist/rules/vulnerabilities/constants/index.js.map +1 -0
  370. package/dist/rules/vulnerabilities/engine/index.d.ts +145 -0
  371. package/dist/rules/vulnerabilities/engine/index.d.ts.map +1 -0
  372. package/dist/rules/vulnerabilities/engine/index.js +581 -0
  373. package/dist/rules/vulnerabilities/engine/index.js.map +1 -0
  374. package/dist/rules/vulnerabilities/index.d.ts +148 -0
  375. package/dist/rules/vulnerabilities/index.d.ts.map +1 -0
  376. package/dist/rules/vulnerabilities/index.js +252 -0
  377. package/dist/rules/vulnerabilities/index.js.map +1 -0
  378. package/dist/rules/vulnerabilities/rules/authentication.d.ts +8 -0
  379. package/dist/rules/vulnerabilities/rules/authentication.d.ts.map +1 -0
  380. package/dist/rules/vulnerabilities/rules/authentication.js +419 -0
  381. package/dist/rules/vulnerabilities/rules/authentication.js.map +1 -0
  382. package/dist/rules/vulnerabilities/rules/commandInjection.d.ts +8 -0
  383. package/dist/rules/vulnerabilities/rules/commandInjection.d.ts.map +1 -0
  384. package/dist/rules/vulnerabilities/rules/commandInjection.js +300 -0
  385. package/dist/rules/vulnerabilities/rules/commandInjection.js.map +1 -0
  386. package/dist/rules/vulnerabilities/rules/csrf.d.ts +8 -0
  387. package/dist/rules/vulnerabilities/rules/csrf.d.ts.map +1 -0
  388. package/dist/rules/vulnerabilities/rules/csrf.js +261 -0
  389. package/dist/rules/vulnerabilities/rules/csrf.js.map +1 -0
  390. package/dist/rules/vulnerabilities/rules/deserialization.d.ts +8 -0
  391. package/dist/rules/vulnerabilities/rules/deserialization.d.ts.map +1 -0
  392. package/dist/rules/vulnerabilities/rules/deserialization.js +336 -0
  393. package/dist/rules/vulnerabilities/rules/deserialization.js.map +1 -0
  394. package/dist/rules/vulnerabilities/rules/fileUpload.d.ts +8 -0
  395. package/dist/rules/vulnerabilities/rules/fileUpload.d.ts.map +1 -0
  396. package/dist/rules/vulnerabilities/rules/fileUpload.js +325 -0
  397. package/dist/rules/vulnerabilities/rules/fileUpload.js.map +1 -0
  398. package/dist/rules/vulnerabilities/rules/hardcodedSecrets.d.ts +8 -0
  399. package/dist/rules/vulnerabilities/rules/hardcodedSecrets.d.ts.map +1 -0
  400. package/dist/rules/vulnerabilities/rules/hardcodedSecrets.js +446 -0
  401. package/dist/rules/vulnerabilities/rules/hardcodedSecrets.js.map +1 -0
  402. package/dist/rules/vulnerabilities/rules/index.d.ts +17 -0
  403. package/dist/rules/vulnerabilities/rules/index.d.ts.map +1 -0
  404. package/dist/rules/vulnerabilities/rules/index.js +47 -0
  405. package/dist/rules/vulnerabilities/rules/index.js.map +1 -0
  406. package/dist/rules/vulnerabilities/rules/pathTraversal.d.ts +8 -0
  407. package/dist/rules/vulnerabilities/rules/pathTraversal.d.ts.map +1 -0
  408. package/dist/rules/vulnerabilities/rules/pathTraversal.js +351 -0
  409. package/dist/rules/vulnerabilities/rules/pathTraversal.js.map +1 -0
  410. package/dist/rules/vulnerabilities/rules/prototypePollution.d.ts +8 -0
  411. package/dist/rules/vulnerabilities/rules/prototypePollution.d.ts.map +1 -0
  412. package/dist/rules/vulnerabilities/rules/prototypePollution.js +272 -0
  413. package/dist/rules/vulnerabilities/rules/prototypePollution.js.map +1 -0
  414. package/dist/rules/vulnerabilities/rules/securityMisconfiguration.d.ts +8 -0
  415. package/dist/rules/vulnerabilities/rules/securityMisconfiguration.d.ts.map +1 -0
  416. package/dist/rules/vulnerabilities/rules/securityMisconfiguration.js +438 -0
  417. package/dist/rules/vulnerabilities/rules/securityMisconfiguration.js.map +1 -0
  418. package/dist/rules/vulnerabilities/rules/sqlInjection.d.ts +12 -0
  419. package/dist/rules/vulnerabilities/rules/sqlInjection.d.ts.map +1 -0
  420. package/dist/rules/vulnerabilities/rules/sqlInjection.js +636 -0
  421. package/dist/rules/vulnerabilities/rules/sqlInjection.js.map +1 -0
  422. package/dist/rules/vulnerabilities/rules/ssrf.d.ts +8 -0
  423. package/dist/rules/vulnerabilities/rules/ssrf.d.ts.map +1 -0
  424. package/dist/rules/vulnerabilities/rules/ssrf.js +401 -0
  425. package/dist/rules/vulnerabilities/rules/ssrf.js.map +1 -0
  426. package/dist/rules/vulnerabilities/rules/xss.d.ts +11 -0
  427. package/dist/rules/vulnerabilities/rules/xss.d.ts.map +1 -0
