diff --git a/README.md b/README.md
index cfc2d14..eb0590f 100644
--- a/README.md
+++ b/README.md
@@ -1,56 +1,105 @@
- 
-
Containerized Security Toolkit (CST)
+
+
+ Containerized Security Toolkit (CST)
+
- Companion Blog •
- Docker Hub
- 
- 
- (ARM builds through CCI until ARM GHA runners are available)
+
+ 
+
+
+ 
+
+
+ 
+
+
+ Documentation •
+ Docker Hub
-
+A comprehensive suite of containerized security toolkits for various security operations
-This project contains two Dockerfiles for a multi-stage image build that results in an ARM (useful for Apple Silicon Macs) or x86_64 variants of a security focused docker image →
+
+ Build Status:
+ General:
+
+ 
+
+
+ 
+
+
+ Cloud:
+
+ 
+
+
+ 
+
+
+ Rice:
+
+
+
+
+ 
+
+
-- **Security Image for x86_64**
-- **Security Image for ARM64**
+## Overview
-The image is built automatically on via CI/CD pipelines and pushed to Docker Hub. The image is called `sec_docker` and it presents multiple tags →
+The Containerized Security Toolkit (CST) provides a comprehensive suite of Docker images tailored for various security operations. Each variant is designed for specific use cases while maintaining consistency in basic functionality:
-| | x86\_64 | ARM |
-| --- | --- | --- |
-| tag | `main` | `main_apple` |
-| image ref | `tanq16/sec_docker:main` | `tanq16/sec_docker:main_apple` |
+- **General** (`tanq16/cst-general:*`): Core security tools and utilities for general security operations
+- **Cloud** (`tanq16/cst-cloud:*`): Specialized for cloud security assessments and operations
+- **Dev** (`tanq16/cst-dev:*`): Development environment with security tools (Python, Go, Node.js) - WIP
+- **Netsec** (`tanq16/cst-netsec:*`): Network security assessment and monitoring tools - WIP
+- **Rice** (`tanq16/cst-rice:*`): Enhanced version of General with [CLI Productivity Suite](https://github.com/Tanq16/cli-productivity-suite)
-It has the [cli-productivity-suite](https://github.com/tanq16/cli-productivity-suite) preinstalled within the image. The [companion blog post](https://tanishq.page/blog/posts/cst-guide/) goes over using the pre-built image, building it with modifications, conventions considered when creating the Dockerfiles, and different ways it can be used.
+Each variant is available for both x86_64 and ARM64 architectures:
----
+```
+tanq16/cst-:amd # For x86_64 systems
+tanq16/cst-:arm # For ARM64 systems (Apple Silicon, etc.)
+```
+
+## Quickstart
-For a quick look into the container and its capabilities, built from this image, is as follows →
+Get started with the General variant in seconds:
```bash
-docker run --name="sec_docker_quickstart" --rm -it tanq16/sec_docker:main /bin/zsh
+# Create persistence directory
+mkdir -p $HOME/docker_work/
+
+# Run container (use general-arm for ARM64 systems)
+docker run --name="cst_general" \
+ -v $HOME/docker_work/:/persist \
+ --rm -it tanq16/cst-general:amd \
+ /bin/bash
```
-It is also recommended to run the following command (replace with your timezone in second line) after getting into the container →
+For advanced usage patterns, variant-specific guides, and comprehensive documentation:
+- 📚 [Full Documentation](https://tanishq.page/containerized-security-toolkit)
+- 🚀 [Advanced Workflows](https://tanishq.page/containerized-security-toolkit/advanced/workflows)
+- 🔧 [Tool Lists](https://tanishq.page/containerized-security-toolkit/tools/general-tools)
-```bash
-export TERM=xterm-256color && \
-echo "America/Chicago" > /etc/timezone && rm -rf /etc/localtime && \
-ln -s "/usr/share/zoneinfo/$(cat /etc/timezone)" /etc/localtime
-```
+## Key Features
+
+- 🔄 **Persistent Storage**: Mount local directories for data persistence
+- 🔒 **Secure Design**: Regular security updates and best practices
+- 🎯 **Purpose-Built**: Each variant optimized for specific security tasks
+- 🔧 **Rich Tooling**: Comprehensive set of pre-installed security tools
+- 📦 **Consistent Environment**: Reproducible setup across systems
+- 🖥️ **Cross-Platform**: Full support for both x86_64 and ARM64
-If you exit the shell, the container will be destroyed along with the information in the ephemeral filesystem. I recommend reading the [companion blog post](https://tanishq.page/blog/posts/cst-guide/) for a better workflow
+## Contributing
-There are several other nuances related to running the container, such as →
+Check out [contribution guidelines](https://tanishq.page/containerized-security-toolkit/home/contributing) for details on how to submit changes.
-- setting up a persistence diretcory across container restarts
-- using one-word shell functions to start and stop containers with customized settings
-- connecting to the container via SSH
-- dynamic port-forwarding over SSH to access container-local services
+## License
-All of the above nuances are comprehensively explained in the [companion blog post](https://tanishq.page/blog/posts/cst-guide/), especially the *Example Workflow* section.
+This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.
diff --git a/docs/advanced/build.md b/docs/advanced/build.md
new file mode 100644
index 0000000..8c73e91
--- /dev/null
+++ b/docs/advanced/build.md
@@ -0,0 +1,156 @@
+# DIY Build Guide
+
+The CST images can be customized and built locally. This guide explains the build process and customization options.
+
+## Basic Build Process
+
+CST uses a multi-stage build process for efficient image creation:
+
+1. **Builder Stage**
+ ```dockerfile
+ FROM ubuntu:jammy AS executable_builder
+ # Tool compilation and binary creation
+ ```
+
+2. **Final Stage**
+ ```dockerfile
+ FROM ubuntu:jammy
+ # System setup and tool installation
+ ```
+
+### Building Images
+
+Basic build commands:
+
+```bash
+# Change to variant directory
+cd images/
+
+# Build intermediate layer
+docker build -f builder.Dockerfile -t intermediate_builder .
