Development

[FortiShield]

User description

Description

This PR fixes #

Notes for Reviewers

Signed commits

• [*] Yes, I signed my commits.

---

PR Type

Enhancement, Tests, Configuration changes, Documentation

---

Description

• Added steganograhy module with StegnoCrackerRepo class and CLI.
• Reordered imports across multiple files for consistency.
• Updated banners in __main__.py.
• Added custom PDM build script.
• Added scripts for formatting, linting, and testing code.
• Added GitHub Actions workflow for testing redistribution.
• Added citation file.
• Updated CNAME for GitHub Pages.
• Added StegoCracker to the list of packages.
• Added Docker Compose configuration.
• Added build system configuration and project metadata in pyproject.toml.
• Added main and development dependencies in requirements.txt and requirements-dev.txt.
• Updated Snapcraft configuration.

---

Changes walkthrough 📝

	Relevant files
Enhancement	8 files __init__.py Add module docstring and version definition.                          cybersf/init.py Added module docstring. Defined __version__. +3/-0      __main__.py Reorder imports and update banners.                                            cybersf/main.py Reordered imports. Added steganograhy module. Updated banners. +36/-30  __init__.py Add `steganograhy` module with CLI.                                            cybersf/steganograhy/init.py Added steganograhy module with cli and __tools__. +3/-0      cli.py Add CLI for `steganograhy` module.                                              cybersf/steganograhy/cli.py Added CLI for steganograhy module. +10/-0    stegocracker.py Add `StegnoCrackerRepo` class with run method.                      cybersf/steganograhy/stegocracker.py Added StegnoCrackerRepo class. Implemented run method. +22/-0    pdm_build.py Add custom PDM build script.                                                          pdm_build.py Added custom PDM build script. +39/-0    format.sh Add code formatting script.                                                            scripts/format.sh Added script for formatting code. +5/-0      lint.sh Add code linting script.                                                                  scripts/lint.sh Added script for linting code. +7/-0
Formatting	7 files config.py Remove unnecessary blank line.                                                      cybersf/core/config.py Removed unnecessary blank line. +0/-1      menu.py Reorder imports.                                                                                  cybersf/core/menu.py Reordered imports. +2/-3      repo.py Reorder imports.                                                                                  cybersf/core/repo.py Reordered imports. +3/-4      utilities.py Reorder imports.                                                                                  cybersf/core/utilities.py Reordered imports. +1/-2      __init__.py Add newline at end of file.                                                            cybersf/redteam_tools/init.py Added newline at end of file. +1/-1      cli.py Add newline at end of file.                                                            cybersf/redteam_tools/cli.py Added newline at end of file. +2/-1      nuclei.py Add newline at end of file.                                                            cybersf/redteam_tools/nuclei.py Added newline at end of file. +1/-1
Tests	3 files test-cov-html.sh Add test script with coverage report.                                        scripts/test-cov-html.sh Added script for running tests with coverage report. +8/-0      test.sh Add test script.                                                                                  scripts/test.sh Added script for running tests. +6/-0      test-redistribute.yml Add GitHub Actions workflow for testing redistribution.    .github/workflows/test-redistribute.yml Added GitHub Actions workflow for testing redistribution. +57/-0
Documentation	2 files CITATION.cff Add citation file.                                                                              CITATION.cff Added citation file. +23/-0    PACKAGES.md Add `StegoCracker` to packages list.                                          PACKAGES.md Added StegoCracker to the list of packages. +4/-0
Configuration changes	6 files CNAME Update CNAME for GitHub Pages.                                                      CNAME Updated CNAME for GitHub Pages. +1/-1      docker-compose.yml Add Docker Compose configuration.                                                docker-compose.yml Added Docker Compose configuration. +11/-0    pyproject.toml Add build system configuration and project metadata.          pyproject.toml Added build system configuration. Defined project metadata and dependencies. +87/-0    requirements-dev.txt Add development dependencies.                                                        requirements-dev.txt Added development dependencies. +3/-2      requirements.txt Add main and development dependencies.                                      requirements.txt Added main and development dependencies. +3/-0      snapcraft.yaml Update Snapcraft configuration.                                                    snap/snapcraft.yaml Updated Snapcraft configuration. +1/-1

---

💡 PR-Agent usage:
Comment /help on the PR to get a list of all available PR-Agent tools and their descriptions

[codiumai-pr-agent-free]

PR Reviewer Guide 🔍

⏱️ Estimated effort to review [1-5]	4
🧪 Relevant tests	No
🔒 Security concerns	- Command Injection: The use of `os.system` in `cybersf/steganograhy/stegocracker.py` with user input could lead to command injection vulnerabilities. Consider using more secure alternatives like `subprocess.run`.
⚡ Key issues to review	Possible Bug: The StegnoCrackerRepo class in cybersf/steganograhy/stegocracker.py takes user input for an email and uses it directly in a system call within os.system. This could potentially allow command injection if not properly sanitized.
	Code Organization: The reordering of imports in various files should be reviewed to ensure it follows PEP 8 guidelines and does not affect the functionality.
	Dependency Management: The addition of a custom PDM build script in pdm_build.py and modifications in pyproject.toml need thorough review to ensure they align with the project's build and deployment strategies.

