# KP Analysis Toolkit
The KP Analysis Toolkit is a comprehensive Python application designed to assist auditors with analyzing and processing various types of data encountered during security assessments. The toolkit provides specialized modules for different data formats and analysis tasks.
[View the full documentation](https://kirkpatrickprice.github.io/analysis-toolkit)
## Overview
The toolkit currently includes three main modules:
### Process Scripts
Formerly known as `adv-searchfor`, this module processes text files generated by KirkpatrickPrice's OS-specific collection scripts. It provides flexible search capabilities, automated analysis, and comprehensive reporting through Excel workbooks.
**Supported Collection Scripts:**
- [Linux Audit Scripts](https://github.com/kirkpatrickprice/linux-audit-scripts)
- [Windows Audit Scripts](https://github.com/kirkpatrickprice/windows-audit-scripts)
- [MacOS Auditor](https://github.com/kirkpatrickprice/macos-auditor)
📖 **[View Process Scripts Documentation](https://kirkpatrickprice.github.io/analysis-toolkit/user-guides/scripts/)**
### Nipper Expander
A specialized tool for processing Nipper CSV export files. It transforms Nipper's compact CSV format (where multiple devices may be listed in a single row) into an expanded format with one row per device per finding, making it easier to analyze vulnerabilities using Excel pivot tables and other analysis tools.
📖 **[View Nipper Expander Documentation](https://kirkpatrickprice.github.io/analysis-toolkit/user-guides/nipper-expander/)**
### RTF to Text Converter
Converts Rich Text Format (RTF) files to plain text files using ASCII encoding. This is particularly useful when customers provide router/firewall configurations as RTF documents instead of plaintext files.
📖 **[View RTF Converter Documentation](https://kirkpatrickprice.github.io/analysis-toolkit/user-guides/nipper-expander/)**
## Requirements
### System Requirements
The toolkit is built on Python and supports cross-platform operation:
- **Primary development platform**: Windows
- **Supported platforms**: Windows, macOS, Linux
- **Testing coverage**: All platforms tested via CI/CD pipeline
### Prerequisites
- **Python 3.12 or higher**
- **pipx** (Python application installer)
### Recommended Tools
For Windows users, we recommend using the [Windows Terminal](https://apps.microsoft.com/store/detail/windows-terminal/9N0DX20HK701) from the Microsoft Store for a better command-line experience.
## Installation
See the [full installation instructions](https://kirkpatrickprice.github.io/analysis-toolkit/user-guides/installation)
## Updates
### Automatic Update Checking
Starting with version 2.0, the toolkit automatically checks for updates on PyPI each time you run it. If a newer version is available, the toolkit will display upgrade instructions and exit:
```
📦 Update Available
┌─ Upgrade Instructions ──────────────────────────────────┐
│ Current version: 2.0.0 │
│ Latest version: 2.0.1 │
│ │
│ To upgrade, run: │
│ pipx upgrade kp-analysis-toolkit │
│ │
│ Or if you want to skip this check in the future: │
│ kpat_cli --skip-update-check │
└─────────────────────────────────────────────────────────┘
The application will now exit. Please run the upgrade command above
and then run your command again.
Note: Upgrade checks can be disabled using the --skip-update-check option.
```
**Why does the toolkit exit instead of upgrading automatically?**
- **File locking**: When Python applications upgrade themselves while running, file locks can cause upgrade failures
- **Reliability**: Manual upgrades using `pipx upgrade` are more reliable and consistent
- **User control**: You have full control over when and how upgrades happen
- **Error handling**: `pipx` provides better error messages and troubleshooting information
### Manual Updates
Update manually using `pipx`:
```bash
pipx upgrade kp-analysis-toolkit
```
### Disabling Update Checks
Skip update checks for automated scripts or when you don't want to be prompted:
```bash
kpat_cli --skip-update-check scripts --help
```
**Note:** Update checking requires a network connection. Without network access, you may see a brief warning but the program continues normally.
