Git code

README.md

@@ -6,26 +6,61 @@ Please be gentle about my code. My time is limited and my worst Go code is faste
 
 **All utilities have a release of latest for AMD64 Linux, Mac and Windows**
 
+### Todo/Wishlist
+
+- Better error handling
+- Better flag management (doesn't enforce as it should)
+- Flag enhancement - More options for end users
+
+Some of these may be considered essential, but my priority is getting capabilities in the hands of users a la "better done than perfect" principle.
+
 ## DownloadSnap 
 
 This is a simple Go utility that can be used to download snapshots – This exists elsewhere but was written in Go for both performance and portability.
 
 **NOTE: Two months ago during the course of this research AWS Labs came out with development code for “coldsnap” which does this.** The DownloadSnap code is still being made available as historical/example code. Good to see they also came out with it in a compilable language :smile:
 
+```
+$ ./downloadsnap -h
+Usage of ./downloadsnap:
+  -id string
+    	Snapshot ID of the desired image (default "empty")
+  -region string
+    	Snapshot ID of the desired image (default "us-east-1")
+```
+
 ## DumpBlocks 
 
 Go utility to dump snapshot fragments in a folder based on the changed blocks. For instance, if 40MB continuous changes, then there’s another 60MB later on the disk that changed, it creates 40MB and 60MB files. This is useful for contextualizing interesting fragments.
 
 ```
-
+$ ./diffblocks  -h
+Usage of ./diffblocks:
+  -bar
+    	Whether you want a progress bar thrust upon you
+  -id string
+    	Snapshot ID of the desired image (default "empty")
+  -region string
+    	Snapshot ID of the desired image (default "us-east-1")
+  -second-id string
+    	Snapshot ID of the desired image (default "empty")
 ```
 
 ## ScanSecrets 
 
 Go utility augmenting Bishop Fox’s Dufflebag rules match function to scan a snapshot for potential hardcoded secrets. Amongst other things, this could be used to help enforce instance roles over hardcoded keys in a CI/CD environment.
 
 ```
-
+$ ./scansecrets -h
+Usage of ./scansecrets:
+  -bar
+    	Whether you want a progress bar thrust upon you
+  -dumpbytes
+    	Whether or not to dump the bytes in question to disk. It'd dump the second bytes, not their original values. It'll be called diff-snap-xxxx in the current directory.
+  -id string
+    	Snapshot ID of the desired image (default "empty")
+  -region string
+    	Snapshot ID of the desired image (default "us-east-1")
 ```
 
 ## DiffSecrets
@@ -35,5 +70,15 @@ Go utility augmenting Bishop Fox’s Dufflebag rules and match function to scan
 The ScanSecrets tool, but diffs two snapshots. This is a pretty niche but really valuable API (and, in my opinion, fun to play with). In testing this was able to sniff out hardcoded keys and backdoor /etc/shadow passwords left over after basic iterative AMI changes in seconds. On a home laptop on home WiFi.
 
 ```
+$ ./diffsecrets -h
+Usage of ./diffsecrets:
+  -bar
+    	Whether you want a progress bar thrust upon you
+  -id string
+    	Snapshot ID of the desired image (default "empty")
+  -region string
+    	Snapshot ID of the desired image (default "us-east-1")
+  -second-id string
+    	Snapshot ID of the desired image (default "empty")
+```
 
-```