activitypub-security-poc/TABLE_OF_CONTENTS.md

ActivityPub Security PoC - Table of Contents

📖 Documentation Index

Getting Started

1. README.md - Project overview, features, and installation
2. QUICKSTART.md - Quick reference for common commands
3. PROJECT_SUMMARY.md - Complete project summary and capabilities

Detailed Guides

4. examples/USAGE.md - Comprehensive usage examples and workflows
5. docs/SECURITY_TESTING.md - Security testing methodology and best practices
6. docs/ARCHITECTURE.md - Technical architecture and design

📁 Source Code

Main Components

• src/cli.js - Command-line interface
• src/activitypub-client.js - ActivityPub HTTP client
• src/security-tester.js - Security testing module
• src/mock-server.js - Mock ActivityPub server

🧪 Examples & Tests

Sample Payloads

• examples/create-note.json - Basic Create activity
• examples/follow.json - Follow activity
• examples/xss-payload.json - XSS test vectors
• examples/ssrf-payload.json - SSRF test vectors

Test Scripts

• test.sh - Automated test suite

🎯 Quick Navigation

I want to...

Learn about the project

→ Start with README.md
→ Read PROJECT_SUMMARY.md for complete overview

Get started quickly

→ Follow QUICKSTART.md
→ Run ./test.sh to see it in action

Understand how to use it

→ Read examples/USAGE.md
→ Try the example commands

Learn security testing

→ Read docs/SECURITY_TESTING.md
→ Review the test payloads in examples/

Understand the code

→ Read docs/ARCHITECTURE.md
→ Review source code in src/

Extend the toolkit

→ Read extension points in docs/ARCHITECTURE.md
→ Look at existing implementations in src/

📋 Common Tasks

Installation

cd activitypub-security-poc
npm install

See: README.md

Run Mock Server

npm run mock-server

See: QUICKSTART.md

Run Security Scan

node src/cli.js security-scan --target http://localhost:3000/users/alice/inbox

See: examples/USAGE.md

Test Inbox

node src/cli.js test-inbox --target URL --content "message"

See: QUICKSTART.md

Craft Activity

node src/cli.js craft --type Create --object Note --content "text"

See: examples/USAGE.md

🔍 Find Information About...

ActivityPub Protocol

• docs/ARCHITECTURE.md - Protocol implementation
• src/activitypub-client.js - Client code
• src/mock-server.js - Server implementation

Security Testing

• docs/SECURITY_TESTING.md - Methodology
• src/security-tester.js - Test implementation
• examples/*.json - Test payloads

Command-Line Usage

• QUICKSTART.md - Quick reference
• examples/USAGE.md - Detailed examples
• src/cli.js - CLI implementation

Mock Server

• src/mock-server.js - Server code
• examples/USAGE.md - Usage guide
• Run node src/cli.js mock-server --help

📚 Documentation by Audience

For Security Testers

1. docs/SECURITY_TESTING.md - Testing methodology
2. examples/USAGE.md - Practical examples
3. QUICKSTART.md - Command reference

For Developers

1. docs/ARCHITECTURE.md - Code architecture
2. src/ - Source code
3. README.md - Setup and usage

For Learners

1. README.md - Overview
2. PROJECT_SUMMARY.md - What it does
3. examples/USAGE.md - How to use it
4. docs/SECURITY_TESTING.md - Security concepts

🗂️ Complete File Structure

activitypub-security-poc/
├── README.md                          # Project overview
├── QUICKSTART.md                      # Quick reference
├── PROJECT_SUMMARY.md                 # Complete summary
├── TABLE_OF_CONTENTS.md              # This file
├── package.json                       # Dependencies
├── .gitignore                         # Git ignore rules
├── test.sh                            # Test script
│
├── src/                               # Source code
│   ├── cli.js                         # CLI interface
│   ├── activitypub-client.js          # AP client
│   ├── security-tester.js             # Security tests
│   └── mock-server.js                 # Mock server
│
├── docs/                              # Documentation
│   ├── ARCHITECTURE.md                # Technical docs
│   └── SECURITY_TESTING.md            # Testing guide
│
└── examples/                          # Examples & payloads
    ├── USAGE.md                       # Usage guide
    ├── create-note.json               # Sample Create
    ├── follow.json                    # Sample Follow
    ├── xss-payload.json               # XSS tests
    └── ssrf-payload.json              # SSRF tests

🚀 Getting Started Path

Complete Beginner:

1. Read README.md
2. Run npm install
3. Run ./test.sh
4. Read QUICKSTART.md
5. Experiment with commands

Security Tester:

1. Read README.md
2. Read docs/SECURITY_TESTING.md
3. Review examples/USAGE.md
4. Start testing with mock server

Developer:

1. Read README.md
2. Read docs/ARCHITECTURE.md
3. Review source code in src/
4. Extend as needed

💡 Tips

• Use --help with any command for detailed options
• Start with mock server before testing real instances
• Always get permission before testing third-party systems
• Check the example payloads for testing ideas
• Review mock server logs to see what it detects

📞 Support

• Questions about usage? → examples/USAGE.md
• Security testing questions? → docs/SECURITY_TESTING.md
• Code questions? → docs/ARCHITECTURE.md
• Quick help? → QUICKSTART.md

---

Happy Testing! 🛡️