+
+# Build final image
+docker build -t cst-:local .
+
+# Clean up
+docker builder prune -f
+```
+
+## Customization Options
+
+### Adding New Tools
+
+1. **Builder Stage Modifications**
+ ```dockerfile
+ # In builder.Dockerfile
+ RUN go install github.com/your/tool@latest && \
+ mv /go/bin/tool /executables/
+ ```
+
+2. **Final Stage Additions**
+ ```dockerfile
+ # In Dockerfile
+ RUN apt-get update && apt-get install -y \
+ your-additional-package
+
+ # Add custom scripts
+ COPY ./scripts/custom.sh /opt/scripts/
+ ```
+
+### Creating New Variants
+
+1. Create new variant directory:
+ ```bash
+ mkdir -p images/custom
+ cp images/general/* images/custom/
+ ```
+
+2. Modify Dockerfiles for specific needs:
+ ```dockerfile
+ # Add specialized tools
+ RUN apt-get update && apt-get install -y \
+ specialized-package
+
+ # Add custom configurations
+ COPY configs/ /etc/custom/
+ ```
+
+## Advanced Building
+
+### Cross-Platform Builds
+
+Building for multiple architectures:
+
+```bash
+# Setup buildx
+docker buildx create --use
+
+# Build multi-platform image
+docker buildx build \
+ --platform linux/amd64,linux/arm64 \
+ -t username/cst-custom:latest .
+```
+
+### Optimization Techniques
+
+1. **Layer Optimization**
+ ```dockerfile
+ # Combine related operations
+ RUN apt-get update && \
+ apt-get install -y \
+ package1 \
+ package2 && \
+ apt-get clean && \
+ rm -rf /var/lib/apt/lists/*
+ ```
+
+2. **Size Reduction**
+ ```dockerfile
+ # Use multi-stage builds
+ FROM build-image AS builder
+ # Build tools
+
+ FROM runtime-image
+ # Copy only necessary files
+ COPY --from=builder /app/binary /usr/local/bin/
+ ```
+
+## Testing Builds
+
+1. **Basic Testing**
+ ```bash
+ # Build test image
+ docker build -t cst-test .
+
+ # Run basic tests
+ docker run --rm cst-test which tool1 tool2 tool3
+ ```
+
+2. **Feature Testing**
+ ```bash
+ # Test specific features
+ docker run --rm cst-test \
+ bash -c "tool --version && tool --help"
+ ```
+
+## Best Practices
+
+1. **Version Control**
+ - Tag images with version numbers
+ - Document changes in changelog
+ - Use semantic versioning
+
+2. **Documentation**
+ - Update tool lists
+ - Document new features
+ - Include usage examples
+
+3. **Security**
+ - Scan images for vulnerabilities
+ - Update base images regularly
+ - Follow security best practices
+
+4. **Maintenance**
+ - Regular dependency updates
+ - Version compatibility checks
+ - Performance optimization
diff --git a/docs/advanced/shortcuts.md b/docs/advanced/shortcuts.md
new file mode 100644
index 0000000..64e8a59
--- /dev/null
+++ b/docs/advanced/shortcuts.md
@@ -0,0 +1,163 @@
+# Shell Shortcuts and Functions
+
+The CST environment can be enhanced with shell functions that streamline container management and daily operations. These functions provide a seamless workflow for starting, accessing, and managing CST containers.
+
+## Core Container Management
+
+The following shell functions handle container lifecycle management. Add these to your shell's RC file (`.bashrc`, `.zshrc`, etc.):
+
+```bash
+start_cst() {
+ # First argument is the variant name, defaulting to 'general'
+ variant=${1:-general}
+ arch=$(uname -m | grep -q "aarch64" && echo "arm" || echo "amd")
+
+ # Run container with SSH enabled and history persistence
+ docker run --name="cst_${variant}" --rm -d \
+ -v $HOME/docker_work/:/persist \
+ -p 50022:22 ${@:2} \
+ -it tanq16/cst-${variant}:${arch} \
+ bash -c "service ssh start; cp /persist/.bash_history /root/.bash_history 2>/dev/null; tail -f /dev/null"
+
+ # Generate and set SSH password
+ new_pass=$(cat /dev/random | head -c 20 | base64 | tr -d '=+/')
+ echo "Password: $new_pass"
+ echo $new_pass > current_docker_password
+ docker exec -e newpp="$new_pass" cst_${variant} bash -c 'echo "root:$(printenv newpp)" | chpasswd'
+}
+
+stop_cst() {
+ # Gracefully stop container and preserve history
+ variant=${1:-general}
+ docker cp cst_${variant}:/root/.bash_history $HOME/docker_work/.bash_history 2>/dev/null
+ docker stop cst_${variant} -t 0
+}
+```
+
+These functions provide:
+- Automatic architecture detection (ARM/AMD)
+- Command history persistence
+- SSH access with random password generation
+- Flexible port mapping
+- Volume mounting for persistence
+
+## Enhanced Access Functions
+
+Additional functions can improve container access and management:
+
+```bash
+connect_cst() {
+ # Direct shell access to running container
+ variant=${1:-general}
+ docker exec -it cst_${variant} /bin/bash
+}
+
+ssh_cst() {
+ # SSH into container with dynamic port forwarding
+ variant=${1:-general}
+ ssh -o "StrictHostKeyChecking=no" \
+ -o "UserKnownHostsFile=/dev/null" \
+ -D 65500 \
+ root@localhost -p 50022
+}
+
+port_cst() {
+ # Add port mapping to running container
+ variant=${1:-general}
+ host_port=$2
+ container_port=$3
+ docker exec cst_${variant} \
+ iptables -t nat -A DOCKER -p tcp --dport $container_port -j DNAT --to-destination :$host_port
+}
+```
+
+## Usage Examples
+
+Starting a Cloud variant container with extra port mapping:
+
+```bash
+start_cst cloud -p 50080:80 -p 50443:443
+```
+
+Accessing the container via SSH with dynamic port forwarding:
+
+```bash
+ssh_cst cloud
+```
+
+Adding port mapping to a running container:
+
+```bash
+port_cst general 8080 80
+```
+
+## Advanced Configuration Tips
+
+### Persistent Configurations
+
+Create a `.cst_config` file in your home directory:
