Add commands

Author: SimonSchubert

assets/commands/ges-launch-1.0.md

@@ -0,0 +1,115 @@
+# TAGLINE
+
+Create and render GStreamer multimedia timelines
+
+# TLDR
+
+**Play back a media file** on the timeline
+
+```ges-launch-1.0 +clip [path/to/file.mp4]```
+
+**Render a timeline** to an output file
+
+```ges-launch-1.0 +clip [path/to/input.mp4] -o file:///[path/to/output.webm]```
+
+**Add a clip with a specific duration** (in nanoseconds)
+
+```ges-launch-1.0 +clip [path/to/file.mp4] duration=[5000000000]```
+
+**Apply a video effect** to a clip
+
+```ges-launch-1.0 +clip [path/to/file.mp4] +effect videobalance saturation=[0.0]```
+
+**Load an existing project** file
+
+```ges-launch-1.0 -l [path/to/project.xges]```
+
+**Add a title clip** to the timeline
+
+```ges-launch-1.0 +title text="[Hello World]" duration=[3000000000]```
+
+# SYNOPSIS
+
+**ges-launch-1.0** [_options_] [_commands_]
+
+# PARAMETERS
+
+**-h**, **--help**
+> Display help options.
+
+**--help-all**
+> Display all available help options.
+
+**--help-gst**
+> Display GStreamer-specific options.
+
+**-l**, **--load** _URI_
+> Load an existing project from a .xges file.
+
+**-s**, **--save** _URI_
+> Save the current timeline to a project file before rendering.
+
+**-p**, **--sample-path** _PATH_
+> Search for missing assets in the specified directory.
+
+**-o**, **--outputuri** _URI_
+> Render the timeline to the given file URI instead of playing it back.
+
+**-f**, **--format** _PROFILE_
+> Specify the encoding profile from the command line.
+
+**-e**, **--encoding-profile** _PRESET_
+> Use an encoding profile preset.
+
+**-t**, **--track-types** _TYPES_
+> Define which track types to create (audio, video, or both).
+
+**-v**, **--videosink** _SINK_
+> Set the video output sink for playback.
+
+**-a**, **--audiosink** _SINK_
+> Set the audio output sink for playback.
+
+**-m**, **--mute**
+> Mute audio and video during playback.
+
+**--disable-mixing**
+> Disable layer mixing and compositing.
+
+**--list-transitions**
+> List all valid transition types and exit.
+
+**-r**, **--repeat** _N_
+> Repeat the timeline _N_ times.
+
+# TIMELINE COMMANDS
+
+**+clip** _URI_ [_inpoint=ns_] [_duration=ns_] [_start=ns_] [_layer=n_]
+> Add a media clip to the timeline. Times are in nanoseconds.
+
+**+effect** _BIN-DESCRIPTION_
+> Apply a GStreamer bin effect to the preceding clip (uses gst-launch syntax).
+
+**+title** [_text=STRING_] [_duration=ns_]
+> Insert a title text clip into the timeline.
+
+**set-** _PROPERTY_ _VALUE_
+> Set a property on a timeline object (clip, effect) by name.
+
+# DESCRIPTION
+
+**ges-launch-1.0** is the command-line tool for the **GStreamer Editing Services** (GES) library. It constructs multimedia timelines from clips, effects, and titles, then either plays them back in real time or renders them to a file in a specified format. Timelines can be built from command-line arguments or loaded from existing **.xges** project files.
+
+The tool leverages the full GStreamer pipeline framework, meaning any format or codec supported by GStreamer can be used for input and output. It is commonly used for quick video editing tasks, automated rendering pipelines, and testing GES functionality.
+
+# CAVEATS
+
+Duration and time values are specified in **nanoseconds**, which can be unintuitive (1 second = 1000000000). The rendering format depends on available GStreamer plugins and encoding profiles; missing plugins will cause silent failures or cryptic errors. Complex timelines are better managed through the .xges project file format or a GUI editor like **Pitivi** rather than long command-line invocations.
+
+# HISTORY
+
+GES was developed as part of the **GStreamer** project to provide a high-level editing API on top of GStreamer's media framework. The **ges-launch-1.0** tool was introduced alongside the GES library to allow command-line timeline construction and rendering. It is closely tied to the **Pitivi** video editor, which uses GES as its backend engine. The tool follows the GStreamer 1.x versioning scheme.
+
+# SEE ALSO
+
+[gst-launch-1.0](/man/gst-launch-1.0)(1), [gst-inspect-1.0](/man/gst-inspect-1.0)(1), [ffmpeg](/man/ffmpeg)(1)

assets/commands/gst-transcoder-1.0.md

@@ -0,0 +1,82 @@
+# TAGLINE
+
+GStreamer media transcoder
+
+# TLDR
+
+**Transcode a video file** to WebM format (auto-detected from extension)
+
+```gst-transcoder-1.0 file:///[path/to/input.mp4] file:///[path/to/output.webm]```
+
+**Transcode with a specific encoding format**
+
+```gst-transcoder-1.0 file:///[path/to/input.mp4] file:///[path/to/output.mkv] "[encoding_format]"```
+
+**Transcode and resize** the video to a specific frame size
+
+```gst-transcoder-1.0 -s [1280x720] file:///[path/to/input.mp4] file:///[path/to/output.mp4]```
+
+**Transcode with a specific video framerate**
+
+```gst-transcoder-1.0 -f [30/1] file:///[path/to/input.mp4] file:///[path/to/output.mp4]```
+
+**List all available encoding targets**
+
+```gst-transcoder-1.0 -l```
+
+**Limit CPU usage** during transcoding
+
+```gst-transcoder-1.0 -c [50] file:///[path/to/input.mp4] file:///[path/to/output.mp4]```
+
+# SYNOPSIS
+
+**gst-transcoder-1.0** [_options_] _input-uri_ _output-uri_ [_encoding-format_[/_profile-name_]]
+
+# PARAMETERS
+
+**-h**, **--help**
+> Show help options.
+
+**--help-all**
+> Show all help options.
+
+**--help-gst**
+> Show GStreamer-specific options.
+
+**-c**, **--cpu-usage** _PERCENT_
+> Target CPU usage percentage for the transcoding process.
+
+**-l**, **--list-targets**
+> List all available encoding targets and exit.
+
+**-s**, **--size** _WxH_
+> Set the output video frame size (e.g. 1280x720).
+
+**-r**, **--audio-rate** _HZ_
+> Set the audio sampling rate in Hz.
+
+**-f**, **--framerate** _FRACTION_
+> Set the video framerate as a fraction (e.g. 24/1) or a single number (e.g. 24).
+
+**-v**, **--video-encoder** _ENCODER_
+> Specify the video encoder element to use.
+
+# DESCRIPTION
+
+**gst-transcoder-1.0** is a command-line tool that transcodes multimedia streams from one format to another using the GStreamer framework. It reads from an input URI, processes the media, and writes to an output URI in the specified encoding format.
+
+The encoding format can be specified explicitly as a serialization string (e.g. **muxer_caps:video_caps:audio_caps**), as a named target from **.gep** profile files, or omitted entirely to let the tool guess the format from the output file extension.
+
+The tool uses the GStreamer Transcoder API internally, leveraging **decodebin** and **encodebin** elements for automatic format detection and encoding.
+
+# CAVEATS
+
+Input and output paths must be specified as URIs with the **file:///** prefix, not as plain file paths. The available encoding formats depend on which GStreamer plugins are installed on the system. The CPU usage throttling is approximate and depends on system load. Complex transcoding scenarios may require explicit encoding format strings rather than relying on file extension detection.
+
+# HISTORY
+
+**gst-transcoder-1.0** was originally developed as part of the **Pitivi** video editor project to provide transcoding functionality. It was later integrated into **gst-plugins-bad**, becoming a standard GStreamer utility. The tool builds on the GstTranscoder library, which provides a simplified high-level API for media transcoding on top of GStreamer's pipeline framework.
+
+# SEE ALSO
+
+[gst-launch-1.0](/man/gst-launch-1.0)(1), [gst-inspect-1.0](/man/gst-inspect-1.0)(1), [ges-launch-1.0](/man/ges-launch-1.0)(1), [ffmpeg](/man/ffmpeg)(1)