  428. package/dist/rules/vulnerabilities/rules/xss.js +724 -0
  429. package/dist/rules/vulnerabilities/rules/xss.js.map +1 -0
  430. package/dist/rules/vulnerabilities/scoring/index.d.ts +80 -0
  431. package/dist/rules/vulnerabilities/scoring/index.d.ts.map +1 -0
  432. package/dist/rules/vulnerabilities/scoring/index.js +414 -0
  433. package/dist/rules/vulnerabilities/scoring/index.js.map +1 -0
  434. package/dist/rules/vulnerabilities/types/index.d.ts +830 -0
  435. package/dist/rules/vulnerabilities/types/index.d.ts.map +1 -0
  436. package/dist/rules/vulnerabilities/types/index.js +164 -0
  437. package/dist/rules/vulnerabilities/types/index.js.map +1 -0
  438. package/dist/rules/vulnerabilities/utils/index.d.ts +206 -0
  439. package/dist/rules/vulnerabilities/utils/index.d.ts.map +1 -0
  440. package/dist/rules/vulnerabilities/utils/index.js +615 -0
  441. package/dist/rules/vulnerabilities/utils/index.js.map +1 -0
  442. package/dist/types/index.d.ts +359 -0
  443. package/dist/types/index.d.ts.map +1 -0
  444. package/dist/types/index.js +61 -0
  445. package/dist/types/index.js.map +1 -0
  446. package/dist/utils/index.d.ts +82 -0
  447. package/dist/utils/index.d.ts.map +1 -0
  448. package/dist/utils/index.js +326 -0
  449. package/dist/utils/index.js.map +1 -0
  450. package/dist/utils/logger.d.ts +40 -0
  451. package/dist/utils/logger.d.ts.map +1 -0
  452. package/dist/utils/logger.js +139 -0
  453. package/dist/utils/logger.js.map +1 -0
  454. package/docs/ARCHITECTURE.md +320 -0
  455. package/docs/V1.2.1-IA_Performances.md +116 -0
  456. package/docs/images/WIN_Defender.png +0 -0
  457. package/package.json +68 -0
  458. package/secure-scan.config.json +134 -0
  459. package/secure-scan.sln +29 -0
  460. package/src/ai/aiAnalyzer.ts +714 -0
  461. package/src/ai/index.ts +5 -0
  462. package/src/analyzers/base/baseAnalyzer.ts +66 -0
  463. package/src/analyzers/base/index.ts +5 -0
  464. package/src/analyzers/c-cpp/cppAnalyzer.ts +308 -0
  465. package/src/analyzers/c-cpp/index.ts +5 -0
  466. package/src/analyzers/core/engine/index.ts +5 -0
  467. package/src/analyzers/core/engine/ruleEngine.ts +221 -0
  468. package/src/analyzers/core/index.ts +8 -0
  469. package/src/analyzers/core/scanner/fileScanner.ts +204 -0
  470. package/src/analyzers/core/scanner/index.ts +5 -0
  471. package/src/analyzers/core/scoring/index.ts +5 -0
  472. package/src/analyzers/core/scoring/riskScoring.ts +198 -0
  473. package/src/analyzers/core/securityScanner.ts +321 -0
  474. package/src/analyzers/csharp/csharpAnalyzer.ts +328 -0
  475. package/src/analyzers/csharp/index.ts +5 -0
  476. package/src/analyzers/iac/iacAnalyzer.ts +318 -0
  477. package/src/analyzers/iac/index.ts +5 -0
  478. package/src/analyzers/index.ts +67 -0
  479. package/src/analyzers/java/index.ts +5 -0
  480. package/src/analyzers/java/javaAnalyzer.ts +320 -0
  481. package/src/analyzers/javascript/PROMPT_JS_ANALYZER.md +267 -0
  482. package/src/analyzers/javascript/astUtils.ts +789 -0
  483. package/src/analyzers/javascript/index.ts +50 -0
  484. package/src/analyzers/javascript/javascriptAnalyzer.ts +984 -0
  485. package/src/analyzers/javascript/malwareDetector.ts +697 -0
  486. package/src/analyzers/javascript/packageJsonAnalyzer.ts +626 -0
  487. package/src/analyzers/javascript/taintAnalyzer.ts +630 -0
  488. package/src/analyzers/php/index.ts +5 -0
  489. package/src/analyzers/php/phpAnalyzer.ts +280 -0
  490. package/src/analyzers/python/index.ts +5 -0
  491. package/src/analyzers/python/pythonAnalyzer.ts +319 -0
  492. package/src/cli/index.ts +276 -0
  493. package/src/dependencies/aiDependencyAnalyzer.ts +496 -0
  494. package/src/dependencies/database/cveDatabase.ts +426 -0
  495. package/src/dependencies/database/index.ts +6 -0
  496. package/src/dependencies/database/maliciousPackages.ts +286 -0
  497. package/src/dependencies/dependencyAnalyzer.ts +394 -0
  498. package/src/dependencies/detectors/index.ts +7 -0
  499. package/src/dependencies/detectors/securityStandards.ts +200 -0
  500. package/src/dependencies/detectors/vulnerabilityDetector.ts +343 -0
  501. package/src/dependencies/index.ts +27 -0
  502. package/src/dependencies/installed/index.ts +8 -0
  503. package/src/dependencies/installed/installedScanner.ts +821 -0
