Skip to content

pugazh342/wolf-runtime

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
src
src
 
 
tests
tests
 
 
README.md
README.md
 
 
index.js
index.js
 
 
package.json
package.json
 
 

Repository files navigation

🐺 Wolf Runtime

A sub-millisecond, JIT-compiled Intrusion Prevention System (IPS) for Node.js.

Wolf Runtime is an enterprise-grade security middleware that sits in front of your Express/Fastify applications. It catches SQL Injection, Cross-Site Scripting (XSS), prototype pollution, and volumetric DDoS attacks in under 0.25 milliseconds without blocking the Node.js event loop.

🚀 Features

  • JIT-Compiled Rule Engine: Write security rules in JSON/YAML. Wolf compiles them into pure V8-optimized JavaScript on the fly.
  • Fail-Fast Pipeline: Multi-stage architecture drops bad traffic before it consumes CPU or memory.
  • Bounded Telemetry Queue: Safely exports threat logs (to Discord, ELK, etc.) asynchronously without risking Out-Of-Memory (OOM) crashes.
  • Zero-Downtime Hot Swapping: Update security rules without restarting your server.
  • Built-in Muscle: Pre-configured regex detectors for SQLi and XSS.

📦 Installation

npm install wolf-runtime

Quick Start (Express)

Protect your API with three lines of code:

const express = require('express');
const { wolfExpress } = require('wolf-runtime');

const app = express();
app.use(express.json());

// 1. Initialize the IPS Middleware
const ipsMiddleware = wolfExpress({
  rateLimit: { maxRequests: 100, windowMs: 60000 }, // 100 requests per minute
  context: { maxBodySize: 500000 }                  // 500kb max payload size
});

// 2. Attach globally
app.use(ipsMiddleware);

app.get('/api/data', (req, res) => {
  res.json({ message: "This route is protected by the Wolf." });
});

app.listen(3000, () => console.log('Server is running on port 3000'));

Custom Business Logic Rules

Wolf Runtime features a powerful DSL (Domain Specific Language) that compiles into native JS. You can load custom rules to block specific user-agents, bad payloads, or strange routing behaviors.

const { RuleEngine } = require('wolf-runtime');

const engine = new RuleEngine();
engine.loadRules([
  {
    id: "BLOCK_EVIL_BOT",
    priority: 100,
    condition: { 
      field: "headers.user-agent", 
      operator: "equals", 
      value: "evil-bot" 
    },
    action: "block"
  }
]);

Performance

Standard middleware often takes 2-5ms just to parse a JSON body. Wolf Runtime evaluates deep JSON paths, checks rate limits, and scans for SQLi in ~0.18ms.

License

Wolf Runtime is licensed under the MIT License.

About

Wolf Runtime is an enterprise-grade security middleware that sits in front of your Express/Fastify applications. It catches SQL Injection, Cross-Site Scripting (XSS), prototype pollution, and volumetric DDoS attacks in under 0.25 milliseconds without blocking the Node.js event loop.

Resources

Readme
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages