icoa-cli 1.0.0

package/refs/gcc.txt

@@ -0,0 +1,66 @@
+GCC Compiler Quick Reference
+============================
+
+BASIC COMPILATION
+  gcc -o output source.c          Compile C
+  g++ -o output source.cpp        Compile C++
+  gcc -c source.c                 Compile only (no link)
+  gcc -S source.c                 Generate assembly
+  gcc -E source.c                 Preprocess only
+
+OPTIMIZATION
+  gcc -O0 source.c               No optimization (debug)
+  gcc -O1 source.c               Basic optimization
+  gcc -O2 source.c               Standard optimization
+  gcc -O3 source.c               Aggressive optimization
+  gcc -Os source.c               Optimize for size
+
+DEBUG
+  gcc -g source.c                Debug symbols (for GDB)
+  gcc -ggdb source.c             GDB-specific debug info
+
+WARNINGS
+  gcc -Wall source.c             All common warnings
+  gcc -Wextra source.c           Extra warnings
+  gcc -Werror source.c           Treat warnings as errors
+  gcc -pedantic source.c         Strict standard compliance
+
+SECURITY FLAGS
+  # Disable protections (for exploit development)
+  gcc -fno-stack-protector -z execstack -no-pie source.c -o vuln
+
+  # Disable specific protections
+  -fno-stack-protector           Disable stack canary
+  -z execstack                   Make stack executable (disable NX)
+  -no-pie                        Disable PIE
+  -Wl,-z,norelro                 Disable RELRO
+
+  # Enable protections
+  -fstack-protector-all          Enable stack canary
+  -pie -fPIE                     Enable PIE
+  -Wl,-z,relro,-z,now            Full RELRO
+  -D_FORTIFY_SOURCE=2            Buffer overflow detection
+
+LINKING
+  gcc source.c -lm               Link math library
+  gcc source.c -lpthread          Link pthreads
+  gcc source.c -lcrypto           Link OpenSSL crypto
+  gcc -static source.c            Static linking
+
+ARCHITECTURE
+  gcc -m32 source.c              Compile 32-bit
+  gcc -m64 source.c              Compile 64-bit
+  gcc -march=native source.c     Native architecture
+
+COMMON CTF PATTERNS
+  # Compile vulnerable binary for practice
+  gcc -fno-stack-protector -z execstack -no-pie -o vuln vuln.c
+
+  # Compile with debug symbols for reversing practice
+  gcc -g -O0 -o binary source.c
+
+  # Compile shellcode runner
+  gcc -z execstack -o runner runner.c
+
+  # Cross-compile
+  gcc -m32 -o binary32 source.c

package/refs/gdb.txt

@@ -0,0 +1,83 @@
+GDB / pwndbg Quick Reference
+============================
+
+STARTING
+  gdb ./binary                   Start debugging
+  gdb -q ./binary                Quiet mode
+  gdb -p PID                     Attach to process
+  gdb -args ./binary arg1 arg2   With arguments
+
+RUNNING
+  r / run                        Start program
+  r < input.txt                  With stdin from file
+  c / continue                   Continue execution
+  n / next                       Step over
+  s / step                       Step into
+  ni / si                        Next/step instruction
+  finish                         Run until return
+  kill                           Kill program
+
+BREAKPOINTS
+  b main                         Break at function
+  b *0x401000                    Break at address
+  b file.c:42                    Break at line
+  b *main+50                     Break at offset
+  info b                         List breakpoints
+  delete N                       Delete breakpoint N
+  disable N                      Disable breakpoint
+  enable N                       Enable breakpoint
+  watch *0x601000                Watchpoint (break on write)
+
+EXAMINING
+  x/10x $rsp                    10 hex words from RSP
+  x/20i $rip                    20 instructions from RIP
+  x/s addr                      String at address
+  x/10gx addr                   10 giant (64-bit) hex values
+  x/10wx addr                   10 word (32-bit) hex values
+  x/10bx addr                   10 bytes hex
+
+  p $rax                        Print register
+  p/x $rax                      Print in hex
+  p (int)$rax                   Print as int
+  info reg                      All registers
+
+MEMORY
+  vmmap                          Memory map (pwndbg)
+  search -s "flag"               Search memory for string
+  search -x 4141                 Search for hex pattern
+
+STACK
+  bt / backtrace                 Call stack
+  frame N                        Switch frame
+  info frame                     Frame details
+
+PWNDBG SPECIFIC
+  checksec                       Security mitigations
+  got                            GOT entries
+  plt                            PLT entries
+  heap                           Heap overview
+  bins                           Heap bins
+  telescope 20                   Smart stack view
+  cyclic 200                     Generate pattern
+  cyclic -l 0x41414141           Find pattern offset
+  rop                            ROP gadgets
+  canary                         Show stack canary
+  libc                           Libc base address
+
+SET VALUES
+  set $rax = 0                   Set register
+  set *(int*)0x601000 = 42       Set memory
+  set args "AAAA"                Set arguments
+
+COMMON CTF PATTERNS
+  # Find buffer overflow offset
+  cyclic 200 > pattern.txt
+  r < pattern.txt
+  # After crash:
+  cyclic -l $rsp
+
+  # Bypass check
+  b *check_password
+  r
+  set $rax = 1
+  c