+
+```bash
+# ~/.cst_config
+CST_PERSIST_DIR="$HOME/docker_work"
+CST_DEFAULT_PORTS="-p 50080:80 -p 50443:443"
+CST_EXTRA_MOUNTS="-v $HOME/.aws:/root/.aws"
+
+# Source this in your shell RC file
+if [ -f ~/.cst_config ]; then
+ source ~/.cst_config
+fi
+```
+
+### Shell Function Enhancements
+
+Extended start function with configurations:
+
+```bash
+start_cst_enhanced() {
+ variant=${1:-general}
+ docker run --name="cst_${variant}" --rm -d \
+ -v "${CST_PERSIST_DIR:-$HOME/docker_work}":/persist \
+ -p 50022:22 \
+ ${CST_DEFAULT_PORTS} \
+ ${CST_EXTRA_MOUNTS} \
+ ${@:2} \
+ -it tanq16/cst-${variant}:${arch} \
+ bash -c "service ssh start && tail -f /dev/null"
+}
+```
+
+## Best Practices
+
+1. **Resource Management**
+ Create cleanup functions for maintenance:
+ ```bash
+ cleanup_cst() {
+ docker ps -a | grep 'cst_' | awk '{print $1}' | xargs docker stop
+ docker container prune -f
+ }
+ ```
+
+2. **Development Workflow**
+ Mount development directories:
+ ```bash
+ start_cst dev \
+ -v ~/projects:/persist/projects \
+ -v ~/.gitconfig:/root/.gitconfig
+ ```
+
+3. **Network Security**
+ Use SSH dynamic port forwarding for securely accessing container-internal services:
+ ```bash
+ ssh -D 65500 root@localhost -p 50022
+ ```
+
+4. **Data Persistence**
+ Structure your persistent storage:
+ ```
+ docker_work/
+ ├── projects/
+ ├── .aws/
+ ├── .bash_history
+ └── configs/
+ ```
diff --git a/docs/advanced/ssh-tmux.md b/docs/advanced/ssh-tmux.md
new file mode 100644
index 0000000..377756e
--- /dev/null
+++ b/docs/advanced/ssh-tmux.md
@@ -0,0 +1,161 @@
+# SSH and TMUX Advanced Usage
+
+SSH and TMUX integration in CST provides a powerful environment for remote work and session management. This guide covers advanced usage patterns and configurations.
+
+## SSH Configuration
+
+### Dynamic Port Forwarding
+
+SSH dynamic port forwarding creates a SOCKS proxy for flexible access to container services:
+
+```bash
+ssh -D 65500 root@localhost -p 50022
+```
+
+This enables:
+- Browser proxy configuration
+- Tool traffic routing
+- Service access through proxy
+
+### Advanced SSH Configuration
+
+Create a dedicated SSH config for CST connections:
+
+```bash
+# ~/.ssh/config
+Host cst-*
+ User root
+ Port 50022
+ HostName localhost
+ StrictHostKeyChecking no
+ UserKnownHostsFile /dev/null
+ DynamicForward 65500
+```
+
+Usage becomes as simple as:
+
+```bash
+ssh cst-general
+```
+
+## TMUX Advanced Usage
+
+### Session Management
+
+CST's TMUX configuration provides enhanced session management:
+
+1. **Named Sessions**
+ ```bash
+ # Create new named session
+ tmux new -s security
+
+ # Attach to existing session
+ tmux attach -t security
+ ```
+
+2. **Workspace Organization**
+ ```bash
+ # Create development workspace
+ tmux new -s dev -n 'code' \; \
+ send-keys 'cd /persist/projects' C-m \; \
+ split-window -h \; \
+ send-keys 'htop' C-m \; \
+ new-window -n 'logs' \; \
+ send-keys 'tail -f /var/log/auth.log' C-m
+ ```
+
+### Custom Configurations
+
+The Rice variant includes an enhanced TMUX configuration. Create custom layouts:
+
+```bash
+# ~/.tmux.conf
+# Security assessment layout
+bind S source-file ~/.tmux/layouts/security
+
+# ~/.tmux/layouts/security
+split-window -v
+select-pane -t 1
+split-window -h
+select-pane -t 0
+send-keys 'nmap -v' C-m
+select-pane -t 1
+send-keys 'tail -f /var/log/auth.log' C-m
+select-pane -t 2
+send-keys 'htop' C-m
+```
+
+## Integration Patterns
+
+### SSH + TMUX Workflow
+
+1. **Persistent Sessions**
+ ```bash
+ # Start container
+ start_cst rice
+
+ # Connect and create session
+ ssh cst-rice -t tmux new -s work
+ ```
+
+2. **Session Sharing**
+ ```bash
+ # Allow multiple clients
+ tmux set-option -g allow-clients
+
+ # Connect additional shell
+ ssh cst-rice -t tmux attach -t work
+ ```
+
+### Advanced Use Cases
+
+1. **Development Environment**
+ ```bash
+ tmux new-session -s dev \; \
+ send-keys 'cd /persist/projects' C-m \; \
+ split-window -h \; \
+ send-keys 'docker stats' C-m \; \
+ split-window -v \; \
+ send-keys 'tail -f logs/*.log' C-m
+ ```
+
+2. **Monitoring Setup**
+ ```bash
+ tmux new-session -s monitor \; \
+ send-keys 'htop' C-m \; \
+ split-window -h \; \
+ send-keys 'watch docker ps' C-m \; \
+ split-window -v \; \
+ send-keys 'tail -f /var/log/*' C-m
+ ```
+
+## Best Practices
+
+1. **Session Naming**
+ Use consistent naming conventions:
+ - `dev-*` for development sessions
+ - `sec-*` for security assessment
+ - `mon-*` for monitoring
+
+2. **Window Management**
+ Organize windows by function:
+ - Main workspace window
+ - Monitoring window
+ - Log window
+ - Tool-specific windows
+
+3. **Pane Layout**
+ Design efficient layouts:
+ - Command input at top
+ - Logs at bottom
+ - Monitoring on side
+ - Status in corner
+
+4. **Key Bindings**
+ Configure task-specific bindings:
+ ```bash
+ # ~/.tmux.conf
+ bind-key M-s source-file ~/.tmux/layouts/security
+ bind-key M-d source-file ~/.tmux/layouts/development
+ bind-key M-m source-file ~/.tmux/layouts/monitoring
+ ```
diff --git a/docs/home/contributing.md b/docs/home/contributing.md
new file mode 100644
index 0000000..92adcb1
--- /dev/null
+++ b/docs/home/contributing.md
@@ -0,0 +1,113 @@
+# Contributing to CST
+
+Thank you for your interest in contributing to the Containerized Security Toolkit! This document provides guidelines for contributing to the project.
