ai-appshield 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (60) hide show
  1. package/LICENSE +21 -0
  2. package/README.md +222 -0
  3. package/browser/shield.min.js +19 -0
  4. package/dist/browser/BotDetector.d.ts +9 -0
  5. package/dist/browser/BotDetector.d.ts.map +1 -0
  6. package/dist/browser/BotDetector.js +99 -0
  7. package/dist/browser/BotDetector.js.map +1 -0
  8. package/dist/browser/ContentProtector.d.ts +27 -0
  9. package/dist/browser/ContentProtector.d.ts.map +1 -0
  10. package/dist/browser/ContentProtector.js +136 -0
  11. package/dist/browser/ContentProtector.js.map +1 -0
  12. package/dist/browser/DevToolsGuard.d.ts +16 -0
  13. package/dist/browser/DevToolsGuard.d.ts.map +1 -0
  14. package/dist/browser/DevToolsGuard.js +89 -0
  15. package/dist/browser/DevToolsGuard.js.map +1 -0
  16. package/dist/browser/Fingerprint.d.ts +30 -0
  17. package/dist/browser/Fingerprint.d.ts.map +1 -0
  18. package/dist/browser/Fingerprint.js +143 -0
  19. package/dist/browser/Fingerprint.js.map +1 -0
  20. package/dist/browser/Shield.d.ts +35 -0
  21. package/dist/browser/Shield.d.ts.map +1 -0
  22. package/dist/browser/Shield.js +177 -0
  23. package/dist/browser/Shield.js.map +1 -0
  24. package/dist/browser/index.d.ts +4 -0
  25. package/dist/browser/index.d.ts.map +1 -0
  26. package/dist/browser/index.js +11 -0
  27. package/dist/browser/index.js.map +1 -0
  28. package/dist/cli.d.ts +3 -0
  29. package/dist/cli.d.ts.map +1 -0
  30. package/dist/cli.js +269 -0
  31. package/dist/cli.js.map +1 -0
  32. package/dist/core/config.d.ts +65 -0
  33. package/dist/core/config.d.ts.map +1 -0
  34. package/dist/core/config.js +21 -0
  35. package/dist/core/config.js.map +1 -0
  36. package/dist/index.d.ts +6 -0
  37. package/dist/index.d.ts.map +1 -0
  38. package/dist/index.js +17 -0
  39. package/dist/index.js.map +1 -0
  40. package/dist/server/BotAnalyzer.d.ts +24 -0
  41. package/dist/server/BotAnalyzer.d.ts.map +1 -0
  42. package/dist/server/BotAnalyzer.js +124 -0
  43. package/dist/server/BotAnalyzer.js.map +1 -0
  44. package/dist/server/index.d.ts +4 -0
  45. package/dist/server/index.d.ts.map +1 -0
  46. package/dist/server/index.js +10 -0
  47. package/dist/server/index.js.map +1 -0
  48. package/dist/server/middleware.d.ts +28 -0
  49. package/dist/server/middleware.d.ts.map +1 -0
  50. package/dist/server/middleware.js +63 -0
  51. package/dist/server/middleware.js.map +1 -0
  52. package/dist/utils/obfuscate.d.ts +21 -0
  53. package/dist/utils/obfuscate.d.ts.map +1 -0
  54. package/dist/utils/obfuscate.js +59 -0
  55. package/dist/utils/obfuscate.js.map +1 -0
  56. package/dist/utils/signatures.d.ts +13 -0
  57. package/dist/utils/signatures.d.ts.map +1 -0
  58. package/dist/utils/signatures.js +87 -0
  59. package/dist/utils/signatures.js.map +1 -0
  60. package/package.json +73 -0
@@ -0,0 +1,63 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.RateLimiter = exports.analyzeRequest = void 0;
4
+ exports.createShieldMiddleware = createShieldMiddleware;
5
+ exports.validateRequest = validateRequest;
6
+ const BotAnalyzer_1 = require("./BotAnalyzer");
7
+ const config_1 = require("../core/config");
8
+ /**
9
+ * Express-compatible middleware factory.
