CheckEngine was developed as part of our research on the security of integrated browsers. This work is published as Shiny Shells, Rusty Cores: A Crowdsourced Security Evaluation of Integrated Web Browsers at SOUPS 2025. Our instance of CheckEngine remains online to support the ongoing continuation of this study.
CheckEngine relies on a modified version of BrowserAudit.
- Clone this repository:
git clone https://github.com/DistriNet/checkengine.git ./checkengine- Clone our browseraudit fork to
./browseraudit
git clone https://github.com/DistriNet/browseraudit.git ./checkengine/browserauditThis fork is tailored for seamless integration with CheckEngine.
- Fill in all required environment variables:
-
Laravel: Edit
./laravel/.env:APP_URLโ Public URL of your CheckEngine instanceDB_*โ PostgreSQL credentialsTINI_URL_TOKENโ API token for tini.fyi URL shortener
-
Let's Encrypt Certbot: Edit
./certbot/letsencrypt/certbot.conf:domains: List all domains/subdomains you control that point to this server
-
BrowserAudit Go Server: Edit ./browseraudit/server.cfg
[database]โ PostgreSQL credentials (must match Laravel)[domain]โ List all domains/subdomains you control that point to this servergeoip2databaseโ Path to your GeoLite2 database (see BrowserAudit README)
- Build and launch the BrowserAudit server
cd ./checkengine/browseraudit
go build
./browserauditThe Go server should now be listening on the configured port.
- Start the framework with docker compose
cd ./checkengine
docker compose up -d nginxThis launches the nginx, php-fpm and memcache.
CheckEngine was mainly developed by Pieter Claeys, with additional contributions from Gertjan Franken.
Many thanks to the creators of BrowserAudit.