dearsky/wifi-densepose
1
0
Fork 0
Code Issues 20 Pull Requests 5 Actions Packages Projects Releases 1 Wiki Activity

Squashed 'vendor/ruvector/' content from commit b64c2172

Browse Source 
git-subtree-dir: vendor/ruvector
git-subtree-split: b64c21726f2bb37286d9ee36a7869fef60cc6900
This commit is contained in:
ruv
2026-02-28 14:39:40 -05:00
commit d803bfe2b1
7854 changed files with 3522914 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

426
npm/packages/agentic-synth/examples/security/README.md Normal file
View File

@@ -0,0 +1,426 @@
# Security Testing Examples
⚠️ **ETHICAL USE AND RESPONSIBLE DISCLOSURE ONLY** ⚠️
## Critical Warning
These examples are provided **EXCLUSIVELY** for:
- ✅ Authorized penetration testing with written permission
- ✅ Defensive security research in controlled environments
- ✅ Security awareness training programs
- ✅ Development and testing of security tools
- ✅ Academic research with proper ethical approval
- ✅ Red team exercises within your own organization
- ✅ Compliance testing for regulatory requirements
**NEVER** use these examples for:
- ❌ Unauthorized access to systems or networks
- ❌ Attacking systems without explicit written permission
- ❌ Malicious activities of any kind
- ❌ Testing third-party systems without authorization
- ❌ Violating computer fraud and abuse laws
- ❌ Bypassing security controls on production systems
- ❌ Any illegal or unethical activities
## Legal Disclaimer
**YOU ARE SOLELY RESPONSIBLE FOR YOUR ACTIONS**
Using these tools and examples against systems you don't own or don't have explicit authorization to test is **ILLEGAL** in most jurisdictions and may violate:
- Computer Fraud and Abuse Act (CFAA) - USA
- Computer Misuse Act - UK
- European Convention on Cybercrime
- Local and international cybercrime laws
Unauthorized access can result in:
- Criminal prosecution
- Civil liability
- Significant financial penalties
- Imprisonment
**ALWAYS obtain written authorization before conducting security testing.**
## Overview
This directory contains synthetic security testing data generators using `agentic-synth`. These tools help security professionals generate realistic test data for defensive security operations, tool development, and training.
## Files
### 1. `vulnerability-testing.ts`
Generates test data for common web application vulnerabilities:
- **SQL Injection Payloads** - Test input validation and parameterized queries
- **XSS Attack Vectors** - Validate output encoding and CSP
- **CSRF Test Scenarios** - Test token validation and SameSite cookies
- **Authentication Bypass Tests** - Validate authentication mechanisms
- **API Abuse Patterns** - Test rate limiting and API security controls
- **OWASP Top 10 Tests** - Comprehensive vulnerability testing suite
**Use Cases:**
- Web application security scanner development
- WAF (Web Application Firewall) rule testing
- Security code review training
- DevSecOps pipeline validation
### 2. `threat-simulation.ts`
Generates threat actor behavior simulations:
- **Brute Force Attack Patterns** - Test account lockout mechanisms
- **DDoS Traffic Simulation** - Validate DDoS mitigation
- **Malware Behavior Patterns** - Test EDR/XDR systems
- **Phishing Campaign Data** - Security awareness training
- **Insider Threat Scenarios** - UBA system validation
- **Zero-Day Exploit Indicators** - Threat intelligence testing
**Use Cases:**
- SOC analyst training
- Incident response preparedness
- Threat detection rule development
- Security monitoring system validation
### 3. `security-audit.ts`
Generates security audit and compliance data:
- **User Access Patterns** - Detect privilege escalation
- **Permission Change Audits** - Track access control modifications
- **Configuration Change Monitoring** - Security-sensitive config tracking
- **Compliance Violation Scenarios** - GDPR, HIPAA, PCI-DSS testing
- **Security Event Correlations** - SIEM correlation rule testing
- **DLP Audit Data** - Data loss prevention policy validation
**Use Cases:**
- SIEM and log analysis tool development
- Compliance reporting automation
- Security audit automation
- Insider threat detection system testing
### 4. `penetration-testing.ts`
Generates penetration testing datasets:
- **Network Scanning Results** - Vulnerability scanner testing
- **Port Enumeration Data** - Service identification validation
- **Service Fingerprinting** - Version detection testing
- **Exploitation Attempt Logs** - Exploit detection system validation
- **Post-Exploitation Activity** - Lateral movement detection
- **Pentest Report Data** - Reporting system development
**Use Cases:**
- Penetration testing tool development
- Red team exercise planning
- Security assessment automation
- Vulnerability management system testing
## Installation
```bash
# From the monorepo root
npm install
# Or specifically for agentic-synth
cd packages/agentic-synth
npm install
```
## Configuration
Set up your Anthropic API key:
```bash
export ANTHROPIC_API_KEY='your-api-key-here'
```
Or create a `.env` file in the agentic-synth directory:
```
ANTHROPIC_API_KEY=your-api-key-here
```
## Usage Examples
### Basic Usage
```typescript
import {
generateSQLInjectionPayloads,
generateXSSVectors
} from './security/vulnerability-testing';
// Generate SQL injection test payloads
const sqlPayloads = await generateSQLInjectionPayloads();
console.log(sqlPayloads);
// Generate XSS test vectors
const xssVectors = await generateXSSVectors();
console.log(xssVectors);
```
### Running Complete Test Suites
```typescript
import { runVulnerabilityTests } from './security/vulnerability-testing';
import { runThreatSimulations } from './security/threat-simulation';
import { runSecurityAudits } from './security/security-audit';
import { runPenetrationTests } from './security/penetration-testing';
// Run all vulnerability tests
const vulnResults = await runVulnerabilityTests();
// Run all threat simulations
const threatResults = await runThreatSimulations();
// Run all security audits
const auditResults = await runSecurityAudits();
// Run all penetration tests
const pentestResults = await runPenetrationTests();
```
### Customizing Generation
```typescript
import { AgenticSynth } from 'agentic-synth';
const synth = new AgenticSynth({
temperature: 0.8, // Higher for more variety
maxRetries: 3
});
const customData = await synth.generate({
prompt: 'Generate custom security test data...',
schema: {
// Your custom JSON schema
}
});
```
## Best Practices
### 1. Authorization First
**Before any security testing:**
```
┌─────────────────────────────────────────────┐
│ OBTAIN WRITTEN AUTHORIZATION │
│ │
│ ✓ Scope definition │
│ ✓ Time windows │
│ ✓ Acceptable techniques │
│ ✓ Emergency contacts │
│ ✓ Legal review │
└─────────────────────────────────────────────┘
```
### 2. Controlled Environments
- Use isolated test networks
- Deploy honeypots for realistic testing
- Separate production from testing
- Implement proper segmentation
- Monitor all testing activities
### 3. Responsible Disclosure
If you discover real vulnerabilities:
1. **Do not exploit** beyond proof of concept
2. **Document** findings professionally
3. **Report** to appropriate parties immediately
4. **Follow** responsible disclosure timelines
5. **Respect** confidentiality agreements
### 4. Data Handling
- Never use real user data in tests
- Sanitize all test data before sharing
- Encrypt sensitive test artifacts
- Properly dispose of test data
- Follow data protection regulations
### 5. Tool Safety
```typescript
// Always validate before execution
if (!hasAuthorization()) {
throw new Error('Unauthorized testing attempt blocked');
}
// Log all activities
logSecurityTestActivity({
action: 'vulnerability_scan',
target: authorizedTarget,
timestamp: new Date(),
authorization: authorizationId
});
// Implement rate limiting
const rateLimiter = new RateLimiter({
maxRequestsPerMinute: 10
});
```
## Educational Use
These examples are valuable for:
### Security Training
- Hands-on labs for security courses
- Certification preparation (CEH, OSCP, etc.)
- Capture the Flag (CTF) competitions
- Security awareness programs
### Tool Development
- Building security testing frameworks
- Creating custom vulnerability scanners
- Developing SIEM correlation rules
- Implementing IDS/IPS signatures
### Research
- Security research projects
- Academic publications
- Threat modeling exercises
- Risk assessment frameworks
## Security Testing Workflow
```
1. AUTHORIZATION
2. RECONNAISSANCE (Passive)
3. SCANNING (Active, if authorized)
4. ENUMERATION
5. EXPLOITATION (Controlled)
6. POST-EXPLOITATION (Limited)
7. DOCUMENTATION
8. REPORTING
9. REMEDIATION SUPPORT
10. RE-TESTING
```
## Ethical Guidelines
### DO:
✅ Get explicit written permission
✅ Stay within defined scope
✅ Report vulnerabilities responsibly
✅ Protect client confidentiality
✅ Document all activities
✅ Follow industry standards (OWASP, NIST, etc.)
✅ Maintain professional ethics
✅ Provide remediation guidance
✅ Respect privacy and data protection laws
### DON'T:
❌ Test without authorization
❌ Exceed defined scope
❌ Cause damage or disruption
❌ Access or exfiltrate real data
❌ Share findings publicly without permission
❌ Use discoveries for personal gain
❌ Ignore responsible disclosure procedures
❌ Test in production without approval
❌ Bypass security controls unnecessarily
## Compliance Considerations
When generating test data for compliance testing:
### GDPR (General Data Protection Regulation)
- Use synthetic data only
- Don't process real personal data
- Document data processing activities
- Implement data minimization
- Ensure right to erasure
### HIPAA (Health Insurance Portability and Accountability Act)
- Never use real PHI (Protected Health Information)
- Test with synthetic medical data only
- Ensure encryption at rest and in transit
- Document all security testing activities
- Maintain audit logs
### PCI-DSS (Payment Card Industry Data Security Standard)
- Never test with real cardholder data
- Use test card numbers only
- Implement network segmentation
- Conduct quarterly vulnerability scans
- Perform annual penetration tests
## Support and Resources
### Official Resources
- [OWASP Testing Guide](https://owasp.org/www-project-web-security-testing-guide/)
- [NIST Cybersecurity Framework](https://www.nist.gov/cyberframework)
- [MITRE ATT&CK Framework](https://attack.mitre.org/)
- [CVE Database](https://cve.mitre.org/)
- [NVD (National Vulnerability Database)](https://nvd.nist.gov/)
### Community
- OWASP Local Chapters
- DEF CON Groups
- SANS Internet Storm Center
- Bugcrowd and HackerOne forums
### Training
- [SANS Security Training](https://www.sans.org/)
- [Offensive Security Certifications](https://www.offensive-security.com/)
- [eLearnSecurity Courses](https://elearnsecurity.com/)
- [Cybrary Free Courses](https://www.cybrary.it/)
## Contributing
When contributing security testing examples:
1. **Ensure ethical use** - All examples must be defensive
2. **Include warnings** - Clear ethical use statements
3. **Document thoroughly** - Explain intended use cases
4. **Test safely** - Validate in isolated environments
5. **Review carefully** - Security team approval required
## License
These examples are provided for educational and authorized testing purposes only. Users are solely responsible for ensuring compliance with all applicable laws and regulations.
---
## Final Reminder
🚨 **CRITICAL** 🚨
**UNAUTHORIZED COMPUTER ACCESS IS A CRIME**
These tools are powerful and must be used responsibly. The line between ethical hacking and criminal activity is **authorization**. Always obtain explicit written permission before conducting any security testing.
**When in doubt, don't test. Ask first.**
---
*Generated using agentic-synth - Synthetic data for ethical security testing*
**Remember: With great power comes great responsibility. Use these tools wisely.**

64
npm/packages/agentic-synth/examples/security/penetration-testing.d.ts vendored Normal file
View File

@@ -0,0 +1,64 @@
/**
* Penetration Testing Data Examples
*
* ⚠️ ETHICAL USE ONLY ⚠️
* These examples are for:
* - Authorized penetration testing engagements
* - Red team exercises in controlled environments
* - Security tool development and validation
* - Penetration testing training and certification
*
* ALWAYS obtain written authorization before testing.
*/
/**
* Network Scanning Results
* For testing vulnerability scanners and network mapping tools
*/
export declare function generateNetworkScanResults(): Promise<any>;
/**
* Port Enumeration Data
* For testing port scanning tools and service identification
*/
export declare function generatePortEnumerationData(): Promise<any>;
/**
* Service Fingerprinting Data
* For testing service identification and version detection
*/
export declare function generateServiceFingerprints(): Promise<any>;
/**
* Exploitation Attempt Logs
* For testing exploit detection and prevention systems
*/
export declare function generateExploitationLogs(): Promise<any>;
/**
* Post-Exploitation Activity Simulation
* For testing lateral movement and persistence detection
*/
export declare function generatePostExploitationActivity(): Promise<any>;
/**
* Penetration Testing Report Data
* For testing reporting systems and findings management
*/
export declare function generatePentestReportData(): Promise<any>;
/**
* Example Usage
*/
export declare function runPenetrationTests(): Promise<{
scanResults: any;
portData: any;
fingerprints: any;
exploitLogs: any;
postExploit: any;
reports: any;
}>;
declare const _default: {
generateNetworkScanResults: typeof generateNetworkScanResults;
generatePortEnumerationData: typeof generatePortEnumerationData;
generateServiceFingerprints: typeof generateServiceFingerprints;
generateExploitationLogs: typeof generateExploitationLogs;
generatePostExploitationActivity: typeof generatePostExploitationActivity;
generatePentestReportData: typeof generatePentestReportData;
runPenetrationTests: typeof runPenetrationTests;
};
export default _default;
//# sourceMappingURL=penetration-testing.d.ts.map

1
npm/packages/agentic-synth/examples/security/penetration-testing.d.ts.map Normal file
View File

@@ -0,0 +1 @@
{"version":3,"file":"penetration-testing.d.ts","sourceRoot":"","sources":["penetration-testing.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAIH;;;GAGG;AACH,wBAAsB,0BAA0B,iBA8F/C;AAED;;;GAGG;AACH,wBAAsB,2BAA2B,iBAuFhD;AAED;;;GAGG;AACH,wBAAsB,2BAA2B,iBAgGhD;AAED;;;GAGG;AACH,wBAAsB,wBAAwB,iBA4G7C;AAED;;;GAGG;AACH,wBAAsB,gCAAgC,iBA8GrD;AAED;;;GAGG;AACH,wBAAsB,yBAAyB,iBA+E9C;AAED;;GAEG;AACH,wBAAsB,mBAAmB;;;;;;;GA8CxC;;;;;;;;;;AAGD,wBAQE"}

663
npm/packages/agentic-synth/examples/security/penetration-testing.js Normal file
View File

