{"id":45680022,"url":"https://github.com/resulsilay/sentinel","last_synced_at":"2026-04-14T14:00:44.567Z","repository":{"id":340355109,"uuid":"1152772792","full_name":"ResulSilay/Sentinel","owner":"ResulSilay","description":"Sentinel is a lightweight and modular Kotlin multiplatform security toolkit designed to analyze operating environments and detect potential security threats in real time.","archived":false,"fork":false,"pushed_at":"2026-04-10T11:53:28.000Z","size":59874,"stargazers_count":2,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-04-10T13:30:26.681Z","etag":null,"topics":["android","anti-tampering","emulator-detection","integrity-check","ios","ios-security","kmp","kmp-library","kotlin","mobile-security","multiplatform","root-detection","security"],"latest_commit_sha":null,"homepage":"","language":"Kotlin","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ResulSilay.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-02-08T12:13:19.000Z","updated_at":"2026-04-10T11:53:36.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/ResulSilay/Sentinel","commit_stats":null,"previous_names":["resulsilay/sentinel"],"tags_count":9,"template":false,"template_full_name":null,"purl":"pkg:github/ResulSilay/Sentinel","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ResulSilay%2FSentinel","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ResulSilay%2FSentinel/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ResulSilay%2FSentinel/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ResulSilay%2FSentinel/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ResulSilay","download_url":"https://codeload.github.com/ResulSilay/Sentinel/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ResulSilay%2FSentinel/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31799411,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-14T11:13:53.975Z","status":"ssl_error","status_checked_at":"2026-04-14T11:13:53.299Z","response_time":153,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["android","anti-tampering","emulator-detection","integrity-check","ios","ios-security","kmp","kmp-library","kotlin","mobile-security","multiplatform","root-detection","security"],"created_at":"2026-02-24T14:14:14.505Z","updated_at":"2026-04-14T14:00:44.560Z","avatar_url":"https://github.com/ResulSilay.png","language":"Kotlin","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cdiv align=\"center\"\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"/.github/art/logo.png\" alt=\"Logo\" width=\"200\"/\u003e\n\u003c/p\u003e\n\n[![Security](https://img.shields.io/badge/Security-000000?style=for-the-badge\u0026logo=bitwarden)](#)\n[![KMP](https://img.shields.io/badge/KMP-000000?style=for-the-badge\u0026logo=kotlin\u0026logoColor=ffffff)](#)\n[![Android](https://img.shields.io/badge/Android-000000?style=for-the-badge\u0026logo=android\u0026logoColor=ffffff)](https://developer.android.com/)\n[![iOS](https://img.shields.io/badge/iOS-000000?style=for-the-badge\u0026logo=apple\u0026logoColor=ffffff)](https://developer.apple.com/)\n[![Version](https://img.shields.io/badge/1.5.2.beta-000000?style=for-the-badge\u0026logo=stackblitz)](#)\n\n**Sentinel** is a lightweight, modular Kotlin Multiplatform security toolkit designed to analyze\nruntime environments and detect potential security threats in real time on both Android and iOS.\n\n\u003cp align=\"center\"\u003e\n  \u003cimg alt=\"image\" src=\".github/art/header.png\" /\u003e\n\u003c/p\u003e\n\u003c/div\u003e\n\n## Why Sentinel?\n\nMost mobile apps rely only on server-side security, but attacks happen on the client.\n\nSentinel provides real-time, on-device threat detection with minimal performance overhead.