GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → kaplanelad → shellfirm

kaplanelad / shellfirm

Licence: Apache-2.0 license
Intercept any risky patterns (default or defined by you) and prompt you a small challenge for double verification

Programming Languages

rust
11053 projects
shell
77523 projects
Makefile
30231 projects

Labels

zshdevopsterminalcaptchapromptdevops-tools

Projects that are alternatives of or similar to shellfirm

mCaptcha
A no-nonsense CAPTCHA system with seamless UX | Backend component
Stars: ✭ 473 (+197.48%)
Mutual labels:  captcha
jquery.dialog.js
A lightweight replacement for the browser's default dialog boxes.
Stars: ✭ 17 (-89.31%)
Mutual labels:  prompt
CAPTCHA Reader
🐝 PHP 验证码识别与训练 脚手架
Stars: ✭ 142 (-10.69%)
Mutual labels:  captcha
esaj
Scrapers for many e-SAJ systems
Stars: ✭ 35 (-77.99%)
Mutual labels:  captcha
Captcha
.net core Captcha Service
Stars: ✭ 38 (-76.1%)
Mutual labels:  captcha
efs2
A dead-simple configuration management tool powered by stupid shell scripts.
Stars: ✭ 82 (-48.43%)
Mutual labels:  devops-tools
OpenPrompt
An Open-Source Framework for Prompt-Learning.
Stars: ✭ 1,769 (+1012.58%)
Mutual labels:  prompt
devops-toolkit
Easily setup your DevOps development environment
Stars: ✭ 44 (-72.33%)
Mutual labels:  devops-tools
prompt-base
This repository has been archived, use Enquirer instead.
Stars: ✭ 21 (-86.79%)
Mutual labels:  prompt
f5-super-netops-container
F5 Super NetOps container images that enable Automation and Orchestration with a DevOps methodology
Stars: ✭ 24 (-84.91%)
Mutual labels:  devops-tools
purification
Very minimal Zsh prompt without any dependency
Stars: ✭ 25 (-84.28%)
Mutual labels:  prompt
polkadot-deployer
Tool for deploying polkadot networks
Stars: ✭ 99 (-37.74%)
Mutual labels:  devops-tools
react-native-input-prompt
A cross-platform user input prompt component for React Native with Native UI.
Stars: ✭ 45 (-71.7%)
Mutual labels:  prompt
envkey-python
EnvKey's python library. Protect API keys and credentials. Keep configuration in sync.
Stars: ✭ 24 (-84.91%)
Mutual labels:  devops-tools
captcha-recognition
End-to-end captcha image recognition using PyTorch and CTC loss binding.
Stars: ✭ 29 (-81.76%)
Mutual labels:  captcha
Raid-Protect-Discord-Bot
A Discord Bot that allows you to protect your Discord server with captcha, anti profanity, anti nudity image, anti spam, account age required, logs...
Stars: ✭ 182 (+14.47%)
Mutual labels:  captcha
envkey-node
EnvKey's official Node.js client library
Stars: ✭ 46 (-71.07%)
Mutual labels:  devops-tools
zsh-aws-vault
oh-my-zsh plugin for aws-vault
Stars: ✭ 63 (-60.38%)
Mutual labels:  prompt
fish-kube-prompt
⎈ kubectl context/namespace in your fish shell prompt
Stars: ✭ 71 (-55.35%)
Mutual labels:  prompt
Innofactor.Crm.CI
DevOps tools for Microsoft Dynamics 365
Stars: ✭ 23 (-85.53%)
Mutual labels:  devops-tools
View All Similar Projects ➔

shellfirm

Opppppsss you did it again? 😱 😱 😰

How do I save myself from myself?

  • rm -rf *
  • git reset --hard Before hitting the enter key?
  • kubectl delete ns Stop! you are going to delete a lot of resources
  • And many more!

Do you want to learn from other people's mistakes?

shellfirm will intercept any risky patterns (predefined or user's custom additions) and will immediately prompt a small challenge that will double verify your action, think of it as a captcha for your terminal.

