|
| 1 | +# Domain Analysis Tool |
| 2 | + |
| 3 | +A TypeScript library and demo web application for analyzing domains for potential security vulnerabilities, specifically focused on dangling domain takeover risks. |
| 4 | + |
| 5 | +## Features |
| 6 | + |
| 7 | +- Domain vulnerability analysis |
| 8 | +- FQDN (Fully Qualified Domain Name) checking |
| 9 | +- Heuristic analysis for potential security issues |
| 10 | +- Web interface for scanning domains |
| 11 | +- User management system with domain tracking |
| 12 | +- Rate limiting for API endpoints |
| 13 | + |
| 14 | +## Installation |
| 15 | + |
| 16 | +```shell |
| 17 | +$ npm install |
| 18 | +``` |
| 19 | + |
| 20 | +## Run all tests |
| 21 | + |
| 22 | +```shell |
| 23 | +$ npm test # Run all tests |
| 24 | +$ npx mocha test/parser.test.ts # Run specific test file |
| 25 | +``` |
| 26 | + |
| 27 | +## Run Webserver Demo with Docker: |
| 28 | + |
| 29 | +```shell |
| 30 | +$ docker compose up --build # Start server |
| 31 | +$ docker compose down # Stop server |
| 32 | +``` |
| 33 | + |
| 34 | +The web interface will be available at http://localhost:3000 |
| 35 | + |
| 36 | +## Run Webserver Demo manually: |
| 37 | + |
| 38 | +```shell |
| 39 | +$ cd demo/webserver/ |
| 40 | +$ npm install |
| 41 | +$ npm run dev |
| 42 | +``` |
| 43 | + |
1 | 44 | ## Format code: |
2 | 45 |
|
3 | 46 | ```shell |
4 | 47 | $ npm install prettier --global # Prerequisite |
5 | 48 |
|
6 | | -$ npx prettier --check "**/*.{js,ts}" # check format |
7 | | -$ npx prettier --write . # fix format for all files |
8 | | -$ npx prettier --write src/**/*.js # fix format for one file |
| 49 | +$ npx prettier --check "**/*.{js,ts}" # Check code formatting |
| 50 | +$ npx prettier --write . # Fix formatting for all files |
| 51 | +$ npx prettier --write src/**/*.js # Fix formatting for specific file |
9 | 52 | ``` |
10 | 53 |
|
11 | | -## Run webserver demo: |
| 54 | +## Project Structure |
12 | 55 |
|
13 | | -```shell |
14 | | -$ docker compose up --build # start server |
15 | | -$ docker compose down # stop server |
16 | 56 | ``` |
| 57 | +src/ # Core library code |
| 58 | +├── parsertld.ts # Domain parsing utilities |
| 59 | +├── heuristic_analysis.ts # Domain vulnerability detection |
| 60 | +├── fqdm_analysis.ts # FQDN analysis |
| 61 | +└── fingerprints.json # Vulnerability patterns database |
| 62 | +
|
| 63 | +demo/ # Demo webserver application |
| 64 | +└── webserver/ # Express.js web server |
| 65 | + └── src/ |
| 66 | + ├── index.ts # Main server code |
| 67 | + ├── database.ts # SQLite database handler |
| 68 | + └── public/ # Static web assets |
| 69 | +
|
| 70 | +test/ # Test files |
| 71 | +├── parser.test.ts # Parser unit tests |
| 72 | +├── heuristic_analysis.test.ts # Analysis tests |
| 73 | +└── fqdm_analysis.test.ts # FQDN tests |
| 74 | +``` |
| 75 | + |
| 76 | +## License |
| 77 | + |
| 78 | +This project is licensed under the MIT License - see the LICENSE file for details. |
0 commit comments