From a45cde44f4bb841c948256372bdc5621bd627e82 Mon Sep 17 00:00:00 2001 From: Ads Dawson <104169244+GangGreenTemperTatum@users.noreply.github.com> Date: Thu, 7 Nov 2024 08:05:53 -0500 Subject: [PATCH] chore: backhaul categories for robopages --- coding/python/exec.yml | 8 ++++++-- cybersecurity/cicd/trufflehog.yml | 6 ++++++ cybersecurity/defensive/incident-response/splunk.yml | 5 +++++ cybersecurity/defensive/malware/virustotal.yml | 6 ++++++ .../offensive/information-gathering/arjun.yml | 5 +++++ .../information-gathering/dns-enumeration.yml | 5 +++++ .../offensive/information-gathering/feroxbuster.yml | 5 +++++ .../offensive/information-gathering/graphinder.yml | 5 +++++ .../offensive/information-gathering/httpx.yml | 5 +++++ .../offensive/information-gathering/katana.yml | 5 +++++ .../offensive/information-gathering/nmap.yml | 11 ++++++++--- cybersecurity/offensive/web-exploitation/nikto.yml | 5 +++++ cybersecurity/offensive/web-exploitation/nuclei.yml | 5 +++++ cybersecurity/offensive/web-exploitation/sqlmap.yml | 6 ++++++ cybersecurity/offensive/web-exploitation/wpscan.yml | 8 +++++++- cybersecurity/reverse-engineering/strings.yml | 6 ++++++ cybersecurity/reverse-engineering/symbols.yml | 6 ++++++ utilities/web.yml | 5 +++++ 18 files changed, 101 insertions(+), 6 deletions(-) diff --git a/coding/python/exec.yml b/coding/python/exec.yml index 43d1f13..e1f3396 100644 --- a/coding/python/exec.yml +++ b/coding/python/exec.yml @@ -1,5 +1,9 @@ description: A set of functions to execute python code in various flavors. +categories: + - coding + - python + functions: python_exec: description: Execute python code. @@ -14,10 +18,10 @@ functions: - 'import requests; print(requests.post("https://example.com", data={"key": "value"}).text)' - | import random - + def generate_random_numbers(n): return [random.randint(1, 100) for _ in range(n)] - + numbers = generate_random_numbers(10) print(f"Generated numbers: {numbers}") print(f"Sum of numbers: {sum(numbers)}") diff --git a/cybersecurity/cicd/trufflehog.yml b/cybersecurity/cicd/trufflehog.yml index a9e431d..5ab2f2b 100644 --- a/cybersecurity/cicd/trufflehog.yml +++ b/cybersecurity/cicd/trufflehog.yml @@ -1,5 +1,11 @@ description: TruffleHog is the most powerful secrets Discovery, Classification, Validation, and Analysis tool. In this context secret refers to a credential a machine uses to authenticate itself to another machine. This includes API keys, database passwords, private encryption keys, and more. +categories: + - cicd + - secrets + - information-gathering + - reconnaissance + functions: trufflehog_scan: description: Scan a GitHub repository for secrets using TruffleHog. diff --git a/cybersecurity/defensive/incident-response/splunk.yml b/cybersecurity/defensive/incident-response/splunk.yml index d1c5500..c14a488 100644 --- a/cybersecurity/defensive/incident-response/splunk.yml +++ b/cybersecurity/defensive/incident-response/splunk.yml @@ -1,5 +1,10 @@ description: Splunk is a platform for searching, monitoring, and analyzing machine-generated big data via a web-style interface. +categories: + - incident-response + - logging + - monitoring + functions: splunk_search: description: Perform a search query on Splunk. diff --git a/cybersecurity/defensive/malware/virustotal.yml b/cybersecurity/defensive/malware/virustotal.yml index 6f38d56..a420893 100644 --- a/cybersecurity/defensive/malware/virustotal.yml +++ b/cybersecurity/defensive/malware/virustotal.yml @@ -1,5 +1,11 @@ description: Analyse suspicious files, domains, IPs and URLs to detect malware and other breaches, automatically share them with the security community. You will require a VT API key to use this robopage. +categories: + - incident-response + - binary-analysis + - malware-analysis + - forensics + functions: virustotal_hash_lookup: description: Lookup a given hash with VirusTotal. diff --git a/cybersecurity/offensive/information-gathering/arjun.yml b/cybersecurity/offensive/information-gathering/arjun.yml index b03336f..f1a1631 100644 --- a/cybersecurity/offensive/information-gathering/arjun.yml +++ b/cybersecurity/offensive/information-gathering/arjun.yml @@ -1,5 +1,10 @@ description: Web applications use parameters (or queries) to accept user input. Arjun finds valid HTTP parameters with a huge default dictionary of 10,985 parameter names. +categories: + - information-gathering + - reconnaissance + - osint + functions: arjun_target_scan: description: Run Arjun against a single target. diff --git a/cybersecurity/offensive/information-gathering/dns-enumeration.yml