+
+## Getting Started
+
+1. Fork the repository
+2. Clone your fork:
+ ```bash
+ git clone https://github.com/YOUR-USERNAME/containerized-security-toolkit
+ ```
+3. Create a new branch:
+ ```bash
+ git checkout -b feature/your-feature-name
+ ```
+
+## Development Environment
+
+1. Install prerequisites:
+ - Docker
+ - Docker Buildx (if working cross-platform)
+
+2. Install documentation dependencies:
+ ```bash
+ pip install mkdocs-material
+ ```
+
+## Building Images
+
+To build images locally:
+
+```bash
+# For x86_64 or ARM64 systems
+cd images/$VARIANT
+docker build -f builder.Dockerfile -t intermediate_builder .
+docker build -t cst-:local .
+```
+
+To build ARM64 on x86_64 systems, use:
+
+```bash
+# For ARM64 on x86_64 systems
+docker buildx build --platform linux/arm64 -f builder.Dockerfile -t intermediate_builder .
+docker buildx build --platform linux/arm64 -t cst-:local .
+```
+
+## Project Structure
+
+```
+.
+├── docs/ # Documentation
+├── images/ # Dockerfile for each variant
+│ ├── general/
+│ ├── cloud/
+│ ├── dev/
+│ ├── netsec/
+│ └── rice/
+└── scripts/ # Build and utility scripts
+```
+
+## Coding Guidelines
+
+1. **Dockerfiles**
+ - Use multi-stage builds
+ - Group related installations
+ - Document non-obvious commands
+ - Follow best practices for size optimization
+
+2. **Documentation**
+ - Use clear, concise language
+ - Prefer short and bulleted information
+ - Keep formatting consistent
+ - Update relevant sections
+
+3. **Scripts**
+ - Include shebang line
+ - Add usage comments
+ - Make scripts portable
+ - Include error handling
+
+## Pull Request Process
+
+1. Update documentation for new features
+2. Ensure all tests pass
+3. Create succint PR description
+4. Link relevant issues (if any)
+
+## Testing
+
+Before submitting a PR:
+
+1. Build images locally
+2. Test basic functionality
+3. Verify installed tools work
+4. Verify documentation changes
+
+## Documentation
+
+When adding or modifying features:
+
+1. Update relevant documentation
+2. Add examples if appropriate
+3. Document any breaking changes
+
+## Questions?
+
+- Open an issue for discussion
+- Contact maintainers
+- Check existing documentation
+
+## License
+
+By contributing, you agree that your contributions will be licensed under the MIT License.
diff --git a/docs/home/conventions.md b/docs/home/conventions.md
new file mode 100644
index 0000000..a23b308
--- /dev/null
+++ b/docs/home/conventions.md
@@ -0,0 +1,84 @@
+# CST Conventions
+
+This document outlines the standard conventions used across all CST variants.
+
+## Directory Structure
+
+```
+/
+├── opt/
+│ ├── executables/ # Binary tools and utilities
+│ ├── tools/ # Tool-specific directories
+│ └── pyenv/ # Python virtual environment
+├── persist/ # Mount point for persistent storage
+└── root/ # User home directory
+```
+
+## Port Mapping Conventions
+
+When exposing ports from the container, follow these conventions:
+
+- SSH: `50022` (host) → `22` (container)
+- HTTP: `50080` (host) → `80` (container)
+- HTTPS: `50443` (host) → `443` (container)
+- Dynamic Ports: Start at `50000` + original port
+
+## Environment Variables
+
+Standard environment details used across variants:
+
+- `TERM=xterm-256color` (set this manually if not the case on launch)
+- Python environment at `/opt/pyenv/`
+- `PATH` includes `/opt/executables`
+
+## Tool Installation Locations
+
+- Binary tools: `/opt/executables/`
+- Python packages: `/opt/pyenv/`
+- Binaries: `/usr/bin/` & `/usr/local/bin/`
+
+## Persistent Storage
+
+- Mount point: `/persist/`
+- Recommended host location: `$HOME/docker_work/`
+- Used for:
+ - Project files
+ - Configuration files
+ - Shell history
+ - Tool configurations
+
+## SSH Configuration
+
+- Root login enabled for convenience
+- Password authentication enabled
+- Dynamic port forwarding supported
+- Custom port (`50022`) to avoid conflicts
+
+## Best Practices
+
+1. **Data Persistence**
+ - Store important data in `/persist/`
+ - Use version control for project files
+ - Back up configurations regularly
+
+2. **Resource Management**
+ - Clean up unused containers
+ - Prune Docker images periodically
+ - Monitor disk space usage
+
+3. **Security**
+ - Change SSH password for every run
+ - Use SSH keys when possible
+ - Keep host directory permissions restrictive
+
+4. **Workflow**
+ - Use shell functions for container management
+ - Maintain separate instances for different projects
+ - Document custom configurations
+
+## Version Control
+
+- Image versions only represent build time
+- Tools are always installed to their latest versions, unless necessary for error fixes
+- Base image: Ubuntu Jammy (22.04 LTS)
+- Updates follow semantic versioning
diff --git a/docs/home/getting-started.md b/docs/home/getting-started.md
index 00d7bdd..3f73e9f 100644
--- a/docs/home/getting-started.md
+++ b/docs/home/getting-started.md
@@ -1 +1,105 @@
-WIP
+# Getting Started with CST
+
+This guide will help you get up and running with the Containerized Security Toolkit.
