shroud-privacy 2.0.0

package/dist/generators/base.d.ts

@@ -0,0 +1,6 @@
+/** Base generator interface. */
+import { Category } from "../types.js";
+export interface BaseGenerator {
+    readonly categories: Category[];
+    generate(category: Category, seed: number, original?: string): string;
+}

package/dist/generators/base.js

@@ -0,0 +1,2 @@
+/** Base generator interface. */
+export {};

package/dist/generators/codes.d.ts

@@ -0,0 +1,20 @@
+/**
+ * Fake generators for API keys, tokens, file paths, credit cards, SSNs.
+ */
+import { Category } from "../types.js";
+import type { BaseGenerator } from "./base.js";
+export declare const FILE_DIRS: string[];
+export declare const FILE_NAMES: string[];
+export declare class CodeGenerator implements BaseGenerator {
+    readonly categories: Category[];
+    generate(category: Category, seed: number, original?: string): string;
+    _fakeApiKey(seed: number, original: string): string;
+    _fakeFilePath(seed: number, original: string): string;
+    _fakeCreditCard(seed: number, original: string): string;
+    _fakeSsn(seed: number): string;
+    _fakePhone(seed: number, original: string): string;
+    _fakeIban(seed: number, original: string): string;
+    _fakeNationalId(seed: number, original: string): string;
+    _fakeJwt(seed: number): string;
+    _fakeGps(seed: number): string;
+}

