npm - secure-scan - Versions diffs - 1.2.2 - Mend

secure-scan 1.2.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (569) hide show

package/README.md +564 -0
package/dist/ai/aiAnalyzer.d.ts +99 -0
package/dist/ai/aiAnalyzer.d.ts.map +1 -0
package/dist/ai/aiAnalyzer.js +669 -0
package/dist/ai/aiAnalyzer.js.map +1 -0
package/dist/ai/index.d.ts +5 -0
package/dist/ai/index.d.ts.map +1 -0
package/dist/ai/index.js +21 -0
package/dist/ai/index.js.map +1 -0
package/dist/analyzers/base/baseAnalyzer.d.ts +44 -0
package/dist/analyzers/base/baseAnalyzer.d.ts.map +1 -0
package/dist/analyzers/base/baseAnalyzer.js +53 -0
package/dist/analyzers/base/baseAnalyzer.js.map +1 -0
package/dist/analyzers/base/index.d.ts +5 -0
package/dist/analyzers/base/index.d.ts.map +1 -0
package/dist/analyzers/base/index.js +21 -0
package/dist/analyzers/base/index.js.map +1 -0
package/dist/analyzers/c-cpp/cppAnalyzer.d.ts +60 -0
package/dist/analyzers/c-cpp/cppAnalyzer.d.ts.map +1 -0
package/dist/analyzers/c-cpp/cppAnalyzer.js +218 -0
package/dist/analyzers/c-cpp/cppAnalyzer.js.map +1 -0
package/dist/analyzers/c-cpp/index.d.ts +5 -0
package/dist/analyzers/c-cpp/index.d.ts.map +1 -0
package/dist/analyzers/c-cpp/index.js +21 -0
package/dist/analyzers/c-cpp/index.js.map +1 -0
package/dist/analyzers/core/engine/index.d.ts +5 -0
package/dist/analyzers/core/engine/index.d.ts.map +1 -0
package/dist/analyzers/core/engine/index.js +21 -0
package/dist/analyzers/core/engine/index.js.map +1 -0
package/dist/analyzers/core/engine/ruleEngine.d.ts +46 -0
package/dist/analyzers/core/engine/ruleEngine.d.ts.map +1 -0
package/dist/analyzers/core/engine/ruleEngine.js +173 -0
package/dist/analyzers/core/engine/ruleEngine.js.map +1 -0
package/dist/analyzers/core/index.d.ts +8 -0
package/dist/analyzers/core/index.d.ts.map +1 -0
package/dist/analyzers/core/index.js +24 -0
package/dist/analyzers/core/index.js.map +1 -0
package/dist/analyzers/core/scanner/fileScanner.d.ts +31 -0
package/dist/analyzers/core/scanner/fileScanner.d.ts.map +1 -0
package/dist/analyzers/core/scanner/fileScanner.js +199 -0
package/dist/analyzers/core/scanner/fileScanner.js.map +1 -0
package/dist/analyzers/core/scanner/index.d.ts +5 -0
package/dist/analyzers/core/scanner/index.d.ts.map +1 -0
package/dist/analyzers/core/scanner/index.js +21 -0
package/dist/analyzers/core/scanner/index.js.map +1 -0
package/dist/analyzers/core/scoring/index.d.ts +5 -0
package/dist/analyzers/core/scoring/index.d.ts.map +1 -0
package/dist/analyzers/core/scoring/index.js +21 -0
package/dist/analyzers/core/scoring/index.js.map +1 -0
package/dist/analyzers/core/scoring/riskScoring.d.ts +49 -0
package/dist/analyzers/core/scoring/riskScoring.d.ts.map +1 -0
package/dist/analyzers/core/scoring/riskScoring.js +180 -0
package/dist/analyzers/core/scoring/riskScoring.js.map +1 -0
package/dist/analyzers/core/securityScanner.d.ts +47 -0
package/dist/analyzers/core/securityScanner.d.ts.map +1 -0
package/dist/analyzers/core/securityScanner.js +298 -0
package/dist/analyzers/core/securityScanner.js.map +1 -0
package/dist/analyzers/csharp/csharpAnalyzer.d.ts +64 -0
package/dist/analyzers/csharp/csharpAnalyzer.d.ts.map +1 -0
package/dist/analyzers/csharp/csharpAnalyzer.js +232 -0
package/dist/analyzers/csharp/csharpAnalyzer.js.map +1 -0
package/dist/analyzers/csharp/index.d.ts +5 -0
package/dist/analyzers/csharp/index.d.ts.map +1 -0
package/dist/analyzers/csharp/index.js +21 -0
package/dist/analyzers/csharp/index.js.map +1 -0
package/dist/analyzers/iac/iacAnalyzer.d.ts +36 -0
package/dist/analyzers/iac/iacAnalyzer.d.ts.map +1 -0
package/dist/analyzers/iac/iacAnalyzer.js +182 -0
package/dist/analyzers/iac/iacAnalyzer.js.map +1 -0
package/dist/analyzers/iac/index.d.ts +5 -0
package/dist/analyzers/iac/index.d.ts.map +1 -0
package/dist/analyzers/iac/index.js +21 -0
package/dist/analyzers/iac/index.js.map +1 -0
package/dist/analyzers/index.d.ts +30 -0
package/dist/analyzers/index.d.ts.map +1 -0
package/dist/analyzers/index.js +80 -0
package/dist/analyzers/index.js.map +1 -0
package/dist/analyzers/java/index.d.ts +5 -0
package/dist/analyzers/java/index.d.ts.map +1 -0
package/dist/analyzers/java/index.js +21 -0
package/dist/analyzers/java/index.js.map +1 -0
package/dist/analyzers/java/javaAnalyzer.d.ts +64 -0
package/dist/analyzers/java/javaAnalyzer.d.ts.map +1 -0
package/dist/analyzers/java/javaAnalyzer.js +224 -0
package/dist/analyzers/java/javaAnalyzer.js.map +1 -0
package/dist/analyzers/javascript/astUtils.d.ts +170 -0
package/dist/analyzers/javascript/astUtils.d.ts.map +1 -0
package/dist/analyzers/javascript/astUtils.js +700 -0
package/dist/analyzers/javascript/astUtils.js.map +1 -0
package/dist/analyzers/javascript/index.d.ts +18 -0
package/dist/analyzers/javascript/index.d.ts.map +1 -0
package/dist/analyzers/javascript/index.js +50 -0
package/dist/analyzers/javascript/index.js.map +1 -0
package/dist/analyzers/javascript/javascriptAnalyzer.d.ts +111 -0
package/dist/analyzers/javascript/javascriptAnalyzer.d.ts.map +1 -0
package/dist/analyzers/javascript/javascriptAnalyzer.js +860 -0
package/dist/analyzers/javascript/javascriptAnalyzer.js.map +1 -0
package/dist/analyzers/javascript/malwareDetector.d.ts +102 -0
package/dist/analyzers/javascript/malwareDetector.d.ts.map +1 -0
package/dist/analyzers/javascript/malwareDetector.js +616 -0
package/dist/analyzers/javascript/malwareDetector.js.map +1 -0
package/dist/analyzers/javascript/packageJsonAnalyzer.d.ts +87 -0
package/dist/analyzers/javascript/packageJsonAnalyzer.d.ts.map +1 -0
package/dist/analyzers/javascript/packageJsonAnalyzer.js +553 -0
package/dist/analyzers/javascript/packageJsonAnalyzer.js.map +1 -0
package/dist/analyzers/javascript/taintAnalyzer.d.ts +120 -0
package/dist/analyzers/javascript/taintAnalyzer.d.ts.map +1 -0
package/dist/analyzers/javascript/taintAnalyzer.js +526 -0
package/dist/analyzers/javascript/taintAnalyzer.js.map +1 -0
package/dist/analyzers/php/index.d.ts +5 -0
package/dist/analyzers/php/index.d.ts.map +1 -0
package/dist/analyzers/php/index.js +21 -0
package/dist/analyzers/php/index.js.map +1 -0
package/dist/analyzers/php/phpAnalyzer.d.ts +56 -0
package/dist/analyzers/php/phpAnalyzer.d.ts.map +1 -0
package/dist/analyzers/php/phpAnalyzer.js +202 -0
