evadex 0.2.0__tar.gz → 2.2.0__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (59) hide show
  1. {evadex-0.2.0/src/evadex.egg-info → evadex-2.2.0}/PKG-INFO +9 -5
  2. {evadex-0.2.0 → evadex-2.2.0}/README.md +433 -429
  3. {evadex-0.2.0 → evadex-2.2.0}/pyproject.toml +60 -60
  4. evadex-2.2.0/src/evadex/__main__.py +13 -0
  5. {evadex-0.2.0 → evadex-2.2.0}/src/evadex/adapters/dlpscan/adapter.py +74 -74
  6. {evadex-0.2.0 → evadex-2.2.0}/src/evadex/adapters/dlpscan_cli/adapter.py +109 -109
  7. evadex-2.2.0/src/evadex/adapters/presidio/adapter.py +81 -0
  8. evadex-2.2.0/src/evadex/adapters/presidio/client.py +68 -0
  9. evadex-2.2.0/src/evadex/cli/app.py +30 -0
  10. evadex-2.2.0/src/evadex/cli/commands/compare.py +169 -0
  11. evadex-2.2.0/src/evadex/cli/commands/list_payloads.py +38 -0
  12. evadex-2.2.0/src/evadex/cli/commands/list_techniques.py +61 -0
  13. {evadex-0.2.0 → evadex-2.2.0}/src/evadex/cli/commands/scan.py +239 -152
  14. {evadex-0.2.0 → evadex-2.2.0}/src/evadex/core/engine.py +12 -3
  15. {evadex-0.2.0 → evadex-2.2.0}/src/evadex/core/registry.py +6 -0
  16. evadex-2.2.0/src/evadex/reporters/compare_html_reporter.py +139 -0
  17. evadex-2.2.0/src/evadex/reporters/compare_reporter.py +22 -0
  18. {evadex-0.2.0 → evadex-2.2.0}/src/evadex/reporters/json_reporter.py +38 -38
  19. evadex-2.2.0/src/evadex/variants/__init__.py +0 -0
  20. evadex-2.2.0/src/evadex/variants/bidirectional.py +76 -0
  21. evadex-2.2.0/src/evadex/variants/context_injection.py +70 -0
  22. {evadex-0.2.0 → evadex-2.2.0}/src/evadex/variants/encoding.py +55 -0
  23. evadex-2.2.0/src/evadex/variants/morse_code.py +126 -0
  24. evadex-2.2.0/src/evadex/variants/soft_hyphen.py +109 -0
  25. {evadex-0.2.0 → evadex-2.2.0}/src/evadex/variants/splitting.py +57 -57
  26. evadex-2.2.0/src/evadex/variants/unicode_whitespace.py +63 -0
  27. {evadex-0.2.0 → evadex-2.2.0/src/evadex.egg-info}/PKG-INFO +9 -5
  28. {evadex-0.2.0 → evadex-2.2.0}/src/evadex.egg-info/SOURCES.txt +14 -1
  29. evadex-0.2.0/src/evadex/__main__.py +0 -3
  30. evadex-0.2.0/src/evadex/cli/app.py +0 -15
  31. {evadex-0.2.0 → evadex-2.2.0}/LICENSE +0 -0
  32. {evadex-0.2.0 → evadex-2.2.0}/setup.cfg +0 -0
  33. {evadex-0.2.0 → evadex-2.2.0}/src/evadex/__init__.py +0 -0
  34. {evadex-0.2.0 → evadex-2.2.0}/src/evadex/adapters/__init__.py +0 -0
  35. {evadex-0.2.0 → evadex-2.2.0}/src/evadex/adapters/base.py +0 -0
  36. {evadex-0.2.0 → evadex-2.2.0}/src/evadex/adapters/dlpscan/__init__.py +0 -0
  37. {evadex-0.2.0 → evadex-2.2.0}/src/evadex/adapters/dlpscan/client.py +0 -0
  38. {evadex-0.2.0 → evadex-2.2.0}/src/evadex/adapters/dlpscan/file_builder.py +0 -0
  39. {evadex-0.2.0 → evadex-2.2.0}/src/evadex/adapters/dlpscan_cli/__init__.py +0 -0
  40. {evadex-0.2.0/src/evadex/cli → evadex-2.2.0/src/evadex/adapters/presidio}/__init__.py +0 -0
  41. {evadex-0.2.0/src/evadex/cli/commands → evadex-2.2.0/src/evadex/cli}/__init__.py +0 -0
  42. {evadex-0.2.0/src/evadex/core → evadex-2.2.0/src/evadex/cli/commands}/__init__.py +0 -0
  43. {evadex-0.2.0/src/evadex/payloads → evadex-2.2.0/src/evadex/core}/__init__.py +0 -0
  44. {evadex-0.2.0 → evadex-2.2.0}/src/evadex/core/result.py +0 -0
  45. {evadex-0.2.0/src/evadex/reporters → evadex-2.2.0/src/evadex/payloads}/__init__.py +0 -0
  46. {evadex-0.2.0 → evadex-2.2.0}/src/evadex/payloads/builtins.py +0 -0
  47. {evadex-0.2.0/src/evadex/variants → evadex-2.2.0/src/evadex/reporters}/__init__.py +0 -0
  48. {evadex-0.2.0 → evadex-2.2.0}/src/evadex/reporters/base.py +0 -0
  49. {evadex-0.2.0 → evadex-2.2.0}/src/evadex/reporters/html_reporter.py +0 -0
  50. {evadex-0.2.0 → evadex-2.2.0}/src/evadex/variants/base.py +0 -0
  51. {evadex-0.2.0 → evadex-2.2.0}/src/evadex/variants/delimiter.py +0 -0
  52. {evadex-0.2.0 → evadex-2.2.0}/src/evadex/variants/leetspeak.py +0 -0
  53. {evadex-0.2.0 → evadex-2.2.0}/src/evadex/variants/regional_digits.py +0 -0
  54. {evadex-0.2.0 → evadex-2.2.0}/src/evadex/variants/structural.py +0 -0
  55. {evadex-0.2.0 → evadex-2.2.0}/src/evadex/variants/unicode_encoding.py +0 -0
  56. {evadex-0.2.0 → evadex-2.2.0}/src/evadex.egg-info/dependency_links.txt +0 -0
  57. {evadex-0.2.0 → evadex-2.2.0}/src/evadex.egg-info/entry_points.txt +0 -0
  58. {evadex-0.2.0 → evadex-2.2.0}/src/evadex.egg-info/requires.txt +0 -0
  59. {evadex-0.2.0 → evadex-2.2.0}/src/evadex.egg-info/top_level.txt +0 -0
{evadex-0.2.0/src/evadex.egg-info → evadex-2.2.0}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: evadex
3
- Version: 0.2.0
3
+ Version: 2.2.0
4
4
  Summary: Comprehensive DLP evasion test suite — scanner-agnostic, file-aware
5
5
  License-Expression: MIT
6
6
  Project-URL: Homepage, https://github.com/tbustenk/evadex
@@ -60,6 +60,11 @@ evadex takes a sensitive value (a credit card number, SSN, AWS key, etc.), runs
60
60
  | `regional_digits` | Arabic-Indic, Extended Arabic-Indic, Devanagari, Bengali, Thai, Myanmar, Khmer, Mongolian, NKo, Tibetan — plus mixed-script variants |
61
61
  | `structural` | Left/right padding (spaces + zeros), noise embedding, partial values, case variation, repeated value |
62
62
  | `encoding` | Base64 (standard, URL-safe, no-padding, MIME line-breaks, partial, double), ROT13, full/group reversal, double URL encoding, mixed NFD/NFC/NFKD normalization |
63
+ | `context_injection` | Value wrapped in email body, JSON record, XML element, CSV row, SQL snippet, and more |
64
+ | `unicode_whitespace` | Spaces replaced with NBSP, en-space, em-space, or a mixed pattern |
65
+ | `bidirectional` | Unicode bidirectional control characters (RLO, LRO, RLE, RLI, ALM) injected around or within the value |
66
+ | `soft_hyphen` | Soft hyphen (U+00AD) and word joiner (U+2060) inserted at group boundaries or between every character |
67
+ | `morse_code` | Digits encoded as International Morse Code — space-separated, slash-separated, concatenated, or newline-separated; applies to `credit_card`, `ssn`, `sin`, `iban`, `phone`, and related numeric categories |
63
68
 
64
69
  **Submission strategies** (for dlpscan-cli adapter):
65
70
 
@@ -222,7 +227,7 @@ Detection rates depend on your scanner, its version, and how it's configured.
