irt/docker_file_analysis
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
6e1c77813ceb67e7efa4518837acc46a6b9d2e7e
docker_file_analysis/scripts/create-accurate-tools-db.sh
Tobias Kessels b98aaee3e0 Major repository cleanup and enhancement 
- Reorganize documentation: moved old docs to docs/ directory
- Add comprehensive README.md with build options and usage guide
- Add detailed CONTRIBUTING.md with help content management guide
- Create Makefile for automated building and testing
- Add Dockerfile.scratch for building from Ubuntu 20.04 base
- Enhance all Dockerfiles with PowerShell + PSScriptAnalyzer
- Add modern shells: zsh (with plugins) and fish (with config)
- Add modern CLI tools: fd-find, ripgrep, fzf
- Create comprehensive help system with cheat/TLDR/fish completions
- Add helper scripts for help content management and coverage checking
- Fix Dockerfile.remnux script references
- Support three build variants: upstream (REMnux), scratch (Ubuntu), kali

Build options:
  - make build-upstream: Fast, uses REMnux upstream (recommended)
  - make build-scratch: Full control, builds from Ubuntu 20.04
  - make build-kali: Legacy Kali Linux base

Features:
  - PowerShell with PSScriptAnalyzer module
  - Modern shells (zsh, fish) with custom configurations
  - Enhanced help system (cheat sheets, TLDR pages, fish completions)
  - Help coverage checking and bulk import tools
  - Comprehensive documentation for users and contributors
2025-10-01 11:45:56 +02:00

112 lines
5.3 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
# Create accurate tools database for REMnux-based container
# This script only includes tools that actually exist in the container
# with their correct command names and practical usage examples
set -e
DOCS_DIR="/opt/remnux-docs"
TOOLS_DB="/opt/remnux-docs/tools.db"
echo "🔧 Creating accurate tools database..."
# Create documentation directory
mkdir -p "$DOCS_DIR"
# Create the tools database with verified tools
cat > "$TOOLS_DB" << 'EOF'
# REMnux Enhanced Tools Database
# Format: TOOL_NAME|DESCRIPTION|CATEGORY|USAGE_EXAMPLE|AVAILABLE
# Only includes tools verified to be available in container
# PDF Analysis Tools
pdf-parser.py|Parse and analyze PDF structure and objects|analyze documents pdf|pdf-parser.py suspicious.pdf|✓
pdfid.py|Identify suspicious elements in PDF files|analyze documents pdf|pdfid.py document.pdf|✓
peepdf|Interactive PDF analysis framework with JavaScript detection|analyze documents pdf|peepdf -i malicious.pdf|✓
pdftk|Manipulate PDF files (merge, split, encrypt)|analyze documents pdf|pdftk input.pdf output output.pdf flatten|✓
qpdf|PDF manipulation tool (merge, convert, transform)|analyze documents pdf|qpdf --decrypt encrypted.pdf output.pdf|✓
pdfresurrect|Extract previous versions from PDF files|analyze documents pdf|pdfresurrect document.pdf|✓
pdftool.py|Analyze PDF incremental updates|analyze documents pdf|pdftool.py document.pdf|✓
# Malware Analysis Tools
capa|Detect malware capabilities using MITRE ATT&CK framework|malware analysis|capa malware.exe|✓
box-js|JavaScript sandbox for malware analysis|malware analysis|box-js --output-dir=/tmp suspicious.js|✓
oletools|Office document analysis suite (oledump.py, rtfdump.py, etc)|malware analysis|oledump.py document.doc|✓
oledump.py|Analyze OLE files (Office documents)|malware analysis|oledump.py document.xls|✓
rtfdump.py|Analyze RTF documents|malware analysis|rtfdump.py document.rtf|✓
emldump.py|Analyze EML email files|malware analysis|emldump.py message.eml|✓
base64dump.py|Extract and decode base64 strings|malware analysis|base64dump.py document.txt|✓
strings|Extract printable strings from files|malware analysis|strings -n 10 binary.exe|✓
hexdump|Display file content in hexadecimal|malware analysis|hexdump -C binary.dat|✓
xxd|Create hex dump or reverse it|malware analysis|xxd binary.exe|✓
# Data Analysis Tools
visidata|Interactive data exploration and analysis|data analysis|vd data.csv|✓
unfurl|URL analysis and extraction tool|data analysis|echo "http://example.com/path" | unfurl|✓
# Origami PDF Tools (Ruby-based)
pdfcop|Examine PDF file structure using Origami|analyze documents pdf|ruby -e "require 'origami'; puts Origami::PDF.read('file.pdf').info"|⚠
pdfextract|Extract objects from PDF using Origami|analyze documents pdf|pdfextract document.pdf|⚠
pdfmetadata|Extract PDF metadata using Origami|analyze documents pdf|pdfmetadata document.pdf|⚠
# File Format Tools
exiftool|Extract metadata from files|general utilities|exiftool document.pdf|✓
file|Determine file type|general utilities|file suspicious.dat|✓
binwalk|Analyze and extract firmware images|malware analysis|binwalk firmware.bin|✓
foremost|File carving tool|forensics|foremost -t pdf,jpg -i disk.img|✓
# Text Processing
catdoc|Convert MS Word documents to text|view or edit files|catdoc document.doc|✓
docx2txt|Extract text from DOCX files|view or edit files|docx2txt document.docx|✓
unrtf|Convert RTF to other formats|view or edit files|unrtf --html document.rtf|✓
# Archive Tools
7z|7-Zip archiver with high compression|general utilities|7z x archive.7z|✓
unzip|Extract ZIP archives|general utilities|unzip archive.zip|✓
tar|Archive files|general utilities|tar -xzf archive.tar.gz|✓
# Network Analysis
tshark|Network protocol analyzer (Wireshark CLI)|network analysis|tshark -r capture.pcap|✓
tcpdump|Command-line packet analyzer|network analysis|tcpdump -r capture.pcap|✓
# System Tools
mc|Midnight Commander file manager|general utilities|mc|✓
htop|Interactive process viewer|general utilities|htop|✓
tree|Display directory structure as tree|general utilities|tree /path/to/directory|✓
# Image Processing
convert|ImageMagick convert tool|general utilities|convert input.pdf output.png|✓
identify|ImageMagick identify tool|general utilities|identify image.jpg|✓
# OCR Tools
tesseract|OCR text extraction|general utilities|tesseract image.png output|✓
# Container-Added Tools
curl|Transfer data from servers|network analysis|curl -L http://example.com|✓
wget|Download files from web|network analysis|wget http://example.com/file.pdf|✓
jq|JSON processor|data analysis|cat data.json | jq '.field'|✓
yq|YAML processor|data analysis|cat data.yaml | yq '.field'|✓
# Text Editors
vim|Vi/Vim text editor|view or edit files|vim filename.txt|✓
nano|Simple text editor|view or edit files|nano filename.txt|✓
# Python Tools Available
python3|Python 3 interpreter|general utilities|python3 script.py|✓
pip3|Python package installer|general utilities|pip3 install package|✓
EOF
echo "✅ Accurate tools database created at: $TOOLS_DB"
# Count tools
TOOL_COUNT=$(grep -c "^[^#]" "$TOOLS_DB" 2>/dev/null || echo "0")
echo "🔧 Indexed $TOOL_COUNT verified tools"
echo ""
echo "📝 Notes:"
echo " ✓ = Tool verified available"
echo " ⚠ = Tool may need different invocation or setup"
echo ""
echo "Usage: find-tool [search_term] to search through available tools"
Reference in New Issue View Git Blame Copy Permalink