b98aaee3e0
- Reorganize documentation: moved old docs to docs/ directory - Add comprehensive README.md with build options and usage guide - Add detailed CONTRIBUTING.md with help content management guide - Create Makefile for automated building and testing - Add Dockerfile.scratch for building from Ubuntu 20.04 base - Enhance all Dockerfiles with PowerShell + PSScriptAnalyzer - Add modern shells: zsh (with plugins) and fish (with config) - Add modern CLI tools: fd-find, ripgrep, fzf - Create comprehensive help system with cheat/TLDR/fish completions - Add helper scripts for help content management and coverage checking - Fix Dockerfile.remnux script references - Support three build variants: upstream (REMnux), scratch (Ubuntu), kali Build options: - make build-upstream: Fast, uses REMnux upstream (recommended) - make build-scratch: Full control, builds from Ubuntu 20.04 - make build-kali: Legacy Kali Linux base Features: - PowerShell with PSScriptAnalyzer module - Modern shells (zsh, fish) with custom configurations - Enhanced help system (cheat sheets, TLDR pages, fish completions) - Help coverage checking and bulk import tools - Comprehensive documentation for users and contributors
358 lines
12 KiB
Bash
Executable File
358 lines
12 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
# Enhanced File Analysis Help System
|
|
# Integrates multiple help sources: custom cheat sheets, navi, tldr, and tool database
|
|
|
|
# Color definitions
|
|
RED='\033[0;31m'
|
|
GREEN='\033[0;32m'
|
|
BLUE='\033[0;34m'
|
|
YELLOW='\033[1;33m'
|
|
CYAN='\033[0;36m'
|
|
MAGENTA='\033[0;35m'
|
|
NC='\033[0m'
|
|
|
|
# Help system paths
|
|
TOOLS_DB="/opt/remnux-docs/tools.db"
|
|
CHEAT_DIR="/opt/cheatsheets"
|
|
TLDR_CACHE="/home/remnux/.local/share/tldr"
|
|
|
|
# Resolve cheat file names from a user-provided tool name
|
|
# Tries several variants: exact, without .py, with .py, hyphen/underscore alternatives
|
|
resolve_cheat_file() {
|
|
local name="$1"
|
|
local base=$(echo "$name" | sed 's/\.[Pp][Yy]$//')
|
|
|
|
# candidates to try in order
|
|
local candidates=(
|
|
"$name"
|
|
"$base"
|
|
"${base}.py"
|
|
"${base//_/}"
|
|
"${base//-/_}"
|
|
"${base//_/-}"
|
|
)
|
|
|
|
for cand in "${candidates[@]}"; do
|
|
if [[ -f "$CHEAT_DIR/personal/$cand" ]]; then
|
|
echo "$CHEAT_DIR/personal/$cand"
|
|
return 0
|
|
fi
|
|
if [[ -f "$CHEAT_DIR/${cand}.cheat" ]]; then
|
|
echo "$CHEAT_DIR/${cand}.cheat"
|
|
return 0
|
|
fi
|
|
done
|
|
return 1
|
|
}
|
|
|
|
show_main_help() {
|
|
echo -e "${CYAN}📚 File Analysis Container Help System${NC}"
|
|
echo "======================================"
|
|
echo ""
|
|
echo -e "${GREEN}🔍 Tool Discovery:${NC}"
|
|
echo " fhelp tools [term] - Search for analysis tools"
|
|
echo " fhelp tools --interactive - Browse tools interactively"
|
|
echo " fhelp tools --list - List all available tools"
|
|
echo ""
|
|
echo -e "${GREEN}📖 Command Examples:${NC}"
|
|
echo " fhelp cheat <tool> - Show cheat sheet for specific tool"
