{"id":13753816,"url":"https://github.com/Lennolium/swiftGuard","last_synced_at":"2025-05-09T21:36:01.259Z","repository":{"id":195989781,"uuid":"694104435","full_name":"Lennolium/swiftGuard","owner":"Lennolium","description":"Anti-forensic macOS tray application designed to safeguard your system by monitoring USB ports.","archived":false,"fork":false,"pushed_at":"2025-02-10T15:59:04.000Z","size":150904,"stargazers_count":402,"open_issues_count":4,"forks_count":22,"subscribers_count":33,"default_branch":"main","last_synced_at":"2025-05-04T20:48:28.678Z","etag":null,"topics":["anti-forensics","defensive-security","macos","opsec","physical-security","security","tampering-detection"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Lennolium.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":".github/CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":".github/CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":".github/SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-09-20T10:41:51.000Z","updated_at":"2025-04-23T10:20:50.000Z","dependencies_parsed_at":"2023-09-26T18:32:49.897Z","dependency_job_id":"acc2b7fb-3cfa-4dfe-a94d-29914a6531c2","html_url":"https://github.com/Lennolium/swiftGuard","commit_stats":null,"previous_names":["lennolium/swiftguard"],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Lennolium%2FswiftGuard","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Lennolium%2FswiftGuard/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Lennolium%2FswiftGuard/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Lennolium%2FswiftGuard/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Lennolium","download_url":"https://codeload.github.com/Lennolium/swiftGuard/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253329032,"owners_count":21891565,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["anti-forensics","defensive-security","macos","opsec","physical-security","security","tampering-detection"],"created_at":"2024-08-03T09:01:30.220Z","updated_at":"2025-05-09T21:35:56.249Z","avatar_url":"https://github.com/Lennolium.png","language":"Python","readme":"\u003c!--- Logo --\u003e\n\n\u003cdiv align=\"center\"\u003e  \n\u003cpicture\u003e\n  \u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"./img/banner/banner_dark.png\" width=\"600vw\"\u003e\n  \u003csource media=\"(prefers-color-scheme: light)\" srcset=\"./img/banner/banner_light.png\" width=\"600vw\"\u003e\n  \u003cimg alt=\"Application Banner\" src=\"./img/banner/banner_light.png\" width=\"600vw\"\u003e\n\u003c/picture\u003e\n\u003c/div\u003e\n\u003cbr\u003e\n\n\u003c!--- Badges --\u003e\n\n\u003cdiv align=\"center\"\u003e \n  \u003ca href=\"https://github.com/Lennolium/swiftGuard/branches\" \u003e \n    \u003cimg src=\"https://img.shields.io/github/last-commit/Lennolium/swiftGuard?label=Last%20Updated\u0026color=orange\" alt=\"last updated\" \u003e\n  \u003ca\u003e\u003c/a\u003e  \n   \u003ca href=\"https://app.codacy.com/gh/Lennolium/swiftGuard/dashboard?utm_source=gh\u0026utm_medium=referral\u0026utm_content=\u0026utm_campaign=Badge_grade\" \u003e \n    \u003cimg src=\"https://app.codacy.com/project/badge/Grade/7e4271efc8894c9fab80e2f27f896a87\" alt=\"code quality\" \u003e\n    \u003ca\u003e\u003c/a\u003e\n   \u003ca href=\"https://github.com/Lennolium/swiftGuard/commits/main\" \u003e \n    \u003cimg src=\"https://img.shields.io/github/commit-activity/m/Lennolium/swiftGuard?label=Commit%20Activity\" \nalt=\"commit activity\" \u003e\n     \u003ca\u003e\u003c/a\u003e\n  \u003ca href=\"https://github.com/Lennolium/swiftGuard/releases\" \u003e \n    \u003cimg src=\"https://img.shields.io/badge/Version-0.0.2-brightgreen\" \nalt=\"stable version\" \u003e\n     \u003cbr\u003e\n  \u003ca href=\"https://github.com/Lennolium/swiftGuard/issues\" \u003e \n    \u003cimg src=\"https://img.shields.io/github/issues-raw/Lennolium/swiftGuard?label=Open%20Issues\u0026color=critical\" alt=\"open issues\" \u003e\n  \u003ca href=\"https://github.com/Lennolium/swiftGuard/issues?q=is%3Aissue+is%3Aclosed\" \u003e \n    \u003cimg src=\"https://img.shields.io/github/issues-closed-raw/Lennolium/swiftGuard?label=Closed%20Issues\u0026color=inactive\" alt=\"closed