fix builds and readme

Tanq16 · Dec 11, 2024 · c94af93 · c94af93
1 parent 8ef73ed
commit c94af93
Show file tree

Hide file tree

Showing 14 changed files with 136 additions and 160 deletions.
diff --git a/README.md b/README.md
@@ -7,43 +7,16 @@
 </h1>
 
 <p align="center">
-  <a href="https://github.com/tanq16/containerized-security-toolkit/releases">
-    <img src="https://img.shields.io/github/v/release/tanq16/containerized-security-toolkit?include_prereleases&style=flat-square">
-  </a>
-  <a href="https://github.com/tanq16/containerized-security-toolkit/blob/main/LICENSE">
-    <img src="https://img.shields.io/github/license/tanq16/containerized-security-toolkit?style=flat-square">
-  </a>
-  <a href="https://hub.docker.com/r/tanq16/sec_docker">
-    <img src="https://img.shields.io/docker/pulls/tanq16/sec_docker?style=flat-square">
-  </a>
-  <a href="https://hub.docker.com/r/tanq16/cst-rice">
-    <img src="https://img.shields.io/docker/pulls/tanq16/cst-rice?style=flat-square">
-  </a>
-  <a href="https://hub.docker.com/r/tanq16/cst-cloud">
-    <img src="https://img.shields.io/docker/pulls/tanq16/cst-cloud?style=flat-square">
-  </a>
-  <a href="https://hub.docker.com/r/tanq16/cst-general">
-    <img src="https://img.shields.io/docker/pulls/tanq16/cst-general?style=flat-square">
-  </a>
+  <a href="https://github.com/tanq16/containerized-security-toolkit/releases"><img src="https://img.shields.io/github/v/release/tanq16/containerized-security-toolkit?include_prereleases&style=flat"></a><a href="https://github.com/tanq16/containerized-security-toolkit/blob/main/LICENSE"><img src="https://img.shields.io/github/license/tanq16/containerized-security-toolkit?style=flat"></a><a href="https://hub.docker.com/r/tanq16/sec_docker"><img src="https://img.shields.io/docker/pulls/tanq16/sec_docker?style=flat"></a><a href="https://hub.docker.com/r/tanq16/cst-rice"><img src="https://img.shields.io/docker/pulls/tanq16/cst-rice?style=flat"></a><a href="https://hub.docker.com/r/tanq16/cst-cloud"><img src="https://img.shields.io/docker/pulls/tanq16/cst-cloud?style=flat"></a><a href="https://hub.docker.com/r/tanq16/cst-general"><img src="https://img.shields.io/docker/pulls/tanq16/cst-general?style=flat"></a>
   <br>
-  <a href="https://tanishq.page/containerized-security-toolkit">Documentation</a> •
-  <a href="https://hub.docker.com/r/tanq16/cst">Docker Hub (User Space)</a> •
-  <a href="https://hub.docker.com/r/tanq16/sec_docker">Docker Hub (Legacy)</a>
+  <a href="https://tanishq.page/containerized-security-toolkit">Documentation</a> • <a href="https://hub.docker.com/r/tanq16/cst">Docker Hub (User Space)</a> • <a href="https://hub.docker.com/r/tanq16/sec_docker">Docker Hub (Legacy)</a>
 </p>
 
 <h3 align="center">A comprehensive suite of containerized security toolkits for various security operations</h3>
 
 <p align="center">
   <b>Build Status:</b><br>
-  <a href="https://github.com/tanq16/containerized-security-toolkit/actions/workflows/general-build.yml">
-    <img src="https://github.com/tanq16/containerized-security-toolkit/actions/workflows/general-build.yml/badge.svg" alt="General Build">
-  </a>
-  <a href="https://github.com/tanq16/containerized-security-toolkit/actions/workflows/cloud-build.yml">
-    <img src="https://github.com/tanq16/containerized-security-toolkit/actions/workflows/cloud-build.yml/badge.svg" alt="Cloud Build">
-  </a>
-  <a href="https://github.com/tanq16/containerized-security-toolkit/actions/workflows/rice-build.yml">
-    <img src="https://github.com/tanq16/containerized-security-toolkit/actions/workflows/rice-build.yml/badge.svg" alt="Rice Build">
-  </a>
+  <a href="https://github.com/tanq16/containerized-security-toolkit/actions/workflows/general-build.yml"><img src="https://github.com/tanq16/containerized-security-toolkit/actions/workflows/general-build.yml/badge.svg" alt="General Build"></a><a href="https://github.com/tanq16/containerized-security-toolkit/actions/workflows/cloud-build.yml"><img src="https://github.com/tanq16/containerized-security-toolkit/actions/workflows/cloud-build.yml/badge.svg" alt="Cloud Build"></a><a href="https://github.com/tanq16/containerized-security-toolkit/actions/workflows/rice-build.yml"><img src="https://github.com/tanq16/containerized-security-toolkit/actions/workflows/rice-build.yml/badge.svg" alt="Rice Build"></a>
   <br>
   <a href="https://dl.circleci.com/status-badge/redirect/circleci/YPqXqLMjjXxLwPP9TvpyFc/W1CQsWfrfu4rKFiytoHbs9/tree/main"><img src="https://dl.circleci.com/status-badge/img/circleci/YPqXqLMjjXxLwPP9TvpyFc/W1CQsWfrfu4rKFiytoHbs9/tree/main.svg?style=svg"></a><br>
   (All ARM images build through CCI until ARM GHA runners are available)

diff --git a/docs/advanced/build.md b/docs/advanced/build.md
@@ -135,22 +135,22 @@ docker buildx build \
 
 ## Best Practices
 
-1. **Version Control**
+- **Version Control**
    - Tag images with version numbers
    - Document changes in changelog
    - Use semantic versioning
 
-2. **Documentation**
+- **Documentation**
    - Update tool lists
    - Document new features
    - Include usage examples
 
-3. **Security**
+- **Security**
    - Scan images for vulnerabilities
    - Update base images regularly
    - Follow security best practices
 
