Major repository cleanup and enhancement

- Reorganize documentation: moved old docs to docs/ directory - Add comprehensive README.md with build options and usage guide - Add detailed CONTRIBUTING.md with help content management guide - Create Makefile for automated building and testing - Add Dockerfile.scratch for building from Ubuntu 20.04 base - Enhance all Dockerfiles with PowerShell + PSScriptAnalyzer - Add modern shells: zsh (with plugins) and fish (with config) - Add modern CLI tools: fd-find, ripgrep, fzf - Create comprehensive help system with cheat/TLDR/fish completions - Add helper scripts for help content management and coverage checking - Fix Dockerfile.remnux script references - Support three build variants: upstream (REMnux), scratch (Ubuntu), kali Build options: - make build-upstream: Fast, uses REMnux upstream (recommended) - make build-scratch: Full control, builds from Ubuntu 20.04 - make build-kali: Legacy Kali Linux base Features: - PowerShell with PSScriptAnalyzer module - Modern shells (zsh, fish) with custom configurations - Enhanced help system (cheat sheets, TLDR pages, fish completions) - Help coverage checking and bulk import tools - Comprehensive documentation for users and contributors
2025-10-01 11:45:56 +02:00
parent 6bfcfd7935
commit b98aaee3e0
27 changed files with 5000 additions and 62 deletions
--- a/scripts/fhelp
+++ b/scripts/fhelp
@@ -0,0 +1,358 @@
+#!/bin/bash
+
+# Enhanced File Analysis Help System
+# Integrates multiple help sources: custom cheat sheets, navi, tldr, and tool database
+
+# Color definitions
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+BLUE='\033[0;34m'
+YELLOW='\033[1;33m'
+CYAN='\033[0;36m'
+MAGENTA='\033[0;35m'
+NC='\033[0m'
+
+# Help system paths
+TOOLS_DB="/opt/remnux-docs/tools.db"
+CHEAT_DIR="/opt/cheatsheets"
+TLDR_CACHE="/home/remnux/.local/share/tldr"
+
+# Resolve cheat file names from a user-provided tool name
+# Tries several variants: exact, without .py, with .py, hyphen/underscore alternatives
+resolve_cheat_file() {
+    local name="$1"
+    local base=$(echo "$name" | sed 's/\.[Pp][Yy]$//')
+
+    # candidates to try in order
+    local candidates=(
+        "$name"
+        "$base"
+        "${base}.py"
+        "${base//_/}"
+        "${base//-/_}"
+        "${base//_/-}"
+    )
+
+    for cand in "${candidates[@]}"; do
+        if [[ -f "$CHEAT_DIR/personal/$cand" ]]; then
+            echo "$CHEAT_DIR/personal/$cand"
+            return 0
+        fi
+        if [[ -f "$CHEAT_DIR/${cand}.cheat" ]]; then
+            echo "$CHEAT_DIR/${cand}.cheat"
+            return 0
+        fi
+    done
+    return 1
+}
+
+show_main_help() {
+    echo -e "${CYAN}📚 File Analysis Container Help System${NC}"
+    echo "======================================"
+    echo ""
+    echo -e "${GREEN}🔍 Tool Discovery:${NC}"
+    echo "  fhelp tools [term]          - Search for analysis tools"
+    echo "  fhelp tools --interactive   - Browse tools interactively"
+    echo "  fhelp tools --list          - List all available tools"
+    echo ""
+    echo -e "${GREEN}📖 Command Examples:${NC}"
+    echo "  fhelp cheat <tool>          - Show cheat sheet for specific tool"
+    echo "  fhelp examples              - Browse all command examples interactively"
+    echo "  fhelp quick <command>       - Quick examples (tldr style)"
+    echo ""
