irt/docker_file_analysis
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
ef4253c9a03bb7ec84f8f1891e3525d58a35ae3e
docker_file_analysis/docs/STREAMLINED_HELP_SYSTEM.md
Tobias Kessels b98aaee3e0 Major repository cleanup and enhancement 
- Reorganize documentation: moved old docs to docs/ directory
- Add comprehensive README.md with build options and usage guide
- Add detailed CONTRIBUTING.md with help content management guide
- Create Makefile for automated building and testing
- Add Dockerfile.scratch for building from Ubuntu 20.04 base
- Enhance all Dockerfiles with PowerShell + PSScriptAnalyzer
- Add modern shells: zsh (with plugins) and fish (with config)
- Add modern CLI tools: fd-find, ripgrep, fzf
- Create comprehensive help system with cheat/TLDR/fish completions
- Add helper scripts for help content management and coverage checking
- Fix Dockerfile.remnux script references
- Support three build variants: upstream (REMnux), scratch (Ubuntu), kali

Build options:
  - make build-upstream: Fast, uses REMnux upstream (recommended)
  - make build-scratch: Full control, builds from Ubuntu 20.04
  - make build-kali: Legacy Kali Linux base

Features:
  - PowerShell with PSScriptAnalyzer module
  - Modern shells (zsh, fish) with custom configurations
  - Enhanced help system (cheat sheets, TLDR pages, fish completions)
  - Help coverage checking and bulk import tools
  - Comprehensive documentation for users and contributors
2025-10-01 11:45:56 +02:00

4.8 KiB
Raw Blame History

Streamlined File Analysis Help System

🎯 Mission Accomplished!

Based on your test feedback and requirements, I've created a streamlined, reliable help system that focuses on what works: TLDR + Cheat, removing the problematic navi component.

Issues Fixed

Problems Resolved:

  1. Navi Removed - No more broken encoding, preview errors, or crashes
  2. TLDR Working Offline - Pre-populated cache with custom analysis tool pages
  3. Cheat Working Perfectly - Proper configuration, fhelp cheat integration
  4. All Your Original Tools Covered - pdfid.py, pdf-parser.py, peepdf, pdftk, capa, etc.

🛠️ What Works Now

PDF Analysis Tools (Your Original Focus):

# Quick reference
tldr pdfid.py          # Standard tldr format
tldr pdf-parser.py     # Command examples
tldr peepdf           # Interactive analysis

# Detailed cheat sheets  
fhelp cheat pdfid      # pdfid.py examples
fhelp cheat pdf-parser # PDF structure analysis
fhelp cheat pdftk      # PDF manipulation (flatten, etc.)
fhelp cheat pdf-analysis # Complete workflow

Malware Analysis Tools:

# Quick reference
tldr capa              # Malware capabilities
tldr box-js           # JavaScript sandbox

# Detailed workflows
fhelp cheat capa       # Capability detection
fhelp cheat malware-analysis # Complete workflow

Core Utilities:

# Downloaded from popular repos
fhelp cheat tar        # Archive examples
fhelp cheat 7z         # Compression
fhelp cheat grep       # Text search
fhelp cheat find       # File search

🎯 Key Features

1. Focused on Your Original Tools

  • pdfid.py - PDF suspicious element detection
  • pdf-parser.py - PDF structure analysis
  • peepdf - Interactive PDF analysis
  • pdftk - PDF flattening for security
  • capa - Malware capability detection
  • Plus all standard utilities

2. Security-Focused Examples

# PDF Security (Your Priority)
pdftk suspicious.pdf output safe.pdf flatten  # Remove JavaScript
qpdf --decrypt encrypted.pdf decrypted.pdf    # Remove passwords
convert document.pdf[0] preview.png           # Safe preview

3. Offline-Capable

  • No Internet Required - Everything works offline
  • Pre-populated TLDR Cache - Standard + custom analysis tools
  • Local Cheat Sheets - Downloaded from quality repos + custom ones

4. Multiple Interfaces

  • fhelp - Main help system with workflows
  • tldr - Quick command references
  • fhelp cheat - Detailed examples
  • fhelp examples - List all available help

📦 Usage

Build & Run:

# Build streamlined container
docker build -f Dockerfile.remnux -t tabledevil/file-analysis:streamlined .

# Run with help system
docker run -it tabledevil/file-analysis:streamlined

Inside Container:

# Main help and workflows
fhelp                    # Complete help menu
fhelp pdf               # PDF analysis workflow  
fhelp malware           # Malware analysis workflow

# Quick references
tldr pdfid.py           # Quick pdfid.py examples
tldr capa               # Quick capa examples

# Detailed examples  
fhelp cheat pdfid       # Comprehensive pdfid.py usage
fhelp cheat pdf-analysis # Complete PDF workflow
fhelp examples          # List all available help

📊 Resources Included

  • 15+ Cheat Sheets - Including your original analysis tools
  • 5+ Custom TLDR Pages - For analysis-specific tools
  • Complete Offline Cache - No network dependencies
  • Security-Focused Examples - PDF flattening, password removal
  • Workflow Guidance - Step-by-step analysis procedures

🏆 Test Results

Run comprehensive tests:

./test-streamlined-help.sh

Expected Results:

  • All basic help functions work
  • All fhelp cheat sheets work
  • TLDR functionality works (standard + custom)
  • All analysis tools available
  • Complete offline operation

🎉 Benefits Achieved

  1. Reliability - No more crashes or encoding issues
  2. Simplicity - Focused on tools that work consistently
  3. Completeness - All your original tools covered with examples
  4. Security Focus - Practical commands for safe PDF analysis
  5. Offline Operation - Works without internet connection
  6. Real Examples - Copy-pasteable commands for actual analysis

🚀 Ready for Production

The streamlined container is now production-ready with:

  • Removed problematic navi - No more crashes
  • Working TLDR integration - Both standard and custom pages
  • Reliable cheat system - Via fhelp cheat integration
  • Complete coverage - All your original analysis tools
  • Security examples - PDF flattening, password removal, etc.

Perfect for your file analysis workflow! 🎯

Reference in New Issue View Git Blame Copy Permalink