Security Guard

A powerful, comprehensive security plugin for Flutter applications. It helps protect your app from common security threats by detecting unwanted environments and activities.

Features

  • 🛡️ Root/Jailbreak Detection: Detects if the device is rooted (Android) or jailbroken (iOS).
  • 🌐 Native VPN Detection: Highly reliable native check for active VPN transport layers.
  • 🎥 Screen Recording Detection: Instant notification when the screen starts being recorded.
  • 📺 Mirroring & Casting: Detects Screen Mirroring (AirPlay) and Casting (Chromecast).
  • 🛠️ Developer Mode: Detects if Android Developer Settings are enabled.
  • 📱 Emulator Detection: Identifies if the app is running on an emulator or simulator.
  • 🔒 Secure Window: Optional support for FLAG_SECURE to prevent screenshots and task switcher previews.
  • 🚫 Security Blocker: A ready-to-use widget that automatically blocks the UI when threats are detected.

Installation

Add this to your pubspec.yaml:

dependencies:
  security_guard: ^1.0.0

Quick Start

1. Initialize the Plugin

Initialize the plugin at the start of your app:

void main() async {
  WidgetsFlutterBinding.ensureInitialized();
  
  await SecurityGuard.instance.init(
    const SecurityConfig(
      enableRootCheck: true,
      enableVPNCheck: true,
      enableScreenRecCheck: true,
      enableMirroringCheck: true,
      enableCastingCheck: true,
      enableDevModeCheck: true,
      enableEmulatorCheck: true,
      enableSecureFlag: true,
    ),
  );

  runApp(const MyApp());
}

2. Wrap your App with SecurityBlocker

The easiest way to enforce security is to wrap your main widget with SecurityBlocker:

class MyApp extends StatelessWidget {
  @override
  Widget build(BuildContext context) {
    return MaterialApp(
      home: SecurityBlocker(
        // Specify which threats should block the app
        forbiddenEvents: const [
          SecurityEventType.rootDetected,
          SecurityEventType.vpnDetected,
          SecurityEventType.screenRecordingDetected,
        ],
        child: const HomeScreen(),
      ),
    );
  }
}

Technical Details

  • VPN Detection: Unlike other plugins that use heuristics, security_guard uses the system's native ConnectivityManager (Android) and network interface checks (iOS) for maximum accuracy.
  • Display Check: Uses native DisplayManager listeners on Android to catch recording and casting instantly.
  • Manual Refresh: Users can resolve a threat (like turning off a VPN) and click the "Refresh" button on the blocker screen to re-verify and unlock the app.

Example Project

The source code for the example application can be found on GitHub.

License

MIT License. See LICENSE for details.

Libraries

security_guard
widgets/security_blocker