@@ -0,0 +1,663 @@
"use strict";
/**
* Penetration Testing Data Examples
*
* ⚠️ ETHICAL USE ONLY ⚠️
* These examples are for:
* - Authorized penetration testing engagements
* - Red team exercises in controlled environments
* - Security tool development and validation
* - Penetration testing training and certification
*
* ALWAYS obtain written authorization before testing.
*/
Object.defineProperty(exports, "__esModule", { value: true });
exports.generateNetworkScanResults = generateNetworkScanResults;
exports.generatePortEnumerationData = generatePortEnumerationData;
exports.generateServiceFingerprints = generateServiceFingerprints;
exports.generateExploitationLogs = generateExploitationLogs;
exports.generatePostExploitationActivity = generatePostExploitationActivity;
exports.generatePentestReportData = generatePentestReportData;
exports.runPenetrationTests = runPenetrationTests;
const agentic_synth_1 = require("agentic-synth");
/**
* Network Scanning Results
* For testing vulnerability scanners and network mapping tools
*/
async function generateNetworkScanResults() {
const synth = new agentic_synth_1.AgenticSynth({
temperature: 0.7,
maxRetries: 3
});
const scanPrompt = `
Generate network scanning results data for penetration testing.
Include host discovery, port scans, service detection results.
Each scan result should have: target, ports, services, vulnerabilities, recommendations.
Generate 10 diverse network scan results.
`;
const results = await synth.generate({
prompt: scanPrompt,
schema: {
type: 'object',
properties: {
scan_results: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
scan_id: { type: 'string' },
scan_date: { type: 'string' },
target: {
type: 'object',
properties: {
ip_address: { type: 'string' },
hostname: { type: 'string' },
mac_address: { type: 'string' },
operating_system: { type: 'string' },
os_confidence: { type: 'number' }
}
},
scan_type: {
type: 'string',
enum: ['tcp_connect', 'syn_scan', 'udp_scan', 'comprehensive', 'stealth']
},
open_ports: {
type: 'array',
items: {
type: 'object',
properties: {
port: { type: 'number' },
protocol: { type: 'string' },
state: { type: 'string' },
service: { type: 'string' },
version: { type: 'string' },
banner: { type: 'string' }
}
}
},
filtered_ports: { type: 'array', items: { type: 'number' } },
services_detected: {
type: 'array',
items: {
type: 'object',
properties: {
service_name: { type: 'string' },
version: { type: 'string' },
cpe: { type: 'string' },
product: { type: 'string' },
extra_info: { type: 'string' }
}
}
},
vulnerabilities_found: {
type: 'array',
items: {
type: 'object',
properties: {
cve_id: { type: 'string' },
severity: { type: 'string' },
cvss_score: { type: 'number' },
description: { type: 'string' },
affected_service: { type: 'string' }
}
}
},
firewall_detected: { type: 'boolean' },
ids_ips_detected: { type: 'boolean' },
recommendations: { type: 'array', items: { type: 'string' } }
},
required: ['id', 'target', 'scan_type', 'open_ports']
}
}
},
required: ['scan_results']
}
});
return results;
}
/**
* Port Enumeration Data
* For testing port scanning tools and service identification
*/
async function generatePortEnumerationData() {
const synth = new agentic_synth_1.AgenticSynth({
temperature: 0.7,
maxRetries: 3
});
const portPrompt = `
Generate port enumeration data for penetration testing tools.
Include common services, uncommon ports, misconfigurations.
Each enumeration should have: port_info, service_details, security_findings.
Generate 12 port enumeration scenarios.
`;
const data = await synth.generate({
prompt: portPrompt,
schema: {
type: 'object',
properties: {
enumerations: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
target_ip: { type: 'string' },
port: { type: 'number' },
protocol: { type: 'string', enum: ['tcp', 'udp'] },
state: { type: 'string', enum: ['open', 'closed', 'filtered'] },
service_detection: {
type: 'object',
properties: {
service_name: { type: 'string' },
product: { type: 'string' },
version: { type: 'string' },
os_type: { type: 'string' },
device_type: { type: 'string' },
banner_grab: { type: 'string' }
}
},
detailed_analysis: {
type: 'object',
properties: {
ssl_tls_info: {
type: 'object',
properties: {
enabled: { type: 'boolean' },
version: { type: 'string' },
cipher_suites: { type: 'array', items: { type: 'string' } },
certificate_info: { type: 'string' },
vulnerabilities: { type: 'array', items: { type: 'string' } }
}
},
authentication: {
type: 'object',
properties: {
required: { type: 'boolean' },
methods: { type: 'array', items: { type: 'string' } },
default_credentials_tested: { type: 'boolean' },
weak_auth_detected: { type: 'boolean' }
}
}
}
},
security_findings: {
type: 'array',
items: {
type: 'object',
properties: {
finding_type: { type: 'string' },
severity: { type: 'string' },
description: { type: 'string' },
exploitation_difficulty: { type: 'string' }
}
}
},
exploitation_potential: { type: 'string' },
recommended_tests: { type: 'array', items: { type: 'string' } }
},
required: ['id', 'target_ip', 'port', 'service_detection']
}
}
},
required: ['enumerations']
}
});
return data;
}
/**
* Service Fingerprinting Data
* For testing service identification and version detection
*/
async function generateServiceFingerprints() {
const synth = new agentic_synth_1.AgenticSynth({
temperature: 0.8,
maxRetries: 3
});
const fingerprintPrompt = `
Generate service fingerprinting data for penetration testing.
Include web servers, databases, mail servers, authentication services.
Each fingerprint should have: service_type, version_info, vulnerabilities, attack_vectors.
Generate 10 service fingerprint scenarios.
`;
const fingerprints = await synth.generate({
prompt: fingerprintPrompt,
schema: {
type: 'object',
properties: {
fingerprints: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
service_category: {
type: 'string',
enum: [
'web_server',
'database',
'mail_server',
'file_server',
'authentication_service',
'application_server',
'message_queue',
'cache_server'
]
},
service_info: {
type: 'object',
properties: {
name: { type: 'string' },
vendor: { type: 'string' },
version: { type: 'string' },
build_number: { type: 'string' },
release_date: { type: 'string' }
}
},
detection_methods: {
type: 'array',
items: {
type: 'object',
properties: {
method: { type: 'string' },
confidence: { type: 'number' },
evidence: { type: 'string' }
}
}
},
known_vulnerabilities: {
type: 'array',
items: {
type: 'object',
properties: {
cve_id: { type: 'string' },
cvss_score: { type: 'number' },
exploit_available: { type: 'boolean' },
metasploit_module: { type: 'string' },
description: { type: 'string' }
}
}
},
configuration_issues: { type: 'array', items: { type: 'string' } },
attack_vectors: {
type: 'array',
items: {
type: 'object',
properties: {
vector_name: { type: 'string' },
difficulty: { type: 'string' },
impact: { type: 'string' },
prerequisites: { type: 'array', items: { type: 'string' } }
}
}
},
exploitation_notes: { type: 'string' },
recommended_patches: { type: 'array', items: { type: 'string' } }
},
required: ['id', 'service_category', 'service_info', 'attack_vectors']
}
}
},
required: ['fingerprints']
}
});
return fingerprints;
}
/**
* Exploitation Attempt Logs
* For testing exploit detection and prevention systems
*/
async function generateExploitationLogs() {
const synth = new agentic_synth_1.AgenticSynth({
temperature: 0.7,
maxRetries: 3
});
const exploitPrompt = `
Generate exploitation attempt logs for security testing.
Include buffer overflows, code injection, privilege escalation attempts.
Each log should have: exploit_type, payload, success_status, detection_status.
Generate 12 exploitation attempt scenarios.
`;
const logs = await synth.generate({
prompt: exploitPrompt,
schema: {
type: 'object',
properties: {
exploitation_attempts: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
timestamp: { type: 'string' },
exploit_type: {
type: 'string',
enum: [
'buffer_overflow',
'sql_injection',
'command_injection',
'remote_code_execution',
'privilege_escalation',
'authentication_bypass',
'directory_traversal',
'deserialization',
'xxe_injection'
]
},
target: {
type: 'object',
properties: {
ip: { type: 'string' },
port: { type: 'number' },
service: { type: 'string' },
endpoint: { type: 'string' }
}
},
exploit_details: {
type: 'object',
properties: {
cve_id: { type: 'string' },
exploit_name: { type: 'string' },
exploit_framework: { type: 'string' },
payload_type: { type: 'string' },
shellcode_used: { type: 'boolean' }
}
},
payload_info: {
type: 'object',
properties: {
payload_size: { type: 'number' },
encoding: { type: 'string' },
obfuscation: { type: 'boolean' },
delivery_method: { type: 'string' }
}
},
execution_result: {
type: 'object',
properties: {
success: { type: 'boolean' },
error_message: { type: 'string' },
shell_obtained: { type: 'boolean' },
privileges_gained: { type: 'string' },
access_level: { type: 'string' }
}
},
detection_status: {
type: 'object',
properties: {
detected: { type: 'boolean' },
detection_method: { type: 'string' },
blocked: { type: 'boolean' },
alert_generated: { type: 'boolean' }
}
},
post_exploitation: {
type: 'array',
items: {
type: 'object',
properties: {
action: { type: 'string' },
timestamp: { type: 'string' },
success: { type: 'boolean' }
}
}
},
remediation: { type: 'string' }
},
required: ['id', 'exploit_type', 'target', 'execution_result', 'detection_status']
}
}
},
required: ['exploitation_attempts']
}
});
return logs;
}
/**
* Post-Exploitation Activity Simulation
* For testing lateral movement and persistence detection
*/
async function generatePostExploitationActivity() {
const synth = new agentic_synth_1.AgenticSynth({
temperature: 0.8,
maxRetries: 3
});
const postExploitPrompt = `
Generate post-exploitation activity data for security testing.
Include lateral movement, privilege escalation, persistence mechanisms, data exfiltration.
Each activity should have: technique, commands, indicators, detection_opportunities.
Generate 10 post-exploitation scenarios following MITRE ATT&CK.
`;
const activities = await synth.generate({
prompt: postExploitPrompt,
schema: {
type: 'object',
properties: {
activities: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
scenario_name: { type: 'string' },
initial_access: {
type: 'object',
properties: {
method: { type: 'string' },
compromised_host: { type: 'string' },
initial_privileges: { type: 'string' },
timestamp: { type: 'string' }
}
},
activity_chain: {
type: 'array',
items: {
type: 'object',
properties: {
sequence: { type: 'number' },
mitre_technique: { type: 'string' },
tactic: { type: 'string' },
technique_name: { type: 'string' },
description: { type: 'string' },
commands_executed: { type: 'array', items: { type: 'string' } },
tools_used: { type: 'array', items: { type: 'string' } },
artifacts_created: { type: 'array', items: { type: 'string' } },
network_connections: {
type: 'array',
items: {
type: 'object',
properties: {
source: { type: 'string' },
destination: { type: 'string' },
port: { type: 'number' },
protocol: { type: 'string' }
}
}
}
}
}
},
persistence_mechanisms: {
type: 'array',
items: {
type: 'object',
properties: {
method: { type: 'string' },
location: { type: 'string' },
trigger: { type: 'string' },
stealth_level: { type: 'string' }
}
}
},
lateral_movement: {
type: 'array',
items: {
type: 'object',
properties: {
from_host: { type: 'string' },
to_host: { type: 'string' },
method: { type: 'string' },
credentials_used: { type: 'string' },
success: { type: 'boolean' }
}
}
},
data_exfiltration: {
type: 'object',
properties: {
occurred: { type: 'boolean' },
data_types: { type: 'array', items: { type: 'string' } },
volume_mb: { type: 'number' },
exfil_method: { type: 'string' },
c2_server: { type: 'string' }
}
},
detection_opportunities: { type: 'array', items: { type: 'string' } },
indicators_of_compromise: { type: 'array', items: { type: 'string' } },
defensive_recommendations: { type: 'array', items: { type: 'string' } }
},
required: ['id', 'scenario_name', 'initial_access', 'activity_chain']
}
}
},
required: ['activities']
}
});
return activities;
}
/**
* Penetration Testing Report Data
* For testing reporting systems and findings management
*/
async function generatePentestReportData() {
const synth = new agentic_synth_1.AgenticSynth({
temperature: 0.7,
maxRetries: 3
});
const reportPrompt = `
Generate penetration testing report data with findings and recommendations.
Include executive summary metrics, technical findings, risk ratings, remediation plans.
Each report should have: engagement_info, findings, risk_analysis, recommendations.
Generate 5 comprehensive pentest report datasets.
`;
const reports = await synth.generate({
prompt: reportPrompt,
schema: {
type: 'object',
properties: {
reports: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
engagement_info: {
type: 'object',
properties: {
client_name: { type: 'string' },
engagement_type: { type: 'string' },
test_date_range: { type: 'string' },
scope: { type: 'array', items: { type: 'string' } },
testing_methodology: { type: 'string' },
rules_of_engagement: { type: 'string' }
}
},
executive_summary: {
type: 'object',
properties: {
total_findings: { type: 'number' },
critical_findings: { type: 'number' },
high_findings: { type: 'number' },
medium_findings: { type: 'number' },
low_findings: { type: 'number' },
overall_risk_rating: { type: 'string' },
key_observations: { type: 'array', items: { type: 'string' } }
}
},
findings: {
type: 'array',
items: {
type: 'object',
properties: {
finding_id: { type: 'string' },
title: { type: 'string' },
severity: { type: 'string' },
cvss_score: { type: 'number' },
affected_systems: { type: 'array', items: { type: 'string' } },
description: { type: 'string' },
impact: { type: 'string' },
likelihood: { type: 'string' },
evidence: { type: 'array', items: { type: 'string' } },
remediation: { type: 'string' },
remediation_priority: { type: 'string' },
references: { type: 'array', items: { type: 'string' } }
}
}
},
recommendations: { type: 'array', items: { type: 'string' } },
conclusion: { type: 'string' }
},
required: ['id', 'engagement_info', 'executive_summary', 'findings']
}
}
},
required: ['reports']
}
});
return reports;
}
/**
* Example Usage
*/
async function runPenetrationTests() {
console.log('⚠️ Running Authorized Penetration Testing Data Generation ⚠️\n');
try {
// Generate network scan results
console.log('Generating network scan results...');
const scanResults = await generateNetworkScanResults();
console.log(`Generated ${scanResults.scan_results?.length || 0} scan results\n`);
// Generate port enumeration data
console.log('Generating port enumeration data...');
const portData = await generatePortEnumerationData();
console.log(`Generated ${portData.enumerations?.length || 0} port enumerations\n`);
// Generate service fingerprints
console.log('Generating service fingerprints...');
const fingerprints = await generateServiceFingerprints();
console.log(`Generated ${fingerprints.fingerprints?.length || 0} service fingerprints\n`);
// Generate exploitation logs
console.log('Generating exploitation attempt logs...');
const exploitLogs = await generateExploitationLogs();
console.log(`Generated ${exploitLogs.exploitation_attempts?.length || 0} exploitation logs\n`);
// Generate post-exploitation activities
console.log('Generating post-exploitation activities...');
const postExploit = await generatePostExploitationActivity();
console.log(`Generated ${postExploit.activities?.length || 0} post-exploitation scenarios\n`);
// Generate pentest reports
console.log('Generating penetration testing reports...');
const reports = await generatePentestReportData();
console.log(`Generated ${reports.reports?.length || 0} pentest reports\n`);
return {
scanResults,
portData,
fingerprints,
exploitLogs,
postExploit,
reports
};
}
catch (error) {
console.error('Error generating penetration testing data:', error);
throw error;
}
}
// Export all generators
exports.default = {
generateNetworkScanResults,
generatePortEnumerationData,
generateServiceFingerprints,
generateExploitationLogs,
generatePostExploitationActivity,
generatePentestReportData,
runPenetrationTests
};
//# sourceMappingURL=penetration-testing.js.map

1
npm/packages/agentic-synth/examples/security/penetration-testing.js.map Normal file
View File

File diff suppressed because one or more lines are too long

686
npm/packages/agentic-synth/examples/security/penetration-testing.ts Normal file
View File

