[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-85115":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":10,"totalLinesOfCode":10,"stars":12,"forks":13,"watchers":14,"openIssues":15,"contributorsCount":15,"subscribersCount":15,"size":15,"stars1d":15,"stars7d":15,"stars30d":15,"stars90d":15,"forks30d":15,"starsTrendScore":15,"compositeScore":16,"rankGlobal":10,"rankLanguage":10,"license":17,"archived":18,"fork":18,"defaultBranch":19,"hasWiki":20,"hasPages":18,"topics":21,"createdAt":10,"pushedAt":10,"updatedAt":33,"readmeContent":34,"aiSummary":10,"trendingCount":15,"starSnapshotCount":15,"syncStatus":35,"lastSyncTime":36,"discoverSource":37},85115,"grimoire","PentHertz\u002Fgrimoire","PentHertz","Offensive knowledge, offline. One search box for every playbook.","https:\u002F\u002Fpenthertz.com",null,"Python",113,11,80,0,39.24,"MIT License",false,"main",true,[22,23,24,25,26,27,28,29,30,31,32],"ble","bluetooth","documentation","glitching","hacker","mcp","offline","pentest","rfid","tricks","wifi","2026-06-15 10:04:26","# Grimoire\n\n**Offensive knowledge, offline. One search box for every playbook.**\n\n> by [Penthertz](https:\u002F\u002Fpenthertz.com) - part of the RF-Swift toolkit\n\nGrimoire clones a curated set of security knowledge bases, indexes all of their\nmarkdown\u002FYAML into a single full-text search index, and serves a fast web UI.\nType `ssrf`, `xss`, `sql`, `kerberoast`, `sudo`, `jwt`, ... and it instantly\nsurfaces the matching pages across *every* source - HackTricks,\nPayloadsAllTheThings, the OWASP guides, the living-off-the-land databases, and\nyour own notes - with a link back to each original.\n\nBuilt to run anywhere (single Python script, no mandatory services) and to be\nembedded in RF-Swift.\n\n```\n  GRIMOIRE   offensive knowledge, offline\n  > ssrf_   ->  HackTricks . PayloadsAllTheThings . WSTG . API Top 10 ...\n```\n\n\u003Cimg width=\"2967\" height=\"1484\" alt=\"glitch\" src=\"https:\u002F\u002Fgithub.com\u002Fuser-attachments\u002Fassets\u002Fa30c31bf-3a22-4e5d-9718-e062f2d563a4\" \u002F>\n\n\n## Features\n\n- **Unified search** over 20+ sources via SQLite **FTS5** with BM25 ranking -\n  one query language regardless of how each repo is authored (mdBook, mkdocs,\n  Jekyll, Hugo, plain markdown, YAML).\n- **Fully offline** once fetched. No telemetry, no external calls at runtime.\n- **Spawnable web service** - `grimoire.py serve` (bind host\u002Fport; run it in the\n  background or as a container service).\n- **Provenance** - every doc shows its source and a link to the **original file\n  on GitHub**, so you always know where guidance came from.\n- **Rich rendering** - images display and relative `.md` links navigate inside\n  the viewer (relative `\u003Cimg>`\u002Flinks are rewritten to a guarded `\u002Fasset` \u002F `\u002Fdoc`\n  endpoint). Note: for sparse sources (e.g. Ghidra), images stored outside the\n  checked-out paths won't be present - widen the source's `sparse:` list if needed.\n- **Copy-ready** - one-click copy buttons on every code\u002Fcommand block.\n- **OSINT note** - OSINT tools mostly target individuals; scope and document\n  collection to what an engagement justifies (GDPR), especially for named people.\n- **Obsidian-friendly** - point it at your vault; `[[wikilinks]]`, `#tags` and\n  YAML frontmatter are handled (links\u002Ftags become one-click searches).\n- **Bring your own docs** - drop markdown in `custom\u002F` or register a local path.\n- **Optional native builds** - render a source's own mdBook\u002Fmkdocs site when the\n  toolchain is present; search never depends on it.\n- **Attach an AI model (MCP)** - `grimoire.py mcp` exposes the index over the\n  Model Context Protocol, so Claude \u002F Codex \u002F Gemini \u002F any MCP client can search,\n  read docs, build source-backed technical checklists, assemble a topic's reads\n  into a complete cited tutorial, and review whether the docs are current \u002F find\n  better techniques. It also adapts to your **engagement context** (targets,\n  interfaces, hardware\u002FSDRs, SIM, RF) so suggestions fit your assessment.\n  Default `read` mode is read-only (no shell, no writes); opt into `--mode\n  assist|auto` to let it detect\u002Finstall missing tools (RF-Swift recipe, else the\n  host package manager) and run steps, behind a destructive-command denylist and\n  a target scope. See [docs\u002FMCP_TUTORIAL.md](docs\u002FMCP_TUTORIAL.md).