Skip to content

siimaus/stylobot

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

99 Commits
.claude
.claude
 
 
.github/workflows
.github/workflows
 
 
.playwright-mcp
.playwright-mcp
 
 
BenchmarkDotNet.Artifacts/results
BenchmarkDotNet.Artifacts/results
 
 
Mostlylucid.BotDetection.ApiHolodeck
Mostlylucid.BotDetection.ApiHolodeck
 
 
Mostlylucid.BotDetection.BdfGenerator
Mostlylucid.BotDetection.BdfGenerator
 
 
Mostlylucid.BotDetection.Benchmarks
Mostlylucid.BotDetection.Benchmarks
 
 
Mostlylucid.BotDetection.Console
Mostlylucid.BotDetection.Console
 
 
Mostlylucid.BotDetection.Demo.Tests
Mostlylucid.BotDetection.Demo.Tests
 
 
Mostlylucid.BotDetection.Demo
Mostlylucid.BotDetection.Demo
 
 
Mostlylucid.BotDetection.MinimalDemo
Mostlylucid.BotDetection.MinimalDemo
 
 
Mostlylucid.BotDetection.Orchestration.Tests
Mostlylucid.BotDetection.Orchestration.Tests
 
 
Mostlylucid.BotDetection.SignatureStore
Mostlylucid.BotDetection.SignatureStore
 
 
Mostlylucid.BotDetection.Test
Mostlylucid.BotDetection.Test
 
 
Mostlylucid.BotDetection.UI.PostgreSQL
Mostlylucid.BotDetection.UI.PostgreSQL
 
 
Mostlylucid.BotDetection.UI
Mostlylucid.BotDetection.UI
 
 
Mostlylucid.BotDetection
Mostlylucid.BotDetection
 
 
Mostlylucid.Common
Mostlylucid.Common
 
 
Mostlylucid.GeoDetection.Contributor
Mostlylucid.GeoDetection.Contributor
 
 
Mostlylucid.GeoDetection.Demo
Mostlylucid.GeoDetection.Demo
 
 
Mostlylucid.GeoDetection.Test
Mostlylucid.GeoDetection.Test
 
 
Mostlylucid.GeoDetection
Mostlylucid.GeoDetection
 
 
Mostlylucid.StyloSpam
Mostlylucid.StyloSpam
 
 
Stylobot.Gateway.Tests
Stylobot.Gateway.Tests
 
 
Stylobot.Gateway
Stylobot.Gateway
 
 
TestSite
TestSite
 
 
bot-signatures-v1-backup
bot-signatures-v1-backup
 
 
bot-signatures
bot-signatures
 
 
demo
demo
 
 
docs
docs
 
 
mostlylucid.stylobot.website
mostlylucid.stylobot.website
 
 
stylobot-react
stylobot-react
 
 
test-bdf-v2
test-bdf-v2
 
 
.dockerignore
.dockerignore
 
 
.env.example
.env.example
 
 
.gitignore
.gitignore
 
 
BDF-TO-K6-MAPPING.md
BDF-TO-K6-MAPPING.md
 
 
BLACKBOARD_ARCHITECTURE.md
BLACKBOARD_ARCHITECTURE.md
 
 
BOTDETECTION_LLM_TRAFFIC_GENERATOR.md
BOTDETECTION_LLM_TRAFFIC_GENERATOR.md
 
 
BOTDETECTION_SIMULATOR_DESIGN.md
BOTDETECTION_SIMULATOR_DESIGN.md
 
 
BOTDETECTION_TRAINING_SYSTEM.md
BOTDETECTION_TRAINING_SYSTEM.md
 
 
CLAUDE.md
CLAUDE.md
 
 
CODE_REVIEW.md
CODE_REVIEW.md
 
 
CONTRIBUTORS_CATALOG.md
CONTRIBUTORS_CATALOG.md
 
 
DEMO_LOOP_COMPLETE.md
DEMO_LOOP_COMPLETE.md
 
 
DETECTION_ANALYSIS_AND_FIXES.md
DETECTION_ANALYSIS_AND_FIXES.md
 
 
DOCKER_SETUP.md
DOCKER_SETUP.md
 
 
DSourcemostlylucid.stylobottemp_dashboard.html
DSourcemostlylucid.stylobottemp_dashboard.html
 
