hera/enhanced-data-access.js at main · CodeMonkeyCybersecurity/hera · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
// Hera Enhanced Data Access Script with Security Analysis
// Run this in Chrome DevTools Console to access your stored data and analyze security findings

console.log('Hera Enhanced Data Access Tool');
console.log('==================================');

// Function to get all Hera data with enhanced security information
function getHeraData() {
  chrome.storage.local.get(null, (allData) => {
    console.log(' Complete Hera Storage:', allData);

    const sessions = allData.heraSessions || [];
    const syncQueue = allData.syncQueue || [];
    const config = allData.heraConfig || {};

    console.log(`\n📈 Statistics:`);
    console.log(`  • Total Sessions: ${sessions.length}`);
    console.log(`  • Pending Sync: ${syncQueue.length}`);
    console.log(`  • Storage Size: ${JSON.stringify(allData).length} bytes`);

    if (sessions.length > 0) {
      console.log(`\nRecent Authentication Events:`);
      sessions.slice(-5).forEach((session, index) => {
        const riskScore = session.metadata?.authAnalysis?.riskScore || session.riskScore || 0;
        const riskFactors = session.metadata?.authAnalysis?.issues || session.riskFactors || [];
        const riskIcon = getRiskIcon(riskScore);
        const protocol = session.metadata?.authAnalysis?.protocol || session.authType || 'Unknown';

        console.log(`  ${index + 1}. ${riskIcon} ${protocol} - ${session.url}`);
        console.log(`     Risk Score: ${riskScore}/100 | Issues: ${riskFactors.length} | ${new Date(session.timestamp).toLocaleString()}`);

        if (riskFactors.length > 0) {
          console.log(`      Security Issues:`);
          riskFactors.slice(0, 3).forEach(issue => {
            const severityIcon = getSeverityIcon(issue.severity);
            console.log(`       ${severityIcon} ${issue.type}: ${issue.message}`);
          });
          if (riskFactors.length > 3) {
            console.log(`       ... and ${riskFactors.length - 3} more issues`);
          }
        }
        console.log(''); // Empty line for readability
      });
    }

    if (syncQueue.length > 0) {
      console.log(`\n⏳ Pending Sync Events: ${syncQueue.length}`);
    }

    console.log(`\n💾 To export all data, run: exportHeraData()`);
    console.log(`To analyze security findings, run: analyzeSecurityFindings()`);
  });
}

// Helper functions for risk visualization
function getRiskIcon(riskScore) {
  if (riskScore >= 80) return '🔴'; // Critical
  if (riskScore >= 30) return '🟡'; // Moderate
  return '🟢'; // Secure
}

function getSeverityIcon(severity) {
  const icons = {
    CRITICAL: '🔴',
    HIGH: '🟠',
    MEDIUM: '🟡',
    LOW: '🔵'
  };
  return icons[severity] || '⚪';
}

// Function to analyze security findings across all sessions
function analyzeSecurityFindings() {
  chrome.storage.local.get(['heraSessions'], (result) => {
    const sessions = result.heraSessions || [];

    console.log('HERA SECURITY ANALYSIS REPORT');
    console.log('================================');

    if (sessions.length === 0) {
      console.log('No sessions found to analyze.');
      return;
    }

    // Collect all security issues
    const allIssues = [];
    const riskScores = [];
    const protocolCounts = {};

    sessions.forEach(session => {
      const authAnalysis = session.metadata?.authAnalysis;
      const riskScore = authAnalysis?.riskScore || session.riskScore || 0;
      const issues = authAnalysis?.issues || session.riskFactors || [];
      const protocol = authAnalysis?.protocol || session.authType || 'Unknown';

      riskScores.push(riskScore);
      protocolCounts[protocol] = (protocolCounts[protocol] || 0) + 1;

      issues.forEach(issue => {
        allIssues.push({
          ...issue,
          url: session.url,
          timestamp: session.timestamp,
          protocol: protocol
        });
      });
    });

    // Summary statistics
    const avgRiskScore = riskScores.length > 0 ? (riskScores.reduce((a, b) => a + b, 0) / riskScores.length).toFixed(1) : 0;
    const highRiskSessions = riskScores.filter(score => score >= 80).length;
    const moderateRiskSessions = riskScores.filter(score => score >= 30 && score < 80).length;
    const lowRiskSessions = riskScores.filter(score => score < 30).length;

    console.log(`\n SUMMARY STATISTICS:`);
    console.log(`  • Total Sessions Analyzed: ${sessions.length}`);
    console.log(`  • Average Risk Score: ${avgRiskScore}/100`);
    console.log(`  • High Risk Sessions (80+): ${highRiskSessions} 🔴`);
    console.log(`  • Moderate Risk Sessions (30-79): ${moderateRiskSessions} 🟡`);
    console.log(`  • Low Risk Sessions (<30): ${lowRiskSessions} 🟢`);
    console.log(`  • Total Security Issues Found: ${allIssues.length}`);

