npm - @profullstack/threatcrush - Versions diffs - 0.1.1 → 0.1.2 - Mend

@profullstack/threatcrush 0.1.1 → 0.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/README.md +112 -23
package/package.json +2 -2

package/README.md CHANGED Viewed

@@ -1,8 +1,45 @@
-# @profullstack/threatcrush
+<p align="center">
+  <img src="https://img.shields.io/npm/v/@profullstack/threatcrush?color=00ff41&style=flat-square&label=version" alt="npm version" />
+  <img src="https://img.shields.io/npm/dm/@profullstack/threatcrush?color=00ff41&style=flat-square&label=downloads" alt="downloads" />
+  <img src="https://img.shields.io/github/license/profullstack/threatcrush?color=00ff41&style=flat-square" alt="license" />
+  <img src="https://img.shields.io/node/v/@profullstack/threatcrush?color=00ff41&style=flat-square" alt="node" />
+  <img src="https://img.shields.io/github/stars/profullstack/threatcrush?color=00ff41&style=flat-square" alt="stars" />
+  <img src="https://img.shields.io/badge/platform-linux-00ff41?style=flat-square" alt="platform" />
+  <img src="https://img.shields.io/badge/security-agent-00ff41?style=flat-square" alt="security agent" />
+</p>
+<h1 align="center">
+  <br>
+  🛡️ ThreatCrush
+  <br>
+</h1>
+<h4 align="center">All-in-one security agent — monitor, detect, scan, and protect servers in real-time.</h4>
+<p align="center">
+  <a href="https://threatcrush.com">Website</a> •
+  <a href="#install">Install</a> •
+  <a href="#usage">Usage</a> •
+  <a href="#features">Features</a> •
+  <a href="#modules">Modules</a> •
+  <a href="https://github.com/profullstack/threatcrush">GitHub</a>
+</p>
+---
+ThreatCrush is a security daemon that runs on your server, monitoring **every connection on every port**. It detects live attacks, scans your codebase, pentests your APIs, and alerts you in real-time.
-> All-in-one security agent — monitor, detect, scan, and protect servers in real-time.
-ThreatCrush is a security daemon that runs on your server, monitoring every connection on every port. It detects live attacks, scans your codebase, pentests your APIs, and alerts you in real-time.
+```
+$ threatcrush monitor
+  [12:03:41] ✓ Monitoring all ports · nginx · sshd · postgres
+  [12:03:42] ✓ Loaded 1,247 attack signatures
+  [12:03:45] ⚠ SQLi attempt — :443 185.43.21.8 → /api/users?id=1 OR 1=1
+  [12:03:47] ✗ SSH brute force — :22 91.232.105.3 → 47 failed attempts
+  [12:03:50] ⚠ Port scan — 45.33.32.156 scanning :21-:8080 (SYN flood)
+  [12:03:52] ⚠ DNS tunneling — :53 suspicious TXT queries from 103.44.8.2
+  [12:04:01] ✓ 3,891 connections analyzed · 4 threats · 1 blocked
+```
 ## Install
@@ -10,48 +47,100 @@ ThreatCrush is a security daemon that runs on your server, monitoring every conn
 npm i -g @profullstack/threatcrush
 ```
+Or with your preferred package manager:
+```bash
+pnpm add -g @profullstack/threatcrush
+yarn global add @profullstack/threatcrush
+```
 ## Usage
 ```bash
 threatcrush              # Get started
-threatcrush monitor      # Real-time security monitoring
+threatcrush monitor      # Real-time security monitoring (all ports)
 threatcrush tui          # Interactive dashboard (htop for security)
-threatcrush scan ./src   # Scan code for vulnerabilities
-threatcrush pentest URL  # Penetration test a URL
+threatcrush scan ./src   # Scan code for vulnerabilities & secrets
+threatcrush pentest URL  # Penetration test a URL/API
 threatcrush init         # Auto-detect services, generate config
+threatcrush status       # Show daemon status & loaded modules
 threatcrush modules      # Manage security modules
 threatcrush store        # Browse the module marketplace
+threatcrush update       # Update CLI & all modules
 ```
-## What It Does
+## Features
-- **Live Attack Detection** — Monitors all inbound connections on every port. Detects SQLi, XSS, brute force, SSH attacks, port scans, DNS tunneling.
-- **Code Security Scanner** — Scan your codebase for vulnerabilities, secrets, and misconfigurations.
-- **Pentest Engine** — Automated penetration testing on your URLs and APIs.
-- **Network Monitor** — Watches all TCP/UDP traffic across every port.
-- **Real-time Alerts** — Slack, email, webhook notifications when threats are detected.
-- **systemd Daemon** — Runs as a background service, auto-starts on boot.
+| Feature | Description |
+|---------|-------------|
+| 🔍 **Live Attack Detection** | Monitors all inbound connections on every port. Detects SQLi, XSS, brute force, SSH attacks, port scans, DNS tunneling. |
+| 🛡️ **Code Security Scanner** | Scan your codebase for vulnerabilities, hardcoded secrets, and misconfigurations. |
+| 💥 **Pentest Engine** | Automated penetration testing on your URLs and APIs. |
+| 🔀 **Network Monitor** | Watches all TCP/UDP traffic across every port — HTTP, SSH, DNS, FTP, databases. |
+| 🔔 **Real-time Alerts** | Slack, email, webhook notifications the instant a threat is detected. |
+| ⚙️ **systemd Daemon** | Runs as a background service on your server. Auto-starts on boot, monitors 24/7. |
+| 📊 **TUI Dashboard** | Interactive terminal dashboard — htop for security. |
-## Modular Architecture
+## Modules
-ThreatCrush uses a pluggable module system. Install modules from the marketplace or build your own:
+ThreatCrush uses a pluggable module system. Install from the marketplace or build your own:
 ```bash
-threatcrush modules install ssh-guard
+threatcrush modules list                # List installed
+threatcrush modules install ssh-guard   # Install a module
 threatcrush modules install docker-monitor
-threatcrush store search "firewall"
+threatcrush store search "firewall"     # Search marketplace
+threatcrush store publish ./my-module   # Publish your own
+```
+### Core Modules (included)
+| Module | What it monitors |
+|--------|-----------------|
+| `network-monitor` | All TCP/UDP traffic, port scans, SYN floods |
+| `log-watcher` | nginx, Apache, syslog, journald |
+| `ssh-guard` | Failed logins, brute force, tunneling |
+| `code-scanner` | Vulnerabilities, secrets, dependency CVEs |
+| `pentest-engine` | SQLi, XSS, SSRF, API fuzzing |
+| `dns-monitor` | DNS tunneling, DGA detection |
+| `firewall-rules` | Auto-blocks via iptables/nftables |
+| `alert-system` | Slack, Discord, email, webhook, PagerDuty |
+### Community Modules
+Build and sell your own modules on the ThreatCrush marketplace:
+- `docker-monitor` — Container escape detection
+- `k8s-watcher` — Kubernetes cluster security
+- `honeypot` — Deploy decoy services
+- `geo-blocker` — Block traffic by country/ASN
+- `compliance-reporter` — SOC2, HIPAA, PCI-DSS reports
+## Configuration
+```bash
+threatcrush init    # Auto-detect & generate config
 ```
+Config lives at `/etc/threatcrush/threatcrushd.conf` with module configs in `/etc/threatcrush/threatcrushd.conf.d/`.
 ## Pricing
-- **Lifetime Access** — $499 one-time (or $249 with a referral)
-- Pay once, access forever. All core modules included.
+| Tier | Price |
+|------|-------|
+| **Lifetime Access** | $499 one-time |
+| **With Referral** | $249 (both you and your friend) |
+Pay once, access forever. All core modules, CLI, daemon, API, and lifetime updates included.
+👉 [Get lifetime access at threatcrush.com](https://threatcrush.com)
 ## Links
-- **Website:** [threatcrush.com](https://threatcrush.com)
-- **GitHub:** [github.com/profullstack/threatcrush](https://github.com/profullstack/threatcrush)
+- 🌐 **Website:** [threatcrush.com](https://threatcrush.com)
+- 📦 **npm:** [@profullstack/threatcrush](https://www.npmjs.com/package/@profullstack/threatcrush)
+- 🐙 **GitHub:** [profullstack/threatcrush](https://github.com/profullstack/threatcrush)
+- 🐛 **Issues:** [GitHub Issues](https://github.com/profullstack/threatcrush/issues)
 ## License
-Proprietary. See [LICENSE](https://github.com/profullstack/threatcrush/blob/master/LICENSE) for details.
+MIT © [Profullstack, Inc.](https://profullstack.com)

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@profullstack/threatcrush",
-  "version": "0.1.1",
+  "version": "0.1.2",
   "description": "All-in-one security agent daemon — monitor, detect, scan, and protect servers in real-time",
   "bin": {
     "threatcrush": "./dist/index.js"
@@ -23,7 +23,7 @@
     "cli",
     "cybersecurity"
   ],
-  "license": "SEE LICENSE IN LICENSE",
+  "license": "MIT",
   "dependencies": {
     "@iarna/toml": "^2.2.5",
     "better-sqlite3": "^11.7.0",