# Install kekkai with Homebrew

File integrity monitoring tool. Version 0.2.9 via Homebrew; verified 2026-06-28.

## Install

```sh
sudo av install brew:kekkai
```

Additional install commands:

### macOS

- Homebrew (100%):

```sh
brew install kekkai
```

  Evidence: local Homebrew formula metadata

## Package facts

- **Package key:** brew:kekkai
- **Package manager:** Homebrew
- **Package manager page:** <https://formulae.brew.sh/formula/kekkai>
- **Version:** 0.2.9
- **Source summary:** File integrity monitoring tool
- **Homepage:** <https://github.com/catatsuy/kekkai>
- **Repository:** <https://github.com/catatsuy/kekkai>
- **Upstream docs:** <https://github.com/catatsuy/kekkai#readme>
- **License:** MIT
- **Source archive:** <https://github.com/catatsuy/kekkai/archive/refs/tags/v0.2.9.tar.gz>
- **Last updated:** 2026-06-28T09:45:02Z
- **Generated:** 2026-07-08T07:18:31+00:00

## Executables

- kekkai (cli)
- kekkai (alias)

## Build dependencies

- go

## Install behavior

- Post-install hook: not defined
- Bottle: available on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux

## Freshness

- Page generated: 2026-07-08
- Package-manager version: 0.2.9
- Package-manager updated: 2026-06-28
- Local data: ok
- Upstream repository: https://github.com/catatsuy/kekkai
- Upstream latest detected: v0.2.9 (current)
## Project history and usage

Kekkai is a Go file-integrity monitoring CLI that records content hashes during deployment and verifies them later to detect unauthorized file changes.

### Project history

The project was created on GitHub on 2025-08-12 by catatsuy. Its README presents it as a production-server tool designed around content-only hashing, immutable exclude rules, symlink-aware checks, and optional manifest storage in Amazon S3.

### Adoption history

Kekkai is a young, specialized security utility. By 2026-07-01, Homebrew formula metadata listed v0.2.9, and GitHub API metadata reported 132 stars and one fork.

### How it is used

The typical workflow is to generate a manifest for a deployed application directory, store it locally or in S3, and run periodic verification from cron or monitoring systems. The README emphasizes excluding only generated files such as logs, caches, uploads, and NFS mounts.

### Why package nerds care

Kekkai is notable as a small single-binary alternative to heavier file-integrity stacks. It packages a deliberately narrow deployment-time manifest model that fits immutable-server and cloud-IAM workflows.

### Timeline

- 2025-08-12: GitHub repository created.
- 2026-01-03: v0.2.0 release published.
- 2026-06-28: v0.2.9 release published.
- 2026-07-01: Homebrew formula metadata listed kekkai v0.2.9.

### Related projects

- Amazon S3 is used as the recommended secure manifest store.
- Traditional tools such as tar and rsync are named by the README as less suitable comparisons for this content-hash use case.

### Sources

- <https://api.github.com/repos/catatsuy/kekkai>
- <https://api.github.com/repos/catatsuy/kekkai/releases?per_page=10>
- <https://formulae.brew.sh/api/formula/kekkai.json>
- <https://github.com/catatsuy/kekkai>
- <https://raw.githubusercontent.com/catatsuy/kekkai/main/README.md>


## Security Notes

No matching local secret-handling manifest was found for kekkai. Nucleus package metadata is still published here so future coverage has a stable package URL.


## Source Database Details

- **Source Database:** Homebrew formula API
- **Tap:** homebrew/core
- **Full Name:** kekkai
- **Version Scheme:** 0
- **Revision:** 0
- **Head Version:** HEAD
- **Bottle Stable Root URL:** <https://ghcr.io/v2/homebrew/core>
- **Deprecated:** no
- **Disabled:** no
- **Keg Only:** no
- **URL Keys:** head, stable


## Related links

- [Cloud CLI packages](https://www.automicvault.com/pkg/cloud-clis/) - Belongs to a cloud or infrastructure command family.
- [Source-control packages](https://www.automicvault.com/pkg/source-control-tools/) - Belongs to a source-control command family.
- [Terminal utility packages](https://www.automicvault.com/pkg/terminal-utilities/) - Matched terminal and command-line workflow metadata.
- [Networking and protocol packages](https://www.automicvault.com/pkg/networking-protocol-tools/) - Matched network, protocol, or remote-service metadata.
- [go](https://www.automicvault.com/pkg/brew/go/) - Build dependency declared by Homebrew.
- [aide](https://www.automicvault.com/pkg/brew/aide/) - Shares av.db curated category or tags: cli, file-integrity, monitoring, security.
- [bettercap](https://www.automicvault.com/pkg/brew/bettercap/) - Shares av.db curated category or tags: cli, monitoring, security.
- [logcheck](https://www.automicvault.com/pkg/brew/logcheck/) - Shares av.db curated category or tags: cli, monitoring, security.
- [md5deep](https://www.automicvault.com/pkg/brew/md5deep/) - Shares av.db curated category or tags: cli, file-integrity, security.
- [osctrl-cli](https://www.automicvault.com/pkg/brew/osctrl-cli/) - Shares av.db curated category or tags: cli, monitoring, security.
- [rhash](https://www.automicvault.com/pkg/brew/rhash/) - Shares av.db curated category or tags: cli, file-integrity, security.
- [s3scanner](https://www.automicvault.com/pkg/brew/s3scanner/) - Shares av.db curated category or tags: cli, s3, security.
- [acme.sh](https://www.automicvault.com/pkg/brew/acme-sh/) - Shares av.db curated category or tags: cli, security.
- [age](https://www.automicvault.com/pkg/brew/age/) - Security-sensitive metadata or terminology overlaps. Shared terms: cli, file, security.

## Combined YAML source

View the package source record on GitHub. [combined/kekkai.yml](https://github.com/automic-vault/db/blob/main/combined/kekkai.yml)


## Sources

- Nucleus package database
- Geiger risk classifier
- package-page enrichment
- curated package history
- package version freshness
- av.db category and tag curation
- package relationship graph
- cross-ecosystem install command graph
