xploitscan-shared-rules 1.2.2 → 1.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. package/README.md +1 -1
  2. package/dist/index.cjs +1583 -2
  3. package/dist/index.cjs.map +1 -1
  4. package/dist/index.d.cts +49 -1
  5. package/dist/index.d.ts +49 -1
  6. package/dist/index.js +1535 -2
  7. package/dist/index.js.map +1 -1
  8. package/package.json +2 -1
package/README.md CHANGED
@@ -6,7 +6,7 @@ This package is the source of truth for XploitScan's detection logic. It's consu
6
6
 
7
7
  ## What's in here
8
8
 
9
- - **158 security rules** — pattern + AST-based detection for hardcoded secrets, SQL injection, XSS, SSRF, prototype pollution, crypto misuse, deserialization, JWT alg confusion, and more.
9
+ - **206 security rules** — pattern + AST-based detection for hardcoded secrets, SQL injection, XSS, SSRF, prototype pollution, crypto misuse, deserialization, JWT alg confusion, and more.
10
10
  - **Compliance mappings** — each rule tagged with the SOC2, ISO 27001, and OWASP Top 10 controls it covers.
11
11
  - **AI false-positive filter** — optional Claude Haiku integration that re-evaluates findings to suppress benign matches before reporting.
12
12
  - **Entropy-based secret scanner** — detects high-entropy strings that look like credentials but don't match a known service-key pattern.