10
+ * Also works with any framework that uses (req, res, next) pattern.
11
+ */
12
+ function createShieldMiddleware(config = {}) {
13
+ const cfg = { ...config_1.DEFAULT_SERVER_CONFIG, ...config };
14
+ const limiter = config.rateLimit
15
+ ? new BotAnalyzer_1.RateLimiter(config.rateLimit.maxRequests, config.rateLimit.windowMs)
16
+ : null;
17
+ return function shieldMiddleware(req, res, next) {
18
+ const ip = req.ip ?? String(req.headers['x-forwarded-for'] ?? 'unknown');
19
+ // Rate limiting
20
+ if (limiter?.isRateLimited(ip)) {
21
+ if (config.onBlocked) {
22
+ config.onBlocked({
23
+ ip,
24
+ userAgent: String(req.headers['user-agent'] ?? ''),
25
+ path: req.path,
26
+ reason: 'Rate limit exceeded',
27
+ timestamp: Date.now(),
28
+ });
29
+ }
30
+ res.status(429).json({ error: 'Too many requests' });
31
+ return;
32
+ }
33
+ // Bot analysis
34
+ const analysis = (0, BotAnalyzer_1.analyzeRequest)(req, config);
35
+ if (analysis.blocked) {
36
+ res.status(cfg.blockStatusCode).json({
37
+ error: 'Access denied',
38
+ reason: 'Automated access is not permitted',
39
+ });
40
+ return;
41
+ }
42
+ next();
43
+ };
44
+ }
45
+ /**
46
+ * Standalone request validator (for non-Express frameworks).
47
+ */
48
+ function validateRequest(req, config) {
49
+ const cfg = { ...config_1.DEFAULT_SERVER_CONFIG, ...config };
50
+ const analysis = (0, BotAnalyzer_1.analyzeRequest)(req, config);
51
+ if (analysis.blocked) {
52
+ return {
53
+ allowed: false,
54
+ statusCode: cfg.blockStatusCode,
55
+ reason: analysis.reason,
56
+ };
57
+ }
58
+ return { allowed: true, statusCode: 200 };
59
+ }
60
+ var BotAnalyzer_2 = require("./BotAnalyzer");
61
+ Object.defineProperty(exports, "analyzeRequest", { enumerable: true, get: function () { return BotAnalyzer_2.analyzeRequest; } });
62
+ Object.defineProperty(exports, "RateLimiter", { enumerable: true, get: function () { return BotAnalyzer_2.RateLimiter; } });
63
+ //# sourceMappingURL=middleware.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"middleware.js","sourceRoot":"","sources":["../../src/server/middleware.ts"],"names":[],"mappings":";;;AAuBA,wDAyCC;AAKD,0CAgBC;AArFD,+CAA4D;AAE5D,2CAAuD;AAiBvD;;;GAGG;AACH,SAAgB,sBAAsB,CAAC,SAA6B,EAAE;IACpE,MAAM,GAAG,GAAG,EAAE,GAAG,8BAAqB,EAAE,GAAG,MAAM,EAAE,CAAC;IACpD,MAAM,OAAO,GAAG,MAAM,CAAC,SAAS;QAC9B,CAAC,CAAC,IAAI,yBAAW,CAAC,MAAM,CAAC,SAAS,CAAC,WAAW,EAAE,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC;QAC1E,CAAC,CAAC,IAAI,CAAC;IAET,OAAO,SAAS,gBAAgB,CAC9B,GAAsB,EACtB,GAAuB,EACvB,IAAkB;QAElB,MAAM,EAAE,GAAG,GAAG,CAAC,EAAE,IAAI,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,iBAAiB,CAAC,IAAI,SAAS,CAAC,CAAC;QAEzE,gBAAgB;QAChB,IAAI,OAAO,EAAE,aAAa,CAAC,EAAE,CAAC,EAAE,CAAC;YAC/B,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;gBACrB,MAAM,CAAC,SAAS,CAAC;oBACf,EAAE;oBACF,SAAS,EAAE,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC;oBAClD,IAAI,EAAE,GAAG,CAAC,IAAI;oBACd,MAAM,EAAE,qBAAqB;oBAC7B,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;iBACtB,CAAC,CAAC;YACL,CAAC;YACD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,mBAAmB,EAAE,CAAC,CAAC;YACrD,OAAO;QACT,CAAC;QAED,eAAe;QACf,MAAM,QAAQ,GAAG,IAAA,4BAAc,EAAC,GAAG,EAAE,MAAM,CAAC,CAAC;QAE7C,IAAI,QAAQ,CAAC,OAAO,EAAE,CAAC;YACrB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC,IAAI,CAAC;gBACnC,KAAK,EAAE,eAAe;gBACtB,MAAM,EAAE,mCAAmC;aAC5C,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,IAAI,EAAE,CAAC;IACT,CAAC,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAgB,eAAe,CAC7B,GAAsB,EACtB,MAA2B;IAE3B,MAAM,GAAG,GAAG,EAAE,GAAG,8BAAqB,EAAE,GAAG,MAAM,EAAE,CAAC;IACpD,MAAM,QAAQ,GAAG,IAAA,4BAAc,EAAC,GAAG,EAAE,MAAM,CAAC,CAAC;IAE7C,IAAI,QAAQ,CAAC,OAAO,EAAE,CAAC;QACrB,OAAO;YACL,OAAO,EAAE,KAAK;YACd,UAAU,EAAE,GAAG,CAAC,eAAe;YAC/B,MAAM,EAAE,QAAQ,CAAC,MAAM;SACxB,CAAC;IACJ,CAAC;IAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,GAAG,EAAE,CAAC;AAC5C,CAAC;AAED,6CAA4D;AAAnD,6GAAA,cAAc,OAAA;AAAE,0GAAA,WAAW,OAAA"}
@@ -0,0 +1,21 @@
1
+ /**
2
+ * Encode text for DOM obfuscation — rendered via CSS/content but harder to scrape.
3
+ */
4
+ export declare function obfuscateText(text: string): string;
5
+ /**
6
+ * Simple XOR-based string encoding for client-side content protection.
7
+ */
8
+ export declare function encodeContent(text: string, key?: string): string;
9
+ /**
10
+ * Decode XOR-encoded content (used at render time in browser).
11
+ */
12
+ export declare function decodeContent(encoded: string, key?: string): string;
13
+ /**
14
+ * Generate a random honeypot field name that looks legitimate.
15
+ */
16
+ export declare function generateHoneypotName(): string;
17
+ /**
18
+ * Hash a string to a simple fingerprint (FNV-1a).
19
+ */
20
+ export declare function simpleHash(input: string): string;
21
+ //# sourceMappingURL=obfuscate.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"obfuscate.d.ts","sourceRoot":"","sources":["../../src/utils/obfuscate.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,wBAAgB,aAAa,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CAKlD;AAED;;GAEG;AACH,wBAAgB,aAAa,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,SAAiB,GAAG,MAAM,CAMxE;AAED;;GAEG;AACH,wBAAgB,aAAa,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,SAAiB,GAAG,MAAM,CAS3E;AAED;;GAEG;AACH,wBAAgB,oBAAoB,IAAI,MAAM,CAM7C;AAED;;GAEG;AACH,wBAAgB,UAAU,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAOhD"}
@@ -0,0 +1,59 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.obfuscateText = obfuscateText;
4
+ exports.encodeContent = encodeContent;
5
+ exports.decodeContent = decodeContent;
6
+ exports.generateHoneypotName = generateHoneypotName;
7
+ exports.simpleHash = simpleHash;
8
+ /**
9
+ * Encode text for DOM obfuscation — rendered via CSS/content but harder to scrape.
