File Operations
Cyberstrike provides specialized tools for file operations, optimized for security testing workflows.
📸 SCREENSHOT: file-operations.png
File operations tool output
Read Tool
Read file contents with line numbers.
Basic Usage
> Read the contents of src/auth/login.tsPartial File Reading
> Read lines 50-100 of src/auth/login.tsMultiple Files
> Read both config.json and package.jsonImage Analysis
The Read tool can analyze images:
> Read the screenshot at ./evidence/vuln-poc.pngPDF Analysis
> Read the security report at ./reports/pentest.pdfWrite Tool
Create or overwrite files.
Create New File
> Write a Python script to exploit the SQL injection to exploit.pyOverwrite File
> Replace the contents of config.json with the secure configurationCaution
Write tool overwrites existing files without warning. Use Edit for partial modifications.
Edit Tool
Make precise edits to existing files.
String Replacement
> Edit src/auth/login.ts to replace "SELECT * FROM users WHERE id = " + userId with parameterized queryMulti-line Edit
> Edit the vulnerable function in auth.ts to add input validationReplace All
> Replace all instances of "http://" with "https://" in config filesBest Practices
- Read the file first to understand context
- Be specific about what to change
- Include enough surrounding context for unique matches
- Verify changes after editing
Glob Tool
Find files by pattern matching.
Basic Patterns
> Find all TypeScript files in the projectPattern: **/*.ts
Multiple Extensions
> Find all JavaScript and TypeScript filesPattern: **/*.{js,ts}
Specific Directories
> Find all config files in the src directoryPattern: src/**/config.*
Common Patterns
| Pattern | Matches |
|---|---|
**/*.ts | All TypeScript files |
src/**/*.test.ts | Test files in src |
**/package.json | All package.json files |
**/.env* | Environment files |
**/secret* | Files with “secret” in name |
Security Scanning Patterns
> Find files that might contain credentials
Patterns:- **/*.env*- **/secrets.*- **/*credentials*- **/*password*- **/config.jsonGrep Tool
Search file contents with regex.
Basic Search
> Search for "password" in all filesRegex Search
> Search for API key patterns in the codebasePattern: (api[_-]?key|apikey)\s*[:=]\s*['"][^'"]+['"]
Case Insensitive
> Search for "SELECT" case insensitivelyFile Type Filter
> Search for "eval(" only in JavaScript filesContext Lines
> Search for "TODO" with 2 lines of context before and afterSecurity-Focused Searches
| Purpose | Pattern |
|---|---|
| SQL Injection | `(SELECT |
| Command Injection | `(exec |
| Hardcoded Secrets | (password|secret|key)\s*=\s*['"][^'"]{8,} |
| Unsafe Deserialization | `(pickle |
| XSS Sinks | `(innerHTML |
File Analysis Workflow
1. Discover Files
> Find all files that might handle user input2. Search for Patterns
> Search these files for SQL query construction3. Read Suspicious Files
> Read the files that matched the SQL pattern4. Document Findings
> Write a summary of the SQL injection findings to findings.mdPermission Considerations
File operations may require permission:
| Operation | Default Behavior |
|---|---|
| Read | Allowed (read-only) |
| Glob | Allowed (read-only) |
| Grep | Allowed (read-only) |
| Write | Requires permission |
| Edit | Requires permission |
Auto-approve Writes
For automation:
{ "permissions": { "allow": [ "Write(reports/**)", "Edit(findings/**)" ] }}Large File Handling
Pagination
For large files:
> Read the first 100 lines of large-log.txt> Read lines 100-200 of large-log.txtBinary Files
The Read tool handles binary files:
> Read the binary at ./malware.exe and analyze its stringsIntegration with Security Testing
Code Review
> Analyze all authentication-related files for security issues
1. Find auth files: Glob **/*auth*.{ts,js}2. Search for vulnerabilities: Grep patterns3. Read and analyze matches4. Document findingsConfiguration Audit
> Review all configuration files for security misconfigurations
1. Find configs: Glob **/{config,settings}*.{json,yaml,yml}2. Read each file3. Check for sensitive data exposure4. Verify secure defaultsSecret Detection
> Scan the codebase for hardcoded secrets
1. Glob all source files2. Grep for secret patterns3. Read matches for verification4. Report findingsTip
Combine Glob and Grep for efficient codebase scanning. Start broad, then narrow down.
Related Documentation
- Bash Tool - Command execution
- Memory Tool - Storing findings
- Permissions - File operation permissions