issues\" \u003e \n     \u003ca href=\"#\" \u003e \n    \u003cimg src=\"https://img.shields.io/github/repo-size/Lennolium/swiftGuard?label=Repo%20Size\u0026color=yellow\" alt=\"repo size\" \u003e\n  \u003ca href=\"https://github.com/Lennolium/swiftGuard/blob/main/LICENSE\" \u003e \n    \u003cimg src=\"https://img.shields.io/github/license/Lennolium/swiftGuard?label=License\u0026color=blueviolet\" alt=\"License\" \u003e \n  \u003ca\u003e\u003c/a\u003e \u003c/a\u003e \u003c/a\u003e \u003c/a\u003e \u003c/a\u003e \u003c/a\u003e \u003c/a\u003e \u003c/a\u003e \u003c/a\u003e\n\u003c/div\u003e\n\n\u003c!--- Title --\u003e\n\n\u003cdiv align=\"center\"\u003e\n  \u003ch1\u003e\u003c/h1\u003e \n\u003c/div\u003e\n\n\u003c!--- Description --\u003e\n\n\n\n\u003cdiv align=\"center\"\u003e\nAnti-forensic macOS tray application designed to safeguard your system by monitoring USB ports. \nIt ensures your device's security by automatically initiating either a system shutdown or hibernation \nif an unauthorized device connects or a connected device is unplugged. It offers the flexibility to whitelist \ndesignated devices, to select an action to be executed and to set a countdown timer, allowing to disarm the \nshutdown process.\n\u003cbr\u003e\u003cbr\u003e\n\n[![Donate](https://img.shields.io/badge/Donate-Paypal-blue?style=flat-square\u0026logo=paypal)](https://www.paypal.me/smogg)\n[![BuyMeACoffee](https://img.shields.io/badge/Buy%20me%20a-Coffee-f5d132?style=flat-square\u0026logo=buymeacoffee)](https://buymeacoffee.com/lennolium)\n\u003c/div\u003e\n\u003cdiv align=\"center\"\u003e\n  \u003ch3\u003e\u003c/h3\u003e  \n    \u003c/div\u003e     \n\u0026nbsp;\n\n\u003c!--- Table of contents --\u003e\n\n## Contents\n\n- [Features](#features)\n- [Screenshots](#screenshots)\n- [Why should you care?](#why-should-you-care)\n- [Installation](#installation)\n- [Usage](#usage)\n    - [GUI](#gui)\n    - [CLI](#cli)\n- [Development](#development)\n- [Roadmap](#roadmap)\n- [Security \u0026 Code Quality](#security--code-quality)\n- [Contributors](#contributors)\n- [Credits](#credits)\n- [License](#license)\n\n\u0026nbsp;\n\n\u003c!--- Features --\u003e\n\n## Features\n\n- __Monitoring:__ Continuously monitors USB ports for device activity, even in sleep mode.\n- __Whitelisting:__ Allows users to whitelist authorized devices, ensuring \n  hassle-free connectivity.\n- __Discrete:__ Operates in the macOS system tray, minimizing \n  interruptions.\n- __Customizable:__ Allows users to configure various settings, including \n  action (shutdown/hibernate), countdown timer and auto start.\n- __Lightweight:__ Designed to consume minimal system resources for optimal \n   performance.\n- __Privacy:__ Only connects to the internet to check for updates at startup.\n- __Open Source:__ Provides transparency and \n  allows community contributions for continuous development.\n\n\u0026nbsp;\n\n\u003c!--- Screenshots --\u003e\n\n## Screenshots\n\n\u003cdiv align=\"center\"\u003e  \n\u003cpicture\u003e\n  \u003csource srcset=\"./img/screenshots/screenshots.png\" width=\"600vw\"\u003e\n  \u003cimg alt=\"Application Screenshots\" src=\"./img/screenshots/screenshots.png\" width=\"600vw\"\u003e\n\u003c/picture\u003e\n  \n*__Left:__ Manipulation button to defuse the alarm. __Right:__ Whitelist and Settings menu.*\n\u003c/div\u003e\n\u003cbr\u003e\n\n\u0026nbsp;\n\n\u003c!--- Why --\u003e\n\n## Why should you care?\n\nA few reasons to use this tool:\n\n- __Anti-Forensic Measures:__ In case the police or other thugs break in. The police often use a [mouse jiggler](https://en.wikipedia.org/wiki/Mouse_jiggler)\nto prevent the screen saver or sleep mode from being activated.\n- __Prevent Data Exfiltration:__ You do not want someone adding or copying documents to or from your computer via USB.\n- __Public Environments:__ If you frequently use your Mac in public places like libraries or cafes, swiftGuard \nacts as an additional layer of security against physical attacks in a [potentially vulnerable](https://www.ccn.com/fbi-illegally-stole-ross-ulbrichts-laptop-brought-silk-road/) setting.