assets/commands/impacket-dumpntlminfo.md

@@ -0,0 +1,64 @@
+# TAGLINE
+
+Dump remote host NTLM authentication information
+
+# TLDR
+
+**Dump NTLM info** from a target host via SMB
+
+```impacket-dumpntlminfo [192.168.1.100]```
+
+**Dump NTLM info** using a specific port
+
+```impacket-dumpntlminfo -port [139] [192.168.1.100]```
+
+**Dump NTLM info** using RPC protocol instead of SMB
+
+```impacket-dumpntlminfo -protocol RPC [192.168.1.100]```
+
+**Dump NTLM info** with a specific target IP
+
+```impacket-dumpntlminfo -target-ip [192.168.1.100] [hostname]```
+
+**Enable debug output** for troubleshooting
+
+```impacket-dumpntlminfo -debug [192.168.1.100]```
+
+# SYNOPSIS
+
+**impacket-dumpntlminfo** [_-debug_] [_-ts_] [_-target-ip IP_] [_-port PORT_] [_-protocol {SMB,RPC}_] _target_
+
+# PARAMETERS
+
+**-debug**
+> Turn DEBUG output on.
+
+**-ts**
+> Add timestamp to every logging output.
+
+**-target-ip** _IP_
+> IP address of the target machine. Useful when target is a NetBIOS name that cannot be resolved.
+
+**-port** _PORT_
+> Destination port to connect to the SMB/RPC server. Default is 445.
+
+**-protocol** {**SMB**, **RPC**}
+> Protocol to use. Default is SMB. Port 135 normally uses RPC.
+
+# DESCRIPTION
+
+**impacket-dumpntlminfo** performs NTLM authentication against a remote host and extracts information from the NTLM challenge response, **without requiring any credentials**. By initiating an SMB or RPC connection, the tool triggers an NTLM authentication handshake and parses the server's response to reveal details such as the hostname, domain name, DNS information, OS version, and timestamp.
+
+This is useful for reconnaissance during penetration testing, as it provides network and host information without authentication.
+
+# CAVEATS
+
+Only works against hosts with SMB or RPC services exposed. Firewalls or security policies may block unauthenticated NTLM negotiation. The amount of information returned depends on the target's SMB/RPC configuration and Windows version.
+
+# HISTORY
+
+Part of the **Impacket** library, originally developed by **SecureAuth** (now **Fortra**). Impacket is a collection of Python classes for working with network protocols, widely used in penetration testing and security research. The tool leverages the NTLM authentication handshake to extract server metadata without credentials.
+
+# SEE ALSO
+
+[impacket-psexec](/man/impacket-psexec)(1), [impacket-smbclient](/man/impacket-smbclient)(1), [impacket-rpcdump](/man/impacket-rpcdump)(1)