  504. package/src/dependencies/installed/malwarePatterns.ts +492 -0
  505. package/src/dependencies/installed/types.ts +287 -0
  506. package/src/dependencies/parsers/base/baseParser.ts +108 -0
  507. package/src/dependencies/parsers/base/index.ts +6 -0
  508. package/src/dependencies/parsers/cpp/cppParser.ts +245 -0
  509. package/src/dependencies/parsers/cpp/index.ts +6 -0
  510. package/src/dependencies/parsers/csharp/csharpParser.ts +151 -0
  511. package/src/dependencies/parsers/csharp/index.ts +6 -0
  512. package/src/dependencies/parsers/index.ts +56 -0
  513. package/src/dependencies/parsers/java/index.ts +6 -0
  514. package/src/dependencies/parsers/java/javaParser.ts +203 -0
  515. package/src/dependencies/parsers/javascript/index.ts +6 -0
  516. package/src/dependencies/parsers/javascript/javascriptParser.ts +362 -0
  517. package/src/dependencies/parsers/php/index.ts +6 -0
  518. package/src/dependencies/parsers/php/phpParser.ts +208 -0
  519. package/src/dependencies/parsers/python/index.ts +6 -0
  520. package/src/dependencies/parsers/python/pythonParser.ts +437 -0
  521. package/src/dependencies/types.ts +330 -0
  522. package/src/i18n/index.ts +1 -0
  523. package/src/i18n/translations.ts +194 -0
  524. package/src/index.ts +16 -0
  525. package/src/reports/dependencyReportGenerator.ts +717 -0
  526. package/src/reports/htmlReportGenerator.ts +781 -0
  527. package/src/reports/index.ts +7 -0
  528. package/src/reports/installedDepsReportGenerator.ts +899 -0
  529. package/src/rules/index.ts +58 -0
  530. package/src/rules/malware/INFO.md +287 -0
  531. package/src/rules/malware/categories/backdoors.ts +174 -0
  532. package/src/rules/malware/categories/cryptominers.ts +434 -0
  533. package/src/rules/malware/categories/exfiltration.ts +677 -0
  534. package/src/rules/malware/categories/keyloggers.ts +780 -0
  535. package/src/rules/malware/categories/loaders.ts +721 -0
  536. package/src/rules/malware/categories/network.ts +639 -0
  537. package/src/rules/malware/categories/obfuscation.ts +788 -0
  538. package/src/rules/malware/constants/index.ts +358 -0
  539. package/src/rules/malware/engine/index.ts +758 -0
  540. package/src/rules/malware/index.ts +928 -0
  541. package/src/rules/malware/scoring/index.ts +549 -0
  542. package/src/rules/malware/types/index.ts +752 -0
  543. package/src/rules/malware/utils/index.ts +643 -0
  544. package/src/rules/standards.ts +372 -0
  545. package/src/rules/vulnerabilities/PROMPT_VULNERABILITIES.md +226 -0
  546. package/src/rules/vulnerabilities/constants/index.ts +625 -0
  547. package/src/rules/vulnerabilities/engine/index.ts +831 -0
  548. package/src/rules/vulnerabilities/index.ts +312 -0
  549. package/src/rules/vulnerabilities/rules/authentication.ts +426 -0
  550. package/src/rules/vulnerabilities/rules/commandInjection.ts +307 -0
  551. package/src/rules/vulnerabilities/rules/csrf.ts +268 -0
  552. package/src/rules/vulnerabilities/rules/deserialization.ts +343 -0
  553. package/src/rules/vulnerabilities/rules/fileUpload.ts +332 -0
  554. package/src/rules/vulnerabilities/rules/hardcodedSecrets.ts +453 -0
  555. package/src/rules/vulnerabilities/rules/index.ts +17 -0
  556. package/src/rules/vulnerabilities/rules/pathTraversal.ts +358 -0
  557. package/src/rules/vulnerabilities/rules/prototypePollution.ts +279 -0
  558. package/src/rules/vulnerabilities/rules/securityMisconfiguration.ts +445 -0
  559. package/src/rules/vulnerabilities/rules/sqlInjection.ts +669 -0
  560. package/src/rules/vulnerabilities/rules/ssrf.ts +408 -0
  561. package/src/rules/vulnerabilities/rules/xss.ts +753 -0
  562. package/src/rules/vulnerabilities/scoring/index.ts +543 -0
  563. package/src/rules/vulnerabilities/types/index.ts +1004 -0
  564. package/src/rules/vulnerabilities/utils/index.ts +709 -0
  565. package/src/types/index.ts +391 -0
  566. package/src/utils/index.ts +306 -0
  567. package/src/utils/logger.ts +150 -0
  568. package/test-installed-scanner.ts +136 -0
  569. package/tsconfig.json +30 -0
package/dist/rules/standards.js ADDED
@@ -0,0 +1,352 @@
1
+ "use strict";
2
+ /**
3
+ * Security Standards Database
4
+ * OWASP Top 10, CWE, MITRE ATT&CK, SANS Top 25
5
+ */
6
+ Object.defineProperty(exports, "__esModule", { value: true });