\n- __Server Protection:__ You want to improve the security of your home or company server (e.g. your Raspberry Pi, NAS, etc.).\n- __Data Protection Regulations:__ Many industries and organizations are subject to strict data protection \nregulations. swiftGuard helps maintain compliance by preventing unauthorized data transfers and access through USB ports.\n\n\u003e **Tip**: You might also want to use a cord to attach a USB key to your wrist. Then plug the key into your computer and \n\u003e run swiftGuard. If your computer is robbed, the USB is removed and the computer shuts down immediately.\n\n\u0026nbsp;\n\n\u003c!--- Installation --\u003e\n\n## Installation\n\n1. Obtain the most recent version by downloading it from [Releases](https://github.com/Lennolium/swiftGuard/releases/latest).\n2. Open the downloaded `swiftGuard.dmg` file.\n3. Drag the swiftGuard application into the Applications folder.\n4. Open the swiftGuard application from the Applications folder (by right-clicking and selecting `Open`, see Note below)\n5. swiftGuard should now appear in the macOS system tray.\n6. Test at least once if the shutdown or hibernation is executed correctly. On first run you will be asked to grant the necessary\npermissions by macOS.\n7. Automatic startup at login can be enabled in the app's settings menu.\n\n\u0026nbsp;\n\u003e **Important**: Make sure you use FileVault, macOS's built-in disk encryption feature, to encrypt your entire disk, \n\u003e ensuring that your data remains secure even if your device falls into the wrong hands. \n\u003e Otherwise, unauthorized users may gain access to your data easily: `System Preferences \u003e Security \u0026 Privacy \u003e Security \u003e FileVault` \u003e Do NOT enable iCloud Recovery!\n\n\u003e__Note:__ If you get a warning that the application is from an _unidentified developer_, you have to open\n\u003e`System Preferences \u003e Security \u0026 Privacy \u003e Security` and click `Open Anyway`\n\u003eto allow the application to run.\n\nSee [INSTALL.md](https://github.com/Lennolium/swiftGuard/blob/main/INSTALL.md) for further details and instructions if you are upgrading from an older version.\n\u0026nbsp;\n\n\u003c!--- Usage --\u003e\n\n## Usage\n\n### GUI\n\n1. Open the swiftGuard application from the Applications folder.\n2. Click on the application icon in the macOS system tray to open the \n   main menu.\n3. Click the `Guarding/Inactive` entry to start or pause the guarding of your USB ports.\n4. The `Devices` menu displays all allowed and connected devices. Allowed devices are indicated with a checkmark, \neven if they are not connected.\n5. To add or remove a device from the whitelist, simply click on the corresponding device entry.\n6. If manipulation is detected, an alert (`Manipulation`) will appear in the main menu. Clicking on it \nwill reset the alarm. The `Exit` button will not work.\n7. In the `Settings` menu you can set a delay (0 - 60 seconds) and an action (`Shutdown` or `Hibernate`). The delay\ndetermines how long swiftGuard will wait for you to reset/defuse the alarm before executing the action.\n          \n\u0026nbsp;  \n\n\u003e**Notes:** \n\u003e- swiftGuard alerts you if devices are removed that were connected before or while the application was started,\n\u003eexcept you add them to the whitelist. \n\u003e- Connecting new devices will always trigger an alert, if these devices are not whitelisted.\n\u003e- If you encounter any problems, please check the log file in the `~/Library/Logs/swiftGuard` folder.\n\u003e- Your settings and whitelisted devices are stored in the `~/Library/Preferences/swiftGuard/swiftguard.ini` file.\n\n\n\u0026nbsp;\n\n### CLI\n\nYou can run swiftGuard as a simple Python script from the command line without a graphical user interface (GUI). \nThis is useful when operating swiftGuard on a headless system or saving system resources. However, you will lose the \nability to defuse the shutdown process via the GUI, but you can kill the swiftGuard process from the command line \ninstead. The preferences and whitelists are stored in the same location as the GUI version and can be edited \nmanually. For further information, please refer to the [src/swiftguard/cli.py](https://github.com/Lennolium/swiftGuard/blob/main/src/swiftguard/cli.py) file.