# ActivityPub Security PoC - Table of Contents

## 📖 Documentation Index

### Getting Started

1. **[README.md](README.md)** - Project overview, features, and installation
2. **[QUICKSTART.md](QUICKSTART.md)** - Quick reference for common commands
3. **[PROJECT_SUMMARY.md](PROJECT_SUMMARY.md)** - Complete project summary and capabilities

### Detailed Guides

4. **[examples/USAGE.md](examples/USAGE.md)** - Comprehensive usage examples and workflows
5. **[docs/SECURITY_TESTING.md](docs/SECURITY_TESTING.md)** - Security testing methodology and best practices
6. **[docs/ARCHITECTURE.md](docs/ARCHITECTURE.md)** - Technical architecture and design

## 📁 Source Code

### Main Components

- **[src/cli.js](src/cli.js)** - Command-line interface
- **[src/activitypub-client.js](src/activitypub-client.js)** - ActivityPub HTTP client
- **[src/security-tester.js](src/security-tester.js)** - Security testing module
- **[src/mock-server.js](src/mock-server.js)** - Mock ActivityPub server

## 🧪 Examples & Tests

### Sample Payloads

- **[examples/create-note.json](examples/create-note.json)** - Basic Create activity
- **[examples/follow.json](examples/follow.json)** - Follow activity
- **[examples/xss-payload.json](examples/xss-payload.json)** - XSS test vectors
- **[examples/ssrf-payload.json](examples/ssrf-payload.json)** - SSRF test vectors

### Test Scripts

- **[test.sh](test.sh)** - Automated test suite

## 🎯 Quick Navigation

### I want to...

#### Learn about the project
→ Start with [README.md](README.md)  
→ Read [PROJECT_SUMMARY.md](PROJECT_SUMMARY.md) for complete overview

#### Get started quickly
→ Follow [QUICKSTART.md](QUICKSTART.md)  
→ Run `./test.sh` to see it in action

#### Understand how to use it
→ Read [examples/USAGE.md](examples/USAGE.md)  
→ Try the example commands

#### Learn security testing
→ Read [docs/SECURITY_TESTING.md](docs/SECURITY_TESTING.md)  
→ Review the test payloads in `examples/`

#### Understand the code
→ Read [docs/ARCHITECTURE.md](docs/ARCHITECTURE.md)  
→ Review source code in `src/`

#### Extend the toolkit
→ Read extension points in [docs/ARCHITECTURE.md](docs/ARCHITECTURE.md)  
→ Look at existing implementations in `src/`

## 📋 Common Tasks

### Installation
```bash
cd activitypub-security-poc
npm install
```
See: [README.md](README.md#installation)

### Run Mock Server
```bash
npm run mock-server
```
See: [QUICKSTART.md](QUICKSTART.md#start-mock-server)

### Run Security Scan
```bash
node src/cli.js security-scan --target http://localhost:3000/users/alice/inbox
```
See: [examples/USAGE.md](examples/USAGE.md#run-security-scans)

### Test Inbox
```bash
node src/cli.js test-inbox --target URL --content "message"
```
See: [QUICKSTART.md](QUICKSTART.md#test-inbox)

### Craft Activity
```bash
node src/cli.js craft --type Create --object Note --content "text"
```
See: [examples/USAGE.md](examples/USAGE.md#craft-custom-activities)

## 🔍 Find Information About...

### ActivityPub Protocol
- [docs/ARCHITECTURE.md](docs/ARCHITECTURE.md) - Protocol implementation
- [src/activitypub-client.js](src/activitypub-client.js) - Client code
- [src/mock-server.js](src/mock-server.js) - Server implementation

### Security Testing
- [docs/SECURITY_TESTING.md](docs/SECURITY_TESTING.md) - Methodology
- [src/security-tester.js](src/security-tester.js) - Test implementation
- [examples/*.json](examples/) - Test payloads

### Command-Line Usage
- [QUICKSTART.md](QUICKSTART.md) - Quick reference
- [examples/USAGE.md](examples/USAGE.md) - Detailed examples
- [src/cli.js](src/cli.js) - CLI implementation

### Mock Server
- [src/mock-server.js](src/mock-server.js) - Server code
- [examples/USAGE.md](examples/USAGE.md#testing-workflow) - Usage guide
- Run `node src/cli.js mock-server --help`

## 📚 Documentation by Audience

### For Security Testers
1. [docs/SECURITY_TESTING.md](docs/SECURITY_TESTING.md) - Testing methodology
2. [examples/USAGE.md](examples/USAGE.md) - Practical examples
3. [QUICKSTART.md](QUICKSTART.md) - Command reference

### For Developers
1. [docs/ARCHITECTURE.md](docs/ARCHITECTURE.md) - Code architecture
2. [src/](src/) - Source code
3. [README.md](README.md) - Setup and usage

### For Learners
1. [README.md](README.md) - Overview
2. [PROJECT_SUMMARY.md](PROJECT_SUMMARY.md) - What it does
3. [examples/USAGE.md](examples/USAGE.md) - How to use it
4. [docs/SECURITY_TESTING.md](docs/SECURITY_TESTING.md) - Security concepts

## 🗂️ Complete File Structure

```
activitypub-security-poc/
├── README.md                          # Project overview
├── QUICKSTART.md                      # Quick reference
├── PROJECT_SUMMARY.md                 # Complete summary
├── TABLE_OF_CONTENTS.md              # This file
├── package.json                       # Dependencies
├── .gitignore                         # Git ignore rules
├── test.sh                            # Test script
│
├── src/                               # Source code
│   ├── cli.js                         # CLI interface
│   ├── activitypub-client.js          # AP client
│   ├── security-tester.js             # Security tests
│   └── mock-server.js                 # Mock server
│
├── docs/                              # Documentation
│   ├── ARCHITECTURE.md                # Technical docs
│   └── SECURITY_TESTING.md            # Testing guide
│
└── examples/                          # Examples & payloads
    ├── USAGE.md                       # Usage guide
    ├── create-note.json               # Sample Create
    ├── follow.json                    # Sample Follow
    ├── xss-payload.json               # XSS tests
    └── ssrf-payload.json              # SSRF tests
```

## 🚀 Getting Started Path

**Complete Beginner:**
1. Read [README.md](README.md)
2. Run `npm install`
3. Run `./test.sh`
4. Read [QUICKSTART.md](QUICKSTART.md)
5. Experiment with commands

**Security Tester:**
1. Read [README.md](README.md)
2. Read [docs/SECURITY_TESTING.md](docs/SECURITY_TESTING.md)
3. Review [examples/USAGE.md](examples/USAGE.md)
4. Start testing with mock server

**Developer:**
1. Read [README.md](README.md)
2. Read [docs/ARCHITECTURE.md](docs/ARCHITECTURE.md)
3. Review source code in [src/](src/)
4. Extend as needed

## 💡 Tips

- Use `--help` with any command for detailed options
- Start with mock server before testing real instances
- Always get permission before testing third-party systems
- Check the example payloads for testing ideas
- Review mock server logs to see what it detects

## 📞 Support

- **Questions about usage?** → [examples/USAGE.md](examples/USAGE.md)
- **Security testing questions?** → [docs/SECURITY_TESTING.md](docs/SECURITY_TESTING.md)
- **Code questions?** → [docs/ARCHITECTURE.md](docs/ARCHITECTURE.md)
- **Quick help?** → [QUICKSTART.md](QUICKSTART.md)

---

**Happy Testing! 🛡️**