209 líneas
6.8 KiB
Markdown
209 líneas
6.8 KiB
Markdown
# ActivityPub Security PoC - Table of Contents
|
|
|
|
## 📖 Documentation Index
|
|
|
|
### Getting Started
|
|
|
|
1. **[README.md](README.md)** - Project overview, features, and installation
|
|
2. **[QUICKSTART.md](QUICKSTART.md)** - Quick reference for common commands
|
|
3. **[PROJECT_SUMMARY.md](PROJECT_SUMMARY.md)** - Complete project summary and capabilities
|
|
|
|
### Detailed Guides
|
|
|
|
4. **[examples/USAGE.md](examples/USAGE.md)** - Comprehensive usage examples and workflows
|
|
5. **[docs/SECURITY_TESTING.md](docs/SECURITY_TESTING.md)** - Security testing methodology and best practices
|
|
6. **[docs/ARCHITECTURE.md](docs/ARCHITECTURE.md)** - Technical architecture and design
|
|
|
|
## 📁 Source Code
|
|
|
|
### Main Components
|
|
|
|
- **[src/cli.js](src/cli.js)** - Command-line interface
|
|
- **[src/activitypub-client.js](src/activitypub-client.js)** - ActivityPub HTTP client
|
|
- **[src/security-tester.js](src/security-tester.js)** - Security testing module
|
|
- **[src/mock-server.js](src/mock-server.js)** - Mock ActivityPub server
|
|
|
|
## 🧪 Examples & Tests
|
|
|
|
### Sample Payloads
|
|
|
|
- **[examples/create-note.json](examples/create-note.json)** - Basic Create activity
|
|
- **[examples/follow.json](examples/follow.json)** - Follow activity
|
|
- **[examples/xss-payload.json](examples/xss-payload.json)** - XSS test vectors
|
|
- **[examples/ssrf-payload.json](examples/ssrf-payload.json)** - SSRF test vectors
|
|
|
|
### Test Scripts
|
|
|
|
- **[test.sh](test.sh)** - Automated test suite
|
|
|
|
## 🎯 Quick Navigation
|
|
|
|
### I want to...
|
|
|
|
#### Learn about the project
|
|
→ Start with [README.md](README.md)
|
|
→ Read [PROJECT_SUMMARY.md](PROJECT_SUMMARY.md) for complete overview
|
|
|
|
#### Get started quickly
|
|
→ Follow [QUICKSTART.md](QUICKSTART.md)
|
|
→ Run `./test.sh` to see it in action
|
|
|
|
#### Understand how to use it
|
|
→ Read [examples/USAGE.md](examples/USAGE.md)
|
|
→ Try the example commands
|
|
|
|
#### Learn security testing
|
|
→ Read [docs/SECURITY_TESTING.md](docs/SECURITY_TESTING.md)
|
|
→ Review the test payloads in `examples/`
|
|
|
|
#### Understand the code
|
|
→ Read [docs/ARCHITECTURE.md](docs/ARCHITECTURE.md)
|
|
→ Review source code in `src/`
|
|
|
|
#### Extend the toolkit
|
|
→ Read extension points in [docs/ARCHITECTURE.md](docs/ARCHITECTURE.md)
|
|
→ Look at existing implementations in `src/`
|
|
|
|
## 📋 Common Tasks
|
|
|
|
### Installation
|
|
```bash
|
|
cd activitypub-security-poc
|
|
npm install
|
|
```
|
|
See: [README.md](README.md#installation)
|
|
|
|
### Run Mock Server
|
|
```bash
|
|
npm run mock-server
|
|
```
|
|
See: [QUICKSTART.md](QUICKSTART.md#start-mock-server)
|
|
|
|
### Run Security Scan
|
|
```bash
|
|
node src/cli.js security-scan --target http://localhost:3000/users/alice/inbox
|
|
```
|
|
See: [examples/USAGE.md](examples/USAGE.md#run-security-scans)
|
|
|
|
### Test Inbox
|
|
```bash
|
|
node src/cli.js test-inbox --target URL --content "message"
|
|
```
|
|
See: [QUICKSTART.md](QUICKSTART.md#test-inbox)
|
|
|
|
### Craft Activity
|
|
```bash
|
|
node src/cli.js craft --type Create --object Note --content "text"
|
|
```
|
|
See: [examples/USAGE.md](examples/USAGE.md#craft-custom-activities)