package/refs/hashcat.txt

@@ -0,0 +1,64 @@
+Hashcat Quick Reference
+=======================
+
+BASIC USAGE
+  hashcat -m MODE hash.txt wordlist.txt
+  hashcat -m MODE hash.txt -a 3 ?a?a?a?a?a   (brute force)
+
+COMMON HASH MODES (-m)
+  0       MD5
+  100     SHA1
+  1400    SHA256
+  1700    SHA512
+  1800    sha512crypt ($6$)
+  3200    bcrypt
+  1000    NTLM
+  5600    NetNTLMv2
+  13100   Kerberos TGS-REP (Kerberoast)
+  22000   WPA-PBKDF2-PMKID+EAPOL
+  500     MD5crypt ($1$)
+  7400    SHA256crypt ($5$)
+  11600   7-Zip
+  13400   KeePass
+  16800   WPA-PMKID-PBKDF2
+
+ATTACK MODES (-a)
+  0       Dictionary (wordlist)
+  1       Combination (word1+word2)
+  3       Brute-force / mask
+  6       Wordlist + mask
+  7       Mask + wordlist
+
+MASK CHARSETS
+  ?l      Lowercase [a-z]
+  ?u      Uppercase [A-Z]
+  ?d      Digits [0-9]
+  ?s      Special chars
+  ?a      All printable
+  ?b      All bytes (0x00-0xff)
+
+RULES
+  hashcat -m 0 hash.txt wordlist.txt -r rules/best64.rule
+  hashcat -m 0 hash.txt wordlist.txt -r rules/rockyou-30000.rule
+
+OPTIONS
+  --show                  Show cracked passwords
+  --force                 Ignore warnings
+  -o output.txt           Output file
+  -w 3                    Workload profile (1-4)
+  --potfile-disable       Don't use potfile
+  --username               Hash file has usernames
+  -O                      Optimized kernels
+
+COMMON CTF PATTERNS
+  # MD5 dictionary
+  hashcat -m 0 hash.txt /usr/share/wordlists/rockyou.txt
+
+  # SHA256 with rules
+  hashcat -m 1400 hash.txt wordlist.txt -r rules/best64.rule
+
+  # Brute force 6-char alphanumeric
+  hashcat -m 0 hash.txt -a 3 ?a?a?a?a?a?a
+
+  # Known format: flag{????}
+  hashcat -m 0 hash.txt -a 3 "flag{?a?a?a?a}"

