initial commit

Signed-off-by: ale <ale@manalejandro.com>
2025-11-16 17:20:37 +01:00
commit 9bf87efb79
--- a/TABLE_OF_CONTENTS.md
+++ b/TABLE_OF_CONTENTS.md
@@ -0,0 +1,208 @@
+# ActivityPub Security PoC - Table of Contents
+
+## 📖 Documentation Index
+
+### Getting Started
+
+1. **[README.md](README.md)** - Project overview, features, and installation
+2. **[QUICKSTART.md](QUICKSTART.md)** - Quick reference for common commands
+3. **[PROJECT_SUMMARY.md](PROJECT_SUMMARY.md)** - Complete project summary and capabilities
+
+### Detailed Guides
+
+4. **[examples/USAGE.md](examples/USAGE.md)** - Comprehensive usage examples and workflows
+5. **[docs/SECURITY_TESTING.md](docs/SECURITY_TESTING.md)** - Security testing methodology and best practices
+6. **[docs/ARCHITECTURE.md](docs/ARCHITECTURE.md)** - Technical architecture and design
+
+## 📁 Source Code
+
+### Main Components
+
+- **[src/cli.js](src/cli.js)** - Command-line interface
+- **[src/activitypub-client.js](src/activitypub-client.js)** - ActivityPub HTTP client
+- **[src/security-tester.js](src/security-tester.js)** - Security testing module
+- **[src/mock-server.js](src/mock-server.js)** - Mock ActivityPub server
+
+## 🧪 Examples & Tests
+
+### Sample Payloads
+
+- **[examples/create-note.json](examples/create-note.json)** - Basic Create activity
+- **[examples/follow.json](examples/follow.json)** - Follow activity
+- **[examples/xss-payload.json](examples/xss-payload.json)** - XSS test vectors
+- **[examples/ssrf-payload.json](examples/ssrf-payload.json)** - SSRF test vectors
+
+### Test Scripts
+
+- **[test.sh](test.sh)** - Automated test suite
+
+## 🎯 Quick Navigation
+
+### I want to...
+
+#### Learn about the project
+→ Start with [README.md](README.md)  
+→ Read [PROJECT_SUMMARY.md](PROJECT_SUMMARY.md) for complete overview
+
+#### Get started quickly
+→ Follow [QUICKSTART.md](QUICKSTART.md)  
+→ Run `./test.sh` to see it in action
+
+#### Understand how to use it
+→ Read [examples/USAGE.md](examples/USAGE.md)  
+→ Try the example commands
+
+#### Learn security testing
+→ Read [docs/SECURITY_TESTING.md](docs/SECURITY_TESTING.md)  
+→ Review the test payloads in `examples/`
+
+#### Understand the code
+→ Read [docs/ARCHITECTURE.md](docs/ARCHITECTURE.md)  
+→ Review source code in `src/`
+
+#### Extend the toolkit
+→ Read extension points in [docs/ARCHITECTURE.md](docs/ARCHITECTURE.md)  
+→ Look at existing implementations in `src/`
+
+## 📋 Common Tasks
+
+### Installation
+```bash
+cd activitypub-security-poc
+npm install
+```
+See: [README.md](README.md#installation)
+
+### Run Mock Server
+```bash
+npm run mock-server
+```
+See: [QUICKSTART.md](QUICKSTART.md#start-mock-server)
+
+### Run Security Scan
+```bash
+node src/cli.js security-scan --target http://localhost:3000/users/alice/inbox
+```
+See: [examples/USAGE.md](examples/USAGE.md#run-security-scans)
+
+### Test Inbox
+```bash
+node src/cli.js test-inbox --target URL --content "message"
+```
+See: [QUICKSTART.md](QUICKSTART.md#test-inbox)
+
+### Craft Activity
+```bash
+node src/cli.js craft --type Create --object Note --content "text"
+```
+See: [examples/USAGE.md](examples/USAGE.md#craft-custom-activities)
+
+## 🔍 Find Information About...
