🛡️ SafeShell

 ____           __        ____   _            _  _
/ ___|   __ _  / _|  ___ / ___| | |__    ___ | || |
\___ \  / _` || |_  / _ \\___ \ | '_ \  / _ \| || |
 ___) || (_| ||  _||  __/ ___) || | | ||  __/| || |
|____/  \__,_||_|   \___||____/ |_| |_| \___||_||_|

🛡️ SafeShell: A security tool for shell history management, designed to detect, stash, and clear sensitive commands, ensuring safer terminal sessions.

✨ Features

🖥️ Display a summary of sensitive commands at the start of each terminal session. 👀 Remove sensitive commands from the shell history to enhance security and privacy. 👨‍💻 Temporarily store your command history prior to presentations or screen-sharing sessions for confidentiality.

🚀 Installation

To install safeshell, simply clone the repository and follow the instructions below:

git clone git@github.com:trinhminhtriet/safeshell.git
cd safeshell

cargo install --path .

Running the below command will globally install the safeshell binary.

cargo install safeshell

curl -sS https://raw.githubusercontent.com/trinhminhtriet/safeshell/master/install/install.sh | bash

curl -sS https://raw.githubusercontent.com/trinhminhtriet/safeshell/master/install/install.sh | bash

iwr https://raw.githubusercontent.com/trinhminhtriet/safeshell/master/install/install.ps1 -useb | iex

Setup your shell

eval $(safeshell --init-shell)

eval $(safeshell --init-shell)

Invoke-Expression (&safeshell --init-shell)

safeshell --init-shell | source

💡 Usage

$ safeshell --help

Secure shell commands

USAGE:
    safeshell [OPTIONS] [SUBCOMMAND]

OPTIONS:
        --config-dir <CFG_DIR_PATH>    Set configuration directory path
    -h, --help                         Print help information
        --init-shell                   Show sensitive findings summary for MOTD
        --log <LEVEL>                  Set logging level [default: INFO] [possible values: OFF,
                                       TRACE, DEBUG, INFO, WARN, ERROR]
        --no-banner                    Don't show the banner
    -V, --version                      Print version information


SUBCOMMANDS:
    config     Create custom configuration
    find       Find sensitive commands
    help       Print this message or the help of the given subcommand(s)
    restore    Restore backup history file
    stash      Stash history file

👀 Find Sensitive Commands

Sensitive data can be stored in your history file when export a token of something or running a script with token.

safeshell find --format table

🪄 Mask findings:

safeshell clear

🔥 Remove findings:

safeshell clear --remove

💼 Backup shell history before clear

safeshell clear --backup

🙈 Stash/Pop/Restore

You can stash your history shell by running the command:

safeshell stash

Now your history shell is clear, to bring back your history run the command:

safeshell stash pop

You can also restore your history backup file by running the command:

safeshell stash restore

𓂃🖌 External Configuration

Create custom configuration by running the command

safeshell config

Config command will create:

1. Custom pattern template for adding a custom risky patterns
2. Ignore file to allows you ignore specific pattern

🛠️ Validate Config Files

Validate syntax file

safeshell config validate

🚮 Delete Config Folder

Validate syntax file

safeshell config delete

⏭ Ignore patterns

Manage pattern ignores

safeshell config ignores

Examples

All the examples here

🗑️ Uninstallation

Running the below command will globally uninstall the safeshell binary.

cargo uninstall safeshell

Remove the project repo

rm -rf /path/to/git/clone/safeshell

🤝 How to contribute

We welcome contributions!

• Fork this repository;
• Create a branch with your feature: git checkout -b my-feature;
• Commit your changes: git commit -m "feat: my new feature";
• Push to your branch: git push origin my-feature.

Once your pull request has been merged, you can delete your branch.

📝 License

This project is licensed under the MIT License - see the LICENSE file for details.