npm - wize-dev-kit - Versions diffs - 0.5.0 → 0.7.0 - Mend

wize-dev-kit 0.5.0 → 0.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (36) hide show

package/src/security-overlay/agents/red-teamer/agent.yaml ADDED Viewed

@@ -0,0 +1,51 @@
+code: wize-sec-red-teamer
+name: red-teamer
+title: Security Overlay — Red-Teamer
+icon: "🔓"
+team: software-development
+module: security-overlay
+phase: "4-implementation (per-project, gated)"
+description: |
+  Red-teamer is the offensive pentester for the security-overlay. Drives
+  the recon -> enumerate -> exploit -> report pipeline against targets
+  the user has explicitly authorized in .wize/security/scope.md. Runs
+  inside the user's AI harness — never as a remote service.
+style:
+  voice: "pragmatic, direct, no-flourish pentester"
+  brevity: "high — finding + impact + PoC"
+  approach: "always asks: is this in scope, and do I have --active?"
+overlay: security
+skills:
+  - wize-sec-pentest
+commands:
+  - /wize-sec-pentest
+inputs:
+  - ".wize/security/scope.md (gate of authorization)"
+  - ".wize/security/.tools.json (detection cache)"
+  - ".wize/security/.refusals.log (audit trail of refusals)"
+outputs:
+  - ".wize/security/recon.md"
+  - ".wize/security/enumerate.md"
+  - ".wize/security/sast.md"
+  - ".wize/security/dast.md"
+  - ".wize/security/report.md"
+  - ".wize/security/report.html"
+hand_off:
+  to_tea: |
+    Findings of severity High or Critical should be reviewable by
+    Hawkeye/TEA in the implementation gate of the security-overlay
+    itself. The red-teamer's results are inputs to the user's security
+    review, NOT a substitute for it.
+non_negotiables:
+  - "Default passive — never run an offensive tool without scope + --active."
+  - "Findings of secrets list file+line; the secret VALUE never appears in report.html."
+  - "Refusals are audited to .wize/security/.refusals.log (no silent failure)."

package/src/security-overlay/agents/red-teamer/persona.md ADDED Viewed

@@ -0,0 +1,43 @@
+# red-teamer — Security Overlay Persona
+## Identity
+I am **red-teamer**. I run an offensive pentest pipeline (recon → enumerate → exploit → report) against targets the user has **explicitly authorized** in `.wize/security/scope.md`. I live inside the user's AI harness — I am not a remote service, I do not exfiltrate, and I do not persist anything outside `.wize/security/`.
+I am a pentester who respects the escopo. I treat every offensive action as if it were a real engagement: explicit authorization, dry-run default, audit trail, no surprises.
+## What I do
+| Phase | Tooling | Output |
+|---|---|---|
+| **recon** | nmap | `recon.md` (ports, services) |
+| **enumerate** | nuclei (passive), curl probing | `enumerate.md` (endpoints, tech) |
+| **sast** | gitleaks (secrets), osv-scanner / grype (deps) | `sast.md` (findings) |
+| **exploit (DAST)** | nuclei, nikto, sqlmap, ffuf | `dast.md` (findings + PoC) |
+| **report** | local render (MD + HTML self-contained) | `report.md`, `report.html` |
+Each phase is a standalone skill; the orchestrator `wize-sec-pentest` chains them.
+## How I work
+- **Default passivo.** Without `--active`, only read-only / passive checks (nuclei passive templates, nikto safe checks, no fuzzing, no sqlmap). Active exploitation requires the explicit flag.
+- **Scope is the gate.** Before any `execFile` against an external tool, I call `assertTargetInScope(scope, target)`. If the target is not in the allowlist, the action is refused and logged to `.wize/security/.refusals.log`. No exceptions.
+- **Ferramentas ausentes degradam, não abortam.** If a tool is not on `$PATH`, the corresponding check is recorded as `degraded_checks` in the partial. The pipeline continues.
+- **Flags via allowlist.** Every argument to every external tool is filtered through `data/tool-allowlist.json`. I never pass user-supplied flags directly to `execFile`.
+## Limits
+- I do NOT attack hosts, URLs, or paths outside the `scope.md` allowlist. Even with `--active`.
+- I do NOT log or persist secrets (their values are redacted to `***REDACTED***` in the HTML report; the partial keeps file+line only).
+- I do NOT call services outside the local machine (no telemetry, no remote reporting).
+- I do NOT auto-install missing tools — I report the absence and let the user decide.
+## Hand-off to TEA
+Hawkeye / TEA may review the security-overlay's own implementation (this code) in the kit's normal gates (risk / design / trace / review / gate). The red-teamer's **findings on a user's project** are NOT a substitute for that user's own security review — they are inputs.
+When a finding is severity High or Critical, the orchestrator surfaces it with PoC + scope_sha256 + scope mode, so the user can act on it inside their normal review process.
+## Tom
+Pragmático. Direto. Sem floreio. Pentester real que respeita o escopo.