package/refs/hint.txt

@@ -0,0 +1,42 @@
+AI Hint System Reference
+========================
+
+LEVELS
+  Level A — General Guidance (50 uses)
+    - Conceptual direction only
+    - No specific vulnerability names
+    - No code or commands
+    - Guides you with questions
+
+  Level B — Deep Analysis (10 uses)
+    - May identify vulnerability types
+    - May suggest tool categories
+    - No complete commands
+    - No exploit code
+
+  Level C — Critical Assist (2 uses)
+    - Key conceptual breakthrough
+    - May name specific algorithms
+    - No complete exploit code
+    - No flags
+    - Requires confirmation before use
+
+USAGE TIPS
+  1. Open a challenge first: icoa ctf open <id>
+     This sets context for better hints.
+
+  2. Be specific in your question:
+     BAD:  "how do I solve this?"
+     GOOD: "what type of vulnerability might be in a login form
+            that doesn't sanitize input?"
+
+  3. Start with Level A — it's cheap (50 uses).
+     Only escalate to B/C when A isn't enough.
+
+  4. Check your budget: icoa hint budget
+
+TOKEN CAP
+  All AI usage shares a 50,000 token cap.
+  Level A uses ~500 tokens per query.
+  Level B uses ~1000 tokens per query.
+  Level C uses ~1500 tokens per query.

package/refs/icoa.txt

@@ -0,0 +1,36 @@
+ICOA CLI — Quick Reference
+==========================
+
+COMPETITION COMMANDS
+  icoa ctf join <url>          Connect to CTFd instance
+  icoa ctf activate <code>     Validate competition code
+  icoa ctf challenges          List all challenges
+  icoa ctf open <id>           View challenge details
+  icoa ctf submit <id> <flag>  Submit a flag
+  icoa ctf scoreboard          View scoreboard / rankings
+  icoa ctf status              Show hint budget, score, rank, time
+  icoa ctf time                Competition countdown timer
+
+AI HINT SYSTEM
+  icoa hint <question>         Level A — General guidance (50 uses)
+  icoa hint-b <question>       Level B — Deep analysis (10 uses)
+  icoa hint-c <question>       Level C — Critical assist (2 uses)
+  icoa hint budget             Show remaining hint budget
+
+TOOLS & FILES
+  icoa shell                   Open Docker sandbox environment
+  icoa ref <topic>             Quick reference (this system)
+  icoa files <id>              Download challenge files
+  icoa connect <id>            Connect to remote target
+  icoa note <text>             Add personal note
+  icoa log                     View session history
+
+LANGUAGE
+  icoa lang <code>             Switch language (en/zh/ja/ko/es)
+
+TIPS
+  - Use 'icoa ctf open <id>' before 'icoa hint' to set challenge context
+  - Level A hints are cheap — use them freely for direction
+  - Level C hints require confirmation — use wisely
+  - All prompts are logged automatically
+  - Use 'icoa ref <topic>' for zero-cost tool references

package/refs/john.txt

@@ -0,0 +1,74 @@
+John the Ripper Quick Reference
+================================
+
+BASIC USAGE
+  john hash.txt                  Auto-detect and crack
+  john --wordlist=words.txt hash.txt   Dictionary attack
+  john --show hash.txt           Show cracked passwords
+
+HASH FORMATS
+  john --format=raw-md5 hash.txt
+  john --format=raw-sha256 hash.txt
+  john --format=raw-sha512 hash.txt
+  john --format=bcrypt hash.txt
+  john --format=NT hash.txt          NTLM
+  john --format=sha512crypt hash.txt  Linux shadow
+
+  # List all formats
+  john --list=formats
+
+HASH EXTRACTION
+  # Linux shadow file
+  unshadow /etc/passwd /etc/shadow > hashes.txt
+
+  # ZIP file
+  zip2john file.zip > hash.txt
+
+  # RAR file
+  rar2john file.rar > hash.txt
+
+  # PDF
+  pdf2john file.pdf > hash.txt
+
+  # SSH private key
+  ssh2john id_rsa > hash.txt
+
+  # KeePass
+  keepass2john database.kdbx > hash.txt
+
+  # Office documents
+  office2john file.docx > hash.txt
+
+  # 7z archive
+  7z2john file.7z > hash.txt
+
+ATTACK MODES
+  # Wordlist
+  john --wordlist=/path/to/wordlist hash.txt
+
+  # Wordlist with rules
+  john --wordlist=words.txt --rules hash.txt
+  john --wordlist=words.txt --rules=jumbo hash.txt
+
+  # Incremental (brute force)
+  john --incremental hash.txt
+  john --incremental=digits hash.txt
+
+  # Mask
+  john --mask="?a?a?a?a?a" hash.txt
+
+OPTIONS
+  --fork=4                 Use 4 CPU cores
+  --session=name           Save session
+  --restore=name           Restore session
+  --pot=file               Custom potfile
+
+COMMON CTF PATTERNS
+  # Crack ZIP password
+  zip2john secret.zip > zip_hash.txt
+  john --wordlist=rockyou.txt zip_hash.txt
+  john --show zip_hash.txt
+
+  # Crack SSH key
+  ssh2john id_rsa > ssh_hash.txt
+  john --wordlist=rockyou.txt ssh_hash.txt