+
+## Prerequisites
+
+- Docker installed and running on your system
+- Basic familiarity with Docker commands
+- At least 10GB of free disk space (varies by variant)
+
+## Basic Setup
+
+1. Create a persistence directory:
+
+```bash
+mkdir -p $HOME/docker_work/
+```
+
+2. Choose your variant and architecture:
+
+```bash
+# For x86_64 systems
+docker pull tanq16/cst-general:amd
+
+# For ARM64 systems (Apple Silicon, etc.)
+docker pull tanq16/cst-general:arm
+```
+
+3. Run the container:
+
+```bash
+docker run --name="cst-general" \
+ -v $HOME/docker_work/:/persist \
+ --rm -it tanq16/cst-general:amd \
+ /bin/bash
+```
+
+## Advanced Setup
+
+### Shell Functions for Convenience
+
+Add these functions to your shell's RC file (`.bashrc`, `.zshrc`, etc.):
+
+```bash
+# Start Container
+start_cst(){
+ variant=${1:-general}
+ docker run --name="cst-${variant}" --rm -d \
+ -v $HOME/docker_work/:/persist \
+ -p 50022:22 ${@:2} \
+ -it tanq16/cst-${variant}:amd \
+ bash -c "service ssh start; cp /persist/.bash_history /root/.bash_history 2>/dev/null; tail -f /dev/null"
+
+ new_pass=$(cat /dev/random | head -c 20 | base64 | tr -d '=+/')
+ echo "Password: $new_pass"
+ echo $new_pass > current_docker_password
+ docker exec -e newpp="$new_pass" cst-${variant} bash -c 'echo "root:$(printenv newpp)" | chpasswd'
+}
+
+# Stop Container
+stop_cst(){
+ variant=${1:-general}
+ docker cp cst-${variant}:/root/.bash_history $HOME/docker_work/.bash_history 2>/dev/null
+ docker stop cst-${variant} -t 0
+}
+```
+
+### Using SSH for Access
+
+With the above functions in place:
+
+1. Start container:
+
+```bash
+start_cst general
+```
+
+2. SSH into container:
+
+```bash
+ssh -o "StrictHostKeyChecking=no" \
+ -o "UserKnownHostsFile=/dev/null" \
+ root@localhost -p 50022
+```
+
+3. When done, stop container:
+
+```bash
+stop_cst general
+```
+
+## Persistence
+
+The `/persist` directory in the container maps to `$HOME/docker_work/` on your host system. Use this directory for:
+
+- Project files
+- Configuration files
+- Data that needs to persist between container restarts
+- Shell history files
+
+## Next Steps
+
+- Check the [Variant-Specific Guides](../variants/index.md) for your chosen variant
+- Review [Conventions](conventions.md) for best practices
+- Explore [Advanced Usage](../advanced/shortcuts.md) for more features
diff --git a/docs/home/index.md b/docs/home/index.md
index 6d3f665..e82354e 100644
--- a/docs/home/index.md
+++ b/docs/home/index.md
@@ -1 +1,39 @@
-WIP
\ No newline at end of file
+
+ 
+
+
+# Containerized Security Toolkit
+
+The Containerized Security Toolkit (CST) provides a comprehensive suite of Docker images tailored for various security operations. Each variant is designed for specific use cases while maintaining consistency in basic functionality.
+
+For getting started quickly, visit the [Getting Started Guide](getting-started.md).
+
+## Available Variants
+
+- **General**: Core security tools and utilities for general security operations
+- **Cloud**: Specialized for cloud security assessments and operations
+- **Dev**: Development environment with security tools (Python, Go, Node.js) - WIP
+- **Netsec**: Network security assessment and monitoring tools - WIP
+- **Rice**: Enhanced version of General with CLI Productivity Suite
+
+Each variant is available for both x86_64 and ARM64 architectures:
+
+```
+tanq16/cst-:amd # For x86_64 systems
+tanq16/cst-:arm # For ARM64 systems (Apple Silicon, etc.)
+```
+
+## Key Features
+
+- **Persistent Storage**: Mount local directories for data persistence
+- **Secure Design**: Regular security updates and best practices
+- **Purpose-Built**: Each variant optimized for specific security tasks
+- **Rich Tooling**: Comprehensive set of pre-installed security tools
+- **Consistent Environment**: Reproducible setup across systems
+- **Cross-Platform**: Full support for both x86_64 and ARM64
+
+## Quick Reference
+
+- **Documentation**: [https://tanishq.page/containerized-security-toolkit](https://tanishq.page/containerized-security-toolkit)
+- **Docker Hub**: [https://hub.docker.com/r/tanq16/cst](https://hub.docker.com/r/tanq16/cst)
+- **Source Code**: [https://github.com/tanq16/containerized-security-toolkit](https://github.com/tanq16/containerized-security-toolkit)
diff --git a/docs/tools/cloud-tools.md b/docs/tools/cloud-tools.md
new file mode 100644
index 0000000..f68ac79
--- /dev/null
+++ b/docs/tools/cloud-tools.md
@@ -0,0 +1,111 @@
+# Cloud Variant Tools
+
+The Cloud variant extends the General variant with specialized tools for cloud security assessment and operations. It includes tools for major cloud providers and cloud-native technologies.