## Keep-Awake Feature
The toolkit includes an automatic keep-awake feature that prevents your system from going to sleep during long-running analysis tasks. This is particularly useful when processing large datasets or running extensive searches that might take a long time to complete.
### How It Works
- **Automatic**: The keep-awake feature is enabled by default for all commands
- **Cross-platform**: Works on Windows, macOS, and Linux systems
- **Non-intrusive**: Only prevents sleep/hibernation, doesn't affect screen savers or manual power management
- **Fallback protection**: If the keep-awake feature fails (e.g., due to permissions), the command continues normally, but your system could sleep mid-task
### Disabling Keep-Awake
You can disable the keep-awake feature if needed:
```bash
# Disable keep-awake for a single command
kpat_cli --no-keep-awake scripts --start-dir /path/to/data
# Example: Long-running analysis without keep-awake
kpat_cli --no-keep-awake scripts --start-dir "C:\Audit\Data"
```
**When you might want to disable it:**
- Running on battery power and want to allow normal power management
- Running in automated scripts where sleep prevention isn't needed
- System policy restrictions that prevent sleep control
- Troubleshooting power management issues
## Usage
### Getting Started
After installation, the toolkit is available as `kpat_cli` (or `kpat_cli.exe` on Windows):
**Note:** Aliases are provided for legacy commands (e.g. `adv-searchfor`). They will be deprecated in a later version.
```bash
# Show main help
kpat_cli --help
# Show help for specific modules
kpat_cli scripts --help
kpat_cli nipper --help
kpat_cli rtf-to-text --help
```
### Quick Examples
**Process Scripts:**
```bash
# Analyze files with default configuration
kpat_cli scripts
# Use specific configuration
kpat_cli scripts --conf audit-windows.yaml
```
**Nipper Expander:**
```bash
# Auto-detect CSV files in current directory
kpat_cli nipper
# Process specific file
kpat_cli nipper --in-file network-audit.csv
```
**RTF Converter:**
```bash
# Convert specific RTF file
kpat_cli rtf-to-text --in-file config.rtf
# Scan directory for RTF files
kpat_cli rtf-to-text --start-dir /path/to/files
```
## Module Documentation
For detailed usage instructions, configuration options, and examples for each module:
- **[Process Scripts](src/kp_analysis_toolkit/process_scripts/README.md)** - Comprehensive analysis of OS audit data
- **[Nipper Expander](src/kp_analysis_toolkit/nipper_expander/README.md)** - Network device vulnerability report processing
- **[RTF to Text](src/kp_analysis_toolkit/rtf_to_text/README.md)** - Document format conversion utilities
## Development
### Development Environment
- **Primary development platform**: Windows
- **Testing**: Comprehensive CI testing on Windows, macOS, and Linux
- **Cross-platform compatibility**: Ensured through automated testing
While development is primarily conducted on Windows, the toolkit is designed to be cross-platform compatible. Continuous Integration (CI) testing is performed against all three major operating systems (Windows, macOS, and Linux) to ensure proper functionality across platforms.
### Running from Source
For development or testing purposes:
```bash
# Clone the repository
git clone https://github.com/kirkpatrickprice/analysis-toolkit.git
cd analysis-toolkit
# Install with uv (recommended)
uv sync
# Or install with pip
pip install -e .