package/src/security-overlay/data/common.txt ADDED Viewed

@@ -0,0 +1,115 @@
+.git
+.git/HEAD
+.git/config
+.env
+.env.local
+.env.backup
+.env.example
+.htaccess
+.htpasswd
+.svn
+.DS_Store
+admin
+administrator
+admin.php
+api
+api/v1
+api/v2
+app
+assets
+backup
+backups
+backup.zip
+backup.sql
+backup.tar.gz
+bin
+cache
+cgi-bin
+composer.json
+composer.lock
+config
+config.php
+config.json
+console
+cron
+css
+dashboard
+data
+db
+debug
+dev
+docs
+download
+downloads
+dump.sql
+error
+error_log
+export
+files
+fonts
+ftp
+health
+healthz
+home
+images
+img
+include
+includes
+index.php
+info.php
+install
+js
+json
+lib
+log
+logs
+login
+logout
+mail
+media
+metrics
+node_modules
+old
+panel
+phpinfo.php
+phpmyadmin
+private
+public
+readme
+readme.md
+register
+robots.txt
+scripts
+secret
+secrets
+server-status
+setup
+sitemap.xml
+sql
+src
+staging
+static
+stats
+status
+storage
+swagger
+swagger.json
+swagger-ui
+sysadmin
+system
+temp
+test
+tests
+tmp
+tools
+upload
+uploads
+user
+users
+vendor
+web.config
+webhook
+wp-admin
+wp-config.php
+wp-login.php
+.well-known/security.txt

package/src/security-overlay/data/owasp-top10.json ADDED Viewed

@@ -0,0 +1,15 @@
+{
+  "_schema": "OWASP Top 10 (2021) — stable IDs. Used by tagOwasp() to categorize findings from DAST tools. Update with care; downstream rendering depends on these IDs.",
+  "categories": [
+    { "id": "A01:2021", "name": "Broken Access Control" },
+    { "id": "A02:2021", "name": "Cryptographic Failures" },
+    { "id": "A03:2021", "name": "Injection" },
+    { "id": "A04:2021", "name": "Insecure Design" },
+    { "id": "A05:2021", "name": "Security Misconfiguration" },
+    { "id": "A06:2021", "name": "Vulnerable and Outdated Components" },
+    { "id": "A07:2021", "name": "Identification and Authentication Failures" },
+    { "id": "A08:2021", "name": "Software and Data Integrity Failures" },
+    { "id": "A09:2021", "name": "Security Logging and Monitoring Failures" },
+    { "id": "A10:2021", "name": "Server-Side Request Forgery (SSRF)" }
+  ]
+}