b/cybersecurity/offensive/information-gathering/dns-enumeration.yml index 49b6d2c..e9293a8 100644 --- a/cybersecurity/offensive/information-gathering/dns-enumeration.yml +++ b/cybersecurity/offensive/information-gathering/dns-enumeration.yml @@ -1,5 +1,10 @@ description: This page uses Legba for DNS enumeration. +categories: + - information-gathering + - reconnaissance + - dns-enumeration + functions: enum_host_subdomains: description: Enumerate subdomains of a target host. diff --git a/cybersecurity/offensive/information-gathering/feroxbuster.yml b/cybersecurity/offensive/information-gathering/feroxbuster.yml index f930bfd..7e54df2 100644 --- a/cybersecurity/offensive/information-gathering/feroxbuster.yml +++ b/cybersecurity/offensive/information-gathering/feroxbuster.yml @@ -1,5 +1,10 @@ description: feroxbuster is a tool designed to perform Forced Browsing. Forced browsing is an attack where the aim is to enumerate and access resources that are not referenced by the web application, but are still accessible by an attacker. +categories: + - information-gathering + - reconnaissance + - http + functions: feroxbuster_bruteforce_file_extensions: description: "Brute-forces .pdf, .js, .html, .php, .txt, .json, and .docx lookups to each target with Burp proxy." diff --git a/cybersecurity/offensive/information-gathering/graphinder.yml b/cybersecurity/offensive/information-gathering/graphinder.yml index 011f049..e8e8bc4 100644 --- a/cybersecurity/offensive/information-gathering/graphinder.yml +++ b/cybersecurity/offensive/information-gathering/graphinder.yml @@ -1,5 +1,10 @@ description: Graphinder is a tool that extracts all GraphQL endpoints from a given domain. +categories: + - information-gathering + - reconnaissance + - graphql + functions: graphinder_url_scan: description: Extract all GraphQL endpoints from a given domain. diff --git a/cybersecurity/offensive/information-gathering/httpx.yml b/cybersecurity/offensive/information-gathering/httpx.yml index d627a39..dbc7595 100644 --- a/cybersecurity/offensive/information-gathering/httpx.yml +++ b/cybersecurity/offensive/information-gathering/httpx.yml @@ -1,5 +1,10 @@ description: httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library. It is designed to maintain result reliability with an increased number of threads. +categories: + - information-gathering + - reconnaissance + - http + functions: httpx_tech_detect: description: Run multiple HTTP probes on a target to fingerprint the web technology stack. diff --git a/cybersecurity/offensive/information-gathering/katana.yml b/cybersecurity/offensive/information-gathering/katana.yml index 4931981..c3918da 100644 --- a/cybersecurity/offensive/information-gathering/katana.yml +++ b/cybersecurity/offensive/information-gathering/katana.yml @@ -1,5 +1,10 @@ description: Katana is a fast crawler focused on execution in automation pipelines offering both headless and non-headless crawling. +categories: + - information-gathering + - reconnaissance + - crawler + functions: katana_headless_crawler: description: "Crawls a target or list of targets in headless mode" diff --git a/cybersecurity/offensive/information-gathering/nmap.yml b/cybersecurity/offensive/information-gathering/nmap.yml index faafc23..1dc366e 100644 --- a/cybersecurity/offensive/information-gathering/nmap.yml +++ b/cybersecurity/offensive/information-gathering/nmap.yml @@ -3,6 +3,11 @@ description: > The output from Nmap is a list of scanned targets, with supplemental information on each depending on the options used. Key among that information is the "interesting ports table".. That table lists the port number and protocol, service name, and state. The state is either open, filtered, closed, or unfiltered. Open. means that an application on the target machine is listening for connections/packets on that port. Filtered. means that a firewall, filter, or other network obstacle is blocking the port so that Nmap cannot tell whether it is open or closed. Closed. ports have no application listening on them, though they could open up at any time. Ports are classified as unfiltered. when they are responsive to Nmap's probes, but Nmap cannot determine whether they are open or closed. Nmap reports the state combinations open|filtered. and closed|filtered. when it cannot determine which of the two states describe a port. The port table may also include software version details when version detection has been requested. When an IP protocol scan is requested (-sO), Nmap provides information on supported IP