\n\n☑️️ Detect compromised devices (root / jailbreak)  \n☑️️ Detect runtime manipulation (Frida, Xposed)  \n☑️️ Detect app tampering \u0026 reverse engineering  \n☑️️ Detect emulators \u0026 unsafe environments  \n☑️️ Designed for Kotlin Multiplatform (KMP)\n\n\n\u003ctable style=\"width: auto; margin: auto; border-collapse: collapse;\"\u003e\n  \u003cthead\u003e\n    \u003ctr\u003e\n      \u003cth align=\"center\" style=\"padding: 10px;\"\u003eAndroid\u003c/th\u003e\n      \u003cth align=\"center\" style=\"padding: 10px;\"\u003eiOS\u003c/th\u003e\n    \u003c/tr\u003e\n  \u003c/thead\u003e\n  \u003ctbody\u003e\n    \u003ctr\u003e\n      \u003ctd align=\"center\" style=\"padding: 5px;\"\u003e\n        \u003cimg src=\".github/art/Android.gif\" width=\"240\" alt=\"Android Demo\"\u003e\n      \u003c/td\u003e\n      \u003ctd align=\"center\" style=\"padding: 5px;\"\u003e\n        \u003cimg src=\".github/art/iOS.gif\" width=\"240\" alt=\"iOS Demo\"\u003e\n      \u003c/td\u003e\n    \u003c/tr\u003e\n    \u003ctr\u003e\n      \u003ctd align=\"center\" style=\"padding: 10px;\"\u003e\n        \u003ca href=\"https://play.google.com/store/apps/details?id=com.rs.sentinel\"\u003e\n          \u003cimg src=\".github/art/google-play-badge.svg\" height=\"40\" alt=\"Google Play\"\u003e\n        \u003c/a\u003e\n      \u003c/td\u003e\n      \u003ctd align=\"center\" style=\"padding: 10px;\"\u003e\n        \u003ca href=\"https://apps.apple.com/us/app/\"\u003e\n          \u003cimg src=\".github/art/app-store-badge.svg\" height=\"40\" alt=\"App Store\"\u003e\n        \u003c/a\u003e\n      \u003c/td\u003e\n    \u003c/tr\u003e\n  \u003c/tbody\u003e\n\u003c/table\u003e\n\n## Features\n\n♦️ **Kotlin Multiplatform:** Works on Android and iOS with a single codebase.  \n♦️ **Modular Detector Architecture:** Easily enable, disable, or extend security checks.  \n♦️ **Smart Risk Aggregation:** Weighted category scoring to prevent artificial risk inflation.  \n♦️ **Configurable Threat Threshold:** Set your own critical risk level to control app behavior.  \n♦️ **DSL-Based Configuration:** Use a clean and expressive API for configuration.  \n♦️ **Detailed Security Reports:** Get a full breakdown of detected threats.  \n♦️ **Lightweight \u0026 High Performance:** Minimal runtime overhead for optimal performance.  \n♦️ **RASP-Based Threat Detection:** Real-time monitoring of dynamic instrumentation, hooking, and\ninjection attempts.\n\n## Supported Threats by Platform\n\n| Threat / Feature               | Android | iOS |\n|--------------------------------|:-------:|:---:|\n| Root / Jailbreak               |    ✅    |  ✅  |\n| Tamper Detection               |    ✅    |  ✅  |\n| Hooking Detection              |    ✅    |  ✅  |\n| Emulator / Simulator Detection |    ✅    |  ✅  |\n| Debugging Detection            |    ✅    |  ✅  |\n| Mock Location Abuse            |    ✅    |  ➖  |\n\n## Quick Start\n\n```gradle\nimplementation(\"io.github.resulsilay:sentinel:1.5.2-beta\")\n```\n\n### Android Usage\n\n```kotlin\nval sentinel = Sentinel.configure(context = context) {\n    config {\n        appId = Sentinel.Identity.appId.toByteList()\n        appIntegrity = Sentinel.Identity.signature?.toByteList()\n        threshold = 90\n        isLoggingEnabled = true\n    }\n\n    all()\n    // root()\n    // tamper()\n    // hook()\n    // emulator()\n    // debug()\n    // location()\n}\n```\n\n### iOS Usage\n\n```kotlin\nval sentinel = Sentinel.configure {\n    config {\n        appId = Sentinel.Identity.appId.toByteList()\n        appIntegrity = Sentinel.Identity.hash?.toByteList()\n        threshold = 90\n        isLoggingEnabled = true\n    }\n\n    all()\n    // jailbreak()\n    // tamper()\n    // hook()\n    // simulator()\n    // debug()\n}\n```\n\n### Running Inspection\n\nInstead of basic checks, Sentinel performs a thorough inspection of the environment and provides a\ndetailed report based on threat severity.\n\n\u003e `inspect()` is a suspend function and must be executed within a coroutine scope.\n\n```kotlin\nval report = sentinel.inspect()\n```\n\n### Report\n\nAfter the inspection completes, Sentinel returns a `SecurityReport`.\nThis report aggregates all detected threats and provides a unified\nseverity score and risk level for the current runtime environment.