Folha de Dicas para Soneca de Bebê

📋 Copy All Commands 📄 Generate PDF

```bash # Clone the repository git clone https://github.com/faizann24/baby-naptime.git cd baby-naptime

Install dependencies

pip install -r requirements.txt

Install system dependencies (Ubuntu/Debian)

sudo apt-get install gdb g++ colorama

Set up OpenAI API key

export OPENAI_API_KEY=‘your-openai-key-here’

```bash
# Analyze a C/C++ file
python run.py -c code/vulnerable.cpp

# Use specific LLM model
python run.py -c code/test.cpp -l gpt-4o

# Advanced analysis with custom settings
python run.py -c code/test.cpp -l o3-mini -k 15 -m 50
```## Início Rápido
```bash
# Specify source code file to analyze
python run.py -c <code_file>
python run.py --code_file <code_file>
```### Instalação
```bash
# Set code directory for additional source files
python run.py -c main.cpp -d /path/to/source/

# Set maximum analysis iterations
python run.py -c main.cpp -m 100

# Choose LLM model
python run.py -c main.cpp -l gpt-4o
python run.py -c main.cpp -l gpt-4o-mini
python run.py -c main.cpp -l o3-mini
python run.py -c main.cpp -l o1-preview

# Set entry function for analysis
python run.py -c main.cpp -f main

# Control conversation history
python run.py -c main.cpp -k 14
```### Uso Básico
```bash
# GPT-3.5 Turbo (fastest, basic analysis)
python run.py -c code.cpp -l gpt-3.5-turbo

# GPT-4o (balanced performance and accuracy)
python run.py -c code.cpp -l gpt-4o

# GPT-4o Mini (cost-effective option)
python run.py -c code.cpp -l gpt-4o-mini

# O3 Mini (optimized for code analysis)
python run.py -c code.cpp -l o3-mini

# O1 Preview (advanced reasoning)
python run.py -c code.cpp -l o1-preview
```## Opções de Linha de Comando
```bash
# 1. Prepare your vulnerable code
echo '#include <stdio.h>
int main() \\\\{
    char buffer[10];
    gets(buffer);  // Vulnerable function
    printf("Input: %s\n", buffer);
    return 0;
\\\\}' > vulnerable.c

# 2. Run baby-naptime analysis
python run.py -c vulnerable.c -l gpt-4o

# 3. Check results
ls results/
cat results/vulnerable_summary.md
```### Parâmetros Obrigatórios
```bash
# Analyze complex project with multiple files
python run.py -c main.cpp -d ./src/ -m 200 -k 20

# Focus on specific function
python run.py -c auth.cpp -f authenticate_user -l o3-mini

# Extended analysis with detailed history
python run.py -c network.cpp -k 30 -m 150
```### Parâmetros Opcionais
```bash
# Set OpenAI API key (required)
export OPENAI_API_KEY='sk-your-api-key-here'

# Verify API key is set
echo $OPENAI_API_KEY

# Alternative: Create .env file
echo "OPENAI_API_KEY=sk-your-api-key-here" > .env
```## Opções de Modelo de LLM
```bash
# Ubuntu/Debian
sudo apt-get update
sudo apt-get install gdb g++ python3-pip

# CentOS/RHEL
sudo yum install gdb gcc-c++ python3-pip

# macOS (with Homebrew)
brew install gdb
xcode-select --install
```### Modelos Disponíveis
```bash
# Baby-naptime automatically uses GDB for:
# - Memory layout analysis
# - Crash reproduction
# - Exploit validation
# - Stack trace generation

# Manual GDB debugging (if needed)
gdb ./compiled_binary
(gdb) run
(gdb) bt
(gdb) info registers
```## Fluxo de Análise
```bash
# Baby-naptime compiles with security mitigations disabled:
# -fno-stack-protector (disable stack canaries)
# -z execstack (enable executable stack)
# -no-pie (disable position independent executable)

# Manual compilation for testing
gcc -fno-stack-protector -z execstack -no-pie vulnerable.c -o vulnerable
```### Processo Passo a Passo
```bash
# Check generated reports
ls results/
cat results/[filename]_summary.md

# View detailed analysis
less results/[filename]_summary.md

# Copy results to another location
cp results/*.md /path/to/reports/
```### Análise Avançada
```bash
# Each report contains:
# - Executive summary
# - Technical analysis
# - Exploitation methodology
# - Working payload
# - Proof of concept
```## Configuração de Ambiente
```bash
# Analyze buffer overflow vulnerabilities
python run.py -c buffer_overflow.c -l gpt-4o

# Focus on memory corruption
python run.py -c heap_overflow.cpp -l o3-mini -k 20
```### Configuração de Chave API
```bash
# Analyze format string bugs
python run.py -c format_string.c -l gpt-4o-mini

# Extended analysis for complex cases
python run.py -c printf_vuln.c -m 100 -k 25
```### Dependências do Sistema
```bash
# Analyze memory management issues
python run.py -c use_after_free.cpp -l o1-preview

# Focus on heap analysis
python run.py -c heap_vuln.c -l gpt-4o -k 30
```## Depuração e Análise
```bash
# API key not set
export OPENAI_API_KEY='your-key-here'

# Missing dependencies
pip install -r requirements.txt
sudo apt-get install gdb g++

# Permission issues
chmod +x run.py
sudo chown $USER:$USER -R baby-naptime/

# Python version issues
python3 --version  # Should be 3.7+
pip3 install -r requirements.txt
```### Integração com GDB
```bash
# Enable verbose output
python run.py -c code.cpp -l gpt-4o --verbose

# Check system compatibility
python -c "import sys; print(sys.version)"
gdb --version
gcc --version
```### Compilação de Binário
```bash
# Use faster models for initial screening
python run.py -c code.cpp -l gpt-3.5-turbo

# Optimize context history for speed
python run.py -c code.cpp -k 10 -m 50

# Use targeted analysis
python run.py -c code.cpp -f vulnerable_function
```### Gerenciamento de Recursos
```bash
# Limit iterations for large codebases
python run.py -c large_project.cpp -m 75

# Manage memory usage
python run.py -c code.cpp -k 8

# Batch processing multiple files
for file in *.cpp; do
    python run.py -c "$file" -l gpt-4o-mini
done
```## Exemplos de Integração
```bash
# Add to GitHub Actions
name: Security Analysis
run:|
  export OPENAI_API_KEY=$\\\\{\\\\{ secrets.OPENAI_API_KEY \\\\}\\\\}
  python run.py -c src/main.cpp -l gpt-4o-mini

# Jenkins integration
sh 'python run.py -c $\\\\{WORKSPACE\\\\}/src/main.cpp'
```### Pipeline de CI/CD
```bash
# Scan all C/C++ files in project
find . -name "*.cpp" -o -name "*.c"|while read file; do
    echo "Analyzing $file"
    python run.py -c "$file" -l gpt-4o-mini
done

# Generate combined report
cat results/*_summary.md > combined_security_report.md
```### Varredura Automatizada
```bash
# Start with faster models for initial assessment
python run.py -c code.cpp -l gpt-3.5-turbo

# Use advanced models for detailed analysis
python run.py -c critical_code.cpp -l o1-preview -k 25

# Maintain reasonable iteration limits
python run.py -c code.cpp -m 100  # Good balance

# Focus analysis on specific functions
python run.py -c auth.cpp -f login_handler
```## Melhores Práticas
```bash
# Always test in isolated environment
# Never run on production systems
# Obtain proper authorization before testing
# Review generated exploits carefully
# Use for educational/research purposes only
```### Considerações de Segurança
https://github.com/faizann24/baby-naptime](https://github.com/faizann24/baby-naptime**Repositório: ** [
   **Licença:** GPL-3.0
   **Linguagem:** Python (94.7%), C++ (4.6%), C (0.7%)
   **Estrelas:** 151+|**Forks:** 19+

Would you like me to translate the entire document? If so, could you provide the complete text for each section? Some sections appear to be missing content.