@@ -0,0 +1,686 @@
/**
* Penetration Testing Data Examples
*
* ⚠️ ETHICAL USE ONLY ⚠️
* These examples are for:
* - Authorized penetration testing engagements
* - Red team exercises in controlled environments
* - Security tool development and validation
* - Penetration testing training and certification
*
* ALWAYS obtain written authorization before testing.
*/
import { AgenticSynth } from 'agentic-synth';
/**
* Network Scanning Results
* For testing vulnerability scanners and network mapping tools
*/
export async function generateNetworkScanResults() {
const synth = new AgenticSynth({
temperature: 0.7,
maxRetries: 3
});
const scanPrompt = `
Generate network scanning results data for penetration testing.
Include host discovery, port scans, service detection results.
Each scan result should have: target, ports, services, vulnerabilities, recommendations.
Generate 10 diverse network scan results.
`;
const results = await synth.generate({
prompt: scanPrompt,
schema: {
type: 'object',
properties: {
scan_results: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
scan_id: { type: 'string' },
scan_date: { type: 'string' },
target: {
type: 'object',
properties: {
ip_address: { type: 'string' },
hostname: { type: 'string' },
mac_address: { type: 'string' },
operating_system: { type: 'string' },
os_confidence: { type: 'number' }
}
},
scan_type: {
type: 'string',
enum: ['tcp_connect', 'syn_scan', 'udp_scan', 'comprehensive', 'stealth']
},
open_ports: {
type: 'array',
items: {
type: 'object',
properties: {
port: { type: 'number' },
protocol: { type: 'string' },
state: { type: 'string' },
service: { type: 'string' },
version: { type: 'string' },
banner: { type: 'string' }
}
}
},
filtered_ports: { type: 'array', items: { type: 'number' } },
services_detected: {
type: 'array',
items: {
type: 'object',
properties: {
service_name: { type: 'string' },
version: { type: 'string' },
cpe: { type: 'string' },
product: { type: 'string' },
extra_info: { type: 'string' }
}
}
},
vulnerabilities_found: {
type: 'array',
items: {
type: 'object',
properties: {
cve_id: { type: 'string' },
severity: { type: 'string' },
cvss_score: { type: 'number' },
description: { type: 'string' },
affected_service: { type: 'string' }
}
}
},
firewall_detected: { type: 'boolean' },
ids_ips_detected: { type: 'boolean' },
recommendations: { type: 'array', items: { type: 'string' } }
},
required: ['id', 'target', 'scan_type', 'open_ports']
}
}
},
required: ['scan_results']
}
});
return results;
}
/**
* Port Enumeration Data
* For testing port scanning tools and service identification
*/
export async function generatePortEnumerationData() {
const synth = new AgenticSynth({
temperature: 0.7,
maxRetries: 3
});
const portPrompt = `
Generate port enumeration data for penetration testing tools.
Include common services, uncommon ports, misconfigurations.
Each enumeration should have: port_info, service_details, security_findings.
Generate 12 port enumeration scenarios.
`;
const data = await synth.generate({
prompt: portPrompt,
schema: {
type: 'object',
properties: {
enumerations: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
target_ip: { type: 'string' },
port: { type: 'number' },
protocol: { type: 'string', enum: ['tcp', 'udp'] },
state: { type: 'string', enum: ['open', 'closed', 'filtered'] },
service_detection: {
type: 'object',
properties: {
service_name: { type: 'string' },
product: { type: 'string' },
version: { type: 'string' },
os_type: { type: 'string' },
device_type: { type: 'string' },
banner_grab: { type: 'string' }
}
},
detailed_analysis: {
type: 'object',
properties: {
ssl_tls_info: {
type: 'object',
properties: {
enabled: { type: 'boolean' },
version: { type: 'string' },
cipher_suites: { type: 'array', items: { type: 'string' } },
certificate_info: { type: 'string' },
vulnerabilities: { type: 'array', items: { type: 'string' } }
}
},
authentication: {
type: 'object',
properties: {
required: { type: 'boolean' },
methods: { type: 'array', items: { type: 'string' } },
default_credentials_tested: { type: 'boolean' },
weak_auth_detected: { type: 'boolean' }
}
}
}
},
security_findings: {
type: 'array',
items: {
type: 'object',
properties: {
finding_type: { type: 'string' },
severity: { type: 'string' },
description: { type: 'string' },
exploitation_difficulty: { type: 'string' }
}
}
},
exploitation_potential: { type: 'string' },
recommended_tests: { type: 'array', items: { type: 'string' } }
},
required: ['id', 'target_ip', 'port', 'service_detection']
}
}
},
required: ['enumerations']
}
});
return data;
}
/**
* Service Fingerprinting Data
* For testing service identification and version detection
*/
export async function generateServiceFingerprints() {
const synth = new AgenticSynth({
temperature: 0.8,
maxRetries: 3
});
const fingerprintPrompt = `
Generate service fingerprinting data for penetration testing.
Include web servers, databases, mail servers, authentication services.
Each fingerprint should have: service_type, version_info, vulnerabilities, attack_vectors.
Generate 10 service fingerprint scenarios.
`;
const fingerprints = await synth.generate({
prompt: fingerprintPrompt,
schema: {
type: 'object',
properties: {
fingerprints: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
service_category: {
type: 'string',
enum: [
'web_server',
'database',
'mail_server',
'file_server',
'authentication_service',
'application_server',
'message_queue',
'cache_server'
]
},
service_info: {
type: 'object',
properties: {
name: { type: 'string' },
vendor: { type: 'string' },
version: { type: 'string' },
build_number: { type: 'string' },
release_date: { type: 'string' }
}
},
detection_methods: {
type: 'array',
items: {
type: 'object',
properties: {
method: { type: 'string' },
confidence: { type: 'number' },
evidence: { type: 'string' }
}
}
},
known_vulnerabilities: {
type: 'array',
items: {
type: 'object',
properties: {
cve_id: { type: 'string' },
cvss_score: { type: 'number' },
exploit_available: { type: 'boolean' },
metasploit_module: { type: 'string' },
description: { type: 'string' }
}
}
},
configuration_issues: { type: 'array', items: { type: 'string' } },
attack_vectors: {
type: 'array',
items: {
type: 'object',
properties: {
vector_name: { type: 'string' },
difficulty: { type: 'string' },
impact: { type: 'string' },
prerequisites: { type: 'array', items: { type: 'string' } }
}
}
},
exploitation_notes: { type: 'string' },
recommended_patches: { type: 'array', items: { type: 'string' } }
},
required: ['id', 'service_category', 'service_info', 'attack_vectors']
}
}
},
required: ['fingerprints']
}
});
return fingerprints;
}
/**
* Exploitation Attempt Logs
* For testing exploit detection and prevention systems
*/
export async function generateExploitationLogs() {
const synth = new AgenticSynth({
temperature: 0.7,
maxRetries: 3
});
const exploitPrompt = `
Generate exploitation attempt logs for security testing.
Include buffer overflows, code injection, privilege escalation attempts.
Each log should have: exploit_type, payload, success_status, detection_status.
Generate 12 exploitation attempt scenarios.
`;
const logs = await synth.generate({
prompt: exploitPrompt,
schema: {
type: 'object',
properties: {
exploitation_attempts: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
timestamp: { type: 'string' },
exploit_type: {
type: 'string',
enum: [
'buffer_overflow',
'sql_injection',
'command_injection',
'remote_code_execution',
'privilege_escalation',
'authentication_bypass',
'directory_traversal',
'deserialization',
'xxe_injection'
]
},
target: {
type: 'object',
properties: {
ip: { type: 'string' },
port: { type: 'number' },
service: { type: 'string' },
endpoint: { type: 'string' }
}
},
exploit_details: {
type: 'object',
properties: {
cve_id: { type: 'string' },
exploit_name: { type: 'string' },
exploit_framework: { type: 'string' },
payload_type: { type: 'string' },
shellcode_used: { type: 'boolean' }
}
},
payload_info: {
type: 'object',
properties: {
payload_size: { type: 'number' },
encoding: { type: 'string' },
obfuscation: { type: 'boolean' },
delivery_method: { type: 'string' }
}
},
execution_result: {
type: 'object',
properties: {
success: { type: 'boolean' },
error_message: { type: 'string' },
shell_obtained: { type: 'boolean' },
privileges_gained: { type: 'string' },
access_level: { type: 'string' }
}
},
detection_status: {
type: 'object',
properties: {
detected: { type: 'boolean' },
detection_method: { type: 'string' },
blocked: { type: 'boolean' },
alert_generated: { type: 'boolean' }
}
},
post_exploitation: {
type: 'array',
items: {
type: 'object',
properties: {
action: { type: 'string' },
timestamp: { type: 'string' },
success: { type: 'boolean' }
}
}
},
remediation: { type: 'string' }
},
required: ['id', 'exploit_type', 'target', 'execution_result', 'detection_status']
}
}
},
required: ['exploitation_attempts']
}
});
return logs;
}
/**
* Post-Exploitation Activity Simulation
* For testing lateral movement and persistence detection
*/
export async function generatePostExploitationActivity() {
const synth = new AgenticSynth({
temperature: 0.8,
maxRetries: 3
});
const postExploitPrompt = `
Generate post-exploitation activity data for security testing.
Include lateral movement, privilege escalation, persistence mechanisms, data exfiltration.
Each activity should have: technique, commands, indicators, detection_opportunities.
Generate 10 post-exploitation scenarios following MITRE ATT&CK.
`;
const activities = await synth.generate({
prompt: postExploitPrompt,
schema: {
type: 'object',
properties: {
activities: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
scenario_name: { type: 'string' },
initial_access: {
type: 'object',
properties: {
method: { type: 'string' },
compromised_host: { type: 'string' },
initial_privileges: { type: 'string' },
timestamp: { type: 'string' }
}
},
activity_chain: {
type: 'array',
items: {
type: 'object',
properties: {
sequence: { type: 'number' },
mitre_technique: { type: 'string' },
tactic: { type: 'string' },
technique_name: { type: 'string' },
description: { type: 'string' },
commands_executed: { type: 'array', items: { type: 'string' } },
tools_used: { type: 'array', items: { type: 'string' } },
artifacts_created: { type: 'array', items: { type: 'string' } },
network_connections: {
type: 'array',
items: {
type: 'object',
properties: {
source: { type: 'string' },
destination: { type: 'string' },
port: { type: 'number' },
protocol: { type: 'string' }
}
}
}
}
}
},
persistence_mechanisms: {
type: 'array',
items: {
type: 'object',
properties: {
method: { type: 'string' },
location: { type: 'string' },
trigger: { type: 'string' },
stealth_level: { type: 'string' }
}
}
},
lateral_movement: {
type: 'array',
items: {
type: 'object',
properties: {
from_host: { type: 'string' },
to_host: { type: 'string' },
method: { type: 'string' },
credentials_used: { type: 'string' },
success: { type: 'boolean' }
}
}
},
data_exfiltration: {
type: 'object',
properties: {
occurred: { type: 'boolean' },
data_types: { type: 'array', items: { type: 'string' } },
volume_mb: { type: 'number' },
exfil_method: { type: 'string' },
c2_server: { type: 'string' }
}
},
detection_opportunities: { type: 'array', items: { type: 'string' } },
indicators_of_compromise: { type: 'array', items: { type: 'string' } },
defensive_recommendations: { type: 'array', items: { type: 'string' } }
},
required: ['id', 'scenario_name', 'initial_access', 'activity_chain']
}
}
},
required: ['activities']
}
});
return activities;
}
/**
* Penetration Testing Report Data
* For testing reporting systems and findings management
*/
export async function generatePentestReportData() {
const synth = new AgenticSynth({
temperature: 0.7,
maxRetries: 3
});
const reportPrompt = `
Generate penetration testing report data with findings and recommendations.
Include executive summary metrics, technical findings, risk ratings, remediation plans.
Each report should have: engagement_info, findings, risk_analysis, recommendations.
Generate 5 comprehensive pentest report datasets.
`;
const reports = await synth.generate({
prompt: reportPrompt,
schema: {
type: 'object',
properties: {
reports: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
engagement_info: {
type: 'object',
properties: {
client_name: { type: 'string' },
engagement_type: { type: 'string' },
test_date_range: { type: 'string' },
scope: { type: 'array', items: { type: 'string' } },
testing_methodology: { type: 'string' },
rules_of_engagement: { type: 'string' }
}
},
executive_summary: {
type: 'object',
properties: {
total_findings: { type: 'number' },
critical_findings: { type: 'number' },
high_findings: { type: 'number' },
medium_findings: { type: 'number' },
low_findings: { type: 'number' },
overall_risk_rating: { type: 'string' },
key_observations: { type: 'array', items: { type: 'string' } }
}
},
findings: {
type: 'array',
items: {
type: 'object',
properties: {
finding_id: { type: 'string' },
title: { type: 'string' },
severity: { type: 'string' },
cvss_score: { type: 'number' },
affected_systems: { type: 'array', items: { type: 'string' } },
description: { type: 'string' },
impact: { type: 'string' },
likelihood: { type: 'string' },
evidence: { type: 'array', items: { type: 'string' } },
remediation: { type: 'string' },
remediation_priority: { type: 'string' },
references: { type: 'array', items: { type: 'string' } }
}
}
},
recommendations: { type: 'array', items: { type: 'string' } },
conclusion: { type: 'string' }
},
required: ['id', 'engagement_info', 'executive_summary', 'findings']
}
}
},
required: ['reports']
}
});
return reports;
}
/**
* Example Usage
*/
export async function runPenetrationTests() {
console.log('⚠️ Running Authorized Penetration Testing Data Generation ⚠️\n');
try {
// Generate network scan results
console.log('Generating network scan results...');
const scanResults = await generateNetworkScanResults();
console.log(`Generated ${scanResults.scan_results?.length || 0} scan results\n`);
// Generate port enumeration data
console.log('Generating port enumeration data...');
const portData = await generatePortEnumerationData();
console.log(`Generated ${portData.enumerations?.length || 0} port enumerations\n`);
// Generate service fingerprints
console.log('Generating service fingerprints...');
const fingerprints = await generateServiceFingerprints();
console.log(`Generated ${fingerprints.fingerprints?.length || 0} service fingerprints\n`);
// Generate exploitation logs
console.log('Generating exploitation attempt logs...');
const exploitLogs = await generateExploitationLogs();
console.log(`Generated ${exploitLogs.exploitation_attempts?.length || 0} exploitation logs\n`);
// Generate post-exploitation activities
console.log('Generating post-exploitation activities...');
const postExploit = await generatePostExploitationActivity();
console.log(`Generated ${postExploit.activities?.length || 0} post-exploitation scenarios\n`);
// Generate pentest reports
console.log('Generating penetration testing reports...');
const reports = await generatePentestReportData();
console.log(`Generated ${reports.reports?.length || 0} pentest reports\n`);
return {
scanResults,
portData,
fingerprints,
exploitLogs,
postExploit,
reports
};
} catch (error) {
console.error('Error generating penetration testing data:', error);
throw error;
}
}
// Export all generators
export default {
generateNetworkScanResults,
generatePortEnumerationData,
generateServiceFingerprints,
generateExploitationLogs,
generatePostExploitationActivity,
generatePentestReportData,
runPenetrationTests
};

64
npm/packages/agentic-synth/examples/security/security-audit.d.ts vendored Normal file
View File

@@ -0,0 +1,64 @@
/**
* Security Audit Data Examples
*
* ⚠️ ETHICAL USE ONLY ⚠️
* These examples are for:
* - Security Information and Event Management (SIEM) testing
* - Compliance auditing and reporting
* - Security monitoring system validation
* - Incident investigation training
*
* For authorized security operations only.
*/
/**
* User Access Pattern Analysis
* For detecting suspicious access patterns and privilege escalation
*/
export declare function generateUserAccessPatterns(): Promise<any>;
/**
* Permission Change Audit Trail
* For tracking privilege escalations and access control modifications
*/
export declare function generatePermissionChangeAudits(): Promise<any>;
/**
* Configuration Change Monitoring
* For tracking security-sensitive configuration modifications
*/
export declare function generateConfigurationChangeAudits(): Promise<any>;
/**
* Compliance Violation Scenarios
* For testing compliance monitoring and alerting systems
*/
export declare function generateComplianceViolations(): Promise<any>;
/**
* Security Event Correlation Data
* For SIEM correlation rules and incident detection
*/
export declare function generateSecurityEventCorrelations(): Promise<any>;
/**
* Data Loss Prevention (DLP) Audit Data
* For testing DLP policies and data classification
*/
export declare function generateDLPAuditData(): Promise<any>;
/**
* Example Usage
*/
export declare function runSecurityAudits(): Promise<{
accessPatterns: any;
permissionChanges: any;
configChanges: any;
violations: any;
correlations: any;
dlpData: any;
}>;
declare const _default: {
generateUserAccessPatterns: typeof generateUserAccessPatterns;
generatePermissionChangeAudits: typeof generatePermissionChangeAudits;
generateConfigurationChangeAudits: typeof generateConfigurationChangeAudits;
generateComplianceViolations: typeof generateComplianceViolations;
generateSecurityEventCorrelations: typeof generateSecurityEventCorrelations;
generateDLPAuditData: typeof generateDLPAuditData;
runSecurityAudits: typeof runSecurityAudits;
};
export default _default;
//# sourceMappingURL=security-audit.d.ts.map

1
npm/packages/agentic-synth/examples/security/security-audit.d.ts.map Normal file
View File

@@ -0,0 +1 @@
{"version":3,"file":"security-audit.d.ts","sourceRoot":"","sources":["security-audit.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAIH;;;GAGG;AACH,wBAAsB,0BAA0B,iBA8E/C;AAED;;;GAGG;AACH,wBAAsB,8BAA8B,iBAoFnD;AAED;;;GAGG;AACH,wBAAsB,iCAAiC,iBAuFtD;AAED;;;GAGG;AACH,wBAAsB,4BAA4B,iBAqEjD;AAED;;;GAGG;AACH,wBAAsB,iCAAiC,iBAiEtD;AAED;;;GAGG;AACH,wBAAsB,oBAAoB,iBAgEzC;AAED;;GAEG;AACH,wBAAsB,iBAAiB;;;;;;;GA8CtC;;;;;;;;;;AAGD,wBAQE"}

536
npm/packages/agentic-synth/examples/security/security-audit.js Normal file
View File