+
+## Cloud Provider Tools
+
+### Multi-Cloud Tools
+
+- **CloudFox**: Cloud security assessment tool
+ - Location: `/opt/executables/cloudfox`
+ - Usage: Cloud service enumeration and security assessment
+
+- **CloudList**: Cloud asset enumeration
+ - Location: `/opt/executables/cloudlist`
+ - Usage: Multi-cloud asset discovery
+
+### AWS Tools
+
+- **AWS CLI v2**: Official AWS command line interface
+ - Location: System PATH
+ - Usage: AWS service interaction and management
+
+- **Prowler**: AWS security assessment tool
+ - Location: Python environment
+ - Usage: AWS security best practice assessment
+
+### Azure Tools
+
+- **Azure CLI**: Official Azure command line interface
+ - Location: System PATH
+ - Usage: Azure service management and interaction
+
+- **AzureHound**: Azure security assessment tool
+ - Location: `/opt/executables/azurehound`
+ - Usage: Azure AD privilege escalation paths
+
+### GCP Tools
+
+- **Google Cloud SDK**: Official GCP command line tools
+ - Location: `/root/google-cloud-sdk/`
+ - Usage: GCP service interaction and management
+
+## Container Security Tools
+
+- **Trivy**: Container vulnerability scanner
+ - Location: `/opt/executables/trivy`
+ - Usage: Container and filesystem vulnerability scanning
+
+- **Peirates**: Kubernetes penetration testing tool
+ - Location: `/opt/executables/peirates`
+ - Usage: Kubernetes security assessment
+
+## Infrastructure as Code Security
+
+- **Terraform**: Infrastructure as code tool
+ - Location: `/opt/executables/terraform`
+ - Usage: Infrastructure deployment and assessment
+
+- **Checkov**: IaC security scanner
+ - Location: Python environment
+ - Usage: Infrastructure as Code security scanning
+
+## Security Assessment Tools
+
+### Reconnaissance
+
+- Same tools as General variant:
+ - Subfinder
+ - HTTPx
+ - DNSx
+ - Nuclei
+
+### Web Security
+
+- Standard web testing tools from General variant:
+ - FFuf
+ - Gobuster
+ - Hakrawler
+
+## Python Security Tools
+
+Located in Python virtual environment at `/opt/pyenv/`:
+- **ScoutSuite**: Multi-cloud security auditing tool
+ - Usage: `/opt/ScoutSuite/scout.py`
+ - Purpose: Cloud security posture assessment
+
+- **PMapper**: AWS IAM evaluation tool
+ - Usage: `/opt/PMapper/pmapper.py`
+ - Purpose: AWS IAM analysis
+
+- **KubiScan**: Kubernetes security scanning tool
+ - Usage: `/opt/KubiScan/KubiScan.py`
+ - Purpose: Kubernetes security assessment
+
+## Additional Resources
+
+- Kubernetes tools:
+ - `kubectl`: Kubernetes CLI
+ - `kube-hunter`: Kubernetes penetration testing
+ - `kubeaudit`: Kubernetes security auditing
+
+- GCP security tools:
+ - GCP IAM Privilege Escalation scanner
+ - GCP security assessment tools
+
+## Development Environment
+
+Includes standard development tools:
+- Python 3 with specialized libraries
+- Go language environment
+- PowerShell Core
diff --git a/docs/tools/dev-tools.md b/docs/tools/dev-tools.md
new file mode 100644
index 0000000..85e6ff1
--- /dev/null
+++ b/docs/tools/dev-tools.md
@@ -0,0 +1 @@
+# WIP
diff --git a/docs/tools/general-tools.md b/docs/tools/general-tools.md
index e69de29..1cd7942 100644
--- a/docs/tools/general-tools.md
+++ b/docs/tools/general-tools.md
@@ -0,0 +1,101 @@
+# General Variant Tools
+
+The General variant provides a comprehensive set of security and utility tools. Each tool is installed in a specific location and serves a particular purpose in security operations.