    // Protocol breakdown
    console.log(`\nAUTHENTICATION PROTOCOLS:`);
    Object.entries(protocolCounts)
      .sort(([,a], [,b]) => b - a)
      .forEach(([protocol, count]) => {
        console.log(`  • ${protocol}: ${count} sessions`);
      });

    // Top security issues
    if (allIssues.length > 0) {
      const issueTypes = {};
      allIssues.forEach(issue => {
        const key = `${issue.type} (${issue.severity})`;
        issueTypes[key] = (issueTypes[key] || 0) + 1;
      });

      console.log(`\n TOP SECURITY ISSUES:`);
      Object.entries(issueTypes)
        .sort(([,a], [,b]) => b - a)
        .slice(0, 10)
        .forEach(([issueType, count]) => {
          const severity = issueType.match(/\((\w+)\)$/)?.[1] || 'UNKNOWN';
          const icon = getSeverityIcon(severity);
          console.log(`  ${icon} ${issueType}: ${count} occurrences`);
        });

      // Critical issues details
      const criticalIssues = allIssues.filter(issue => issue.severity === 'CRITICAL');
      if (criticalIssues.length > 0) {
        console.log(`\n🔴 CRITICAL ISSUES REQUIRING IMMEDIATE ATTENTION:`);
        criticalIssues.slice(0, 5).forEach((issue, index) => {
          console.log(`  ${index + 1}. ${issue.type}: ${issue.message}`);
          console.log(`     URL: ${issue.url}`);
          console.log(`     Time: ${new Date(issue.timestamp).toLocaleString()}`);
          if (issue.exploitation) {
            console.log(`     Risk: ${issue.exploitation}`);
          }
          console.log('');
        });

        if (criticalIssues.length > 5) {
          console.log(`     ... and ${criticalIssues.length - 5} more critical issues`);
        }
      }
    }

    // Recommendations
    console.log(`\n💡 RECOMMENDATIONS:`);
    if (highRiskSessions > 0) {
      console.log(`  🔴 ${highRiskSessions} sessions have critical security issues - investigate immediately`);
    }
    if (moderateRiskSessions > 0) {
      console.log(`  🟡 ${moderateRiskSessions} sessions have moderate security concerns - review when possible`);
    }
    if (allIssues.some(i => i.type === 'NO_TLS')) {
      console.log(`   Some authentication is happening over HTTP - enforce HTTPS`);
    }
    if (allIssues.some(i => i.type === 'CREDENTIALS_IN_URL')) {
      console.log(`  🔗 Credentials found in URLs - use POST body or headers instead`);
    }
    if (allIssues.some(i => i.type === 'algorithmNone')) {
      console.log(`  🔑 JWT tokens with no signature found - implement proper JWT validation`);
    }

    console.log(`\n📋 To export detailed findings, run: exportSecurityReport()`);
  });
}

// Function to export detailed security report
function exportSecurityReport() {
  chrome.storage.local.get(['heraSessions'], (result) => {
    const sessions = result.heraSessions || [];

    const report = {
      reportDate: new Date().toISOString(),
      reportType: 'Hera Security Analysis Report',
      version: '1.0.0',
      summary: {
        totalSessions: sessions.length,
        sessionsWithIssues: 0,
        totalIssues: 0,
        criticalIssues: 0,
        highIssues: 0,
        mediumIssues: 0,
        lowIssues: 0
      },
      findings: [],
      recommendations: []
    };

    sessions.forEach(session => {
      const authAnalysis = session.metadata?.authAnalysis;
      const issues = authAnalysis?.issues || session.riskFactors || [];

      if (issues.length > 0) {
        report.summary.sessionsWithIssues++;
        report.summary.totalIssues += issues.length;

        issues.forEach(issue => {
          switch(issue.severity) {
            case 'CRITICAL': report.summary.criticalIssues++; break;
            case 'HIGH': report.summary.highIssues++; break;
            case 'MEDIUM': report.summary.mediumIssues++; break;
            case 'LOW': report.summary.lowIssues++; break;
          }
        });

        report.findings.push({
          url: session.url,
          timestamp: session.timestamp,
          protocol: authAnalysis?.protocol || session.authType,
          riskScore: authAnalysis?.riskScore || session.riskScore,
          issues: issues
        });
      }
    });

    // Add recommendations based on findings
    if (report.summary.criticalIssues > 0) {
      report.recommendations.push('Immediately address all CRITICAL security issues');
    }
    if (report.summary.highIssues > 0) {
      report.recommendations.push('Review and fix HIGH severity security issues');
    }