# Run directly
python -m kp_analysis_toolkit.cli --help
```
### Dependencies
The toolkit automatically installs required dependencies:
- **pandas** and **openpyxl** for Excel processing
- **PyYAML** for configuration files
- **click** for command-line interface
- **pydantic** for data validation
- **charset-normalizer** for encoding detection
- **striprtf** for RTF processing
### Publishing and Releases
The toolkit uses automated publishing to PyPI:
- **Cross-platform testing**: Full test suite runs on Windows, macOS, and Linux before publishing
- **Automatic publishing**: When the version in `src/kp_analysis_toolkit/__init__.py` is updated and pushed to the main branch
- **GitHub Actions**: Handles testing, building, and publishing automatically
- **GitHub Releases**: Automatically created with version tags and changelogs
- **Quality assurance**: Cross-platform tests must pass before publishing
📖 **[View Publishing Setup Guide](.github/PYPI_SETUP.md)** for maintainers
## Related Projects
- [Linux Audit Scripts](https://github.com/kirkpatrickprice/linux-audit-scripts) - Data collection for Linux systems
- [Windows Audit Scripts](https://github.com/kirkpatrickprice/windows-audit-scripts) - Data collection for Windows systems
- [macOS Auditor](https://github.com/kirkpatrickprice/macos-auditor) - Data collection for macOS systems
## Support
For issues, feature requests, or questions:
- Check the module-specific documentation linked above
- Review troubleshooting sections in individual module READMEs
- Consult the [CHANGELOG.md](CHANGELOG.md) for version history
## Version History
See [CHANGELOG.md](CHANGELOG.md) for a complete history of changes starting with version 2.0.0.
Raw data
{
"_id": null,
"home_page": null,
"name": "kp-analysis-toolkit",
"maintainer": null,
"docs_url": null,
"requires_python": "<4,>=3.12",
"maintainer_email": null,
"keywords": "pii discovery, data discovery, credit card discovery",
"author": null,
"author_email": "Randy Bartels <rjbartels@outlook.com>",
"download_url": "https://files.pythonhosted.org/packages/44/c6/51f40aa3aa5870c667f76bd9bd70fa006b706f4fda77210af222587160f5/kp_analysis_toolkit-2.1.0.tar.gz",
"platform": null,
"description": "# KP Analysis Toolkit\r\n\r\nThe KP Analysis Toolkit is a comprehensive Python application designed to assist auditors with analyzing and processing various types of data encountered during security assessments. The toolkit provides specialized modules for different data formats and analysis tasks.\r\n\r\n[View the full documentation](https://kirkpatrickprice.github.io/analysis-toolkit)\r\n\r\n## Overview\r\n\r\nThe toolkit currently includes three main modules:\r\n\r\n### Process Scripts\r\nFormerly known as `adv-searchfor`, this module processes text files generated by KirkpatrickPrice's OS-specific collection scripts. It provides flexible search capabilities, automated analysis, and comprehensive reporting through Excel workbooks.\r\n\r\n**Supported Collection Scripts:**\r\n- [Linux Audit Scripts](https://github.com/kirkpatrickprice/linux-audit-scripts)\r\n- [Windows Audit Scripts](https://github.com/kirkpatrickprice/windows-audit-scripts)\r\n- [MacOS Auditor](https://github.com/kirkpatrickprice/macos-auditor)\r\n\r\n\ud83d\udcd6 **[View Process Scripts Documentation](https://kirkpatrickprice.github.io/analysis-toolkit/user-guides/scripts/)**\r\n\r\n### Nipper Expander\r\nA specialized tool for processing Nipper CSV export files. It transforms Nipper's compact CSV format (where multiple devices may be listed in a single row) into an expanded format with one row per device per finding, making it easier to analyze vulnerabilities using Excel pivot tables and other analysis tools.