UNPKG

aimless-sdk

Version:

Enhanced Runtime Application Self-Protection (RASP) and API Fuzzing Engine with advanced threat detection, behavioral analysis, and intelligent response scoring for Node.js applications

github.com/CamozDevelopment/Aimless-Security

CamozDevelopment/Aimless-Security

148 lines (146 loc) ā€¢ 5.96 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.SecurityAnalyticsEngine = void 0; class SecurityAnalyticsEngine { constructor(retentionDays = 30) { this.entries = []; this.requestCount = 0; this.retentionDays = retentionDays; this.startTime = new Date(); // Cleanup old entries every hour setInterval(() => this.cleanup(), 3600000); } logRequest(entry) { this.requestCount++; this.entries.push({ ...entry, timestamp: new Date() }); // Keep entries within retention period if (this.entries.length > 100000) { // Memory safety this.cleanup(); } } cleanup() { const cutoffDate = new Date(); cutoffDate.setDate(cutoffDate.getDate() - this.retentionDays); this.entries = this.entries.filter(e => e.timestamp >= cutoffDate); } getAnalytics() { const totalRequests = this.requestCount; const threatsDetected = this.entries.filter(e => e.threats.length > 0).length; const threatsBlocked = this.entries.filter(e => e.blocked).length; // Top attack types const attackTypeCounts = new Map(); this.entries.forEach(entry => { entry.threats.forEach(threat => { attackTypeCounts.set(threat.type, (attackTypeCounts.get(threat.type) || 0) + 1); }); }); const topAttackTypes = Array.from(attackTypeCounts.entries()) .map(([type, count]) => ({ type, count })) .sort((a, b) => b.count - a.count) .slice(0, 10); // Top attacking IPs const ipCounts = new Map(); this.entries.forEach(entry => { if (entry.threats.length > 0) { const existing = ipCounts.get(entry.ip) || { count: 0, reputation: 100 }; ipCounts.set(entry.ip, { count: existing.count + entry.threats.length, reputation: Math.max(0, existing.reputation - entry.threats.length * 5) }); } }); const topAttackIPs = Array.from(ipCounts.entries()) .map(([ip, data]) => ({ ip, count: data.count, reputation: data.reputation })) .sort((a, b) => b.count - a.count) .slice(0, 10); // Requests by hour (last 24 hours) const requestsByHour = this.getRequestsByHour(); // Average response time const responseTimes = this.entries .filter(e => e.responseTime !== undefined) .map(e => e.responseTime); const averageResponseTime = responseTimes.length > 0 ? responseTimes.reduce((a, b) => a + b, 0) / responseTimes.length : 0; // Uptime const uptime = Date.now() - this.startTime.getTime(); return { totalRequests, threatsDetected, threatsBlocked, topAttackTypes, topAttackIPs, requestsByHour, averageResponseTime, uptime }; } getRequestsByHour() { const now = new Date(); const hourlyData = new Map(); // Initialize last 24 hours for (let i = 0; i < 24; i++) { const hour = (now.getHours() - i + 24) % 24; hourlyData.set(hour, { count: 0, threats: 0 }); } // Count requests in last 24 hours const oneDayAgo = new Date(now.getTime() - 24 * 60 * 60 * 1000); this.entries .filter(e => e.timestamp >= oneDayAgo) .forEach(entry => { const hour = entry.timestamp.getHours(); const data = hourlyData.get(hour); data.count++; if (entry.threats.length > 0) { data.threats += entry.threats.length; } }); return Array.from(hourlyData.entries()) .map(([hour, data]) => ({ hour, ...data })) .sort((a, b) => a.hour - b.hour); } exportData() { return [...this.entries]; } getMetricsSummary() { const analytics = this.getAnalytics(); const threatRate = analytics.totalRequests > 0 ? ((analytics.threatsDetected / analytics.totalRequests) * 100).toFixed(2) : '0.00'; const blockRate = analytics.threatsDetected > 0 ? ((analytics.threatsBlocked / analytics.threatsDetected) * 100).toFixed(2) : '0.00'; return ` šŸ“Š Security Analytics Summary ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā” Total Requests: ${analytics.totalRequests.toLocaleString()} Threats Detected: ${analytics.threatsDetected.toLocaleString()} (${threatRate}%) Threats Blocked: ${analytics.threatsBlocked.toLocaleString()} (${blockRate}% block rate) Avg Response Time: ${analytics.averageResponseTime.toFixed(2)}ms Uptime: ${this.formatUptime(analytics.uptime)} Top Attack Types: ${analytics.topAttackTypes.slice(0, 5).map((t, i) => `${i + 1}. ${t.type}: ${t.count} attacks`).join('\n')} Top Attacking IPs: ${analytics.topAttackIPs.slice(0, 5).map((ip, i) => `${i + 1}. ${ip.ip}: ${ip.count} attacks (reputation: ${ip.reputation})`).join('\n')} ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā”ā” `.trim(); } formatUptime(ms) { const seconds = Math.floor(ms / 1000); const minutes = Math.floor(seconds / 60); const hours = Math.floor(minutes / 60); const days = Math.floor(hours / 24); if (days > 0) return `${days}d ${hours % 24}h`; if (hours > 0) return `${hours}h ${minutes % 60}m`; if (minutes > 0) return `${minutes}m ${seconds % 60}s`; return `${seconds}s`; } } exports.SecurityAnalyticsEngine = SecurityAnalyticsEngine; //# sourceMappingURL=security-analytics.js.map