tirith

Tirith is a terminal security guardrail that inspects what you paste or run in your shell and blocks or warns on suspicious patterns before execution, addressing an area where terminals traditionally provide almost no protection. It targets real-world attack classes like Unicode homograph URLs (lookalike domains), terminal injection tricks (ANSI escape sequences and bidi overrides), and “pipe-to-shell” installation patterns such as curl | bash that attackers frequently abuse. The project emphasizes local-only analysis with no telemetry and no background daemons, so it can run offline and keep sensitive command context on-device. It integrates into popular shells via hooks (zsh, bash, fish, and PowerShell), including paste-aware protections so hidden characters or malicious rewrites get caught at the moment they enter the terminal.

Features

Local-only detection of homograph and mixed-script domain attacks
Terminal injection defenses against ANSI, bidi, and zero-width tricks
Pipe-to-shell pattern detection with block-or-warn enforcement options
Shell hook integrations for zsh, bash, fish, and PowerShell
Policy-driven configuration via YAML with allowlists and severity overrides
Safer script-run workflow with review prompts and receipt-based auditing

Project Samples

Project Activity

See All Activity >

License

Affero GNU Public License

Follow tirith

tirith Web Site

Other Useful Business Software

$300 in Free Credit for Your Google Cloud Projects

Build, test, and explore on Google Cloud with $300 in free credit. No hidden charges. No surprise bills.

Launch your next project with $300 in free Google Cloud credit—no hidden charges. Test, build, and deploy without risk. Use your credit across the Google Cloud platform to find what works best for your needs. After your credits are used, continue building with free monthly usage products. Only pay when you're ready to scale. Sign up in minutes and start exploring.

Start Free Trial

Rate This Project

User Reviews

Be the first to post a review of tirith!

Additional Project Details

Operating Systems

Linux, Mac, Windows

Programming Language

Rust

Related Categories

Rust Security Software

Registered

2026-02-10

Similar Business Software

Bitdefender Ultimate Small Business Security

Bitdefender Small Business Security delivers enterprise-grade, layered cyber-protection designed specifically for small organizations. It covers Windows, macOS, iOS, and Android devices with centralized, easy-to-use management, so businesses without a dedicated IT staff can deploy and monitor...

See Software
Control D

Control D is a customizable DNS filtering and traffic redirection platform that leverages Secure DNS protocols like DNS-over-HTTPS, DNS-over-TLS and DNS-over-QUIC, with support for Legacy DNS. - Block malicious threats - Block unwanted types of content network wide (ads & trackers, IoT...

See Software
cside

cside is the leading client-side intelligence platform. Protecting organizations from advanced client-side threats such as script injection, data skimming, and browser-based attacks, risks often overlooked by traditional security measures. Leveraging client-side intelligence to provide evidence...

See Software
Unimus

Unimus is a powerful, on-premise Network Automation and Configuration Management (NCM) solution designed for fast deployment and ease of use. As one of the most versatile NCM solutions available, it simplifies network management with features such as: 🔹Disaster Recovery – Automated...

See Software
ManageEngine Endpoint Central

ManageEngine Endpoint Central is built to secure the digital workplace while also giving IT teams complete control over their enterprise endpoints. It delivers a security-first approach by combining advanced endpoint protection with comprehensive management, allowing IT teams to manage the...

See Software
Keeper Security

Keeper Security is transforming the way people and organizations around the world secure their passwords and passkeys, secrets and confidential information. Keeper’s easy-to-use cybersecurity platform is built on a foundation of zero-trust and zero-knowledge security to protect every user on...

See Software