sheeki03

sheeki03 / tirith

Public

Your browser catches homograph attacks. Your terminal doesn't. Tirith guards the gate and intercepts suspicious URLs, ANSI injection, and pipe-to-shell attacks before they execute.

tirith.sh cli devtools homograph-attack rust security
1,942
68
100% credibility
Found Feb 03, 2026 at 745 stars 3x -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
Rust
AI Summary

Tirith is a terminal security tool that intercepts and analyzes shell commands to block homograph attacks, unsafe downloads, and display manipulations before execution.

How It Works

1
👀 Spot the danger

You see a command with a sneaky URL that looks safe but could download malware from a fake site.

2
📥 Grab Tirith

You install this helpful guard with a quick download from a trusted source.

3
🔒 Turn on the shield

You add a simple line to your shell setup, and protection starts watching every command.

4
🩺 Quick check-up

You run a health check to confirm everything is ready and working perfectly.

5
⌨️ Type freely

You go about your day entering commands normally, with zero extra hassle.

6
🛡️ Danger blocked!

Tirith spots and stops a tricky fake link before it can run, keeping you safe.

Secure terminal

Your command line is now guarded against hidden tricks, giving you peace of mind.

Sign up to see the full architecture

5 more

Sign Up Free

Star Growth

See how this repo grew from 745 to 1,942 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is tirith?

Tirith is a Rust tool that shields your terminal from homograph attacks, ANSI injection, and pipe-to-shell exploits—threats your browser catches but shells ignore. It hooks bash, zsh, fish, or PowerShell to scan commands before execution, blocking Cyrillic-lookalike domains in `curl | bash` or invisible Unicode in pastes. Install via brew, cargo, or nix, add one line to your profile, and it runs silently on safe input with sub-ms overhead.

Why is it gaining traction?

With 1646 stars, tirith stands out for local-only analysis—no network calls, no telemetry—delivering browser-level checks on github browser downloads or copilot snippets before attacks hit. CLI commands like `tirith check`, `tirith run` (downloads, analyzes, receipts), `score`, and `paste` make auditing urls from browser github android apks or container registry pulls effortless. Named after Minas Tirith (LOTR's tower of guard), it fixes real gaps in terminal security without rewriting habits.

Who should use this?

DevOps engineers chaining curl|sh in CI/CD, sysadmins pulling Docker images or git repos via scp-style urls, and security teams pasting from browser github copilot or notifications. Ideal for anyone dodging dotfile overwrites, untrusted npm/pip urls, or ANSI tricks in shared terminals before exploits run.

Verdict

Adopt it—1646 stars and polished docs signal momentum, with brew/nix packaging easing rollout. 1.0% credibility score reflects early maturity (test coverage solid but battle-tested edge cases pending); pair with `tirith doctor` for safe hooks.

(198 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.