aimless-sdk
Version:
Enhanced Runtime Application Self-Protection (RASP) and API Fuzzing Engine with advanced threat detection, behavioral analysis, and intelligent response scoring for Node.js applications
46 lines • 1.16 kB
TypeScript
import { SecurityThreat } from '../types';
export declare class XSSDetector {
private xssPatterns;
private encodedPatterns;
private readonly contextRules;
detect(input: any, context?: string): SecurityThreat[];
/**
* Multi-layer decoding to catch deeply encoded attacks
*/
private decodeInputMultiLayer;
private decodeInput;
/**
* Detect mutation XSS (mXSS) attempts
*/
private detectMutationXSS;
private extractInputs;
/**
* Calculate confidence score for XSS detection
*/
private calculateConfidence;
/**
* Context-aware sanitization
*/
sanitize(input: string, context?: 'html' | 'attribute' | 'javascript' | 'css' | 'url'): string;
/**
* Basic HTML sanitization
*/
private sanitizeHTML;
/**
* Sanitize for HTML attributes
*/
private sanitizeAttribute;
/**
* Sanitize for JavaScript contexts
*/
private sanitizeJavaScript;
/**
* Sanitize for CSS contexts
*/
private sanitizeCSS;
/**
* Sanitize URLs
*/
private sanitizeURL;
}
//# sourceMappingURL=xss-detector.d.ts.map