@@ -0,0 +1,536 @@
"use strict";
/**
* Security Audit Data Examples
*
* ⚠️ ETHICAL USE ONLY ⚠️
* These examples are for:
* - Security Information and Event Management (SIEM) testing
* - Compliance auditing and reporting
* - Security monitoring system validation
* - Incident investigation training
*
* For authorized security operations only.
*/
Object.defineProperty(exports, "__esModule", { value: true });
exports.generateUserAccessPatterns = generateUserAccessPatterns;
exports.generatePermissionChangeAudits = generatePermissionChangeAudits;
exports.generateConfigurationChangeAudits = generateConfigurationChangeAudits;
exports.generateComplianceViolations = generateComplianceViolations;
exports.generateSecurityEventCorrelations = generateSecurityEventCorrelations;
exports.generateDLPAuditData = generateDLPAuditData;
exports.runSecurityAudits = runSecurityAudits;
const agentic_synth_1 = require("agentic-synth");
/**
* User Access Pattern Analysis
* For detecting suspicious access patterns and privilege escalation
*/
async function generateUserAccessPatterns() {
const synth = new agentic_synth_1.AgenticSynth({
temperature: 0.7,
maxRetries: 3
});
const accessPrompt = `
Generate user access pattern data for security audit analysis.
Include normal patterns, anomalous patterns, suspicious activities.
Each pattern should have: user_id, access_events, risk_score, anomaly_indicators.
Generate 15 diverse user access patterns including both normal and suspicious.
`;
const patterns = await synth.generate({
prompt: accessPrompt,
schema: {
type: 'object',
properties: {
access_patterns: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
user_id: { type: 'string' },
user_role: { type: 'string' },
time_period: {
type: 'object',
properties: {
start_date: { type: 'string' },
end_date: { type: 'string' },
total_days: { type: 'number' }
}
},
access_events: {
type: 'array',
items: {
type: 'object',
properties: {
timestamp: { type: 'string' },
resource: { type: 'string' },
action: { type: 'string' },
result: { type: 'string', enum: ['success', 'failure', 'denied'] },
source_ip: { type: 'string' },
user_agent: { type: 'string' },
geolocation: { type: 'string' },
sensitivity_level: { type: 'string' }
}
}
},
behavioral_metrics: {
type: 'object',
properties: {
total_accesses: { type: 'number' },
unique_resources: { type: 'number' },
failed_attempts: { type: 'number' },
off_hours_access: { type: 'number' },
unusual_locations: { type: 'number' },
data_download_volume_mb: { type: 'number' }
}
},
anomaly_indicators: { type: 'array', items: { type: 'string' } },
risk_score: { type: 'number', minimum: 0, maximum: 100 },
classification: {
type: 'string',
enum: ['normal', 'suspicious', 'high_risk', 'critical']
},
recommended_actions: { type: 'array', items: { type: 'string' } }
},
required: ['id', 'user_id', 'access_events', 'risk_score', 'classification']
}
}
},
required: ['access_patterns']
}
});
return patterns;
}
/**
* Permission Change Audit Trail
* For tracking privilege escalations and access control modifications
*/
async function generatePermissionChangeAudits() {
const synth = new agentic_synth_1.AgenticSynth({
temperature: 0.7,
maxRetries: 3
});
const permissionPrompt = `
Generate permission change audit data for security compliance.
Include role modifications, privilege escalations, group membership changes.
Each audit entry should have: change_type, before_state, after_state, approvals, compliance_flags.
Generate 12 permission change audit scenarios.
`;
const audits = await synth.generate({
prompt: permissionPrompt,
schema: {
type: 'object',
properties: {
permission_changes: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
change_type: {
type: 'string',
enum: [
'role_assignment',
'role_removal',
'permission_grant',
'permission_revoke',
'group_membership',
'privilege_escalation',
'access_scope_change'
]
},
timestamp: { type: 'string' },
modified_by: { type: 'string' },
modified_for: { type: 'string' },
before_state: {
type: 'object',
properties: {
roles: { type: 'array', items: { type: 'string' } },
permissions: { type: 'array', items: { type: 'string' } },
groups: { type: 'array', items: { type: 'string' } },
access_level: { type: 'string' }
}
},
after_state: {
type: 'object',
properties: {
roles: { type: 'array', items: { type: 'string' } },
permissions: { type: 'array', items: { type: 'string' } },
groups: { type: 'array', items: { type: 'string' } },
access_level: { type: 'string' }
}
},
justification: { type: 'string' },
approval_workflow: {
type: 'object',
properties: {
required: { type: 'boolean' },
approved_by: { type: 'array', items: { type: 'string' } },
approval_date: { type: 'string' },
ticket_reference: { type: 'string' }
}
},
compliance_flags: { type: 'array', items: { type: 'string' } },
risk_assessment: {
type: 'string',
enum: ['low', 'medium', 'high', 'critical']
},
requires_review: { type: 'boolean' },
audit_notes: { type: 'string' }
},
required: ['id', 'change_type', 'modified_by', 'before_state', 'after_state']
}
}
},
required: ['permission_changes']
}
});
return audits;
}
/**
* Configuration Change Monitoring
* For tracking security-sensitive configuration modifications
*/
async function generateConfigurationChangeAudits() {
const synth = new agentic_synth_1.AgenticSynth({
temperature: 0.7,
maxRetries: 3
});
const configPrompt = `
Generate configuration change audit data for security monitoring.
Include firewall rules, security policies, encryption settings, authentication configs.
Each change should have: config_type, change_details, security_impact, compliance_status.
Generate 10 configuration change audit entries.
`;
const audits = await synth.generate({
prompt: configPrompt,
schema: {
type: 'object',
properties: {
config_changes: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
config_type: {
type: 'string',
enum: [
'firewall_rule',
'security_policy',
'encryption_setting',
'authentication_method',
'network_configuration',
'access_control_list',
'logging_configuration',
'certificate_management'
]
},
timestamp: { type: 'string' },
system: { type: 'string' },
component: { type: 'string' },
changed_by: { type: 'string' },
change_method: { type: 'string' },
change_details: {
type: 'object',
properties: {
parameter: { type: 'string' },
old_value: { type: 'string' },
new_value: { type: 'string' },
config_file: { type: 'string' }
}
},
security_impact: {
type: 'object',
properties: {
impact_level: {
type: 'string',
enum: ['none', 'low', 'medium', 'high', 'critical']
},
affected_systems: { type: 'array', items: { type: 'string' } },
attack_surface_change: { type: 'string' },
mitigation_effectiveness: { type: 'string' }
}
},
compliance_status: {
type: 'array',
items: {
type: 'object',
properties: {
framework: { type: 'string' },
requirement: { type: 'string' },
status: { type: 'string', enum: ['compliant', 'non_compliant', 'review_required'] }
}
}
},
validation_status: { type: 'string' },
rollback_available: { type: 'boolean' },
audit_trail: { type: 'array', items: { type: 'string' } }
},
required: ['id', 'config_type', 'changed_by', 'change_details', 'security_impact']
}
}
},
required: ['config_changes']
}
});
return audits;
}
/**
* Compliance Violation Scenarios
* For testing compliance monitoring and alerting systems
*/
async function generateComplianceViolations() {
const synth = new agentic_synth_1.AgenticSynth({
temperature: 0.7,
maxRetries: 3
});
const compliancePrompt = `
Generate compliance violation scenarios for security audit testing.
Include GDPR, HIPAA, PCI-DSS, SOX violations.
Each violation should have: framework, requirement, violation_details, severity, remediation.
Generate 10 compliance violation scenarios.
`;
const violations = await synth.generate({
prompt: compliancePrompt,
schema: {
type: 'object',
properties: {
violations: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
compliance_framework: {
type: 'string',
enum: ['GDPR', 'HIPAA', 'PCI_DSS', 'SOX', 'ISO_27001', 'NIST', 'SOC2', 'CCPA']
},
requirement_id: { type: 'string' },
requirement_description: { type: 'string' },
violation_details: {
type: 'object',
properties: {
detected_date: { type: 'string' },
detection_method: { type: 'string' },
affected_systems: { type: 'array', items: { type: 'string' } },
violation_type: { type: 'string' },
description: { type: 'string' },
evidence: { type: 'array', items: { type: 'string' } }
}
},
severity: {
type: 'string',
enum: ['low', 'medium', 'high', 'critical']
},
potential_penalties: { type: 'string' },
affected_records: { type: 'number' },
business_impact: { type: 'string' },
remediation: {
type: 'object',
properties: {
required_actions: { type: 'array', items: { type: 'string' } },
timeline: { type: 'string' },
responsible_party: { type: 'string' },
status: { type: 'string' }
}
},
notification_required: { type: 'boolean' },
audit_findings: { type: 'array', items: { type: 'string' } }
},
required: ['id', 'compliance_framework', 'violation_details', 'severity']
}
}
},
required: ['violations']
}
});
return violations;
}
/**
* Security Event Correlation Data
* For SIEM correlation rules and incident detection
*/
async function generateSecurityEventCorrelations() {
const synth = new agentic_synth_1.AgenticSynth({
temperature: 0.8,
maxRetries: 3
});
const correlationPrompt = `
Generate security event correlation data for SIEM testing.
Include multi-stage attacks, lateral movement, data exfiltration chains.
Each correlation should have: event_chain, attack_pattern, indicators, detection_logic.
Generate 8 security event correlation scenarios.
`;
const correlations = await synth.generate({
prompt: correlationPrompt,
schema: {
type: 'object',
properties: {
correlations: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
attack_pattern: { type: 'string' },
mitre_tactics: { type: 'array', items: { type: 'string' } },
event_chain: {
type: 'array',
items: {
type: 'object',
properties: {
sequence: { type: 'number' },
timestamp: { type: 'string' },
event_type: { type: 'string' },
source: { type: 'string' },
destination: { type: 'string' },
details: { type: 'string' },
severity: { type: 'string' }
}
}
},
correlation_indicators: { type: 'array', items: { type: 'string' } },
time_window: { type: 'string' },
confidence_score: { type: 'number', minimum: 0, maximum: 100 },
detection_logic: {
type: 'object',
properties: {
rule_description: { type: 'string' },
conditions: { type: 'array', items: { type: 'string' } },
threshold: { type: 'string' }
}
},
false_positive_likelihood: { type: 'string' },
recommended_response: { type: 'string' },
investigation_steps: { type: 'array', items: { type: 'string' } }
},
required: ['id', 'attack_pattern', 'event_chain', 'detection_logic']
}
}
},
required: ['correlations']
}
});
return correlations;
}
/**
* Data Loss Prevention (DLP) Audit Data
* For testing DLP policies and data classification
*/
async function generateDLPAuditData() {
const synth = new agentic_synth_1.AgenticSynth({
temperature: 0.7,
maxRetries: 3
});
const dlpPrompt = `
Generate Data Loss Prevention audit data for security testing.
Include sensitive data transfers, policy violations, data classification issues.
Each audit entry should have: data_type, transfer_method, policy_match, action_taken.
Generate 10 DLP audit scenarios.
`;
const audits = await synth.generate({
prompt: dlpPrompt,
schema: {
type: 'object',
properties: {
dlp_events: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
timestamp: { type: 'string' },
user: { type: 'string' },
data_classification: {
type: 'string',
enum: ['public', 'internal', 'confidential', 'restricted', 'top_secret']
},
data_types_detected: { type: 'array', items: { type: 'string' } },
transfer_method: {
type: 'string',
enum: ['email', 'usb', 'cloud_storage', 'web_upload', 'print', 'clipboard']
},
destination: { type: 'string' },
file_info: {
type: 'object',
properties: {
filename: { type: 'string' },
size_mb: { type: 'number' },
type: { type: 'string' }
}
},
policy_matched: { type: 'string' },
violations: { type: 'array', items: { type: 'string' } },
action_taken: {
type: 'string',
enum: ['allow', 'block', 'quarantine', 'encrypt', 'alert']
},
justification_provided: { type: 'boolean' },
risk_score: { type: 'number' },
requires_review: { type: 'boolean' },
incident_created: { type: 'boolean' }
},
required: ['id', 'data_classification', 'transfer_method', 'action_taken']
}
}
},
required: ['dlp_events']
}
});
return audits;
}
/**
* Example Usage
*/
async function runSecurityAudits() {
console.log('⚠️ Running Security Audit Data Generation ⚠️\n');
try {
// Generate user access patterns
console.log('Generating user access patterns...');
const accessPatterns = await generateUserAccessPatterns();
console.log(`Generated ${accessPatterns.access_patterns?.length || 0} access patterns\n`);
// Generate permission changes
console.log('Generating permission change audits...');
const permissionChanges = await generatePermissionChangeAudits();
console.log(`Generated ${permissionChanges.permission_changes?.length || 0} permission changes\n`);
// Generate configuration changes
console.log('Generating configuration change audits...');
const configChanges = await generateConfigurationChangeAudits();
console.log(`Generated ${configChanges.config_changes?.length || 0} config changes\n`);
// Generate compliance violations
console.log('Generating compliance violations...');
const violations = await generateComplianceViolations();
console.log(`Generated ${violations.violations?.length || 0} compliance violations\n`);
// Generate event correlations
console.log('Generating security event correlations...');
const correlations = await generateSecurityEventCorrelations();
console.log(`Generated ${correlations.correlations?.length || 0} event correlations\n`);
// Generate DLP audit data
console.log('Generating DLP audit data...');
const dlpData = await generateDLPAuditData();
console.log(`Generated ${dlpData.dlp_events?.length || 0} DLP events\n`);
return {
accessPatterns,
permissionChanges,
configChanges,
violations,
correlations,
dlpData
};
}
catch (error) {
console.error('Error generating security audit data:', error);
throw error;
}
}
// Export all generators
exports.default = {
generateUserAccessPatterns,
generatePermissionChangeAudits,
generateConfigurationChangeAudits,
generateComplianceViolations,
generateSecurityEventCorrelations,
generateDLPAuditData,
runSecurityAudits
};
//# sourceMappingURL=security-audit.js.map

1
npm/packages/agentic-synth/examples/security/security-audit.js.map Normal file
View File

File diff suppressed because one or more lines are too long

559
npm/packages/agentic-synth/examples/security/security-audit.ts Normal file
View File

