Are you scared to use many public plugins just because they can harm your server? Want to monitor and/or restrict Internet activity, file access and other stuff for certain plugins? That's all exactly what Keiko comes for.
Keiko is capable of:
-
inspecting bytecode of plugins at startup and check them for potentially unsafe operations or malware, including "Force-OP";
-
monitoring and restricting nearly every single action plugins do, including network connectivity, file access, natives linkage, and more, with an easy to use and understand rules syntax;
-
checking the integrity of installed plugins, ensuring they are not artificially modified or infected;
-
detecting suspicious behavior of plugins at run-time, and sometimes even remediating the damage they've done.
Keiko is not a plugin! Please visit the Installation Instructions page for a complete guide on getting started with Keiko.
-
Check Keiko Wiki for a general guide through Keiko, its configuration, and more.
-
Use the Issue Tracker to report bugs, suggest features or get other sort of help.
-
Join Keiko's Discord for other kind of assistance or just for live chat and discussion.
To build Keiko yourself from source:
- Clone or download this repository,
cdinto it. - Run
./gradlew shadowJar. - Wait a little bit.
- Grab the built JAR file in
build/libs/. - Profit!
Note: Keiko is built against Java 8, but, as it works perfrectly with Java 16 runtime, in theory, it should be possible to build Keiko against newer Java versions as well.
echo "Cloning Keiko..."
git clone https://github.com/MeGysssTaa/keiko-plugin-inspector
cd keiko-plugin-inspector
echo "Building Keiko..."
./gradlew shadowJar
echo "Done! You can find the output JAR in build/libs/"
echo "Use './gradlew shadowJar' in Keiko's root folder (you are browsing it at the moment) whenever you want to rebuild Keiko from source."