\n\n## Sources\n\nCurated in [`sources.yaml`](sources.yaml), grouped by category:\n\n| Category | Sources |\n|---|---|\n| `wikis` | HackTricks, HackTricks Cloud, PayloadsAllTheThings, The Hacker Recipes, six2dez Pentest Book |\n| `ad-internal` | InternalAllTheThings, ired.team, OCD mindmaps |\n| `c2` | Sliver |\n| `hardware-iot` | HardwareAllTheThings |\n| `mobile` | OWASP MASTG, OWASP MASVS |\n| `web-api` | OWASP WSTG, Cheat Sheet Series, ASVS, API Security Top 10 |\n| `lotl` | GTFOBins, LOLBAS, GTFOArgs, LOLDrivers, LOOBins, WADComs |\n| `re-books` | mytechnotalent\u002FReverse-Engineering, Nightmare, how2heap (drop a PDF book in `custom\u002F` to add one) |\n| `re-tools` | radare2book, rizin book, angr docs, Ghidra (in-tree docs) |\n| `re-indexes` | Awesome-Reversing (ReversingID + tylerha97), reverse-engineering (wtsxDev), Awesome Malware Analysis, Awesome Android RE |\n| `firmware` | Awesome Firmware Security |\n| `osint` | awesome-osint (jivoi), OSINT Framework (JSON tree), OSINT Collection, Awesome-OSINT-List, osint_stuff_tool_collection, sinwindie\u002FOSINT, Trace Labs awesome-osint |\n| `dfir` | awesome-forensics, awesome-incident-response, awesome-memory-forensics, ForensicArtifacts, KapeFiles, CERT-SG IRM, PagerDuty IR, IR-plan-template, Velociraptor, Volatility 3, plaso, Dissect |\n| `glitching` | findus\u002Ffault-injection-library, ChipWhisperer (+ Jupyter Fault101\u002F201), ChipSHOUTER-PicoEMP, Faulty Cat, SimpleLink-FI, PicoGlitcher-LPC1343 |\n| `bluetooth` | awesome-bluetooth-security, BlueToolkit, Sniffle, Ubertooth, InternalBlue, SweynTooth, BrakTooth, KNOB\u002FBIAS\u002FBLUFFS, Mirage, BtleJack, bleah, OpenHaystack, Continuity, apple_bleee, BLE CTF |\n| `wifi` | awesome-wifi-security, 0xor0ne awesome-list, MacStealer\u002FFragAttacks\u002FKRACK (Vanhoef), Dragonslayer\u002FDragondrain\u002FDragonforce, hcxdumptool\u002Fhcxtools, aircrack-ng, AngryOxide, airgeddon, eaphammer, hostapd-mana, wifipumpkin3, DragonShift, WiFiChallengeLab |\n| `sdr` | PySDR, ThinkDSP, SDR-for-Engineers (lectures+labs), SDRangel, SDR++, inspectrum, URH, liquid-dsp, mhostetter\u002Fsdr, scikit-dsp-comm, CommPy, SoapySDR, learnSDR |\n| `compliance` | awesome-compliance, NIST OSCAL, OWASP SAMM (NIST PDFs \u002F CIS \u002F SCF crosswalk \u002F CCM \u002F SANS \u002F ANSSI-EBIOS \u002F NIS2-DORA-CRA \u002F CNIL \u002F CISO Assistant = drop-in or run-the-tool) |\n\n## Install & run\n\nInstall as a CLI with pipx (recommended) or pip - this puts `grimoire` on your PATH:\n\n```bash\npipx install .           # (from a checkout)\n\ngrimoire all                          # clone every source + build the index\ngrimoire serve                        # http:\u002F\u002F127.0.0.1:8000\ngrimoire mcp                          # attach an AI model over MCP\n```\n\nWhen installed, user state (the editable `sources.yaml`, `custom\u002F`, and the\n`data\u002F` index) lives in `$GRIMOIRE_HOME` (default `~\u002F.local\u002Fshare\u002Fgrimoire`);\nthe manifest is seeded from a packaged default on first run.\n\nOr run straight from a checkout (no install):\n\n```bash\npip install -r requirements.txt    # PyYAML + markdown (both optional-degrading)\n.\u002Fgrimoire.py all                  # clone every source + build the index\n.\u002Fgrimoire.py serve                # http:\u002F\u002F127.0.0.1:8000\n```\n\nSee [docs\u002FQUICKSTART.md](docs\u002FQUICKSTART.md) for the day-to-day commands and search tips.\n\n## Commands\n\n| Command | What it does |\n|---|---|\n| `fetch [--only N...]` | git clone\u002Fpull sources into `data\u002Fsources\u002F` |\n| `build` | optional native mdBook\u002Fmkdocs render into `data\u002Fbuild\u002F` |\n| `index [--force]` | incremental FTS5 index at `data\u002Findex.db` (only re-indexes sources whose git commit \u002F content changed; `--force` = full rebuild) |\n| `serve [--host H --port P]` | start the web search UI |\n| `all [--only N...]` | `fetch` + `index` |\n| `update [--only N...]` | refresh docs: `fetch` + `index` (alias of `all`) |\n| `mcp` | expose Grimoire over MCP (stdio) so an AI model can attach |\n\nDocs can also be refreshed live from the web UI with the **Update docs** button\n(runs a background `fetch` + reindex and streams progress).