aimless-security
Version:
Enhanced Runtime Application Self-Protection (RASP) and API Fuzzing Engine with advanced threat detection, behavioral analysis, and intelligent response scoring for Node.js applications
72 lines • 1.85 kB
TypeScript
import { SecurityThreat } from '../types';
export declare class AdvancedThreatDetector {
/**
* LDAP Injection Detection
*/
private ldapPatterns;
/**
* Template Injection Detection (SSTI/CSTI)
*/
private templatePatterns;
/**
* File Upload Security Patterns
*/
private fileUploadPatterns;
/**
* JWT Security Issues
*/
private jwtPatterns;
/**
* GraphQL Security Patterns
*/
private graphqlPatterns;
/**
* XML External Entity (XXE) - Enhanced
*/
private xxePatterns;
/**
* Server-Side Request Forgery (SSRF) - Enhanced
*/
private ssrfPatterns;
/**
* Prototype Pollution Detection
*/
private prototypePollutionPatterns;
/**
* Deserialization Attacks
*/
private deserializationPatterns;
/**
* Detect LDAP injection
*/
detectLDAPInjection(input: string): SecurityThreat | null;
/**
* Detect template injection
*/
detectTemplateInjection(input: string): SecurityThreat | null;
/**
* Validate file upload security
*/
validateFileUpload(filename: string, content?: string, mimeType?: string): SecurityThreat | null;
/**
* Analyze JWT token security
*/
analyzeJWT(token: string): SecurityThreat | null;
/**
* Detect GraphQL attacks
*/
detectGraphQLAttack(query: string): SecurityThreat | null;
/**
* Detect prototype pollution
*/
detectPrototypePollution(input: any): SecurityThreat | null;
/**
* Detect deserialization attacks
*/
detectDeserialization(input: string): SecurityThreat | null;
/**
* Comprehensive advanced threat detection
*/
detectAll(input: any, context?: string): SecurityThreat[];
}
//# sourceMappingURL=advanced-detector.d.ts.map