package/dist/analyzers/php/phpAnalyzer.js.map +1 -0
package/dist/analyzers/python/index.d.ts +5 -0
package/dist/analyzers/python/index.d.ts.map +1 -0
package/dist/analyzers/python/index.js +21 -0
package/dist/analyzers/python/index.js.map +1 -0
package/dist/analyzers/python/pythonAnalyzer.d.ts +64 -0
package/dist/analyzers/python/pythonAnalyzer.d.ts.map +1 -0
package/dist/analyzers/python/pythonAnalyzer.js +226 -0
package/dist/analyzers/python/pythonAnalyzer.js.map +1 -0
package/dist/cli/index.d.ts +7 -0
package/dist/cli/index.d.ts.map +1 -0
package/dist/cli/index.js +281 -0
package/dist/cli/index.js.map +1 -0
package/dist/core/engine/index.d.ts +5 -0
package/dist/core/engine/index.d.ts.map +1 -0
package/dist/core/engine/index.js +21 -0
package/dist/core/engine/index.js.map +1 -0
package/dist/core/engine/ruleEngine.d.ts +46 -0
package/dist/core/engine/ruleEngine.d.ts.map +1 -0
package/dist/core/engine/ruleEngine.js +173 -0
package/dist/core/engine/ruleEngine.js.map +1 -0
package/dist/core/index.d.ts +8 -0
package/dist/core/index.d.ts.map +1 -0
package/dist/core/index.js +24 -0
package/dist/core/index.js.map +1 -0
package/dist/core/scanner/fileScanner.d.ts +31 -0
package/dist/core/scanner/fileScanner.d.ts.map +1 -0
package/dist/core/scanner/fileScanner.js +199 -0
package/dist/core/scanner/fileScanner.js.map +1 -0
package/dist/core/scanner/index.d.ts +5 -0
package/dist/core/scanner/index.d.ts.map +1 -0
package/dist/core/scanner/index.js +21 -0
package/dist/core/scanner/index.js.map +1 -0
package/dist/core/scoring/index.d.ts +5 -0
package/dist/core/scoring/index.d.ts.map +1 -0
package/dist/core/scoring/index.js +21 -0
package/dist/core/scoring/index.js.map +1 -0
package/dist/core/scoring/riskScoring.d.ts +49 -0
package/dist/core/scoring/riskScoring.d.ts.map +1 -0
package/dist/core/scoring/riskScoring.js +180 -0
package/dist/core/scoring/riskScoring.js.map +1 -0
package/dist/core/securityScanner.d.ts +47 -0
package/dist/core/securityScanner.d.ts.map +1 -0
package/dist/core/securityScanner.js +298 -0
package/dist/core/securityScanner.js.map +1 -0
package/dist/dependencies/aiDependencyAnalyzer.d.ts +96 -0
package/dist/dependencies/aiDependencyAnalyzer.d.ts.map +1 -0
package/dist/dependencies/aiDependencyAnalyzer.js +435 -0
package/dist/dependencies/aiDependencyAnalyzer.js.map +1 -0
package/dist/dependencies/database/cveDatabase.d.ts +32 -0
package/dist/dependencies/database/cveDatabase.d.ts.map +1 -0
package/dist/dependencies/database/cveDatabase.js +393 -0
package/dist/dependencies/database/cveDatabase.js.map +1 -0
package/dist/dependencies/database/index.d.ts +6 -0
package/dist/dependencies/database/index.d.ts.map +1 -0
package/dist/dependencies/database/index.js +22 -0
package/dist/dependencies/database/index.js.map +1 -0
package/dist/dependencies/database/maliciousPackages.d.ts +43 -0
package/dist/dependencies/database/maliciousPackages.d.ts.map +1 -0
package/dist/dependencies/database/maliciousPackages.js +279 -0
package/dist/dependencies/database/maliciousPackages.js.map +1 -0
package/dist/dependencies/dependencyAnalyzer.d.ts +74 -0
package/dist/dependencies/dependencyAnalyzer.d.ts.map +1 -0
package/dist/dependencies/dependencyAnalyzer.js +349 -0
package/dist/dependencies/dependencyAnalyzer.js.map +1 -0
package/dist/dependencies/detectors/index.d.ts +7 -0
package/dist/dependencies/detectors/index.d.ts.map +1 -0
package/dist/dependencies/detectors/index.js +28 -0
package/dist/dependencies/detectors/index.js.map +1 -0
package/dist/dependencies/detectors/securityStandards.d.ts +15 -0
package/dist/dependencies/detectors/securityStandards.d.ts.map +1 -0
package/dist/dependencies/detectors/securityStandards.js +178 -0
package/dist/dependencies/detectors/securityStandards.js.map +1 -0
package/dist/dependencies/detectors/vulnerabilityDetector.d.ts +53 -0
package/dist/dependencies/detectors/vulnerabilityDetector.d.ts.map +1 -0
package/dist/dependencies/detectors/vulnerabilityDetector.js +289 -0
package/dist/dependencies/detectors/vulnerabilityDetector.js.map +1 -0
package/dist/dependencies/index.d.ts +14 -0
package/dist/dependencies/index.d.ts.map +1 -0
package/dist/dependencies/index.js +43 -0
package/dist/dependencies/index.js.map +1 -0
package/dist/dependencies/installed/index.d.ts +8 -0
package/dist/dependencies/installed/index.d.ts.map +1 -0
package/dist/dependencies/installed/index.js +24 -0
package/dist/dependencies/installed/index.js.map +1 -0
package/dist/dependencies/installed/installedScanner.d.ts +91 -0
package/dist/dependencies/installed/installedScanner.d.ts.map +1 -0
package/dist/dependencies/installed/installedScanner.js +766 -0
package/dist/dependencies/installed/installedScanner.js.map +1 -0
package/dist/dependencies/installed/malwarePatterns.d.ts +32 -0
package/dist/dependencies/installed/malwarePatterns.d.ts.map +1 -0
package/dist/dependencies/installed/malwarePatterns.js +480 -0
package/dist/dependencies/installed/malwarePatterns.js.map +1 -0
package/dist/dependencies/installed/types.d.ts +274 -0
package/dist/dependencies/installed/types.d.ts.map +1 -0
package/dist/dependencies/installed/types.js +7 -0
package/dist/dependencies/installed/types.js.map +1 -0
package/dist/dependencies/parsers/base/baseParser.d.ts +44 -0
package/dist/dependencies/parsers/base/baseParser.d.ts.map +1 -0
package/dist/dependencies/parsers/base/baseParser.js +80 -0
package/dist/dependencies/parsers/base/baseParser.js.map +1 -0
package/dist/dependencies/parsers/base/index.d.ts +6 -0
package/dist/dependencies/parsers/base/index.d.ts.map +1 -0
package/dist/dependencies/parsers/base/index.js +27 -0
package/dist/dependencies/parsers/base/index.js.map +1 -0
package/dist/dependencies/parsers/cpp/cppParser.d.ts +36 -0
package/dist/dependencies/parsers/cpp/cppParser.d.ts.map +1 -0
package/dist/dependencies/parsers/cpp/cppParser.js +196 -0
package/dist/dependencies/parsers/cpp/cppParser.js.map +1 -0
package/dist/dependencies/parsers/cpp/index.d.ts +6 -0
package/dist/dependencies/parsers/cpp/index.d.ts.map +1 -0
package/dist/dependencies/parsers/cpp/index.js +27 -0
package/dist/dependencies/parsers/cpp/index.js.map +1 -0
package/dist/dependencies/parsers/csharp/csharpParser.d.ts +32 -0
package/dist/dependencies/parsers/csharp/csharpParser.d.ts.map +1 -0