+
+## Core System Tools
+
+The base system includes essential utilities installed via apt:
+- `curl`, `wget`: Network data transfer
+- `git`: Version control
+- `tmux`: Terminal multiplexer
+- `openssl`: Cryptographic toolkit
+- `openssh-server`: SSH connectivity
+- `openvpn`: VPN client
+- Network utilities: `ping`, `telnet`, `traceroute`, `ftp`
+- Development tools: `gcc`, `make`, `python3`, `nodejs`, `npm`
+
+## Security Assessment Tools
+
+### Web Application Security
+
+- **Gobuster**: Directory/file enumeration tool
+ - Location: `/opt/executables/gobuster`
+ - Usage: Web application directory brute forcing
+
+- **FFuf**: Web fuzzer
+ - Location: `/opt/executables/ffuf`
+ - Usage: Web fuzzing, directory discovery, parameter fuzzing
+
+- **Hakrawler**: Web crawler
+ - Location: `/opt/executables/hakrawler`
+ - Usage: Web crawling and asset discovery
+
+### Network Security
+
+- **Fingerprintx**: Service identification tool
+ - Location: `/opt/executables/fingerprintx`
+ - Usage: Service and version detection
+
+- **Nuclei**: Vulnerability scanner
+ - Location: `/opt/executables/nuclei`
+ - Usage: Automated vulnerability scanning
+
+- **Subfinder**: Subdomain discovery tool
+ - Location: `/opt/executables/subfinder`
+ - Usage: Subdomain enumeration
+
+### Infrastructure Security
+
+- **Trivy**: Container vulnerability scanner
+ - Location: `/opt/executables/trivy`
+ - Usage: Container and filesystem scanning
+
+### Reconnaissance Tools
+
+- **Amass**: Attack surface mapping tool
+ - Location: `/opt/executables/amass`
+ - Usage: Network mapping and asset discovery
+
+- **DNSx**: DNS toolkit
+ - Location: `/opt/executables/dnsx`
+ - Usage: DNS enumeration and discovery
+
+- **HTTPx**: HTTP toolkit
+ - Location: `/opt/executables/httpx`
+ - Usage: HTTP probe and analyzer
+
+### Utility Tools
+
+- **YQ**: YAML processor
+ - Location: `/opt/executables/yq`
+ - Usage: YAML/JSON processing
+
+- **GRPCurl**: gRPC testing tool
+ - Location: `/opt/executables/grpcurl`
+ - Usage: gRPC API testing
+
+- **Gron**: JSON flattening utility
+ - Location: `/opt/executables/gron`
+ - Usage: Make JSON greppable
+
+## Wordlists and Resources
+
+Located in `/opt/lists/`:
+- SubDomains: `subdomains_top_110000.txt`
+- Infrastructure: `common_router_ips.txt`, `common_http_ports.txt`
+- Web Content: `directory_brute_medium.txt`, `directory_brute_common.txt`
+- Passwords: `rockyou.txt`
+- SNMP: `snmp.txt`
+- Variables: `secret_keywords.txt`
+
+## Python Environment
+
+A dedicated Python virtual environment is available at `/opt/pyenv/` with:
+- Requests: HTTP library
+- Semgrep: Pattern-based code scanning
+
+## Development Tools
+
+- Go language environment
+- AWS CLI v2
+- PowerShell Core
diff --git a/docs/tools/netsec-tools.md b/docs/tools/netsec-tools.md
new file mode 100644
index 0000000..85e6ff1
--- /dev/null
+++ b/docs/tools/netsec-tools.md
@@ -0,0 +1 @@
+# WIP
diff --git a/docs/tools/rice-tools.md b/docs/tools/rice-tools.md
new file mode 100644
index 0000000..f1fd01c
--- /dev/null
+++ b/docs/tools/rice-tools.md
@@ -0,0 +1,119 @@
+# Rice Variant Tools
+
+The Rice variant enhances the General variant with the CLI Productivity Suite and additional convenience tools. It maintains all security tools from the General variant while adding productivity enhancements.
+
+## CLI Productivity Enhancements
+
+### Shell Environment
+
+- **Oh My Zsh**: Enhanced shell framework
+ - Location: `/root/.oh-my-zsh/`
+ - Features:
+ - Spaceship prompt theme
+ - Auto-suggestions
+ - Syntax highlighting
+ - Git integration
+
+- **Tmux Configuration**: Enhanced terminal multiplexer
+ - Location: `/root/.tmux/`
+ - Custom key bindings
+ - Status bar enhancements
+ - Plugin management
+
+### Enhanced Utilities
+
+- **FZF**: Fuzzy finder
+ - Location: `/root/.fzf/`
+ - Usage: Enhanced command history search
+ - File and directory fuzzy finding
+
+- **LSD**: Enhanced ls command
+ - Location: System PATH
+ - Usage: Improved file listing with icons
+
+- **Neovim**: Advanced text editor
+ - Location: System installation
+ - Includes NvChad configuration
+ - Enhanced development features
+
+## Security Tools
+
+Includes all tools from the General variant:
+
+### Web Security Tools
+
+- Gobuster
+- FFuf
+- Hakrawler
+- Nuclei
+
+### Network Tools
+
+- Fingerprintx
+- Subfinder
+- HTTPx
+- DNSx
+
+### Infrastructure Tools
+
+- Trivy
+- AWS CLI
+- PowerShell Core
+
+## Additional Features
+
+### Enhanced Navigation
+
+- Custom shell aliases
+- Directory shortcuts
+- Command history preservation
+- Cross-session history
+
+### Development Support
+
+- Enhanced Git integration
+- Improved code completion
+- Better syntax highlighting
+- Development tool integration
+
+## Productivity Features
+
+### Shell Improvements
+
+The CLI Productivity Suite adds:
+- Intelligent command history
+- Enhanced tab completion
+- Directory navigation shortcuts
+- Custom aliases and functions
+
+### Editor Enhancements
+
+NeoVim configuration includes:
+- Code syntax highlighting
+- File navigation
+- Split pane management
+- Plugin system
+
+### Terminal Multiplexer
+
+Tmux enhancements include:
+- Session management
+- Window organization
+- Pane controls
+- Status information
+
+## Standard Tools
+
+All tools from the General variant remain available:
+- Security assessment tools
+- Network utilities
+- Development tools
+- System utilities
+
+## Resource Location
+
+The standard CST directory structure is maintained:
+- `/opt/executables/`: Binary tools
+- `/opt/pyenv/`: Python environment
+- `/opt/lists/`: Security wordlists
+- `/persist/`: Persistent storage
diff --git a/docs/variants/cloud.md b/docs/variants/cloud.md
new file mode 100644
index 0000000..e27b9e6
--- /dev/null
+++ b/docs/variants/cloud.md
@@ -0,0 +1,28 @@
+# Cloud Variant
+
+The Cloud variant extends the General variant with specialized tools for cloud security assessments and operations across major cloud providers.
+
+### Focus Areas
+
+Cloud security capabilities include:
+- Infrastructure security assessment
+- Cloud configuration analysis
+- Identity and access management review
+- Container security scanning
+- Serverless function analysis
+
+This variant excels at:
+- Cloud security posture assessments
+- Cloud penetration testing
+- Cloud architecture review
+- Compliance checking
+- Resource enumeration
+
+### Notable Tooling
+
+The Cloud variant includes specialized tools for:
+- AWS environment assessment
+- Azure security testing
+- GCP security analysis
+- Multi-cloud security scanning
+- Cloud-native application security
diff --git a/docs/variants/dev.md b/docs/variants/dev.md
new file mode 100644
index 0000000..b78fd68
--- /dev/null
+++ b/docs/variants/dev.md
@@ -0,0 +1,21 @@
+# Dev Variant
+
+# `WIP - NOT AVAILABLE YET`
+
+The Dev variant provides a security-focused development environment with comprehensive language support and security testing tools.
+
+### Development Environment
+
+Includes robust support for:
+- Python development with Anaconda
+- Golang development environment
+- Node.js and npm
+- Security-focused IDEs and editors
+- Testing frameworks
+
+Perfect for:
+- Security tool development
+- Secure application development
+- Security automation
+- CI/CD security integration
+- Security research
diff --git a/docs/variants/general.md b/docs/variants/general.md
index 13ac980..3e8c82b 100644
--- a/docs/variants/general.md
+++ b/docs/variants/general.md
@@ -1,3 +1,32 @@
-WIP
+# General Variant
-General Variant
+The General variant serves as both a standalone security operations environment and a base for building custom security-focused images. It provides a carefully selected set of core security tools and utilities while maintaining a clean, extensible structure.
+
+### Key Features
+
+- Core security assessment tools
+- Network analysis utilities
+- Common penetration testing tools
+- Web application security tools
+- Base for custom security images
+
+This variant is ideal for:
+- Security professionals needing a reliable base environment
+- Teams building custom security toolkits
+- General security assessment work
+- Quick security analysis tasks
+
+### Base Image Extension
+
+The General variant is designed to be extended. Create custom security-focused images by using it as a base:
+
+```dockerfile
+FROM tanq16/cst-general:amd
+
+# Add custom tools and configurations
+RUN apt-get update && apt-get install -y \
+ your-additional-packages
+
+# Add custom scripts or tools
+COPY ./custom-tools /opt/custom-tools
+```
diff --git a/docs/variants/index.md b/docs/variants/index.md
index c2bee99..3bf2db2 100644
--- a/docs/variants/index.md
+++ b/docs/variants/index.md
@@ -1,3 +1,14 @@
-WIP
+# CST Variants Overview
-Variants Home
+The Containerized Security Toolkit provides purpose-built variants for different security operations. Each variant is available as `cst-:amd` for x86_64 systems and `cst-:arm` for ARM64 systems.
+
+## Variant Selection Guide
+
+Choose your variant based on primary use case:
+- **General**: Basic security operations or base for custom images
+- **Cloud**: Cloud security assessments and operations
+- **Dev**: Security tool and application development
+- **Netsec**: Network security testing and monitoring
+- **Rice**: Enhanced productivity for daily security work
+
+Each variant follows CST's core conventions while providing specialized capabilities for its target use case.
diff --git a/docs/variants/netsec.md b/docs/variants/netsec.md
new file mode 100644
index 0000000..03f2354
--- /dev/null
+++ b/docs/variants/netsec.md
@@ -0,0 +1,21 @@
+# Netsec Variant
+
+# `WIP - NOT AVAILABLE YET`
+
+The Network Security variant focuses on network assessment, monitoring, and security testing tools.
+
+### Capabilities
+
+Specialized for:
+- Network vulnerability assessment
+- Protocol analysis
+- Traffic monitoring
+- Wireless network testing
+- Network forensics
+
+Ideal applications include:
+- Network penetration testing
+- Security monitoring
+- Network architecture review
+- Protocol security assessment
+- Network forensics analysis
diff --git a/docs/variants/rice.md b/docs/variants/rice.md
index f39fa75..8e6b54b 100644
--- a/docs/variants/rice.md
+++ b/docs/variants/rice.md
@@ -1,3 +1,28 @@
-WIP
+# Rice Variant
-Rice Variant
+The Rice variant enhances the General variant with the CLI Productivity Suite, creating an efficient and user-friendly security operations environment.
+
+### Enhancements
+
+The Rice variant adds:
+- Customized shell configuration
+- Enhanced terminal utilities
+- Productivity shortcuts
+- Improved text editors
+- Workflow optimizations
+
+Perfect for:
+- Daily security operations
+- Extended terminal sessions
+- Text-based workflows
+- Security research and documentation
+- Efficient command-line work
+
+### Rice-Specific Features
+
+The integrated CLI Productivity Suite provides:
+- Custom shell prompts
+- Advanced tab completion
+- Git integrations
+- Enhanced navigation
+- Improved visibility features
diff --git a/mkdocs.yml b/mkdocs.yml
index 88cac7e..d3396f0 100644
--- a/mkdocs.yml
+++ b/mkdocs.yml
@@ -1,5 +1,5 @@
site_name: Containerized Security Toolkit
-site_url: https://tanq16.github.io/containerized-security-toolkit
+site_url: https://tanishq.page/containerized-security-toolkit
repo_name: tanq16/containerized-security-toolkit
repo_url: https://github.com/tanq16/containerized-security-toolkit
@@ -61,6 +61,8 @@ nav:
- Overview: variants/index.md
- General: variants/general.md
- Cloud: variants/cloud.md
+ - Dev: variants/dev.md
+ - NetSec: variants/netsec.md
- Rice: variants/rice.md
- Tools List:
- General: tools/general-tools.md
@@ -70,7 +72,6 @@ nav:
- Shell Shortcuts: advanced/shortcuts.md
- SSH & TMUX: advanced/ssh-tmux.md
- DIY Build: advanced/build.md
- - Example Workflow: advanced/rice-workflow.md
# Markdown extensions
markdown_extensions:
diff --git a/scripts/cloud-builder.sh b/scripts/cloud-builder.sh
new file mode 100644
index 0000000..c2cae7a
--- /dev/null
+++ b/scripts/cloud-builder.sh
@@ -0,0 +1,5 @@
+cd images/general
+
+docker build -f builder.Dockerfile -t intermediate_builder .
+docker builder prune -f
+docker build -t cst-cloud .