### Install and Run REDACTS CLI Source: https://context7.com/the-adimension/redacts/llms.txt Instructions to clone the REDACTS repository, set up a virtual environment, install dependencies, and launch the interactive command-line interface for performing scans. The CLI guides users through target and reference selection, analysis, and report generation. ```bash # Clone and install git clone https://github.com/The-Adimension/REDACTS.git cd REDACTS python -m venv .venv source .venv/bin/activate # Linux/macOS pip install -r requirements.txt # Run interactive scan python -m REDACTS # The CLI will prompt for: # 1. Target REDCap files (path, ZIP, URL, or FTP) # 2. Reference REDCap package (clean download from REDCap Consortium) # 3. Execute full scan pipeline and generate reports # Output written to: output/scan_YYYYMMDD_HHMMSS/ ``` -------------------------------- ### Configure REDACTS via JSON Source: https://github.com/the-adimension/redacts/blob/main/USAGE.md Example configuration file structure for defining output directories, logging levels, analysis constraints, and forensic reporting formats. ```json { "output_dir": "/custom/output/path", "log_level": "DEBUG", "verbose": true, "analysis": { "max_file_size_mb": 100 }, "investigation": { "enable_external_tools": true, "external_tool_timeout": 180 }, "forensic_report": { "formats": ["html", "json", "markdown"] } } ``` -------------------------------- ### REDACTS Configuration Management Source: https://context7.com/the-adimension/redacts/llms.txt Demonstrates how to use the REDACTSConfig class to manage scanner settings. It covers loading configurations from defaults, files (JSON/YAML), environment variables, and programmatic overrides, with support for precedence rules. Includes examples of setting analysis parameters and validation. ```python from REDACTS.core import REDACTSConfig from pathlib import Path # Load with defaults config = REDACTSConfig() # Load from file config = REDACTSConfig.from_file(Path("redacts.config.json")) # Load from environment variables config = REDACTSConfig.from_env() # Load with precedence: file > env > defaults config = REDACTSConfig.load(workspace=Path("/path/to/project")) # Configure analysis settings config.analysis.max_file_size_mb = 100 config.analysis.parallel_workers = 8 config.sandbox.enabled = True config.dast.enabled = True config.investigation.enable_external_tools = True # Validate configuration config.validate() # Raises ValueError on invalid config # Serialize to dict config_dict = config.to_dict() ``` -------------------------------- ### GET /loaders/detect Source: https://context7.com/the-adimension/redacts/llms.txt Detects and initializes the appropriate loader for a given REDCap source path or URL. ```APIDOC ## GET /loaders/detect ### Description Determines the correct loader type (Zip, HTTP, FTP, Local) based on the source path provided. ### Method GET ### Endpoint /loaders/detect ### Parameters #### Query Parameters - **source** (string) - Required - The path or URL to the REDCap source. ### Request Example GET /loaders/detect?source=/path/to/redcap.zip ### Response #### Success Response (200) - **loader_type** (string) - The identified loader class name. ``` -------------------------------- ### Baseline Auditing with AuditPipeline Source: https://context7.com/the-adimension/redacts/llms.txt Illustrates the usage of the AuditPipeline class for performing a four-phase baseline-driven audit. This involves comparing a target REDCap installation against a clean reference package, generating reports in specified formats (HTML, JSON, Markdown), and handling progress reporting. ```python from REDACTS.audit.pipeline import AuditPipeline from REDACTS.core import REDACTSConfig config = REDACTSConfig() pipeline = AuditPipeline(config) # Run baseline audit result = pipeline.run( reference="/path/to/redcap_v15.7.4-clean.zip", target="/path/to/production-redcap/", output_dir="/audit/output", version="15.7.4", run_external_tools=True, formats=["html", "json", "markdown"], progress_callback=lambda stage, pct: print(f"{stage}: {pct:.0%}") ) ``` -------------------------------- ### Run Playwright DAST Tests Source: https://context7.com/the-adimension/redacts/llms.txt Executes Playwright-based dynamic