package/dist/dependencies/parsers/csharp/csharpParser.js +125 -0
package/dist/dependencies/parsers/csharp/csharpParser.js.map +1 -0
package/dist/dependencies/parsers/csharp/index.d.ts +6 -0
package/dist/dependencies/parsers/csharp/index.d.ts.map +1 -0
package/dist/dependencies/parsers/csharp/index.js +27 -0
package/dist/dependencies/parsers/csharp/index.js.map +1 -0
package/dist/dependencies/parsers/index.d.ts +24 -0
package/dist/dependencies/parsers/index.d.ts.map +1 -0
package/dist/dependencies/parsers/index.js +69 -0
package/dist/dependencies/parsers/index.js.map +1 -0
package/dist/dependencies/parsers/java/index.d.ts +6 -0
package/dist/dependencies/parsers/java/index.d.ts.map +1 -0
package/dist/dependencies/parsers/java/index.js +27 -0
package/dist/dependencies/parsers/java/index.js.map +1 -0
package/dist/dependencies/parsers/java/javaParser.d.ts +32 -0
package/dist/dependencies/parsers/java/javaParser.d.ts.map +1 -0
package/dist/dependencies/parsers/java/javaParser.js +168 -0
package/dist/dependencies/parsers/java/javaParser.js.map +1 -0
package/dist/dependencies/parsers/javascript/index.d.ts +6 -0
package/dist/dependencies/parsers/javascript/index.d.ts.map +1 -0
package/dist/dependencies/parsers/javascript/index.js +27 -0
package/dist/dependencies/parsers/javascript/index.js.map +1 -0
package/dist/dependencies/parsers/javascript/javascriptParser.d.ts +55 -0
package/dist/dependencies/parsers/javascript/javascriptParser.d.ts.map +1 -0
package/dist/dependencies/parsers/javascript/javascriptParser.js +266 -0
package/dist/dependencies/parsers/javascript/javascriptParser.js.map +1 -0
package/dist/dependencies/parsers/php/index.d.ts +6 -0
package/dist/dependencies/parsers/php/index.d.ts.map +1 -0
package/dist/dependencies/parsers/php/index.js +27 -0
package/dist/dependencies/parsers/php/index.js.map +1 -0
package/dist/dependencies/parsers/php/phpParser.d.ts +35 -0
package/dist/dependencies/parsers/php/phpParser.d.ts.map +1 -0
package/dist/dependencies/parsers/php/phpParser.js +162 -0
package/dist/dependencies/parsers/php/phpParser.js.map +1 -0
package/dist/dependencies/parsers/python/index.d.ts +6 -0
package/dist/dependencies/parsers/python/index.d.ts.map +1 -0
package/dist/dependencies/parsers/python/index.js +27 -0
package/dist/dependencies/parsers/python/index.js.map +1 -0
package/dist/dependencies/parsers/python/pythonParser.d.ts +60 -0
package/dist/dependencies/parsers/python/pythonParser.d.ts.map +1 -0
package/dist/dependencies/parsers/python/pythonParser.js +336 -0
package/dist/dependencies/parsers/python/pythonParser.js.map +1 -0
package/dist/dependencies/types.d.ts +280 -0
package/dist/dependencies/types.d.ts.map +1 -0
package/dist/dependencies/types.js +59 -0
package/dist/dependencies/types.js.map +1 -0
package/dist/i18n/index.d.ts +2 -0
package/dist/i18n/index.d.ts.map +1 -0
package/dist/i18n/index.js +18 -0
package/dist/i18n/index.js.map +1 -0
package/dist/i18n/translations.d.ts +55 -0
package/dist/i18n/translations.d.ts.map +1 -0
package/dist/i18n/translations.js +119 -0
package/dist/i18n/translations.js.map +1 -0
package/dist/index.d.ts +14 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +36 -0
package/dist/index.js.map +1 -0
package/dist/reports/dependencyReportGenerator.d.ts +20 -0
package/dist/reports/dependencyReportGenerator.d.ts.map +1 -0
package/dist/reports/dependencyReportGenerator.js +690 -0
package/dist/reports/dependencyReportGenerator.js.map +1 -0
package/dist/reports/htmlReportGenerator.d.ts +43 -0
package/dist/reports/htmlReportGenerator.d.ts.map +1 -0
package/dist/reports/htmlReportGenerator.js +793 -0
package/dist/reports/htmlReportGenerator.js.map +1 -0
package/dist/reports/index.d.ts +7 -0
package/dist/reports/index.d.ts.map +1 -0
package/dist/reports/index.js +23 -0
package/dist/reports/index.js.map +1 -0
package/dist/reports/installedDepsReportGenerator.d.ts +14 -0
package/dist/reports/installedDepsReportGenerator.d.ts.map +1 -0
package/dist/reports/installedDepsReportGenerator.js +872 -0
package/dist/reports/installedDepsReportGenerator.js.map +1 -0
package/dist/rules/index.d.ts +31 -0
package/dist/rules/index.d.ts.map +1 -0
package/dist/rules/index.js +95 -0
package/dist/rules/index.js.map +1 -0
package/dist/rules/malware/categories/backdoors.d.ts +12 -0
package/dist/rules/malware/categories/backdoors.d.ts.map +1 -0
package/dist/rules/malware/categories/backdoors.js +163 -0
package/dist/rules/malware/categories/backdoors.js.map +1 -0
package/dist/rules/malware/categories/cryptominers.d.ts +13 -0
package/dist/rules/malware/categories/cryptominers.d.ts.map +1 -0
package/dist/rules/malware/categories/cryptominers.js +415 -0
package/dist/rules/malware/categories/cryptominers.js.map +1 -0
package/dist/rules/malware/categories/exfiltration.d.ts +20 -0
package/dist/rules/malware/categories/exfiltration.d.ts.map +1 -0
package/dist/rules/malware/categories/exfiltration.js +658 -0
package/dist/rules/malware/categories/exfiltration.js.map +1 -0
package/dist/rules/malware/categories/keyloggers.d.ts +19 -0
package/dist/rules/malware/categories/keyloggers.d.ts.map +1 -0
package/dist/rules/malware/categories/keyloggers.js +763 -0
package/dist/rules/malware/categories/keyloggers.js.map +1 -0
package/dist/rules/malware/categories/loaders.d.ts +20 -0
package/dist/rules/malware/categories/loaders.d.ts.map +1 -0
package/dist/rules/malware/categories/loaders.js +702 -0
package/dist/rules/malware/categories/loaders.js.map +1 -0
package/dist/rules/malware/categories/network.d.ts +19 -0
package/dist/rules/malware/categories/network.d.ts.map +1 -0
package/dist/rules/malware/categories/network.js +622 -0
package/dist/rules/malware/categories/network.js.map +1 -0
package/dist/rules/malware/categories/obfuscation.d.ts +22 -0
package/dist/rules/malware/categories/obfuscation.d.ts.map +1 -0
package/dist/rules/malware/categories/obfuscation.js +766 -0
package/dist/rules/malware/categories/obfuscation.js.map +1 -0
package/dist/rules/malware/constants/index.d.ts +281 -0
package/dist/rules/malware/constants/index.d.ts.map +1 -0
package/dist/rules/malware/constants/index.js +327 -0
package/dist/rules/malware/constants/index.js.map +1 -0
package/dist/rules/malware/engine/index.d.ts +178 -0
package/dist/rules/malware/engine/index.d.ts.map +1 -0