protocols rather than listening ports. In addition to the interesting ports table, Nmap can provide further information on targets, including reverse DNS names, operating system guesses, device types, and MAC addresses. +categories: + - information-gathering + - reconnaissance + - networking + functions: nmap_tcp_ports_syn_scan: description: Scan one or more targets for the list of common TCP ports using a TCP SYN scan. @@ -16,7 +21,7 @@ functions: - scanme.nmap.org container: - build: + build: path: ${cwd}/nmap.Dockerfile name: nmap_local args: @@ -44,7 +49,7 @@ functions: - scanme.nmap.org container: - build: + build: path: ${cwd}/nmap.Dockerfile name: nmap_local args: @@ -57,4 +62,4 @@ functions: - nmap - -sU - -A - - ${target} \ No newline at end of file + - ${target} \ No newline at end of file diff --git a/cybersecurity/offensive/web-exploitation/nikto.yml b/cybersecurity/offensive/web-exploitation/nikto.yml index e5bb35d..5b3bffd 100644 --- a/cybersecurity/offensive/web-exploitation/nikto.yml +++ b/cybersecurity/offensive/web-exploitation/nikto.yml @@ -1,5 +1,10 @@ description: Scan web server for known vulnerabilities. +categories: + - web-exploitation + - reconnaissance + - http + functions: nikto_scan: description: Scan a specific target web server for known vulnerabilities. diff --git a/cybersecurity/offensive/web-exploitation/nuclei.yml b/cybersecurity/offensive/web-exploitation/nuclei.yml index a02b023..859b994 100644 --- a/cybersecurity/offensive/web-exploitation/nuclei.yml +++ b/cybersecurity/offensive/web-exploitation/nuclei.yml @@ -1,5 +1,10 @@ description: Nuclei is a modern, high-performance vulnerability scanner that leverages simple YAML-based templates. It empowers you to design custom vulnerability detection scenarios that mimic real-world conditions, leading to zero false positives. +categories: + - web-exploitation + - reconnaissance + - http + functions: nuclei_basic_scan: description: Default templates on a single target diff --git a/cybersecurity/offensive/web-exploitation/sqlmap.yml b/cybersecurity/offensive/web-exploitation/sqlmap.yml index 2b5dfb8..3b5eac5 100644 --- a/cybersecurity/offensive/web-exploitation/sqlmap.yml +++ b/cybersecurity/offensive/web-exploitation/sqlmap.yml @@ -1,5 +1,11 @@ description: Automatic SQL injection tool. +categories: + - web-exploitation + - reconnaissance + - sql + - injection + functions: sqlmap_scan: description: Scan a specific target for SQL injection vulnerabilities. diff --git a/cybersecurity/offensive/web-exploitation/wpscan.yml b/cybersecurity/offensive/web-exploitation/wpscan.yml index 78f03b0..2cd8c29 100644 --- a/cybersecurity/offensive/web-exploitation/wpscan.yml +++ b/cybersecurity/offensive/web-exploitation/wpscan.yml @@ -1,6 +1,12 @@ description: WPScan scans for vulnerabilities in websites running WordPress. # https://wpscan.com/blog/wpscan-cli-cheat-sheet-poster/ +categories: + - web-exploitation + - reconnaissance + - http + - wordpress + functions: wpscan_scan: description: Scan a specific domain for WordPress plugins with vulnerabilities. @@ -34,7 +40,7 @@ functions: image: wpscanteam/wpscan args: - --net=host - + cmdline: - wpscan - --url diff --git a/cybersecurity/reverse-engineering/strings.yml b/cybersecurity/reverse-engineering/strings.yml index 273212a..93cadc7 100644 --- a/cybersecurity/reverse-engineering/strings.yml +++ b/cybersecurity/reverse-engineering/strings.yml @@ -1,5 +1,11 @@ description: The best reverse engineering tool that's ever been created. +categories: + - reverse-engineering + - binary-analysis + - malware-analysis + - forensics + functions: print_strings_in_file: description: Find the printable strings in a file. diff --git a/cybersecurity/reverse-engineering/symbols.yml b/cybersecurity/reverse-engineering/symbols.yml index 9a97409..47110cb 100644 --- a/cybersecurity/reverse-engineering/symbols.yml +++ b/cybersecurity/reverse-engineering/symbols.yml @@ -1,5 +1,11 @@ description: Function to print exported and imported symbols from a binary. +categories: + - reverse-engineering + - binary-analysis + - malware-analysis + - forensics + functions: print_exported_symbols_in_file: description: Find the exported symbols in an executable file or a library. diff --git a/utilities/web.yml b/utilities/web.yml index 290aed4..554eb83 100644 --- a/utilities/web.yml +++ b/utilities/web.yml @@ -1,5 +1,10 @@ description: A set of web related utilities. +categories: + - utilities + - web + - http + functions: http_get: description: Perform an HTTP GET request to a given URL.