 
FINAL_SUMMARY.md
FINAL_SUMMARY.md
 
 
GITHUB_ACTIONS_UPDATES.md
GITHUB_ACTIONS_UPDATES.md
 
 
LICENSE
LICENSE
 
 
LLAMA_IMPLEMENTATION_COMPLETE.md
LLAMA_IMPLEMENTATION_COMPLETE.md
 
 
LOAD_TESTING.md
LOAD_TESTING.md
 
 
QUICKSTART.md
QUICKSTART.md
 
 
QUICK_START_TEST.md
QUICK_START_TEST.md
 
 
README.md
README.md
 
 
SESSION_SUMMARY.md
SESSION_SUMMARY.md
 
 
UI-FIXES-VERIFIED.md
UI-FIXES-VERIFIED.md
 
 
UI_INTEGRATION_GUIDE.md
UI_INTEGRATION_GUIDE.md
 
 
YARP_LEARNING_IMPLEMENTATION_SUMMARY.md
YARP_LEARNING_IMPLEMENTATION_SUMMARY.md
 
 
YARP_LEARNING_MODE.md
YARP_LEARNING_MODE.md
 
 
bdf-load-test.js
bdf-load-test.js
 
 
bdf-schema-v2.md
bdf-schema-v2.md
 
 
bdf-v2-schema.json
bdf-v2-schema.json
 
 
convert-bdf-to-k6-v2.csx
convert-bdf-to-k6-v2.csx
 
 
convert-bdf-to-k6.csx
convert-bdf-to-k6.csx
 
 
convert-signatures-to-k6.csx
convert-signatures-to-k6.csx
 
 
dashboard-countries.png
dashboard-countries.png
 
 
dashboard-main.png
dashboard-main.png
 
 
dashboard-overview.png
dashboard-overview.png
 
 
dashboard-visitors.png
dashboard-visitors.png
 
 
docker-compose.demo.yml
docker-compose.demo.yml
 
 
docker-compose.k6-override.yml
docker-compose.k6-override.yml
 
 
docker-compose.yml
docker-compose.yml
 
 
generate-comprehensive-behaviors.csx
generate-comprehensive-behaviors.csx
 
 
k6-profile.js
k6-profile.js
 
 
k6-security-perf.js
k6-security-perf.js
 
 
k6-soak.js
k6-soak.js
 
 
load-test.js
load-test.js
 
 
mostlylucid.stylobot.sln
mostlylucid.stylobot.sln
 
 
run-load-test.ps1
run-load-test.ps1
 
 
run-local.ps1
run-local.ps1
 
 
signature-detail-test.png
signature-detail-test.png
 
 
signature-detail.png
signature-detail.png
 
 
test-bdf-v2-signature.json
test-bdf-v2-signature.json
 
 
test-demo-loop.ps1
test-demo-loop.ps1
 
 
test-generation.ps1
test-generation.ps1
 
 
test-k6-output.js
test-k6-output.js
 
 
test-llm-integration.csx
test-llm-integration.csx
 
 
test-llm-variety.csx
test-llm-variety.csx
 
 
test-mostlylucid-net.ps1
test-mostlylucid-net.ps1
 
 
test-ollama-generation.csx
test-ollama-generation.csx
 
 
test-proxy.js
test-proxy.js
 
 
tmp-docs.html
tmp-docs.html
 
 
tmp-home.html
tmp-home.html
 
 

Repository files navigation

StyloBot

by mostlylucid

Bot detection framework for ASP.NET Core with wave-based detection, adaptive learning, and reverse-proxy integration.

