UNPKG

endpoint-sentinel

Version:

User-friendly security scanner with interactive setup that scales from beginner to expert

github.com/BritishAmericqn/EndpointSecurityCLI

BritishAmericqn/EndpointSecurityCLI

170 lines (126 loc) ā€¢ 5.41 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
# šŸ›”ļø Endpoint Sentinel > Transform security scanning from expert-only to everyone-friendly [![npm version](https://badge.fury.io/js/endpoint-sentinel.svg)](https://badge.fury.io/js/endpoint-sentinel) [![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT) ## šŸš€ Quick Start ```bash # Install globally npm install -g endpoint-sentinel # Start scanning with interactive setup es scan https://example.com # Power user quick scan es quick https://api.example.com -t your-auth-token ``` ## šŸŽÆ Why Endpoint Sentinel? **Before:** Complex security tools requiring 30-minute tutorials and expert knowledge **After:** Beautiful interactive setup that guides you through everything in 30 seconds | Traditional Security Scanners | Endpoint Sentinel | |-------------------------------|-------------------| | `scanner --target URL --auth-header "Bearer token" --rate-limit 5 --keywords "admin,api" --output results.json --consent` | `es scan https://your-app.com` | | Expert-only complexity | Beginner-friendly prompts | | Memorize 20+ command flags | Interactive guided setup | | Manual configuration each time | Save configs, reuse forever | ## āœØ Features - **šŸŽÆ Interactive Setup**: Vercel-style prompts guide you through configuration - **šŸ’¾ Configuration Management**: Save domain-specific settings for reuse - **šŸ” Authentication Support**: JWT, cookies, API keys, OAuth2 - **šŸ“Š Professional Reports**: JSON, CSV, and console output formats - **āš” Smart Defaults**: Keywords, rate limiting, and best practices built-in - **šŸ›”ļø Ethical Scanning**: Built-in consent validation and responsible defaults - **šŸŽØ Beautiful UX**: Semantic commands that make sense ## šŸ“– Examples ### First-Time Scanning (Interactive) ```bash es scan https://my-app.com ``` ``` šŸ›”ļø Endpoint Sentinel - Security Scanner Setup Setting up scanning for: my-app.com ā“ Do you have explicit authorization to scan this domain? (y/N): y ā“ Is this an authenticated application? (y/N): y ā“ What type of authentication does it use? 1) šŸŖ Session Cookie 2) šŸŽ« JWT Token 3) šŸ”‘ Bearer Token Choice (1-3): 2 ā“ Paste your JWT token: eyJhbGciOiJIUzI1NiIs... ā“ Select keywords for discovery: ā—‰ admin ā—‰ api ā—‰ user ā“ Choose scanning speed: āš–ļø Balanced (2 req/s) ā“ Save this configuration? (Y/n): y āœ… Configuration saved for my-app.com šŸŽÆ Starting security scan... ``` ### Power User Quick Scans ```bash # With authentication es quick https://api.example.com -t eyJhbGciOiJIUzI1NiIs... # With custom keywords es quick https://app.example.com -k "v1,v2,admin,dashboard" # Save results to file es scan https://example.com -o security-report.json ``` ### Configuration Management ```bash es config list # Show saved configurations es config show https://app.com # View specific config es config edit https://app.com # Modify saved settings es scan https://app.com --fresh # Ignore saved config ``` ## šŸ› ļø Installation ### npm (Recommended) ```bash npm install -g endpoint-sentinel ``` ### Verify Installation ```bash es --version es --help ``` ## šŸ“‹ Commands | Command | Description | Example | |---------|-------------|---------| | `es scan <url>` | Interactive scan setup | `es scan https://app.com` | | `es quick <url>` | Quick scan with smart defaults | `es quick https://api.com -t token` | | `es config list` | Show saved configurations | `es config list` | | `es config show <url>` | View specific configuration | `es config show https://app.com` | | `es validate <url>` | Validate target and connectivity | `es validate https://app.com` | | `es examples` | Show usage examples | `es examples` | ## šŸ” Security & Ethics - **Always obtain proper authorization** before scanning any application - **Respect rate limits** - tool defaults to conservative 2 req/s - **Review all findings** before taking action - **Follow responsible disclosure** for any vulnerabilities discovered - **Built-in consent validation** prevents accidental unauthorized scanning ## šŸ“Š Output Formats ### Console (Default) Beautiful, readable output in your terminal ### JSON ```bash es scan https://example.com -o results.json ``` Structured data perfect for automation and further analysis ### CSV ```bash es scan https://example.com -o results.csv ``` Spreadsheet-ready format for reporting and analysis ## šŸ¢ Enterprise Features - **CI/CD Integration**: Use `--non-interactive` flag for automation - **Team Configuration Sharing**: Export/import saved configurations - **Audit Trails**: Complete logging of all scanning activity - **Compliance Ready**: SOC2, PCI-DSS friendly reporting ## šŸ¤ Contributing We welcome contributions! Please see our [Contributing Guide](CONTRIBUTING.md) for details. ## šŸ“„ License MIT Ā© [Your Name](LICENSE) ## šŸ†˜ Support - šŸ“š **Documentation**: [Full User Guide](https://github.com/yourusername/endpoint-sentinel/blob/main/USER-GUIDE.md) - šŸ› **Bug Reports**: [GitHub Issues](https://github.com/yourusername/endpoint-sentinel/issues) - šŸ’¬ **Questions**: [GitHub Discussions](https://github.com/yourusername/endpoint-sentinel/discussions) --- **Ready to transform your security testing workflow?** ```bash npm install -g endpoint-sentinel es scan https://your-app.com ``` *Start scanning smarter, not harder!* šŸ›”ļø