security tests against a live REDCap instance. This involves navigating to the DAST directory, installing dependencies, starting the REDCap Docker stack, running tests (all or specific suites), and tearing down the stack. ```bash # Navigate to DAST directory cd dast # Install dependencies npm install # Start REDCap Docker stack docker compose -f docker-compose.dast.yml up -d # Run all test suites npx playwright test # Run specific suite npx playwright test tests/admin-access.spec.ts # Test suites: # - admin-access.spec.ts (10 tests) - Authentication boundaries # - crawlmaze-coverage.spec.ts (76 tests) - Coverage benchmark # - export-report.spec.ts (6 tests) - Data export security # - upgrade-flow.spec.ts (10 tests) - Upgrade integrity # Tear down docker compose -f docker-compose.dast.yml down -v ``` -------------------------------- ### REDACTS Security Rules Reference Source: https://context7.com/the-adimension/redacts/llms.txt Provides a reference for REDACTS security rules, categorizing them by type and severity (CRITICAL, HIGH, MEDIUM, LOW). It details the rule codes, their descriptions, common vulnerability types (e.g., SQL injection, XSS), and example rule match outputs with CWE information. ```python # Rule categories and severity levels: # SEC001-SEC004 (CRITICAL): SQL injection, eval, exec, hardcoded credentials # SEC010-SEC014 (HIGH): XSS, file inclusion, deserialization, weak crypto # SEC020-SEC023 (MEDIUM): Input validation, session fixation, error display # SEC030-SEC031 (LOW): Debug functions, information disclosure # SEC060-SEC069 (CRITICAL-HIGH): INFINITERED IoCs, debug tools # SEC070-SEC079 (CRITICAL-HIGH): REDCap changelog-disclosed CVEs # SEC080-SEC099 (CRITICAL-MEDIUM): Persistence, config tampering # Example rule match output: # [CRITICAL] SEC060: INFINITERED IoC: REDCAP-TOKEN string detected # File: Classes/Hooks.php:142 # CWE: CWE-506 # Recommendation: Known INFINITERED malware indicator - investigate immediately # [CRITICAL] SEC070: Cookie-based PHP deserialization RCE # File: Authentication.php:89 # CWE: CWE-502 ``` -------------------------------- ### Evidence Collection with EvidenceCollector Source: https://context7.com/the-adimension/redacts/llms.txt Shows how to use the EvidenceCollector class to create comprehensive evidence packages from various sources like ZIP files, directories, URLs, or FTP. It details collecting evidence, handling progress callbacks, and accessing collected data including file manifests, detected anomalies, and metadata. ```python from REDACTS.evidence.collector import EvidenceCollector from REDACTS.core import REDACTSConfig config = REDACTSConfig() collector = EvidenceCollector(config) # Collect evidence from various sources package = collector.collect( source="/path/to/redcap_v15.7.4-server.zip", # ZIP, directory, URL, or FTP output_dir="/evidence/output", label="Production REDCap - Site A", notes="Collected during incident response on 2026-03-04", progress_callback=lambda step, total, msg: print(f"[{step}/{total}] {msg}") ) # Access results if package.success: print(f"Files catalogued: {package.manifest.total_files}") print(f"Anomalies detected: {package.anomalies.total_anomalies}") print(f"Evidence ID: {package.metadata.evidence_id}") print(f"Source root: {package.source_root}") # Check specific anomaly categories print(f"SQLite files: {package.anomalies.sqlite_files}") print(f"PHP in uploads: {package.anomalies.php_in_uploads}") print(f"High entropy files: {package.anomalies.high_entropy_files}") else: print(f"Errors: {package.errors}") ``` -------------------------------- ### Execute DAST Lifecycle Source: https://github.com/the-adimension/redacts/blob/main/USAGE.md Commands to initialize, run, and tear down the DAST environment using Docker Compose and Playwright. ```bash cd dast npm install docker compose -f docker-compose.dast.yml up -d npx playwright test ``` ```bash docker compose -f docker-compose.dast.yml down -v ``` -------------------------------- ### Auto-detect and Load REDCap Sources Source: https://context7.com/the-adimension/redacts/llms.txt Automatically detects the appropriate loader for REDCap sources based on the provided path or URL (zip, http, ftp, local). It then loads the source to a specified