@@ -0,0 +1,559 @@
/**
* Security Audit Data Examples
*
* ⚠️ ETHICAL USE ONLY ⚠️
* These examples are for:
* - Security Information and Event Management (SIEM) testing
* - Compliance auditing and reporting
* - Security monitoring system validation
* - Incident investigation training
*
* For authorized security operations only.
*/
import { AgenticSynth } from 'agentic-synth';
/**
* User Access Pattern Analysis
* For detecting suspicious access patterns and privilege escalation
*/
export async function generateUserAccessPatterns() {
const synth = new AgenticSynth({
temperature: 0.7,
maxRetries: 3
});
const accessPrompt = `
Generate user access pattern data for security audit analysis.
Include normal patterns, anomalous patterns, suspicious activities.
Each pattern should have: user_id, access_events, risk_score, anomaly_indicators.
Generate 15 diverse user access patterns including both normal and suspicious.
`;
const patterns = await synth.generate({
prompt: accessPrompt,
schema: {
type: 'object',
properties: {
access_patterns: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
user_id: { type: 'string' },
user_role: { type: 'string' },
time_period: {
type: 'object',
properties: {
start_date: { type: 'string' },
end_date: { type: 'string' },
total_days: { type: 'number' }
}
},
access_events: {
type: 'array',
items: {
type: 'object',
properties: {
timestamp: { type: 'string' },
resource: { type: 'string' },
action: { type: 'string' },
result: { type: 'string', enum: ['success', 'failure', 'denied'] },
source_ip: { type: 'string' },
user_agent: { type: 'string' },
geolocation: { type: 'string' },
sensitivity_level: { type: 'string' }
}
}
},
behavioral_metrics: {
type: 'object',
properties: {
total_accesses: { type: 'number' },
unique_resources: { type: 'number' },
failed_attempts: { type: 'number' },
off_hours_access: { type: 'number' },
unusual_locations: { type: 'number' },
data_download_volume_mb: { type: 'number' }
}
},
anomaly_indicators: { type: 'array', items: { type: 'string' } },
risk_score: { type: 'number', minimum: 0, maximum: 100 },
classification: {
type: 'string',
enum: ['normal', 'suspicious', 'high_risk', 'critical']
},
recommended_actions: { type: 'array', items: { type: 'string' } }
},
required: ['id', 'user_id', 'access_events', 'risk_score', 'classification']
}
}
},
required: ['access_patterns']
}
});
return patterns;
}
/**
* Permission Change Audit Trail
* For tracking privilege escalations and access control modifications
*/
export async function generatePermissionChangeAudits() {
const synth = new AgenticSynth({
temperature: 0.7,
maxRetries: 3
});
const permissionPrompt = `
Generate permission change audit data for security compliance.
Include role modifications, privilege escalations, group membership changes.
Each audit entry should have: change_type, before_state, after_state, approvals, compliance_flags.
Generate 12 permission change audit scenarios.
`;
const audits = await synth.generate({
prompt: permissionPrompt,
schema: {
type: 'object',
properties: {
permission_changes: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
change_type: {
type: 'string',
enum: [
'role_assignment',
'role_removal',
'permission_grant',
'permission_revoke',
'group_membership',
'privilege_escalation',
'access_scope_change'
]
},
timestamp: { type: 'string' },
modified_by: { type: 'string' },
modified_for: { type: 'string' },
before_state: {
type: 'object',
properties: {
roles: { type: 'array', items: { type: 'string' } },
permissions: { type: 'array', items: { type: 'string' } },
groups: { type: 'array', items: { type: 'string' } },
access_level: { type: 'string' }
}
},
after_state: {
type: 'object',
properties: {
roles: { type: 'array', items: { type: 'string' } },
permissions: { type: 'array', items: { type: 'string' } },
groups: { type: 'array', items: { type: 'string' } },
access_level: { type: 'string' }
}
},
justification: { type: 'string' },
approval_workflow: {
type: 'object',
properties: {
required: { type: 'boolean' },
approved_by: { type: 'array', items: { type: 'string' } },
approval_date: { type: 'string' },
ticket_reference: { type: 'string' }
}
},
compliance_flags: { type: 'array', items: { type: 'string' } },
risk_assessment: {
type: 'string',
enum: ['low', 'medium', 'high', 'critical']
},
requires_review: { type: 'boolean' },
audit_notes: { type: 'string' }
},
required: ['id', 'change_type', 'modified_by', 'before_state', 'after_state']
}
}
},
required: ['permission_changes']
}
});
return audits;
}
/**
* Configuration Change Monitoring
* For tracking security-sensitive configuration modifications
*/
export async function generateConfigurationChangeAudits() {
const synth = new AgenticSynth({
temperature: 0.7,
maxRetries: 3
});
const configPrompt = `
Generate configuration change audit data for security monitoring.
Include firewall rules, security policies, encryption settings, authentication configs.
Each change should have: config_type, change_details, security_impact, compliance_status.
Generate 10 configuration change audit entries.
`;
const audits = await synth.generate({
prompt: configPrompt,
schema: {
type: 'object',
properties: {
config_changes: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
config_type: {
type: 'string',
enum: [
'firewall_rule',
'security_policy',
'encryption_setting',
'authentication_method',
'network_configuration',
'access_control_list',
'logging_configuration',
'certificate_management'
]
},
timestamp: { type: 'string' },
system: { type: 'string' },
component: { type: 'string' },
changed_by: { type: 'string' },
change_method: { type: 'string' },
change_details: {
type: 'object',
properties: {
parameter: { type: 'string' },
old_value: { type: 'string' },
new_value: { type: 'string' },
config_file: { type: 'string' }
}
},
security_impact: {
type: 'object',
properties: {
impact_level: {
type: 'string',
enum: ['none', 'low', 'medium', 'high', 'critical']
},
affected_systems: { type: 'array', items: { type: 'string' } },
attack_surface_change: { type: 'string' },
mitigation_effectiveness: { type: 'string' }
}
},
compliance_status: {
type: 'array',
items: {
type: 'object',
properties: {
framework: { type: 'string' },
requirement: { type: 'string' },
status: { type: 'string', enum: ['compliant', 'non_compliant', 'review_required'] }
}
}
},
validation_status: { type: 'string' },
rollback_available: { type: 'boolean' },
audit_trail: { type: 'array', items: { type: 'string' } }
},
required: ['id', 'config_type', 'changed_by', 'change_details', 'security_impact']
}
}
},
required: ['config_changes']
}
});
return audits;
}
/**
* Compliance Violation Scenarios
* For testing compliance monitoring and alerting systems
*/
export async function generateComplianceViolations() {
const synth = new AgenticSynth({
temperature: 0.7,
maxRetries: 3
});
const compliancePrompt = `
Generate compliance violation scenarios for security audit testing.
Include GDPR, HIPAA, PCI-DSS, SOX violations.
Each violation should have: framework, requirement, violation_details, severity, remediation.
Generate 10 compliance violation scenarios.
`;
const violations = await synth.generate({
prompt: compliancePrompt,
schema: {
type: 'object',
properties: {
violations: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
compliance_framework: {
type: 'string',
enum: ['GDPR', 'HIPAA', 'PCI_DSS', 'SOX', 'ISO_27001', 'NIST', 'SOC2', 'CCPA']
},
requirement_id: { type: 'string' },
requirement_description: { type: 'string' },
violation_details: {
type: 'object',
properties: {
detected_date: { type: 'string' },
detection_method: { type: 'string' },
affected_systems: { type: 'array', items: { type: 'string' } },
violation_type: { type: 'string' },
description: { type: 'string' },
evidence: { type: 'array', items: { type: 'string' } }
}
},
severity: {
type: 'string',
enum: ['low', 'medium', 'high', 'critical']
},
potential_penalties: { type: 'string' },
affected_records: { type: 'number' },
business_impact: { type: 'string' },
remediation: {
type: 'object',
properties: {
required_actions: { type: 'array', items: { type: 'string' } },
timeline: { type: 'string' },
responsible_party: { type: 'string' },
status: { type: 'string' }
}
},
notification_required: { type: 'boolean' },
audit_findings: { type: 'array', items: { type: 'string' } }
},
required: ['id', 'compliance_framework', 'violation_details', 'severity']
}
}
},
required: ['violations']
}
});
return violations;
}
/**
* Security Event Correlation Data
* For SIEM correlation rules and incident detection
*/
export async function generateSecurityEventCorrelations() {
const synth = new AgenticSynth({
temperature: 0.8,
maxRetries: 3
});
const correlationPrompt = `
Generate security event correlation data for SIEM testing.
Include multi-stage attacks, lateral movement, data exfiltration chains.
Each correlation should have: event_chain, attack_pattern, indicators, detection_logic.
Generate 8 security event correlation scenarios.
`;
const correlations = await synth.generate({
prompt: correlationPrompt,
schema: {
type: 'object',
properties: {
correlations: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
attack_pattern: { type: 'string' },
mitre_tactics: { type: 'array', items: { type: 'string' } },
event_chain: {
type: 'array',
items: {
type: 'object',
properties: {
sequence: { type: 'number' },
timestamp: { type: 'string' },
event_type: { type: 'string' },
source: { type: 'string' },
destination: { type: 'string' },
details: { type: 'string' },
severity: { type: 'string' }
}
}
},
correlation_indicators: { type: 'array', items: { type: 'string' } },
time_window: { type: 'string' },
confidence_score: { type: 'number', minimum: 0, maximum: 100 },
detection_logic: {
type: 'object',
properties: {
rule_description: { type: 'string' },
conditions: { type: 'array', items: { type: 'string' } },
threshold: { type: 'string' }
}
},
false_positive_likelihood: { type: 'string' },
recommended_response: { type: 'string' },
investigation_steps: { type: 'array', items: { type: 'string' } }
},
required: ['id', 'attack_pattern', 'event_chain', 'detection_logic']
}
}
},
required: ['correlations']
}
});
return correlations;
}
/**
* Data Loss Prevention (DLP) Audit Data
* For testing DLP policies and data classification
*/
export async function generateDLPAuditData() {
const synth = new AgenticSynth({
temperature: 0.7,
maxRetries: 3
});
const dlpPrompt = `
Generate Data Loss Prevention audit data for security testing.
Include sensitive data transfers, policy violations, data classification issues.
Each audit entry should have: data_type, transfer_method, policy_match, action_taken.
Generate 10 DLP audit scenarios.
`;
const audits = await synth.generate({
prompt: dlpPrompt,
schema: {
type: 'object',
properties: {
dlp_events: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
timestamp: { type: 'string' },
user: { type: 'string' },
data_classification: {
type: 'string',
enum: ['public', 'internal', 'confidential', 'restricted', 'top_secret']
},
data_types_detected: { type: 'array', items: { type: 'string' } },
transfer_method: {
type: 'string',
enum: ['email', 'usb', 'cloud_storage', 'web_upload', 'print', 'clipboard']
},
destination: { type: 'string' },
file_info: {
type: 'object',
properties: {
filename: { type: 'string' },
size_mb: { type: 'number' },
type: { type: 'string' }
}
},
policy_matched: { type: 'string' },
violations: { type: 'array', items: { type: 'string' } },
action_taken: {
type: 'string',
enum: ['allow', 'block', 'quarantine', 'encrypt', 'alert']
},
justification_provided: { type: 'boolean' },
risk_score: { type: 'number' },
requires_review: { type: 'boolean' },
incident_created: { type: 'boolean' }
},
required: ['id', 'data_classification', 'transfer_method', 'action_taken']
}
}
},
required: ['dlp_events']
}
});
return audits;
}
/**
* Example Usage
*/
export async function runSecurityAudits() {
console.log('⚠️ Running Security Audit Data Generation ⚠️\n');
try {
// Generate user access patterns
console.log('Generating user access patterns...');
const accessPatterns = await generateUserAccessPatterns();
console.log(`Generated ${accessPatterns.access_patterns?.length || 0} access patterns\n`);
// Generate permission changes
console.log('Generating permission change audits...');
const permissionChanges = await generatePermissionChangeAudits();
console.log(`Generated ${permissionChanges.permission_changes?.length || 0} permission changes\n`);
// Generate configuration changes
console.log('Generating configuration change audits...');
const configChanges = await generateConfigurationChangeAudits();
console.log(`Generated ${configChanges.config_changes?.length || 0} config changes\n`);
// Generate compliance violations
console.log('Generating compliance violations...');
const violations = await generateComplianceViolations();
console.log(`Generated ${violations.violations?.length || 0} compliance violations\n`);
// Generate event correlations
console.log('Generating security event correlations...');
const correlations = await generateSecurityEventCorrelations();
console.log(`Generated ${correlations.correlations?.length || 0} event correlations\n`);
// Generate DLP audit data
console.log('Generating DLP audit data...');
const dlpData = await generateDLPAuditData();
console.log(`Generated ${dlpData.dlp_events?.length || 0} DLP events\n`);
return {
accessPatterns,
permissionChanges,
configChanges,
violations,
correlations,
dlpData
};
} catch (error) {
console.error('Error generating security audit data:', error);
throw error;
}
}
// Export all generators
export default {
generateUserAccessPatterns,
generatePermissionChangeAudits,
generateConfigurationChangeAudits,
generateComplianceViolations,
generateSecurityEventCorrelations,
generateDLPAuditData,
runSecurityAudits
};

64
npm/packages/agentic-synth/examples/security/threat-simulation.d.ts vendored Normal file
View File

@@ -0,0 +1,64 @@
/**
* Threat Simulation Data Examples
*
* ⚠️ ETHICAL USE ONLY ⚠️
* These simulations are for:
* - Security operations center (SOC) training
* - Incident response preparation
* - Threat detection system validation
* - Red team exercises in authorized environments
*
* NEVER use for actual attacks or unauthorized testing.
*/
/**
* Brute Force Attack Pattern Simulation
* For testing account lockout and rate limiting mechanisms
*/
export declare function generateBruteForcePatterns(): Promise<any>;
/**
* DDoS Traffic Simulation Data
* For testing DDoS mitigation and traffic filtering
*/
export declare function generateDDoSSimulation(): Promise<any>;
/**
* Malware Behavior Pattern Simulation
* For testing endpoint detection and response (EDR) systems
*/
export declare function generateMalwareBehaviors(): Promise<any>;
/**
* Phishing Campaign Simulation Data
* For security awareness training and email filter testing
*/
export declare function generatePhishingCampaigns(): Promise<any>;
/**
* Insider Threat Scenario Simulation
* For user behavior analytics (UBA) and insider threat detection
*/
export declare function generateInsiderThreatScenarios(): Promise<any>;
/**
* Zero-Day Exploit Indicator Simulation
* For testing threat intelligence and anomaly detection systems
*/
export declare function generateZeroDayIndicators(): Promise<any>;
/**
* Example Usage
*/
export declare function runThreatSimulations(): Promise<{
bruteForce: any;
ddos: any;
malware: any;
phishing: any;
insider: any;
zeroDay: any;
}>;
declare const _default: {
generateBruteForcePatterns: typeof generateBruteForcePatterns;
generateDDoSSimulation: typeof generateDDoSSimulation;
generateMalwareBehaviors: typeof generateMalwareBehaviors;
generatePhishingCampaigns: typeof generatePhishingCampaigns;
generateInsiderThreatScenarios: typeof generateInsiderThreatScenarios;
generateZeroDayIndicators: typeof generateZeroDayIndicators;
runThreatSimulations: typeof runThreatSimulations;
};
export default _default;
//# sourceMappingURL=threat-simulation.d.ts.map

1
npm/packages/agentic-synth/examples/security/threat-simulation.d.ts.map Normal file
View File

@@ -0,0 +1 @@
{"version":3,"file":"threat-simulation.d.ts","sourceRoot":"","sources":["threat-simulation.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAIH;;;GAGG;AACH,wBAAsB,0BAA0B,iBAqE/C;AAED;;;GAGG;AACH,wBAAsB,sBAAsB,iBAmE3C;AAED;;;GAGG;AACH,wBAAsB,wBAAwB,iBAuF7C;AAED;;;GAGG;AACH,wBAAsB,yBAAyB,iBA2E9C;AAED;;;GAGG;AACH,wBAAsB,8BAA8B,iBA6EnD;AAED;;;GAGG;AACH,wBAAsB,yBAAyB,iBA4D9C;AAED;;GAEG;AACH,wBAAsB,oBAAoB;;;;;;;GA8CzC;;;;;;;;;;AAGD,wBAQE"}

524
npm/packages/agentic-synth/examples/security/threat-simulation.js Normal file
View File