assets/commands/impacket-getst.md

@@ -0,0 +1,101 @@
+# TAGLINE
+
+Request a Kerberos Service Ticket and save as ccache
+
+# TLDR
+
+**Request a service ticket** for a specific SPN
+
+```impacket-getst -spn '[cifs/target.domain.com]' '[domain]/[user]:[password]'```
+
+**Request a service ticket** using an NTLM hash
+
+```impacket-getst -spn '[cifs/target.domain.com]' -hashes ':[nthash]' '[domain]/[user]'```
+
+**Impersonate a user** via S4U2Self and S4U2Proxy (delegation attack)
+
+```impacket-getst -spn '[cifs/target.domain.com]' -impersonate '[administrator]' '[domain]/[user]:[password]'```
+
+**Request a service ticket** using Kerberos authentication from ccache
+
+```impacket-getst -spn '[cifs/target.domain.com]' -k -no-pass '[domain]/[user]'```
+
+**Request a service ticket** using an AES key
+
+```impacket-getst -spn '[cifs/target.domain.com]' -aesKey '[aes256key]' '[domain]/[user]'```
+
+**Request a User-to-User ticket**
+
+```impacket-getst -u2u -spn '[cifs/target.domain.com]' '[domain]/[user]:[password]'```
+
+# SYNOPSIS
+
+**impacket-getst** [_-spn SPN_] [_-impersonate USER_] [_-altservice SPN_] [_-additional-ticket FILE_] [_-hashes LMHASH:NTHASH_] [_-aesKey KEY_] [_-k_] [_-no-pass_] [_-dc-ip IP_] _identity_
+
+# PARAMETERS
+
+**-spn** _SPN_
+> Service Principal Name (service/server) of the target service.
+
+**-altservice** _SPN_
+> Set a new sname/SPN in the resulting ticket.
+
+**-impersonate** _USER_
+> Target username to impersonate via S4U2Self. Requires delegation privileges.
+
+**-additional-ticket** _FILE_
+> Include a forwardable service ticket in an S4U2Proxy request for RBCD + KCD.
+
+**-dmsa**
+> Use Delegated Managed Service Accounts.
+
+**-u2u**
+> Request a User-to-User ticket.
+
+**-self**
+> Only perform S4U2Self, skip S4U2Proxy.
+
+**-force-forwardable**
+> Force the S4U2Self service ticket to be forwardable.
+
+**-renew**
+> Renew the TGT used for authentication.
+
+**-ts**
+> Add timestamp to every logging output.
+
+**-debug**
+> Turn DEBUG output on.
+
+**-hashes** _LMHASH:NTHASH_
+> Use NTLM hashes for authentication instead of password.
+
+**-no-pass**
+> Do not prompt for password (useful with -k).
+
+**-k**
+> Use Kerberos authentication from ccache file (KRB5CCNAME).
+
+**-aesKey** _KEY_
+> AES key for Kerberos authentication (128 or 256 bit).
+
+**-dc-ip** _IP_
+> IP address of the domain controller.
+
+# DESCRIPTION
+
+**impacket-getst** requests a Kerberos Service Ticket (ST) from an Active Directory domain controller and saves it as a ccache file. It supports standard ticket requests, S4U2Self/S4U2Proxy delegation attacks for user impersonation, and User-to-User authentication.
+
+This tool is commonly used in penetration testing for Kerberos delegation abuse (constrained delegation, resource-based constrained delegation) where an attacker with delegation privileges can impersonate any user to a target service. The resulting ccache file can be used with other tools via the **KRB5CCNAME** environment variable.
+
+# CAVEATS
+
+Requires a valid TGT or credentials. Impersonation via S4U2Self/S4U2Proxy requires the identity account to have delegation privileges configured in Active Directory. Time synchronization between client and KDC must be within 5 minutes. The **-force-forwardable** flag exploits CVE-2020-17049 (Bronze Bit) and may not work on patched domain controllers.
+
+# HISTORY
+
+Part of the **Impacket** library by **SecureAuth** (now **Fortra**). The S4U extensions (S4U2Self and S4U2Proxy) were originally designed by Microsoft for constrained delegation scenarios. Security researchers discovered that these mechanisms could be abused for privilege escalation, making getST a key tool in Kerberos-based attack chains.
+
+# SEE ALSO
+
+[impacket-gettgt](/man/impacket-gettgt)(1), [impacket-getuserspns](/man/impacket-getuserspns)(1), [impacket-secretsdump](/man/impacket-secretsdump)(1), [klist](/man/klist)(1)