copper-tone-tech/mev-beta
1
0
Fork 0
Code Issues Pull Requests 7 Actions Packages Projects Releases Wiki Activity
Files
8cba4620243b9a661d53e654fa8370aed51b24ff
mev-beta/tools/security-audit/main.go
Krypto Kajun 850223a953 fix(multicall): resolve critical multicall parsing corruption issues 
- Added comprehensive bounds checking to prevent buffer overruns in multicall parsing
- Implemented graduated validation system (Strict/Moderate/Permissive) to reduce false positives
- Added LRU caching system for address validation with 10-minute TTL
- Enhanced ABI decoder with missing Universal Router and Arbitrum-specific DEX signatures
- Fixed duplicate function declarations and import conflicts across multiple files
- Added error recovery mechanisms with multiple fallback strategies
- Updated tests to handle new validation behavior for suspicious addresses
- Fixed parser test expectations for improved validation system
- Applied gofmt formatting fixes to ensure code style compliance
- Fixed mutex copying issues in monitoring package by introducing MetricsSnapshot
- Resolved critical security vulnerabilities in heuristic address extraction
- Progress: Updated TODO audit from 10% to 35% complete

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-10-17 00:12:55 -05:00

68 lines
2.3 KiB
Go
Raw Blame History

package main
import (
"context"
"flag"
"fmt"
"log"
"os"
"time"
"github.com/fraktal/mev-beta/tools/security-audit/internal"
)
func main() {
var (
scanType = flag.String("scan", "all", "Scan type: code, dependencies, secrets, permissions, network, all")
outputDir = flag.String("output", "reports/security", "Output directory")
verbose = flag.Bool("verbose", false, "Enable verbose output")
deepScan = flag.Bool("deep", false, "Perform deep security analysis")
includeTests = flag.Bool("include-tests", false, "Include test files in security scan")
riskThreshold = flag.String("risk-threshold", "medium", "Risk threshold: low, medium, high, critical")
reportFormat = flag.String("format", "json", "Report format: json, sarif, txt")
timeout = flag.Duration("timeout", 10*time.Minute, "Timeout for security operations")
baseline = flag.String("baseline", "", "Baseline security report for comparison")
remediationMode = flag.Bool("remediation", false, "Include remediation suggestions")
complianceCheck = flag.Bool("compliance", false, "Include compliance checks")
)
flag.Parse()
// Create output directory
if err := os.MkdirAll(*outputDir, 0755); err != nil {
log.Fatalf("Failed to create output directory: %v", err)
}
// Initialize security auditor
auditor, err := internal.NewSecurityAuditor(&internal.SecurityAuditConfig{
ScanType: *scanType,
OutputDir: *outputDir,
Verbose: *verbose,
DeepScan: *deepScan,
IncludeTests: *includeTests,
RiskThreshold: *riskThreshold,
ReportFormat: *reportFormat,
Timeout: *timeout,
Baseline: *baseline,
RemediationMode: *remediationMode,
ComplianceCheck: *complianceCheck,
})
if err != nil {
log.Fatalf("Failed to initialize security auditor: %v", err)
}
ctx := context.Background()
ctx, cancel := context.WithTimeout(ctx, *timeout)
defer cancel()
fmt.Printf("Starting security audit: %s scan...\n", *scanType)
if err := auditor.RunSecurityAudit(ctx); err != nil {
log.Fatalf("Security audit failed: %v", err)
}
if err := auditor.GenerateReport(); err != nil {
log.Fatalf("Report generation failed: %v", err)
}
fmt.Printf("Security audit complete. Reports saved to: %s\n", *outputDir)
}
Reference in New Issue View Git Blame Copy Permalink