222
227
  "severity": "pass",
223
228
  "duration_ms": 371.01,
224
229
  "error": null,
225
- "raw_response": { "detected": true }
230
+ "raw_response": { "matches": [{ "type": "credit_card", "value": "5105105105105100" }] }
226
231
  },
227
232
  {
228
233
  "payload": {
@@ -242,7 +247,7 @@ Detection rates depend on your scanner, its version, and how it's configured.
242
247
  "severity": "fail",
243
248
  "duration_ms": 378.57,
244
249
  "error": null,
245
- "raw_response": { "detected": false }
250
+ "raw_response": { "matches": [] }
246
251
  }
247
252
  ]
248
253
  }
@@ -276,7 +281,7 @@ evadex scan [OPTIONS]
276
281
  | `--url` | `http://localhost:8080` | Base URL (for HTTP-based adapters) |
277
282
  | `--api-key` | *(env: `EVADEX_API_KEY`)* | API key passed as `Authorization: Bearer`. Use the environment variable in preference to the CLI flag to avoid exposure in shell history and process listings. |
278
283
  | `--category` | *(all structured)* | Filter built-in payloads by category. Repeat for multiple. Values: `credit_card`, `ssn`, `sin`, `iban`, `swift_bic`, `aba_routing`, `bitcoin`, `ethereum`, `us_passport`, `au_tfn`, `de_tax_id`, `fr_insee`, `email`, `phone`, `aws_key`, `jwt`, `github_token`, `stripe_key`, `slack_token`, `classification` |
279
- | `--variant-group` | *(all)* | Limit to specific generator(s). Repeat for multiple. Values: `unicode_encoding`, `delimiter`, `splitting`, `leetspeak`, `regional_digits`, `structural`, `encoding` |
284
+ | `--variant-group` | *(all)* | Limit to specific generator(s). Repeat for multiple. Values: `unicode_encoding`, `delimiter`, `splitting`, `leetspeak`, `regional_digits`, `structural`, `encoding`, `context_injection`, `unicode_whitespace`, `bidirectional`, `soft_hyphen`, `morse_code` |
280
285
  | `--include-heuristic` | off | Also run heuristic categories (`aws_key`, `jwt`, `github_token`, `stripe_key`, `slack_token`, `classification`). A warning is printed when enabled — see [Structured vs heuristic categories](#structured-vs-heuristic-categories). |
281
286
  | `--scanner-label` | *(empty)* | Label recorded in the JSON `meta.scanner` field. Use to tag a specific scanner version, e.g. `python-1.3.0` or `rust-2.0.0`. Useful when comparing results across scanner builds. |
282
287
  | `--exe` | `dlpscan` | Path to the scanner executable (dlpscan-cli adapter only). Use when `dlpscan` is not on `PATH` or you need to target a specific build. |
@@ -462,7 +467,6 @@ async def submit(self, payload, variant):
462
467
  - **Network isolation:** Run evadex and the scanner on an isolated test network. Test variant values are obfuscated but structurally derived from real sensitive patterns.
463
468
 
464
469
  ---
465
-
466
470
  ## License
467
471
 
468
472
  MIT — see [LICENSE](LICENSE).