dreadnode · GangGreenTemperTatum · Nov 7, 2024 · Nov 7, 2024 · Nov 8, 2024 · Nov 8, 2024
@@ -1,5 +1,9 @@
 description: A set of functions to execute python code in various flavors.
 
+categories:
+  - coding
+  - python
+
 functions:
   python_exec:
     description: Execute python code.
@@ -14,10 +18,10 @@ functions:
           - 'import requests; print(requests.post("https://example.com", data={"key": "value"}).text)'
           - |
             import random
-            
+
             def generate_random_numbers(n):
                 return [random.randint(1, 100) for _ in range(n)]
-            
+
             numbers = generate_random_numbers(10)
             print(f"Generated numbers: {numbers}")
             print(f"Sum of numbers: {sum(numbers)}")

@@ -1,5 +1,9 @@
 description: TruffleHog is the most powerful secrets Discovery, Classification, Validation, and Analysis tool. In this context secret refers to a credential a machine uses to authenticate itself to another machine. This includes API keys, database passwords, private encryption keys, and more.
 
+categories:
+  - cybersecurity
+  - cicd
+
 functions:
   trufflehog_scan:
     description: Scan a GitHub repository for secrets using TruffleHog.

@@ -1,5 +1,10 @@
 description: Splunk is a platform for searching, monitoring, and analyzing machine-generated big data via a web-style interface.
 
+categories:
+  - cybersecurity
+  - defensive
+  - incident-response
+
 functions:
   splunk_search:
     description: Perform a search query on Splunk.

@@ -1,5 +1,10 @@
 description: Analyse suspicious files, domains, IPs and URLs to detect malware and other breaches, automatically share them with the security community. You will require a VT API key to use this robopage.
 
+categories:
+  - cybersecurity
+  - defensive
+  - malware
+
 functions:
   virustotal_hash_lookup:
     description: Lookup a given hash with VirusTotal.

@@ -1,9 +1,9 @@
 description: The OWASP Amass Project performs network mapping of attack surfaces and external asset discovery using open source information gathering and active reconnaissance techniques.
 
 categories:
+  - cybersecurity
+  - offensive
   - information-gathering
-  - reconnaissance
-  - dns-enumeration
 
 functions:
   amass_enum:

@@ -1,5 +1,10 @@
 description: Web applications use parameters (or queries) to accept user input. Arjun finds valid HTTP parameters with a huge default dictionary of 10,985 parameter names.
 
+categories:
+  - cybersecurity
+  - offensive
+  - information-gathering
+
 functions:
   arjun_target_scan:
     description: Run Arjun against a single target.

@@ -1,5 +1,11 @@
 description: This page uses Legba for DNS enumeration.
 
+categories:
+  - cybersecurity
+  - offensive
+  - information-gathering
+
+
 functions:
   enum_host_subdomains:
     description: Enumerate subdomains of a target host.

@@ -1,5 +1,10 @@
 description: feroxbuster is a tool designed to perform Forced Browsing. Forced browsing is an attack where the aim is to enumerate and access resources that are not referenced by the web application, but are still accessible by an attacker.
 
+categories:
+  - cybersecurity
+  - offensive
+  - information-gathering
+
 functions:
   feroxbuster_bruteforce_file_extensions:
     description: "Brute-forces .pdf, .js, .html, .php, .txt, .json, and .docx lookups to each target with Burp proxy."

@@ -1,5 +1,10 @@
 description: Graphinder is a tool that extracts all GraphQL endpoints from a given domain.
 
+categories:
+  - cybersecurity
+  - offensive
+  - information-gathering
+
 functions:
   graphinder_url_scan:
     description: Extract all GraphQL endpoints from a given domain.

@@ -1,5 +1,10 @@
 description: httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library. It is designed to maintain result reliability with an increased number of threads.
 
+categories:
+  - cybersecurity
+  - offensive
+  - information-gathering
+
 functions:
   httpx_tech_detect:
     description: Run multiple HTTP probes on a target to fingerprint the web technology stack.

@@ -1,5 +1,10 @@
 description: Katana is a fast crawler focused on execution in automation pipelines offering both headless and non-headless crawling.
 