|
|
|
|
## 🔍 Find Information About...
|
|
|
|
### ActivityPub Protocol
|
|
- [docs/ARCHITECTURE.md](docs/ARCHITECTURE.md) - Protocol implementation
|
|
- [src/activitypub-client.js](src/activitypub-client.js) - Client code
|
|
- [src/mock-server.js](src/mock-server.js) - Server implementation
|
|
|
|
### Security Testing
|
|
- [docs/SECURITY_TESTING.md](docs/SECURITY_TESTING.md) - Methodology
|
|
- [src/security-tester.js](src/security-tester.js) - Test implementation
|
|
- [examples/*.json](examples/) - Test payloads
|
|
|
|
### Command-Line Usage
|
|
- [QUICKSTART.md](QUICKSTART.md) - Quick reference
|
|
- [examples/USAGE.md](examples/USAGE.md) - Detailed examples
|
|
- [src/cli.js](src/cli.js) - CLI implementation
|
|
|
|
### Mock Server
|
|
- [src/mock-server.js](src/mock-server.js) - Server code
|
|
- [examples/USAGE.md](examples/USAGE.md#testing-workflow) - Usage guide
|
|
- Run `node src/cli.js mock-server --help`
|
|
|
|
## 📚 Documentation by Audience
|
|
|
|
### For Security Testers
|
|
1. [docs/SECURITY_TESTING.md](docs/SECURITY_TESTING.md) - Testing methodology
|
|
2. [examples/USAGE.md](examples/USAGE.md) - Practical examples
|
|
3. [QUICKSTART.md](QUICKSTART.md) - Command reference
|
|
|
|
### For Developers
|
|
1. [docs/ARCHITECTURE.md](docs/ARCHITECTURE.md) - Code architecture
|
|
2. [src/](src/) - Source code
|
|
3. [README.md](README.md) - Setup and usage
|
|
|
|
### For Learners
|
|
1. [README.md](README.md) - Overview
|
|
2. [PROJECT_SUMMARY.md](PROJECT_SUMMARY.md) - What it does
|
|
3. [examples/USAGE.md](examples/USAGE.md) - How to use it
|
|
4. [docs/SECURITY_TESTING.md](docs/SECURITY_TESTING.md) - Security concepts
|
|
|
|
## 🗂️ Complete File Structure
|
|
|
|
```
|
|
activitypub-security-poc/
|
|
├── README.md # Project overview
|
|
├── QUICKSTART.md # Quick reference
|
|
├── PROJECT_SUMMARY.md # Complete summary
|
|
├── TABLE_OF_CONTENTS.md # This file
|
|
├── package.json # Dependencies
|
|
├── .gitignore # Git ignore rules
|
|
├── test.sh # Test script
|
|
│
|
|
├── src/ # Source code
|
|
│ ├── cli.js # CLI interface
|
|
│ ├── activitypub-client.js # AP client
|
|
│ ├── security-tester.js # Security tests
|
|
│ └── mock-server.js # Mock server
|
|
│
|
|
├── docs/ # Documentation
|
|
│ ├── ARCHITECTURE.md # Technical docs
|
|
│ └── SECURITY_TESTING.md # Testing guide
|
|
│
|
|
└── examples/ # Examples & payloads
|
|
├── USAGE.md # Usage guide
|
|
├── create-note.json # Sample Create
|
|
├── follow.json # Sample Follow
|
|
├── xss-payload.json # XSS tests
|
|
└── ssrf-payload.json # SSRF tests
|
|
```
|
|
|
|
## 🚀 Getting Started Path
|
|
|
|
**Complete Beginner:**
|
|
1. Read [README.md](README.md)
|
|
2. Run `npm install`
|
|
3. Run `./test.sh`
|
|
4. Read [QUICKSTART.md](QUICKSTART.md)
|
|
5. Experiment with commands
|
|
|
|
**Security Tester:**
|
|
1. Read [README.md](README.md)
|
|
2. Read [docs/SECURITY_TESTING.md](docs/SECURITY_TESTING.md)
|
|
3. Review [examples/USAGE.md](examples/USAGE.md)
|
|
4. Start testing with mock server
|
|
|
|
**Developer:**
|
|
1. Read [README.md](README.md)
|
|
2. Read [docs/ARCHITECTURE.md](docs/ARCHITECTURE.md)
|
|
3. Review source code in [src/](src/)
|
|
4. Extend as needed
|
|
|
|
## 💡 Tips
|
|
|
|
- Use `--help` with any command for detailed options
|
|
- Start with mock server before testing real instances
|
|
- Always get permission before testing third-party systems
|
|
- Check the example payloads for testing ideas
|
|
- Review mock server logs to see what it detects
|
|
|
|
## 📞 Support
|
|
|
|
- **Questions about usage?** → [examples/USAGE.md](examples/USAGE.md)
|
|
- **Security testing questions?** → [docs/SECURITY_TESTING.md](docs/SECURITY_TESTING.md)
|
|
- **Code questions?** → [docs/ARCHITECTURE.md](docs/ARCHITECTURE.md)
|
|
- **Quick help?** → [QUICKSTART.md](QUICKSTART.md)
|
|
|
|
---
|
|
|
|
**Happy Testing! 🛡️**
|