Added A-N from my .zsh_history

[l3clelVl]

I've sort -u and awk '!seen[$1]++' my .zsh_history to deconflict against the current "_command" in adding (29) more commands, but most notably most of the nxc services and rounding out impacket with a few more services and increasing john-data's common options.

What this does

Type

• New command(s)
  autorecon
  certipy-auth
  cEWL
  chisel
  curl
  dig
  dnsenum
  enum4linux
  evil-winrm* (I see there is a conflict, so I'll do a draft)
  ffuf
  fierce
  finalrecon
  ftp
  gobuster
  hydra
  impacket-reg
  impacket-smbclient
  john-data [expand on current john/bcrypt e.g., bitlocker2john, office2john, etc.]
  kerbrute
  medusa
  nbtscan
  nfs-cat
  nikto
  nxc [expand on current smb e.g., nxc ldap, nxc winrm, etc.]

• Fix to an existing command

• Site feature / bug fix

• Docs

Checklist

• Each new command is a single file in _commands/ following the schema in CONTRIBUTING.md
• Fill-in values use $UPPERCASE tokens; fixed paths are written out in full
• Any new service/phase/os/category value was added to _data/
• bundle exec jekyll build succeeds
• node --test test/ passes (requires Node 18+)
• No em dashes in any added text

[strikoder]

Hey there!

First off thank you for this PR, that's a big batch of genuinely useful commands. The hydra/medusa brute set, john, kerbrute (I personally don't use it anymore cause I have my own enum scripts, I advise you to check them out) ..etc are all great to have. Really appreciate it. A few things I'd like to sort out before merging:

1. File naming: one file per tool (tool.md)

The convention here is one file per tool, named after the tool. The cheatsheet renders the different uses as tabs inside a single command card, using the variants: list. So instead of splitting nxc into nxc-ftp.md, nxc-ldap.md, nxc-mssql.md ...etc , all of those should fold into the existing nxc.md as variants. That way the tabs above the card work correctly and you don't end up with the same nxc commands showing up twice. Same idea applies anywhere a tool got split out.

2. The have: field got dropped on hash commands

Every command that can authenticate with a hash needs the have: metadata, that's what powers the "filter by the credential material I actually have" feature. A few of these lost it:

• evil-winrm.md had have: [hash, ticket, cert] and it's now gone
• the new nxc winrm pth variant and impacket-smbclient pth variant don't have it either

Please add have: [hash] (or [hash, ticket, cert] where relevant) back to anything with a hash/ticket/cert auth path, matching how the existing impacket/smbclient/xfreerdp files do it.

3. Keep the label convention as hash

The repo uses label: hash for pass-the-hash variants everywhere (impacket-psexec, smbclient, xfreerdp, etc.). A few of the new ones use label: pth. Let's keep it as hash so it stays consistent across the whole sheet (hash is better than pth for UI).

4. evil-winrm lost two auth methods

The rewrite dropped the Kerberos ticket (-k) and cert (-c/-k -S) variants. The new scripts upload variant is a nice add, but please keep the ticket and cert ones too since this sheet leans heavily on AD.

5. Minor

• impacket-reg: the registry paths like HKLM\SAM need quoting or escaping probably, the shell will strip the backslashes as written.
• nxc-mssql exec variant implies xp_cmdshell but doesn't enable it (I think writhe the whole path enable/run) vector.

Finally, could you run back through CONTRIBUTING.md and check the boxes in the PR checklist? The "Variants" section there covers the one-file-per-tool rule (it actually uses nxc-by-protocol and evil-winrm-by-auth-method as the examples, so it lines up exactly with points 1 and 4), and the checklist's build/test steps (bundle exec jekyll build and node --test test/) will probably catch anything that doesn't render.

Thanks again for putting this together, it's a great contribution and I'd love to get it merged once these are tidied up.