package/dist/generators/codes.js

@@ -0,0 +1,231 @@
+/**
+ * Fake generators for API keys, tokens, file paths, credit cards, SSNs.
+ */
+import { createHash } from "node:crypto";
+import { Category } from "../types.js";
+export const FILE_DIRS = [
+    "/opt/app/data", "/var/lib/service", "/home/user/projects",
+    "/etc/app", "/tmp/cache", "/srv/web/static",
+    "/opt/pipeline/output", "/var/log/app",
+    "/home/user/docs", "/etc/ssl/certs",
+];
+export const FILE_NAMES = [
+    "store.db", "config.yaml", "main.py", "settings.conf",
+    "session.bin", "index.html", "results.csv", "service.log",
+    "report.pdf", "app.pem", "weights.bin", "dump.json",
+    "app.toml", "file.dat", "runner.sh", "artifact.tar.gz",
+];
+/** Compute Luhn check digit for a string of digits. */
+function luhnCheckDigit(digits) {
+    let sum = 0;
+    for (let i = digits.length - 1; i >= 0; i--) {
+        let d = parseInt(digits[i], 10);
+        if ((digits.length - i) % 2 === 1) {
+            d *= 2;
+            if (d > 9)
+                d -= 9;
+        }
+        sum += d;
+    }
+    return (10 - (sum % 10)) % 10;
+}
+export class CodeGenerator {
+    categories = [
+        Category.API_KEY,
+        Category.FILE_PATH,
+        Category.CREDIT_CARD,
+        Category.SSN,
+        Category.PHONE,
+        Category.IBAN,
+        Category.NATIONAL_ID,
+        Category.JWT,
+        Category.GPS_COORDINATE,
+        Category.ICS_IDENTIFIER,
+        Category.CERTIFICATE,
+    ];
+    generate(category, seed, original = "") {
+        if (category === Category.API_KEY) {
+            return this._fakeApiKey(seed, original);
+        }
+        else if (category === Category.FILE_PATH) {
+            return this._fakeFilePath(seed, original);
+        }
+        else if (category === Category.CREDIT_CARD) {
+            return this._fakeCreditCard(seed, original);
+        }
+        else if (category === Category.SSN) {
+            return this._fakeSsn(seed);
+        }
+        else if (category === Category.PHONE) {
+            return this._fakePhone(seed, original);
+        }
+        else if (category === Category.IBAN) {
+            return this._fakeIban(seed, original);
+        }
+        else if (category === Category.NATIONAL_ID) {
+            return this._fakeNationalId(seed, original);
+        }
+        else if (category === Category.JWT) {
+            return this._fakeJwt(seed);
+        }
+        else if (category === Category.GPS_COORDINATE) {
+            return this._fakeGps(seed);
+        }
+        else if (category === Category.ICS_IDENTIFIER) {
+            return `ICS-${String(seed % 100000).padStart(5, "0")}`;
+        }
+        else if (category === Category.CERTIFICATE) {
+            return `[REDACTED-CERT-${String(seed % 10000).padStart(4, "0")}]`;
+        }
+        return `code-${String(seed % 10000).padStart(4, "0")}`;
+    }
+    _fakeApiKey(seed, original) {
+        const buf = Buffer.alloc(8);
+        buf.writeUInt32BE(seed >>> 0, 0);
+        buf.writeUInt32BE(((seed >>> 16) ^ 0xcafebabe) >>> 0, 4);
+        const h = createHash("sha256").update(buf).digest("hex");
+        if (original) {
+            // Preserve prefix pattern (e.g., "sk-prod-" -> "sk-test-")
+            const prefixMatch = original.match(/^([a-zA-Z]+[-_](?:[a-zA-Z]+[-_])?)/);
+            if (prefixMatch) {
+                const prefix = prefixMatch[1];
+                const remainingLen = Math.max(8, original.length - prefix.length);
+                const fakeBody = h.slice(0, remainingLen);
+                return `${prefix}${fakeBody}`;
+            }
+        }
+        return `sk-test-${h.slice(0, 32)}`;
+    }
+    _fakeFilePath(seed, original) {
+        if (!original) {
+            const d = FILE_DIRS[seed % FILE_DIRS.length];
+            const f = FILE_NAMES[Math.floor(seed / FILE_DIRS.length) % FILE_NAMES.length];
+            return `${d}/${f}`;
+        }
+        // Preserve path depth and extension
+        const normalised = original.replace(/\\/g, "/");
+        const parts = normalised.split("/");
+        let ext = "";
+        const lastPart = parts[parts.length - 1];
+        if (lastPart.includes(".")) {
+            ext = "." + lastPart.split(".").slice(1).join(".");
+        }
+        // Match depth
+        const dirNames = [
+            "opt", "var", "home", "etc", "srv", "tmp", "app", "lib", "data", "logs",
+        ];
+        const fakeParts = [];
+        for (let i = 0; i < parts.length; i++) {
+            const part = parts[i];
+            if (!part) {
+                fakeParts.push("");
+                continue;
+            }