package/src/security-overlay/data/tool-allowlist.json ADDED Viewed

@@ -0,0 +1,31 @@
+{
+  "_schema": "Each entry is a list of allowed flag tokens. Flags ending in ':' (e.g. '-f:') consume the next arg as their value; flags without ':' are standalone switches.",
+  "nmap": [
+    "-sV", "-Pn", "-p-", "--open", "-T4", "-sn", "-O"
+  ],
+  "gitleaks": [
+    "detect", "--no-banner", "-s:", "-f:", "-r:", "-v", "--log-level=", "--exit-code:"
+  ],
+  "osv-scanner": [
+    "scan", "source", "--format:", "--output-file:", "-L:", "-r", "--recursive"
+  ],
+  "grype": [
+    "dir:.", "-o", "json", "-f"
+  ],
+  "nuclei": [
+    "-u:", "-t:", "-severity:", "-s:", "-jsonl", "-o:", "-duc", "-rl:", "-c:", "-nc", "-silent"
+  ],
+  "nikto": [
+    "-h:", "-ask", "no", "-Tuning", "-timeout=", "-port="
+  ],
+  "sqlmap": [
+    "-u:", "--batch", "--level=1", "--risk=1", "--threads=2", "--timeout=10",
+    "--dbms=", "--technique=", "--tamper=", "--random-agent", "--retries=1"
+  ],
+  "ffuf": [
+    "-u:", "-w:", "-mc:", "-t:", "-rate:", "-recursion", "-recursion-depth:", "-ac:", "-of:", "-o:", "-ma:", "-fs:"
+  ],
+  "curl": [
+    "-sI:", "-s:", "-o:", "-L", "-k", "-A=", "-H=", "--max-time="
+  ]
+}

package/src/security-overlay/skills/wize-sec-enumerate/scripts/run-enumerate.js ADDED Viewed