-4. **Maintenance**
+- **Maintenance**
    - Regular dependency updates
    - Version compatibility checks
    - Performance optimization
diff --git a/docs/advanced/shortcuts.md b/docs/advanced/shortcuts.md
@@ -35,6 +35,7 @@ stop_cst() {
 ```
 
 These functions provide:
+
 - Automatic architecture detection (ARM/AMD)
 - Command history persistence
 - SSH access with random password generation

diff --git a/docs/advanced/ssh-tmux.md b/docs/advanced/ssh-tmux.md
@@ -131,28 +131,24 @@ send-keys 'htop' C-m
 
 ## Best Practices
 
-1. **Session Naming**
-   Use consistent naming conventions:
+- **Session Naming:** Use consistent naming conventions
    - `dev-*` for development sessions
    - `sec-*` for security assessment
    - `mon-*` for monitoring
 
-2. **Window Management**
-   Organize windows by function:
+- **Window Management:** Organize windows by function
    - Main workspace window
    - Monitoring window
    - Log window
    - Tool-specific windows
 
-3. **Pane Layout**
-   Design efficient layouts:
+- **Pane Layout:** Design efficient layouts
    - Command input at top
    - Logs at bottom
    - Monitoring on side
    - Status in corner
 
-4. **Key Bindings**
-   Configure task-specific bindings:
+- **Key Bindings:** Configure task-specific bindings
    ```bash
    # ~/.tmux.conf
    bind-key M-s source-file ~/.tmux/layouts/security

diff --git a/docs/home/contributing.md → docs/contributing.md b/docs/home/contributing.md → docs/contributing.md
@@ -61,22 +61,22 @@ docker buildx build --platform linux/arm64 -t cst-<variant>:local .
 ## Coding Guidelines
 
 - **Dockerfiles**
-   - Use multi-stage builds
-   - Group related installations
-   - Document non-obvious commands
-   - Follow best practices for size optimization
+      - Use multi-stage builds
+      - Group related installations
+      - Document non-obvious commands
+      - Follow best practices for size optimization
 
 - **Documentation**
-   - Use clear, concise language
-   - Prefer short and bulleted information
-   - Keep formatting consistent
-   - Update relevant sections
+      - Use clear, concise language
+      - Prefer short and bulleted information
+      - Keep formatting consistent
+      - Update relevant sections
 
 - **Scripts**
-   - Include shebang line
-   - Add usage comments
-   - Make scripts portable
-   - Include error handling
+      - Include shebang line
+      - Add usage comments
+      - Make scripts portable
+      - Include error handling
 
 ## Pull Request Process
 

diff --git a/docs/home/conventions.md → docs/conventions.md b/docs/home/conventions.md → docs/conventions.md
@@ -42,10 +42,10 @@ Standard environment details used across variants:
 - Mount point: `/persist/`
 - Recommended host location: `$HOME/docker_work/`
 - Used for:
-  - Project files
-  - Configuration files
-  - Shell history
-  - Tool configurations
+   - Project files
+   - Configuration files
+   - Shell history
+   - Tool configurations
 
 ## SSH Configuration
 
@@ -57,24 +57,24 @@ Standard environment details used across variants:
 ## Best Practices
 
 - **Data Persistence**
-   - Store important data in `/persist/`
-   - Use version control for project files
-   - Back up configurations regularly
+      - Store important data in `/persist/`
+      - Use version control for project files
+      - Back up configurations regularly
 
 - **Resource Management**
-   - Clean up unused containers
-   - Prune Docker images periodically
-   - Monitor disk space usage
+      - Clean up unused containers
+      - Prune Docker images periodically
+      - Monitor disk space usage
 
 - **Security**
-   - Change SSH password for every run
-   - Use SSH keys when possible
-   - Keep host directory permissions restrictive
+      - Change SSH password for every run
+      - Use SSH keys when possible
+      - Keep host directory permissions restrictive
 
 - **Workflow**
-   - Use shell functions for container management
-   - Maintain separate instances for different projects
-   - Document custom configurations
+      - Use shell functions for container management
+      - Maintain separate instances for different projects
+      - Document custom configurations
 
 ## Version Control
 

diff --git a/docs/home/getting-started.md → docs/getting-started.md b/docs/home/getting-started.md → docs/getting-started.md
diff --git a/docs/home/index.md → docs/index.md b/docs/home/index.md → docs/index.md