+    echo -e "${GREEN}🎯 Analysis Workflows:${NC}"
+    echo "  fhelp pdf                   - PDF analysis workflow"
+    echo "  fhelp malware               - Malware analysis workflow"
+    echo "  fhelp forensics             - System forensics workflow"
+    echo ""
+    echo -e "${GREEN}💡 Quick Access:${NC}"
+    echo "  fhelp --all                 - Show everything available"
+    echo "  fhelp --offline             - Verify offline capabilities"
+    echo ""
+    echo -e "${YELLOW}Examples:${NC}"
+    echo "  fhelp tools pdf             # Find PDF analysis tools"
+    echo "  fhelp cheat pdfid.py        # Show pdfid.py examples"
+    echo "  fhelp quick tar             # Quick tar examples"
+    echo "  fhelp examples              # Browse all examples"
+}
+
+show_cheat() {
+    local tool="$1"
+    
+    if [[ -z "$tool" ]]; then
+        echo -e "${RED}❌ Please specify a tool name${NC}"
+        echo "Usage: fhelp cheat <tool>"
+        return 1
+    fi
+    
+    # Check for specific workflow cheat sheets
+    local cheat_file=""
+    case "$tool" in
+        "pdf"|"pdf-analysis")
+            cheat_file="$CHEAT_DIR/pdf-analysis.cheat"
+            ;;
+        "malware"|"malware-analysis") 
+            cheat_file="$CHEAT_DIR/malware-analysis.cheat"
+            ;;
+        *)
+            cheat_file="$CHEAT_DIR/${tool}.cheat"
+            ;;
+    esac
+    
+    if [[ -f "$cheat_file" ]]; then
+        echo -e "${CYAN}📋 Cheat Sheet: ${YELLOW}$tool${NC}"
+        echo "=" $(printf '=%.0s' $(seq 1 ${#tool}))
+        echo ""
+        # Skip YAML frontmatter if present and print raw content (no ANSI coloring to avoid artifacts)
+        awk '/^---$/{if(++c==2) start=1; next} start || !/^---$/ && c!=1' "$cheat_file"
+    else
+        # Try resolution of common variants (e.g., pdfid.py -> pdfid, oledump -> oledump.py)
+        local resolved
+        resolved=$(resolve_cheat_file "$tool") || true
+        if [[ -n "$resolved" && -f "$resolved" ]]; then
+            echo -e "${CYAN}📋 Cheat Sheet: ${YELLOW}$tool${NC}"
+            echo "=" $(printf '=%.0s' $(seq 1 ${#tool}))
+            echo ""
+            awk '/^---$/{if(++c==2) start=1; next} start || !/^---$/ && c!=1' "$resolved"
+        else
+            echo -e "${YELLOW}⚠️  No cheat sheet found for '$tool'${NC}"
+            echo ""
+            echo "Available cheat sheets:"
+            if [[ -d "$CHEAT_DIR/personal" ]]; then
+                ls -1 "$CHEAT_DIR/personal/" 2>/dev/null | sed 's/^/  • /'
+            fi
+            return 1
+        fi
+    fi
+}
+
+show_quick() {
+    local command="$1"
+    
+    if [[ -z "$command" ]]; then
+        echo -e "${RED}❌ Please specify a command name${NC}"
+        echo "Usage: fhelp quick <command>"
+        return 1
+    fi
+    
+    echo -e "${CYAN}📖 Quick examples for: ${YELLOW}$command${NC}"
+    echo ""
+    
+    if command -v tldr >/dev/null 2>&1; then
+        if ! tldr "$command" 2>/dev/null; then
+            echo -e "${YELLOW}⚠️  No tldr page found for '$command'${NC}"
+            echo "Try: fhelp cheat $command"
+        fi
+    else
+        echo -e "${RED}❌ tldr command not available${NC}"
+        return 1
+    fi
+}
+
+show_tools() {
+    local search_term="$1"
+    local option="$2"
+    
+    case "$option" in
+        "--interactive")
+            if command -v find-tool >/dev/null 2>&1; then