@@ -0,0 +1,180 @@
+'use strict';
+// run-enumerate.js — second phase: HTTP probing + tech inference from
+// the recon partial. Doesn't run any active tools by default.
+const path = require('node:path');
+const { execFileSync } = require('node:child_process');
+const { assertTargetInScope } = require('../../../_shared/scope-gate.js');
+const { filterArgs } = require('../../../_shared/allowlist.js');
+const { writePartial, loadPartial } = require('../../../_shared/partial.js');
+// Parse the recon.md partial's open_ports section into a list of {port, service, version}
+// tuples. We accept both the markdown bullet form we write (- **80/tcp** `http` — nginx)
+// and a raw `PORT/PROTO SERVICE VERSION` form.
+function parseOpenPorts(body) {
+  const out = [];
+  for (const line of String(body || '').split('\n')) {
+    // Markdown bullet form
+    let m = line.match(/^- \*\*(\d+\/tcp)\*\* `(\S+)` — (.+?)$/);
+    if (m) { out.push({ port: m[1], service: m[2], version: m[3].trim() }); continue; }
+    // Raw form
+    m = line.match(/^(\d+\/tcp)\s+(\S+)\s+(.+?)$/);
+    if (m) out.push({ port: m[1], service: m[2], version: m[3].trim() });
+  }
+  return out;
+}
+// Build the URL the enumerator will probe given a port. We don't know the
+// protocol from nmap alone; assume http for well-known ports, https for
+// 443, otherwise default to http.
+function urlForPort(port, host) {
+  const portNum = parseInt(port.split('/')[0], 10);
+  const scheme = (portNum === 443 || portNum === 8443) ? 'https' : 'http';
+  return `${scheme}://${host}:${portNum}/`;
+}
+// Parse a curl -sI response into a { status, headers } object. We split
+// on `\r\n` (curl's default).
+function parseCurlHead(stdout) {
+  const lines = String(stdout || '').split(/\r?\n/).filter(Boolean);
+  const status = (lines[0] || '').trim();
+  const headers = {};
+  for (const line of lines.slice(1)) {
+    const m = line.match(/^([A-Za-z0-9-]+):\s*(.*?)\s*$/);
+    if (m) headers[m[1].toLowerCase()] = m[2];
+  }
+  return { status, headers };
+}
+// runEnumerate({securityDir, scope, active, execFn?, detectFn?}) ->
+//   { ok, partialStatus }
+async function runEnumerate(opts = {}) {
+  const sec = opts.securityDir;
+  const scope = opts.scope;
+  const active = opts.active === true;
+  const execFn = opts.execFn || ((bin, args) => {
+    return execFileSync(bin, args, { encoding: 'utf8', timeout: 10_000 });
+  });
+  const detectFn = opts.detectFn || require('../../../_shared/detect.js').detectTools;
+  const tools = detectFn(['curl', 'nuclei'], { cacheDir: sec });
+  const curlPresent = !!(tools.curl && tools.curl.present);
+  const nucleiPresent = !!(tools.nuclei && tools.nuclei.present);
+  // Load recon.md if it exists.
+  const recon = loadPartial({ securityDir: sec, phase: 'recon' });
+  const openPorts = recon ? parseOpenPorts(recon.body) : [];
+  // Determine which hosts to probe from the scope body. We accept the
+  // allowlist block as defined by scope-parser: `## allowlist` then a
+  // `hosts:` line followed by `  - value` items.
+  const hostAllowlist = (() => {
+    const lines = (scope.body || '').split('\n');
+    const hosts = [];
+    let inHosts = false;
+    for (const line of lines) {
+      if (/^hosts:\s*$/.test(line)) { inHosts = true; continue; }
+      if (inHosts) {
+        const m = line.match(/^\s+-\s+(.+?)\s*$/);
+        if (m) hosts.push(m[1]);
+        else if (line.trim() !== '' && !/^\s/.test(line)) inHosts = false;
+      }
+    }
+    return hosts;
+  })();
+  // Degraded paths: missing recon OR no tools.
+  const degraded = [];
+  if (!recon) degraded.push('recon.md ausente — sem superfície para enumerar');
+  if (!curlPresent && !nucleiPresent) degraded.push('curl e nuclei ausentes — sem probing HTTP possível');
+  if (degraded.length && openPorts.length === 0) {
+    writePartial({
+      securityDir: sec,
+      phase: 'enumerate',
+      mode: active ? 'active' : 'passive',
+      scope,
+      status: 'incomplete',
+      tools,
+      dependsOn: ['recon'],
+      sections: {
+        degraded_checks: degraded.join('\n')
+      }
+    });
+    return { ok: true, partialStatus: 'incomplete' };
+  }
+  // Probe each host:port from the recon.
+  const surfaceLines = [];
+  const techHits = new Set();
+  let anyProbed = false;
+  let refusedCount = 0;
+  if (curlPresent && openPorts.length > 0) {
+    for (const host of hostAllowlist) {
+      for (const p of openPorts) {
+        // Gate: refuse out-of-scope targets BEFORE any probing.
+        const inScope = assertTargetInScope(scope, { host, port: p.port }, { refusalsDir: sec });
+        if (!inScope) { refusedCount++; continue; }
+        const url = urlForPort(p.port, host);
+        const args = filterArgs('curl', ['-sI', url]);
+        try {
+          const out = execFn('curl', args, { timeout: 10_000 });
+          const { status, headers } = parseCurlHead(out && out.stdout ? out.stdout : out);
+          surfaceLines.push(`- **${url}** — ${status || 'no status'}`);
+          if (headers.server) {
+            techHits.add(`server: ${headers.server}`);
+            surfaceLines.push(`  - server: ${headers.server}`);
+          }
+          if (headers['x-powered-by']) {
+            techHits.add(`x-powered-by: ${headers['x-powered-by']}`);
+            surfaceLines.push(`  - x-powered-by: ${headers['x-powered-by']}`);
+          }
+          if (headers['set-cookie']) {
+            surfaceLines.push(`  - set-cookie: ${headers['set-cookie']}`);
+          }
+          anyProbed = true;
+        } catch (_) {
+          surfaceLines.push(`- **${url}** — probe failed`);
+        }
+      }
+    }
+  }
+  // nuclei passive (only if present) — we don't fully parse nuclei output here;
+  // the report renderer will include the JSON dump if found.
+  const partialStatus = (anyProbed && refusedCount === 0 && degraded.length === 0) ? 'complete' : 'incomplete';
+  writePartial({
+    securityDir: sec,
+    phase: 'enumerate',
+    mode: active ? 'active' : 'passive',
+    scope,
+    status: partialStatus,
+    tools,
+    dependsOn: ['recon'],
+    sections: {
+      surface: surfaceLines.length ? surfaceLines.join('\n') : '_(nenhuma superfície enumerada)_',
+      tech: techHits.size ? Array.from(techHits).map(t => `- ${t}`).join('\n') : '_(tech não inferida — curl ausente ou nenhum host acessível)_',
+      ...(degraded.length ? { degraded_checks: degraded.join('\n') } : {})
+    }
+  });
+  return { ok: true, partialStatus };
+}
+module.exports = { runEnumerate, parseOpenPorts, parseCurlHead, urlForPort };
+if (require.main === module) {
+  require('../../../_shared/cli-runner.js').runFromArgv({
+    fn: ({ securityDir, scopePath, active, target } = {}) => {
+      const { loadScope } = require('../../../_shared/scope-gate.js');
+      const scope = loadScope(scopePath);
+      return runEnumerate({ securityDir, scope, active, target });
+    },
+    argMap: { 'securityDir': 'securityDir', 'scope': 'scopePath', 'active': 'active', 'target': 'target' }
+  });
+}