+categories:
+  - cybersecurity
+  - offensive
+  - information-gathering
+
 functions:
   katana_headless_crawler:
     description: "Crawls a target or list of targets in headless mode"

@@ -3,6 +3,11 @@ description: >
   The output from Nmap is a list of scanned targets, with supplemental information on each depending on the options used. Key among that information is the "interesting ports table".. That table lists the port number and protocol, service name, and state. The state is either open, filtered, closed, or unfiltered. Open. means that an application on the target machine is listening for connections/packets on that port. Filtered. means that a firewall, filter, or other network obstacle is blocking the port so that Nmap cannot tell whether it is open or closed. Closed. ports have no application listening on them, though they could open up at any time. Ports are classified as unfiltered. when they are responsive to Nmap's probes, but Nmap cannot determine whether they are open or closed. Nmap reports the state combinations open|filtered. and closed|filtered. when it cannot determine which of the two states describe a port. The port table may also include software version details when version detection has been requested. When an IP protocol scan is requested (-sO), Nmap provides information on supported IP protocols rather than listening ports.
   In addition to the interesting ports table, Nmap can provide further information on targets, including reverse DNS names, operating system guesses, device types, and MAC addresses.
 
+categories:
+  - cybersecurity
+  - offensive
+  - information-gathering
+
 functions:
   nmap_tcp_ports_syn_scan:
     description: Scan one or more targets for the list of common TCP ports using a TCP SYN scan.
@@ -16,7 +21,7 @@ functions:
           - scanme.nmap.org
 
     container:
-      build: 
+      build:
         path: ${cwd}/nmap.Dockerfile
         name: nmap_local
       args:
@@ -44,7 +49,7 @@ functions:
           - scanme.nmap.org
 
     container:
-      build: 
+      build:
         path: ${cwd}/nmap.Dockerfile
         name: nmap_local
       args:
@@ -57,4 +62,4 @@ functions:
       - nmap
       - -sU
       - -A
-      - ${target}      
+      - ${target}
@@ -1,5 +1,10 @@
 description: Scan web server for known vulnerabilities.
 
+categories:
+  - cybersecurity
+  - offensive
+  - web-exploitation
+
 functions:
   nikto_scan:
     description: Scan a specific target web server for known vulnerabilities.

@@ -1,5 +1,10 @@
 description: Nuclei is a modern, high-performance vulnerability scanner that leverages simple YAML-based templates. It empowers you to design custom vulnerability detection scenarios that mimic real-world conditions, leading to zero false positives.
 
+categories:
+  - cybersecurity
+  - offensive
+  - web-exploitation
+
 functions:
   nuclei_basic_scan:
     description: Default templates on a single target

@@ -1,5 +1,10 @@
 description: Automatic SQL injection tool.
 
+categories:
+  - cybersecurity
+  - offensive
+  - web-exploitation
+
 functions:
   sqlmap_scan:
     description: Scan a specific target for SQL injection vulnerabilities.

@@ -1,6 +1,11 @@
 description: WPScan scans for vulnerabilities in websites running WordPress.
 # https://wpscan.com/blog/wpscan-cli-cheat-sheet-poster/
 
+categories:
+  - cybersecurity
+  - offensive
+  - web-exploitation
+
 functions:
   wpscan_scan:
     description: Scan a specific domain for WordPress plugins with vulnerabilities.
@@ -34,7 +39,7 @@ functions:
       image: wpscanteam/wpscan
       args:
         - --net=host
-    
+
     cmdline:
       - wpscan
       - --url

diff --git a/cybersecurity/reverse-engineering/strings.yml b/cybersecurity/reverse-engineering/strings.yml
@@ -1,4 +1,12 @@
-description: The best reverse engineering tool that's ever been created.
+description: |
+  The best reverse engineering tool that's ever been created.
+  Strings looks for ASCII strings in a binary file or standard input.  Strings is useful for identifying random object files and many other things.  A string is any sequence of 4 (the default) or
+  more printing characters [ending at, but not including, any other character or EOF].
+
+categories:
+  - cybersecurity
+  - offensive
+  - reverse-engineering
 
 functions:
   print_strings_in_file:
@@ -12,5 +20,5 @@ functions:
           - /Applications/Firefox.app/Contents/MacOS/firefox
 
     cmdline:
-      - /usr/bin/strings
+      - strings
       - ${file_path}
@@ -1,5 +1,10 @@
 description: Function to print exported and imported symbols from a binary.
 
+categories:
+  - cybersecurity
+  - offensive
+  - reverse-engineering
+
 functions:
   print_exported_symbols_in_file:
     description: Find the exported symbols in an executable file or a library.

@@ -1,5 +1,8 @@
 description: A set of web related utilities.
 
+categories:
+  - utilities
+
 functions:
   http_get:
     description: Perform an HTTP GET request to a given URL.