\n\n## Code layout (MVC)\n\nThe entrypoint `grimoire.py` is a thin launcher; the implementation lives in the\n`grimoire_app\u002F` package, split cleanly:\n\n| Module | Responsibility |\n|---|---|\n| `config.py` | filesystem paths + indexing constants (single source of truth) |\n| `model.py` | data: sources manifest, fetch, index, the `Index` store + search |\n| `view.py` | rendering: markdown\u002Fobsidian\u002Fpdf\u002Fnotebook -> safe HTML, CSP'd pages |\n| `controller.py` | HTTP handler + CLI commands wiring model and view together |\n| `mcp.py` | the MCP server (search\u002Fdocs\u002Fchecklist\u002Ftutorial\u002Freview tools + prompts) |\n| `context.py` | engagement context (targets, hardware, SIM, RF) for the MCP layer |\n| `runner.py` | gated execution: env detect, install resolver, command runner |\n\nThe package also ships `web\u002F` (the UI) and `sources.default.yaml` (the seed\nmanifest), so a pip\u002Fpipx install is self-contained.\n\nAll SQL is funnelled through `model.Index`, where every statement is\nparameterized (values are bound, never string-formatted), and free-text queries\npass through `_fts_query` (alphanumeric prefix tokens only) before reaching a\nMATCH expression - so a poisoned query can break out of neither the SQL nor the\nFTS5 grammar. The test suite includes dedicated SQLi, XSS, SSTI, CSRF, and\npath-traversal cases (`python3 -m unittest`).\n\n## How it works\n\n- **fetch** shallow-clones each `sources.yaml` repo into `data\u002Fsources\u002F\u003Cname>`.\n- **index** walks every `*.md` \u002F `*.markdown` \u002F `*.mdx` \u002F `*.rst` \u002F `*.yml` \u002F\n  `*.yaml` file (`.rst` so Sphinx-documented projects contribute their *full*\n  docs, not just the README) and stores it in a SQLite FTS5 table\n  (`data\u002Findex.db`) with BM25 ranking. This is the unified layer: all sources,\n  one query, regardless of authoring format. A source can pull extra extensions\n  with `index_ext:` (e.g. `.ipynb`, `.json`) and, to dump the maximum, sources\n  are indexed whole unless a `docs_dir:`\u002F`sparse:` is set to scope a huge repo.\n- **serve** is a dependency-free `http.server` exposing the UI plus a small API:\n  - `GET \u002F` search UI\n  - `GET \u002Fapi\u002Fsearch?q=&cat=` ranked JSON results (with highlighted snippets)\n  - `GET \u002Fapi\u002Fsources` categories for the filter chips\n  - `GET \u002Fdoc?src=&path=` renders a doc (markdown -> HTML) with an origin banner,\n    copy buttons and Obsidian link\u002Ftag handling\n- **build** (optional) runs `mdbook`\u002F`mkdocs` when available for pixel-perfect\n  browsing; the index always reads raw markdown so the tool works without it.\n\n## Add your own docs\n\nBoth are picked up by `grimoire.py index`:\n\n1. **Drop-in** - put markdown in [`custom\u002F`](custom\u002F) (indexed as source `custom`).\n2. **Registered path \u002F Obsidian vault** - add to `sources.yaml`:\n   ```yaml\n   - name: my-vault\n     title: My Vault\n     type: local\n     path: \u002Fhome\u002Fme\u002FObsidianVault\n     category: custom\n   ```\n\n## Embedding in RF-Swift\n\nGrimoire is the `grimoire.py` launcher + the `grimoire_app\u002F` package + manifest\n+ web dir, with no required services (stdlib `sqlite3` \u002F `http.server`;\n`PyYAML` \u002F `markdown` optional). To bake an\noffline knowledge base into an image: run `fetch` + `index` at build time, ship\n`data\u002Findex.db` (and `data\u002Fsources\u002F` for the doc viewer), then `grimoire.py\nserve` as a runtime command.\n\n## Security\n\nSee [docs\u002FSECURITY.md](docs\u002FSECURITY.md) for the threat model, the controls (parameterized\nSQL, CSP\u002FXSS, path-traversal and doc-extension allowlists, tool-name and git-URL\nvalidation, default-off execution), and the residual risks you must understand\nbefore exposing `serve` or enabling MCP `--mode assist|auto`.\n\n## License & attribution\n\nGrimoire's own code is released under the **MIT License** (see [`LICENSE`](LICENSE)).\n\nThe license covers Grimoire itself only. Grimoire aggregates and indexes\nthird-party documentation; each source keeps its own license and authorship,\nand is cloned at runtime rather than redistributed here. The origin banner in\nthe viewer links back to the upstream repository for every document. Review and\nrespect each project's license before redistribution.\n",2,"2026-06-15 02:30:02","CREATED_QUERY"]