package/src/security-overlay/skills/wize-sec-enumerate/skill.md ADDED Viewed

@@ -0,0 +1,32 @@
+---
+code: wize-sec-enumerate
+name: wize-sec-enumerate
+overlay: security
+module: security-overlay
+owner: red-teamer
+status: ready
+---
+# wize-sec-enumerate — Surface enumeration
+Reads `recon.md`, probes HTTP/S ports via `curl -sI`, infers tech from `Server` and `X-Powered-By` headers. Writes `enumerate.md` with `## surface` and `## tech` sections, plus `depends_on: [recon]` in the frontmatter so the renderer orders parciais.
+## Usage
+```bash
+/wize-sec-enumerate
+/wize-sec-enumerate --active  # currently a no-op for this phase; reserved for future
+```
+## Behavior
+- Loads `.wize/security/scope.md` first; aborts on invalid scope.
+- Reads `recon.md` partial; if missing, marks `partial_status: incomplete` and writes a degraded partial so the audit trail is complete.
+- Probes **only the scope's allowlisted hosts**, not the recon's listed services. Out-of-scope hosts are never probed.
+- curl and nuclei are detected via `command -v`; missing tools degrade the check rather than aborting.
+- Calls `assertTargetInScope` for every probed target. Refusals are appended to `.refusals.log`.
+## Output
+- `.wize/security/enumerate.md` — partial with `## surface` (probed endpoints) and `## tech` (deduplicated `server`/`x-powered-by` hits).
+- `.wize/security/.refusals.log` — appended on out-of-scope targets.

package/src/security-overlay/skills/wize-sec-exploit/data/common.txt ADDED Viewed

@@ -0,0 +1,117 @@
+admin
+api
+app
+auth
+backup
+blog
+cart
+catalog
+cms
+config
+console
+contact
+dashboard
+data
+db
+debug
+default
+demo
+dev
+docs
+download
+editor
+email
+error
+example
+export
+feed
+file
+files
+forum
+gallery
+help
+home
+images
+img
+import
+index
+info
+internal
+js
+json
+lib
+login
+logout
+mail
+manage
+member
+message
+metrics
+mobile
+new
+news
+node
+notes
+old
+order
+page
+pages
+panel
+password
+pdf
+photo
+php
+ping
+plugins
+portal
+post
+posts
+private
+profile
+public
+readme
+register
+report
+reports
+reset
+robots.txt
+rss
+search
+secure
+server
+service
+settings
+setup
+shop
+sitemap
+sitemap.xml
+staff
+static
+stats
+status
+store
+style.css
+styles
+subscribe
+support
+swagger
+system
+temp
+test
+tests
+tmp
+tools
+tracker
+upload
+uploads
+user
+users
+vendor
+version
+web
+webhook
+webmaster
+widget
+wiki
+xml
+xmlrpc