+
+### ActivityPub Protocol
+- [docs/ARCHITECTURE.md](docs/ARCHITECTURE.md) - Protocol implementation
+- [src/activitypub-client.js](src/activitypub-client.js) - Client code
+- [src/mock-server.js](src/mock-server.js) - Server implementation
+
+### Security Testing
+- [docs/SECURITY_TESTING.md](docs/SECURITY_TESTING.md) - Methodology
+- [src/security-tester.js](src/security-tester.js) - Test implementation
+- [examples/*.json](examples/) - Test payloads
+
+### Command-Line Usage
+- [QUICKSTART.md](QUICKSTART.md) - Quick reference
+- [examples/USAGE.md](examples/USAGE.md) - Detailed examples
+- [src/cli.js](src/cli.js) - CLI implementation
+
+### Mock Server
+- [src/mock-server.js](src/mock-server.js) - Server code
+- [examples/USAGE.md](examples/USAGE.md#testing-workflow) - Usage guide
+- Run `node src/cli.js mock-server --help`
+
+## 📚 Documentation by Audience
+
+### For Security Testers
+1. [docs/SECURITY_TESTING.md](docs/SECURITY_TESTING.md) - Testing methodology
+2. [examples/USAGE.md](examples/USAGE.md) - Practical examples
+3. [QUICKSTART.md](QUICKSTART.md) - Command reference
+
+### For Developers
+1. [docs/ARCHITECTURE.md](docs/ARCHITECTURE.md) - Code architecture
+2. [src/](src/) - Source code
+3. [README.md](README.md) - Setup and usage
+
+### For Learners
+1. [README.md](README.md) - Overview
+2. [PROJECT_SUMMARY.md](PROJECT_SUMMARY.md) - What it does
+3. [examples/USAGE.md](examples/USAGE.md) - How to use it
+4. [docs/SECURITY_TESTING.md](docs/SECURITY_TESTING.md) - Security concepts
+
+## 🗂️ Complete File Structure
+
+```
+activitypub-security-poc/
+├── README.md                          # Project overview
+├── QUICKSTART.md                      # Quick reference
+├── PROJECT_SUMMARY.md                 # Complete summary
+├── TABLE_OF_CONTENTS.md              # This file
+├── package.json                       # Dependencies
+├── .gitignore                         # Git ignore rules
+├── test.sh                            # Test script
+│
+├── src/                               # Source code
+│   ├── cli.js                         # CLI interface
+│   ├── activitypub-client.js          # AP client
+│   ├── security-tester.js             # Security tests
+│   └── mock-server.js                 # Mock server
+│
+├── docs/                              # Documentation
+│   ├── ARCHITECTURE.md                # Technical docs
+│   └── SECURITY_TESTING.md            # Testing guide
+│
+└── examples/                          # Examples & payloads
+    ├── USAGE.md                       # Usage guide
+    ├── create-note.json               # Sample Create
+    ├── follow.json                    # Sample Follow
+    ├── xss-payload.json               # XSS tests
+    └── ssrf-payload.json              # SSRF tests
+```
+
+## 🚀 Getting Started Path
+
+**Complete Beginner:**
+1. Read [README.md](README.md)
+2. Run `npm install`
+3. Run `./test.sh`
+4. Read [QUICKSTART.md](QUICKSTART.md)
+5. Experiment with commands
+
+**Security Tester:**
+1. Read [README.md](README.md)
+2. Read [docs/SECURITY_TESTING.md](docs/SECURITY_TESTING.md)
+3. Review [examples/USAGE.md](examples/USAGE.md)
+4. Start testing with mock server
+
+**Developer:**
+1. Read [README.md](README.md)
+2. Read [docs/ARCHITECTURE.md](docs/ARCHITECTURE.md)
+3. Review source code in [src/](src/)
+4. Extend as needed
+
+## 💡 Tips
+
+- Use `--help` with any command for detailed options
+- Start with mock server before testing real instances
+- Always get permission before testing third-party systems
+- Check the example payloads for testing ideas
+- Review mock server logs to see what it detects
+
+## 📞 Support
+
+- **Questions about usage?** → [examples/USAGE.md](examples/USAGE.md)
+- **Security testing questions?** → [docs/SECURITY_TESTING.md](docs/SECURITY_TESTING.md)
+- **Code questions?** → [docs/ARCHITECTURE.md](docs/ARCHITECTURE.md)
+- **Quick help?** → [QUICKSTART.md](QUICKSTART.md)
+
+---
+
+**Happy Testing! 🛡️**