package/dist/rules/malware/engine/index.js +552 -0
package/dist/rules/malware/engine/index.js.map +1 -0
package/dist/rules/malware/index.d.ts +205 -0
package/dist/rules/malware/index.d.ts.map +1 -0
package/dist/rules/malware/index.js +837 -0
package/dist/rules/malware/index.js.map +1 -0
package/dist/rules/malware/scoring/index.d.ts +84 -0
package/dist/rules/malware/scoring/index.d.ts.map +1 -0
package/dist/rules/malware/scoring/index.js +441 -0
package/dist/rules/malware/scoring/index.js.map +1 -0
package/dist/rules/malware/types/index.d.ts +616 -0
package/dist/rules/malware/types/index.d.ts.map +1 -0
package/dist/rules/malware/types/index.js +155 -0
package/dist/rules/malware/types/index.js.map +1 -0
package/dist/rules/malware/utils/index.d.ts +117 -0
package/dist/rules/malware/utils/index.d.ts.map +1 -0
package/dist/rules/malware/utils/index.js +514 -0
package/dist/rules/malware/utils/index.js.map +1 -0
package/dist/rules/standards.d.ts +26 -0
package/dist/rules/standards.d.ts.map +1 -0
package/dist/rules/standards.js +352 -0
package/dist/rules/standards.js.map +1 -0
package/dist/rules/vulnerabilities/constants/index.d.ts +835 -0
package/dist/rules/vulnerabilities/constants/index.d.ts.map +1 -0
package/dist/rules/vulnerabilities/constants/index.js +544 -0
package/dist/rules/vulnerabilities/constants/index.js.map +1 -0
package/dist/rules/vulnerabilities/engine/index.d.ts +145 -0
package/dist/rules/vulnerabilities/engine/index.d.ts.map +1 -0
package/dist/rules/vulnerabilities/engine/index.js +581 -0
package/dist/rules/vulnerabilities/engine/index.js.map +1 -0
package/dist/rules/vulnerabilities/index.d.ts +148 -0
package/dist/rules/vulnerabilities/index.d.ts.map +1 -0
package/dist/rules/vulnerabilities/index.js +252 -0
package/dist/rules/vulnerabilities/index.js.map +1 -0
package/dist/rules/vulnerabilities/rules/authentication.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/authentication.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/authentication.js +419 -0
package/dist/rules/vulnerabilities/rules/authentication.js.map +1 -0
package/dist/rules/vulnerabilities/rules/commandInjection.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/commandInjection.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/commandInjection.js +300 -0
package/dist/rules/vulnerabilities/rules/commandInjection.js.map +1 -0
package/dist/rules/vulnerabilities/rules/csrf.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/csrf.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/csrf.js +261 -0
package/dist/rules/vulnerabilities/rules/csrf.js.map +1 -0
package/dist/rules/vulnerabilities/rules/deserialization.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/deserialization.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/deserialization.js +336 -0
package/dist/rules/vulnerabilities/rules/deserialization.js.map +1 -0
package/dist/rules/vulnerabilities/rules/fileUpload.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/fileUpload.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/fileUpload.js +325 -0
package/dist/rules/vulnerabilities/rules/fileUpload.js.map +1 -0
package/dist/rules/vulnerabilities/rules/hardcodedSecrets.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/hardcodedSecrets.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/hardcodedSecrets.js +446 -0
package/dist/rules/vulnerabilities/rules/hardcodedSecrets.js.map +1 -0
package/dist/rules/vulnerabilities/rules/index.d.ts +17 -0
package/dist/rules/vulnerabilities/rules/index.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/index.js +47 -0
package/dist/rules/vulnerabilities/rules/index.js.map +1 -0
package/dist/rules/vulnerabilities/rules/pathTraversal.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/pathTraversal.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/pathTraversal.js +351 -0
package/dist/rules/vulnerabilities/rules/pathTraversal.js.map +1 -0
package/dist/rules/vulnerabilities/rules/prototypePollution.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/prototypePollution.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/prototypePollution.js +272 -0
package/dist/rules/vulnerabilities/rules/prototypePollution.js.map +1 -0
package/dist/rules/vulnerabilities/rules/securityMisconfiguration.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/securityMisconfiguration.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/securityMisconfiguration.js +438 -0
package/dist/rules/vulnerabilities/rules/securityMisconfiguration.js.map +1 -0
package/dist/rules/vulnerabilities/rules/sqlInjection.d.ts +12 -0
package/dist/rules/vulnerabilities/rules/sqlInjection.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/sqlInjection.js +636 -0
package/dist/rules/vulnerabilities/rules/sqlInjection.js.map +1 -0
package/dist/rules/vulnerabilities/rules/ssrf.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/ssrf.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/ssrf.js +401 -0
package/dist/rules/vulnerabilities/rules/ssrf.js.map +1 -0
package/dist/rules/vulnerabilities/rules/xss.d.ts +11 -0
package/dist/rules/vulnerabilities/rules/xss.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/xss.js +724 -0
package/dist/rules/vulnerabilities/rules/xss.js.map +1 -0
package/dist/rules/vulnerabilities/scoring/index.d.ts +80 -0
package/dist/rules/vulnerabilities/scoring/index.d.ts.map +1 -0
package/dist/rules/vulnerabilities/scoring/index.js +414 -0
package/dist/rules/vulnerabilities/scoring/index.js.map +1 -0
package/dist/rules/vulnerabilities/types/index.d.ts +830 -0
package/dist/rules/vulnerabilities/types/index.d.ts.map +1 -0
package/dist/rules/vulnerabilities/types/index.js +164 -0
package/dist/rules/vulnerabilities/types/index.js.map +1 -0
package/dist/rules/vulnerabilities/utils/index.d.ts +206 -0
package/dist/rules/vulnerabilities/utils/index.d.ts.map +1 -0
package/dist/rules/vulnerabilities/utils/index.js +615 -0
package/dist/rules/vulnerabilities/utils/index.js.map +1 -0
package/dist/types/index.d.ts +359 -0
package/dist/types/index.d.ts.map +1 -0
package/dist/types/index.js +61 -0
package/dist/types/index.js.map +1 -0
package/dist/utils/index.d.ts +82 -0
package/dist/utils/index.d.ts.map +1 -0
package/dist/utils/index.js +326 -0