\n\n```kotlin\nprintln(\"Risk Level: ${report.riskLevel}\")\nprintln(\"Total Risk Score: ${report.severity} / ${report.threshold}\")\nprintln(\"Threat Count: ${report.threats.size}\")\nprintln(\"Timestamp: ${report.timestamp}\")\n\nif (report.isRooted) println(\"Root detected\")\nif (report.isJailbroken) println(\"Jailbreak detected\")\nif (report.isTampered) println(\"App tampering detected\")\nif (report.isHooked) println(\"Hooking detected\")\nif (report.isEmulator) println(\"Emulator detected\")\nif (report.isSimulator) println(\"Simulator detected\")\nif (report.isDebugged) println(\"Debugger detected\")\nif (report.isMockLocation) println(\"Mock location detected\")\n\nif (report.isSafe()) {\n    println(\"Device is secure\")\n} else {\n    println(\"Security risks detected!\")\n}\n\nif (report.isCritical()) {\n    println(\"Block app usage.\")\n}\n```\n\nYou can optionally log the report to the console / logcat for debugging purposes:\n\n```kotlin\nSentinelLogger.report(report = report)\n```\n\n### RASP - Runtime Application Self-Protection (Detection)\n\nSentinel extends protection beyond initial startup checks by continuously monitoring the application\nduring runtime. Through background scanning mechanisms, it detects unauthorized access attempts,\nruntime tampering, and external manipulation activities in real time.\n\n```kotlin\nsentinel.runtime {\n    onCompromised {\n        info(msg = \"Device integrity failed (Root/Jailbreak detected).\")\n    }\n\n    onTampered {\n        info(msg = \"App tampering detected.\")\n    }\n\n    onHooked {\n        info(msg = \"Runtime hook detection.\")\n    }\n\n    onSimulated {\n        info(msg = \"Running on Emulator/Simulator environment.\")\n    }\n\n    onDebugged {\n        info(msg = \"Active debugging session detected.\")\n    }\n\n    onCritical { score -\u003e\n        info(msg = \"High risk score reached: $score\")\n    }\n\n    onSafe {\n        info(msg = \"All systems nominal.\")\n    }\n}\n```\n\n### Sentinel Monitor\n\nSentinel Monitor is a monitoring infrastructure that tracks application-layer vulnerabilities and\nsuspicious activities in real-time and reports these threats.\n\nhttps://github.com/user-attachments/assets/acfb35ac-61c4-492e-ae42-a7576f2badb1\n\n```gradle\nimplementation(\"io.github.resulsilay:sentinel-monitor:1.5.2-beta\")\n```\n\n```kotlin\nSentinelMonitor.start(\n    appId = sentinel.config.appId.orEmpty(),\n    appIntegrity = sentinel.config.hash.orEmpty(),\n    threshold = sentinel.config.threshold\n)\n```\n\n## Samples\n\n- [Multiplatform](sample/multiplatform)\n- [Android](sample/android)\n\n## Risk Scoring\n\nSentinel does NOT simply sum threats.\n\nInstead:\n\n- Groups threats by category\n- Takes the highest severity per category\n- Produces a realistic risk score\n\n## License\n\n```\nMIT License\n\nCopyright (c) 2026 Resul Silay\n\nPermission is hereby granted, free of charge, to any person obtaining a copy\nof this software and associated documentation files (the \"Software\"), to deal\nin the Software without restriction, including without limitation the rights\nto use, copy, modify, merge, publish, distribute, sublicense, and/or sell\ncopies of the Software, and to permit persons to whom the Software is\nfurnished to do so, subject to the following conditions:\n\nThe above copyright notice and this permission notice shall be included in all\ncopies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\nIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\nFITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\nAUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\nLIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\nOUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\nSOFTWARE.\n```","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fresulsilay%2Fsentinel","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fresulsilay%2Fsentinel","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fresulsilay%2Fsentinel/lists"}