ASTRA · SHIELD · v2.1.0

CAPTCHAs are
broken.

Every puzzle you force on a user is an apology for your security. We built what comes after — a five-tier protection system that is completely invisible to 95% of your traffic.

No puzzles. No friction. No apology.

Detection signals
10
Challenge types
11
Protection layers
10

Five tiers.
One SDK.

The OOS (Out-of-Suspicion) score determines how much friction — if any — a visitor encounters.

T0 Ghost OOS 0.0 – 1.5
Invisible. Passive behavioral analysis only. ~95% of traffic.
T1 Whisper OOS 1.5 – 2.0
100 – 200ms micro-delay. Imperceptible to humans.
T2 Nudge OOS 2.0 – 2.5
2 – 5 second gesture challenge. Quick, native.
T3 Pause OOS 2.5 – 3.0
10-second multi-step verification.
T4 Gate OOS 3.0+
Manual review. Suspected bots only.

10 signals.
0 cookies.

Fingerprinting
Canvas hash · WebGL GPU vendor + renderer · Audio worklet · Font metrics · Navigator + hardware profile
Behavioral
Mouse velocity + acceleration · Keyboard rhythm · Touch gesture patterns · Scroll speed + direction · Session navigation flow
Infrastructure
Headless browser probes · Automation framework detection · Datacenter IP recognition · VPN / Tor exit nodes · Header consistency scoring

Up in
five minutes.

Works with React, Vue, Angular, and vanilla JavaScript. Node.js ≥ 18 required server-side.

Published to npm as astra-shield. MIT licence.

# Option A — curl installer (macOS / Linux)
curl -fsSL https://astra-shield-site.vercel.app/install.sh | sh

# Option B — npm global install
npm install -g astra-shield

# Add shield to your project
astra add

# Verify setup
astra doctor

# ESM import
import { ASTRAShield } from 'astra-shield';

const shield = new ASTRAShield({
  endpoint: '/api/verify',
  tier: { ghost: true }
});

shield.init();

Stop apologising
for your security.

npm install -g astra-shield