+            if (i === parts.length - 1) {
+                // Filename
+                let fname = FILE_NAMES[(seed + i) % FILE_NAMES.length];
+                if (ext) {
+                    fname = fname.split(".")[0] + ext;
+                }
+                fakeParts.push(fname);
+            }
+            else {
+                fakeParts.push(dirNames[(seed + i) % dirNames.length]);
+            }
+        }
+        // Preserve separator
+        if (original.includes("\\")) {
+            return fakeParts.join("\\");
+        }
+        return fakeParts.join("/");
+    }
+    _fakeCreditCard(seed, original) {
+        // Generate 15 digits, then compute Luhn check digit for digit 16
+        const part1 = String((seed & 0xffffffff) >>> 0).padStart(8, "0").slice(0, 8);
+        const part2 = String(((seed >>> 4) ^ 0x12345678) >>> 0).padStart(8, "0").slice(0, 7);
+        const first15 = (part1 + part2).slice(0, 15).padStart(15, "0");
+        const checkDigit = luhnCheckDigit(first15 + "0");
+        const digits = first15 + String(checkDigit);
+        if (original) {
+            // Detect separator
+            const sep = original.includes("-")
+                ? "-"
+                : original.includes(" ")
+                    ? " "
+                    : "";
+            if (sep) {
+                return `${digits.slice(0, 4)}${sep}${digits.slice(4, 8)}${sep}${digits.slice(8, 12)}${sep}${digits.slice(12, 16)}`;
+            }
+        }
+        return `${digits.slice(0, 4)}-${digits.slice(4, 8)}-${digits.slice(8, 12)}-${digits.slice(12, 16)}`;
+    }
+    _fakeSsn(seed) {
+        // Avoid invalid area numbers: 000, 666, 900-999
+        let area = (seed % 898) + 1; // 1-898
+        if (area >= 666)
+            area++; // skip 666 -> gives us 1-665, 667-899
+        // Avoid invalid group 00 and serial 0000
+        const group = (Math.floor(seed / 898) % 99) + 1; // 01-99
+        const serial = (Math.floor(seed / (898 * 99)) % 9999) + 1; // 0001-9999
+        return `${String(area).padStart(3, "0")}-${String(group).padStart(2, "0")}-${String(serial).padStart(4, "0")}`;
+    }
+    _fakePhone(seed, original) {
+        const area = 200 + (seed % 800);
+        const mid = 200 + (Math.floor(seed / 800) % 800);
+        const last = seed % 10000;
+        const lastStr = String(last).padStart(4, "0");
+        if (!original) {
+            return `(${area}) ${mid}-${lastStr}`;
+        }
+        // Detect format: +1, parens, dashes, spaces, dots
+        const hasCountry = original.startsWith("+");
+        const hasParens = original.includes("(");
+        const hasSep = original.includes("-") || original.includes(".") || original.includes(" ");
+        const sep = original.includes("-")
+            ? "-"
+            : original.includes(".")
+                ? "."
+                : original.includes(" ")
+                    ? " "
+                    : "";
+        if (hasCountry) {
+            // International format — preserve original separator style (or none)
+            const countryMatch = original.match(/^\+(\d{1,3})/);
+            const cc = countryMatch ? countryMatch[1] : "1";
+            if (!hasSep) {
+                // Original had no separators (e.g. +15551234567) — keep it compact
+                return `+${cc}${area}${mid}${lastStr}`;
+            }
+            return `+${cc}${sep}${area}${sep}${mid}${sep}${lastStr}`;
+        }
+        else if (hasParens) {
+            return `(${area}) ${mid}-${lastStr}`;
+        }
+        else {
+            return `${area}${sep}${mid}${sep}${lastStr}`;
+        }
+    }
+    _fakeIban(seed, original) {
+        // Preserve country code, generate fake digits
+        const cc = original.slice(0, 2).toUpperCase() || "DE";
+        const check = String(seed % 98).padStart(2, "0");
+        const body = String(seed).padStart(18, "0").slice(0, 18);
+        return `${cc}${check}${body}`;
+    }
+    _fakeNationalId(seed, original) {
+        // Preserve length and format (digits/letters)
+        const len = original.length || 10;
+        const digits = String(seed).padStart(len, "0").slice(0, len);
+        return digits;
+    }
+    _fakeJwt(seed) {
+        const h = createHash("sha256").update(String(seed)).digest("base64url");
+        return `eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJ0ZXN0In0.${h}`;
+    }
+    _fakeGps(seed) {
+        // Generate coordinates near null island (0,0) — clearly fake
+        const lat = ((seed % 18000) / 100 - 90).toFixed(6);
+        const lon = (((seed >>> 8) % 36000) / 100 - 180).toFixed(6);
+        return `${lat}, ${lon}`;
+    }
+}