[codiumai-pr-agent-free]

PR Code Suggestions ✨

Category	Suggestion	Score
Possible bug	Correct the typo in the module name for proper functionality It appears there's a typo in the import statement for the steganography module. Correct the module name to ensure proper functionality. cybersf/main.py [13] -import cybersf.steganograhy +import cybersf.steganography Suggestion importance[1-10]: 10 Why: The suggestion correctly identifies a typo in the import statement for the steganography module, which would cause an ImportError. Fixing this is crucial for the proper functionality of the code.	10
Enhancement	Add error handling to the run method to prevent runtime crashes The run method in StegnoCrackerRepo class should handle potential exceptions when changing directories or executing system commands to avoid runtime errors. cybersf/steganograhy/stegocracker.py [16-19] -os.chdir(self.full_path) -return os.system(f"python3 setup.py install {user_email}") +try: + os.chdir(self.full_path) + result = os.system(f"python3 setup.py install {user_email}") + if result != 0: + raise Exception("Command execution failed") + return result +except Exception as e: + console.log(f"Error: {str(e)}") + return -1 Suggestion importance[1-10]: 9 Why: The suggestion adds necessary error handling to the run method, which improves the robustness of the code by preventing potential runtime crashes due to unhandled exceptions.	9
	Verify DNS and SSL updates for the new CNAME Ensure that the DNS records and SSL certificates are updated to reflect the new CNAME of khulnasoft.github.io to avoid any disruptions in service. CNAME [1] +khulnasoft.github.io - Suggestion importance[1-10]: 6 Why: While this suggestion is important for ensuring service continuity, it is more of an operational task rather than a code change, hence a slightly lower score.	6
Security	Change the exposed SSH port to a non-standard port to enhance security Exposing port 22 directly can pose a security risk. Consider using a non-standard port externally or ensure that proper security measures like firewalls and SSH key authentication are enforced. docker-compose.yml [10-11] ports: - - 22:22 + - 2222:22 Suggestion importance[1-10]: 9 Why: Changing the exposed SSH port to a non-standard port is a significant security improvement, reducing the risk of automated attacks on the default SSH port.	9
Best practice	Add resource limits to the container configuration It's recommended to specify resource limits for the container to avoid potential resource exhaustion on the host machine. This can be done by adding mem_limit and cpu_shares properties under the service definition. docker-compose.yml [3-7] cybersf: image: khulnasoft/cybersf container_name: cybersf stdin_open: true tty: true + mem_limit: 500m + cpu_shares: 10 Suggestion importance[1-10]: 8 Why: Adding resource limits is a best practice to prevent resource exhaustion, which can improve the stability and reliability of the host machine.	8
	Check the usage of INSTALL_DIR and remove the import if it's not used The import of INSTALL_DIR has been added to cybersf/core/menu.py. Ensure that INSTALL_DIR is used in the file, or remove the import if it's unnecessary to avoid clutter. cybersf/core/menu.py [6] +# Ensure INSTALL_DIR is used or remove this import from cybersf.core.config import INSTALL_DIR Suggestion importance[1-10]: 7 Why: The suggestion is useful as it encourages the developer to verify the necessity of the INSTALL_DIR import, which helps in maintaining clean and uncluttered code.	7
Maintainability	Verify the necessity of newly added imports and remove if unused The import statements for RemoteProgress, Repo, BarColumn, Progress, and TaskID have been moved from the old hunk to the new hunk. Ensure that these modules are used in the file to justify their inclusion, or consider removing them if they are unused to clean up the code. cybersf/core/repo.py [9-10] +# Ensure these imports are necessary or remove them if not used from git import RemoteProgress, Repo from rich.progress import BarColumn, Progress, TaskID Suggestion importance[1-10]: 7 Why: The suggestion is valid as it prompts the developer to ensure that the newly added import statements are actually used in the code, which helps maintain code cleanliness and avoid unnecessary imports.	7
	Narrow the version range for pre-commit to avoid potential incompatibilities The version constraints for pre-commit are very broad. Consider narrowing the acceptable version range to ensure compatibility and prevent potential breaking changes with future versions. requirements.txt [7] -pre-commit >=2.17.0,<4.0.0 +pre-commit >=2.17.0,<3.0.0 Suggestion importance[1-10]: 7 Why: Narrowing the version range for pre-commit can help maintain compatibility and prevent issues with future versions, enhancing maintainability.	7