Hilux
GitHub
Back home

Changelog

The latest updates, improvements, and fixes to Hilux detection engine.

v2.1.12026-03-26

The Enterprise Update

Major expansion of proactive security features including automated lockdown, client-side integrity, and behavioral detectors.

  • Circuit Breaker: Automated high-availability 'lockdown' logic to restrict traffic during critical attack spikes
  • Client Integrity SDK: Browser-side fingerprinting and HMAC signed tokens to verify real users vs headless bots
  • API Enumeration Detector: Behavioral analysis identifies sequential resource scraping and data harvesting patterns
  • Shadow Mode: Observation mode allows security monitoring and scoring without blocking traffic
  • Dashboard Advanced Section: Dedicated interface for managing enterprise features and SDK configurations
  • Login Portal Redesign: Minimalist high-end SaaS aesthetic for the management interface
  • Performance Optimization: 15% reduction in Redis lookup overhead for sequential detections
v2.1.02026-03-25

The Intelligence Update

Advanced threat response system with Challenge Gateway, Rate Shaping, enhanced Custom Rules Engine, and structured Webhook Alerts.

  • Challenge Gateway: Serve Turnstile, hCaptcha, or Proof-of-Work challenges to suspicious traffic
  • Rate Shaping (Tarpit): Artificial latency proportional to risk score degrades bot throughput
  • Custom Rules Engine: New operators (regex, not_equals, not_contains) and conditions (Request.Method, Request.Country)
  • Webhook Alerts: Structured notifications with auto-detection for Discord, Slack, and generic endpoints
  • Multi-URL Webhook Support: Send events to multiple destinations simultaneously with retry logic
  • NestJS Integration: Guard, Middleware, and Module patterns with zero external dependencies
  • Koa Middleware: Lightweight integration following Koa conventions (ctx.state.hilux)
  • Security Patch: Fastify pinned to v5.8.4+ (request.protocol vulnerability fix)
v2.0.02026-03-22

The Hardened Update

Major structural update introducing an enterprise-grade billing system, management dashboard, and advanced security modules.

  • Integrated Lemon Squeezy for secure license management
  • New Hardened Dashboard with dynamic session tokens
  • Tiered Security Model (Community, Pro, Enterprise)
  • Login Protector: Brute-force mitigation for auth endpoints
  • Geo-Blocking: Region-based traffic filtering
  • Deception Engine: Honeypots and virtual patching
  • Unified API Authentication Middleware
v1.0.02026-03-17

Initial Release

Initial release of Hilux with 8-signal detection engine and native Fastify/Express support.

  • 8-signal composite scoring engine
  • Sub-millisecond detection latency
  • JA4/JA4+ TLS fingerprinting integration
  • Geolocation integrated via cmd
  • Native Fastify plugin with hook integration
  • Express middleware support
  • Redis-backed global state management