SentinelGuard is a lightweight, cross-platform CLI tool built in Go (Golang) designed to ensure web applications are deployed with essential HTTP Security Headers. It helps prevent common vulnerabilities like Cross-Site Scripting (XSS), Clickjacking, and other client-side attacks by verifying compliance against industry best practices.
| Feature | Description |
|---|---|
| Security Compliance | Automatically validates critical headers like CSP, HSTS, and X-Frame-Options. |
| High Performance | Built in Go, it is highly efficient and suitable for fast checks in CI/CD environments. |
| Actionable Reports | Provides clear, scored reports indicating security gaps, allowing for immediate remediation. |
| Customizable Rules | Uses a simple YAML configuration (config/default.yaml) to define custom security rules. |
- Go 1.18+
- Clone the repository:
git clone [https://github.com/ewhx-dev/SentinelGuard.git](https://github.com/ewhx-dev/SentinelGuard.git) cd SentinelGuard - Initialize Go modules (to fetch dependencies like
yaml):go mod tidy
- Run the application directly using the
checkcommand, followed by the target URL:go run cmd/main.go check [https://your-deployed-app.com](https://your-deployed-app.com)
The codebase follows professional Go development standards, separating concerns into specific packages:
cmd/main.go: The main entry point and CLI handler.internal/checker/: Contains the core logic for running the security checks and generating reports.config/: Holds the default and custom security rule configurations (default.yaml).
We welcome contributions! Feel free to open issues or submit pull requests for:
- Adding new security header checks (e.g., Permissions-Policy).
- Implementing a performance-focused proxy mode.
- Improving the scoring and reporting functionality.
Developed by [ewhx-dev]