"No external libraries. No blind trust. No compromise." AGPLv3 — Open Source Core. Built for humans, not for SaaS margins.
This project is a Proof of Concept (PoC) and part of ongoing research and development at VisionGaia Technology. It is not a certified or production-ready product.
Use at your own risk. The software may contain security vulnerabilities, bugs, or unexpected behavior. It may break your environment if misconfigured or used improperly.
Do not deploy in critical production environments unless you have thoroughly audited the code and understand the implications. For enterprise-grade, verified protection, we recommend established and officially certified solutions.
Found a vulnerability or have an improvement? Open an issue or contact us.
VGT Sentinel 1.7.0 introduces the largest overhaul of the AEGIS engine since the Community Edition launch. The WAF now uses a multi-stage anomaly-scoring architecture with cryptographic browser verification, dramatically reducing false positives while improving detection of heavily obfuscated attacks.
-
Replaced immediate regex-based blocking with weighted anomaly scoring.
-
Every signature now contributes a configurable threat score.
-
Requests are blocked only after exceeding the configured
threshold_blockvalue. -
Example:
sqli= 5 pointsxss= 5 pointsrce= 100 points
Benefit: Benign content containing technical keywords no longer triggers immediate visitor lockouts.
- Added browser verification layer for medium-confidence detections.
- Requests exceeding
threshold_challengereceive a JavaScript challenge page. - Successful browsers receive a signed trust cookie (24h validity).
- Low and medium severity detections are automatically relaxed for verified browsers.
Benefit: Headless bots and scrapers fail automatically while legitimate users experience only a one-time verification step.
-
Logged-in users with:
edit_postsmanage_options
automatically bypass low-risk signatures.
-
Weights reduced to zero for:
- SQLi heuristics
- XSS heuristics
- Recon probes
- Direct DB references
- GraphQL reconnaissance
-
Critical exploit classes remain enforced:
- RCE
- LFI
- Command Injection
Benefit: Content editors can safely work with code snippets, HTML fragments and technical content.
WooCommerce:
-
Sensitive checkout fields are excluded from inspection:
- billing_company
- shipping_company
- related business fields
Gutenberg:
-
Post editing and REST save operations automatically increase challenge/block thresholds.
-
Applies to:
/wp-json/wp/v2/postspost.php
Benefit: Eliminates false positives during checkout and content publishing.
Normalization pipeline upgraded:
- Up to 5 recursive URL decode passes
- IIS Unicode
%uXXXXsupport - Improved nested encoding detection
Benefit: Detects deeply obfuscated payloads and multi-stage encoding bypass attempts.
New lookaround-based comment processing:
sel/**/ect→selectselect/**/1→select 1
Benefit: Closes classic SQL comment evasion techniques without breaking syntax reconstruction.
Large monolithic patterns were split into dedicated detection classes:
Examples:
rce_evalrce_callbacksrce_backticksrce_jndi_envsqli_unionsqli_selectxss_script_tagsxss_event_handlers
Benefits:
- Faster matching
- Better logging
- Lower ReDoS exposure
- Improved diagnostics
Detection workflow redesigned:
Stage 1:
- Atomic kill signatures
- Immediate critical exploit detection
Stage 2:
- Heuristic scoring
- AI delegation hooks
- Nexus pattern analysis
Benefit: Critical attacks are terminated instantly while reducing CPU usage for normal traffic.
- Added RFC-compliant private and loopback validation.
- Local sockets automatically bypass spoofing checks.
- Improved compatibility with reverse proxies and development environments.
Benefit: Eliminates false positives caused by internal infrastructure.
New browser verification interface includes:
- Responsive layout
- Corporate branding
- Progress animations
- Mathematical CPU challenge
Benefit: Visitors receive clear feedback instead of a generic HTTP 403 response.
VGT Sentinel Community Edition is the standalone open-source security core of the VGT WordPress ecosystem. For integrated operation, live diagnostics, privilege hardening and local telemetry, Sentinel is also embedded inside the VGT WP-Desk Security Center.