\r\n\r\n\ud83d\udcd6 **[View Nipper Expander Documentation](https://kirkpatrickprice.github.io/analysis-toolkit/user-guides/nipper-expander/)**\r\n\r\n### RTF to Text Converter\r\nConverts Rich Text Format (RTF) files to plain text files using ASCII encoding. This is particularly useful when customers provide router/firewall configurations as RTF documents instead of plaintext files.\r\n\r\n\ud83d\udcd6 **[View RTF Converter Documentation](https://kirkpatrickprice.github.io/analysis-toolkit/user-guides/nipper-expander/)**\r\n\r\n## Requirements\r\n\r\n### System Requirements\r\nThe toolkit is built on Python and supports cross-platform operation:\r\n- **Primary development platform**: Windows\r\n- **Supported platforms**: Windows, macOS, Linux\r\n- **Testing coverage**: All platforms tested via CI/CD pipeline\r\n\r\n### Prerequisites\r\n- **Python 3.12 or higher**\r\n- **pipx** (Python application installer)\r\n\r\n### Recommended Tools\r\nFor Windows users, we recommend using the [Windows Terminal](https://apps.microsoft.com/store/detail/windows-terminal/9N0DX20HK701) from the Microsoft Store for a better command-line experience.\r\n\r\n## Installation\r\n\r\nSee the [full installation instructions](https://kirkpatrickprice.github.io/analysis-toolkit/user-guides/installation)\r\n\r\n## Updates\r\n\r\n### Automatic Update Checking\r\nStarting with version 2.0, the toolkit automatically checks for updates on PyPI each time you run it. If a newer version is available, the toolkit will display upgrade instructions and exit:\r\n\r\n```\r\n\ud83d\udce6 Update Available\r\n\r\n\u250c\u2500 Upgrade Instructions \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510\r\n\u2502 Current version: 2.0.0 \u2502\r\n\u2502 Latest version: 2.0.1 \u2502\r\n\u2502 \u2502\r\n\u2502 To upgrade, run: \u2502\r\n\u2502 pipx upgrade kp-analysis-toolkit \u2502\r\n\u2502 \u2502\r\n\u2502 Or if you want to skip this check in the future: \u2502\r\n\u2502 kpat_cli --skip-update-check \u2502\r\n\u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518\r\n\r\nThe application will now exit. Please run the upgrade command above \r\nand then run your command again.\r\n\r\nNote: Upgrade checks can be disabled using the --skip-update-check option.\r\n```\r\n\r\n**Why does the toolkit exit instead of upgrading automatically?**\r\n- **File locking**: When Python applications upgrade themselves while running, file locks can cause upgrade failures\r\n- **Reliability**: Manual upgrades using `pipx upgrade` are more reliable and consistent\r\n- **User control**: You have full control over when and how upgrades happen\r\n- **Error handling**: `pipx` provides better error messages and troubleshooting information\r\n\r\n### Manual Updates\r\nUpdate manually using `pipx`:\r\n```bash\r\npipx upgrade kp-analysis-toolkit\r\n```\r\n\r\n### Disabling Update Checks\r\nSkip update checks for automated scripts or when you don't want to be prompted:\r\n```bash\r\nkpat_cli --skip-update-check scripts --help\r\n```\r\n\r\n**Note:** Update checking requires a network connection. Without network access, you may see a brief warning but the program continues normally.\r\n\r\n## Keep-Awake Feature\r\n\r\nThe toolkit includes an automatic keep-awake feature that prevents your system from going to sleep during long-running analysis tasks. This is particularly useful when processing large datasets or running extensive searches that might take a long time to complete.