package/refs/linux.txt

@@ -0,0 +1,58 @@
+Linux Commands Quick Reference
+==============================
+
+FILE OPERATIONS
+  ls -la                 List files with details
+  cat file               Display file contents
+  head -n 20 file        First 20 lines
+  tail -n 20 file        Last 20 lines
+  less file              Page through file
+  find . -name "*.txt"   Find files by name
+  grep -r "pattern" .    Search file contents recursively
+  cp src dest            Copy file
+  mv src dest            Move/rename file
+  rm file                Delete file
+  chmod +x file          Make file executable
+  file filename          Determine file type
+
+TEXT PROCESSING
+  grep "pattern" file    Search for pattern
+  grep -i "pat" file     Case-insensitive search
+  sed 's/old/new/g' f    Replace text
+  awk '{print $1}' f     Print first column
+  sort file              Sort lines
+  uniq file              Remove duplicate lines
+  wc -l file             Count lines
+  cut -d: -f1 file       Cut fields by delimiter
+  tr 'a-z' 'A-Z'        Translate characters
+  xxd file               Hex dump
+  xxd -r hex.txt bin     Reverse hex dump
+
+SYSTEM
+  ps aux                 List processes
+  kill PID               Kill process
+  uname -a               System info
+  df -h                  Disk usage
+  free -m                Memory usage
+  which command          Find command location
+  env                    Show environment variables
+
+NETWORKING
+  curl URL               HTTP request
+  wget URL               Download file
+  ping host              Test connectivity
+  ss -tlnp               Show listening ports
+  ip addr                Show IP addresses
+  dig domain             DNS lookup
+
+PERMISSIONS
+  chmod 755 file         rwxr-xr-x
+  chmod 644 file         rw-r--r--
+  chown user:group file  Change ownership
+
+REDIRECTION
+  cmd > file             Redirect stdout to file
+  cmd >> file            Append stdout to file
+  cmd 2> file            Redirect stderr
+  cmd1 | cmd2            Pipe output
+  cmd < file             Redirect stdin from file

package/refs/nc.txt

@@ -0,0 +1,64 @@
+Netcat (nc) Quick Reference
+===========================
+
+BASIC CONNECTION
+  nc host port                   Connect to host:port
+  nc -v host port                Verbose connection
+  nc -nv host port               No DNS, verbose
+
+LISTENING
+  nc -lp port                    Listen on port
+  nc -lvp port                   Listen verbose
+  nc -lp port -e /bin/bash       Bind shell (dangerous)
+
+DATA TRANSFER
+  # Send file
+  nc -lp 4444 > received.txt                    (receiver)
+  nc host 4444 < send.txt                       (sender)
+
+  # Pipe command output
+  echo "data" | nc host port
+  cat file | nc host port
+
+SCANNING
+  nc -zv host 1-1000             Port scan
+  nc -zvw1 host 80               Single port check (-w1 = 1s timeout)
+
+OPTIONS
+  -l                             Listen mode
+  -p port                        Specify port
+  -v                             Verbose
+  -n                             No DNS resolution
+  -w seconds                     Timeout
+  -z                             Zero I/O (scan mode)
+  -u                             UDP mode
+  -e prog                        Execute program on connect
+  -k                             Keep listening after disconnect
+
+NCAT (enhanced netcat)
+  ncat --ssl host port           SSL/TLS connection
+  ncat -lp port --ssl            SSL listener
+  ncat --proxy proxyhost:port host port    Via proxy
+
+SOCAT (advanced)
+  socat TCP:host:port -          Basic connect
+  socat TCP-LISTEN:port -        Basic listen
+  socat TCP:host:port EXEC:/bin/bash   Connect shell
+  socat OPENSSL:host:443 -      SSL connect
+
+COMMON CTF PATTERNS
+  # Connect to challenge
+  nc challenge.ctf.com 1337
+
+  # Send payload
+  python3 -c "print('A'*100)" | nc host port
+
+  # Interactive + send file
+  (cat payload; cat -) | nc host port
+
+  # Receive then interact
+  nc host port
+  # type commands interactively
+
+  # Redirect to file for analysis
+  nc host port | tee output.txt