@@ -0,0 +1,524 @@
"use strict";
/**
* Threat Simulation Data Examples
*
* ⚠️ ETHICAL USE ONLY ⚠️
* These simulations are for:
* - Security operations center (SOC) training
* - Incident response preparation
* - Threat detection system validation
* - Red team exercises in authorized environments
*
* NEVER use for actual attacks or unauthorized testing.
*/
Object.defineProperty(exports, "__esModule", { value: true });
exports.generateBruteForcePatterns = generateBruteForcePatterns;
exports.generateDDoSSimulation = generateDDoSSimulation;
exports.generateMalwareBehaviors = generateMalwareBehaviors;
exports.generatePhishingCampaigns = generatePhishingCampaigns;
exports.generateInsiderThreatScenarios = generateInsiderThreatScenarios;
exports.generateZeroDayIndicators = generateZeroDayIndicators;
exports.runThreatSimulations = runThreatSimulations;
const agentic_synth_1 = require("agentic-synth");
/**
* Brute Force Attack Pattern Simulation
* For testing account lockout and rate limiting mechanisms
*/
async function generateBruteForcePatterns() {
const synth = new agentic_synth_1.AgenticSynth({
temperature: 0.7,
maxRetries: 3
});
const bruteForcePrompt = `
Generate brute force attack pattern simulations for defensive security testing.
Include password spray, credential stuffing, dictionary attacks.
Each pattern should have: attack_type, target, timing, credentials_tested, detection_indicators.
Generate 10 realistic brute force attack patterns.
`;
const patterns = await synth.generate({
prompt: bruteForcePrompt,
schema: {
type: 'object',
properties: {
patterns: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
attack_type: {
type: 'string',
enum: [
'password_spray',
'credential_stuffing',
'dictionary_attack',
'hybrid_attack',
'rainbow_table',
'reverse_brute_force'
]
},
target_service: { type: 'string' },
target_endpoints: { type: 'array', items: { type: 'string' } },
timing_pattern: {
type: 'object',
properties: {
attempts_per_minute: { type: 'number' },
delay_between_attempts: { type: 'number' },
total_duration_minutes: { type: 'number' },
distributed_sources: { type: 'boolean' }
}
},
credentials_tested: { type: 'number' },
usernames_targeted: { type: 'number' },
source_ips: { type: 'array', items: { type: 'string' } },
user_agents: { type: 'array', items: { type: 'string' } },
detection_indicators: {
type: 'array',
items: { type: 'string' }
},
expected_defenses: {
type: 'array',
items: { type: 'string' }
},
severity: { type: 'string' }
},
required: ['id', 'attack_type', 'target_service', 'timing_pattern']
}
}
},
required: ['patterns']
}
});
return patterns;
}
/**
* DDoS Traffic Simulation Data
* For testing DDoS mitigation and traffic filtering
*/
async function generateDDoSSimulation() {
const synth = new agentic_synth_1.AgenticSynth({
temperature: 0.8,
maxRetries: 3
});
const ddosPrompt = `
Generate DDoS attack simulation data for defensive testing.
Include volumetric, protocol, and application layer attacks.
Each simulation should have: attack_vector, traffic_pattern, volume, mitigation_strategy.
Generate 8 different DDoS attack simulations.
`;
const simulations = await synth.generate({
prompt: ddosPrompt,
schema: {
type: 'object',
properties: {
simulations: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
attack_vector: {
type: 'string',
enum: [
'syn_flood',
'udp_flood',
'http_flood',
'slowloris',
'dns_amplification',
'ntp_amplification',
'ssdp_amplification',
'memcached_amplification'
]
},
layer: {
type: 'string',
enum: ['layer3', 'layer4', 'layer7']
},
traffic_pattern: {
type: 'object',
properties: {
packets_per_second: { type: 'number' },
requests_per_second: { type: 'number' },
bandwidth_mbps: { type: 'number' },
source_ips: { type: 'number' },
botnet_size: { type: 'number' }
}
},
target_resources: { type: 'array', items: { type: 'string' } },
duration_minutes: { type: 'number' },
amplification_factor: { type: 'number' },
detection_signatures: { type: 'array', items: { type: 'string' } },
mitigation_strategies: { type: 'array', items: { type: 'string' } },
impact_severity: { type: 'string' }
},
required: ['id', 'attack_vector', 'layer', 'traffic_pattern']
}
}
},
required: ['simulations']
}
});
return simulations;
}
/**
* Malware Behavior Pattern Simulation
* For testing endpoint detection and response (EDR) systems
*/
async function generateMalwareBehaviors() {
const synth = new agentic_synth_1.AgenticSynth({
temperature: 0.7,
maxRetries: 3
});
const malwarePrompt = `
Generate malware behavior patterns for EDR/XDR testing.
Include ransomware, trojans, rootkits, and APT behaviors.
Each behavior should have: malware_type, activities, indicators_of_compromise, detection_methods.
Generate 12 distinct malware behavior patterns.
`;
const behaviors = await synth.generate({
prompt: malwarePrompt,
schema: {
type: 'object',
properties: {
behaviors: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
malware_type: {
type: 'string',
enum: [
'ransomware',
'trojan',
'rootkit',
'keylogger',
'backdoor',
'worm',
'apt_toolkit',
'cryptominer'
]
},
malware_family: { type: 'string' },
infection_vector: { type: 'string' },
activities: {
type: 'array',
items: {
type: 'object',
properties: {
action: { type: 'string' },
timestamp_offset: { type: 'number' },
process: { type: 'string' },
command_line: { type: 'string' },
files_accessed: { type: 'array', items: { type: 'string' } },
registry_modifications: { type: 'array', items: { type: 'string' } },
network_connections: {
type: 'array',
items: {
type: 'object',
properties: {
destination_ip: { type: 'string' },
destination_port: { type: 'number' },
protocol: { type: 'string' }
}
}
}
}
}
},
indicators_of_compromise: {
type: 'object',
properties: {
file_hashes: { type: 'array', items: { type: 'string' } },
ip_addresses: { type: 'array', items: { type: 'string' } },
domains: { type: 'array', items: { type: 'string' } },
registry_keys: { type: 'array', items: { type: 'string' } },
mutex_names: { type: 'array', items: { type: 'string' } }
}
},
mitre_tactics: { type: 'array', items: { type: 'string' } },
detection_methods: { type: 'array', items: { type: 'string' } },
severity: { type: 'string' }
},
required: ['id', 'malware_type', 'activities', 'indicators_of_compromise']
}
}
},
required: ['behaviors']
}
});
return behaviors;
}
/**
* Phishing Campaign Simulation Data
* For security awareness training and email filter testing
*/
async function generatePhishingCampaigns() {
const synth = new agentic_synth_1.AgenticSynth({
temperature: 0.8,
maxRetries: 3
});
const phishingPrompt = `
Generate phishing campaign simulations for security awareness training.
Include spear phishing, whaling, vishing, smishing variants.
Each campaign should have: technique, lure, payload, indicators, user_training_points.
Generate 10 diverse phishing campaign scenarios.
`;
const campaigns = await synth.generate({
prompt: phishingPrompt,
schema: {
type: 'object',
properties: {
campaigns: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
technique: {
type: 'string',
enum: [
'spear_phishing',
'whaling',
'clone_phishing',
'vishing',
'smishing',
'angler_phishing',
'business_email_compromise'
]
},
target_audience: { type: 'string' },
lure_theme: { type: 'string' },
email_components: {
type: 'object',
properties: {
subject_line: { type: 'string' },
sender_display_name: { type: 'string' },
sender_email: { type: 'string' },
body_preview: { type: 'string' },
call_to_action: { type: 'string' },
urgency_level: { type: 'string' }
}
},
payload_type: {
type: 'string',
enum: ['credential_harvesting', 'malware_download', 'information_gathering', 'wire_transfer']
},
red_flags: { type: 'array', items: { type: 'string' } },
detection_indicators: { type: 'array', items: { type: 'string' } },
user_training_points: { type: 'array', items: { type: 'string' } },
success_metrics: {
type: 'object',
properties: {
expected_open_rate: { type: 'number' },
expected_click_rate: { type: 'number' },
expected_report_rate: { type: 'number' }
}
},
severity: { type: 'string' }
},
required: ['id', 'technique', 'lure_theme', 'payload_type', 'red_flags']
}
}
},
required: ['campaigns']
}
});
return campaigns;
}
/**
* Insider Threat Scenario Simulation
* For user behavior analytics (UBA) and insider threat detection
*/
async function generateInsiderThreatScenarios() {
const synth = new agentic_synth_1.AgenticSynth({
temperature: 0.7,
maxRetries: 3
});
const insiderPrompt = `
Generate insider threat scenario simulations for security monitoring.
Include data exfiltration, sabotage, privilege abuse, negligent behavior.
Each scenario should have: threat_type, user_profile, activities, anomalies, detection_triggers.
Generate 8 insider threat scenarios.
`;
const scenarios = await synth.generate({
prompt: insiderPrompt,
schema: {
type: 'object',
properties: {
scenarios: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
threat_type: {
type: 'string',
enum: [
'data_exfiltration',
'intellectual_property_theft',
'sabotage',
'privilege_abuse',
'negligent_behavior',
'policy_violation'
]
},
insider_classification: {
type: 'string',
enum: ['malicious', 'negligent', 'compromised']
},
user_profile: {
type: 'object',
properties: {
role: { type: 'string' },
access_level: { type: 'string' },
tenure_months: { type: 'number' },
department: { type: 'string' },
baseline_behavior: { type: 'string' }
}
},
timeline: {
type: 'array',
items: {
type: 'object',
properties: {
day: { type: 'number' },
activity: { type: 'string' },
anomaly_score: { type: 'number' },
data_accessed: { type: 'string' },
volume_mb: { type: 'number' }
}
}
},
behavioral_anomalies: { type: 'array', items: { type: 'string' } },
technical_indicators: { type: 'array', items: { type: 'string' } },
detection_triggers: { type: 'array', items: { type: 'string' } },
risk_score: { type: 'number' },
mitigation: { type: 'string' }
},
required: ['id', 'threat_type', 'insider_classification', 'user_profile']
}
}
},
required: ['scenarios']
}
});
return scenarios;
}
/**
* Zero-Day Exploit Indicator Simulation
* For testing threat intelligence and anomaly detection systems
*/
async function generateZeroDayIndicators() {
const synth = new agentic_synth_1.AgenticSynth({
temperature: 0.8,
maxRetries: 3
});
const zeroDayPrompt = `
Generate zero-day exploit indicator simulations for threat intelligence testing.
Include unknown malware signatures, unusual network patterns, novel attack techniques.
Each indicator set should have: exploit_target, behavior_patterns, anomaly_indicators, threat_hunting_queries.
Generate 6 zero-day exploit indicator sets.
`;
const indicators = await synth.generate({
prompt: zeroDayPrompt,
schema: {
type: 'object',
properties: {
indicator_sets: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
exploit_name: { type: 'string' },
target_software: { type: 'string' },
target_version: { type: 'string' },
vulnerability_type: { type: 'string' },
behavior_patterns: {
type: 'array',
items: {
type: 'object',
properties: {
pattern_type: { type: 'string' },
description: { type: 'string' },
frequency: { type: 'string' },
confidence_level: { type: 'number' }
}
}
},
anomaly_indicators: { type: 'array', items: { type: 'string' } },
network_signatures: { type: 'array', items: { type: 'string' } },
memory_artifacts: { type: 'array', items: { type: 'string' } },
threat_hunting_queries: { type: 'array', items: { type: 'string' } },
detection_difficulty: {
type: 'string',
enum: ['low', 'medium', 'high', 'critical']
},
potential_impact: { type: 'string' },
recommended_response: { type: 'string' }
},
required: ['id', 'exploit_name', 'target_software', 'behavior_patterns']
}
}
},
required: ['indicator_sets']
}
});
return indicators;
}
/**
* Example Usage
*/
async function runThreatSimulations() {
console.log('⚠️ Running Authorized Threat Simulations for Defense Testing ⚠️\n');
try {
// Generate brute force patterns
console.log('Generating brute force attack patterns...');
const bruteForce = await generateBruteForcePatterns();
console.log(`Generated ${bruteForce.patterns?.length || 0} brute force patterns\n`);
// Generate DDoS simulations
console.log('Generating DDoS attack simulations...');
const ddos = await generateDDoSSimulation();
console.log(`Generated ${ddos.simulations?.length || 0} DDoS simulations\n`);
// Generate malware behaviors
console.log('Generating malware behavior patterns...');
const malware = await generateMalwareBehaviors();
console.log(`Generated ${malware.behaviors?.length || 0} malware behaviors\n`);
// Generate phishing campaigns
console.log('Generating phishing campaign scenarios...');
const phishing = await generatePhishingCampaigns();
console.log(`Generated ${phishing.campaigns?.length || 0} phishing campaigns\n`);
// Generate insider threat scenarios
console.log('Generating insider threat scenarios...');
const insider = await generateInsiderThreatScenarios();
console.log(`Generated ${insider.scenarios?.length || 0} insider threat scenarios\n`);
// Generate zero-day indicators
console.log('Generating zero-day exploit indicators...');
const zeroDay = await generateZeroDayIndicators();
console.log(`Generated ${zeroDay.indicator_sets?.length || 0} zero-day indicator sets\n`);
return {
bruteForce,
ddos,
malware,
phishing,
insider,
zeroDay
};
}
catch (error) {
console.error('Error generating threat simulations:', error);
throw error;
}
}
// Export all generators
exports.default = {
generateBruteForcePatterns,
generateDDoSSimulation,
generateMalwareBehaviors,
generatePhishingCampaigns,
generateInsiderThreatScenarios,
generateZeroDayIndicators,
runThreatSimulations
};
//# sourceMappingURL=threat-simulation.js.map

1
npm/packages/agentic-synth/examples/security/threat-simulation.js.map Normal file
View File

File diff suppressed because one or more lines are too long

547
npm/packages/agentic-synth/examples/security/threat-simulation.ts Normal file
View File