destination directory and detects the REDCap root directory within the extracted content. ```python from REDACTS.loaders import detect_loader, detect_redcap_root from pathlib import Path # Auto-detect appropriate loader loader = detect_loader("/path/to/redcap_v15.7.4.zip") # Returns ZipLoader loader = detect_loader("https://example.com/redcap.zip") # Returns HTTPLoader loader = detect_loader("ftp://server/redcap/") # Returns FTPLoader loader = detect_loader("/local/redcap/") # Returns LocalLoader # Load source to destination source_path = loader.load( source="/path/to/redcap_v15.7.4.zip", destination=Path("/tmp/extracted") ) # Detect REDCap root within extracted content redcap_root = detect_redcap_root(source_path) # Looks for: redcap_connect.php, database.php, cron.php ``` -------------------------------- ### POST /sarif/process Source: https://context7.com/the-adimension/redacts/llms.txt Parses and extracts security findings from SARIF v2.1.0 output files. ```APIDOC ## POST /sarif/process ### Description Loads a SARIF file and extracts results, locations, and CWE identifiers for security analysis. ### Method POST ### Endpoint /sarif/process ### Parameters #### Request Body - **file_path** (string) - Required - Path to the .sarif file. ### Response #### Success Response (200) - **results** (array) - List of extracted security findings. - **metadata** (object) - Summary of files scanned and severity counts. ``` -------------------------------- ### Run Python Test Suite Source: https://github.com/the-adimension/redacts/blob/main/USAGE.md Executes the project's internal Python test suite using pytest with exit-on-first-failure and quiet mode enabled. ```bash python -m pytest tests/ -x -q ``` -------------------------------- ### Process Investigation Results Source: https://context7.com/the-adimension/redacts/llms.txt Demonstrates how to handle the output of an investigation, including checking success status, accessing risk metrics, and retrieving the investigation report object. ```python if result.success: print(f"Risk Level: {result.overall_risk_level}") print(f"Files identical: {result.files_identical}") print(f"Files modified: {result.files_modified}") print(f"Files added: {result.files_added}") print(f"Files removed: {result.files_removed}") print(f"Delta files scanned: {result.delta_count}") print(f"Deep scan findings: {result.deep_scan_findings}") print(f"Risk summary: {result.risk_summary}") investigation_report = result.investigation_report_obj else: print(f"Errors: {result.errors}") ``` -------------------------------- ### Configure REDACTS via Environment Variables Source: https://context7.com/the-adimension/redacts/llms.txt Configures REDACTS behavior using environment variables. This includes settings for output directory, logging level, verbosity, performance (workers), sandbox (Docker-based PHP execution), DAST (dynamic testing), and tool locations. ```bash # Output and logging export REDACTS_OUTPUT_DIR="/custom/output/path" export REDACTS_LOG_LEVEL="DEBUG" # DEBUG, INFO, WARNING, ERROR, CRITICAL export REDACTS_VERBOSE="true" # Performance export REDACTS_WORKERS=8 # Parallel workers # Sandbox (Docker-based PHP execution) export REDACTS_SANDBOX_ENABLED="true" export REDACTS_SANDBOX_IMAGE="php:8.2-cli-alpine" # DAST (Dynamic testing) export REDACTS_DAST_ENABLED="true" export REDACTS_DAST_SUITES="export,admin,upgrade" # Tool locations export REDACTS_TOOLS_DIR="~/.redacts/tools/" ``` -------------------------------- ### Orchestrate Cross-Tool Analysis Source: https://context7.com/the-adimension/redacts/llms.txt Coordinates multiple security tools (Semgrep, Trivy, YARA, Magika) to perform corroborated analysis on a target codebase. ```python from REDACTS.orchestration.tool_orchestrator import ToolOrchestrator, OrchestratorConfig from pathlib import Path config = OrchestratorConfig(enable_semgrep=True, enable_trivy=True, enable_magika=True) orchestrator = ToolOrchestrator(target_path=Path("/path/to/redcap"), config=config) collection = orchestrator.run_all() suspicious = orchestrator.get_suspicious_files() ``` -------------------------------- ### Execute Systematic Investigation Source: https://context7.com/the-adimension/redacts/llms.txt Orchestrates a tier-2 investigation against