StyloBot

What This Repo Contains

This repository is a monorepo for the StyloBot ecosystem:

  • Mostlylucid.BotDetection: Core detection library and middleware
  • Mostlylucid.BotDetection.Demo: End-to-end demo app with test pages, API endpoints, and live signatures
  • Stylobot.Gateway: Docker-first YARP gateway with built-in detection
  • Mostlylucid.BotDetection.UI: Dashboard/tag helpers/view components
  • Mostlylucid.BotDetection.UI.PostgreSQL: PostgreSQL + TimescaleDB + pgvector persistence
  • mostlylucid.stylobot.website: Marketing/demo website using the detection stack

Requirements

  • .NET SDK 10.0 (repo projects target net10.0)
  • Docker + Docker Compose (optional, for containerized flows)
  • Optional for advanced scenarios:
    • PostgreSQL/TimescaleDB
    • Ollama (for LLM provider mode)

Quick Start (Local Demo)

dotnet run --project Mostlylucid.BotDetection.Demo

Open:

  • http://localhost:5080/bot-test
  • http://localhost:5080/SignatureDemo
  • http://localhost:5080/bot-detection/check

If you run the HTTPS launch profile, HTTPS is also available at https://localhost:5001.

Quick Start (Gateway)

Run gateway with one upstream (zero-config mode):

docker run --rm -p 8080:8080 -e DEFAULT_UPSTREAM=http://host.docker.internal:3000 scottgal/stylobot-gateway:latest

Health endpoint:

curl http://localhost:8080/admin/health

If ADMIN_SECRET is configured, include header X-Admin-Secret for /admin/* endpoints.

Detection Surface

The default policy runs fast contributors first and can escalate based on policy config. In demo and gateway configs, the active policies include contributors such as:

  • User-Agent, Header, IP, SecurityTool
  • Behavioral, AdvancedBehavioral, CacheBehavior
  • ClientSide, Inconsistency, VersionAge, ReputationBias
  • FastPathReputation, ProjectHoneypot, HoneypotLink
  • TLS/TCP/HTTP2 fingerprinting and cross-layer correlation
  • Cluster detection (label propagation + FFT spectral analysis)
  • Country reputation tracking (time-decayed bot rates)
  • Heuristic scoring (and optional LLM path when configured)

Real contributor lists are controlled by BotDetection:Policies in each app config.

Training Data API

Export detection data for ML training:

# JSONL streaming export with labels
curl http://localhost:5080/bot-detection/training/export > training-data.jsonl

# Cluster data
curl http://localhost:5080/bot-detection/training/clusters

# Country reputation
curl http://localhost:5080/bot-detection/training/countries

Register with app.MapBotTrainingEndpoints(). See Training Data API docs.

Core Product Differentiators

  • Speed with intelligence: low-latency request handling with explainable detector evidence.
  • Temporal behavior resolution: cross-request, windowed signal correlation for stronger bot/human discrimination.
  • Powered by mostlylucid.ephemeral: efficient ephemeral state and coordinator patterns that enable across-time analysis without heavy per-request latency.
  • Operator-first control: you decide policy actions and rollout strategy.

Common Dev Commands

# Build all projects
dotnet build mostlylucid.stylobot.sln

# Run the demo app
dotnet run --project Mostlylucid.BotDetection.Demo

# Run the gateway app
dotnet run --project Stylobot.Gateway

# Run tests
dotnet test mostlylucid.stylobot.sln

Docker Compose Stacks

  • docker-compose.yml: TimescaleDB + demo app
  • docker-compose.demo.yml: full stack (Caddy + gateway + website + DB + extras)

Start minimal compose stack:

cp .env.example .env
# set POSTGRES_PASSWORD in .env
docker compose up -d

Documentation Map

Start here for canonical docs:

Library and component docs:

Detector docs:

Notes on Existing Docs

This repo has many historical architecture/experiment docs. Prefer the files listed above when you need current setup and operational behavior.

License

The Unlicense

About

A rich semantic bot detection engine. Free for basic, commercial for advanced features

Resources

Readme

License

Unlicense license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

97 tags

Packages

 
 
 

Contributors

Languages

  • C# 77.3%
  • HTML 15.1%
  • JavaScript 2.2%
  • CSS 1.9%
  • TypeScript 1.7%
  • PLpgSQL 0.8%
  • Other 1.0%