From a45cde44f4bb841c948256372bdc5621bd627e82 Mon Sep 17 00:00:00 2001 From: Ads Dawson <104169244+GangGreenTemperTatum@users.noreply.github.com> Date: Thu, 7 Nov 2024 08:05:53 -0500 Subject: [PATCH 01/11] chore: backhaul categories for robopages --- coding/python/exec.yml | 8 ++++++-- cybersecurity/cicd/trufflehog.yml | 6 ++++++ cybersecurity/defensive/incident-response/splunk.yml | 5 +++++ cybersecurity/defensive/malware/virustotal.yml | 6 ++++++ .../offensive/information-gathering/arjun.yml | 5 +++++ .../information-gathering/dns-enumeration.yml | 5 +++++ .../offensive/information-gathering/feroxbuster.yml | 5 +++++ .../offensive/information-gathering/graphinder.yml | 5 +++++ .../offensive/information-gathering/httpx.yml | 5 +++++ .../offensive/information-gathering/katana.yml | 5 +++++ .../offensive/information-gathering/nmap.yml | 11 ++++++++--- cybersecurity/offensive/web-exploitation/nikto.yml | 5 +++++ cybersecurity/offensive/web-exploitation/nuclei.yml | 5 +++++ cybersecurity/offensive/web-exploitation/sqlmap.yml | 6 ++++++ cybersecurity/offensive/web-exploitation/wpscan.yml | 8 +++++++- cybersecurity/reverse-engineering/strings.yml | 6 ++++++ cybersecurity/reverse-engineering/symbols.yml | 6 ++++++ utilities/web.yml | 5 +++++ 18 files changed, 101 insertions(+), 6 deletions(-) diff --git a/coding/python/exec.yml b/coding/python/exec.yml index 43d1f13..e1f3396 100644 --- a/coding/python/exec.yml +++ b/coding/python/exec.yml @@ -1,5 +1,9 @@ description: A set of functions to execute python code in various flavors. +categories: + - coding + - python + functions: python_exec: description: Execute python code. @@ -14,10 +18,10 @@ functions: - 'import requests; print(requests.post("https://example.com", data={"key": "value"}).text)' - | import random - + def generate_random_numbers(n): return [random.randint(1, 100) for _ in range(n)] - + numbers = generate_random_numbers(10) print(f"Generated numbers: {numbers}") print(f"Sum of numbers: {sum(numbers)}") diff --git a/cybersecurity/cicd/trufflehog.yml b/cybersecurity/cicd/trufflehog.yml index a9e431d..5ab2f2b 100644 --- a/cybersecurity/cicd/trufflehog.yml +++ b/cybersecurity/cicd/trufflehog.yml @@ -1,5 +1,11 @@ description: TruffleHog is the most powerful secrets Discovery, Classification, Validation, and Analysis tool. In this context secret refers to a credential a machine uses to authenticate itself to another machine. This includes API keys, database passwords, private encryption keys, and more. +categories: + - cicd + - secrets + - information-gathering + - reconnaissance + functions: trufflehog_scan: description: Scan a GitHub repository for secrets using TruffleHog. diff --git a/cybersecurity/defensive/incident-response/splunk.yml b/cybersecurity/defensive/incident-response/splunk.yml index d1c5500..c14a488 100644 --- a/cybersecurity/defensive/incident-response/splunk.yml +++ b/cybersecurity/defensive/incident-response/splunk.yml @@ -1,5 +1,10 @@ description: Splunk is a platform for searching, monitoring, and analyzing machine-generated big data via a web-style interface. +categories: + - incident-response + - logging + - monitoring + functions: splunk_search: description: Perform a search query on Splunk. diff --git a/cybersecurity/defensive/malware/virustotal.yml b/cybersecurity/defensive/malware/virustotal.yml index 6f38d56..a420893 100644 --- a/cybersecurity/defensive/malware/virustotal.yml +++ b/cybersecurity/defensive/malware/virustotal.yml @@ -1,5 +1,11 @@ description: Analyse suspicious files, domains, IPs and URLs to detect malware and other breaches, automatically share them with the security community. You will require a VT API key to use this robopage. +categories: + - incident-response + - binary-analysis + - malware-analysis + - forensics + functions: virustotal_hash_lookup: description: Lookup a given hash with VirusTotal. diff --git a/cybersecurity/offensive/information-gathering/arjun.yml b/cybersecurity/offensive/information-gathering/arjun.yml index b03336f..f1a1631 100644 --- a/cybersecurity/offensive/information-gathering/arjun.yml +++ b/cybersecurity/offensive/information-gathering/arjun.yml @@ -1,5 +1,10 @@ description: Web applications use parameters (or queries) to accept user input. Arjun finds valid HTTP parameters with a huge default dictionary of 10,985 parameter names. +categories: + - information-gathering + - reconnaissance + - osint + functions: arjun_target_scan: description: Run Arjun against a single target. diff --git a/cybersecurity/offensive/information-gathering/dns-enumeration.yml b/cybersecurity/offensive/information-gathering/dns-enumeration.yml index 49b6d2c..e9293a8 100644 --- a/cybersecurity/offensive/information-gathering/dns-enumeration.yml +++ b/cybersecurity/offensive/information-gathering/dns-enumeration.yml @@ -1,5 +1,10 @@ description: This page uses Legba for DNS enumeration. +categories: + - information-gathering + - reconnaissance + - dns-enumeration + functions: enum_host_subdomains: description: Enumerate subdomains of a target host. diff --git a/cybersecurity/offensive/information-gathering/feroxbuster.yml b/cybersecurity/offensive/information-gathering/feroxbuster.yml index f930bfd..7e54df2 100644 --- a/cybersecurity/offensive/information-gathering/feroxbuster.yml +++ b/cybersecurity/offensive/information-gathering/feroxbuster.yml @@ -1,5 +1,10 @@ description: feroxbuster is a tool designed to perform Forced Browsing. Forced browsing is an attack where the aim is to enumerate and access resources that are not referenced by the web application, but are still accessible by an attacker. +categories: + - information-gathering + - reconnaissance + - http + functions: feroxbuster_bruteforce_file_extensions: description: "Brute-forces .pdf, .js, .html, .php, .txt, .json, and .docx lookups to each target with Burp proxy." diff --git a/cybersecurity/offensive/information-gathering/graphinder.yml b/cybersecurity/offensive/information-gathering/graphinder.yml index 011f049..e8e8bc4 100644 --- a/cybersecurity/offensive/information-gathering/graphinder.yml +++ b/cybersecurity/offensive/information-gathering/graphinder.yml @@ -1,5 +1,10 @@ description: Graphinder is a tool that extracts all GraphQL endpoints from a given domain. +categories: + - information-gathering + - reconnaissance + - graphql + functions: graphinder_url_scan: description: Extract all GraphQL endpoints from a given domain. diff --git a/cybersecurity/offensive/information-gathering/httpx.yml b/cybersecurity/offensive/information-gathering/httpx.yml index d627a39..dbc7595 100644 --- a/cybersecurity/offensive/information-gathering/httpx.yml +++ b/cybersecurity/offensive/information-gathering/httpx.yml @@ -1,5 +1,10 @@ description: httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library. It is designed to maintain result reliability with an increased number of threads. +categories: + - information-gathering + - reconnaissance + - http + functions: httpx_tech_detect: description: Run multiple HTTP probes on a target to fingerprint the web technology stack. diff --git a/cybersecurity/offensive/information-gathering/katana.yml b/cybersecurity/offensive/information-gathering/katana.yml index 4931981..c3918da 100644 --- a/cybersecurity/offensive/information-gathering/katana.yml +++ b/cybersecurity/offensive/information-gathering/katana.yml @@ -1,5 +1,10 @@ description: Katana is a fast crawler focused on execution in automation pipelines offering both headless and non-headless crawling. +categories: + - information-gathering + - reconnaissance + - crawler + functions: katana_headless_crawler: description: "Crawls a target or list of targets in headless mode" diff --git a/cybersecurity/offensive/information-gathering/nmap.yml b/cybersecurity/offensive/information-gathering/nmap.yml index faafc23..1dc366e 100644 --- a/cybersecurity/offensive/information-gathering/nmap.yml +++ b/cybersecurity/offensive/information-gathering/nmap.yml @@ -3,6 +3,11 @@ description: > The output from Nmap is a list of scanned targets, with supplemental information on each depending on the options used. Key among that information is the "interesting ports table".. That table lists the port number and protocol, service name, and state. The state is either open, filtered, closed, or unfiltered. Open. means that an application on the target machine is listening for connections/packets on that port. Filtered. means that a firewall, filter, or other network obstacle is blocking the port so that Nmap cannot tell whether it is open or closed. Closed. ports have no application listening on them, though they could open up at any time. Ports are classified as unfiltered. when they are responsive to Nmap's probes, but Nmap cannot determine whether they are open or closed. Nmap reports the state combinations open|filtered. and closed|filtered. when it cannot determine which of the two states describe a port. The port table may also include software version details when version detection has been requested. When an IP protocol scan is requested (-sO), Nmap provides information on supported IP protocols rather than listening ports. In addition to the interesting ports table, Nmap can provide further information on targets, including reverse DNS names, operating system guesses, device types, and MAC addresses. +categories: + - information-gathering + - reconnaissance + - networking + functions: nmap_tcp_ports_syn_scan: description: Scan one or more targets for the list of common TCP ports using a TCP SYN scan. @@ -16,7 +21,7 @@ functions: - scanme.nmap.org container: - build: + build: path: ${cwd}/nmap.Dockerfile name: nmap_local args: @@ -44,7 +49,7 @@ functions: - scanme.nmap.org container: - build: + build: path: ${cwd}/nmap.Dockerfile name: nmap_local args: @@ -57,4 +62,4 @@ functions: - nmap - -sU - -A - - ${target} \ No newline at end of file + - ${target} \ No newline at end of file diff --git a/cybersecurity/offensive/web-exploitation/nikto.yml b/cybersecurity/offensive/web-exploitation/nikto.yml index e5bb35d..5b3bffd 100644 --- a/cybersecurity/offensive/web-exploitation/nikto.yml +++ b/cybersecurity/offensive/web-exploitation/nikto.yml @@ -1,5 +1,10 @@ description: Scan web server for known vulnerabilities. +categories: + - web-exploitation + - reconnaissance + - http + functions: nikto_scan: description: Scan a specific target web server for known vulnerabilities. diff --git a/cybersecurity/offensive/web-exploitation/nuclei.yml b/cybersecurity/offensive/web-exploitation/nuclei.yml index a02b023..859b994 100644 --- a/cybersecurity/offensive/web-exploitation/nuclei.yml +++ b/cybersecurity/offensive/web-exploitation/nuclei.yml @@ -1,5 +1,10 @@ description: Nuclei is a modern, high-performance vulnerability scanner that leverages simple YAML-based templates. It empowers you to design custom vulnerability detection scenarios that mimic real-world conditions, leading to zero false positives. +categories: + - web-exploitation + - reconnaissance + - http + functions: nuclei_basic_scan: description: Default templates on a single target diff --git a/cybersecurity/offensive/web-exploitation/sqlmap.yml b/cybersecurity/offensive/web-exploitation/sqlmap.yml index 2b5dfb8..3b5eac5 100644 --- a/cybersecurity/offensive/web-exploitation/sqlmap.yml +++ b/cybersecurity/offensive/web-exploitation/sqlmap.yml @@ -1,5 +1,11 @@ description: Automatic SQL injection tool. +categories: + - web-exploitation + - reconnaissance + - sql + - injection + functions: sqlmap_scan: description: Scan a specific target for SQL injection vulnerabilities. diff --git a/cybersecurity/offensive/web-exploitation/wpscan.yml b/cybersecurity/offensive/web-exploitation/wpscan.yml index 78f03b0..2cd8c29 100644 --- a/cybersecurity/offensive/web-exploitation/wpscan.yml +++ b/cybersecurity/offensive/web-exploitation/wpscan.yml @@ -1,6 +1,12 @@ description: WPScan scans for vulnerabilities in websites running WordPress. # https://wpscan.com/blog/wpscan-cli-cheat-sheet-poster/ +categories: + - web-exploitation + - reconnaissance + - http + - wordpress + functions: wpscan_scan: description: Scan a specific domain for WordPress plugins with vulnerabilities. @@ -34,7 +40,7 @@ functions: image: wpscanteam/wpscan args: - --net=host - + cmdline: - wpscan - --url diff --git a/cybersecurity/reverse-engineering/strings.yml b/cybersecurity/reverse-engineering/strings.yml index 273212a..93cadc7 100644 --- a/cybersecurity/reverse-engineering/strings.yml +++ b/cybersecurity/reverse-engineering/strings.yml @@ -1,5 +1,11 @@ description: The best reverse engineering tool that's ever been created. +categories: + - reverse-engineering + - binary-analysis + - malware-analysis + - forensics + functions: print_strings_in_file: description: Find the printable strings in a file. diff --git a/cybersecurity/reverse-engineering/symbols.yml b/cybersecurity/reverse-engineering/symbols.yml index 9a97409..47110cb 100644 --- a/cybersecurity/reverse-engineering/symbols.yml +++ b/cybersecurity/reverse-engineering/symbols.yml @@ -1,5 +1,11 @@ description: Function to print exported and imported symbols from a binary. +categories: + - reverse-engineering + - binary-analysis + - malware-analysis + - forensics + functions: print_exported_symbols_in_file: description: Find the exported symbols in an executable file or a library. diff --git a/utilities/web.yml b/utilities/web.yml index 290aed4..554eb83 100644 --- a/utilities/web.yml +++ b/utilities/web.yml @@ -1,5 +1,10 @@ description: A set of web related utilities. +categories: + - utilities + - web + - http + functions: http_get: description: Perform an HTTP GET request to a given URL. From cab289e24c778cc6126a4a3e39afab402ff656ba Mon Sep 17 00:00:00 2001 From: Ads Dawson <104169244+GangGreenTemperTatum@users.noreply.github.com> Date: Thu, 7 Nov 2024 12:12:00 -0500 Subject: [PATCH 02/11] chore: categories match dir structure --- cybersecurity/cicd/trufflehog.yml | 4 +--- cybersecurity/defensive/incident-response/splunk.yml | 4 ++-- cybersecurity/defensive/malware/virustotal.yml | 7 +++---- cybersecurity/offensive/information-gathering/amass.yml | 4 ++-- cybersecurity/offensive/information-gathering/arjun.yml | 4 ++-- .../offensive/information-gathering/dns-enumeration.yml | 5 +++-- .../offensive/information-gathering/feroxbuster.yml | 4 ++-- .../offensive/information-gathering/graphinder.yml | 4 ++-- cybersecurity/offensive/information-gathering/httpx.yml | 4 ++-- cybersecurity/offensive/information-gathering/katana.yml | 4 ++-- cybersecurity/offensive/information-gathering/nmap.yml | 4 ++-- cybersecurity/offensive/web-exploitation/nikto.yml | 4 ++-- cybersecurity/offensive/web-exploitation/nuclei.yml | 4 ++-- cybersecurity/offensive/web-exploitation/sqlmap.yml | 5 ++--- cybersecurity/offensive/web-exploitation/wpscan.yml | 5 ++--- cybersecurity/reverse-engineering/strings.yml | 5 ++--- cybersecurity/reverse-engineering/symbols.yml | 5 ++--- utilities/web.yml | 2 -- 18 files changed, 35 insertions(+), 43 deletions(-) diff --git a/cybersecurity/cicd/trufflehog.yml b/cybersecurity/cicd/trufflehog.yml index 5ab2f2b..6732b14 100644 --- a/cybersecurity/cicd/trufflehog.yml +++ b/cybersecurity/cicd/trufflehog.yml @@ -1,10 +1,8 @@ description: TruffleHog is the most powerful secrets Discovery, Classification, Validation, and Analysis tool. In this context secret refers to a credential a machine uses to authenticate itself to another machine. This includes API keys, database passwords, private encryption keys, and more. categories: + - cybersecurity - cicd - - secrets - - information-gathering - - reconnaissance functions: trufflehog_scan: diff --git a/cybersecurity/defensive/incident-response/splunk.yml b/cybersecurity/defensive/incident-response/splunk.yml index c14a488..ed86cc8 100644 --- a/cybersecurity/defensive/incident-response/splunk.yml +++ b/cybersecurity/defensive/incident-response/splunk.yml @@ -1,9 +1,9 @@ description: Splunk is a platform for searching, monitoring, and analyzing machine-generated big data via a web-style interface. categories: + - cybersecurity + - defensive - incident-response - - logging - - monitoring functions: splunk_search: diff --git a/cybersecurity/defensive/malware/virustotal.yml b/cybersecurity/defensive/malware/virustotal.yml index a420893..166f8dc 100644 --- a/cybersecurity/defensive/malware/virustotal.yml +++ b/cybersecurity/defensive/malware/virustotal.yml @@ -1,10 +1,9 @@ description: Analyse suspicious files, domains, IPs and URLs to detect malware and other breaches, automatically share them with the security community. You will require a VT API key to use this robopage. categories: - - incident-response - - binary-analysis - - malware-analysis - - forensics + - cybersecurity + - defensive + - malware functions: virustotal_hash_lookup: diff --git a/cybersecurity/offensive/information-gathering/amass.yml b/cybersecurity/offensive/information-gathering/amass.yml index cd21676..98d22e4 100644 --- a/cybersecurity/offensive/information-gathering/amass.yml +++ b/cybersecurity/offensive/information-gathering/amass.yml @@ -1,9 +1,9 @@ description: The OWASP Amass Project performs network mapping of attack surfaces and external asset discovery using open source information gathering and active reconnaissance techniques. categories: + - cybersecurity + - offensive - information-gathering - - reconnaissance - - dns-enumeration functions: amass_enum: diff --git a/cybersecurity/offensive/information-gathering/arjun.yml b/cybersecurity/offensive/information-gathering/arjun.yml index f1a1631..d74b5b9 100644 --- a/cybersecurity/offensive/information-gathering/arjun.yml +++ b/cybersecurity/offensive/information-gathering/arjun.yml @@ -1,9 +1,9 @@ description: Web applications use parameters (or queries) to accept user input. Arjun finds valid HTTP parameters with a huge default dictionary of 10,985 parameter names. categories: + - cybersecurity + - offensive - information-gathering - - reconnaissance - - osint functions: arjun_target_scan: diff --git a/cybersecurity/offensive/information-gathering/dns-enumeration.yml b/cybersecurity/offensive/information-gathering/dns-enumeration.yml index e9293a8..63d8bfe 100644 --- a/cybersecurity/offensive/information-gathering/dns-enumeration.yml +++ b/cybersecurity/offensive/information-gathering/dns-enumeration.yml @@ -1,9 +1,10 @@ description: This page uses Legba for DNS enumeration. categories: + - cybersecurity + - offensive - information-gathering - - reconnaissance - - dns-enumeration + functions: enum_host_subdomains: diff --git a/cybersecurity/offensive/information-gathering/feroxbuster.yml b/cybersecurity/offensive/information-gathering/feroxbuster.yml index 