a target path, utilizing external tools and progress callbacks to monitor analysis stages. ```python from REDACTS.investigation.investigator import Investigator from REDACTS.core import REDACTSConfig config = REDACTSConfig() investigator = Investigator(config) report = investigator.investigate( target_path="/evidence/redcap_14.5.0", output_dir="/reports", evidence_id="EVD-001", evidence_label="REDCap 14.5.0 production snapshot", run_external_tools=True, progress_callback=lambda stage, pct: print(f"{stage}: {pct:.0%}"), only_files={"Classes/Hooks.php", "redcap_connect.php"} ) for finding in report.findings: print(f"[{finding.severity}] {finding.title}") ``` -------------------------------- ### Perform Security Code Scanning Source: https://context7.com/the-adimension/redacts/llms.txt Utilizes the SecurityScanner to perform vulnerability detection on individual files or entire directories, supporting delta-aware audit modes. ```python from REDACTS.forensics.security_scanner import SecurityScanner from pathlib import Path scanner = SecurityScanner() findings = scanner.scan_file(file_path=Path("/redcap/Classes/Hooks.php"), root=Path("/redcap")) report = scanner.scan_directory(Path("/redcap")) delta_files = {"Classes/Hooks.php", "Classes/Authentication.php"} report = scanner.scan_files(Path("/redcap"), only_files=delta_files) ``` -------------------------------- ### POST /reports/generate Source: https://context7.com/the-adimension/redacts/llms.txt Generates a forensic investigation report in multiple formats based on provided investigation data and evidence. ```APIDOC ## POST /reports/generate ### Description Generates a comprehensive forensic report from investigation findings and optional evidence packages. ### Method POST ### Endpoint /reports/generate ### Parameters #### Request Body - **investigation** (object) - Required - The investigation report data structure. - **evidence** (object) - Optional - The evidence package to include. - **output_dir** (string) - Required - Directory path for generated files. - **formats** (array) - Required - List of formats (e.g., ["html", "json", "markdown"]). - **report_title** (string) - Required - Title for the generated report. ### Request Example { "investigation": { "id": "INV-001" }, "output_dir": "/reports", "formats": ["json"], "report_title": "Forensic Report" } ### Response #### Success Response (200) - **report_paths** (array) - List of generated file paths. #### Response Example { "report_paths": ["/reports/redacts_forensic_20260304.json"] } ``` -------------------------------- ### Generate Forensic Reports with REDACTS Source: https://context7.com/the-adimension/redacts/llms.txt Generates forensic reports from investigation data in multiple formats (HTML, JSON, Markdown). It takes investigation and evidence data as input and allows specifying an output directory and report title. The function returns a list of paths to the generated report files. ```python generator = ForensicReportGenerator() report_paths = generator.generate( investigation=investigation_report, evidence=evidence_package, # Optional output_dir="/reports", formats=["html", "json", "markdown"], report_title="REDACTS Forensic Report — Production Server A" ) for path in report_paths: print(f"Generated: {path}") ``` -------------------------------- ### Parse and Process SARIF Output Source: https://context7.com/the-adimension/redacts/llms.txt Loads and extracts results from SARIF v2.1.0 files generated by security tools. It provides functions to extract specific details like file locations and CWEs from the results, and to count the total number of results and files scanned. ```python from REDACTS.investigation.sarif_utils import ( load_sarif_file, extract_sarif_results, extract_location, extract_cwe, count_by_severity, count_files_scanned ) from pathlib import Path # Load and extract results sarif, results = load_sarif_file(Path("semgrep-output.sarif")) # Process results print(f"Total results: {len(results)}") print(f"Files scanned: {count_files_scanned(sarif)}") for result in results: location = extract_location(result) cwe = extract_cwe(result) print(f"{location['file_path']}:{location['line_start']} - {cwe}") ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.