@@ -0,0 +1,547 @@
/**
* Threat Simulation Data Examples
*
* ⚠️ ETHICAL USE ONLY ⚠️
* These simulations are for:
* - Security operations center (SOC) training
* - Incident response preparation
* - Threat detection system validation
* - Red team exercises in authorized environments
*
* NEVER use for actual attacks or unauthorized testing.
*/
import { AgenticSynth } from 'agentic-synth';
/**
* Brute Force Attack Pattern Simulation
* For testing account lockout and rate limiting mechanisms
*/
export async function generateBruteForcePatterns() {
const synth = new AgenticSynth({
temperature: 0.7,
maxRetries: 3
});
const bruteForcePrompt = `
Generate brute force attack pattern simulations for defensive security testing.
Include password spray, credential stuffing, dictionary attacks.
Each pattern should have: attack_type, target, timing, credentials_tested, detection_indicators.
Generate 10 realistic brute force attack patterns.
`;
const patterns = await synth.generate({
prompt: bruteForcePrompt,
schema: {
type: 'object',
properties: {
patterns: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
attack_type: {
type: 'string',
enum: [
'password_spray',
'credential_stuffing',
'dictionary_attack',
'hybrid_attack',
'rainbow_table',
'reverse_brute_force'
]
},
target_service: { type: 'string' },
target_endpoints: { type: 'array', items: { type: 'string' } },
timing_pattern: {
type: 'object',
properties: {
attempts_per_minute: { type: 'number' },
delay_between_attempts: { type: 'number' },
total_duration_minutes: { type: 'number' },
distributed_sources: { type: 'boolean' }
}
},
credentials_tested: { type: 'number' },
usernames_targeted: { type: 'number' },
source_ips: { type: 'array', items: { type: 'string' } },
user_agents: { type: 'array', items: { type: 'string' } },
detection_indicators: {
type: 'array',
items: { type: 'string' }
},
expected_defenses: {
type: 'array',
items: { type: 'string' }
},
severity: { type: 'string' }
},
required: ['id', 'attack_type', 'target_service', 'timing_pattern']
}
}
},
required: ['patterns']
}
});
return patterns;
}
/**
* DDoS Traffic Simulation Data
* For testing DDoS mitigation and traffic filtering
*/
export async function generateDDoSSimulation() {
const synth = new AgenticSynth({
temperature: 0.8,
maxRetries: 3
});
const ddosPrompt = `
Generate DDoS attack simulation data for defensive testing.
Include volumetric, protocol, and application layer attacks.
Each simulation should have: attack_vector, traffic_pattern, volume, mitigation_strategy.
Generate 8 different DDoS attack simulations.
`;
const simulations = await synth.generate({
prompt: ddosPrompt,
schema: {
type: 'object',
properties: {
simulations: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
attack_vector: {
type: 'string',
enum: [
'syn_flood',
'udp_flood',
'http_flood',
'slowloris',
'dns_amplification',
'ntp_amplification',
'ssdp_amplification',
'memcached_amplification'
]
},
layer: {
type: 'string',
enum: ['layer3', 'layer4', 'layer7']
},
traffic_pattern: {
type: 'object',
properties: {
packets_per_second: { type: 'number' },
requests_per_second: { type: 'number' },
bandwidth_mbps: { type: 'number' },
source_ips: { type: 'number' },
botnet_size: { type: 'number' }
}
},
target_resources: { type: 'array', items: { type: 'string' } },
duration_minutes: { type: 'number' },
amplification_factor: { type: 'number' },
detection_signatures: { type: 'array', items: { type: 'string' } },
mitigation_strategies: { type: 'array', items: { type: 'string' } },
impact_severity: { type: 'string' }
},
required: ['id', 'attack_vector', 'layer', 'traffic_pattern']
}
}
},
required: ['simulations']
}
});
return simulations;
}
/**
* Malware Behavior Pattern Simulation
* For testing endpoint detection and response (EDR) systems
*/
export async function generateMalwareBehaviors() {
const synth = new AgenticSynth({
temperature: 0.7,
maxRetries: 3
});
const malwarePrompt = `
Generate malware behavior patterns for EDR/XDR testing.
Include ransomware, trojans, rootkits, and APT behaviors.
Each behavior should have: malware_type, activities, indicators_of_compromise, detection_methods.
Generate 12 distinct malware behavior patterns.
`;
const behaviors = await synth.generate({
prompt: malwarePrompt,
schema: {
type: 'object',
properties: {
behaviors: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
malware_type: {
type: 'string',
enum: [
'ransomware',
'trojan',
'rootkit',
'keylogger',
'backdoor',
'worm',
'apt_toolkit',
'cryptominer'
]
},
malware_family: { type: 'string' },
infection_vector: { type: 'string' },
activities: {
type: 'array',
items: {
type: 'object',
properties: {
action: { type: 'string' },
timestamp_offset: { type: 'number' },
process: { type: 'string' },
command_line: { type: 'string' },
files_accessed: { type: 'array', items: { type: 'string' } },
registry_modifications: { type: 'array', items: { type: 'string' } },
network_connections: {
type: 'array',
items: {
type: 'object',
properties: {
destination_ip: { type: 'string' },
destination_port: { type: 'number' },
protocol: { type: 'string' }
}
}
}
}
}
},
indicators_of_compromise: {
type: 'object',
properties: {
file_hashes: { type: 'array', items: { type: 'string' } },
ip_addresses: { type: 'array', items: { type: 'string' } },
domains: { type: 'array', items: { type: 'string' } },
registry_keys: { type: 'array', items: { type: 'string' } },
mutex_names: { type: 'array', items: { type: 'string' } }
}
},
mitre_tactics: { type: 'array', items: { type: 'string' } },
detection_methods: { type: 'array', items: { type: 'string' } },
severity: { type: 'string' }
},
required: ['id', 'malware_type', 'activities', 'indicators_of_compromise']
}
}
},
required: ['behaviors']
}
});
return behaviors;
}
/**
* Phishing Campaign Simulation Data
* For security awareness training and email filter testing
*/
export async function generatePhishingCampaigns() {
const synth = new AgenticSynth({
temperature: 0.8,
maxRetries: 3
});
const phishingPrompt = `
Generate phishing campaign simulations for security awareness training.
Include spear phishing, whaling, vishing, smishing variants.
Each campaign should have: technique, lure, payload, indicators, user_training_points.
Generate 10 diverse phishing campaign scenarios.
`;
const campaigns = await synth.generate({
prompt: phishingPrompt,
schema: {
type: 'object',
properties: {
campaigns: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
technique: {
type: 'string',
enum: [
'spear_phishing',
'whaling',
'clone_phishing',
'vishing',
'smishing',
'angler_phishing',
'business_email_compromise'
]
},
target_audience: { type: 'string' },
lure_theme: { type: 'string' },
email_components: {
type: 'object',
properties: {
subject_line: { type: 'string' },
sender_display_name: { type: 'string' },
sender_email: { type: 'string' },
body_preview: { type: 'string' },
call_to_action: { type: 'string' },
urgency_level: { type: 'string' }
}
},
payload_type: {
type: 'string',
enum: ['credential_harvesting', 'malware_download', 'information_gathering', 'wire_transfer']
},
red_flags: { type: 'array', items: { type: 'string' } },
detection_indicators: { type: 'array', items: { type: 'string' } },
user_training_points: { type: 'array', items: { type: 'string' } },
success_metrics: {
type: 'object',
properties: {
expected_open_rate: { type: 'number' },
expected_click_rate: { type: 'number' },
expected_report_rate: { type: 'number' }
}
},
severity: { type: 'string' }
},
required: ['id', 'technique', 'lure_theme', 'payload_type', 'red_flags']
}
}
},
required: ['campaigns']
}
});
return campaigns;
}
/**
* Insider Threat Scenario Simulation
* For user behavior analytics (UBA) and insider threat detection
*/
export async function generateInsiderThreatScenarios() {
const synth = new AgenticSynth({
temperature: 0.7,
maxRetries: 3
});
const insiderPrompt = `
Generate insider threat scenario simulations for security monitoring.
Include data exfiltration, sabotage, privilege abuse, negligent behavior.
Each scenario should have: threat_type, user_profile, activities, anomalies, detection_triggers.
Generate 8 insider threat scenarios.
`;
const scenarios = await synth.generate({
prompt: insiderPrompt,
schema: {
type: 'object',
properties: {
scenarios: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
threat_type: {
type: 'string',
enum: [
'data_exfiltration',
'intellectual_property_theft',
'sabotage',
'privilege_abuse',
'negligent_behavior',
'policy_violation'
]
},
insider_classification: {
type: 'string',
enum: ['malicious', 'negligent', 'compromised']
},
user_profile: {
type: 'object',
properties: {
role: { type: 'string' },
access_level: { type: 'string' },
tenure_months: { type: 'number' },
department: { type: 'string' },
baseline_behavior: { type: 'string' }
}
},
timeline: {
type: 'array',
items: {
type: 'object',
properties: {
day: { type: 'number' },
activity: { type: 'string' },
anomaly_score: { type: 'number' },
data_accessed: { type: 'string' },
volume_mb: { type: 'number' }
}
}
},
behavioral_anomalies: { type: 'array', items: { type: 'string' } },
technical_indicators: { type: 'array', items: { type: 'string' } },
detection_triggers: { type: 'array', items: { type: 'string' } },
risk_score: { type: 'number' },
mitigation: { type: 'string' }
},
required: ['id', 'threat_type', 'insider_classification', 'user_profile']
}
}
},
required: ['scenarios']
}
});
return scenarios;
}
/**
* Zero-Day Exploit Indicator Simulation
* For testing threat intelligence and anomaly detection systems
*/
export async function generateZeroDayIndicators() {
const synth = new AgenticSynth({
temperature: 0.8,
maxRetries: 3
});
const zeroDayPrompt = `
Generate zero-day exploit indicator simulations for threat intelligence testing.
Include unknown malware signatures, unusual network patterns, novel attack techniques.
Each indicator set should have: exploit_target, behavior_patterns, anomaly_indicators, threat_hunting_queries.
Generate 6 zero-day exploit indicator sets.
`;
const indicators = await synth.generate({
prompt: zeroDayPrompt,
schema: {
type: 'object',
properties: {
indicator_sets: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
exploit_name: { type: 'string' },
target_software: { type: 'string' },
target_version: { type: 'string' },
vulnerability_type: { type: 'string' },
behavior_patterns: {
type: 'array',
items: {
type: 'object',
properties: {
pattern_type: { type: 'string' },
description: { type: 'string' },
frequency: { type: 'string' },
confidence_level: { type: 'number' }
}
}
},
anomaly_indicators: { type: 'array', items: { type: 'string' } },
network_signatures: { type: 'array', items: { type: 'string' } },
memory_artifacts: { type: 'array', items: { type: 'string' } },
threat_hunting_queries: { type: 'array', items: { type: 'string' } },
detection_difficulty: {
type: 'string',
enum: ['low', 'medium', 'high', 'critical']
},
potential_impact: { type: 'string' },
recommended_response: { type: 'string' }
},
required: ['id', 'exploit_name', 'target_software', 'behavior_patterns']
}
}
},
required: ['indicator_sets']
}
});
return indicators;
}
/**
* Example Usage
*/
export async function runThreatSimulations() {
console.log('⚠️ Running Authorized Threat Simulations for Defense Testing ⚠️\n');
try {
// Generate brute force patterns
console.log('Generating brute force attack patterns...');
const bruteForce = await generateBruteForcePatterns();
console.log(`Generated ${bruteForce.patterns?.length || 0} brute force patterns\n`);
// Generate DDoS simulations
console.log('Generating DDoS attack simulations...');
const ddos = await generateDDoSSimulation();
console.log(`Generated ${ddos.simulations?.length || 0} DDoS simulations\n`);
// Generate malware behaviors
console.log('Generating malware behavior patterns...');
const malware = await generateMalwareBehaviors();
console.log(`Generated ${malware.behaviors?.length || 0} malware behaviors\n`);
// Generate phishing campaigns
console.log('Generating phishing campaign scenarios...');
const phishing = await generatePhishingCampaigns();
console.log(`Generated ${phishing.campaigns?.length || 0} phishing campaigns\n`);
// Generate insider threat scenarios
console.log('Generating insider threat scenarios...');
const insider = await generateInsiderThreatScenarios();
console.log(`Generated ${insider.scenarios?.length || 0} insider threat scenarios\n`);
// Generate zero-day indicators
console.log('Generating zero-day exploit indicators...');
const zeroDay = await generateZeroDayIndicators();
console.log(`Generated ${zeroDay.indicator_sets?.length || 0} zero-day indicator sets\n`);
return {
bruteForce,
ddos,
malware,
phishing,
insider,
zeroDay
};
} catch (error) {
console.error('Error generating threat simulations:', error);
throw error;
}
}
// Export all generators
export default {
generateBruteForcePatterns,
generateDDoSSimulation,
generateMalwareBehaviors,
generatePhishingCampaigns,
generateInsiderThreatScenarios,
generateZeroDayIndicators,
runThreatSimulations
};

64
npm/packages/agentic-synth/examples/security/vulnerability-testing.d.ts vendored Normal file
View File

@@ -0,0 +1,64 @@
/**
* Vulnerability Testing Data Examples
*
* ⚠️ ETHICAL USE ONLY ⚠️
* These examples are for:
* - Authorized penetration testing
* - Security research in controlled environments
* - Defensive security training
* - Vulnerability scanner development
*
* NEVER use against systems without explicit authorization.
*/
/**
* SQL Injection Test Payloads
* For testing input validation and parameterized queries
*/
export declare function generateSQLInjectionPayloads(): Promise<any>;
/**
* XSS (Cross-Site Scripting) Test Vectors
* For testing output encoding and CSP effectiveness
*/
export declare function generateXSSVectors(): Promise<any>;
/**
* CSRF (Cross-Site Request Forgery) Test Scenarios
* For testing CSRF token validation and SameSite cookie protection
*/
export declare function generateCSRFScenarios(): Promise<any>;
/**
* Authentication Bypass Test Cases
* For testing authentication mechanisms and session management
*/
export declare function generateAuthBypassTests(): Promise<any>;
/**
* API Abuse and Rate Limiting Test Patterns
* For testing API security controls and abuse prevention
*/
export declare function generateAPIAbusePatterns(): Promise<any>;
/**
* OWASP Top 10 Comprehensive Test Suite
* Covers all OWASP Top 10 vulnerability categories
*/
export declare function generateOWASPTop10Tests(): Promise<any>;
/**
* Example Usage
*/
export declare function runVulnerabilityTests(): Promise<{
sqlPayloads: any;
xssVectors: any;
csrfScenarios: any;
authTests: any;
apiPatterns: any;
owaspTests: any;
}>;
declare const _default: {
generateSQLInjectionPayloads: typeof generateSQLInjectionPayloads;
generateXSSVectors: typeof generateXSSVectors;
generateCSRFScenarios: typeof generateCSRFScenarios;
generateAuthBypassTests: typeof generateAuthBypassTests;
generateAPIAbusePatterns: typeof generateAPIAbusePatterns;
generateOWASPTop10Tests: typeof generateOWASPTop10Tests;
runVulnerabilityTests: typeof runVulnerabilityTests;
};
export default _default;
//# sourceMappingURL=vulnerability-testing.d.ts.map

1
npm/packages/agentic-synth/examples/security/vulnerability-testing.d.ts.map Normal file
View File

@@ -0,0 +1 @@
{"version":3,"file":"vulnerability-testing.d.ts","sourceRoot":"","sources":["vulnerability-testing.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAIH;;;GAGG;AACH,wBAAsB,4BAA4B,iBAgDjD;AAED;;;GAGG;AACH,wBAAsB,kBAAkB,iBAsDvC;AAED;;;GAGG;AACH,wBAAsB,qBAAqB,iBAmD1C;AAED;;;GAGG;AACH,wBAAsB,uBAAuB,iBA2D5C;AAED;;;GAGG;AACH,wBAAsB,wBAAwB,iBA4D7C;AAED;;;GAGG;AACH,wBAAsB,uBAAuB,iBA6D5C;AAED;;GAEG;AACH,wBAAsB,qBAAqB;;;;;;;GA8C1C;;;;;;;;;;AAGD,wBAQE"}

422
npm/packages/agentic-synth/examples/security/vulnerability-testing.js Normal file
View File

@@ -0,0 +1,422 @@
"use strict";
/**
* Vulnerability Testing Data Examples
*
* ⚠️ ETHICAL USE ONLY ⚠️
* These examples are for:
* - Authorized penetration testing
* - Security research in controlled environments
* - Defensive security training
* - Vulnerability scanner development
*
* NEVER use against systems without explicit authorization.
*/
Object.defineProperty(exports, "__esModule", { value: true });
exports.generateSQLInjectionPayloads = generateSQLInjectionPayloads;
exports.generateXSSVectors = generateXSSVectors;
exports.generateCSRFScenarios = generateCSRFScenarios;
exports.generateAuthBypassTests = generateAuthBypassTests;
exports.generateAPIAbusePatterns = generateAPIAbusePatterns;
exports.generateOWASPTop10Tests = generateOWASPTop10Tests;
exports.runVulnerabilityTests = runVulnerabilityTests;
const agentic_synth_1 = require("agentic-synth");
/**
* SQL Injection Test Payloads
* For testing input validation and parameterized queries
*/
async function generateSQLInjectionPayloads() {
const synth = new agentic_synth_1.AgenticSynth({
temperature: 0.7,
maxRetries: 3
});
const sqlInjectionPrompt = `
Generate SQL injection test payloads for defensive security testing.
Include classic, union-based, boolean-based, and time-based blind SQLi payloads.
Each payload should have: type, payload, expected_detection, severity, mitigation.
Generate 15 diverse payloads covering different SQL injection techniques.
`;
const payloads = await synth.generate({
prompt: sqlInjectionPrompt,
schema: {
type: 'object',
properties: {
payloads: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
type: {
type: 'string',
enum: ['classic', 'union', 'boolean_blind', 'time_blind', 'error_based', 'stacked_queries']
},
payload: { type: 'string' },
description: { type: 'string' },
target_parameter: { type: 'string' },
expected_behavior: { type: 'string' },
should_be_blocked: { type: 'boolean' },
severity: {
type: 'string',
enum: ['critical', 'high', 'medium', 'low']
},
mitigation: { type: 'string' }
},
required: ['id', 'type', 'payload', 'severity', 'mitigation']
}
}
},
required: ['payloads']
}
});
return payloads;
}
/**
* XSS (Cross-Site Scripting) Test Vectors
* For testing output encoding and CSP effectiveness
*/
async function generateXSSVectors() {
const synth = new agentic_synth_1.AgenticSynth({
temperature: 0.8,
maxRetries: 3
});
const xssPrompt = `
Generate XSS (Cross-Site Scripting) test vectors for security testing.
Include stored, reflected, and DOM-based XSS payloads.
Cover HTML injection, JavaScript execution, event handlers, and encoding bypass techniques.
Each vector should have: type, payload, context, expected_sanitization, severity.
Generate 20 diverse XSS test cases.
`;
const vectors = await synth.generate({
prompt: xssPrompt,
schema: {
type: 'object',
properties: {
vectors: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
type: {
type: 'string',
enum: ['stored', 'reflected', 'dom_based', 'mutation_based']
},
payload: { type: 'string' },
context: {
type: 'string',
enum: ['html', 'attribute', 'javascript', 'url', 'css']
},
description: { type: 'string' },
bypass_technique: { type: 'string' },
expected_sanitization: { type: 'string' },
should_be_blocked: { type: 'boolean' },
severity: {
type: 'string',
enum: ['critical', 'high', 'medium', 'low']
},
csp_bypass: { type: 'boolean' },
mitigation: { type: 'string' }
},
required: ['id', 'type', 'payload', 'context', 'severity']
}
}
},
required: ['vectors']
}
});
return vectors;
}
/**
* CSRF (Cross-Site Request Forgery) Test Scenarios
* For testing CSRF token validation and SameSite cookie protection
*/
async function generateCSRFScenarios() {
const synth = new agentic_synth_1.AgenticSynth({
temperature: 0.7,
maxRetries: 3
});
const csrfPrompt = `
Generate CSRF attack test scenarios for security validation.
Include different attack methods: form submission, AJAX requests, clickjacking.
Each scenario should have: attack_method, target_endpoint, payload, tokens_present, expected_result.
Generate 10 comprehensive CSRF test cases.
`;
const scenarios = await synth.generate({
prompt: csrfPrompt,
schema: {
type: 'object',
properties: {
scenarios: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
attack_method: {
type: 'string',
enum: ['form_post', 'ajax', 'image_tag', 'iframe', 'fetch_api']
},
target_endpoint: { type: 'string' },
http_method: { type: 'string' },
payload: { type: 'object' },
csrf_token_present: { type: 'boolean' },
csrf_token_valid: { type: 'boolean' },
origin_header: { type: 'string' },
referer_header: { type: 'string' },
expected_result: {
type: 'string',
enum: ['blocked', 'allowed', 'token_error', 'origin_mismatch']
},
severity: { type: 'string' },
mitigation: { type: 'string' }
},
required: ['id', 'attack_method', 'target_endpoint', 'expected_result']
}
}
},
required: ['scenarios']
}
});
return scenarios;
}
/**
* Authentication Bypass Test Cases
* For testing authentication mechanisms and session management
*/
async function generateAuthBypassTests() {
const synth = new agentic_synth_1.AgenticSynth({
temperature: 0.7,
maxRetries: 3
});
const authPrompt = `
Generate authentication bypass test cases for security assessment.
Include password attacks, session hijacking, JWT manipulation, OAuth flaws.
Each test should have: technique, payload, expected_detection, impact.
Generate 12 authentication security test cases.
`;
const tests = await synth.generate({
prompt: authPrompt,
schema: {
type: 'object',
properties: {
tests: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
technique: {
type: 'string',
enum: [
'default_credentials',
'weak_password',
'session_fixation',
'session_hijacking',
'jwt_manipulation',
'oauth_redirect',
'password_reset_flaw',
'brute_force',
'credential_stuffing'
]
},
description: { type: 'string' },
test_payload: { type: 'object' },
preconditions: { type: 'array', items: { type: 'string' } },
expected_detection: { type: 'string' },
should_be_prevented: { type: 'boolean' },
impact: {
type: 'string',
enum: ['critical', 'high', 'medium', 'low']
},
mitigation: { type: 'string' },
owasp_category: { type: 'string' }
},
required: ['id', 'technique', 'impact', 'mitigation']
}
}
},
required: ['tests']
}
});
return tests;
}
/**
* API Abuse and Rate Limiting Test Patterns
* For testing API security controls and abuse prevention
*/
async function generateAPIAbusePatterns() {
const synth = new agentic_synth_1.AgenticSynth({
temperature: 0.7,
maxRetries: 3
});
const apiPrompt = `
Generate API abuse test patterns for security validation.
Include rate limiting bypass, parameter tampering, mass assignment, BOLA/IDOR attacks.
Each pattern should have: attack_type, endpoints, request_pattern, rate_limit_status.
Generate 10 API security test patterns.
`;
const patterns = await synth.generate({
prompt: apiPrompt,
schema: {
type: 'object',
properties: {
patterns: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
attack_type: {
type: 'string',
enum: [
'rate_limit_bypass',
'parameter_pollution',
'mass_assignment',
'bola_idor',
'api_key_exposure',
'excessive_data_exposure',
'lack_of_resources_rate_limiting'
]
},
target_endpoints: { type: 'array', items: { type: 'string' } },
request_pattern: {
type: 'object',
properties: {
requests_per_second: { type: 'number' },
total_requests: { type: 'number' },
payload_variation: { type: 'string' },
headers: { type: 'object' }
}
},
expected_rate_limit: { type: 'boolean' },
expected_response_code: { type: 'number' },
severity: { type: 'string' },
mitigation: { type: 'string' }
},
required: ['id', 'attack_type', 'target_endpoints', 'severity']
}
}
},
required: ['patterns']
}
});
return patterns;
}
/**
* OWASP Top 10 Comprehensive Test Suite
* Covers all OWASP Top 10 vulnerability categories
*/
async function generateOWASPTop10Tests() {
const synth = new agentic_synth_1.AgenticSynth({
temperature: 0.7,
maxRetries: 3
});
const owaspPrompt = `
Generate comprehensive test cases for OWASP Top 10 vulnerabilities.
Include: A01 Broken Access Control, A02 Cryptographic Failures, A03 Injection,
A04 Insecure Design, A05 Security Misconfiguration, A06 Vulnerable Components,
A07 Authentication Failures, A08 Data Integrity Failures, A09 Logging Failures,
A10 SSRF.
Each test should map to specific OWASP category with test vectors.
Generate 20 test cases covering all categories.
`;
const tests = await synth.generate({
prompt: owaspPrompt,
schema: {
type: 'object',
properties: {
owasp_tests: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
owasp_category: {
type: 'string',
enum: [
'A01_Broken_Access_Control',
'A02_Cryptographic_Failures',
'A03_Injection',
'A04_Insecure_Design',
'A05_Security_Misconfiguration',
'A06_Vulnerable_Components',
'A07_Authentication_Failures',
'A08_Data_Integrity_Failures',
'A09_Logging_Monitoring_Failures',
'A10_SSRF'
]
},
vulnerability_name: { type: 'string' },
test_description: { type: 'string' },
test_payload: { type: 'object' },
expected_secure_behavior: { type: 'string' },
vulnerable_behavior: { type: 'string' },
severity: { type: 'string' },
remediation: { type: 'string' },
cwe_id: { type: 'string' },
test_steps: { type: 'array', items: { type: 'string' } }
},
required: ['id', 'owasp_category', 'vulnerability_name', 'severity']
}
}
},
required: ['owasp_tests']
}
});
return tests;
}
/**
* Example Usage
*/
async function runVulnerabilityTests() {
console.log('⚠️ Running Authorized Security Tests Only ⚠️\n');
try {
// Generate SQL injection payloads
console.log('Generating SQL injection test payloads...');
const sqlPayloads = await generateSQLInjectionPayloads();
console.log(`Generated ${sqlPayloads.payloads?.length || 0} SQL injection tests\n`);
// Generate XSS vectors
console.log('Generating XSS test vectors...');
const xssVectors = await generateXSSVectors();
console.log(`Generated ${xssVectors.vectors?.length || 0} XSS test vectors\n`);
// Generate CSRF scenarios
console.log('Generating CSRF test scenarios...');
const csrfScenarios = await generateCSRFScenarios();
console.log(`Generated ${csrfScenarios.scenarios?.length || 0} CSRF scenarios\n`);
// Generate authentication bypass tests
console.log('Generating authentication bypass tests...');
const authTests = await generateAuthBypassTests();
console.log(`Generated ${authTests.tests?.length || 0} authentication tests\n`);
// Generate API abuse patterns
console.log('Generating API abuse patterns...');
const apiPatterns = await generateAPIAbusePatterns();
console.log(`Generated ${apiPatterns.patterns?.length || 0} API abuse patterns\n`);
// Generate OWASP Top 10 tests
console.log('Generating OWASP Top 10 tests...');
const owaspTests = await generateOWASPTop10Tests();
console.log(`Generated ${owaspTests.owasp_tests?.length || 0} OWASP tests\n`);
return {
sqlPayloads,
xssVectors,
csrfScenarios,
authTests,
apiPatterns,
owaspTests
};
}
catch (error) {
console.error('Error generating vulnerability tests:', error);
throw error;
}
}
// Export all generators
exports.default = {
generateSQLInjectionPayloads,
generateXSSVectors,
generateCSRFScenarios,
generateAuthBypassTests,
generateAPIAbusePatterns,
generateOWASPTop10Tests,
runVulnerabilityTests
};
//# sourceMappingURL=vulnerability-testing.js.map