\r\n\r\n### How It Works\r\n- **Automatic**: The keep-awake feature is enabled by default for all commands\r\n- **Cross-platform**: Works on Windows, macOS, and Linux systems\r\n- **Non-intrusive**: Only prevents sleep/hibernation, doesn't affect screen savers or manual power management\r\n- **Fallback protection**: If the keep-awake feature fails (e.g., due to permissions), the command continues normally, but your system could sleep mid-task\r\n\r\n### Disabling Keep-Awake\r\nYou can disable the keep-awake feature if needed:\r\n\r\n```bash\r\n# Disable keep-awake for a single command\r\nkpat_cli --no-keep-awake scripts --start-dir /path/to/data\r\n\r\n# Example: Long-running analysis without keep-awake\r\nkpat_cli --no-keep-awake scripts --start-dir \"C:\\Audit\\Data\"\r\n```\r\n\r\n**When you might want to disable it:**\r\n- Running on battery power and want to allow normal power management\r\n- Running in automated scripts where sleep prevention isn't needed\r\n- System policy restrictions that prevent sleep control\r\n- Troubleshooting power management issues\r\n\r\n## Usage\r\n\r\n### Getting Started\r\nAfter installation, the toolkit is available as `kpat_cli` (or `kpat_cli.exe` on Windows):\r\n\r\n**Note:** Aliases are provided for legacy commands (e.g. `adv-searchfor`). They will be deprecated in a later version.\r\n\r\n```bash\r\n# Show main help\r\nkpat_cli --help\r\n\r\n# Show help for specific modules\r\nkpat_cli scripts --help\r\nkpat_cli nipper --help\r\nkpat_cli rtf-to-text --help\r\n```\r\n\r\n### Quick Examples\r\n\r\n**Process Scripts:**\r\n```bash\r\n# Analyze files with default configuration\r\nkpat_cli scripts\r\n\r\n# Use specific configuration\r\nkpat_cli scripts --conf audit-windows.yaml\r\n```\r\n\r\n**Nipper Expander:**\r\n```bash\r\n# Auto-detect CSV files in current directory\r\nkpat_cli nipper\r\n\r\n# Process specific file\r\nkpat_cli nipper --in-file network-audit.csv\r\n```\r\n\r\n**RTF Converter:**\r\n```bash\r\n# Convert specific RTF file\r\nkpat_cli rtf-to-text --in-file config.rtf\r\n\r\n# Scan directory for RTF files\r\nkpat_cli rtf-to-text --start-dir /path/to/files\r\n```\r\n\r\n## Module Documentation\r\n\r\nFor detailed usage instructions, configuration options, and examples for each module:\r\n\r\n- **[Process Scripts](src/kp_analysis_toolkit/process_scripts/README.md)** - Comprehensive analysis of OS audit data\r\n- **[Nipper Expander](src/kp_analysis_toolkit/nipper_expander/README.md)** - Network device vulnerability report processing\r\n- **[RTF to Text](src/kp_analysis_toolkit/rtf_to_text/README.md)** - Document format conversion utilities\r\n\r\n## Development\r\n\r\n### Development Environment\r\n- **Primary development platform**: Windows\r\n- **Testing**: Comprehensive CI testing on Windows, macOS, and Linux\r\n- **Cross-platform compatibility**: Ensured through automated testing\r\n\r\nWhile development is primarily conducted on Windows, the toolkit is designed to be cross-platform compatible. Continuous Integration (CI) testing is performed against all three major operating systems (Windows, macOS, and Linux) to ensure proper functionality across platforms.\r\n\r\n### Running from Source\r\nFor development or testing purposes:\r\n\r\n```bash\r\n# Clone the repository\r\ngit clone https://github.com/kirkpatrickprice/analysis-toolkit.git\r\ncd analysis-toolkit\r\n\r\n# Install with uv (recommended)\r\nuv sync\r\n\r\n# Or install with pip\r\npip install -e .