|
|
echo " fhelp examples - Browse all command examples interactively"
|
|
echo " fhelp quick <command> - Quick examples (tldr style)"
|
|
echo ""
|
|
echo -e "${GREEN}🎯 Analysis Workflows:${NC}"
|
|
echo " fhelp pdf - PDF analysis workflow"
|
|
echo " fhelp malware - Malware analysis workflow"
|
|
echo " fhelp forensics - System forensics workflow"
|
|
echo ""
|
|
echo -e "${GREEN}💡 Quick Access:${NC}"
|
|
echo " fhelp --all - Show everything available"
|
|
echo " fhelp --offline - Verify offline capabilities"
|
|
echo ""
|
|
echo -e "${YELLOW}Examples:${NC}"
|
|
echo " fhelp tools pdf # Find PDF analysis tools"
|
|
echo " fhelp cheat pdfid.py # Show pdfid.py examples"
|
|
echo " fhelp quick tar # Quick tar examples"
|
|
echo " fhelp examples # Browse all examples"
|
|
}
|
|
|
|
show_cheat() {
|
|
local tool="$1"
|
|
|
|
if [[ -z "$tool" ]]; then
|
|
echo -e "${RED}❌ Please specify a tool name${NC}"
|
|
echo "Usage: fhelp cheat <tool>"
|
|
return 1
|
|
fi
|
|
|
|
# Check for specific workflow cheat sheets
|
|
local cheat_file=""
|
|
case "$tool" in
|
|
"pdf"|"pdf-analysis")
|
|
cheat_file="$CHEAT_DIR/pdf-analysis.cheat"
|
|
;;
|
|
"malware"|"malware-analysis")
|
|
cheat_file="$CHEAT_DIR/malware-analysis.cheat"
|
|
;;
|
|
*)
|
|
cheat_file="$CHEAT_DIR/${tool}.cheat"
|
|
;;
|
|
esac
|
|
|
|
if [[ -f "$cheat_file" ]]; then
|
|
echo -e "${CYAN}📋 Cheat Sheet: ${YELLOW}$tool${NC}"
|
|
echo "=" $(printf '=%.0s' $(seq 1 ${#tool}))
|
|
echo ""
|
|
# Skip YAML frontmatter if present and print raw content (no ANSI coloring to avoid artifacts)
|
|
awk '/^---$/{if(++c==2) start=1; next} start || !/^---$/ && c!=1' "$cheat_file"
|
|
else
|
|
# Try resolution of common variants (e.g., pdfid.py -> pdfid, oledump -> oledump.py)
|
|
local resolved
|
|
resolved=$(resolve_cheat_file "$tool") || true
|
|
if [[ -n "$resolved" && -f "$resolved" ]]; then
|
|
echo -e "${CYAN}📋 Cheat Sheet: ${YELLOW}$tool${NC}"
|
|
echo "=" $(printf '=%.0s' $(seq 1 ${#tool}))
|
|
echo ""
|
|
awk '/^---$/{if(++c==2) start=1; next} start || !/^---$/ && c!=1' "$resolved"
|
|
else
|
|
echo -e "${YELLOW}⚠️ No cheat sheet found for '$tool'${NC}"
|
|
echo ""
|
|
echo "Available cheat sheets:"
|
|
if [[ -d "$CHEAT_DIR/personal" ]]; then
|
|
ls -1 "$CHEAT_DIR/personal/" 2>/dev/null | sed 's/^/ • /'
|
|
fi
|
|
return 1
|
|
fi
|
|
fi
|
|
}
|
|
|
|
show_quick() {
|
|
local command="$1"
|
|
|
|
if [[ -z "$command" ]]; then
|
|
echo -e "${RED}❌ Please specify a command name${NC}"
|
|
echo "Usage: fhelp quick <command>"
|
|
return 1
|
|
fi
|
|
|
|
echo -e "${CYAN}📖 Quick examples for: ${YELLOW}$command${NC}"
|
|
echo ""
|
|
|
|
if command -v tldr >/dev/null 2>&1; then
|
|
if ! tldr "$command" 2>/dev/null; then
|
|
echo -e "${YELLOW}⚠️ No tldr page found for '$command'${NC}"
|
|
echo "Try: fhelp cheat $command"
|
|
fi
|
|
else
|
|
echo -e "${RED}❌ tldr command not available${NC}"
|
|
return 1
|
|
fi
|
|
}
|
|
|
|
show_tools() {
|
|
local search_term="$1"
|
|
local option="$2"
