Merge tag 'pull-duso-tool-docs' of https://github.com/Dusoleil/lib-des-gnux

Pulling an assortment of tools documentation from Dusoleil.  I did fix 1
minor conflict in the readme file.

* tag 'pull-duso-tool-docs' of https://github.com/Dusoleil/lib-des-gnux: (21 commits)
  Remove 'sudo' from install command.
  Fix typo in for loop in asm rep prefix doc
  Add install/uninstall instructions to radare doc
  Add radare2 command cheatsheet
  Add doc about fixing a ptrace error in debugger.
  Add doc about the rep prefix on an x86 instruction
  Add short doc on the one_gadget tool
  Remove curl example line from README
  Add cheatsheet of common flags for curl
  Add a short doc with links to reqbin and hookbin
  Add Short Doc About proxychains
  Add Example that Uses Custom Charset
  Update Incremental Examples to Use Short Flag
  Add Info About Issues with Small Workload
  Add More Mask/Hybrid Attacks to Examples
  Add Examples for Showing Cracks/Identifying Type
  Add --status Flag to Examples
  Fix Paths in Examples
  Remove "LIGHT"/"HEAVY" Descriptors from Examples
  Add hashcat doc
  ...

3 files changed, 128 insertions, 0 deletions

diff --git a/docs/re/ptrace_not_permitted.txt b/docs/re/ptrace_not_permitted.txt
new file mode 100644
index 0000000..07ca568
--- /dev/null
+++ b/docs/re/ptrace_not_permitted.txt
@@ -0,0 +1,22 @@
+If you are seeing errors from your debugger such as
+strace: (PTRACE_ATTACH): operation not permitted
+ptrace: operation not permitted
+ptrace_attach: operation not permitted
+etc.
+
+This is likely because of a linux kernel hardening setting.
+/proc/sys/kernel/yama/ptrace_scope
+This setting prevents a process from running ptrace on a non-child process.
+Even with this on, a can still ptrace another process if it is a child.
+Debuggers like gdb and radare2 use ptrace when you attach via PID.
+
+You can turn this off
+$ sudo su
+$ echo 0 > /proc/sys/kernel/yama/ptrace_scope
+
+Turning this off is global, though.
+Instead, set the capabilities of just your debugger to override this setting.
+
+$ sudo setcap CAP_SYS_PTRACE=+eip /usr/bin/gdb
+$ sudo setcap CAP_SYS_PTRACE=+eip /usr/bin/radare2
+
diff --git a/docs/re/radare2_cheatsheet.txt b/docs/re/radare2_cheatsheet.txt
new file mode 100644
index 0000000..7c30b89
--- /dev/null
+++ b/docs/re/radare2_cheatsheet.txt
@@ -0,0 +1,88 @@
+r2 command cheatsheet
+
+https://github.com/radareorg/radare2
+https://book.rada.re
+
+#Install
+git clone https://github.com/radareorg/radare2.git
+./sys/install.sh
+
+#Uninstall
+sudo make uninstall
+sudo make purge
+
+#Run Command From Shell Without Opening r2 Prompt
+r2 -q -c "<r2 command>" <target>
+
+#Generic
+? <expr>            expression evaluation/conversions
+!<command>          run shell command from inside r2
+s <addr>            seek to address
+
+#Useful Operators
+<command1>;<command2>               do command2 after command1
+"<command>"                         don't parse r2 operators in the command
+<command> `<inner command>`         run inner command and use its output in outer command
+<command> ~<word>                   grep output of command for lines matching word
+<command> @ <address>               temporarily seek to address and run command
+<command> @@ <flag>*                run command on every flag matching flag*
+<command> @@f                       run command on all functions
+<command> @@f:<func>                run command on all functions matching name
+<command> @@s:<from> <to> <step>    run command on each offset from->to incrementing by step
+
+#Info and Analysis
+i                   print file info (including binary info; e.g. rabin -I or checksec)
+ia                  print binary info, imported symbols, and exported symbols
+il                  print linked libraries
+iS                  print sections (with permissions)
+is                  print symbols
+ic                  print classes
+afl                 print functions
+ie                  print entry points
+iM                  print main's address
+iz                  print strings in data section
+izz                 print strings in whole binary
+aaa                 analyze all
+fs                  list flagspaces
+fs <flagspace>      set current flagspace
+f                   print current flagspace
+axt [<addr>]        show references to this address
+axf [<addr>]        show references from this address
+
+#Searching
+/ <string>              search for string
+/i <string>             case-insensitive search for string
+/e /<string>/<options>  regex search for string
+/R <opcodes>            search for opcodes
+/R/ <opcodes>           regex search for opcodes
+/v <value>              search for value
+/V <min> <max>          search for value in range
+/x <hex>                search for hex string
+
+#Print Address Contents
+pdf         print function disassembled
+pdc         print function in c-like pseudo-code
+pv          print value
+px          print hexdump
+ps          print string
+psz         print zero-terminated string
+
+#Tracking Things
+afn <func> [<addr>]         rename function at address
+afvn <arg> [<old_name>]     rename variable or function argument
+
+#Visual Mode
+V                       enter visual mode
+VV                      enter visual graph mode
+:                       open r2 cli
+p                       next screen
+P                       previous screen
+g <address>             seek to address 
+[tag next to call]      seek to tag (in visual mode)
+o[tag next to call]     seek to tag (in visual graph mode)
+x                       xrefs to
+X                       xrefs from
+m<key>                  mark offset (in visual mode)
+'<key>                  seek to marked offset (in visual mode)
+u                       undo seek
+U                       redo seek
diff --git a/docs/re/rep_prefix.txt b/docs/re/rep_prefix.txt
new file mode 100644
index 0000000..23e0cec
--- /dev/null
+++ b/docs/re/rep_prefix.txt
@@ -0,0 +1,18 @@
+The "rep" prefix on a string instruction repeats that string instruction for CX block loads.
+e.g.
+STOS is "Store String"
+It will store the value in AX at the address in RDI
+(technically, STOSB, STOSW, STOD, and STOSQ use AL, AX, EAX, and RAX respectively)
+If RCX = 0x20, RDI = some buffer, and RAX = 0,
+
+`rep stosq`
+
+is equivalent to:
+
+```
+buf_ptr = buf
+for(i = 0x20; i != 0; i--)
+    *buf_ptr = 0;
+    buf_ptr++;
+```
+