7
+ exports.SANS_TOP_25 = exports.MITRE_ATTACK = exports.CWE_DATABASE = exports.OWASP_TOP_10 = void 0;
8
+ exports.getStandardsForThreat = getStandardsForThreat;
9
+ const types_1 = require("../types");
10
+ /**
11
+ * OWASP Top 10 2021
12
+ */
13
+ exports.OWASP_TOP_10 = {
14
+ 'A01:2021': {
15
+ name: 'OWASP',
16
+ id: 'A01:2021',
17
+ title: 'Broken Access Control',
18
+ description: 'Access control enforces policy such that users cannot act outside of their intended permissions.',
19
+ url: 'https://owasp.org/Top10/A01_2021-Broken_Access_Control/'
20
+ },
21
+ 'A02:2021': {
22
+ name: 'OWASP',
23
+ id: 'A02:2021',
24
+ title: 'Cryptographic Failures',
25
+ description: 'Failures related to cryptography which often lead to sensitive data exposure.',
26
+ url: 'https://owasp.org/Top10/A02_2021-Cryptographic_Failures/'
27
+ },
28
+ 'A03:2021': {
29
+ name: 'OWASP',
30
+ id: 'A03:2021',
31
+ title: 'Injection',
32
+ description: 'User-supplied data is not validated, filtered, or sanitized by the application.',
33
+ url: 'https://owasp.org/Top10/A03_2021-Injection/'
34
+ },
35
+ 'A04:2021': {
36
+ name: 'OWASP',
37
+ id: 'A04:2021',
38
+ title: 'Insecure Design',
39
+ description: 'Missing or ineffective control design.',
40
+ url: 'https://owasp.org/Top10/A04_2021-Insecure_Design/'
41
+ },
42
+ 'A05:2021': {
43
+ name: 'OWASP',
44
+ id: 'A05:2021',
45
+ title: 'Security Misconfiguration',
46
+ description: 'Missing appropriate security hardening or improperly configured permissions.',
47
+ url: 'https://owasp.org/Top10/A05_2021-Security_Misconfiguration/'
48
+ },
49
+ 'A06:2021': {
50
+ name: 'OWASP',
51
+ id: 'A06:2021',
52
+ title: 'Vulnerable and Outdated Components',
53
+ description: 'Using components with known vulnerabilities.',
54
+ url: 'https://owasp.org/Top10/A06_2021-Vulnerable_and_Outdated_Components/'
55
+ },
56
+ 'A07:2021': {
57
+ name: 'OWASP',
58
+ id: 'A07:2021',
59
+ title: 'Identification and Authentication Failures',
60
+ description: 'Confirmation of user identity, authentication, and session management.',
61
+ url: 'https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures/'
62
+ },
63
+ 'A08:2021': {
64
+ name: 'OWASP',
65
+ id: 'A08:2021',
66
+ title: 'Software and Data Integrity Failures',
67
+ description: 'Code and infrastructure that does not protect against integrity violations.',
68
+ url: 'https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures/'
69
+ },
70
+ 'A09:2021': {
71
+ name: 'OWASP',
72
+ id: 'A09:2021',
73
+ title: 'Security Logging and Monitoring Failures',
74
+ description: 'Insufficient logging, detection, monitoring, and active response.',
75
+ url: 'https://owasp.org/Top10/A09_2021-Security_Logging_and_Monitoring_Failures/'
76
+ },
77
+ 'A10:2021': {
78
+ name: 'OWASP',
79
+ id: 'A10:2021',
80
+ title: 'Server-Side Request Forgery (SSRF)',
81
+ description: 'SSRF flaws occur when a web application fetches a remote resource without validating the user-supplied URL.',
82
+ url: 'https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29/'
83
+ }
84
+ };
85
+ /**
86
+ * Common Weakness Enumeration (CWE)
87
+ */
88
+ exports.CWE_DATABASE = {
89
+ 'CWE-79': {
90
+ name: 'CWE',
91
+ id: 'CWE-79',
92
+ title: 'Improper Neutralization of Input During Web Page Generation (XSS)',
93
+ description: 'The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page.',
94
+ url: 'https://cwe.mitre.org/data/definitions/79.html'
95
+ },
96
+ 'CWE-89': {
97
+ name: 'CWE',
98
+ id: 'CWE-89',
99
+ title: 'SQL Injection',
100
+ description: 'The software constructs SQL commands using externally-influenced input from an upstream component.',
101
+ url: 'https://cwe.mitre.org/data/definitions/89.html'
102
+ },
103
+ 'CWE-78': {
104
+ name: 'CWE',
105
+ id: 'CWE-78',
106
+ title: 'OS Command Injection',
107
+ description: 'The software constructs OS commands using externally-influenced input without proper neutralization.',
108
+ url: 'https://cwe.mitre.org/data/definitions/78.html'
109
+ },
110
+ 'CWE-94': {
111
+ name: 'CWE',
112
+ id: 'CWE-94',
113
+ title: 'Improper Control of Generation of Code (Code Injection)',
114
+ description: 'The software constructs code segments using externally-influenced input without proper neutralization.',
115
