Add FOR610 tool/workflow knowledge base and data pipeline

Build comprehensive malware analysis knowledge base from 3 sources:
- SANS FOR610 course: 120 tools, 47 labs, 15 workflows, 27 recipes
- REMnux salt-states: 340 packages parsed from GitHub
- REMnux docs: 280+ tools scraped from docs.remnux.org

Master inventory merges all sources into 447 tools with help tiers
(rich/standard/basic). Pipeline generates: tools.db (397 entries),
397 cheatsheets with multi-tool recipes, 15 workflow guides, 224
TLDR pages, and coverage reports.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

data/generated/cheatsheets/brxor.py.cheat

@@ -0,0 +1,24 @@
+# brxor.py
+# Brute-force XOR key detection for single-byte XOR-encoded strings
+# FOR610 Labs: 5.2 | Sections: 5
+# Docs: https://docs.remnux.org/discover-the-tools/examine+static+properties/deobfuscation
+
+% xor, brute-force, deobfuscation
+
+# Basic usage
+brxor.py specimen.dll
+
+
+# --- Recipes (multi-tool chains) ---
+
+# >> Brute-Force XOR Key
+# Quick check for XOR-encoded URLs/PE headers
+XORSearch <file> http:
+# Brute-force single-byte XOR keys
+brxor.py <file>
+# Try XOR, ROL, ADD combinations
+bbcrack -l 1 <file>
+# Guess multi-byte XOR key length and value
+xortool <file>
+# Decode with known key
+xortool-xor -s '<key>' -i <encoded> -o <decoded>