+                find-tool --interactive
+            else
+                echo -e "${RED}❌ find-tool not available${NC}"
+            fi
+            ;;
+        "--list")
+            if command -v find-tool >/dev/null 2>&1; then
+                find-tool --list
+            else
+                echo -e "${RED}❌ find-tool not available${NC}"  
+            fi
+            ;;
+        *)
+            if [[ -z "$search_term" ]]; then
+                echo -e "${RED}❌ Please provide a search term${NC}"
+                echo "Usage: fhelp tools <search_term>"
+                echo "       fhelp tools --interactive"
+                echo "       fhelp tools --list"
+                return 1
+            fi
+            
+            echo -e "${CYAN}🔍 Searching analysis tools...${NC}"
+            if command -v find-tool >/dev/null 2>&1; then
+                find-tool "$search_term"
+            else
+                echo -e "${RED}❌ find-tool not available${NC}"
+            fi
+            ;;
+    esac
+}
+
+show_examples() {
+    echo -e "${CYAN}🎯 Available Command Examples${NC}"
+    echo ""
+    echo "Available cheat sheets:"
+    if [[ -d "$CHEAT_DIR/personal" ]]; then
+        echo -e "${GREEN}Cheat sheets (use: fhelp cheat <name>):${NC}"
+        ls -1 "$CHEAT_DIR/personal/" 2>/dev/null | sed 's/^/  • /'
+        echo ""
+    fi
+    
+    echo "Available TLDR pages:"
+    if [[ -d "/home/remnux/.local/share/tldr/pages/common" ]]; then
+        echo -e "${GREEN}TLDR pages (use: tldr <name>):${NC}"
+        ls -1 /home/remnux/.local/share/tldr/pages/common/*.md 2>/dev/null | sed 's|.*/||; s|\.md$||' | sed 's/^/  • /'
+    fi
+}
+
+show_offline_status() {
+    echo -e "${CYAN}🔌 Offline Capability Check${NC}"
+    echo "==========================="
+    echo ""
+    echo "Documentation Tools:"
+    
+    local tools=("find-tool" "cheat" "tldr")
+    for tool in "${tools[@]}"; do
+        if command -v "$tool" >/dev/null 2>&1; then
+            echo -e "  ${GREEN}✅ $tool - available${NC}"
+        else
+            echo -e "  ${RED}❌ $tool - missing${NC}"
+        fi
+    done
+    
+    echo ""
+    echo "Documentation Files:"
+    
+    local files=("$TOOLS_DB" "$CHEAT_DIR/pdf-analysis.cheat" "$CHEAT_DIR/malware-analysis.cheat")
+    local file_names=("/opt/remnux-docs/tools.db" "/opt/cheatsheets/pdf-analysis.cheat" "/opt/cheatsheets/malware-analysis.cheat")
+    
+    for i in "${!files[@]}"; do
+        if [[ -f "${files[$i]}" ]]; then
+            echo -e "  ${GREEN}✅ ${file_names[$i]} - available${NC}"
+        else
+            echo -e "  ${RED}❌ ${file_names[$i]} - missing${NC}"
+        fi
+    done
+    
+    # Count available cheat sheets
+    if [[ -d "$CHEAT_DIR" ]]; then
+        local cheat_count=$(ls -1 "$CHEAT_DIR"/*.cheat 2>/dev/null | wc -l)
+        echo ""
+        echo -e "${CYAN}📊 $cheat_count cheat sheets available${NC}"
+    fi
+    
+    echo ""
+    echo -e "${GREEN}🎉 Offline help system ready!${NC}"
+}
+
+show_pdf_workflow() {
+    echo -e "${CYAN}📄 PDF Analysis Workflow${NC}"
+    echo "========================"
+    echo ""
+    echo -e "${GREEN}Step 1: Initial Analysis${NC}"
+    echo "  pdfid.py document.pdf              # Quick overview"
+    echo "  file document.pdf                  # File type check"
+    echo ""  