package/dist/utils/index.js.map +1 -0
package/dist/utils/logger.d.ts +40 -0
package/dist/utils/logger.d.ts.map +1 -0
package/dist/utils/logger.js +139 -0
package/dist/utils/logger.js.map +1 -0
package/docs/ARCHITECTURE.md +320 -0
package/docs/V1.2.1-IA_Performances.md +116 -0
package/docs/images/WIN_Defender.png +0 -0
package/package.json +68 -0
package/secure-scan.config.json +134 -0
package/secure-scan.sln +29 -0
package/src/ai/aiAnalyzer.ts +714 -0
package/src/ai/index.ts +5 -0
package/src/analyzers/base/baseAnalyzer.ts +66 -0
package/src/analyzers/base/index.ts +5 -0
package/src/analyzers/c-cpp/cppAnalyzer.ts +308 -0
package/src/analyzers/c-cpp/index.ts +5 -0
package/src/analyzers/core/engine/index.ts +5 -0
package/src/analyzers/core/engine/ruleEngine.ts +221 -0
package/src/analyzers/core/index.ts +8 -0
package/src/analyzers/core/scanner/fileScanner.ts +204 -0
package/src/analyzers/core/scanner/index.ts +5 -0
package/src/analyzers/core/scoring/index.ts +5 -0
package/src/analyzers/core/scoring/riskScoring.ts +198 -0
package/src/analyzers/core/securityScanner.ts +321 -0
package/src/analyzers/csharp/csharpAnalyzer.ts +328 -0
package/src/analyzers/csharp/index.ts +5 -0
package/src/analyzers/iac/iacAnalyzer.ts +318 -0
package/src/analyzers/iac/index.ts +5 -0
package/src/analyzers/index.ts +67 -0
package/src/analyzers/java/index.ts +5 -0
package/src/analyzers/java/javaAnalyzer.ts +320 -0
package/src/analyzers/javascript/PROMPT_JS_ANALYZER.md +267 -0
package/src/analyzers/javascript/astUtils.ts +789 -0
package/src/analyzers/javascript/index.ts +50 -0
package/src/analyzers/javascript/javascriptAnalyzer.ts +984 -0
package/src/analyzers/javascript/malwareDetector.ts +697 -0
package/src/analyzers/javascript/packageJsonAnalyzer.ts +626 -0
package/src/analyzers/javascript/taintAnalyzer.ts +630 -0
package/src/analyzers/php/index.ts +5 -0
package/src/analyzers/php/phpAnalyzer.ts +280 -0
package/src/analyzers/python/index.ts +5 -0
package/src/analyzers/python/pythonAnalyzer.ts +319 -0
package/src/cli/index.ts +276 -0
package/src/dependencies/aiDependencyAnalyzer.ts +496 -0
package/src/dependencies/database/cveDatabase.ts +426 -0
package/src/dependencies/database/index.ts +6 -0
package/src/dependencies/database/maliciousPackages.ts +286 -0
package/src/dependencies/dependencyAnalyzer.ts +394 -0
package/src/dependencies/detectors/index.ts +7 -0
package/src/dependencies/detectors/securityStandards.ts +200 -0
package/src/dependencies/detectors/vulnerabilityDetector.ts +343 -0
package/src/dependencies/index.ts +27 -0
package/src/dependencies/installed/index.ts +8 -0
package/src/dependencies/installed/installedScanner.ts +821 -0
package/src/dependencies/installed/malwarePatterns.ts +492 -0
package/src/dependencies/installed/types.ts +287 -0
package/src/dependencies/parsers/base/baseParser.ts +108 -0
package/src/dependencies/parsers/base/index.ts +6 -0
package/src/dependencies/parsers/cpp/cppParser.ts +245 -0
package/src/dependencies/parsers/cpp/index.ts +6 -0
package/src/dependencies/parsers/csharp/csharpParser.ts +151 -0
package/src/dependencies/parsers/csharp/index.ts +6 -0
package/src/dependencies/parsers/index.ts +56 -0
package/src/dependencies/parsers/java/index.ts +6 -0
package/src/dependencies/parsers/java/javaParser.ts +203 -0
package/src/dependencies/parsers/javascript/index.ts +6 -0
package/src/dependencies/parsers/javascript/javascriptParser.ts +362 -0
package/src/dependencies/parsers/php/index.ts +6 -0
package/src/dependencies/parsers/php/phpParser.ts +208 -0
package/src/dependencies/parsers/python/index.ts +6 -0
package/src/dependencies/parsers/python/pythonParser.ts +437 -0
package/src/dependencies/types.ts +330 -0
package/src/i18n/index.ts +1 -0
package/src/i18n/translations.ts +194 -0
package/src/index.ts +16 -0
package/src/reports/dependencyReportGenerator.ts +717 -0
package/src/reports/htmlReportGenerator.ts +781 -0
package/src/reports/index.ts +7 -0
package/src/reports/installedDepsReportGenerator.ts +899 -0
package/src/rules/index.ts +58 -0
package/src/rules/malware/INFO.md +287 -0
package/src/rules/malware/categories/backdoors.ts +174 -0
package/src/rules/malware/categories/cryptominers.ts +434 -0
package/src/rules/malware/categories/exfiltration.ts +677 -0
package/src/rules/malware/categories/keyloggers.ts +780 -0
package/src/rules/malware/categories/loaders.ts +721 -0
package/src/rules/malware/categories/network.ts +639 -0
package/src/rules/malware/categories/obfuscation.ts +788 -0
package/src/rules/malware/constants/index.ts +358 -0
package/src/rules/malware/engine/index.ts +758 -0
package/src/rules/malware/index.ts +928 -0
package/src/rules/malware/scoring/index.ts +549 -0
package/src/rules/malware/types/index.ts +752 -0
package/src/rules/malware/utils/index.ts +643 -0
package/src/rules/standards.ts +372 -0
package/src/rules/vulnerabilities/PROMPT_VULNERABILITIES.md +226 -0
package/src/rules/vulnerabilities/constants/index.ts +625 -0
package/src/rules/vulnerabilities/engine/index.ts +831 -0
package/src/rules/vulnerabilities/index.ts +312 -0
package/src/rules/vulnerabilities/rules/authentication.ts +426 -0
package/src/rules/vulnerabilities/rules/commandInjection.ts +307 -0
package/src/rules/vulnerabilities/rules/csrf.ts +268 -0
package/src/rules/vulnerabilities/rules/deserialization.ts +343 -0
package/src/rules/vulnerabilities/rules/fileUpload.ts +332 -0
package/src/rules/vulnerabilities/rules/hardcodedSecrets.ts +453 -0
package/src/rules/vulnerabilities/rules/index.ts +17 -0
package/src/rules/vulnerabilities/rules/pathTraversal.ts +358 -0
package/src/rules/vulnerabilities/rules/prototypePollution.ts +279 -0
package/src/rules/vulnerabilities/rules/securityMisconfiguration.ts +445 -0
package/src/rules/vulnerabilities/rules/sqlInjection.ts +669 -0
package/src/rules/vulnerabilities/rules/ssrf.ts +408 -0
package/src/rules/vulnerabilities/rules/xss.ts +753 -0
package/src/rules/vulnerabilities/scoring/index.ts +543 -0
package/src/rules/vulnerabilities/types/index.ts +1004 -0
package/src/rules/vulnerabilities/utils/index.ts +709 -0
package/src/types/index.ts +391 -0
package/src/utils/index.ts +306 -0
package/src/utils/logger.ts +150 -0
package/test-installed-scanner.ts +136 -0
package/tsconfig.json +30 -0