It is the open-source core of the VGT Sentinel suite — a battle-hardened, multi-layered defense system built on a Zero-Trust architecture. Every request is inspected, every header hardened, every upload analyzed, every file hashed and signature-matched, and every bot challenged.
Traditional WordPress Security:
→ Single plugin = single point of failure
→ Shared hosting overhead
→ No outbound control
→ No filesystem integrity monitoring
VGT Sentinel ZTNA Security Stack:
→ Stream-based WAF (AEGIS) — SQLi, XSS, RCE, LFI neutralized
→ Kernel Hardening (TITAN) — Server fingerprint masked
→ Stealth Engine (HADES) — WordPress architecture obfuscated
→ Access Guard (CERBERUS) — IP-validated brute-force prevention
→ Outbound Control (STYX LITE) — Data exfiltration blocked
→ Payload Sanitizer (AIRLOCK) — Binary upload inspection
→ Integrity + Malware Scanner (CHRONOS) — SHA-256 diff + 40+ signatures
→ Anti-Bot Engine (VGT SHIELD) — Zero-UI PoW bot defense
Incoming HTTP Request
↓
CERBERUS (Pre-Auth IP Validation)
→ Cloudflare CIDR verification
→ X-Forwarded-For spoofing prevention
→ Brute-force state via RAM/Object Cache
→ Hook Priority 1 — fires before WP user logic
↓
AEGIS WAF (Stream Inspection)
→ php://input scanned in 4KB binary chunks
→ Overlap-buffer for boundary-spanning patterns
→ 512KB scan limit (Memory Exhaustion prevention)
→ Tarpit: Socket-Drop + Connection: Close on critical hit
→ HARDENED V1.6.0: 4-layer payload normalization
↓
TITAN (Kernel Hardening)
→ Security headers injected
→ X-Powered-By camouflage (Laravel / Drupal / Django)
→ XML-RPC blocked, REST API locked to auth sessions
→ .env / wp-config.php / .git access denied at .htaccess level
↓
HADES (Stealth Engine)
→ URL rewrites mask WordPress directory structure
→ Custom slugs for wp-admin and wp-login.php
↓
VGT SHIELD (Anti-Bot / PoW Engine)
→ SHA-256 cryptographic challenge issued by PHP server
→ Web Worker mines proof-of-work in isolated browser thread
→ X-VGT-Shield-PoW header injected into form submissions
→ Server validates hash in <10ms — replay protection (TTL 1800s)
↓
AIRLOCK (Upload Inspection)
→ Magic Byte analysis on 4KB header/footer chunks
→ PHP wrapper, Base64 and exec-pattern detection
→ Polyglot file prevention
↓
CHRONOS (Integrity + Malware Scanner) ← UPGRADED IN V1.6.0
→ SHA-256 against integrity_matrix.php baseline
→ mtime + size pre-filter before hash computation
→ NEW: 40+ malware signatures matched on NEW/MODIFIED files only
→ Ghost Trap honeypot triggers IP blacklisting on access
→ Cron-sliced execution (max 20s) — PHP timeout safe
↓
STYX LITE (Outbound Control)
→ Telemetry Kill Switch for api.wordpress.org
→ Supply-chain exfiltration blocked
VGT Sentinel Community Edition remains the open-source foundation of the VisionGaia security stack.
Starting with the 1.7.x branch, the standalone Sentinel CE repository is treated as a stable open-source core / LTS foundation. Security fixes, compatibility improvements and community contributions remain welcome, but major feature development will increasingly move into the integrated VGT WP-Desk Security Center.
The reason is architectural: Sentinel becomes significantly more powerful when operated together with the broader VGT control layer:
VGT WP-Desk Security Center
├── Sentinel CE / V7 — WAF, IDS, bans, threat logs
├── Throne Guard — capability hardening, Superkey vault
├── Dattrack — local telemetry and operational insight
├── Command Center — diagnostics, runtime state, task management
└── Recovery / Safe Mode — classic admin fallback and controlled recovery
Sentinel CE will continue to exist as a transparent, forkable and self-hosted security framework for WordPress. Developers, researchers and operators are encouraged to audit, extend and adapt the standalone version for their own environments.
For users who want the full integrated operator experience — including desktop workflow, Security Center, live diagnostics, privilege hardening and local telemetry — we recommend using VGT WP-Desk, where Sentinel is developed as part of a unified WordPress operations and security environment.
In short:
- Sentinel CE Standalone → open-source security core / LTS foundation
- VGT WP-Desk Security Center → actively developed integrated operator platform
- Sentinel V7 → advanced research and next-generation security engine
This project is not abandoned. It is becoming the stable open foundation for the larger VGT WordPress security ecosystem.
| 🖥️ VGT WP-Desk | Operator Desktop / Security Center | Integrated WordPress operations workspace with Sentinel, Throne Guard, Dattrack, diagnostics and recovery controls |
Stream-based WAF for real-time payload inspection.
| Parameter | Value |
|---|---|
| Engine | Deterministic Regex Pattern Matching (Hardened V1.6.0) |
| Scan Limit | 512 KB (Memory Exhaustion prevention) |
| Read Strategy | php://input binary stream in 4KB chunks with overlap buffer |
| Protected Vectors | SQLi, XSS, RCE, LFI, Malicious User Agents |
| Threat Response | Immediate socket-drop (Connection: Close) before header send |
| Normalization Layers | URL, HTML Entity, Unicode Escape, Hex Escape |
| Failure Mode | Fail-Closed PCRE — ReDoS attempts trigger immediate block |
V1.6.0 Hardening Summary:
The pattern set was extended to close gaps that gave manual attackers an evasion path. The new normalizer decodes HTML entities (javascript:), Unicode escapes (\u0073ystem), and hex escapes (\x73ystem) before pattern matching — closing four previously distinct evasion vectors at the input layer. The XSS pattern now matches any on* event handler via wildcard instead of a hardcoded list of five. The SQLi pattern accepts non-whitespace separators between OR/AND and operands, closing payloads like 1/OR/1=1 that bypassed the previous whitespace requirement.
Application-layer hardening and server signature masking.
Headers Enforced:
→ X-XSS-Protection
→ X-Frame-Options: SAMEORIGIN
→ X-Content-Type-Options: nosniff
→ Referrer-Policy
→ Permissions-Policy
Camouflage Engine:
→ X-Powered-By spoofed to: Laravel | Drupal | Django
API Lockdown:
→ XML-RPC: BLOCKED (full)
→ REST API: Auth-only sessions
→ RSS/Atom: DISABLED
Protected Paths (.htaccess):
→ .env | .git | wp-config.php | composer.json | Vault directories
Architecture obfuscation to prevent automated WordPress fingerprinting.
URL Rewrite Map:
| Original Path | Masked Path |
|---|---|
wp-content/themes |
content/ui |
wp-content/plugins |
content/lib |
wp-content/uploads |
storage |
wp-includes |
core |
wp-admin |
(Custom Slug) |
wp-login.php |
(Custom Slug) |
Webserver Support: Apache (auto via .htaccess) · Nginx (static rule injection) · LiteSpeed
Pre-authentication IP validation and brute-force defense.
| Feature | Detail |
|---|---|
| True-IP Detection | Native Cloudflare CIDR validation — prevents X-Forwarded-For spoofing |
| Fail-State Tracking | RAM/Object Cache via WordPress Transients |
| Hook Priority | 1 on authenticate — fires before any WP user logic loads |
Network-layer control against data exfiltration and supply-chain attacks.
Telemetry Kill Switch — Blocked Domains:
→ api.wordpress.org
→ downloads.wordpress.org
→ s.w.org
Supply-Chain Protection:
→ Blocks unintended external communication from compromised plugins
Binary-level analysis of all file uploads (multipart/form-data).
| Feature | Detail |
|---|---|
| File Policy | Strict allowlist — only pre-approved safe formats |
| Large File Strategy | Memory-safe chunked read — 4KB header/footer scan for files >2MB |
| Magic Byte Inspection | Detects real file type regardless of extension |
| Polyglot Prevention | Blocks PHP wrappers, Base64 obfuscation, exec-patterns in image/document payloads |
Asynchronous filesystem integrity monitoring with embedded malware signature engine and honeypot tripwire.
Two-Stage Scan Architecture:
Stage 1: Integrity Pre-Filter (existing)
→ mtime + size compared against integrity_matrix.php baseline
→ Unchanged files reuse cached SHA-256 hash — zero re-hashing
→ Changed files proceed to Stage 2
Stage 2: Signature Scan (NEW V1.6.0)
→ 40+ embedded malware signatures matched on file content
→ 5MB hard size limit per file (DoS prevention)
→ PCRE fail-closed — ReDoS-resistant matching
→ Runs ONLY on NEW or MODIFIED files
→ Zero overhead on clean systems
Ghost Trap (existing):
→ Honeypot file: wp-admin-backup-restore.php
→ HTTP access = immediate IP blacklisting
Execution Safety:
→ Async State Machine — max 20s Cron-Slice
→ No PHP timeout risk on large installations
Embedded Malware Signature Categories (40+ patterns):
| Category | Coverage |
|---|---|
| WordPress malware families | wp_vcd injector + markers, pharma hack, WP filemanager backdoor |
| Generic obfuscation | eval+base64, eval+gzinflate, eval+str_rot13, pack hex, chr concat, goto-obfuscation |
| Known webshells | C99, R57, PHPSpy, WeBaCoo, b374k, WSO, FilesMan, ALFA, Marijuana Shell |
| Polyglot files | GIF/JPG/PNG headers + embedded PHP code |
| Direct shell access | shell_exec/passthru/system with $_GET/$_POST/$_REQUEST arguments |
| Remote file inclusion | https://, data://, php://input, php://filter includes |
| Backdoor patterns | create_function with user input, assert($_POST), $auth_pass MD5 markers |
| Cryptominers | Coinhive, Cryptonight, Monero/XMR, xmrig, cpuminer, minerd |
| Header manipulation | Base64-decoded redirects, wp_set_current_user with user input |
Performance characteristics:
On a clean WordPress installation, Stage 2 is never invoked — every file matches its baseline mtime/size and reuses the cached hash. The signature database lives in PHP OPcache as a class constant after first load, with zero file I/O cost. When a file changes legitimately (plugin update, theme modification), it gets one signature scan and one hash computation. When malware is introduced, it gets flagged with a MALWARE change type which escalates the report status to critical.
A high-performance, DSGVO-compliant reCAPTCHA alternative for WordPress. Eliminates bot interactions through a server-validated Proof-of-Work engine that operates entirely without user interaction and without external data transfers (Zero-Cloud).
No checkbox. No "I'm not a robot". No Google requests. No cookies. Instead: invisible, mathematical bot defense directly in the browser.
| Feature | Description |
|---|---|
| Zero-UI Bot Defense | End users see no captchas or checkboxes — security operates invisibly in the background |
| SHA-256 PoW Engine | Cryptographic challenge-response via bitwise hashing, isolated in a Web Worker |
| 100% DSGVO-compliant | No third-party requests, no cookies, no tracking |
| Zero-Cloud | Fully server-side — no external APIs, no CDNs |
| Replay Protection | Every hash is valid exactly once — TTL: 1800 seconds |
| Deep Plugin Scanner | AST-regex parsing detects installed form plugins and integrates them automatically |
| Network Layer Hijacking | Automatic interception of network requests for PoW header injection |
| <10ms Server Validation | Minimal latency on server-side hash verification |
| Dark/Light Mode | Neural Aesthetics admin dashboard with full theme support |
Native integrations: WooCommerce · Contact Form 7 · WPForms · Gravity Forms · WordPress Core Comments
The repository includes 3 Python-based red team test scripts for independent validation of Sentinel CE.
⚠️ Only use against your own servers. Running these scripts against third-party systems without explicit authorization is illegal.
| Script | Module Tested | Technique |
|---|---|---|
Redteamtest1.py |
AEGIS WAF | The script tests whether the AEGIS WAF detects and blocks attack payloads for SQLi, XSS, LFI, and RCE, or whether they can be bypassed |
Redteamtest2.py |
AEGIS WAF | The script tests whether the AEGIS WAF detects and blocks JSON‑obfuscated attack payloads (XSS, SQLi, LFI, and malformed JSON evasions), or whether they can be bypassed |
redteamtest3.py |
AEGIS WAF | The script tests whether the AEGIS WAF detects and blocks polymorphically mutated attack payloads (SQLi, XSS, LFI, RCE) across multiple HTTP methods (GET, POST forms, JSON, multipart, header injection) – including WordPress‑specific vectors such as polyglot uploads, REST API evasions, and Shellshock/JNDI probes – or whether they can be bypassed |
redteam4.py |
AEGIS WAF | The script tests whether the AEGIS WAF detects and blocks deeply obfuscated, polymorphic attack payloads (advanced SQLi, XSS, LFI, RCE) using techniques such as double URL encoding, comment‑based slicing, HTML entity scrambling, JSON Unicode obfuscation, HTTP header smuggling, and parameter pollution – or whether they can be bypassed |
Zero performance tax. Maximum coverage.
| Optimization | Mechanism |
|---|---|
| Fast-Path Routing | Static assets bypass WAF inspection entirely — saves >90% CPU cycles |
| Stream Chunking | Payload inspection via chunked reads — low, stable RAM footprint |
| Two-Stage Integrity Scan | Signature scanning skipped entirely on clean files |
| OPcache-Resident Signatures | Malware database loaded once, lives in OPcache — zero file I/O at runtime |
| Async Scheduling | CHRONOS runs in time-sliced cron — never blocks request handling |
| Web Worker Isolation | VGT SHIELD PoW mining runs in isolated thread — zero UI blocking |
| Zero Dependencies | No external libraries — no supply chain risk, no overhead |
| Component | Detail |
|---|---|
| PHP | 7.4+ (Recommended: 8.1+) |
| Webserver | Apache (auto), Nginx (manual rule injection), LiteSpeed |
| Page Builders | Bridge Manager auto-disables conflicting DOM/header interventions for Elementor, Divi, Oxygen |
| VGT Ecosystem | Native VisionLegalPro support via Shadow-Net Asset Routing |
| VGT Myrmidon | AEGIS Co-op Mode — whitelists Myrmidon ZTNA API endpoints automatically |
| WordPress Marketplace | Fully compliant with WordPress plugin guidelines |
DISCLAIMER: The Community Edition (Silber Status) operates on a deterministic rule engine. It provides a robust shield against standardized, automated botnets, scrapers, and known attack vectors.