package/dist/generators/names.d.ts

@@ -0,0 +1,29 @@
+/**
+ * Fake name generators for persons, organizations, and locations.
+ *
+ * Includes semantic/cultural matching -- CJK names get CJK fakes,
+ * Hispanic names get Hispanic fakes, etc.
+ */
+import { Category } from "../types.js";
+import type { BaseGenerator } from "./base.js";
+export declare const CJK_FIRST: string[];
+export declare const CJK_LAST: string[];
+export declare const HISPANIC_FIRST: string[];
+export declare const HISPANIC_LAST: string[];
+export declare const ARABIC_FIRST: string[];
+export declare const ARABIC_LAST: string[];
+export declare const SOUTH_ASIAN_FIRST: string[];
+export declare const SOUTH_ASIAN_LAST: string[];
+export declare const FIRST_NAMES: string[];
+export declare const LAST_NAMES: string[];
+export declare const ORG_PREFIXES: string[];
+export declare const ORG_SUFFIXES: string[];
+export declare const LOCATIONS: string[];
+/** Detect the likely cultural origin of a name. */
+export declare function detectCulture(name: string): string;
+export declare class NameGenerator implements BaseGenerator {
+    readonly categories: Category[];
+    generate(category: Category, seed: number, original?: string): string;
+    private _fakePerson;
+    private _fakeOrg;
+}