package/src/analyzers/base/baseAnalyzer.ts ADDED Viewed

@@ -0,0 +1,66 @@
+/**
+ * Base Analyzer Interface
+ * Abstract base class for language-specific analyzers
+ */
+import { Analyzer, ScannedFile, Finding, Rule, SupportedLanguage } from '../../types';
+import { RuleEngine } from '../core/engine';
+import { logger } from '../../utils/logger';
+/**
+ * Base Analyzer Class
+ * Provides common functionality for all language analyzers
+ */
+export abstract class BaseAnalyzer implements Analyzer {
+  abstract name: string;
+  abstract languages: SupportedLanguage[];
+  abstract version: string;
+  protected ruleEngine: RuleEngine;
+  protected initialized: boolean = false;
+  constructor() {
+    this.ruleEngine = new RuleEngine();
+  }
+  /**
+   * Initialize the analyzer
+   */
+  async initialize(): Promise<void> {
+    logger.debug(`Initializing ${this.name} analyzer...`);
+    this.initialized = true;
+  }
+  /**
+   * Check if analyzer supports a language
+   */
+  supportsLanguage(language: SupportedLanguage): boolean {
+    return this.languages.includes(language);
+  }
+  /**
+   * Analyze a file
+   */
+  abstract analyze(file: ScannedFile, rules: Rule[]): Promise<Finding[]>;
+  /**
+   * Cleanup resources
+   */
+  async cleanup(): Promise<void> {
+    logger.debug(`Cleaning up ${this.name} analyzer...`);
+    this.initialized = false;
+  }
+  /**
+   * Get analyzer info
+   */
+  getInfo(): { name: string; languages: SupportedLanguage[]; version: string } {
+    return {
+      name: this.name,
+      languages: this.languages,
+      version: this.version
+    };
+  }
+}
+export default BaseAnalyzer;

package/src/analyzers/base/index.ts ADDED Viewed

@@ -0,0 +1,5 @@
+/**
+ * Base Analyzer Exports
+ */
+export * from './baseAnalyzer';