    // Create downloadable file
    const blob = new Blob([JSON.stringify(report, null, 2)], { type: 'application/json' });
    const url = URL.createObjectURL(blob);

    const a = document.createElement('a');
    a.href = url;
    const now = new Date();
    const date = now.toISOString().slice(2, 10); // YY-MM-DD format
    const time = now.toISOString().slice(11, 19).replace(/:/g, '-'); // HH-MM-SS format
    a.download = `${date}_${time}_hera-security-report.json`;
    document.body.appendChild(a);
    a.click();
    document.body.removeChild(a);
    URL.revokeObjectURL(url);

    console.log('Security report exported to Downloads folder');
  });
}

// Function to export all data to file
function exportHeraData() {
  chrome.storage.local.get(null, (allData) => {
    const exportData = {
      exportDate: new Date().toISOString(),
      version: '1.0.0',
      data: allData,
      summary: {
        totalSessions: allData.heraSessions?.length || 0,
        pendingSync: allData.syncQueue?.length || 0,
        configurationStatus: allData.heraConfig ? 'Configured' : 'Default'
      }
    };

    // Create downloadable file
    const blob = new Blob([JSON.stringify(exportData, null, 2)], { type: 'application/json' });
    const url = URL.createObjectURL(blob);

    const a = document.createElement('a');
    a.href = url;
    const now = new Date();
    const date = now.toISOString().slice(2, 10); // YY-MM-DD format
    const time = now.toISOString().slice(11, 19).replace(/:/g, '-'); // HH-MM-SS format
    a.download = `${date}_${time}_hera-complete-data.json`;
    document.body.appendChild(a);
    a.click();
    document.body.removeChild(a);
    URL.revokeObjectURL(url);

    console.log('💾 Data exported to Downloads folder');
  });
}

// Function to get specific domain data with security analysis
function getDomainData(domain) {
  chrome.storage.local.get(['heraSessions'], (result) => {
    const sessions = result.heraSessions || [];
    const domainSessions = sessions.filter(session => {
      try {
        return new URL(session.url).hostname === domain;
      } catch (e) {
        return false;
      }
    });

    console.log(`Data for ${domain}:`);
    console.log(`  • Total Events: ${domainSessions.length}`);

    if (domainSessions.length > 0) {
      const protocols = [...new Set(domainSessions.map(s => s.metadata?.authAnalysis?.protocol || s.authType))];
      const riskScores = domainSessions.map(s => s.metadata?.authAnalysis?.riskScore || s.riskScore).filter(s => s);
      const allIssues = domainSessions.flatMap(s => s.metadata?.authAnalysis?.issues || s.riskFactors || []);

      console.log(`  • Authentication Protocols:`, protocols);
      console.log(`  • Risk Scores:`, riskScores);
      console.log(`  • Total Security Issues: ${allIssues.length}`);

      if (allIssues.length > 0) {
        const criticalIssues = allIssues.filter(i => i.severity === 'CRITICAL');
        const highIssues = allIssues.filter(i => i.severity === 'HIGH');

        console.log(`  • Critical Issues: ${criticalIssues.length} 🔴`);
        console.log(`  • High Issues: ${highIssues.length} 🟠`);

        if (criticalIssues.length > 0) {
          console.log(`  • Critical Issue Types:`, [...new Set(criticalIssues.map(i => i.type))]);
        }
      }

      console.log(`  • Recent Events:`, domainSessions.slice(-3));
    }
  });
}

// Function to get storage usage
function getStorageUsage() {
  chrome.storage.local.getBytesInUse(null, (bytesInUse) => {
    const maxBytes = chrome.storage.local.QUOTA_BYTES;
    const usagePercent = (bytesInUse / maxBytes * 100).toFixed(2);

    console.log(` Storage Usage:`);
    console.log(`  • Used: ${(bytesInUse / 1024).toFixed(1)} KB`);
    console.log(`  • Available: ${(maxBytes / 1024 / 1024).toFixed(1)} MB`);
    console.log(`  • Usage: ${usagePercent}%`);

    if (usagePercent > 80) {
      console.log(`  Warning: Storage is ${usagePercent}% full. Consider running cleanupOldData()`);
    }
  });
}

// Function to clean up old data (keep last N sessions)
function cleanupOldData(keepLast = 500) {
  chrome.storage.local.get(['heraSessions'], (result) => {
    const sessions = result.heraSessions || [];

    if (sessions.length > keepLast) {
      const trimmedSessions = sessions.slice(-keepLast);

      chrome.storage.local.set({ heraSessions: trimmedSessions }, () => {
        console.log(`🧹 Cleaned up old data. Kept ${keepLast} most recent sessions.`);
        console.log(`   Removed ${sessions.length - keepLast} old sessions.`);
      });
    } else {
      console.log(`No cleanup needed. Only ${sessions.length} sessions stored.`);
    }
  });
}

// Auto-run basic info
console.log('\n📋 Available Commands:');
console.log('  • getHeraData() - View all stored data with security analysis');
console.log('  • analyzeSecurityFindings() - Comprehensive security analysis report');
console.log('  • exportSecurityReport() - Export detailed security findings');
console.log('  • exportHeraData() - Export all data to file');
console.log('  • getDomainData("example.com") - Get security data for specific domain');
console.log('  • cleanupOldData(500) - Keep only last 500 sessions');
console.log('  • getStorageUsage() - Check storage usage');

console.log('\n🚀 Running basic check...');
getStorageUsage();
getHeraData();