UNPKG

aimless-security

Version:

Enhanced Runtime Application Self-Protection (RASP) and API Fuzzing Engine with advanced threat detection, behavioral analysis, and intelligent response scoring for Node.js applications

github.com/CamozDevelopment/Aimless-Security

CamozDevelopment/Aimless-Security

48 lines 1.5 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
import { SecurityThreat } from '../types'; export declare class InjectionDetector { private unicodeSQLPatterns; private sqlPatterns; private nosqlPatterns; private commandPatterns; private pathTraversalPatterns; private xxePatterns; private ssrfPatterns; private whitelistPatterns; private contextWhitelist; detect(input: any, context?: string): SecurityThreat[]; /** * Detect polyglot injections (SQL + XSS combined attacks) * These are sophisticated attacks that work as both SQL and XSS */ private detectPolyglot; private extractInputs; /** * Calculate confidence score (0-100) based on pattern matches */ private calculateConfidence; /** * Calculate numeric confidence score (0-100) */ private calculateConfidenceNumber; /** * Check if value contains high-confidence SQL injection patterns */ private hasHighConfidenceSQLPattern; /** * Check if value contains high-confidence NoSQL injection patterns */ private hasHighConfidenceNoSQLPattern; /** * Check if value contains high-confidence command injection patterns */ private hasHighConfidenceCommandPattern; /** * Check if value is a common safe value that shouldn't trigger alerts */ private isSafeValue; /** * Check if value matches whitelist patterns to reduce false positives */ private isWhitelisted; } //# sourceMappingURL=injection-detector.d.ts.map