package/src/analyzers/c-cpp/cppAnalyzer.ts ADDED Viewed

@@ -0,0 +1,308 @@
+/**
+ * C/C++ Analyzer
+ * Specialized analyzer for C and C++ code
+ */
+import { BaseAnalyzer } from '../base';
+import { ScannedFile, Finding, Rule, SupportedLanguage, Severity, ThreatType, FindingCategory } from '../../types';
+import { generateId, extractCodeContext } from '../../utils';
+import { getStandardsForThreat } from '../../rules/standards';
+/**
+ * C/C++ Analyzer Class
+ */
+export class CppAnalyzer extends BaseAnalyzer {
+  name = 'C/C++ Analyzer';
+  languages: SupportedLanguage[] = ['c', 'cpp'];
+  version = '1.0.0';
+  /**
+   * Analyze C/C++ file
+   */
+  async analyze(file: ScannedFile, rules: Rule[]): Promise<Finding[]> {
+    const findings: Finding[] = [];
+    // Filter rules for C/C++
+    const cppRules = rules.filter(r =>
+      r.languages.includes('c') || r.languages.includes('cpp')
+    );
+    // Run rule engine
+    const ruleFindings = await this.ruleEngine.analyzeFile(file, cppRules);
+    findings.push(...ruleFindings);
+    // Additional C/C++-specific analysis
+    const customFindings = await this.customAnalysis(file);
+    findings.push(...customFindings);
+    return findings;
+  }
+  /**
+   * Custom C/C++-specific analysis
+   */
+  private async customAnalysis(file: ScannedFile): Promise<Finding[]> {
+    const findings: Finding[] = [];
+    const lines = file.content.split('\n');
+    for (let i = 0; i < lines.length; i++) {
+      const line = lines[i];
+      const lineNum = i + 1;
+      // Check for dangerous functions
+      if (this.checkDangerousFunctions(line)) {
+        findings.push(this.createFinding(
+          file,
+          lineNum,
+          'Use of Dangerous Function',
+          'This function is known to be vulnerable to buffer overflows.',
+          Severity.HIGH,
+          ThreatType.DANGEROUS_FUNCTION
+        ));
+      }
+      // Check for format string vulnerabilities
+      if (this.checkFormatString(line)) {
+        findings.push(this.createFinding(
+          file,
+          lineNum,
+          'Format String Vulnerability',
+          'User-controlled format string can lead to arbitrary code execution.',
+          Severity.CRITICAL,
+          ThreatType.DANGEROUS_FUNCTION
+        ));
+      }
+      // Check for buffer overflow patterns
+      if (this.checkBufferOverflow(line)) {
+        findings.push(this.createFinding(
+          file,
+          lineNum,
+          'Potential Buffer Overflow',
+          'Fixed-size buffer operation without proper bounds checking.',
+          Severity.HIGH,
+          ThreatType.DANGEROUS_FUNCTION
+        ));
+      }
+      // Check for command injection
+      if (this.checkCommandInjection(line)) {
+        findings.push(this.createFinding(
+          file,
+          lineNum,
+          'Command Injection Risk',
+          'System/exec call with potentially user-controlled input.',
+          Severity.CRITICAL,
+          ThreatType.COMMAND_INJECTION
+        ));
+      }
+      // Check for integer overflow
+      if (this.checkIntegerOverflow(line)) {
+        findings.push(this.createFinding(
+          file,
+          lineNum,
+          'Potential Integer Overflow',
+          'Arithmetic operation without overflow checking.',
+          Severity.MEDIUM,
+          ThreatType.DANGEROUS_FUNCTION
+        ));
+      }
+      // Check for use after free patterns
+      if (this.checkUseAfterFree(line)) {
+        findings.push(this.createFinding(
+          file,
+          lineNum,
+          'Potential Use-After-Free',
+          'Pointer may be used after being freed.',
+          Severity.HIGH,
+          ThreatType.DANGEROUS_FUNCTION
+        ));
+      }
+      // Check for hardcoded IPs
+      if (this.checkHardcodedIp(line)) {
+        findings.push(this.createFinding(
+          file,
+          lineNum,
+          'Hardcoded IP Address',
+          'Hardcoded IP addresses may indicate backdoor connections.',
+          Severity.MEDIUM,
+          ThreatType.SUSPICIOUS_NETWORK
+        ));
+      }
+      // Check for shellcode patterns
+      if (this.checkShellcode(line)) {
+        findings.push(this.createFinding(
+          file,
+          lineNum,
+          'Potential Shellcode',
+          'Byte array resembles shellcode or encoded payload.',
+          Severity.CRITICAL,
+          ThreatType.EMBEDDED_PAYLOAD
+        ));
+      }
+    }
+    return findings;
+  }
+  /**
+   * Check for dangerous functions
+   */
+  private checkDangerousFunctions(line: string): boolean {
+    const dangerous = [
+      /\bgets\s*\(/,
+      /\bstrcpy\s*\(/,
+      /\bstrcat\s*\(/,
+      /\bsprintf\s*\(/,
+      /\bvsprintf\s*\(/,
+      /\bscanf\s*\(\s*["']%s/,
+      /\bfscanf\s*\([^,]+,\s*["']%s/,
+      /\bsscanf\s*\([^,]+,\s*["']%s/,
+      /\brealpath\s*\([^,]+,\s*NULL\s*\)/
+    ];
+    return dangerous.some(p => p.test(line));
+  }
+  /**
+   * Check for format string vulnerabilities
+   */
+  private checkFormatString(line: string): boolean {
+    const patterns = [
+      /printf\s*\(\s*[a-zA-Z_][a-zA-Z0-9_]*\s*\)/,  // printf(var) without format
+      /fprintf\s*\([^,]+,\s*[a-zA-Z_][a-zA-Z0-9_]*\s*\)/,
+      /sprintf\s*\([^,]+,\s*[a-zA-Z_][a-zA-Z0-9_]*\s*\)/,
+      /syslog\s*\([^,]+,\s*[a-zA-Z_][a-zA-Z0-9_]*\s*\)/
+    ];
+    return patterns.some(p => p.test(line));
+  }
+  /**
+   * Check for buffer overflow patterns
+   */
+  private checkBufferOverflow(line: string): boolean {
+    const patterns = [
+      /char\s+\w+\s*\[\s*\d+\s*\]/,  // Fixed size buffer
+      /memcpy\s*\([^,]+,[^,]+,[^)]*sizeof/,
+      /strncpy\s*\([^,]+,[^,]+,\s*sizeof\s*\([^)]+\)\s*\)/
+    ];
+    // Only flag if combined with dangerous operations
+    if (patterns.some(p => p.test(line))) {
+      if (/\bstrcpy\b|\bstrcat\b|\bsprintf\b/.test(line)) {
+        return true;
+      }
+    }
+    return false;
+  }
+  /**
+   * Check for command injection
+   */
+  private checkCommandInjection(line: string): boolean {
+    const patterns = [
+      /\bsystem\s*\([^)]*\+/,
+      /\bsystem\s*\([^)]*[a-zA-Z_]\w*\s*\)/,
+      /\bpopen\s*\([^)]*\+/,
+      /\bexecl\s*\([^)]*\+/,
+      /\bexecv\s*\([^)]*\+/,
+      /\bShellExecute\s*\([^)]*\+/
+    ];
+    return patterns.some(p => p.test(line));
+  }
+  /**
+   * Check for integer overflow
+   */
+  private checkIntegerOverflow(line: string): boolean {
+    const patterns = [
+      /malloc\s*\(\s*\w+\s*\*\s*\w+\s*\)/,  // malloc(a * b)
+      /calloc\s*\(\s*\w+\s*,\s*\w+\s*\*\s*\w+\s*\)/,
+      /realloc\s*\([^,]+,\s*\w+\s*\*\s*\w+\s*\)/
+    ];
+    return patterns.some(p => p.test(line));
+  }
+  /**
+   * Check for use-after-free patterns
+   */
+  private checkUseAfterFree(line: string): boolean {
+    // Simplified check - look for free followed by usage
+    const patterns = [
+      /free\s*\(\s*(\w+)\s*\).*\1/,  // free(ptr)...ptr
+      /delete\s+(\w+).*\1->/  // delete ptr...ptr->
+    ];
+    return patterns.some(p => p.test(line));
+  }
+  /**
+   * Check for hardcoded IPs
+   */
+  private checkHardcodedIp(line: string): boolean {
+    // Check for IPv4 addresses that aren't localhost or private
+    const ipPattern = /["']\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}["']/;
+    if (ipPattern.test(line)) {
+      // Exclude common safe IPs
+      if (!/127\.0\.0\.1|0\.0\.0\.0|192\.168\.|10\.|172\.(?:1[6-9]|2[0-9]|3[01])\./.test(line)) {
+        return true;
+      }
+    }
+    return false;
+  }
+  /**
+   * Check for shellcode patterns
+   */
+  private checkShellcode(line: string): boolean {
+    const patterns = [
+      /\\x[0-9a-f]{2}(?:\\x[0-9a-f]{2}){20,}/i,  // Hex escape sequences
+      /\{0x[0-9a-f]{2}(?:,\s*0x[0-9a-f]{2}){20,}\}/i,  // Byte array
+      /char\s+\w+\[\]\s*=\s*"\\x/i
+    ];
+    return patterns.some(p => p.test(line));
+  }
+  /**
+   * Create generic finding
+   */
+  private createFinding(
+    file: ScannedFile,
+    lineNum: number,
+    title: string,
+    description: string,
+    severity: Severity,
+    threatType: ThreatType
+  ): Finding {
+    const context = extractCodeContext(file.content, lineNum, 2);
+    return {
+      id: generateId(),
+      title,
+      description,
+      severity,
+      threatType,
+      category: FindingCategory.VULNERABILITY,
+      location: {
+        file: file.relativePath,
+        startLine: lineNum,
+        endLine: lineNum
+      },
+      snippet: {
+        code: context.code,
+        contextBefore: context.contextBefore,
+        contextAfter: context.contextAfter
+      },
+      standards: getStandardsForThreat(threatType),
+      remediation: 'Review and fix the identified issue. Use safe alternatives.',
+      confidence: 70,
+      analyzer: this.name,
+      timestamp: new Date(),
+      tags: ['c', 'cpp', 'memory-safety']
+    };
+  }
+}
+export default CppAnalyzer;

package/src/analyzers/c-cpp/index.ts ADDED Viewed

@@ -0,0 +1,5 @@
+/**
+ * C/C++ Analyzer Exports
+ */
+export * from './cppAnalyzer';

package/src/analyzers/core/engine/index.ts ADDED Viewed

@@ -0,0 +1,5 @@
+/**
+ * Engine Module Exports
+ */
+export * from './ruleEngine';

package/src/analyzers/core/engine/ruleEngine.ts ADDED Viewed

@@ -0,0 +1,221 @@
+/**
+ * Rule Engine
+ * Core engine for running security rules against code
+ */
+import {
+  Rule,
+  Finding,
+  ScannedFile,
+  Severity,
+  ThreatType,
+  FindingCategory,
+  SourceLocation,
+  CodeSnippet
+} from '../../../types';
+import { generateId, extractCodeContext } from '../../../utils';
+import { getStandardsForThreat } from '../../../rules/standards';
+import { logger } from '../../../utils/logger';
+/**
+ * Pattern match result
+ */
+interface PatternMatch {
+  matched: boolean;
+  line: number;
+  column: number;
+  matchedText: string;
+  groups?: Record<string, string>;
+}
+/**
+ * Rule Engine Class
+ */
+export class RuleEngine {
+  private rules: Rule[];
+  constructor() {
+    this.rules = [];
+  }
+  /**
+   * Load rules for analysis
+   */
+  loadRules(rules: Rule[]): void {
+    this.rules = rules.filter(r => r.enabled);
+    logger.info(`📋 Loaded ${this.rules.length} active rules`);
+  }
+  /**
+   * Get rules for a specific language
+   */
+  getRulesForLanguage(language: string): Rule[] {
+    return this.rules.filter(rule =>
+      rule.languages.includes(language as any) ||
+      rule.languages.includes('*' as any)
+    );
+  }
+  /**
+   * Run rules against a file
+   */
+  async analyzeFile(file: ScannedFile, rules?: Rule[]): Promise<Finding[]> {
+    const findings: Finding[] = [];
+    const applicableRules = rules || this.getRulesForLanguage(file.language || '');
+    for (const rule of applicableRules) {
+      try {
+        const ruleFindings = await this.runRule(rule, file);
+        findings.push(...ruleFindings);
+      } catch (error) {
+        logger.debug(`Error running rule ${rule.id}: ${error}`);
+      }
+    }
+    return findings;
+  }
+  /**
+   * Run a single rule against a file
+   */
+  private async runRule(rule: Rule, file: ScannedFile): Promise<Finding[]> {
+    const findings: Finding[] = [];
+    for (const pattern of rule.patterns) {
+      if (pattern.type === 'regex') {
+        const matches = this.matchRegex(file.content, pattern.pattern, pattern.flags);
+        for (const match of matches) {
+          const finding = this.createFinding(rule, file, match);
+          findings.push(finding);
+        }
+      }
+    }
+    return findings;
+  }
+  /**
+   * Match regex pattern against content
+   */
+  private matchRegex(content: string, pattern: string, flags: string = 'gim'): PatternMatch[] {
+    const matches: PatternMatch[] = [];
+    const lines = content.split('\n');
+    try {
+      const regex = new RegExp(pattern, flags);
+      let lineOffset = 0;
+      for (let lineNum = 0; lineNum < lines.length; lineNum++) {
+        const line = lines[lineNum];
+        let match: RegExpExecArray | null;
+        // Reset regex for each line
+        const lineRegex = new RegExp(pattern, flags.replace('g', '') + 'g');
+        while ((match = lineRegex.exec(line)) !== null) {
+          matches.push({
+            matched: true,
+            line: lineNum + 1, // 1-indexed
+            column: match.index + 1,
+            matchedText: match[0],
+            groups: match.groups
+          });
+          // Prevent infinite loop on zero-width matches
+          if (match[0].length === 0) {
+            lineRegex.lastIndex++;
+          }
+        }
+        lineOffset += line.length + 1;
+      }
+    } catch (error) {
+      logger.debug(`Invalid regex pattern: ${pattern}`);
+    }
+    return matches;
+  }
+  /**
+   * Create a finding from a rule match
+   */
+  private createFinding(rule: Rule, file: ScannedFile, match: PatternMatch): Finding {
+    const context = extractCodeContext(file.content, match.line, 3);
+    const location: SourceLocation = {
+      file: file.relativePath,
+      startLine: match.line,
+      endLine: match.line,
+      startColumn: match.column,
+      endColumn: match.column + match.matchedText.length
+    };
+    const snippet: CodeSnippet = {
+      code: context.code,
+      contextBefore: context.contextBefore,
+      contextAfter: context.contextAfter,
+      highlight: {
+        start: match.column - 1,
+        end: match.column - 1 + match.matchedText.length
+      }
+    };
+    return {
+      id: generateId(),
+      title: rule.name,
+      description: rule.description,
+      severity: rule.severity,
+      threatType: rule.threatType,
+      category: rule.category,
+      location,
+      snippet,
+      standards: rule.standards.length > 0
+        ? rule.standards
+        : getStandardsForThreat(rule.threatType),
+      remediation: rule.remediation,
+      confidence: 85, // Default confidence for regex matches
+      analyzer: 'rule-engine',
+      timestamp: new Date(),
+      tags: rule.tags
+    };
+  }
+  /**
+   * Deduplicate findings
+   */
+  deduplicateFindings(findings: Finding[]): Finding[] {
+    const seen = new Set<string>();
+    const unique: Finding[] = [];
+    for (const finding of findings) {
+      const key = `${finding.location.file}:${finding.location.startLine}:${finding.threatType}`;
+      if (!seen.has(key)) {
+        seen.add(key);
+        unique.push(finding);
+      }
+    }
+    return unique;
+  }
+  /**
+   * Sort findings by severity
+   */
+  sortBySeverity(findings: Finding[]): Finding[] {
+    const severityOrder: Record<Severity, number> = {
+      [Severity.CRITICAL]: 0,
+      [Severity.HIGH]: 1,
+      [Severity.MEDIUM]: 2,
+      [Severity.LOW]: 3,
+      [Severity.INFO]: 4
+    };
+    return [...findings].sort((a, b) =>
+      severityOrder[a.severity] - severityOrder[b.severity]
+    );
+  }
+}
+export default RuleEngine;

package/src/analyzers/core/index.ts ADDED Viewed

@@ -0,0 +1,8 @@
+/**
+ * Core Module Exports
+ */
+export * from './scanner';
+export * from './engine';
+export * from './scoring';
+export * from './securityScanner';