+ url: 'https://cwe.mitre.org/data/definitions/94.html'
116
+ },
117
+ 'CWE-502': {
118
+ name: 'CWE',
119
+ id: 'CWE-502',
120
+ title: 'Deserialization of Untrusted Data',
121
+ description: 'The application deserializes untrusted data without sufficiently verifying that the resulting data will be valid.',
122
+ url: 'https://cwe.mitre.org/data/definitions/502.html'
123
+ },
124
+ 'CWE-798': {
125
+ name: 'CWE',
126
+ id: 'CWE-798',
127
+ title: 'Use of Hard-coded Credentials',
128
+ description: 'The software contains hard-coded credentials, such as passwords or cryptographic keys.',
129
+ url: 'https://cwe.mitre.org/data/definitions/798.html'
130
+ },
131
+ 'CWE-22': {
132
+ name: 'CWE',
133
+ id: 'CWE-22',
134
+ title: 'Path Traversal',
135
+ description: 'The software uses external input to construct a pathname without proper neutralization.',
136
+ url: 'https://cwe.mitre.org/data/definitions/22.html'
137
+ },
138
+ 'CWE-327': {
139
+ name: 'CWE',
140
+ id: 'CWE-327',
141
+ title: 'Use of a Broken or Risky Cryptographic Algorithm',
142
+ description: 'The use of a broken or risky cryptographic algorithm is an unnecessary risk.',
143
+ url: 'https://cwe.mitre.org/data/definitions/327.html'
144
+ },
145
+ 'CWE-330': {
146
+ name: 'CWE',
147
+ id: 'CWE-330',
148
+ title: 'Use of Insufficiently Random Values',
149
+ description: 'The software uses insufficiently random numbers or values in a security context.',
150
+ url: 'https://cwe.mitre.org/data/definitions/330.html'
151
+ },
152
+ 'CWE-352': {
153
+ name: 'CWE',
154
+ id: 'CWE-352',
155
+ title: 'Cross-Site Request Forgery (CSRF)',
156
+ description: 'The web application does not verify that the request was intentionally provided by the user.',
157
+ url: 'https://cwe.mitre.org/data/definitions/352.html'
158
+ },
159
+ 'CWE-90': {
160
+ name: 'CWE',
161
+ id: 'CWE-90',
162
+ title: 'LDAP Injection',
163
+ description: 'The software constructs LDAP statements using externally-influenced input.',
164
+ url: 'https://cwe.mitre.org/data/definitions/90.html'
165
+ },
166
+ 'CWE-200': {
167
+ name: 'CWE',
168
+ id: 'CWE-200',
169
+ title: 'Exposure of Sensitive Information',
170
+ description: 'The software exposes sensitive information to an actor not authorized to have access.',
171
+ url: 'https://cwe.mitre.org/data/definitions/200.html'
172
+ },
173
+ 'CWE-506': {
174
+ name: 'CWE',
175
+ id: 'CWE-506',
176
+ title: 'Embedded Malicious Code',
177
+ description: 'The application contains code that appears to be malicious in nature.',
178
+ url: 'https://cwe.mitre.org/data/definitions/506.html'
179
+ },
180
+ 'CWE-912': {
181
+ name: 'CWE',
182
+ id: 'CWE-912',
183
+ title: 'Hidden Functionality',
184
+ description: 'The software contains functionality that is not documented or accessible through the intended interface.',
185
+ url: 'https://cwe.mitre.org/data/definitions/912.html'
186
+ }
187
+ };
188
+ /**
189
+ * MITRE ATT&CK Techniques
190
+ */
191
+ exports.MITRE_ATTACK = {
192
+ 'T1059': {
193
+ name: 'MITRE',
194
+ id: 'T1059',
195
+ title: 'Command and Scripting Interpreter',
196
+ description: 'Adversaries may abuse command and script interpreters to execute commands.',
197
+ url: 'https://attack.mitre.org/techniques/T1059/'
198
+ },
199
+ 'T1071': {
200
+ name: 'MITRE',
201
+ id: 'T1071',
202
+ title: 'Application Layer Protocol',
203
+ description: 'Adversaries may communicate using application layer protocols to avoid detection.',
204
+ url: 'https://attack.mitre.org/techniques/T1071/'
205
+ },
206
+ 'T1027': {
207
+ name: 'MITRE',
208
+ id: 'T1027',
209
+ title: 'Obfuscated Files or Information',
210
+ description: 'Adversaries may attempt to make files or information difficult to discover or analyze.',
211
+ url: 'https://attack.mitre.org/techniques/T1027/'
212
+ },
213
+ 'T1132': {
214
+ name: 'MITRE',
215
+ id: 'T1132',
216
+ title: 'Data Encoding',
217
+ description: 'Adversaries may encode data to make the content of command and control traffic more difficult to detect.',
218
+ url: 'https://attack.mitre.org/techniques/T1132/'
219
+ },
220
+ 'T1041': {
221
+ name: 'MITRE',
222
+ id: 'T1041',
223
+ title: 'Exfiltration Over C2 Channel',
224
+ description: 'Adversaries may steal data by exfiltrating it over an existing command and control channel.',
