UNPKG

node-soc-lite

Version:

A security middleware for NodeJs(express) app to Detect OWASP Top Basic and generate report in your ThreatEquation dashboard.

www.threatequation.com

threatequation/node-soc-lite

51 lines (42 loc) 1.29 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
var _ = require('lodash'); var Regex = require('regex'); var rules = require('../lib/rules_v2'); var getInfo = function (items) { return items[~~(items.length * Math.random())]; } module.exports = { xssFilter: function (query) { // var q = converter(q) var flag = 0; var data = {}; var rule_data = rules.xssRegex; var matched = query.match(rule_data.rule); if (matched) { flag = 1; data.description = getInfo(rule_data.description), data.risk = getInfo(rule_data.risk), data.cwe = getInfo(rule_data.cwe), data.findings = matched } if (flag == 1) { return data; } else return false; }, sqlFilter: function (query) { // var q = converter(q) var flag = 0; var data = {}; var rule_data = rules.sqlRegex; var matched = query.match(rule_data.rule); if (matched) { flag = 1; data.description = getInfo(rule_data.description), data.risk = getInfo(rule_data.risk), data.cwe = getInfo(rule_data.cwe), data.findings = matched } if (flag == 1) { return data; } else return false; } }