10
+ */
11
+ function obfuscateText(text) {
12
+ return text
13
+ .split('')
14
+ .map((char) => `&#${char.charCodeAt(0)};`)
15
+ .join('');
16
+ }
17
+ /**
18
+ * Simple XOR-based string encoding for client-side content protection.
19
+ */
20
+ function encodeContent(text, key = 'ai-appshield') {
21
+ const encoded = [];
22
+ for (let i = 0; i < text.length; i++) {
23
+ encoded.push(text.charCodeAt(i) ^ key.charCodeAt(i % key.length));
24
+ }
25
+ return btoa(String.fromCharCode(...encoded));
26
+ }
27
+ /**
28
+ * Decode XOR-encoded content (used at render time in browser).
29
+ */
30
+ function decodeContent(encoded, key = 'ai-appshield') {
31
+ const bytes = atob(encoded);
32
+ const decoded = [];
33
+ for (let i = 0; i < bytes.length; i++) {
34
+ decoded.push(String.fromCharCode(bytes.charCodeAt(i) ^ key.charCodeAt(i % key.length)));
35
+ }
36
+ return decoded.join('');
37
+ }
38
+ /**
39
+ * Generate a random honeypot field name that looks legitimate.
40
+ */
41
+ function generateHoneypotName() {
42
+ const prefixes = ['email', 'phone', 'company', 'website', 'address', 'fax'];
43
+ const suffixes = ['_confirm', '_alt', '_2', '_backup', '_verify'];
44
+ const prefix = prefixes[Math.floor(Math.random() * prefixes.length)];
45
+ const suffix = suffixes[Math.floor(Math.random() * suffixes.length)];
46
+ return `${prefix}${suffix}`;
47
+ }
48
+ /**
49
+ * Hash a string to a simple fingerprint (FNV-1a).
50
+ */
51
+ function simpleHash(input) {
52
+ let hash = 2166136261;
53
+ for (let i = 0; i < input.length; i++) {
54
+ hash ^= input.charCodeAt(i);
55
+ hash = (hash * 16777619) >>> 0;
56
+ }
57
+ return hash.toString(36);
58
+ }
59
+ //# sourceMappingURL=obfuscate.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"obfuscate.js","sourceRoot":"","sources":["../../src/utils/obfuscate.ts"],"names":[],"mappings":";;AAGA,sCAKC;AAKD,sCAMC;AAKD,sCASC;AAKD,oDAMC;AAKD,gCAOC;AAxDD;;GAEG;AACH,SAAgB,aAAa,CAAC,IAAY;IACxC,OAAO,IAAI;SACR,KAAK,CAAC,EAAE,CAAC;SACT,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,GAAG,CAAC;SACzC,IAAI,CAAC,EAAE,CAAC,CAAC;AACd,CAAC;AAED;;GAEG;AACH,SAAgB,aAAa,CAAC,IAAY,EAAE,GAAG,GAAG,cAAc;IAC9D,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACrC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,UAAU,CAAC,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC;IACpE,CAAC;IACD,OAAO,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC;AAC/C,CAAC;AAED;;GAEG;AACH,SAAgB,aAAa,CAAC,OAAe,EAAE,GAAG,GAAG,cAAc;IACjE,MAAM,KAAK,GAAG,IAAI,CAAC,OAAO,CAAC,CAAC;IAC5B,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,OAAO,CAAC,IAAI,CACV,MAAM,CAAC,YAAY,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,UAAU,CAAC,