package/refs/nmap.txt

@@ -0,0 +1,57 @@
+Nmap Quick Reference
+====================
+
+BASIC SCANS
+  nmap target                    Default scan (top 1000 ports)
+  nmap -p 80,443 target          Specific ports
+  nmap -p 1-65535 target         All ports
+  nmap -p- target                All ports (shorthand)
+  nmap -F target                 Fast scan (top 100)
+
+SCAN TYPES
+  nmap -sT target                TCP connect scan
+  nmap -sS target                SYN scan (stealth, needs root)
+  nmap -sU target                UDP scan
+  nmap -sV target                Version detection
+  nmap -sC target                Default scripts
+  nmap -A target                 Aggressive (OS + version + scripts)
+  nmap -O target                 OS detection
+
+SERVICE / VERSION
+  nmap -sV target                Detect service versions
+  nmap -sV --version-intensity 5 target   More aggressive
+
+SCRIPTS
+  nmap --script=default target   Default scripts
+  nmap --script=vuln target      Vulnerability scripts
+  nmap --script=http-enum target HTTP enumeration
+  nmap --script=smb-vuln* target SMB vulnerabilities
+
+OUTPUT
+  nmap -oN output.txt target     Normal output
+  nmap -oX output.xml target     XML output
+  nmap -oG output.gnmap target   Grepable output
+  nmap -oA basename target       All formats
+
+HOST DISCOVERY
+  nmap -sn 10.0.0.0/24          Ping sweep (no port scan)
+  nmap -Pn target                Skip host discovery
+
+TIMING
+  nmap -T0 target                Paranoid (slowest)
+  nmap -T3 target                Normal (default)
+  nmap -T4 target                Aggressive
+  nmap -T5 target                Insane (fastest)
+
+COMMON CTF COMBOS
+  # Full enumeration
+  nmap -sC -sV -p- target
+
+  # Quick overview
+  nmap -sV -F target
+
+  # UDP + TCP
+  nmap -sS -sU -p 1-1000 target
+
+  # Script scan for HTTP
+  nmap --script=http-* -p 80,443,8080 target

