cumakurt

cumakurt / forticheck

Public

FortiCheck is a powerful, offline static analysis tool designed to uncover security risks, misconfigurations, and attack paths in FortiGate firewall configurations. Unlike simple compliance checkers, FortiCheck builds a graph-based model of your network to understand the intent and impact of your policies.

analizer config fortigate
13
3
100% credibility
Found Feb 17, 2026 at 11 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
Python
AI Summary

FortiCheck is an offline tool that analyzes FortiGate firewall configuration backups to detect security risks, misconfigurations, attack paths, and compliance issues, generating interactive HTML reports with remediation advice.

How It Works

1
🔍 Discover FortiCheck

You hear about this helpful tool that checks your firewall setup for hidden dangers and weak spots.

2
💾 Grab your firewall backup

You save a simple text file of your firewall's current rules from its settings page.

3
Pick your easy start
📦
Quick setup

Follow a few steps to get it ready on your computer.

🐳
No-install box

Use a ready-made secure container that runs anywhere.

4
🚀 Run the safety check

Point it at your backup file and watch it scan for risks like open doors or sneaky paths.

5
See it working

A progress bar shows it's building a map of your network and spotting issues.

📈 Get your clear report

Open a beautiful, interactive page with risk scores, fix steps, and visuals—now you know exactly how to make your firewall safer.

Sign up to see the full architecture

4 more

Sign Up Free

Star Growth

See how this repo grew from 11 to 13 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is forticheck?

FortiCheck is an offline static analysis tool designed for FortiGate firewall configurations. It uncovers security risks, misconfigurations, and attack paths by building a graph-based model of your network to assess policy intent and impact. Unlike basic compliance checkers, it simulates multi-hop attacks and generates interactive HTML reports with risk scores—all from a config backup file via simple CLI commands like `forticheck analyze -c fw.conf`.

Why is it gaining traction?

It goes beyond checklists with graph-based analysis that visualizes exposure matrices, blast radius, and transitive access paths developers can actually act on. Docker support means zero setup: mount your config and run, plus custom YAML rules for tailored checks and config diff for change audits. Python-based, it delivers executive dashboards alongside technical details like CIS benchmarks and VPN weaknesses.

Who should use this?

FortiGate admins auditing production firewalls before compliance reviews. Security engineers hunting shadow rules or lateral movement risks in enterprise setups. Network ops teams comparing config versions during migrations.

Verdict

Promising for FortiGate users needing deeper analysis than vendor tools, but at 11 stars and 1.0% credibility score, it's early beta—docs are solid with samples, but expect bugs in complex configs. Try via Docker if you manage FortiGates; contribute to mature it.

(187 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.