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,CAAC,CAC1E,CAAC;IACJ,CAAC;IACD,OAAO,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;AAC1B,CAAC;AAED;;GAEG;AACH,SAAgB,oBAAoB;IAClC,MAAM,QAAQ,GAAG,CAAC,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,SAAS,EAAE,KAAK,CAAC,CAAC;IAC5E,MAAM,QAAQ,GAAG,CAAC,UAAU,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,SAAS,CAAC,CAAC;IAClE,MAAM,MAAM,GAAG,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC;IACrE,MAAM,MAAM,GAAG,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC;IACrE,OAAO,GAAG,MAAM,GAAG,MAAM,EAAE,CAAC;AAC9B,CAAC;AAED;;GAEG;AACH,SAAgB,UAAU,CAAC,KAAa;IACtC,IAAI,IAAI,GAAG,UAAU,CAAC;IACtB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,IAAI,IAAI,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;QAC5B,IAAI,GAAG,CAAC,IAAI,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC;IACjC,CAAC;IACD,OAAO,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;AAC3B,CAAC"}
@@ -0,0 +1,13 @@
1
+ /** Known automation tool signatures in navigator and window objects */
2
+ export declare const AUTOMATION_SIGNATURES: readonly ["webdriver", "__webdriver_evaluate", "__selenium_evaluate", "__webdriver_script_function", "__webdriver_script_func", "__webdriver_script_fn", "__fxdriver_evaluate", "__driver_unwrapped", "__webdriver_unwrapped", "__driver_evaluate", "__selenium_unwrapped", "__fxdriver_unwrapped", "_Selenium_IDE_Recorder", "_selenium", "calledSelenium", "$cdc_asdjflasutopfhvcZLmcfl_", "$chrome_asyncScriptInfo", "__$webdriverAsyncExecutor", "__lastWatirAlert", "__lastWatirConfirm", "__lastWatirPrompt", "_WEBDRIVER_ELEM_CACHE", "ChromeDriverw", "domAutomation", "domAutomationController"];
3
+ /** User-agent substrings associated with bots and scrapers */
4
+ export declare const BOT_USER_AGENTS: readonly ["bot", "crawl", "spider", "scrape", "curl", "wget", "python-requests", "python-urllib", "axios", "go-http-client", "java/", "libwww", "httpclient", "scrapy", "phantomjs", "headlesschrome", "puppeteer", "playwright", "selenium", "gptbot", "chatgpt", "claudebot", "anthropic", "bytespider", "ccbot", "google-extended", "perplexitybot", "amazonbot", "facebookexternalhit", "bingpreview", "slurp", "duckduckbot", "ia_archiver", "semrushbot", "ahrefsbot", "dotbot", "mj12bot", "rogerbot", "screaming frog", "petalbot", "dataforseo", "brightbot", "omgili", "cohere-ai"];
5
+ /** Headless browser indicators */
6
+ export declare const HEADLESS_INDICATORS: {
7
+ readonly missingPlugins: true;
8
+ readonly zeroLanguages: true;
9
+ readonly webdriverProperty: true;
10
+ readonly chromeRuntimeMissing: true;
11
+ readonly permissionsInconsistency: true;
12
+ };
13