\n\n1. Open a terminal and navigate to the desired install directory.\n\n   ```bash\n   cd ~/Desktop\n   ```\n\n2. Clone the repository.\n\n   ```bash\n   git clone https://github.com/Lennolium/swiftGuard.git\n   ```\n\n3. Navigate to the swiftGuard directory.\n\n   ```bash\n   cd swiftGuard\n   ```\n\n4. Create a virtual environment and activate it.\n   ```bash\n   python3 -m venv venv\n   source venv/bin/activate\n   pip install poetry\n   ```\n   \n5. Install `poetry` in the venv.\n    ```bash\n   pip install poetry\n   ```\n\n6. Install `swiftguard` in development mode.\n\n   ```bash\n   poetry install\n   ```\n\n   This installs swiftguard and its python packages in the virtual environment `venv/bin/swiftguard` and `venv/lib/python3.11/site-packages` in development mode, so you can \n   change code in the `src/swiftguard` folder and immediately test it in the terminal.\n\n7. Run it in CLI mode.\n\n   ```bash\n   swiftguard\n   ```\n   GUI mode: `swiftguardgui`\n\n\u003e **Notes:**\n\u003e\n\u003e - Settings/Whitelist: `~/Library/Preferences/swiftGuard/swiftguard.ini`\n\u003e - Logs: `~/Library/Logs/swiftGuard/swiftguard.log` Logs are rotated every 2 MB with a maximum of 5 files.\n\u003e   You can set the log level (Debug=1, ..., Critical=5) and the log output (file, syslog, stdout; required: file) in the `swiftguard.ini` file.\n   \n\u0026nbsp;\n\n\u003c!--- Development --\u003e\n\n## Development\n\nAs an open-source project, I strive for transparency and collaboration in my development process. I greatly \nappreciate any contributions members of our community can provide. Whether you are fixing bugs, proposing features, \nimproving documentation, or spreading awareness - your involvement strengthens the project. Please review the \n[code of conduct](https://github.com/Lennolium/swiftGuard/blob/main/.github/CODE_OF_CONDUCT.md) to understand how we work together \nrespectfully.\n\n- __Bug Report:__ If you are experiencing an issue while using the application, please [create an issue](https://github.com/Lennolium/swiftGuard/issues/new/choose).\n- __Feature Request:__ Make this project better by [submitting a feature request](https://github.com/Lennolium/swiftGuard/discussions/2).\n- __Documentation:__ Improve our documentation by [adding a wiki page](https://github.com/Lennolium/swiftGuard/wiki).\n- __Community Support:__ Help others on [GitHub Discussions](https://github.com/Lennolium/swiftGuard/discussions).\n- __Security Report:__ Report critical security issues via our [template](https://github.com/Lennolium/swiftGuard/blob/main/.github/SECURITY.md).\n\n\u0026nbsp;\n\n\u003c!--- Roadmap --\u003e\n\n## Roadmap\n\n| **Now**                                | **Next**                                             | **Later**                   |\n|----------------------------------------|------------------------------------------------------|-----------------------------|\n| Unit tests                             | Linux support                                        | CI/CD                       |\n| Code quality                           | Bluetooth and WiFi detection (Apple Watch)           | Website/Docs/Wiki           |\n| Custom system wide hotkey for defusing | Auto update (yet: just notifying)                    | Encrypted configuration     |\n| E-Mail notification                    | Native Apple silicon support                         | Code sign (Apple)           |\n| Countdown dialog                       | More actions (wipe ram, delete files/folders, email) | User defined actions        |\n| Passwort protected defusing (Dialog)   | Translations                                         | Professional security audit |\n\n\u0026nbsp;\n\n\u003c!--- Security --\u003e\n\n## Security \u0026 Code Quality\nRegarding swiftGuard is a security application and therefore security is of the utmost importance. I am committed to ensuring\nthat it is secure and reliable for all users. I am grateful for any feedback regarding security issues and will do my best to \naddress them as quickly as possible. Please refer to the [security policy](https://github.com/Lennolium/swiftGuard/blob/main/.github/SECURITY.md) for more information.