package/dist/generators/names.js

@@ -0,0 +1,194 @@
+/**
+ * Fake name generators for persons, organizations, and locations.
+ *
+ * Includes semantic/cultural matching -- CJK names get CJK fakes,
+ * Hispanic names get Hispanic fakes, etc.
+ */
+import { Category } from "../types.js";
+// --- Cultural name pools ---
+// CJK names (Chinese/Japanese/Korean)
+export const CJK_FIRST = [
+    "Haruki", "Yuki", "Ren", "Sora", "Hana", "Mei", "Kai", "Ryo",
+    "Aoi", "Sakura", "Wei", "Min", "Jun", "Lin", "Jing", "Xiao",
+    "Soo", "Jin", "Hyun", "Yeon", "Tae", "Haru", "Nao", "Shin",
+];
+export const CJK_LAST = [
+    "Tanaka", "Suzuki", "Takahashi", "Watanabe", "Yamamoto", "Nakamura",
+    "Chen", "Wang", "Li", "Zhang", "Liu", "Yang",
+    "Kim", "Park", "Lee", "Choi", "Jung", "Kang",
+    "Sato", "Ito", "Kobayashi", "Mori", "Hayashi", "Ono",
+];
+// Hispanic/Latin names
+export const HISPANIC_FIRST = [
+    "Carlos", "Maria", "Diego", "Sofia", "Lucas", "Valentina", "Mateo", "Camila",
+    "Santiago", "Isabella", "Miguel", "Lucia", "Andres", "Elena", "Pablo", "Ana",
+    "Rafael", "Carmen", "Gabriel", "Rosa", "Fernando", "Luisa", "Javier", "Pilar",
+];
+export const HISPANIC_LAST = [
+    "Garcia", "Rodriguez", "Martinez", "Lopez", "Hernandez", "Gonzalez",
+    "Perez", "Sanchez", "Ramirez", "Torres", "Flores", "Rivera",
+    "Diaz", "Morales", "Ortiz", "Reyes", "Cruz", "Castillo",
+    "Mendoza", "Vargas", "Romero", "Ruiz", "Alvarez", "Jimenez",
+];
+// Arabic/Middle Eastern names
+export const ARABIC_FIRST = [
+    "Omar", "Fatima", "Hassan", "Layla", "Youssef", "Amira", "Khalid", "Nour",
+    "Tariq", "Salma", "Rashid", "Zahra", "Karim", "Leila", "Samir", "Hana",
+    "Faris", "Dina", "Nabil", "Rania", "Amir", "Yasmin", "Zaid", "Muna",
+];
+export const ARABIC_LAST = [
+    "Al-Rashid", "Hassan", "Ibrahim", "Abbas", "Khalil", "Mahmoud",
+    "Nasser", "Rahman", "Salem", "Haddad", "Bishara", "Farouk",
+    "Mansour", "Qasim", "Sharif", "Taleb", "Wahab", "Zayed",
+];
+// South Asian names
+export const SOUTH_ASIAN_FIRST = [
+    "Arjun", "Priya", "Raj", "Ananya", "Vikram", "Sita", "Rohan", "Meera",
+    "Arun", "Kavita", "Sanjay", "Nisha", "Amit", "Pooja", "Sunil", "Rekha",
+    "Harsh", "Deepa", "Nikhil", "Asha", "Ravi", "Lata", "Kiran", "Maya",
+];
+export const SOUTH_ASIAN_LAST = [
+    "Patel", "Sharma", "Singh", "Kumar", "Gupta", "Mehta",
+    "Reddy", "Nair", "Rao", "Verma", "Joshi", "Shah",
+    "Das", "Mishra", "Srinivasan", "Krishnamurthy", "Pillai", "Iyer",
+];
+export const FIRST_NAMES = [
+    "Alex", "Blake", "Casey", "Dana", "Ellis", "Frankie", "Gray", "Harper",
+    "Indigo", "Jordan", "Kai", "Lane", "Morgan", "Noah", "Oakley", "Parker",
+    "Quinn", "Reese", "Sage", "Taylor", "Uma", "Val", "Wren", "Xen",
+    "Yael", "Zara", "Avery", "Brook", "Cedar", "Drew", "Eden", "Fern",
+    "Glen", "Haven", "Iris", "Jules", "Kira", "Lark", "Marlo", "Nico",
+    "Onyx", "Phoenix", "Rain", "Skyler", "Tatum", "Unity", "Vesper", "Winter",
+];
+export const LAST_NAMES = [
+    "Stone", "Rivers", "Bell", "Cross", "Drake", "Fields", "Grant", "Hayes",
+    "Ivy", "James", "Knight", "Lake", "Moon", "North", "Oak", "Price",
+    "Reed", "Shaw", "Thorn", "Vale", "Ward", "York", "Ash", "Banks",
+    "Cole", "Dawn", "East", "Frost", "Gold", "Hill", "Jade", "King",
+    "Lowe", "Marsh", "Noel", "Peak", "Rose", "Snow", "Troy", "Vane",
+    "Wells", "Birch", "Clay", "Dove", "Elm", "Fox", "Gale", "Hart",
+];
+export const ORG_PREFIXES = [
+    "Nexus", "Vertex", "Prism", "Atlas", "Cipher", "Beacon", "Forge", "Crest",
+    "Pulse", "Apex", "Echo", "Nova", "Summit", "Core", "Bridge", "Spark",
+    "Tide", "Haven", "Peak", "Drift", "Flux", "Orbit", "Zenith", "Pine",
+];
+export const ORG_SUFFIXES = [
+    "Corp", "Labs", "Systems", "Group", "Inc", "Partners", "Technologies",
+    "Industries", "Networks", "Solutions", "Dynamics", "Ventures", "Digital",
+    "Analytics", "Collective", "Innovations", "Software", "Consulting",
+    "Strategies", "Media", "Engineering", "Capital", "Works", "Services",
+];
+export const LOCATIONS = [
+    "Maple Ridge", "Cedar Falls", "Pine Valley", "Oak Harbor", "Birch Creek",
+    "Silver Lake", "Crystal Bay", "Shadow Glen", "Amber Hills", "Coral Springs",
+    "Iron Bridge", "Stone Haven", "River Bend", "Summit View", "Harbor Point",
+    "Eagle Pass", "Fox Hollow", "Raven Cliff", "Wolf Creek", "Bear Valley",
+    "Falcon Heights", "Elk Grove", "Lark Meadow", "Heron Bay", "Sparrow Hill",
+    "Aspen Ridge", "Willow Park", "Jasper Cove", "Slate Crossing", "Flint Mesa",
+];
+// --- Cultural detection helpers ---
+const CJK_RE = /[\u4E00-\u9FFF\u3040-\u309F\u30A0-\u30FF\uAC00-\uD7AF]/;
+const HISPANIC_PATTERNS = new RegExp("(?:Garcia|Rodriguez|Martinez|Lopez|Hernandez|Gonzalez|Perez|Sanchez|" +
+    "Ramirez|Torres|Flores|Rivera|Diaz|Morales|Cruz|Reyes|Castillo|" +
+    "Juan|Jose|Maria|Carlos|Miguel|Diego|Sofia|Camila|Santiago)", "i");
+const ARABIC_PATTERNS = new RegExp("(?:Al-|Abu |Ibn |Mohammed|Muhammad|Ahmed|Hassan|Hussein|Fatima|Omar|" +
+    "Khalid|Youssef|Tariq|Rashid|Karim|Nour|Zahra|Layla)", "i");
+const SOUTH_ASIAN_PATTERNS = new RegExp("(?:Kumar|Singh|Patel|Sharma|Gupta|Mehta|Reddy|Nair|Rao|" +
+    "Srinivasan|Krishnamurthy|Arjun|Priya|Raj|Vikram|Sanjay|Amit)", "i");
+/** Detect the likely cultural origin of a name. */
+export function detectCulture(name) {
+    if (CJK_RE.test(name))
+        return "cjk";
+    if (ARABIC_PATTERNS.test(name))
+        return "arabic";
+    if (HISPANIC_PATTERNS.test(name))
+        return "hispanic";
+    if (SOUTH_ASIAN_PATTERNS.test(name))
+        return "south_asian";
+    return "western";
+}
+const CULTURE_POOLS = {
+    cjk: [CJK_FIRST, CJK_LAST],
+    hispanic: [HISPANIC_FIRST, HISPANIC_LAST],
+    arabic: [ARABIC_FIRST, ARABIC_LAST],
+    south_asian: [SOUTH_ASIAN_FIRST, SOUTH_ASIAN_LAST],
+    western: [FIRST_NAMES, LAST_NAMES],
+};
+function selectNamePools(original, _seed) {
+    if (!original)
+        return [FIRST_NAMES, LAST_NAMES];
+    const culture = detectCulture(original);
+    return CULTURE_POOLS[culture] ?? [FIRST_NAMES, LAST_NAMES];
+}
+export class NameGenerator {
+    categories = [
+        Category.PERSON_NAME,
+        Category.ORG_NAME,
+        Category.LOCATION,
+    ];
+    generate(category, seed, original = "") {
+        if (category === Category.PERSON_NAME) {
+            return this._fakePerson(seed, original);
+        }
+        else if (category === Category.ORG_NAME) {
+            return this._fakeOrg(seed, original);
+        }
+        else if (category === Category.LOCATION) {
+            return LOCATIONS[seed % LOCATIONS.length];
+        }
+        return `Entity-${String(seed % 10000).padStart(4, "0")}`;
+    }
+    _fakePerson(seed, original) {
+        const [firstPool, lastPool] = selectNamePools(original, seed);
+        const first = firstPool[seed % firstPool.length];
+        const last = lastPool[Math.floor(seed / firstPool.length) % lastPool.length];
+        if (!original)
+            return `${first} ${last}`;
+        // Preserve the structure of the original name
+        const parts = original.split(" ");
+        if (parts.length === 1) {
+            return first;
+        }
+        else if (parts.length === 3) {
+            const middle = firstPool[Math.floor(seed / 3) % firstPool.length];
+            return `${first} ${middle} ${last}`;
+        }
+        else if (parts.length > 3) {
+            const extra = [];
+            for (let i = 0; i < parts.length - 2; i++) {
+                extra.push(firstPool[(seed + i) % firstPool.length]);
+            }
+            return [first, ...extra, last].join(" ");
+        }
+        // Preserve separator (hyphen, period)
+        if (original.includes("-") && !original.includes(" ")) {
+            return `${first}-${last}`;
+        }
+        if (original.includes(".") && !original.includes(" ")) {
+            return `${first[0]}.${last}`;
+        }
+        return `${first} ${last}`;
+    }
+    _fakeOrg(seed, original) {
+        const prefix = ORG_PREFIXES[seed % ORG_PREFIXES.length];
+        const suffix = ORG_SUFFIXES[Math.floor(seed / ORG_PREFIXES.length) % ORG_SUFFIXES.length];
+        if (!original)
+            return `${prefix} ${suffix}`;
+        // Match word count of original
+        const origWords = original.split(" ");
+        if (origWords.length === 1) {
+            return prefix;
+        }
+        else if (origWords.length === 2) {
+            return `${prefix} ${suffix}`;
+        }
+        else {
+            const extras = [];
+            for (let i = 1; i < origWords.length - 1; i++) {
+                extras.push(ORG_PREFIXES[(seed + i) % ORG_PREFIXES.length]);
+            }
+            return [prefix, ...extras, suffix].join(" ");
+        }
+    }
+}