7e54df2..2fc700c 100644 --- a/cybersecurity/offensive/information-gathering/feroxbuster.yml +++ b/cybersecurity/offensive/information-gathering/feroxbuster.yml @@ -1,9 +1,9 @@ description: feroxbuster is a tool designed to perform Forced Browsing. Forced browsing is an attack where the aim is to enumerate and access resources that are not referenced by the web application, but are still accessible by an attacker. categories: + - cybersecurity + - offensive - information-gathering - - reconnaissance - - http functions: feroxbuster_bruteforce_file_extensions: diff --git a/cybersecurity/offensive/information-gathering/graphinder.yml b/cybersecurity/offensive/information-gathering/graphinder.yml index e8e8bc4..c68b565 100644 --- a/cybersecurity/offensive/information-gathering/graphinder.yml +++ b/cybersecurity/offensive/information-gathering/graphinder.yml @@ -1,9 +1,9 @@ description: Graphinder is a tool that extracts all GraphQL endpoints from a given domain. categories: + - cybersecurity + - offensive - information-gathering - - reconnaissance - - graphql functions: graphinder_url_scan: diff --git a/cybersecurity/offensive/information-gathering/httpx.yml b/cybersecurity/offensive/information-gathering/httpx.yml index dbc7595..8bfb413 100644 --- a/cybersecurity/offensive/information-gathering/httpx.yml +++ b/cybersecurity/offensive/information-gathering/httpx.yml @@ -1,9 +1,9 @@ description: httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library. It is designed to maintain result reliability with an increased number of threads. categories: + - cybersecurity + - offensive - information-gathering - - reconnaissance - - http functions: httpx_tech_detect: diff --git a/cybersecurity/offensive/information-gathering/katana.yml b/cybersecurity/offensive/information-gathering/katana.yml index c3918da..f84d7cb 100644 --- a/cybersecurity/offensive/information-gathering/katana.yml +++ b/cybersecurity/offensive/information-gathering/katana.yml @@ -1,9 +1,9 @@ description: Katana is a fast crawler focused on execution in automation pipelines offering both headless and non-headless crawling. categories: + - cybersecurity + - offensive - information-gathering - - reconnaissance - - crawler functions: katana_headless_crawler: diff --git a/cybersecurity/offensive/information-gathering/nmap.yml b/cybersecurity/offensive/information-gathering/nmap.yml index 1dc366e..6da1f70 100644 --- a/cybersecurity/offensive/information-gathering/nmap.yml +++ b/cybersecurity/offensive/information-gathering/nmap.yml @@ -4,9 +4,9 @@ description: > In addition to the interesting ports table, Nmap can provide further information on targets, including reverse DNS names, operating system guesses, device types, and MAC addresses. categories: + - cybersecurity + - offensive - information-gathering - - reconnaissance - - networking functions: nmap_tcp_ports_syn_scan: diff --git a/cybersecurity/offensive/web-exploitation/nikto.yml b/cybersecurity/offensive/web-exploitation/nikto.yml index 5b3bffd..c154553 100644 --- a/cybersecurity/offensive/web-exploitation/nikto.yml +++ b/cybersecurity/offensive/web-exploitation/nikto.yml @@ -1,9 +1,9 @@ description: Scan web server for known vulnerabilities. categories: + - cybersecurity + - offensive - web-exploitation - - reconnaissance - - http functions: nikto_scan: diff --git a/cybersecurity/offensive/web-exploitation/nuclei.yml b/cybersecurity/offensive/web-exploitation/nuclei.yml index 859b994..efdc95c 100644 --- a/cybersecurity/offensive/web-exploitation/nuclei.yml +++ b/cybersecurity/offensive/web-exploitation/nuclei.yml @@ -1,9 +1,9 @@ description: Nuclei is a modern, high-performance vulnerability scanner that leverages simple YAML-based templates. It empowers you to design custom vulnerability detection scenarios that mimic real-world conditions, leading to zero false positives. categories: + - cybersecurity + - offensive - web-exploitation - - reconnaissance - - http functions: nuclei_basic_scan: diff --git a/cybersecurity/offensive/web-exploitation/sqlmap.yml b/cybersecurity/offensive/web-exploitation/sqlmap.yml index 3b5eac5..5128260 100644 --- a/cybersecurity/offensive/web-exploitation/sqlmap.yml +++ b/cybersecurity/offensive/web-exploitation/sqlmap.yml @@ -1,10 +1,9 @@ description: Automatic SQL injection tool. categories: + - cybersecurity + - offensive - web-exploitation - - reconnaissance - - sql - - injection functions: sqlmap_scan: diff --git a/cybersecurity/offensive/web-exploitation/wpscan.yml b/cybersecurity/offensive/web-exploitation/wpscan.yml index 2cd8c29..42142fd 100644 --- a/cybersecurity/offensive/web-exploitation/wpscan.yml +++ b/cybersecurity/offensive/web-exploitation/wpscan.yml @@ -2,10 +2,9 @@ description: WPScan scans for vulnerabilities in websites running WordPress. # https://wpscan.com/blog/wpscan-cli-cheat-sheet-poster/ categories: + - cybersecurity + - offensive - web-exploitation - - reconnaissance - - http - - wordpress functions: wpscan_scan: diff --git a/cybersecurity/reverse-engineering/strings.yml b/cybersecurity/reverse-engineering/strings.yml index 93cadc7..65c2906 100644 --- a/cybersecurity/reverse-engineering/strings.yml +++ b/cybersecurity/reverse-engineering/strings.yml @@ -1,10 +1,9 @@ description: The best reverse engineering tool that's ever been created. categories: + - cybersecurity + - offensive - reverse-engineering - - binary-analysis - - malware-analysis - - forensics functions: print_strings_in_file: diff --git a/cybersecurity/reverse-engineering/symbols.yml b/cybersecurity/reverse-engineering/symbols.yml index 47110cb..6a3406c 100644 --- a/cybersecurity/reverse-engineering/symbols.yml +++ b/cybersecurity/reverse-engineering/symbols.yml @@ -1,10 +1,9 @@ description: Function to print exported and imported symbols from a binary. categories: + - cybersecurity + - offensive - reverse-engineering - - binary-analysis - - malware-analysis - - forensics functions: print_exported_symbols_in_file: diff --git a/utilities/web.yml b/utilities/web.yml index 554eb83..bd82917 100644 --- a/utilities/web.yml +++ b/utilities/web.yml @@ -2,8 +2,6 @@ description: A set of web related utilities. categories: - utilities - - web - - http functions: http_get: From 1db1f673cc01c83b7236094e8373ec9753ea0211 Mon Sep 17 00:00:00 2001 From: Ads Dawson <104169244+GangGreenTemperTatum@users.noreply.github.com> Date: Fri, 8 Nov 2024 06:11:38 -0500 Subject: [PATCH 03/11] fix: strings rm absolute path --- cybersecurity/reverse-engineering/strings.yml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/cybersecurity/reverse-engineering/strings.yml b/cybersecurity/reverse-engineering/strings.yml index 65c2906..571987d 100644 --- a/cybersecurity/reverse-engineering/strings.yml +++ b/cybersecurity/reverse-engineering/strings.yml @@ -1,4 +1,7 @@ -description: The best reverse engineering tool that's ever been created. +description: | + The best reverse engineering tool that's ever been created. + Strings looks for ASCII strings in a binary file or standard input. Strings is useful for identifying random object files and many other things. A string is any sequence of 4 (the default) or + more printing characters [ending at, but not including, any other character or EOF]. categories: - cybersecurity @@ -17,5 +20,5 @@ functions: - /Applications/Firefox.app/Contents/MacOS/firefox cmdline: - - /usr/bin/strings + - strings - ${file_path} \ No newline at end of file From c254b4afef4b8429fa94310b5e1acb212c14f2d9 Mon Sep 17 00:00:00 2001 From: Ads Dawson <104169244+GangGreenTemperTatum@users.noreply.github.com> Date: Fri, 8 Nov 2024 06:13:35 -0500 Subject: [PATCH 04/11] fix: try use container with abs path --- cybersecurity/reverse-engineering/strings.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/cybersecurity/reverse-engineering/strings.yml b/cybersecurity/reverse-engineering/strings.yml index 571987d..007352a 100644 --- a/cybersecurity/reverse-engineering/strings.yml +++ b/cybersecurity/reverse-engineering/strings.yml @@ -19,6 +19,9 @@ functions: - /path/to/binary - /Applications/Firefox.app/Contents/MacOS/firefox + container: + image: alpine + cmdline: - - strings + - /usr/bin/strings - ${file_path} \ No newline at end of file From 5b60a0ed8c5b3e8153164688667044c7847255ce Mon Sep 17 00:00:00 2001 From: Ads Dawson <104169244+GangGreenTemperTatum@users.noreply.github.com> Date: Fri, 8 Nov 2024 06:19:18 -0500 Subject: [PATCH 05/11] chore: revert strings --- cybersecurity/reverse-engineering/strings.yml | 13 +------------ 1 file changed, 1 insertion(+), 12 deletions(-) diff --git a/cybersecurity/reverse-engineering/strings.yml b/cybersecurity/reverse-engineering/strings.yml index 007352a..273212a 100644 --- a/cybersecurity/reverse-engineering/strings.yml +++ b/cybersecurity/reverse-engineering/strings.yml @@ -1,12 +1,4 @@ -description: | - The best reverse engineering tool that's ever been created. - Strings looks for ASCII strings in a binary file or standard input. Strings is useful for identifying random object files and many other things. A string is any sequence of 4 (the default) or - more printing characters [ending at, but not including, any other character or EOF]. - -categories: - - cybersecurity - - offensive - - reverse-engineering +description: The best reverse engineering tool that's ever been created. functions: print_strings_in_file: @@ -19,9 +11,6 @@ functions: - /path/to/binary - /Applications/Firefox.app/Contents/MacOS/firefox - container: - image: alpine - cmdline: - /usr/bin/strings - ${file_path} \ No newline at end of file From f332ae710fe8eb6d008f032bfedfd1abdccb46d8 Mon Sep 17 00:00:00 2001 From: Ads Dawson <104169244+GangGreenTemperTatum@users.noreply.github.com> Date: Fri, 8 Nov 2024 06:20:35 -0500 Subject: [PATCH 06/11] chore: also rm symbols for now --- cybersecurity/reverse-engineering/symbols.yml | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/cybersecurity/reverse-engineering/symbols.yml b/cybersecurity/reverse-engineering/symbols.yml index 6a3406c..ab273d5 100644 --- a/cybersecurity/reverse-engineering/symbols.yml +++ b/cybersecurity/reverse-engineering/symbols.yml @@ -1,10 +1,5 @@ description: Function to print exported and imported symbols from a binary. -categories: - - cybersecurity - - offensive - - reverse-engineering - functions: print_exported_symbols_in_file: description: Find the exported symbols in an executable file or a library. @@ -28,4 +23,4 @@ functions: - readelf - -Ws - --dyn-syms - - ${file_path} + - ${file_path} \ No newline at end of file From 42eb5866a4789b70d00d42ba2528f1c5cf2a88c8 Mon Sep 17 00:00:00 2001 From: Ads Dawson <104169244+GangGreenTemperTatum@users.noreply.github.com> Date: Fri, 8 Nov 2024 06:25:43 -0500 Subject: [PATCH 07/11] chore: include run in the comment --- .github/workflows/validate_robopages.yml | 32 +++++++++++++----------- 1 file changed, 17 insertions(+), 15 deletions(-) diff --git a/.github/workflows/validate_robopages.yml b/.github/workflows/validate_robopages.yml index 9419aa7..76cdf4d 100644 --- a/.github/workflows/validate_robopages.yml +++ b/.github/workflows/validate_robopages.yml @@ -63,19 +63,21 @@ jobs: validate_file "$file" || exit 1 done - - name: Post validation status - if: always() - uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea #7.0.1 - with: - script: | - const validation_status = '${{ steps.robopages-validation.outcome }}' === 'success' - ? '✅ Validation successful' - : '❌ Validation failed'; + - name: Post validation status + if: always() + uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea #7.0.1 + with: + script: | + const validation_status = '${{ steps.robopages-validation.outcome }}' === 'success' + ? '✅ Validation successful' + : '❌ Validation failed'; + + const runUrl = `${process.env.GITHUB_SERVER_URL}/${process.env.GITHUB_REPOSITORY}/actions/runs/${process.env.GITHUB_RUN_ID}`; - github.rest.pulls.createReview({ - owner: context.repo.owner, - repo: context.repo.repo, - pull_number: context.issue.number, - body: `## Validation Results\n${validation_status}\n\nPlease ensure your contribution follows the required format.`, - event: 'COMMENT' - }); \ No newline at end of file + github.rest.pulls.createReview({ + owner: context.repo.owner, + repo: context.repo.repo, + pull_number: context.issue.number, + body: `## Validation Results\n${validation_status}\n\nPlease ensure your contribution follows the required format.\n\n[View Run Details](${runUrl})`, + event: 'COMMENT' + }); \ No newline at end of file From ace43d7bdbcc061fb1d4cc001726ec62700b0c3a Mon Sep 17 00:00:00 2001 From: Ads Dawson <104169244+GangGreenTemperTatum@users.noreply.github.com> Date: Fri, 8 Nov 2024 06:25:55 -0500 Subject: [PATCH 08/11] chore: add symbols categories --- cybersecurity/reverse-engineering/symbols.yml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/cybersecurity/reverse-engineering/symbols.yml b/cybersecurity/reverse-engineering/symbols.yml index ab273d5..6a3406c 100644 --- a/cybersecurity/reverse-engineering/symbols.yml +++ b/cybersecurity/reverse-engineering/symbols.yml @@ -1,5 +1,10 @@ description: Function to print exported and imported symbols from a binary. +categories: + - cybersecurity + - offensive + - reverse-engineering + functions: print_exported_symbols_in_file: description: Find the exported symbols in an executable file or a library. @@ -23,4 +28,4 @@ functions: - readelf - -Ws - --dyn-syms - - ${file_path} \ No newline at end of file + - ${file_path} From ade40caf0384ccbcc915291ed2d560ab8e2ef4f8 Mon Sep 17 00:00:00 2001 From: Ads Dawson <104169244+GangGreenTemperTatum@users.noreply.github.com> Date: Fri, 8 Nov 2024 06:32:33 -0500 Subject: [PATCH 09/11] fix: workflow indentation --- .github/workflows/validate_robopages.yml | 45 +++++++++++++++--------- 1 file changed, 28 insertions(+), 17 deletions(-) diff --git a/.github/workflows/validate_robopages.yml b/.github/workflows/validate_robopages.yml index 76cdf4d..b379e82 100644 --- a/.github/workflows/validate_robopages.yml +++ b/.github/workflows/validate_robopages.yml @@ -63,21 +63,32 @@ jobs: validate_file "$file" || exit 1 done - - name: Post validation status - if: always() - uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea #7.0.1 - with: - script: | - const validation_status = '${{ steps.robopages-validation.outcome }}' === 'success' - ? '✅ Validation successful' - : '❌ Validation failed'; - - const runUrl = `${process.env.GITHUB_SERVER_URL}/${process.env.GITHUB_REPOSITORY}/actions/runs/${process.env.GITHUB_RUN_ID}`; + - name: Post validation status + if: always() + uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea #7.0.1 + with: + script: | + const validation_status = '${{ steps.robopages-validation.outcome }}' === 'success' ? '✅ Validation successful' : '❌ Validation failed'; + const runUrl = `${process.env.GITHUB_SERVER_URL}/${process.env.GITHUB_REPOSITORY}/actions/runs/${process.env.GITHUB_RUN_ID}`; + const timestamp = new Date().toISOString(); + const body = [ + `## Validation Results (${timestamp})`, + '', + validation_status, + '', + 'Please ensure your contribution follows the required format.', + '', + `🔍 [View Full Validation Details](${runUrl})`, + '', + '---', + `Run ID: \`${process.env.GITHUB_RUN_ID}\``, + `Workflow: ${process.env.GITHUB_WORKFLOW}` + ].join('\n'); - github.rest.pulls.createReview({ - owner: context.repo.owner, - repo: context.repo.repo, - pull_number: context.issue.number, - body: `## Validation Results\n${validation_status}\n\nPlease ensure your contribution follows the required format.\n\n[View Run Details](${runUrl})`, - event: 'COMMENT' - }); \ No newline at end of file + github.rest.pulls.createReview({ + owner: context.repo.owner, + repo: context.repo.repo, + pull_number: context.issue.number, + body: body, + event: 'COMMENT' + }); \ No newline at end of file From 7e4649422f615213ecc3dbd2460d4cd1e244b897 Mon Sep 17 00:00:00 2001 From: Ads Dawson <104169244+GangGreenTemperTatum@users.noreply.github.com> Date: Fri, 8 Nov 2024 06:51:49 -0500 Subject: [PATCH 10/11] chore: try workflow robopage container skip check --- .github/workflows/validate_robopages.yml | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/.github/workflows/validate_robopages.yml b/.github/workflows/validate_robopages.yml index b379e82..e92531f 100644 --- a/.github/workflows/validate_robopages.yml +++ b/.github/workflows/validate_robopages.yml @@ -25,6 +25,11 @@ jobs: - name: Set up Docker uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # 3.7.1 + - name: Install validation dependencies + run: | + sudo apt-get update + sudo apt-get install -y binutils strings + - name: Validate Contribution Files id: robopages-validation continue-on-error: true @@ -44,13 +49,15 @@ jobs: docker pull dreadnode/robopages:latest - # Run validation with Docker socket mounted + # Run validation without Docker socket and skip container checks docker run --rm \ -v $(pwd):/workspace \ - -v /var/run/docker.sock:/var/run/docker.sock \ -w /workspace \ - --privileged \ - dreadnode/robopages:latest validate --path "$(printf '%q' "$file")" --skip-docker + dreadnode/robopages:latest validate \ + --path "$(printf '%q' "$file")" \ + --skip-docker \ + --skip-container-validation + } # Get changed files using GitHub's provided variables From 04e0d221ed5072788a072772e5b631a83a9c2f1a Mon Sep 17 00:00:00 2001 From: Ads Dawson <104169244+GangGreenTemperTatum@users.noreply.github.com> Date: Fri, 8 Nov 2024 06:54:07 -0500 Subject: [PATCH 11/11] fix: revert workflow --- .github/workflows/validate_robopages.yml | 15 ++++----------- 1 file changed, 4 insertions(+), 11 deletions(-) diff --git a/.github/workflows/validate_robopages.yml b/.github/workflows/validate_robopages.yml index e92531f..b379e82 100644 --- a/.github/workflows/validate_robopages.yml +++ b/.github/workflows/validate_robopages.yml @@ -25,11 +25,6 @@ jobs: - name: Set up Docker uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # 3.7.1 - - name: Install validation dependencies - run: | - sudo apt-get update - sudo apt-get install -y binutils strings - - name: Validate Contribution Files id: robopages-validation continue-on-error: true @@ -49,15 +44,13 @@ jobs: docker pull dreadnode/robopages:latest - # Run validation without Docker socket and skip container checks + # Run validation with Docker socket mounted docker run --rm \ -v $(pwd):/workspace \ + -v /var/run/docker.sock:/var/run/docker.sock \ -w /workspace \ - dreadnode/robopages:latest validate \ - --path "$(printf '%q' "$file")" \ - --skip-docker \ - --skip-container-validation - + --privileged \ + dreadnode/robopages:latest validate --path "$(printf '%q' "$file")" --skip-docker } # Get changed files using GitHub's provided variables