\r\n\r\n# Run directly\r\npython -m kp_analysis_toolkit.cli --help\r\n```\r\n\r\n### Dependencies\r\nThe toolkit automatically installs required dependencies:\r\n- **pandas** and **openpyxl** for Excel processing\r\n- **PyYAML** for configuration files\r\n- **click** for command-line interface\r\n- **pydantic** for data validation\r\n- **charset-normalizer** for encoding detection\r\n- **striprtf** for RTF processing\r\n\r\n### Publishing and Releases\r\nThe toolkit uses automated publishing to PyPI:\r\n- **Cross-platform testing**: Full test suite runs on Windows, macOS, and Linux before publishing\r\n- **Automatic publishing**: When the version in `src/kp_analysis_toolkit/__init__.py` is updated and pushed to the main branch\r\n- **GitHub Actions**: Handles testing, building, and publishing automatically\r\n- **GitHub Releases**: Automatically created with version tags and changelogs\r\n- **Quality assurance**: Cross-platform tests must pass before publishing\r\n\r\n\ud83d\udcd6 **[View Publishing Setup Guide](.github/PYPI_SETUP.md)** for maintainers\r\n\r\n## Related Projects\r\n\r\n- [Linux Audit Scripts](https://github.com/kirkpatrickprice/linux-audit-scripts) - Data collection for Linux systems\r\n- [Windows Audit Scripts](https://github.com/kirkpatrickprice/windows-audit-scripts) - Data collection for Windows systems\r\n- [macOS Auditor](https://github.com/kirkpatrickprice/macos-auditor) - Data collection for macOS systems\r\n\r\n## Support\r\n\r\nFor issues, feature requests, or questions:\r\n- Check the module-specific documentation linked above\r\n- Review troubleshooting sections in individual module READMEs\r\n- Consult the [CHANGELOG.md](CHANGELOG.md) for version history\r\n\r\n## Version History\r\n\r\nSee [CHANGELOG.md](CHANGELOG.md) for a complete history of changes starting with version 2.0.0.\r\n",
"bugtrack_url": null,
"license": null,
"summary": "Python utilities to parse technical information for security audits",
"version": "2.1.0",
"project_urls": {
"Changelog": "https://github.com/kirkpatrickprice/analysis-toolkit/blob/main/CHANGELOG.md",
"Documentation": "https://kirkpatrickprice.github.io/analysis-toolkit/",
"Homepage": "https://github.com/kirkpatrickprice/analysis-toolkit",
"Issues": "https://github.com/kirkpatrickprice/analysis-toolkit/issues",
"Repository": "https://github.com/kirkpatrickprice/analysis-toolkit"
},
"split_keywords": [
"pii discovery",
" data discovery",
" credit card discovery"
],
"urls": [
{
"comment_text": null,
"digests": {
"blake2b_256": "bcbe062d694e227b5cbdca180dc731b8fe30c5c337925dbcb2d2ceeb6389de54",
"md5": "d483550656fd5b97c0c908341bc1c87b",
"sha256": "6aea3ee1a360a1854844a25c6265b2b66aa4a063b25e29826cdd75c830f69b87"
},
"downloads": -1,
"filename": "kp_analysis_toolkit-2.1.0-py3-none-any.whl",
"has_sig": false,
"md5_digest": "d483550656fd5b97c0c908341bc1c87b",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": "<4,>=3.12",
"size": 120622,
"upload_time": "2025-09-12T14:39:47",
"upload_time_iso_8601": "2025-09-12T14:39:47.027888Z",
"url": "https://files.pythonhosted.org/packages/bc/be/062d694e227b5cbdca180dc731b8fe30c5c337925dbcb2d2ceeb6389de54/kp_analysis_toolkit-2.1.0-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": null,
"digests": {
"blake2b_256": "44c651f40aa3aa5870c667f76bd9bd70fa006b706f4fda77210af222587160f5",
"md5": "07987e5363579243cf0be6982e9facb2",
"sha256": "817d37da5dfdeab303dcedbf9268ef1df24b6573ac78ed6b03e99c8a276f90cc"
},
"downloads": -1,
"filename": "kp_analysis_toolkit-2.1.0.tar.gz",
"has_sig": false,
"md5_digest": "07987e5363579243cf0be6982e9facb2",
"packagetype": "sdist",
"python_version": "source",
"requires_python": "<4,>=3.12",
"size": 103730,
"upload_time": "2025-09-12T14:39:48",
"upload_time_iso_8601": "2025-09-12T14:39:48.335768Z",
"url": "https://files.pythonhosted.org/packages/44/c6/51f40aa3aa5870c667f76bd9bd70fa006b706f4fda77210af222587160f5/kp_analysis_toolkit-2.1.0.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2025-09-12 14:39:48",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "kirkpatrickprice",
"github_project": "analysis-toolkit",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"lcname": "kp-analysis-toolkit"
}
JSON