225
+ url: 'https://attack.mitre.org/techniques/T1041/'
226
+ },
227
+ 'T1496': {
228
+ name: 'MITRE',
229
+ id: 'T1496',
230
+ title: 'Resource Hijacking',
231
+ description: 'Adversaries may leverage the resources of systems to mine cryptocurrency.',
232
+ url: 'https://attack.mitre.org/techniques/T1496/'
233
+ },
234
+ 'T1056': {
235
+ name: 'MITRE',
236
+ id: 'T1056',
237
+ title: 'Input Capture',
238
+ description: 'Adversaries may use methods of capturing user input to obtain credentials or collect information.',
239
+ url: 'https://attack.mitre.org/techniques/T1056/'
240
+ }
241
+ };
242
+ /**
243
+ * SANS Top 25
244
+ */
245
+ exports.SANS_TOP_25 = {
246
+ 'SANS-1': {
247
+ name: 'SANS',
248
+ id: 'SANS-1',
249
+ title: 'Out-of-bounds Write',
250
+ description: 'Writing data past the end, or before the beginning, of the intended buffer.',
251
+ url: 'https://www.sans.org/top25-software-errors/'
252
+ },
253
+ 'SANS-2': {
254
+ name: 'SANS',
255
+ id: 'SANS-2',
256
+ title: 'Improper Neutralization of Input During Web Page Generation',
257
+ description: 'Cross-site scripting (XSS) vulnerabilities.',
258
+ url: 'https://www.sans.org/top25-software-errors/'
259
+ },
260
+ 'SANS-3': {
261
+ name: 'SANS',
262
+ id: 'SANS-3',
263
+ title: 'SQL Injection',
264
+ description: 'SQL injection vulnerabilities in database queries.',
265
+ url: 'https://www.sans.org/top25-software-errors/'
266
+ }
267
+ };
268
+ /**
269
+ * Map threat types to relevant security standards
270
+ */
271
+ function getStandardsForThreat(threatType) {
272
+ const standards = [];
273
+ switch (threatType) {
274
+ case types_1.ThreatType.SQL_INJECTION:
275
+ standards.push(exports.OWASP_TOP_10['A03:2021']);
276
+ standards.push(exports.CWE_DATABASE['CWE-89']);
277
+ standards.push(exports.SANS_TOP_25['SANS-3']);
278
+ break;
279
+ case types_1.ThreatType.COMMAND_INJECTION:
280
+ standards.push(exports.OWASP_TOP_10['A03:2021']);
281
+ standards.push(exports.CWE_DATABASE['CWE-78']);
282
+ standards.push(exports.MITRE_ATTACK['T1059']);
283
+ break;
284
+ case types_1.ThreatType.XSS:
285
+ standards.push(exports.OWASP_TOP_10['A03:2021']);
286
+ standards.push(exports.CWE_DATABASE['CWE-79']);
287
+ standards.push(exports.SANS_TOP_25['SANS-2']);
288
+ break;
289
+ case types_1.ThreatType.CSRF:
290
+ standards.push(exports.OWASP_TOP_10['A01:2021']);
291
+ standards.push(exports.CWE_DATABASE['CWE-352']);
292
+ break;
293
+ case types_1.ThreatType.INSECURE_DESERIALIZATION:
294
+ standards.push(exports.OWASP_TOP_10['A08:2021']);
295
+ standards.push(exports.CWE_DATABASE['CWE-502']);
296
+ break;
297
+ case types_1.ThreatType.HARDCODED_CREDENTIALS:
298
+ standards.push(exports.OWASP_TOP_10['A07:2021']);
299
+ standards.push(exports.CWE_DATABASE['CWE-798']);
300
+ break;
301
+ case types_1.ThreatType.PATH_TRAVERSAL:
302
+ standards.push(exports.OWASP_TOP_10['A01:2021']);
303
+ standards.push(exports.CWE_DATABASE['CWE-22']);
304
+ break;
305
+ case types_1.ThreatType.LDAP_INJECTION:
306
+ standards.push(exports.OWASP_TOP_10['A03:2021']);
307
+ standards.push(exports.CWE_DATABASE['CWE-90']);
308
+ break;
309
+ case types_1.ThreatType.INSECURE_CRYPTO:
310
+ standards.push(exports.OWASP_TOP_10['A02:2021']);
311
+ standards.push(exports.CWE_DATABASE['CWE-327']);
312
+ break;
313
+ case types_1.ThreatType.WEAK_RANDOM:
314
+ standards.push(exports.OWASP_TOP_10['A02:2021']);
315
+ standards.push(exports.CWE_DATABASE['CWE-330']);
316
+ break;
317
+ case types_1.ThreatType.DANGEROUS_FUNCTION:
318
+ standards.push(exports.OWASP_TOP_10['A03:2021']);
319
+ standards.push(exports.CWE_DATABASE['CWE-94']);
320
+ break;
321
+ case types_1.ThreatType.BACKDOOR:
322
+ case types_1.ThreatType.REVERSE_SHELL:
323
+ standards.push(exports.CWE_DATABASE['CWE-506']);
324
+ standards.push(exports.CWE_DATABASE['CWE-912']);
325
+ standards.push(exports.MITRE_ATTACK['T1059']);
326
+ break;
327
+ case types_1.ThreatType.OBFUSCATED_CODE:
328
+ standards.push(exports.CWE_DATABASE['CWE-506']);
329
+ standards.push(exports.MITRE_ATTACK['T1027']);
330
+ break;
331
+ case types_1.ThreatType.CRYPTOMINER:
332
+ standards.push(exports.CWE_DATABASE['CWE-506']);
333
+ standards.push(exports.MITRE_ATTACK['T1496']);
334
+ break;
335
+ case types_1.ThreatType.KEYLOGGER:
