Open source security toolkit for modern web applications. Sentinel provides both a CLI vulnerability scanner and an Express middleware for runtime threat detection and rate limiting.
npm install sentinelCreate a sentinel.config.json in your project root (or copy from the example):
cp sentinel.config.example.json sentinel.config.jsonConfiguration options:
| Key | Type | Description |
|---|---|---|
reportFile |
string | Path to write the JSON vulnerability report |
failOnHigh |
boolean | Exit with code 1 if HIGH/CRITICAL vulns are found |
npx sentinel scanScans your project's package.json dependencies against the OSV vulnerability database and generates a report.
Protect your Express application with rate limiting and threat detection:
import express from "express";
import { sentinelRuntime } from "sentinel";
const app = express();
app.use(
sentinelRuntime({
rateLimit: 100, // Max requests per window per IP
windowMs: 60_000, // Time window in ms (default: 1 minute)
onEvent: (event) => {
console.log(`[Sentinel] ${event.type} from ${event.ip}`);
},
})
);
app.listen(3000);| Option | Type | Default | Description |
|---|---|---|---|
rateLimit |
number |
100 |
Max requests per IP per window |
windowMs |
number |
60000 |
Rate limit window in milliseconds |
rules |
RegExp[] |
Built-in rules | Custom threat detection patterns |
onEvent |
(event: SentinelEvent) => void |
undefined |
Callback for security events |
Sentinel detects common attack patterns including:
- XSS — script tags, event handlers,
javascript:URIs,eval() - SQL Injection — UNION SELECT, DROP TABLE, OR 1=1, comment injection
- Path Traversal —
../,..\, URL-encoded variants, null bytes - Prototype Pollution —
__proto__, constructor prototype access - Command Injection — shell commands via
;,|, backticks,$()
npm run build # Compile TypeScript
npm test # Run tests
npm run test:watch # Run tests in watch mode
npm run dev # Run CLI in development modeMIT