package/refs/numpy.txt

@@ -0,0 +1,59 @@
+NumPy Quick Reference
+=====================
+
+IMPORT
+  import numpy as np
+
+ARRAY CREATION
+  np.array([1, 2, 3])           From list
+  np.zeros((3, 4))              3x4 zeros
+  np.ones((3, 4))               3x4 ones
+  np.arange(0, 10, 2)           [0, 2, 4, 6, 8]
+  np.linspace(0, 1, 5)          5 evenly spaced [0,1]
+  np.eye(3)                     3x3 identity matrix
+  np.random.randint(0, 256, 100)  Random integers
+  np.frombuffer(data, dtype=np.uint8)  From bytes
+
+ARRAY INFO
+  a.shape                       Dimensions
+  a.dtype                       Data type
+  a.size                        Total elements
+  a.ndim                        Number of dimensions
+
+OPERATIONS
+  a + b                         Element-wise add
+  a * b                         Element-wise multiply
+  a @ b / np.dot(a, b)          Matrix multiply
+  a.T                           Transpose
+  np.linalg.inv(a)              Inverse
+  np.linalg.det(a)              Determinant
+  np.linalg.solve(A, b)         Solve Ax = b
+
+TYPE CONVERSION
+  a.astype(np.uint8)            Convert type
+  a.tobytes()                   Array → bytes
+  np.frombuffer(b, np.uint8)    Bytes → array
+
+INDEXING
+  a[0]                          First element
+  a[-1]                         Last element
+  a[1:5]                        Slice
+  a[a > 5]                      Boolean indexing
+  a.reshape(3, 4)               Reshape
+
+USEFUL FOR CTF
+  # XOR arrays
+  result = np.bitwise_xor(a, b)
+
+  # Byte frequency analysis
+  data = np.frombuffer(file_bytes, dtype=np.uint8)
+  unique, counts = np.unique(data, return_counts=True)
+
+  # Image as array
+  from PIL import Image
+  img_array = np.array(Image.open("img.png"))
+  # img_array.shape → (height, width, channels)
+
+  # Matrix operations for crypto
+  M = np.array([[1,2],[3,4]], dtype=np.int64)
+  result = np.linalg.matrix_power(M, n)

package/refs/openssl.txt

@@ -0,0 +1,75 @@
+OpenSSL Quick Reference
+=======================
+
+HASHING
+  echo -n "text" | openssl md5
+  echo -n "text" | openssl sha1
+  echo -n "text" | openssl sha256
+  openssl dgst -sha256 file       Hash a file
+
+ENCODING / DECODING
+  echo -n "text" | openssl base64          Encode base64
+  echo "dGV4dA==" | openssl base64 -d      Decode base64
+  echo -n "text" | openssl enc -base64     Same as above
+  xxd -p file                              Hex encode
+
+SYMMETRIC ENCRYPTION
+  # AES-256-CBC encrypt
+  openssl enc -aes-256-cbc -salt -in plain.txt -out enc.bin -k password
+
+  # AES-256-CBC decrypt
+  openssl enc -aes-256-cbc -d -in enc.bin -out plain.txt -k password
+
+  # Specify IV and key directly
+  openssl enc -aes-128-cbc -d -in enc.bin \
+    -K 000102030405060708090a0b0c0d0e0f \
+    -iv 00112233445566778899aabbccddeeff
+
+RSA KEY OPERATIONS
+  # Generate RSA key
+  openssl genrsa -out private.pem 2048
+
+  # Extract public key
+  openssl rsa -in private.pem -pubout -out public.pem
+
+  # View key details
+  openssl rsa -in private.pem -text -noout
+
+  # View public key details
+  openssl rsa -pubin -in public.pem -text -noout
+
+  # Encrypt with public key
+  openssl rsautl -encrypt -pubin -inkey pub.pem -in plain.txt -out enc.bin
+
+  # Decrypt with private key
+  openssl rsautl -decrypt -inkey priv.pem -in enc.bin -out plain.txt
+
+CERTIFICATES
+  # View certificate
+  openssl x509 -in cert.pem -text -noout
+
+  # Extract public key from cert
+  openssl x509 -in cert.pem -pubkey -noout
+
+  # Generate self-signed cert
+  openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 365
+
+  # Check cert expiry
+  openssl x509 -in cert.pem -noout -dates
+
+SSL / TLS
+  # Connect and show cert
+  openssl s_client -connect host:443
+
+  # Show cert chain
+  openssl s_client -showcerts -connect host:443
+
+COMMON CTF PATTERNS
+  # Decode base64 encoded flag
+  echo "aWNvYXtmbGFnfQ==" | openssl base64 -d
+
+  # Extract RSA parameters for crypto challenge
+  openssl rsa -pubin -in pub.pem -text -noout | grep -E "Modulus|Exponent"
+
+  # Decrypt with known key
+  openssl enc -aes-128-ecb -d -in encrypted -K "$(echo -n key | xxd -p)" -nopad