+    echo -e "${GREEN}Step 2: Detailed Analysis${NC}"
+    echo "  pdf-parser.py document.pdf         # Structure analysis"
+    echo "  peepdf -i document.pdf             # Interactive analysis"
+    echo ""
+    echo -e "${GREEN}Step 3: Security Measures${NC}" 
+    echo "  pdftk document.pdf output safe.pdf flatten  # Remove JavaScript"
+    echo "  qpdf --decrypt encrypted.pdf decrypted.pdf  # Remove password"
+    echo ""
+    echo -e "${GREEN}Step 4: Deep Inspection${NC}"
+    echo "  strings document.pdf | grep -i javascript   # Find suspicious strings" 
+    echo "  exiftool document.pdf                       # Extract metadata"
+    echo "  convert document.pdf[0] preview.png         # Safe preview"
+    echo ""
+    echo -e "${YELLOW}For more examples: fhelp cheat pdf${NC}"
+}
+
+show_malware_workflow() {
+    echo -e "${CYAN}🦠 Malware Analysis Workflow${NC}"
+    echo "============================"
+    echo ""
+    echo -e "${GREEN}Step 1: File Identification${NC}"
+    echo "  file suspicious.exe                # Identify file type"
+    echo "  exiftool suspicious.exe            # Extract metadata"
+    echo ""
+    echo -e "${GREEN}Step 2: Static Analysis${NC}"
+    echo "  strings -n 8 malware.bin          # Extract strings"
+    echo "  capa malware.exe                   # Detect capabilities"
+    echo "  binwalk malware.bin                # Analyze binary structure"
+    echo ""
+    echo -e "${GREEN}Step 3: Document Analysis${NC}"
+    echo "  oledump.py document.doc            # Office documents"
+    echo "  rtfdump.py document.rtf            # RTF documents"
+    echo "  box-js suspicious.js               # JavaScript sandbox"
+    echo ""
+    echo -e "${GREEN}Step 4: Data Extraction${NC}"
+    echo "  base64dump.py encoded.txt          # Base64 content"
+    echo "  foremost -t exe,dll -i image.dd    # File carving"
+    echo ""  
+    echo -e "${YELLOW}For more examples: fhelp cheat malware${NC}"
+}
+
+show_all() {
+    echo -e "${CYAN}🔍 Complete Help System Overview${NC}"
+    echo "================================="
+    echo ""
+    
+    show_tools "analysis" 
+    echo ""
+    echo -e "${CYAN}Available Workflows:${NC}"
+    echo "  • PDF Analysis (fhelp pdf)"
+    echo "  • Malware Analysis (fhelp malware)"
+    echo ""
+    
+    if [[ -d "$CHEAT_DIR" ]]; then
+        echo -e "${CYAN}Available Cheat Sheets:${NC}"
+        ls -1 "$CHEAT_DIR"/*.cheat 2>/dev/null | sed 's|.*/||; s|\.cheat$||' | sed 's/^/  • /'
+        echo ""
+    fi
+    
+    show_offline_status
+}
+
+# Main command parsing
+case "${1:-}" in
+    "tools")
+        shift
+        show_tools "$@"
+        ;;
+    "cheat")
+        shift
+        show_cheat "$@"
+        ;;
+    "quick")
+        shift
+        show_quick "$@"
+        ;;
+    "examples")
+        show_examples
+        ;;
+    "pdf")
+        show_pdf_workflow
+        ;;
+    "malware")
+        show_malware_workflow
+        ;;
+    "forensics")
+        echo -e "${YELLOW}⚠️  Forensics workflow not yet implemented${NC}"
+        echo "Try: fhelp malware or fhelp pdf"
+        ;;
+    "--offline")
+        show_offline_status
+        ;;
+    "--all")
+        show_all
+        ;;
+    "--help"|"-h"|"help"|"")
+        show_main_help
+        ;;
+    *)
+        echo -e "${RED}Unknown option: $1${NC}"
+        echo ""
+        show_main_help
+        ;;
+esac