The following capabilities are exclusive to VGT Sentinel Pro / Platin Status:
| Capability | Silber | Platin |
|---|---|---|
| ORACLE AI — Polymorphic Zero-Day Detection | ❌ | ✅ |
| PROMETHEUS — Dynamic Behavioral Profiling | ❌ | ✅ |
| NEMESIS — Deception-Engine | ❌ | ✅ |
ZEUS — Pre-Boot WAF via auto_prepend_file |
❌ | ✅ |
| MORPHEUS — Hypervisor for Plugins | ❌ | ✅ |
| GORGON — Global Swarm Intelligence Threat Feed | ❌ | ✅ |
| NEXUS Live Signature Updates — Hot-loadable threat patterns | ❌ | ✅ |
| API CRYPTO VAULT — AES-256-GCM Database Payload Encryption | ❌ | ✅ |
| Deterministic WAF (AEGIS Lite) | ✅ | ✅ |
| Kernel Hardening (TITAN Lite) | ✅ | ✅ |
| Stealth Engine (HADES Lite) | ✅ | ✅ |
| Access Guard (CERBERUS) | ✅ | ✅ |
| Outbound Control (STYX LITE) | ✅ | ✅ |
| Payload Sanitizer (AIRLOCK Lite) | ✅ | ✅ |
| Integrity + Malware Scanner (CHRONOS) | ✅ | ✅ |
| Anti-Bot PoW Engine (VGT SHIELD) | ✅ | ✅ |
# 1. Clone into WordPress plugins directory
cd /var/www/html/wp-content/plugins/
git clone https://github.com/visiongaiatechnology/sentinelcom
# 2. Activate in WordPress Admin
# Plugins → VGT Sentinel Community Edition → Activate
# 3. HADES: Configure custom login slug
# Settings → Sentinel → Stealth Engine
# 4. CHRONOS: Generate initial integrity manifest + signature scan
# Settings → Sentinel → Integrity Monitor → Generate Baseline
# 5. VGT SHIELD: Activate Anti-Bot PoW
# Settings → Sentinel → Shield → EnableMU-Deployer Note: One-click MU deployment is no longer available (WordPress policy). After activating Sentinel, navigate to Settings → Sentinel → MU-Deployer to generate the deployment script, then upload it manually to
wp-content/mu-plugins/via FTP.
On first activation, Sentinel automatically:
→ Injects AEGIS WAF into the request lifecycle
→ Applies TITAN security headers
→ Activates HADES URL rewrites (.htaccess / Nginx rules)
→ Initializes CERBERUS fail-state cache
→ Generates CHRONOS integrity_matrix.php baseline + signature scan
→ Deploys Ghost Trap honeypot
→ Activates STYX outbound kill switch
→ Registers VGT SHIELD challenge endpoint (/wp-json/vgt-shield/v1/challenge)
| Tool | Type | Purpose |
|---|---|---|
| ⚔️ VGT Sentinel | WAF / IDS Framework | Zero-Trust WordPress security suite — you are here |
| 🏰 Throne Guard | Capability Hardening | Strips toxic capabilities from Administrator role |
| 🛡️ VGT Myrmidon | ZTNA | Zero Trust device registry and cryptographic integrity verification |
| ⚡ VGT Auto-Punisher | IDS | L4+L7 Hybrid IDS — attackers terminated before they even knock |
| 📊 VGT Dattrack | Analytics | Sovereign analytics engine — your data, your server, no third parties |
| 🌐 VGT Global Threat Sync | Preventive | Daily threat feed — block known attackers before they arrive |
| 🔥 VGT Windows Firewall Burner | Windows | 280,000+ APT IPs in native Windows Firewall |
| Method | Address |
|---|---|
| PayPal | paypal.me/dergoldenelotus |
| Bitcoin | bc1q3ue5gq822tddmkdrek79adlkm36fatat3lz0dm |
| ETH | 0xD37DEfb09e07bD775EaaE9ccDaFE3a5b2348Fe85 |
| USDT (ERC-20) | 0xD37DEfb09e07bD775EaaE9ccDaFE3a5b2348Fe85 |
Pull requests are welcome. For major changes, open an issue first.
Licensed under AGPLv3 — "For Humans, not for SaaS Corporations."
VisionGaia Technology builds enterprise-grade security infrastructure — engineered to the DIAMANT VGT SUPREME standard.
"Sentinel was built because WordPress deserved a security framework that doesn't phone home, doesn't bloat your stack, and doesn't ask you to trust a SaaS dashboard with your attack surface."
Version 1.6.0 — VGT Sentinel Community Edition // Zero-Trust WAF Framework // Deterministic DFA Engine // Integrated Malware Scanner // Hardened Pattern Set // WordPress Marketplace Ready // AGPLv3