{"id":50310865,"url":"https://github.com/djadmin/fort","last_synced_at":"2026-07-07T09:01:39.741Z","repository":{"id":360659876,"uuid":"1245511471","full_name":"djadmin/fort","owner":"djadmin","description":"Audit and fix your Mac's security in one command. No agent, no signup, open source.","archived":false,"fork":false,"pushed_at":"2026-06-10T19:22:18.000Z","size":15016,"stargazers_count":20,"open_issues_count":0,"forks_count":1,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-06-11T17:04:17.567Z","etag":null,"topics":["audit","cli","compliance","cybersecurity","devops","devsecops","endpoint-security","golang","hardening","homebrew","iso27001","mac-security","macos","macos-security","open-source","security","security-audit","security-tools","soc2","sysadmin"],"latest_commit_sha":null,"homepage":"https://djadmin.github.io/fort","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/djadmin.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-05-21T09:37:46.000Z","updated_at":"2026-06-11T13:08:42.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/djadmin/fort","commit_stats":null,"previous_names":["djadmin/fort"],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/djadmin/fort","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/djadmin%2Ffort","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/djadmin%2Ffort/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/djadmin%2Ffort/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/djadmin%2Ffort/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/djadmin","download_url":"https://codeload.github.com/djadmin/fort/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/djadmin%2Ffort/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":35221308,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-07-07T02:00:07.222Z","response_time":90,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["audit","cli","compliance","cybersecurity","devops","devsecops","endpoint-security","golang","hardening","homebrew","iso27001","mac-security","macos","macos-security","open-source","security","security-audit","security-tools","soc2","sysadmin"],"created_at":"2026-05-28T21:00:27.094Z","updated_at":"2026-07-07T09:01:39.735Z","avatar_url":"https://github.com/djadmin.png","language":"Go","funding_links":[],"categories":["Security","macOS Security"],"sub_categories":["HTTP Clients"],"readme":"# fort\n\n**Know your Mac's security posture, fix the gaps, and keep it locked down. One command.**\n\n[![CI](https://github.com/djadmin/fort/actions/workflows/ci.yml/badge.svg)](https://github.com/djadmin/fort/actions)\n[![Release](https://img.shields.io/github/v/release/djadmin/fort?label=latest)](https://github.com/djadmin/fort/releases)\n[![License: MIT](https://img.shields.io/badge/license-MIT-blue.svg)](LICENSE)\n[![macOS 12+](https://img.shields.io/badge/macOS-12%2B-lightgrey)](https://github.com/djadmin/fort)\n[![Claude Code plugin](https://img.shields.io/badge/Claude%20Code-plugin-8A63D2)](plugin/)\n\n`fort` runs 15+ security checks on your Mac, fixes what it safely can, and writes an auditor-ready report. No agent, no signup, no MDM enrollment. Just a single binary.\n\nGood for anyone who wants to harden their Mac. Essential for teams preparing for SOC 2 or ISO 27001.\n\n**[djadmin.github.io/fort](https://djadmin.github.io/fort)**\n\n\u003cimg src=\"docs/fort-cli.png\"  alt=\"fort runs a full security audit and shows where you stand\"\u003e \u003cimg src=\"docs/fort-fix-cli.png\" alt=\"fort --fix reviews each change before applying it\"\u003e\n\n`fort` audits every control and shows where you stand. `fort --fix` reviews each change, then applies, after you confirm.\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003eWatch a full run\u003c/b\u003e\u003c/summary\u003e\u003cbr\u003e\n\u003cimg src=\"docs/fort-demo.gif\" width=\"760\" alt=\"fort auditing a Mac in one command\"\u003e\n\u003c/details\u003e\n\n## Install\n\n**Homebrew** _(recommended)_\n```bash\nbrew install djadmin/tap/fort\n```\n\n**Direct download (macOS, Apple Silicon + Intel)**\n```bash\ncurl -fsSL https://github.com/djadmin/fort/releases/latest/download/fort_darwin_all.tar.gz | tar xz \u0026\u0026 sudo mv fort /usr/local/bin/\n```\n\n**Go**\n```bash\ngo install github.com/djadmin/fort/cmd/fort@latest\n```\n\n**Build from source**\n```bash\ngit clone https://github.com/djadmin/fort.git\ncd fort \u0026\u0026 make install\n```\n\n**Update**\n```bash\nbrew upgrade djadmin/tap/fort\n```\n\n## Usage\n\n```bash\nfort                          # audit your Mac\nfort --dry-run                # preview what --fix would change; nothing is applied\nfort --fix                    # audit, show confirmation prompt, apply selected fixes\nfort --fix --yes              # skip prompt; for scripts, MDM push, or cron\nfort --json                   # structured JSON output for automation\nfort --report                 # write fort-report-YYYY-MM-DD.html (print to PDF)\nfort --only filevault,firewall  # run only the specified checks (comma-separated IDs)\n```\n\nExit codes: `0` all pass · `1` any fail · `2` any warn\n\n## Use it from Claude Code\n\nfort ships a [Claude Code](https://claude.com/claude-code) plugin, so you can audit and harden your Mac just by asking. Say \"is my Mac secure?\" and Claude runs the audit, explains each finding and why it matters, then fixes only what you approve, showing the exact command first.\n\n```bash\n# 1. install the fort binary (the plugin drives it; Claude can also install it for you)\nbrew install djadmin/tap/fort\n\n# 2. add the plugin\n/plugin marketplace add djadmin/fort\n/plugin install fort@fort\n```\n\nThen just ask, or run a command directly: `/fort-audit` (read-only), `/fort-harden` (fix safe issues with your approval), `/fort-report` (HTML evidence). The plugin runs the `fort` binary on your Mac over your shell, no extra service, nothing uploaded. See [`plugin/`](plugin/) for details.\n\n## Safe by design\n\n- **The audit makes no network calls.** `fort` reads local system state and exits. Nothing is uploaded, no account, no telemetry.\n- **No black box.** Every check prints the exact command it ran and its raw output, in the terminal, the JSON, and the HTML report. Verify it instead of trusting it.\n- **`--fix` always asks first.** It shows each change and prompts `[y/N]` before applying. Use `--dry-run` to preview without touching anything, or `--yes` to skip the prompt when you mean to (automation, cron, MDM).\n- **One MIT-licensed Go binary.** No agent, no background process, nothing installed system-wide. Read the source.\n\nFull detail in [PRIVACY.md](PRIVACY.md): zero data collection, no network calls, nothing leaves your machine.\n\n## What it checks\n\n15+ macOS checks across five groups, each mapped to SOC 2, ISO 27001, NIST CSF, and CIS v8:\n\n| Group | Checks |\n|-------|--------|\n| Core security | password manager, FileVault, screen lock, antivirus / EDR |\n| System hardening | firewall, Gatekeeper, SIP, SSH |\n| Access controls | local admin rights, guest account, automatic login, Touch ID for sudo |\n| Exposure reduction | sharing services, AirDrop |\n| Patching | automatic OS updates, OS patch status |\n\nThe exact set grows over time. Run `fort` to see every check on your machine, and the [changelog](CHANGELOG.md) for what's new.\n\n## JSON output\n\n```json\n{\n  \"tool\": \"fort\", \"version\": \"0.3.0\", \"hostname\": \"alice-mbp\",\n  \"os_version\": \"15.5\", \"timestamp\": \"2026-06-09T10:00:00Z\",\n  \"summary\": { \"total\": 16, \"pass\": 12, \"fail\": 2, \"warn\": 2, \"score\": \"12/16\" },\n  \"policies\": [{ \"id\": \"filevault\", \"status\": \"pass\", \"current\": \"on\",\n    \"evidence\": \"$ fdesetup status\\nFileVault is On.\",\n    \"frameworks\": { \"SOC 2\": [\"CC6.1\", \"CC6.7\"], \"ISO 27001\": [\"A.8.3\"] } }]\n}\n```\n\n`fort --report` writes a self-contained HTML evidence report: machine identity, serial number, OS version, timestamp, per-check results with the exact commands run and their verbatim output, and framework control references. Opens locally or prints to PDF. See a [sample report](https://djadmin.github.io/fort/sample-report.html).\n\n## Contributing\n\nPRs welcome. To add a check:\n\n1. Create `internal/checks/yourcheck_darwin.go` and implement the `Check` interface\n2. Register in `internal/checks/registry_darwin.go`\n3. Add framework mappings in `internal/checks/frameworks.go`\n4. Run `go test ./...`; existing tests enforce interface contracts\n\n## Support\n\nIf fort saves you time, please **[star it on GitHub](https://github.com/djadmin/fort)**. It is the easiest way to support the project and helps other people find it.\n\n## License\n\n[MIT](LICENSE)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdjadmin%2Ffort","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdjadmin%2Ffort","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdjadmin%2Ffort/lists"}