|
|
|
|
case "$option" in
|
|
"--interactive")
|
|
if command -v find-tool >/dev/null 2>&1; then
|
|
find-tool --interactive
|
|
else
|
|
echo -e "${RED}❌ find-tool not available${NC}"
|
|
fi
|
|
;;
|
|
"--list")
|
|
if command -v find-tool >/dev/null 2>&1; then
|
|
find-tool --list
|
|
else
|
|
echo -e "${RED}❌ find-tool not available${NC}"
|
|
fi
|
|
;;
|
|
*)
|
|
if [[ -z "$search_term" ]]; then
|
|
echo -e "${RED}❌ Please provide a search term${NC}"
|
|
echo "Usage: fhelp tools <search_term>"
|
|
echo " fhelp tools --interactive"
|
|
echo " fhelp tools --list"
|
|
return 1
|
|
fi
|
|
|
|
echo -e "${CYAN}🔍 Searching analysis tools...${NC}"
|
|
if command -v find-tool >/dev/null 2>&1; then
|
|
find-tool "$search_term"
|
|
else
|
|
echo -e "${RED}❌ find-tool not available${NC}"
|
|
fi
|
|
;;
|
|
esac
|
|
}
|
|
|
|
show_examples() {
|
|
echo -e "${CYAN}🎯 Available Command Examples${NC}"
|
|
echo ""
|
|
echo "Available cheat sheets:"
|
|
if [[ -d "$CHEAT_DIR/personal" ]]; then
|
|
echo -e "${GREEN}Cheat sheets (use: fhelp cheat <name>):${NC}"
|
|
ls -1 "$CHEAT_DIR/personal/" 2>/dev/null | sed 's/^/ • /'
|
|
echo ""
|
|
fi
|
|
|
|
echo "Available TLDR pages:"
|
|
if [[ -d "/home/remnux/.local/share/tldr/pages/common" ]]; then
|
|
echo -e "${GREEN}TLDR pages (use: tldr <name>):${NC}"
|
|
ls -1 /home/remnux/.local/share/tldr/pages/common/*.md 2>/dev/null | sed 's|.*/||; s|\.md$||' | sed 's/^/ • /'
|
|
fi
|
|
}
|
|
|
|
show_offline_status() {
|
|
echo -e "${CYAN}🔌 Offline Capability Check${NC}"
|
|
echo "==========================="
|
|
echo ""
|
|
echo "Documentation Tools:"
|
|
|
|
local tools=("find-tool" "cheat" "tldr")
|
|
for tool in "${tools[@]}"; do
|
|
if command -v "$tool" >/dev/null 2>&1; then
|
|
echo -e " ${GREEN}✅ $tool - available${NC}"
|
|
else
|
|
echo -e " ${RED}❌ $tool - missing${NC}"
|
|
fi
|
|
done
|
|
|
|
echo ""
|
|
echo "Documentation Files:"
|
|
|
|
local files=("$TOOLS_DB" "$CHEAT_DIR/pdf-analysis.cheat" "$CHEAT_DIR/malware-analysis.cheat")
|
|
local file_names=("/opt/remnux-docs/tools.db" "/opt/cheatsheets/pdf-analysis.cheat" "/opt/cheatsheets/malware-analysis.cheat")
|
|
|
|
for i in "${!files[@]}"; do
|
|
if [[ -f "${files[$i]}" ]]; then
|
|
echo -e " ${GREEN}✅ ${file_names[$i]} - available${NC}"
|
|
else
|
|
echo -e " ${RED}❌ ${file_names[$i]} - missing${NC}"
|
|
fi
|
|
done
|
|
|
|
# Count available cheat sheets
|
|
if [[ -d "$CHEAT_DIR" ]]; then
|
|
local cheat_count=$(ls -1 "$CHEAT_DIR"/*.cheat 2>/dev/null | wc -l)
|
|
echo ""
|
|
echo -e "${CYAN}📊 $cheat_count cheat sheets available${NC}"
|
|
fi
|
|
|
|
echo ""
|
|
echo -e "${GREEN}🎉 Offline help system ready!${NC}"
|
|
}
|
|
|
|
show_pdf_workflow() {
|
|
echo -e "${CYAN}📄 PDF Analysis Workflow${NC}"
|
|
echo "========================"
|
|
echo ""
|
|
echo -e "${GREEN}Step 1: Initial Analysis${NC}"
|
|
echo " pdfid.py document.pdf # Quick overview"
|
|
echo " file document.pdf # File type check"
|
|
echo ""
|
|