\n\nAdditionally, I let my code be checked by several code quality and security tools (Bandit, Black, Codacy, CodeQL, PMD CPD, Prospector, Pylint, Pysa, Pyre, Trivy and Radon). \nThe results can be found by clicking on the badges below. These routines are **no replacement for a manual code and security audit**, but they help to find errors and vulnerabilities.\nPlease note that the results of these tools are not always accurate and may contain false positives.\n\n\u003cdiv align=\"center\"\u003e \n  \u003ca href=\"https://app.codacy.com/gh/Lennolium/swiftGuard/dashboard?utm_source=gh\u0026utm_medium=referral\u0026utm_content=\u0026utm_campaign=Badge_grade\" \u003e \n    \u003cimg src=\"https://app.codacy.com/project/badge/Grade/7e4271efc8894c9fab80e2f27f896a87\" alt=\"Codacy\" \u003e\n  \u003ca\u003e\u003c/a\u003e  \n   \u003ca href=\"https://github.com/Lennolium/swiftGuard/actions/workflows/black.yml\" \u003e \n    \u003cimg src=\"https://github.com/Lennolium/swiftGuard/actions/workflows/black.yml/badge.svg\" alt=\"Black\" \u003e\n    \u003ca\u003e\u003c/a\u003e\n   \u003ca href=\"https://github.com/Lennolium/swiftGuard/actions/workflows/github-code-scanning/codeql\" \u003e \n    \u003cimg src=\"https://github.com/Lennolium/swiftGuard/actions/workflows/github-code-scanning/codeql/badge.svg\" \nalt=\"CodeQL\" \u003e\n     \u003ca\u003e\u003c/a\u003e\n  \u003ca href=\"https://github.com/Lennolium/swiftGuard/actions/workflows/pyre.yml\" \u003e \n    \u003cimg src=\"https://github.com/Lennolium/swiftGuard/actions/workflows/pyre.yml/badge.svg?event=status\" \nalt=\"Pyre\" \u003e\n     \u003cbr\u003e\n  \u003ca href=\"https://github.com/Lennolium/swiftGuard/actions/workflows/pysa.yml\" \u003e \n    \u003cimg src=\"https://github.com/Lennolium/swiftGuard/actions/workflows/pysa.yml/badge.svg?event=status\" alt=\"Pysa\" \u003e\n  \u003c/a\u003e \u003c/a\u003e \u003c/a\u003e \u003c/a\u003e \u003c/a\u003e\n\u003c/div\u003e\n\n\u0026nbsp;\n\n\u003c!-- Contributors --\u003e\n\n## Contributors\n\nThank you so much for giving feedback, implementing features and improving the code and project!\n\n\u003ca href = \"https://github.com/Lennolium/swiftGuard/graphs/contributors\"\u003e\n  \u003cimg src = \"https://contrib.rocks/image?repo=Lennolium/swiftguard\"/\u003e\n\u003c/a\u003e\n\n\u0026nbsp;\n\n\u003c!--- Credits --\u003e\n\n## Credits\n\nThis application is heavily inspired and based on project \n[usbkill](https://github.com/hephaest0s/usbkill) by Hephaestos and [BusKill](https://github.com/BusKill/buskill-app) by Michael Altfield.\nI want to thank him and all the other great contributors of usbkill for\ntheir great work, inspiration and help. I firmly believe in the\nprinciples of the open source community, which call for the sharing and\nenhancement of one another work. The purpose of this project is to\nrevive an abandoned project and to support others in learning and\ncomprehending the fundamentals of Python, Qt and macOS, and to develop\ntheir own projects.\n\nMany more credits are in the [acknowledgments](https://github.com/Lennolium/swiftGuard/blob/main/ACKNOWLEDGMENTS) file.\n\n\u0026nbsp;\n\n\u003c!--- License --\u003e\n\n## License\n\nProvided under the terms of the [GNU GPL3 License](https://www.gnu.org/licenses/gpl-3.0.en.html) © Lennart Haack 2023.\n\nSee [LICENSE](https://github.com/Lennolium/swiftGuard/blob/main/LICENSE) file for details.\nFor the licenses of used third party libraries and software, please refer to the [ACKNOWLEDGMENTS](https://github.com/Lennolium/swiftGuard/blob/main/ACKNOWLEDGMENTS) file.\n\n","funding_links":["https://www.paypal.me/smogg","https://buymeacoffee.com/lennolium"],"categories":["Utilities","Security Tools","macOS Security","セキュリティツール"],"sub_categories":["Security","Writing","Audio Record and Process","オーディオ録音・処理"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FLennolium%2FswiftGuard","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FLennolium%2FswiftGuard","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FLennolium%2FswiftGuard/lists"}