diff --git a/docs/tools/cloud-tools.md b/docs/tools/cloud-tools.md
@@ -7,102 +7,102 @@ The Cloud variant extends the General variant with specialized tools for cloud s
 ### Multi-Cloud Tools
 
 - **CloudFox**: Cloud security assessment tool
-  - Location: `/opt/executables/cloudfox`
-  - Usage: Cloud service enumeration and security assessment
+    - Location: `/opt/executables/cloudfox`
+    - Usage: Cloud service enumeration and security assessment
 
 - **CloudList**: Cloud asset enumeration
-  - Location: `/opt/executables/cloudlist`
-  - Usage: Multi-cloud asset discovery
+    - Location: `/opt/executables/cloudlist`
+    - Usage: Multi-cloud asset discovery
 
 ### AWS Tools
 
 - **AWS CLI v2**: Official AWS command line interface
-  - Location: System PATH
-  - Usage: AWS service interaction and management
+    - Location: System PATH
+    - Usage: AWS service interaction and management
 
 - **Prowler**: AWS security assessment tool
-  - Location: Python environment
-  - Usage: AWS security best practice assessment
+    - Location: Python environment
+    - Usage: AWS security best practice assessment
 
 ### Azure Tools
 
 - **Azure CLI**: Official Azure command line interface
-  - Location: System PATH
-  - Usage: Azure service management and interaction
+    - Location: System PATH
+    - Usage: Azure service management and interaction
 
 - **AzureHound**: Azure security assessment tool
-  - Location: `/opt/executables/azurehound`
-  - Usage: Azure AD privilege escalation paths
+    - Location: `/opt/executables/azurehound`
+    - Usage: Azure AD privilege escalation paths
 
 ### GCP Tools
 
 - **Google Cloud SDK**: Official GCP command line tools
-  - Location: `/root/google-cloud-sdk/`
-  - Usage: GCP service interaction and management
+    - Location: `/root/google-cloud-sdk/`
+    - Usage: GCP service interaction and management
 
 ## Container Security Tools
 
 - **Trivy**: Container vulnerability scanner
-  - Location: `/opt/executables/trivy`
-  - Usage: Container and filesystem vulnerability scanning
+    - Location: `/opt/executables/trivy`
+    - Usage: Container and filesystem vulnerability scanning
 
 - **Peirates**: Kubernetes penetration testing tool
-  - Location: `/opt/executables/peirates`
-  - Usage: Kubernetes security assessment
+    - Location: `/opt/executables/peirates`
+    - Usage: Kubernetes security assessment
 
 ## Infrastructure as Code Security
 
 - **Terraform**: Infrastructure as code tool
-  - Location: `/opt/executables/terraform`
-  - Usage: Infrastructure deployment and assessment
+    - Location: `/opt/executables/terraform`
+    - Usage: Infrastructure deployment and assessment
 
 - **Checkov**: IaC security scanner
-  - Location: Python environment
-  - Usage: Infrastructure as Code security scanning
+    - Location: Python environment
+    - Usage: Infrastructure as Code security scanning
 
 ## Security Assessment Tools
 
 ### Reconnaissance
 
 - Same tools as General variant:
-  - Subfinder
-  - HTTPx
-  - DNSx
-  - Nuclei
+    - Subfinder
+    - HTTPx
+    - DNSx
+    - Nuclei
 
 ### Web Security
 
 - Standard web testing tools from General variant:
-  - FFuf
-  - Gobuster
-  - Hakrawler
+    - FFuf
+    - Gobuster
+    - Hakrawler
 
 ## Python Security Tools
 
 Located in Python virtual environment at `/opt/pyenv/`:
 
 - **ScoutSuite**: Multi-cloud security auditing tool
-  - Usage: `/opt/ScoutSuite/scout.py`
-  - Purpose: Cloud security posture assessment
+    - Usage: `/opt/ScoutSuite/scout.py`
+    - Purpose: Cloud security posture assessment
 
 - **PMapper**: AWS IAM evaluation tool
-  - Usage: `/opt/PMapper/pmapper.py`
-  - Purpose: AWS IAM analysis
+    - Usage: `/opt/PMapper/pmapper.py`
+    - Purpose: AWS IAM analysis
 
 - **KubiScan**: Kubernetes security scanning tool
-  - Usage: `/opt/KubiScan/KubiScan.py`
-  - Purpose: Kubernetes security assessment
+    - Usage: `/opt/KubiScan/KubiScan.py`
+    - Purpose: Kubernetes security assessment
 
 ## Additional Resources
 
 - Kubernetes tools:
-  - `kubectl`: Kubernetes CLI
-  - `kube-hunter`: Kubernetes penetration testing
-  - `kubeaudit`: Kubernetes security auditing
+    - `kubectl`: Kubernetes CLI
+    - `kube-hunter`: Kubernetes penetration testing
+    - `kubeaudit`: Kubernetes security auditing
 
 - GCP security tools:
-  - GCP IAM Privilege Escalation scanner
-  - GCP security assessment tools
+    - GCP IAM Privilege Escalation scanner
+    - GCP security assessment tools
 
 ## Development Environment