echo -e "${GREEN}Step 2: Detailed Analysis${NC}"
|
|
echo " pdf-parser.py document.pdf # Structure analysis"
|
|
echo " peepdf -i document.pdf # Interactive analysis"
|
|
echo ""
|
|
echo -e "${GREEN}Step 3: Security Measures${NC}"
|
|
echo " pdftk document.pdf output safe.pdf flatten # Remove JavaScript"
|
|
echo " qpdf --decrypt encrypted.pdf decrypted.pdf # Remove password"
|
|
echo ""
|
|
echo -e "${GREEN}Step 4: Deep Inspection${NC}"
|
|
echo " strings document.pdf | grep -i javascript # Find suspicious strings"
|
|
echo " exiftool document.pdf # Extract metadata"
|
|
echo " convert document.pdf[0] preview.png # Safe preview"
|
|
echo ""
|
|
echo -e "${YELLOW}For more examples: fhelp cheat pdf${NC}"
|
|
}
|
|
|
|
show_malware_workflow() {
|
|
echo -e "${CYAN}🦠 Malware Analysis Workflow${NC}"
|
|
echo "============================"
|
|
echo ""
|
|
echo -e "${GREEN}Step 1: File Identification${NC}"
|
|
echo " file suspicious.exe # Identify file type"
|
|
echo " exiftool suspicious.exe # Extract metadata"
|
|
echo ""
|
|
echo -e "${GREEN}Step 2: Static Analysis${NC}"
|
|
echo " strings -n 8 malware.bin # Extract strings"
|
|
echo " capa malware.exe # Detect capabilities"
|
|
echo " binwalk malware.bin # Analyze binary structure"
|
|
echo ""
|
|
echo -e "${GREEN}Step 3: Document Analysis${NC}"
|
|
echo " oledump.py document.doc # Office documents"
|
|
echo " rtfdump.py document.rtf # RTF documents"
|
|
echo " box-js suspicious.js # JavaScript sandbox"
|
|
echo ""
|
|
echo -e "${GREEN}Step 4: Data Extraction${NC}"
|
|
echo " base64dump.py encoded.txt # Base64 content"
|
|
echo " foremost -t exe,dll -i image.dd # File carving"
|
|
echo ""
|
|
echo -e "${YELLOW}For more examples: fhelp cheat malware${NC}"
|
|
}
|
|
|
|
show_all() {
|
|
echo -e "${CYAN}🔍 Complete Help System Overview${NC}"
|
|
echo "================================="
|
|
echo ""
|
|
|
|
show_tools "analysis"
|
|
echo ""
|
|
echo -e "${CYAN}Available Workflows:${NC}"
|
|
echo " • PDF Analysis (fhelp pdf)"
|
|
echo " • Malware Analysis (fhelp malware)"
|
|
echo ""
|
|
|
|
if [[ -d "$CHEAT_DIR" ]]; then
|
|
echo -e "${CYAN}Available Cheat Sheets:${NC}"
|
|
ls -1 "$CHEAT_DIR"/*.cheat 2>/dev/null | sed 's|.*/||; s|\.cheat$||' | sed 's/^/ • /'
|
|
echo ""
|
|
fi
|
|
|
|
show_offline_status
|
|
}
|
|
|
|
# Main command parsing
|
|
case "${1:-}" in
|
|
"tools")
|
|
shift
|
|
show_tools "$@"
|
|
;;
|
|
"cheat")
|
|
shift
|
|
show_cheat "$@"
|
|
;;
|
|
"quick")
|
|
shift
|
|
show_quick "$@"
|
|
;;
|
|
"examples")
|
|
show_examples
|
|
;;
|
|
"pdf")
|
|
show_pdf_workflow
|
|
;;
|
|
"malware")
|
|
show_malware_workflow
|
|
;;
|
|
"forensics")
|
|
echo -e "${YELLOW}⚠️ Forensics workflow not yet implemented${NC}"
|
|
echo "Try: fhelp malware or fhelp pdf"
|
|
;;
|
|
"--offline")
|
|
show_offline_status
|
|
;;
|
|
"--all")
|
|
show_all
|
|
;;
|
|
"--help"|"-h"|"help"|"")
|
|
show_main_help
|
|
;;
|
|
*)
|
|
echo -e "${RED}Unknown option: $1${NC}"
|
|
echo ""
|
|
show_main_help
|
|
;;
|
|
esac |