336
+ standards.push(exports.CWE_DATABASE['CWE-506']);
337
+ standards.push(exports.MITRE_ATTACK['T1056']);
338
+ break;
339
+ case types_1.ThreatType.DATA_EXFILTRATION:
340
+ standards.push(exports.CWE_DATABASE['CWE-200']);
341
+ standards.push(exports.MITRE_ATTACK['T1041']);
342
+ break;
343
+ case types_1.ThreatType.INFORMATION_DISCLOSURE:
344
+ standards.push(exports.OWASP_TOP_10['A01:2021']);
345
+ standards.push(exports.CWE_DATABASE['CWE-200']);
346
+ break;
347
+ default:
348
+ standards.push(exports.OWASP_TOP_10['A05:2021']);
349
+ }
350
+ return standards.filter(s => s !== undefined);
351
+ }
352
+ //# sourceMappingURL=standards.js.map
package/dist/rules/standards.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"standards.js","sourceRoot":"","sources":["../../src/rules/standards.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;AA6QH,sDAmGC;AA9WD,oCAAwD;AAExD;;GAEG;AACU,QAAA,YAAY,GAAqC;IAC5D,UAAU,EAAE;QACV,IAAI,EAAE,OAAO;QACb,EAAE,EAAE,UAAU;QACd,KAAK,EAAE,uBAAuB;QAC9B,WAAW,EAAE,kGAAkG;QAC/G,GAAG,EAAE,yDAAyD;KAC/D;IACD,UAAU,EAAE;QACV,IAAI,EAAE,OAAO;QACb,EAAE,EAAE,UAAU;QACd,KAAK,EAAE,wBAAwB;QAC/B,WAAW,EAAE,+EAA+E;QAC5F,GAAG,EAAE,0DAA0D;KAChE;IACD,UAAU,EAAE;QACV,IAAI,EAAE,OAAO;QACb,EAAE,EAAE,UAAU;QACd,KAAK,EAAE,WAAW;QAClB,WAAW,EAAE,iFAAiF;QAC9F,GAAG,EAAE,6CAA6C;KACnD;IACD,UAAU,EAAE;QACV,IAAI,EAAE,OAAO;QACb,EAAE,EAAE,UAAU;QACd,KAAK,EAAE,iBAAiB;QACxB,WAAW,EAAE,wCAAwC;QACrD,GAAG,EAAE,mDAAmD;KACzD;IACD,UAAU,EAAE;QACV,IAAI,EAAE,OAAO;QACb,EAAE,EAAE,UAAU;QACd,KAAK,EAAE,2BAA2B;QAClC,WAAW,EAAE,8EAA8E;QAC3F,GAAG,EAAE,6DAA6D;KACnE;IACD,UAAU,EAAE;QACV,IAAI,EAAE,OAAO;QACb,EAAE,EAAE,UAAU;QACd,KAAK,EAAE,oCAAoC;QAC3C,WAAW,EAAE,8CAA8C;QAC3D,GAAG,EAAE,sEAAsE;KAC5E;IACD,UAAU,EAAE;QACV,IAAI,EAAE,OAAO;QACb,EAAE,EAAE,UAAU;QACd,KAAK,EAAE,4CAA4C;QACnD,WAAW,EAAE,wEAAwE;QACrF,GAAG,EAAE,8EAA8E;KACpF;IACD,UAAU,EAAE;QACV,IAAI,EAAE,OAAO;QACb,EAAE,EAAE,UAAU;QACd,KAAK,EAAE,sCAAsC;QAC7C,WAAW,EAAE,6EAA6E;QAC1F,GAAG,EAAE,wEAAwE;KAC9E;IACD,UAAU,EAAE;QACV,IAAI,EAAE,OAAO;QACb,EAAE,EAAE,UAAU;QACd,KAAK,EAAE,0CAA0C;QACjD,WAAW,EAAE,mEAAmE;QAChF,GAAG,EAAE,4EAA4E;KAClF;IACD,UAAU,EAAE;QACV,IAAI,EAAE,OAAO;QACb,EAAE,EAAE,UAAU;QACd,KAAK,EAAE,oCAAoC;QAC3C,WAAW,EAAE,6GAA6G;QAC1H,GAAG,EAAE,0EAA0E;KAChF;CACF,CAAC;AAEF;;GAEG;AACU,QAAA,YAAY,GAAqC;IAC5D,QAAQ,EAAE;QACR,IAAI,EAAE,KAAK;QACX,EAAE,EAAE,QAAQ;QACZ,KAAK,EAAE,mEAAmE;QAC1E,WAAW,EAAE,+IAA+I;QAC5J,GAAG,EAAE,gDAAgD;KACtD;IACD,QAAQ,EAAE;QACR,IAAI,EAAE,KAAK;QACX,EAAE,EAAE,QAAQ;QACZ,KAAK,EAAE,eAAe;QACtB,WAAW,EAAE,oGAAoG;QACjH,GAAG,EAAE,gDAAgD;KACtD;IACD,QAAQ,EAAE;QACR,IAAI,EAAE,KAAK;QACX,EAAE,EAAE,QAAQ;QACZ,KAAK,EAAE,sBAAsB;QAC7B,WAAW,EAAE,sGAAsG;QACnH,GAAG,EAAE,gDAAgD;KACtD;IACD,QAAQ,EAAE;QACR,IAAI,EAAE,KAAK;QACX,EAAE,EAAE,QAAQ;QACZ,KAAK,EAAE,yDAAyD;QAChE,WAAW,EAAE,wGAAwG;QACrH,GAAG,EAAE,gDAAgD;KACtD;IACD,SAAS,EAAE;QACT,IAAI,EAAE,KAAK;QACX,EAAE,EAAE,SAAS;QACb,KAAK,EAAE,mCAAmC;QAC1C,WAAW,EAAE,mHAAmH;QAChI,GAAG,EAAE,iDAAiD;KACvD;IACD,SAAS,EAAE;QACT,IAAI,EAAE,KAAK;QACX,EAAE,EAAE,SAAS;QACb,KAAK,EAAE,+BAA+B;QACtC,WAAW,EAAE,wFAAwF;QACrG,GAAG,EAAE,iDAAiD;KACvD;IACD,QAAQ,EAAE;QACR,IAAI,EAAE,KAAK;QACX,EAAE,EAAE,QAAQ;QACZ,KAAK,EAAE,gBAAgB;QACvB,WAAW,EAAE,yFAAyF;QACtG,GAAG,EAAE,gDAAgD;KACtD;IACD,SAAS,EAAE;QACT,IAAI,EAAE,KAAK;QACX,EAAE,EAAE,SAAS;QACb,KAAK,EAAE,kDAAkD;QACzD,WAAW,EAAE,8EAA8E;QAC3F,GAAG,EAAE,iDAAiD;KACvD;IACD,SAAS,EAAE;QACT,IAAI,EAAE,KAAK;QACX,EAAE,EAAE,SAAS;QACb,KAAK,EAAE,qCAAqC;QAC5C,WAAW,EAAE,kFAAkF;QAC/F,GAAG,EAAE,iDAAiD;KACvD;IACD,SAAS,EAAE;QACT,IAAI,EAAE,KAAK;QACX,EAAE,EAAE,SAAS;QACb,KAAK,EAAE,mCAAmC;QAC1C,WAAW,EAAE,8FAA8F;QAC3G,GAAG,EAAE,iDAAiD;KACvD;IACD,QAAQ,EAAE;QACR,IAAI,EAAE,KAAK;QACX,EAAE,EAAE,QAAQ;QACZ,KAAK,EAAE,gBAAgB;QACvB,WAAW,EAAE,4EAA4E;QACzF,GAAG,EAAE,gDAAgD;KACtD;IACD,SAAS,EAAE;QACT,IAAI,EAAE,KAAK;QACX,EAAE,EAAE,SAAS;QACb,KAAK,EAAE,mCAAmC;QAC1C,WAAW,EAAE,uFAAuF;QACpG,GAAG,EAAE,iDAAiD;KACvD;IACD,SAAS,EAAE;QACT,IAAI,EAAE,KAAK;QACX,EAAE,EAAE,SAAS;QACb,KAAK,EAAE,yBAAyB;QAChC,WAAW,EAAE,uEAAuE;QACpF,GAAG,EAAE,iDAAiD;KACvD;IACD,SAAS,EAAE;QACT,IAAI,EAAE,KAAK;QACX,EAAE,EAAE,SAAS;QACb,KAAK,EAAE,sBAAsB;QAC7B,WAAW,EAAE,0GAA0G;QACvH,GAAG,EAAE,iDAAiD;KACvD;CACF,CAAC;AAEF;;GAEG;AACU,QAAA,YAAY,GAAqC;IAC5D,OAAO,EAAE;QACP,IAAI,EAAE,OAAO;QACb,EAAE,EAAE,OAAO;QACX,KAAK,EAAE,mCAAmC;QAC1C,WAAW,EAAE,4EAA4E;QACzF,GAAG,EAAE,4CAA4C;KAClD;IACD,OAAO,EAAE;QACP,IAAI,EAAE,OAAO;QACb,EAAE,EAAE,OAAO;QACX,KAAK,EAAE,4BAA4B;QACnC,WAAW,EAAE,mFAAmF;QAChG,GAAG,EAAE,4CAA4C;KAClD;IACD,OAAO,EAAE;QACP,IAAI,EAAE,OAAO;QACb,EAAE,EAAE,OAAO;QACX,KAAK,EAAE,iCAAiC;QACxC,WAAW,EAAE,wFAAwF;QACrG,GAAG,EAAE,4CAA4C;KAClD;IACD,OAAO,EAAE;QACP,IAAI,EAAE,OAAO;QACb,EAAE,EAAE,OAAO;QACX,KAAK,EAAE,eAAe;QACtB,WAAW,EAAE,0GAA0G;QACvH,GAAG,EAAE,4CAA4C;KAClD;IACD,OAAO,EAAE;QACP,IAAI,EAAE,OAAO;QACb,EAAE,EAAE,OAAO;QACX,KAAK,EAAE,8BAA8B;QACrC,WAAW,EAAE,6FAA6F;QAC1G,GAAG,EAAE,4CAA4C;KAClD;IACD,OAAO,EAAE;QACP,IAAI,EAAE,OAAO;QACb,EAAE,EAAE,OAAO;QACX,KAAK,EAAE,oBAAoB;QAC3B,WAAW,EAAE,2EAA2E;QACxF,GAAG,EAAE,4CAA4C;KAClD;IACD,OAAO,EAAE;QACP,IAAI,EAAE,OAAO;QACb,EAAE,EAAE,OAAO;QACX,KAAK,EAAE,eAAe;QACtB,WAAW,EAAE,mGAAmG;QAChH,GAAG,EAAE,4CAA4C;KAClD;CACF,CAAC;AAEF;;GAEG;AACU,QAAA,WAAW,GAAqC;IAC3D,QAAQ,EAAE;QACR,IAAI,EAAE,MAAM;QACZ,EAAE,EAAE,QAAQ;QACZ,KAAK,EAAE,qBAAqB;QAC5B,WAAW,EAAE,6EAA6E;QAC1F,GAAG,EAAE,6CAA6C;KACnD;IACD,QAAQ,EAAE;QACR,IAAI,EAAE,MAAM;QACZ,EAAE,EAAE,QAAQ;QACZ,KAAK,EAAE,6DAA6D;QACpE,WAAW,EAAE,6CAA6C;QAC1D,GAAG,EAAE,6CAA6C;KACnD;IACD,QAAQ,EAAE;QACR,IAAI,EAAE,MAAM;QACZ,EAAE,EAAE,QAAQ;QACZ,KAAK,EAAE,eAAe;QACtB,WAAW,EAAE,oDAAoD;QACjE,GAAG,EAAE,6CAA6C;KACnD;CACF,CAAC;AAEF;;GAEG;AACH,SAAgB,qBAAqB,CAAC,UAAsB;IAC1D,MAAM,SAAS,GAAuB,EAAE,CAAC;IAEzC,QAAQ,UAAU,EAAE,CAAC;QACnB,KAAK,kBAAU,CAAC,aAAa;YAC3B,SAAS,CAAC,IAAI,CAAC,oBAAY,CAAC,UAAU,CAAC,CAAC,CAAC;YACzC,SAAS,CAAC,IAAI,CAAC,oBAAY,CAAC,QAAQ,CAAC,CAAC,CAAC;YACvC,SAAS,CAAC,IAAI,CAAC,mBAAW,CAAC,QAAQ,CAAC,CAAC,CAAC;YACtC,MAAM;QAER,KAAK,kBAAU,CAAC,iBAAiB;YAC/B,SAAS,CAAC,IAAI,CAAC,oBAAY,CAAC,UAAU,CAAC,CAAC,CAAC;YACzC,SAAS,CAAC,IAAI,CAAC,oBAAY,CAAC,QAAQ,CAAC,CAAC,CAAC;YACvC,SAAS,CAAC,IAAI,CAAC,oBAAY,CAAC,OAAO,CAAC,CAAC,CAAC;YACtC,MAAM;QAER,KAAK,kBAAU,CAAC,GAAG;YACjB,SAAS,CAAC,IAAI,CAAC,oBAAY,CAAC,UAAU,CAAC,CAAC,CAAC;YACzC,SAAS,CAAC,IAAI,CAAC,oBAAY,CAAC,QAAQ,CAAC,CAAC,CAAC;YACvC,SAAS,CAAC,IAAI,CAAC,mBAAW,CAAC,QAAQ,CAAC,CAAC,CAAC;YACtC,MAAM;QAER,KAAK,kBAAU,CAAC,IAAI;YAClB,SAAS,CAAC,IAAI,CAAC,oBAAY,CAAC,UAAU,CAAC,CAAC,CAAC;YACzC,SAAS,CAAC,IAAI,CAAC,oBAAY,CAAC,SAAS,CAAC,CAAC,CAAC;YACxC,MAAM;QAER,KAAK,kBAAU,CAAC,wBAAwB;YACtC,SAAS,CAAC,IAAI,CAAC,oBAAY,CAAC,UAAU,CAAC,CAAC,CAAC;YACzC,SAAS,CAAC,IAAI,CAAC,oBAAY,CAAC,SAAS,CAAC,CAAC,CAAC;YACxC,MAAM;QAER,KAAK,kBAAU,CAAC,qBAAqB;YACnC,SAAS,CAAC,IAAI,CAAC,oBAAY,CAAC,UAAU,CAAC,CAAC,CAAC;YACzC,SAAS,CAAC,IAAI,CAAC,oBAAY,CAAC,SAAS,CAAC,CAAC,CAAC;YACxC,MAAM;QAER,KAAK,kBAAU,CAAC,cAAc;YAC5B,SAAS,CAAC,IAAI,CAAC,oBAAY,CAAC,UAAU,CAAC,CAAC,CAAC;YACzC,SAAS,CAAC,IAAI,CAAC,oBAAY,CAAC,QAAQ,CAAC,CAAC,CAAC;YACvC,MAAM;QAER,KAAK,kBAAU,CAAC,cAAc;YAC5B,SAAS,CAAC,IAAI,CAAC,oBAAY,CAAC,UAAU,CAAC,CAAC,CAAC;YACzC,SAAS,CAAC,IAAI,CAAC,oBAAY,CAAC,QAAQ,CAAC,CAAC,CAAC;YACvC,MAAM;QAER,KAAK,kBAAU,CAAC,eAAe;YAC7B,SAAS,CAAC,IAAI,CAAC,oBAAY,CAAC,UAAU,CAAC,CAAC,CAAC;YACzC,SAAS,CAAC,IAAI,CAAC,oBAAY,CAAC,SAAS,CAAC,CAAC,CAAC;YACxC,MAAM;QAER,KAAK,kBAAU,CAAC,WAAW;YACzB,SAAS,CAAC,IAAI,CAAC,oBAAY,CAAC,UAAU,CAAC,CAAC,CAAC;YACzC,SAAS,CAAC,IAAI,CAAC,oBAAY,CAAC,SAAS,CAAC,CAAC,CAAC;YACxC,MAAM;QAER,KAAK,kBAAU,CAAC,kBAAkB;YAChC,SAAS,CAAC,IAAI,CAAC,oBAAY,CAAC,UAAU,CAAC,CAAC,CAAC;YACzC,SAAS,CAAC,IAAI,CAAC,oBAAY,CAAC,QAAQ,CAAC,CAAC,CAAC;YACvC,MAAM;QAER,KAAK,kBAAU,CAAC,QAAQ,CAAC;QACzB,KAAK,kBAAU,CAAC,aAAa;YAC3B,SAAS,CAAC,IAAI,CAAC,oBAAY,CAAC,SAAS,CAAC,CAAC,CAAC;YACxC,SAAS,CAAC,IAAI,CAAC,oBAAY,CAAC,SAAS,CAAC,CAAC,CAAC;YACxC,SAAS,CAAC,IAAI,CAAC,oBAAY,CAAC,OAAO,CAAC,CAAC,CAAC;YACtC,MAAM;QAER,KAAK,kBAAU,CAAC,eAAe;YAC7B,SAAS,CAAC,IAAI,CAAC,oBAAY,CAAC,SAAS,CAAC,CAAC,CAAC;YACxC,SAAS,CAAC,IAAI,CAAC,oBAAY,CAAC,OAAO,CAAC,CAAC,CAAC;YACtC,MAAM;QAER,KAAK,kBAAU,CAAC,WAAW;YACzB,SAAS,CAAC,IAAI,CAAC,oBAAY,CAAC,SAAS,CAAC,CAAC,CAAC;YACxC,SAAS,CAAC,IAAI,CAAC,oBAAY,CAAC,OAAO,CAAC,CAAC,CAAC;YACtC,MAAM;QAER,KAAK,kBAAU,CAAC,SAAS;YACvB,SAAS,CAAC,IAAI,CAAC,oBAAY,CAAC,SAAS,CAAC,CAAC,CAAC;YACxC,SAAS,CAAC,IAAI,CAAC,oBAAY,CAAC,OAAO,CAAC,CAAC,CAAC;YACtC,MAAM;QAER,KAAK,kBAAU,CAAC,iBAAiB;YAC/B,SAAS,CAAC,IAAI,CAAC,oBAAY,CAAC,SAAS,CAAC,CAAC,CAAC;YACxC,SAAS,CAAC,IAAI,CAAC,oBAAY,CAAC,OAAO,CAAC,CAAC,CAAC;YACtC,MAAM;QAER,KAAK,kBAAU,CAAC,sBAAsB;YACpC,SAAS,CAAC,IAAI,CAAC,oBAAY,CAAC,UAAU,CAAC,CAAC,CAAC;YACzC,SAAS,CAAC,IAAI,CAAC,oBAAY,CAAC,SAAS,CAAC,CAAC,CAAC;YACxC,MAAM;QAER;YACE,SAAS,CAAC,IAAI,CAAC,oBAAY,CAAC,UAAU,CAAC,CAAC,CAAC;IAC7C,CAAC;IAED,OAAO,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,KAAK,SAAS,CAAC,CAAC;AAChD,CAAC"}