Add RDP cache use-case files (#26053)

* Add content for RDP cache hunting usecase

* Add updated playbook

* Add updated playbook

* Fix context keys name

* fix bug with display rdp image

* Fix tag for display rdp image

* Fix validation errors

* Resolved conflicts

* Add README for automation script

* split automation scripts according to structure

* Add pack name as prefix to incident fields

* Update to CI by new pre-commit ruff

* Fix linting errors

* Update Docker image

* Move RDP scripts to commonScripts pack

* Remove scripts from RDP pack, moved to commonScripts pack

* Add BMCTool unitests

* Add BMCTool unitests

* Fix linter errors

* Remove dup StringSifter files

* Fix validation errors

* Remove script for displaying RDP image, implemented in playbook instead

* Fix validation error for missing field

* Add unitests

* Update script and args names

* Fix validation and linting errors

* Fix format and validation

* Update stringSimilarity task, removed old way to display image

* Fix some review comments

* Fix some review comments

* Modified command output to use CommandResults

* Modified command outputs to use CommandResults

* Fix review comments and updated ifelse logic

* Fix validation and lint errors

* Fix liner errors

* Fix validation errors

* Fix validation errors

* Fix duplicate 'description' key

* Remove duplicate description field

* Update docker image version tag

* Update image filename to fix validation error

* Fix validation errors

* Fix validation errors

* Fix validation error

* Add unitests

* Fix linting error

* Fix Linting errors

* Fix validation errors

* Update release notes

* Update release notes

* Fix mismatch fromversion value

* Fix validation errors

* Fix validation error

* Fix validation error for missing pack readme

* Bump pack from version CommonScripts to 1.11.90.

* Fix linting errors

* Improve unitests

* Improve unitests

* Improve unitests

* Update Packs/CommonScripts/Scripts/StringSimilarity/StringSimilarity.py

Co-authored-by: EyalPintzov <91007713+eyalpalo@users.noreply.github.com>

* Fix long lines

* Bump pack from version CommonScripts to 1.11.91.

* Bump pack from version CommonScripts to 1.11.92.

* Fix layout validation errors

* Added retry for safety

* Fix validation error due to wrong fields IDs

* Fix broken bmp format

* Update playbook docs

* Update release notes

* Update docker image tag

* Ignore long lines as shortening them breaks the code

* Fix dynamic-section results

* Fix validation

* Bump pack from version CommonScripts to 1.11.94.

* Bump pack from version CommonScripts to 1.11.95.

* Bump pack from version CommonScripts to 1.11.96.

* Bump pack from version CommonScripts to 1.11.97.

* Fix bug not adding indicators types to list

* Bump pack from version CommonScripts to 1.11.98.

* Bump pack from version CommonScripts to 1.11.99.

* Fix font size

* Fix issue with stringSimilarity table, Add stringSifter automation

* Fix similarity threshold

* Fix IndicatorsTypes dynamic section to use context instead of list

* Add missing IndicatorTypes

* Update release notes

* removed unused playbook

* Update release notes

* Bump pack from version CommonScripts to 1.12.3.

* Remove unused test data

* Bump pack from version CommonScripts to 1.12.4.

* Bump pack from version CommonScripts to 1.12.5.

* Fix review comments, removed unneeded PB image and fix script's readme

* Improve name according to review comment

* Fix review comments of wrong indicators query for new indicator types

* Fix review comments

* Changed script to save file as png

* Improved output file name

* Improved readme based on review comments

* Update review comments

* Fix review comments

* Fix review comments

* Fix review comments

* Update timeout and retries

* Bump pack from version CommonScripts to 1.12.6.

* Update Packs/CommonScripts/ReleaseNotes/1_12_6.md

Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>

* Update Packs/CommonScripts/ReleaseNotes/1_12_6.md

Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>

* Update Packs/CommonScripts/ReleaseNotes/1_12_6.md

Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>

* Update Packs/CommonScripts/Scripts/BMCTool/BMCTool.yml

Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>

* Update Packs/CommonScripts/Scripts/BMCTool/BMCTool.yml

Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>

* Update Packs/RDPCacheHunting/ReleaseNotes/1_0_1.md

Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>

* Update Packs/RDPCacheHunting/ReleaseNotes/1_0_1.md

Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>

* Update Packs/RDPCacheHunting/ReleaseNotes/1_0_1.md

Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>

* Update Packs/RDPCacheHunting/ReleaseNotes/1_0_1.md

Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>

* Update Packs/RDPCacheHunting/Scripts/SetRDPOverallScore/SetRDPOverallScore.yml

Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>

* Update Packs/CommonScripts/Scripts/BMCTool/README.md

Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>

* Update Packs/CommonScripts/Scripts/BMCTool/README.md

Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>

* Update Packs/CommonScripts/Scripts/StringSimilarity/README.md

Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>

* Update Packs/CommonScripts/Scripts/StringSimilarity/README.md

Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>

* Update Packs/CommonScripts/Scripts/StringSimilarity/README.md

Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>

* Update Packs/CommonScripts/Scripts/StringSimilarity/README.md

Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>

* Update Packs/CommonScripts/Scripts/StringSimilarity/README.md

Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>

* Update Packs/CommonScripts/Scripts/StringSimilarity/StringSimilarity.yml

Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>

* Update README.md

* Update Packs/RDPCacheHunting/Playbooks/playbook-RDP_Bitmap_Cache_-_Detect_and_Hunt.yml

Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>

* Fix validation errors

* Fix Validation errors and docs review comment

* Fix validation errors

* Fix validation errors, update docker image

* Fix validation errors, update docker image

* Fix docs review comments

* Fix validation errors

* Fix validation errors

* Fix validation errors

* Fix failing unitests

* Fix linter errors

* Fix linter errors

* Fix unitests coverage

* Add unitests

* Fix linter errors

* Fix linter errors

* Bump pack from version CommonScripts to 1.12.7.

* Improve unitests coverage

* Add unitests coverage

* Improved unitests coverage

* Fix validation errors

* Fix unitests errors

* Fix errors

* Fix unitests errors

---------

Co-authored-by: Content Bot <bot@demisto.com>
Co-authored-by: EyalPintzov <91007713+eyalpalo@users.noreply.github.com>
Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>

Packs/CommonScripts/ReleaseNotes/1_11_92.md

@@ -1,7 +1,7 @@
 
 #### Scripts
-
 ##### GetListRow
 
 - Fixed an issue where the results put in wrong context path.
 - Updated the Docker image to: *demisto/python3:3.10.12.63474*.
+

Packs/CommonScripts/ReleaseNotes/1_11_99.md

@@ -5,3 +5,4 @@
 - Updated the Docker image to: *demisto/python3:3.10.12.63474*.
 
 - Updated the regex for URL wrappers to allow safelinks without a scheme (i.e. - https).
+

Packs/CommonScripts/ReleaseNotes/1_12_7.md

@@ -0,0 +1,12 @@
+
+#### Scripts
+
+##### New: BMCTool
+
+New: Parse RDP bitmap cache data into a single collage image file. (Available from Cortex XSOAR 6.9.0).
+##### PreProcessImage
+
+Updated the Docker image to: *demisto/processing-image-file:1.0.0.64430*.
+##### New: StringSimilarity
+
+New: This automation calculates the similarity ratio between text and a list of strings and outputs a decimal value between 0.0 and 1.0 (1.0 if the sequences are identical, and 0.0 if they don't have anything in common). (Available from Cortex XSOAR 6.9.0).

Packs/CommonScripts/Scripts/BMCTool/BMCTool.yml

@@ -0,0 +1,32 @@
+args:
+- name: EntryID
+  description: The RDP cache file's entryID to process.
+- defaultValue: "False"
+  name: verbose
+  description: Should the command produce verbose output.
+- defaultValue: "64"
+  name: width
+  description: Image width.
+commonfields:
+  id: BMCTool
+  version: -1
+contentitemexportablefields:
+  contentitemfields:
+    fromServerVersion: ""
+dockerimage: demisto/python3:3.10.12.66339
+enabled: true
+name: BMCTool
+comment: Parse RDP bitmap cache data into a single collage image file.
+runas: DBotWeakRole
+runonce: false
+script: ''
+scripttarget: 0
+subtype: python3
+tags: []
+type: python
+fromversion: 6.9.0
+tests:
+- No tests (auto formatted)
+outputs:
+- contextPath: Collages
+  description: Collage image of the tiles from the RDP session cache.