+ //# sourceMappingURL=signatures.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"signatures.d.ts","sourceRoot":"","sources":["../../src/utils/signatures.ts"],"names":[],"mappings":"AAAA,uEAAuE;AACvE,eAAO,MAAM,qBAAqB,2kBA0BxB,CAAC;AAEX,8DAA8D;AAC9D,eAAO,MAAM,eAAe,+jBA6ClB,CAAC;AAEX,kCAAkC;AAClC,eAAO,MAAM,mBAAmB;;;;;;CAMtB,CAAC"}
@@ -0,0 +1,87 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.HEADLESS_INDICATORS = exports.BOT_USER_AGENTS = exports.AUTOMATION_SIGNATURES = void 0;
4
+ /** Known automation tool signatures in navigator and window objects */
5
+ exports.AUTOMATION_SIGNATURES = [
6
+ 'webdriver',
7
+ '__webdriver_evaluate',
8
+ '__selenium_evaluate',
9
+ '__webdriver_script_function',
10
+ '__webdriver_script_func',
11
+ '__webdriver_script_fn',
12
+ '__fxdriver_evaluate',
13
+ '__driver_unwrapped',
14
+ '__webdriver_unwrapped',
15
+ '__driver_evaluate',
16
+ '__selenium_unwrapped',
17
+ '__fxdriver_unwrapped',
18
+ '_Selenium_IDE_Recorder',
19
+ '_selenium',
20
+ 'calledSelenium',
21
+ '$cdc_asdjflasutopfhvcZLmcfl_',
22
+ '$chrome_asyncScriptInfo',
23
+ '__$webdriverAsyncExecutor',
24
+ '__lastWatirAlert',
25
+ '__lastWatirConfirm',
26
+ '__lastWatirPrompt',
27
+ '_WEBDRIVER_ELEM_CACHE',
28
+ 'ChromeDriverw',
29
+ 'domAutomation',
30
+ 'domAutomationController',
31
+ ];
32
+ /** User-agent substrings associated with bots and scrapers */
33
+ exports.BOT_USER_AGENTS = [
34
+ 'bot',
35
+ 'crawl',
36
+ 'spider',
37
+ 'scrape',
38
+ 'curl',
39
+ 'wget',
40
+ 'python-requests',
41
+ 'python-urllib',
42
+ 'axios',
43
+ 'go-http-client',
44
+ 'java/',
45
+ 'libwww',
46
+ 'httpclient',
47
+ 'scrapy',
48
+ 'phantomjs',
49
+ 'headlesschrome',
50
+ 'puppeteer',
51
+ 'playwright',
52
+ 'selenium',
53
+ 'gptbot',
54
+ 'chatgpt',
55
+ 'claudebot',
56
+ 'anthropic',
57
+ 'bytespider',
58
+ 'ccbot',
59
+ 'google-extended',
60
+ 'perplexitybot',
61
+ 'amazonbot',
62
+ 'facebookexternalhit',
63
+ 'bingpreview',
64
+ 'slurp',
65
+ 'duckduckbot',
66
+ 'ia_archiver',
67
+ 'semrushbot',
68
+ 'ahrefsbot',
69
+ 'dotbot',
70
+ 'mj12bot',
71
+ 'rogerbot',
72
+ 'screaming frog',
73
+ 'petalbot',
74
+ 'dataforseo',
75
+ 'brightbot',
76
+ 'omgili',
77
+ 'cohere-ai',
78
+ ];
79
+ /** Headless browser indicators */
80
+ exports.HEADLESS_INDICATORS = {
81
+ missingPlugins: true,
82
+ zeroLanguages: true,
83
+ webdriverProperty: true,
84
+ chromeRuntimeMissing: true,
85
+ permissionsInconsistency: true,
86
+ };
87
