add caido

0xbbuddha · 0xbbuddha · commit cdb39136450a · 2026-03-25T17:38:32.000+01:00
diff --git a/src/pages/docs/ImagesPage.tsx b/src/pages/docs/ImagesPage.tsx
@@ -261,7 +261,7 @@ nihil tools ctf --category redteam_pwn`}
                 <h3 className="text-lg font-medium text-white">Key tools by category</h3>
                 <div className="space-y-4">
                   {[
-                    { cat: 'Enum/Recon', tools: 'bloodhound, netexec, ldapdomaindump, enum4linux-ng, windapsearch, pywerview, ldapsearch-ad' },
+                    { cat: 'Enum/Recon', tools: 'bloodhound, bloodhound-ce, netexec, ldapdomaindump, enum4linux-ng, windapsearch, pywerview, ldapsearch-ad' },
                     { cat: 'Exploitation', tools: 'impacket, certipy, bloodyAD, coercer, pywhisker, PetitPotam, noPac, zerologon' },
                     { cat: 'Credential', tools: 'lsassy, donpapi, pypykatz, hashcat, john, masky' },
                     { cat: 'Relay/Coercion', tools: 'responder, mitm6, krbrelayx, ShadowCoerce, DFSCoerce' },
@@ -316,7 +316,7 @@ nihil tools ctf --category redteam_pwn`}
                     { cat: 'Exploitation', tools: 'sqlmap, commix, xsstrike, tplmap, nosqlmap, graphqlmap, jwt-tool, gopherus' },
                     { cat: 'Proxy', tools: 'mitmproxy, httpie' },
                     { cat: 'SSRF/CORS', tools: 'ssrfmap, corsy, crlfuzz' },
-                    { cat: 'Resources', tools: 'PayloadsAllTheThings, SecLists' },
+                    { cat: 'Resources', tools: 'PayloadsAllTheThings, SecLists, Caido' },
                   ].map((row) => (
                     <div key={row.cat} className="p-3 rounded-xl bg-gradient-to-r from-purple-500/5 to-transparent border border-purple-500/20">
                       <p className="text-sm font-medium text-purple-300">{row.cat}</p>
@@ -457,6 +457,7 @@ const coreTools: Tool[] = [
 const adTools: Tool[] = [
   { name: 'bloodhound', cmd: 'bloodhound-python', desc: 'AD attack path visualization (ingestor)' },
   { name: 'bloodhound-ce-python', cmd: 'bloodhound-ce-python', desc: 'BloodHound CE Python ingestor' },
+  { name: 'bloodhound-ce', cmd: 'bloodhound-ce', desc: 'BloodHound CE desktop client' },
   { name: 'netexec', cmd: 'netexec', desc: 'SMB/LDAP/WinRM/SSH exploitation framework' },
   { name: 'impacket', cmd: 'secretsdump.py', desc: 'Windows protocol library (Fortra)' },
   { name: 'certipy', cmd: 'certipy', desc: 'ADCS enumeration and exploitation' },
@@ -529,6 +530,8 @@ const webTools: Tool[] = [
   { name: 'waybackurls', cmd: 'waybackurls', desc: 'Fetch URLs from Wayback Machine' },
   { name: 'droopescan', cmd: 'droopescan', desc: 'Drupal/CMS scanner' },
   { name: 'cmsmap', cmd: 'cmsmap', desc: 'CMS exploitation' },
+  { name: 'caido-desktop', cmd: 'caido', desc: 'Caido desktop security auditing toolkit (UI)' },
+  { name: 'caido-cli', cmd: 'caido-cli', desc: 'Caido command-line interface' },
 ];
 
 const networkTools: Tool[] = [
diff --git a/src/pages/docs/ServicePage.tsx b/src/pages/docs/ServicePage.tsx
@@ -26,6 +26,7 @@ export const ServicePage: React.FC = () => {
                 'Browser UI is an optional per-container session service.',
                 'Default Browser UI port is random in 6901-6999.',
                 'You can force a fixed port with --browser-ui-port.',
+                'BloodHound CE UI convention is port 1030 when service profile is enabled.',
               ]}
             />
           </section>
@@ -58,6 +59,23 @@ export const ServicePage: React.FC = () => {
             </Callout>
           </section>
 
+          <section id="bloodhound-ce" className="space-y-4">
+            <h2 className="text-xl font-semibold text-white">BloodHound CE (AD service profile)</h2>
+            <p className="text-slate-400 text-sm">
+              BloodHound CE usually exposes its web UI on <code>localhost:1030</code>, with backend
+              dependencies on PostgreSQL and Neo4j.
+            </p>
+            <p className="text-slate-400 text-sm">
+              Common defaults in CE-style setups: web login <code>admin</code>, first password shown on
+              first run, then changed in the UI; Neo4j on <code>7687</code>.
+            </p>
+            <Callout variant="note" title="Current nihil status">
+              The AD image currently ships the <code>bloodhound-ce</code> binary workflow. Full
+              start/stop/reset service orchestration (with managed DB lifecycle and credentials) is not
+              yet standardized like Browser UI.
+            </Callout>
+          </section>
+
           <section id="scope" className="space-y-4">
             <h2 className="text-xl font-semibold text-white">Scope and limits</h2>
             <p className="text-slate-400 text-sm">
@@ -72,6 +90,7 @@ export const ServicePage: React.FC = () => {
             { id: 'tldr', label: 'TL;DR' },
             { id: 'desktop', label: 'Desktop Browser UI' },
             { id: 'credentials', label: 'Credentials' },
+            { id: 'bloodhound-ce', label: 'BloodHound CE' },
             { id: 'scope', label: 'Scope & limits' },
           ]}
         />