package/dist/generators/network.d.ts

@@ -0,0 +1,86 @@
+/**
+ * Fake network entity generators: IPs, emails, URLs, domains, MACs, BGP ASNs.
+ */
+import { Category } from "../types.js";
+import type { BaseGenerator } from "./base.js";
+export declare const DOMAINS: string[];
+export declare const DOMAINS_BY_TLD: Record<string, string[]>;
+export declare const EMAIL_PREFIXES: string[];
+export declare const EMAIL_PREFIXES_SHORT: string[];
+export declare const EMAIL_PREFIXES_MEDIUM: string[];
+export declare const EMAIL_PREFIXES_LONG: string[];
+export declare const SNMP_COMMUNITIES: string[];
+export declare const HOSTNAME_ROLES: string[];
+export declare const HOSTNAME_SITES: string[];
+export declare const PATH_SEGMENTS: string[];
+/** 100.64.0.0 as unsigned 32-bit int */
+export declare const CGNAT_BASE: number;
+/** Mask for CGNAT /10 range */
+export declare const CGNAT_MASK_10 = 4290772992;
+export declare function ipToInt(ip: string): number;
+export declare function intToIp(n: number): string;
+export declare class SubnetMapper {
+    /** Forward mapping: serialized key "netInt,prefixLen" -> fake network int */
+    subnetFwd: Map<string, number>;
+    /** Reverse mapping: fake network int -> serialized key */
+    subnetRev: Map<number, string>;
+    /** Next CGNAT slot to allocate */
+    subnetNextSlot: number;
+    /** Learned subnets from text context */
+    knownSubnets: Array<{
+        networkInt: number;
+        prefixLen: number;
+    }>;
+    /**
+     * Scan text for CIDR notation and subnet masks to learn subnet boundaries.
+     * Call this before obfuscating IPs so the generator knows the correct
+     * prefix length for each address.
+     */
+    learnSubnetsFromText(text: string): void;
+    /** Find the best matching prefix length for an IP from learned subnets. */
+    findPrefixLen(ipInt: number): number;
+    /** Map a real network address to a fake CGNAT network address. */
+    mapSubnet(netInt: number, prefixLen: number): number;
+    /** Reset all subnet mapping state. */
+    reset(): void;
+}
+export declare const VLAN_NAMES: string[];
+export declare const INTERFACE_DESCS: string[];
+export declare const ROUTE_MAP_NAMES: string[];
+export declare const ACL_NAMES: string[];
+export declare class NetworkGenerator implements BaseGenerator {
+    readonly categories: Category[];
+    private readonly subnetMapper;
+    constructor(subnetMapper: SubnetMapper);
+    generate(category: Category, seed: number, original?: string): string;
+    /**
+     * Subnet-preserving IP obfuscation for any prefix length.
+     *
+     * Network bits are mapped to the CGNAT range (100.64.0.0/10),
+     * host bits are preserved exactly. Defaults to /24 when no
+     * subnet context is available.
+     */
+    _fakeIp(seed: number, original: string, subnetMapper: SubnetMapper): string;
+    _fakeEmail(seed: number, original: string): string;
+    _fakeUrl(seed: number, original: string): string;
+    /** Generate a fake MAC address preserving format (colon, dash, or Cisco dot). */
+    _fakeMac(seed: number, original: string): string;
+    /** Map BGP AS numbers to the private AS range (64512-65534). */
+    _fakeAsn(seed: number): string;
+    /** Replace SNMP community strings with generic names. */
+    _fakeSnmpCommunity(seed: number): string;
+    /** Replace network credentials with seed-derived unique fake values. */
+    _fakeNetworkCredential(seed: number, original: string): string;
+    /** Generate a fake hostname preserving structure. */
+    _fakeHostname(seed: number): string;
+    /** Fake VLAN ID/name. Preserves the keyword structure. */
+    _fakeVlanId(seed: number, original: string): string;
+    /** Fake interface description. */
+    _fakeInterfaceDesc(seed: number, _original: string): string;
+    /** Fake route-map or prefix-list name. */
+    _fakeRouteMap(seed: number, _original: string): string;
+    /** Fake OSPF identifiers (router-id or area). */
+    _fakeOspfId(seed: number, original: string): string;
+    /** Fake ACL name. */
+    _fakeAclName(seed: number, _original: string): string;
+}