+ //# sourceMappingURL=signatures.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"signatures.js","sourceRoot":"","sources":["../../src/utils/signatures.ts"],"names":[],"mappings":";;;AAAA,uEAAuE;AAC1D,QAAA,qBAAqB,GAAG;IACnC,WAAW;IACX,sBAAsB;IACtB,qBAAqB;IACrB,6BAA6B;IAC7B,yBAAyB;IACzB,uBAAuB;IACvB,qBAAqB;IACrB,oBAAoB;IACpB,uBAAuB;IACvB,mBAAmB;IACnB,sBAAsB;IACtB,sBAAsB;IACtB,wBAAwB;IACxB,WAAW;IACX,gBAAgB;IAChB,8BAA8B;IAC9B,yBAAyB;IACzB,2BAA2B;IAC3B,kBAAkB;IAClB,oBAAoB;IACpB,mBAAmB;IACnB,uBAAuB;IACvB,eAAe;IACf,eAAe;IACf,yBAAyB;CACjB,CAAC;AAEX,8DAA8D;AACjD,QAAA,eAAe,GAAG;IAC7B,KAAK;IACL,OAAO;IACP,QAAQ;IACR,QAAQ;IACR,MAAM;IACN,MAAM;IACN,iBAAiB;IACjB,eAAe;IACf,OAAO;IACP,gBAAgB;IAChB,OAAO;IACP,QAAQ;IACR,YAAY;IACZ,QAAQ;IACR,WAAW;IACX,gBAAgB;IAChB,WAAW;IACX,YAAY;IACZ,UAAU;IACV,QAAQ;IACR,SAAS;IACT,WAAW;IACX,WAAW;IACX,YAAY;IACZ,OAAO;IACP,iBAAiB;IACjB,eAAe;IACf,WAAW;IACX,qBAAqB;IACrB,aAAa;IACb,OAAO;IACP,aAAa;IACb,aAAa;IACb,YAAY;IACZ,WAAW;IACX,QAAQ;IACR,SAAS;IACT,UAAU;IACV,gBAAgB;IAChB,UAAU;IACV,YAAY;IACZ,WAAW;IACX,QAAQ;IACR,WAAW;CACH,CAAC;AAEX,kCAAkC;AACrB,QAAA,mBAAmB,GAAG;IACjC,cAAc,EAAE,IAAI;IACpB,aAAa,EAAE,IAAI;IACnB,iBAAiB,EAAE,IAAI;IACvB,oBAAoB,EAAE,IAAI;IAC1B,wBAAwB,EAAE,IAAI;CACtB,CAAC"}
package/package.json ADDED
@@ -0,0 +1,73 @@
1
+ {
2
+ "name": "ai-appshield",
3
+ "version": "1.0.0",
4
+ "description": "NPM wrapper to protect applications from AI scrapers, bots, and reverse-engineering attempts",
5
+ "main": "dist/index.js",
6
+ "types": "dist/index.d.ts",
7
+ "bin": {
8
+ "ai-appshield": "dist/cli.js"
9
+ },
10
+ "exports": {
11
+ ".": {
12
+ "types": "./dist/index.d.ts",
13
+ "import": "./dist/index.js",
14
+ "require": "./dist/index.js"
15
+ },
16
+ "./browser": {
17
+ "types": "./dist/browser/index.d.ts",
18
+ "import": "./dist/browser/index.js",
19
+ "require": "./dist/browser/index.js"
20
+ },
21
+ "./server": {
22
+ "types": "./dist/server/index.d.ts",
23
+ "import": "./dist/server/index.js",
24
+ "require": "./dist/server/index.js"
25
+ }
26
+ },
27
+ "files": [
28
+ "dist",
29
+ "browser",
30
+ "README.md",
31
+ "LICENSE"
32
+ ],
33
+ "scripts": {
34
+ "build": "tsc && node scripts/build-browser.js",
35
+ "prepublishOnly": "npm run build && node scripts/clean-test-artifacts.js",
36
+ "pretest": "npm run build && tsc -p tsconfig.test.json",
37
+ "dev": "tsc --watch",
38
+ "test": "node scripts/run-tests.js"
39
+ },
40
+ "keywords": [
41
+ "anti-bot",
42
+ "anti-scrape",
43
+ "bot-detection",
44
+ "content-protection",
45
+ "devtools",
46
+ "fingerprint",
47
+ "honeypot",
48
+ "obfuscation",
49
+ "rate-limit",
50
+ "security"
51
+ ],
52
+ "author": "",
53
+ "license": "MIT",
54
+ "engines": {
55
+ "node": ">=18"
56
+ },
57
+ "dependencies": {
58
+ "commander": "^12.1.0"
59
+ },
60
+ "devDependencies": {
61
+ "@types/node": "^22.10.0",
62
+ "esbuild": "^0.24.0",
63
+ "typescript": "^5.7.2"
64
+ },
65
+ "peerDependencies": {
66
+ "express": ">=4.0.0"
67
+ },
68
+ "peerDependenciesMeta": {
69
+ "express": {
70
+ "optional": true
71
+ }
72
+ }
73
+ }