1
npm/packages/agentic-synth/examples/security/vulnerability-testing.js.map Normal file
View File

File diff suppressed because one or more lines are too long

445
npm/packages/agentic-synth/examples/security/vulnerability-testing.ts Normal file
View File

@@ -0,0 +1,445 @@
/**
* Vulnerability Testing Data Examples
*
* ⚠️ ETHICAL USE ONLY ⚠️
* These examples are for:
* - Authorized penetration testing
* - Security research in controlled environments
* - Defensive security training
* - Vulnerability scanner development
*
* NEVER use against systems without explicit authorization.
*/
import { AgenticSynth } from 'agentic-synth';
/**
* SQL Injection Test Payloads
* For testing input validation and parameterized queries
*/
export async function generateSQLInjectionPayloads() {
const synth = new AgenticSynth({
temperature: 0.7,
maxRetries: 3
});
const sqlInjectionPrompt = `
Generate SQL injection test payloads for defensive security testing.
Include classic, union-based, boolean-based, and time-based blind SQLi payloads.
Each payload should have: type, payload, expected_detection, severity, mitigation.
Generate 15 diverse payloads covering different SQL injection techniques.
`;
const payloads = await synth.generate({
prompt: sqlInjectionPrompt,
schema: {
type: 'object',
properties: {
payloads: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
type: {
type: 'string',
enum: ['classic', 'union', 'boolean_blind', 'time_blind', 'error_based', 'stacked_queries']
},
payload: { type: 'string' },
description: { type: 'string' },
target_parameter: { type: 'string' },
expected_behavior: { type: 'string' },
should_be_blocked: { type: 'boolean' },
severity: {
type: 'string',
enum: ['critical', 'high', 'medium', 'low']
},
mitigation: { type: 'string' }
},
required: ['id', 'type', 'payload', 'severity', 'mitigation']
}
}
},
required: ['payloads']
}
});
return payloads;
}
/**
* XSS (Cross-Site Scripting) Test Vectors
* For testing output encoding and CSP effectiveness
*/
export async function generateXSSVectors() {
const synth = new AgenticSynth({
temperature: 0.8,
maxRetries: 3
});
const xssPrompt = `
Generate XSS (Cross-Site Scripting) test vectors for security testing.
Include stored, reflected, and DOM-based XSS payloads.
Cover HTML injection, JavaScript execution, event handlers, and encoding bypass techniques.
Each vector should have: type, payload, context, expected_sanitization, severity.
Generate 20 diverse XSS test cases.
`;
const vectors = await synth.generate({
prompt: xssPrompt,
schema: {
type: 'object',
properties: {
vectors: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
type: {
type: 'string',
enum: ['stored', 'reflected', 'dom_based', 'mutation_based']
},
payload: { type: 'string' },
context: {
type: 'string',
enum: ['html', 'attribute', 'javascript', 'url', 'css']
},
description: { type: 'string' },
bypass_technique: { type: 'string' },
expected_sanitization: { type: 'string' },
should_be_blocked: { type: 'boolean' },
severity: {
type: 'string',
enum: ['critical', 'high', 'medium', 'low']
},
csp_bypass: { type: 'boolean' },
mitigation: { type: 'string' }
},
required: ['id', 'type', 'payload', 'context', 'severity']
}
}
},
required: ['vectors']
}
});
return vectors;
}
/**
* CSRF (Cross-Site Request Forgery) Test Scenarios
* For testing CSRF token validation and SameSite cookie protection
*/
export async function generateCSRFScenarios() {
const synth = new AgenticSynth({
temperature: 0.7,
maxRetries: 3
});
const csrfPrompt = `
Generate CSRF attack test scenarios for security validation.
Include different attack methods: form submission, AJAX requests, clickjacking.
Each scenario should have: attack_method, target_endpoint, payload, tokens_present, expected_result.
Generate 10 comprehensive CSRF test cases.
`;
const scenarios = await synth.generate({
prompt: csrfPrompt,
schema: {
type: 'object',
properties: {
scenarios: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
attack_method: {
type: 'string',
enum: ['form_post', 'ajax', 'image_tag', 'iframe', 'fetch_api']
},
target_endpoint: { type: 'string' },
http_method: { type: 'string' },
payload: { type: 'object' },
csrf_token_present: { type: 'boolean' },
csrf_token_valid: { type: 'boolean' },
origin_header: { type: 'string' },
referer_header: { type: 'string' },
expected_result: {
type: 'string',
enum: ['blocked', 'allowed', 'token_error', 'origin_mismatch']
},
severity: { type: 'string' },
mitigation: { type: 'string' }
},
required: ['id', 'attack_method', 'target_endpoint', 'expected_result']
}
}
},
required: ['scenarios']
}
});
return scenarios;
}
/**
* Authentication Bypass Test Cases
* For testing authentication mechanisms and session management
*/
export async function generateAuthBypassTests() {
const synth = new AgenticSynth({
temperature: 0.7,
maxRetries: 3
});
const authPrompt = `
Generate authentication bypass test cases for security assessment.
Include password attacks, session hijacking, JWT manipulation, OAuth flaws.
Each test should have: technique, payload, expected_detection, impact.
Generate 12 authentication security test cases.
`;
const tests = await synth.generate({
prompt: authPrompt,
schema: {
type: 'object',
properties: {
tests: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
technique: {
type: 'string',
enum: [
'default_credentials',
'weak_password',
'session_fixation',
'session_hijacking',
'jwt_manipulation',
'oauth_redirect',
'password_reset_flaw',
'brute_force',
'credential_stuffing'
]
},
description: { type: 'string' },
test_payload: { type: 'object' },
preconditions: { type: 'array', items: { type: 'string' } },
expected_detection: { type: 'string' },
should_be_prevented: { type: 'boolean' },
impact: {
type: 'string',
enum: ['critical', 'high', 'medium', 'low']
},
mitigation: { type: 'string' },
owasp_category: { type: 'string' }
},
required: ['id', 'technique', 'impact', 'mitigation']
}
}
},
required: ['tests']
}
});
return tests;
}
/**
* API Abuse and Rate Limiting Test Patterns
* For testing API security controls and abuse prevention
*/
export async function generateAPIAbusePatterns() {
const synth = new AgenticSynth({
temperature: 0.7,
maxRetries: 3
});
const apiPrompt = `
Generate API abuse test patterns for security validation.
Include rate limiting bypass, parameter tampering, mass assignment, BOLA/IDOR attacks.
Each pattern should have: attack_type, endpoints, request_pattern, rate_limit_status.
Generate 10 API security test patterns.
`;
const patterns = await synth.generate({
prompt: apiPrompt,
schema: {
type: 'object',
properties: {
patterns: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
attack_type: {
type: 'string',
enum: [
'rate_limit_bypass',
'parameter_pollution',
'mass_assignment',
'bola_idor',
'api_key_exposure',
'excessive_data_exposure',
'lack_of_resources_rate_limiting'
]
},
target_endpoints: { type: 'array', items: { type: 'string' } },
request_pattern: {
type: 'object',
properties: {
requests_per_second: { type: 'number' },
total_requests: { type: 'number' },
payload_variation: { type: 'string' },
headers: { type: 'object' }
}
},
expected_rate_limit: { type: 'boolean' },
expected_response_code: { type: 'number' },
severity: { type: 'string' },
mitigation: { type: 'string' }
},
required: ['id', 'attack_type', 'target_endpoints', 'severity']
}
}
},
required: ['patterns']
}
});
return patterns;
}
/**
* OWASP Top 10 Comprehensive Test Suite
* Covers all OWASP Top 10 vulnerability categories
*/
export async function generateOWASPTop10Tests() {
const synth = new AgenticSynth({
temperature: 0.7,
maxRetries: 3
});
const owaspPrompt = `
Generate comprehensive test cases for OWASP Top 10 vulnerabilities.
Include: A01 Broken Access Control, A02 Cryptographic Failures, A03 Injection,
A04 Insecure Design, A05 Security Misconfiguration, A06 Vulnerable Components,
A07 Authentication Failures, A08 Data Integrity Failures, A09 Logging Failures,
A10 SSRF.
Each test should map to specific OWASP category with test vectors.
Generate 20 test cases covering all categories.
`;
const tests = await synth.generate({
prompt: owaspPrompt,
schema: {
type: 'object',
properties: {
owasp_tests: {
type: 'array',
items: {
type: 'object',
properties: {
id: { type: 'string' },
owasp_category: {
type: 'string',
enum: [
'A01_Broken_Access_Control',
'A02_Cryptographic_Failures',
'A03_Injection',
'A04_Insecure_Design',
'A05_Security_Misconfiguration',
'A06_Vulnerable_Components',
'A07_Authentication_Failures',
'A08_Data_Integrity_Failures',
'A09_Logging_Monitoring_Failures',
'A10_SSRF'
]
},
vulnerability_name: { type: 'string' },
test_description: { type: 'string' },
test_payload: { type: 'object' },
expected_secure_behavior: { type: 'string' },
vulnerable_behavior: { type: 'string' },
severity: { type: 'string' },
remediation: { type: 'string' },
cwe_id: { type: 'string' },
test_steps: { type: 'array', items: { type: 'string' } }
},
required: ['id', 'owasp_category', 'vulnerability_name', 'severity']
}
}
},
required: ['owasp_tests']
}
});
return tests;
}
/**
* Example Usage
*/
export async function runVulnerabilityTests() {
console.log('⚠️ Running Authorized Security Tests Only ⚠️\n');
try {
// Generate SQL injection payloads
console.log('Generating SQL injection test payloads...');
const sqlPayloads = await generateSQLInjectionPayloads();
console.log(`Generated ${sqlPayloads.payloads?.length || 0} SQL injection tests\n`);
// Generate XSS vectors
console.log('Generating XSS test vectors...');
const xssVectors = await generateXSSVectors();
console.log(`Generated ${xssVectors.vectors?.length || 0} XSS test vectors\n`);
// Generate CSRF scenarios
console.log('Generating CSRF test scenarios...');
const csrfScenarios = await generateCSRFScenarios();
console.log(`Generated ${csrfScenarios.scenarios?.length || 0} CSRF scenarios\n`);
// Generate authentication bypass tests
console.log('Generating authentication bypass tests...');
const authTests = await generateAuthBypassTests();
console.log(`Generated ${authTests.tests?.length || 0} authentication tests\n`);
// Generate API abuse patterns
console.log('Generating API abuse patterns...');
const apiPatterns = await generateAPIAbusePatterns();
console.log(`Generated ${apiPatterns.patterns?.length || 0} API abuse patterns\n`);
// Generate OWASP Top 10 tests
console.log('Generating OWASP Top 10 tests...');
const owaspTests = await generateOWASPTop10Tests();
console.log(`Generated ${owaspTests.owasp_tests?.length || 0} OWASP tests\n`);
return {
sqlPayloads,
xssVectors,
csrfScenarios,
authTests,
apiPatterns,
owaspTests
};
} catch (error) {
console.error('Error generating vulnerability tests:', error);
throw error;
}
}
// Export all generators
export default {
generateSQLInjectionPayloads,
generateXSSVectors,
generateCSRFScenarios,
generateAuthBypassTests,
generateAPIAbusePatterns,
generateOWASPTop10Tests,
runVulnerabilityTests
};