$ rm -rf /
#######################
# RISKY COMMAND FOUND #
#######################
* You are going to delete everything in the path.

Solve the challenge: 8 + 0 = ? (^C to cancel)

How does it work?

shellfirm will evaluate all the shell commands behind the scenes. If a risky pattern is detected, you will immediately get a prompt with the relevant warning to verify your command.

Example

Installation

1. Install via brew

brew tap kaplanelad/tap && brew install shellfirm

Or download the binary file from releases page, unzip the file and move to /usr/local/bin folder.

2. select shell type:

If you use Oh My Zsh

  • Download zsh plugin:
curl https://raw.githubusercontent.com/kaplanelad/shellfirm/main/shell-plugins/shellfirm.plugin.zsh --create-dirs -o ${ZSH_CUSTOM:-~/.oh-my-zsh/custom}/plugins/shellfirm/shellfirm.plugin.zsh
  • Add shellfirm to the list of Oh My Zsh plugins when Zsh is loaded(inside ~/.zshrc):
plugins=(... shellfirm)
  • ℹ️ Open a new shell session

More supported shells

Verify installation

$ mkdir /tmp/shellfirm
$ cd /tmp/shellfirm
$ git reset --hard

You should get a shellfirm prompt challenge.

If you didn't get the prompt challenge:

  1. Make sure the shellfirm --version returns a valid response.
  2. Make sure that you downloaded the Zsh plugin and added it to the Oh My Zsh plugins in .zshrc.

Risky commands

We have predefined a baseline of risky groups command that will be enabled by default, these are risky commands that might be destructive.

Group Enabled By Default
base true
git true
fs true
fs-strict false
shellfirm config update --check-group fs-strict
kubernetes false
shellfirm config update --check-group kubernetes
kubernetes-strict false
shellfirm config update --check-group kubernetes-strict

Custom checks definition examples

shellfirm creates by default a configuration file at ~/.shellfirm/config.yaml. Make sure that you only edit enable field (in case you want to disable a specific check), all the rest fields are managed by shellfirm command (shellfirm config --help).

challenge: Math # Math, Enter, Yes

includes: 
  - base
  - fs
  - git

checks:
  - test: git reset
    method: Contains
    enable: true
    description: "This command going to reset all your local changes."
    from: git
    challenge: Default
  - test: "rm.+(-r|-f|-rf|-fr)*"
    method: Regex
    enable: true
    description: "You are going to delete everything in the path."
    from: fs
    challenge: Default
  - test: ">.+/dev/sda"
    method: Regex
    enable: true
    description: "Writing the data directly to the hard disk drive and damaging your file system."
    from: fs
    challenge: Default
  - test: "mv+.*/dev/null"
    method: Regex
    enable: true
    description: "The files will be discarded and destroyed."
    from: fs
    challenge: Default

ℹ️ To define custom checks that are not part of shillfirm baseline, add new checks to the config.yaml with the following field: from: custom.

  - test: "command to check"
    method: Regex
    enable: true
    description: "Example of custom check."
    from: custom
    challenge: Default

ℹ️ To define different challenge for a checks you can change the field challenge: Default with a different check.

Add new group checks

$ shellfirm config update --check-group {risky-command-group-a} {risky-command-group-b}

Remove new group checks

$ shellfirm config update --check-group {group} {group} --remove

Disable specific checks

Edit the configuration file in ~/.shellfirm/config.yaml and change the check to enable:false.

Change challenge:

Currently we support 3 different challenges when a risky command is intercepted:

  • Math - Default challenge which requires you to solve a math question.
  • Enter - Required only to press Enter to continue.
  • Yes - Required typing yes to continue.

You can change the default challenge by running the command:

$ shellfirm config challenge --challenge Math

At any time you can cancel a risky command by hitting ^C

To Upgrade shellfirm

$ brew upgrade shellfirm

Contributing

Thank you for your interest in contributing! Please refer to contribution guidelines for guidance.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].