Skip to content

lilsheepyy/GuardianTUI

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

ย 

History

99 Commits
.github
.github
ย 
ย 
docs
docs
ย 
ย 
internal
internal
ย 
ย 
logs
logs
ย 
ย 
.gitignore
.gitignore
ย 
ย 
CODE_OF_CONDUCT.md
CODE_OF_CONDUCT.md
ย 
ย 
CONTRIBUTING.md
CONTRIBUTING.md
ย 
ย 
LICENSE
LICENSE
ย 
ย 
README.md
README.md
ย 
ย 
SECURITY.md
SECURITY.md
ย 
ย 
VERSION
VERSION
ย 
ย 
ai.json
ai.json
ย 
ย 
config.yaml
config.yaml
ย 
ย 
go.mod
go.mod
ย 
ย 
go.sum
go.sum
ย 
ย 
guardian.log
guardian.log
ย 
ย 
guardiantui
guardiantui
ย 
ย 
main.go
main.go
ย 
ย 

Repository files navigation

๐Ÿ›ก๏ธ GuardianTUI

Active Instances Go Version License

GuardianTUI is an ultra-high performance L7 Reverse Proxy & Intrusion Prevention System (IPS) written in Go. It provides real-time threat detection, automated blocking, and a high-performance v2.0 Terminal Dashboard for mission-critical monitoring.

๐Ÿ“‘ Deep Documentation (Wiki)

For a detailed dive into how GuardianTUI works, please refer to our documentation:

โšก Quick Start

1. Build from Source

git clone https://github.com/lilsheepyy/GuardianTUI.git
cd GuardianTUI
go build -o guardiantui main.go

2. Protect an Application

Protect a local application running on port 3000:

./guardiantui -target http://localhost:3000

Your application is now filtered and accessible via http://localhost:8080.

๐Ÿš€ Key Features

  • High-Performance Sharding: 64-way memory sharding for IP tracking and probing detection.
  • Lock-Free Snapshots: Atomic pointer swapping for zero-latency security updates.
  • Multi-Layered Honeypots: Active deception with 60+ hardcoded and user-definable bait paths (e.g., /.env, /wp-admin).
  • 404 Spike Detection: Intelligent bot detection that auto-blocks IPs performing high-frequency directory brute-forcing.
  • SQLmap & Tooling Shield: Deep signature matching for 30+ offensive tools (SQLmap, Burp Suite, Nikto, Shodan, etc.).
  • Deep Packet Inspection: Recursive normalization (Base64, Hex, URL, HTML) of payloads.
  • Advanced AI Shield: Heuristic scoring specifically optimized for LLM/AI endpoints.
  • Enterprise Logging: Persistent JSON logging with automatic 10MB file rotation in the logs/ folder.
  • Network Hardening: Integrated Cloudflare (CF-Connecting-IP) support and a strict Unauthorized Proxy Shield.
  • DLP Engine: Inbound file protection and outbound secret redaction.
  • v2.0 Dashboard: Modern, responsive TUI with traffic heatmaps and threat distribution charts.
  • Dynamic Operational Modes: Switch between IPS (Active), IDS (Passive/Logging), and Strict modes via configuration or TUI.
  • Custom TUI Themes: Multiple visual styles (Cyber, Forest, Dracula, Monochrome) selectable via configuration or TUI command.

๐Ÿ› ๏ธ Operational Modes

  • Production Mode (SSL): sudo ./guardiantui -target http://localhost:3000 -domain example.com
  • Local Secure Mode: ./guardiantui -target http://localhost:3000 -https
  • Headless Mode: ./guardiantui -target http://localhost:3000 -headless

๐Ÿ“œ License

Distributed under the MIT License. Created by sheep.

About

๐Ÿ›ก๏ธ Real-time L7 Intrusion Prevention System (IPS) and AI Content Shield with TUI and Logging in Go

Topics

letsencrypt tls golang ssl https tui owasp reverse-proxy cybersecurity ids infosec ips tls-certificate network-security threat-detection l7-firewall

Resources

Readme

License

MIT license

Code of conduct

Code of conduct

Contributing

Contributing

Security policy

Security policy
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages