├── .gitignore ├── LICENSE ├── README.md ├── __init__.py ├── config.yaml ├── docs ├── .nojekyll ├── Makefile ├── conf.py ├── docs │ ├── doctrees │ │ ├── environment.pickle │ │ ├── filesystem.doctree │ │ ├── index.doctree │ │ ├── network.doctree │ │ ├── new_plugin.doctree │ │ ├── overview.doctree │ │ ├── process_manager.doctree │ │ ├── setup.doctree │ │ └── winapi.doctree │ └── html │ │ ├── .buildinfo │ │ ├── _sources │ │ ├── filesystem.rst.txt │ │ ├── index.rst.txt │ │ ├── network.rst.txt │ │ ├── new_plugin.rst.txt │ │ ├── overview.rst.txt │ │ ├── process_manager.rst.txt │ │ ├── setup.rst.txt │ │ └── winapi.rst.txt │ │ ├── _static │ │ ├── basic.css │ │ ├── css │ │ │ ├── badge_only.css │ │ │ └── theme.css │ │ ├── doctools.js │ │ ├── documentation_options.js │ │ ├── file.png │ │ ├── fonts │ │ │ ├── Inconsolata-Bold.ttf │ │ │ ├── Inconsolata-Regular.ttf │ │ │ ├── Inconsolata.ttf │ │ │ ├── Lato-Bold.ttf │ │ │ ├── Lato-Regular.ttf │ │ │ ├── Lato │ │ │ │ ├── lato-bold.eot │ │ │ │ ├── lato-bold.ttf │ │ │ │ ├── lato-bold.woff │ │ │ │ ├── lato-bold.woff2 │ │ │ │ ├── lato-bolditalic.eot │ │ │ │ ├── lato-bolditalic.ttf │ │ │ │ ├── lato-bolditalic.woff │ │ │ │ ├── lato-bolditalic.woff2 │ │ │ │ ├── lato-italic.eot │ │ │ │ ├── lato-italic.ttf │ │ │ │ ├── lato-italic.woff │ │ │ │ ├── lato-italic.woff2 │ │ │ │ ├── lato-regular.eot │ │ │ │ ├── lato-regular.ttf │ │ │ │ ├── lato-regular.woff │ │ │ │ └── lato-regular.woff2 │ │ │ ├── RobotoSlab-Bold.ttf │ │ │ ├── RobotoSlab-Regular.ttf │ │ │ ├── RobotoSlab │ │ │ │ ├── roboto-slab-v7-bold.eot │ │ │ │ ├── roboto-slab-v7-bold.ttf │ │ │ │ ├── roboto-slab-v7-bold.woff │ │ │ │ ├── roboto-slab-v7-bold.woff2 │ │ │ │ ├── roboto-slab-v7-regular.eot │ │ │ │ ├── roboto-slab-v7-regular.ttf │ │ │ │ ├── roboto-slab-v7-regular.woff │ │ │ │ └── roboto-slab-v7-regular.woff2 │ │ │ ├── fontawesome-webfont.eot │ │ │ ├── fontawesome-webfont.svg │ │ │ ├── fontawesome-webfont.ttf │ │ │ ├── fontawesome-webfont.woff │ │ │ └── fontawesome-webfont.woff2 │ │ ├── jquery-3.2.1.js │ │ ├── jquery.js │ │ ├── js │ │ │ ├── modernizr.min.js │ │ │ └── theme.js │ │ ├── language_data.js │ │ ├── minus.png │ │ ├── plus.png │ │ ├── pygments.css │ │ ├── searchtools.js │ │ ├── underscore-1.3.1.js │ │ └── underscore.js │ │ ├── filesystem.html │ │ ├── genindex.html │ │ ├── index.html │ │ ├── network.html │ │ ├── new_plugin.html │ │ ├── objects.inv │ │ ├── overview.html │ │ ├── process_manager.html │ │ ├── py-modindex.html │ │ ├── search.html │ │ ├── searchindex.js │ │ ├── setup.html │ │ └── winapi.html ├── filesystem.rst ├── index.html ├── index.rst ├── network.rst ├── new_plugin.rst ├── overview.rst ├── process_manager.rst ├── setup.rst └── winapi.rst ├── orchestrator.py ├── plugins ├── __init__.py ├── gh0st_rat.py └── njrat.py ├── puppet_rat.py ├── requirements.txt ├── resources ├── fs_template.pkl ├── map_filesystem.py └── pslist.csv ├── stage_props ├── __init__.py ├── filesystem.py ├── network.py ├── process_manager.py ├── utils.py └── winapi.py ├── targets.yaml └── tests ├── test_filesystem.py └── test_process_manager.py /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/.gitignore -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/LICENSE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/README.md -------------------------------------------------------------------------------- /__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /config.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/config.yaml -------------------------------------------------------------------------------- /docs/.nojekyll: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /docs/Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/Makefile -------------------------------------------------------------------------------- /docs/conf.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/conf.py -------------------------------------------------------------------------------- /docs/docs/doctrees/environment.pickle: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/doctrees/environment.pickle -------------------------------------------------------------------------------- /docs/docs/doctrees/filesystem.doctree: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/doctrees/filesystem.doctree -------------------------------------------------------------------------------- /docs/docs/doctrees/index.doctree: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/doctrees/index.doctree -------------------------------------------------------------------------------- /docs/docs/doctrees/network.doctree: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/doctrees/network.doctree -------------------------------------------------------------------------------- /docs/docs/doctrees/new_plugin.doctree: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/doctrees/new_plugin.doctree -------------------------------------------------------------------------------- /docs/docs/doctrees/overview.doctree: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/doctrees/overview.doctree -------------------------------------------------------------------------------- /docs/docs/doctrees/process_manager.doctree: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/doctrees/process_manager.doctree -------------------------------------------------------------------------------- /docs/docs/doctrees/setup.doctree: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/doctrees/setup.doctree -------------------------------------------------------------------------------- /docs/docs/doctrees/winapi.doctree: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/doctrees/winapi.doctree -------------------------------------------------------------------------------- /docs/docs/html/.buildinfo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/.buildinfo -------------------------------------------------------------------------------- /docs/docs/html/_sources/filesystem.rst.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_sources/filesystem.rst.txt -------------------------------------------------------------------------------- /docs/docs/html/_sources/index.rst.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_sources/index.rst.txt -------------------------------------------------------------------------------- /docs/docs/html/_sources/network.rst.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_sources/network.rst.txt -------------------------------------------------------------------------------- /docs/docs/html/_sources/new_plugin.rst.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_sources/new_plugin.rst.txt -------------------------------------------------------------------------------- /docs/docs/html/_sources/overview.rst.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_sources/overview.rst.txt -------------------------------------------------------------------------------- /docs/docs/html/_sources/process_manager.rst.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_sources/process_manager.rst.txt -------------------------------------------------------------------------------- /docs/docs/html/_sources/setup.rst.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_sources/setup.rst.txt -------------------------------------------------------------------------------- /docs/docs/html/_sources/winapi.rst.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_sources/winapi.rst.txt -------------------------------------------------------------------------------- /docs/docs/html/_static/basic.css: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/basic.css -------------------------------------------------------------------------------- /docs/docs/html/_static/css/badge_only.css: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/css/badge_only.css -------------------------------------------------------------------------------- /docs/docs/html/_static/css/theme.css: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/css/theme.css -------------------------------------------------------------------------------- /docs/docs/html/_static/doctools.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/doctools.js -------------------------------------------------------------------------------- /docs/docs/html/_static/documentation_options.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/documentation_options.js -------------------------------------------------------------------------------- /docs/docs/html/_static/file.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/file.png -------------------------------------------------------------------------------- /docs/docs/html/_static/fonts/Inconsolata-Bold.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/fonts/Inconsolata-Bold.ttf -------------------------------------------------------------------------------- /docs/docs/html/_static/fonts/Inconsolata-Regular.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/fonts/Inconsolata-Regular.ttf -------------------------------------------------------------------------------- /docs/docs/html/_static/fonts/Inconsolata.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/fonts/Inconsolata.ttf -------------------------------------------------------------------------------- /docs/docs/html/_static/fonts/Lato-Bold.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/fonts/Lato-Bold.ttf -------------------------------------------------------------------------------- /docs/docs/html/_static/fonts/Lato-Regular.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/fonts/Lato-Regular.ttf -------------------------------------------------------------------------------- /docs/docs/html/_static/fonts/Lato/lato-bold.eot: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/fonts/Lato/lato-bold.eot -------------------------------------------------------------------------------- /docs/docs/html/_static/fonts/Lato/lato-bold.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/fonts/Lato/lato-bold.ttf -------------------------------------------------------------------------------- /docs/docs/html/_static/fonts/Lato/lato-bold.woff: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/fonts/Lato/lato-bold.woff -------------------------------------------------------------------------------- /docs/docs/html/_static/fonts/Lato/lato-bold.woff2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/fonts/Lato/lato-bold.woff2 -------------------------------------------------------------------------------- /docs/docs/html/_static/fonts/Lato/lato-bolditalic.eot: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/fonts/Lato/lato-bolditalic.eot -------------------------------------------------------------------------------- /docs/docs/html/_static/fonts/Lato/lato-bolditalic.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/fonts/Lato/lato-bolditalic.ttf -------------------------------------------------------------------------------- /docs/docs/html/_static/fonts/Lato/lato-bolditalic.woff: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/fonts/Lato/lato-bolditalic.woff -------------------------------------------------------------------------------- /docs/docs/html/_static/fonts/Lato/lato-bolditalic.woff2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/fonts/Lato/lato-bolditalic.woff2 -------------------------------------------------------------------------------- /docs/docs/html/_static/fonts/Lato/lato-italic.eot: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/fonts/Lato/lato-italic.eot -------------------------------------------------------------------------------- /docs/docs/html/_static/fonts/Lato/lato-italic.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/fonts/Lato/lato-italic.ttf -------------------------------------------------------------------------------- /docs/docs/html/_static/fonts/Lato/lato-italic.woff: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/fonts/Lato/lato-italic.woff -------------------------------------------------------------------------------- /docs/docs/html/_static/fonts/Lato/lato-italic.woff2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/fonts/Lato/lato-italic.woff2 -------------------------------------------------------------------------------- /docs/docs/html/_static/fonts/Lato/lato-regular.eot: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/fonts/Lato/lato-regular.eot -------------------------------------------------------------------------------- /docs/docs/html/_static/fonts/Lato/lato-regular.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/fonts/Lato/lato-regular.ttf -------------------------------------------------------------------------------- /docs/docs/html/_static/fonts/Lato/lato-regular.woff: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/fonts/Lato/lato-regular.woff -------------------------------------------------------------------------------- /docs/docs/html/_static/fonts/Lato/lato-regular.woff2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/fonts/Lato/lato-regular.woff2 -------------------------------------------------------------------------------- /docs/docs/html/_static/fonts/RobotoSlab-Bold.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/fonts/RobotoSlab-Bold.ttf -------------------------------------------------------------------------------- /docs/docs/html/_static/fonts/RobotoSlab-Regular.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/fonts/RobotoSlab-Regular.ttf -------------------------------------------------------------------------------- /docs/docs/html/_static/fonts/RobotoSlab/roboto-slab-v7-bold.eot: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/fonts/RobotoSlab/roboto-slab-v7-bold.eot -------------------------------------------------------------------------------- /docs/docs/html/_static/fonts/RobotoSlab/roboto-slab-v7-bold.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/fonts/RobotoSlab/roboto-slab-v7-bold.ttf -------------------------------------------------------------------------------- /docs/docs/html/_static/fonts/RobotoSlab/roboto-slab-v7-bold.woff: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/fonts/RobotoSlab/roboto-slab-v7-bold.woff -------------------------------------------------------------------------------- /docs/docs/html/_static/fonts/RobotoSlab/roboto-slab-v7-bold.woff2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/fonts/RobotoSlab/roboto-slab-v7-bold.woff2 -------------------------------------------------------------------------------- /docs/docs/html/_static/fonts/RobotoSlab/roboto-slab-v7-regular.eot: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/fonts/RobotoSlab/roboto-slab-v7-regular.eot -------------------------------------------------------------------------------- /docs/docs/html/_static/fonts/RobotoSlab/roboto-slab-v7-regular.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/fonts/RobotoSlab/roboto-slab-v7-regular.ttf -------------------------------------------------------------------------------- /docs/docs/html/_static/fonts/RobotoSlab/roboto-slab-v7-regular.woff: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/fonts/RobotoSlab/roboto-slab-v7-regular.woff -------------------------------------------------------------------------------- /docs/docs/html/_static/fonts/RobotoSlab/roboto-slab-v7-regular.woff2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/fonts/RobotoSlab/roboto-slab-v7-regular.woff2 -------------------------------------------------------------------------------- /docs/docs/html/_static/fonts/fontawesome-webfont.eot: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/fonts/fontawesome-webfont.eot -------------------------------------------------------------------------------- /docs/docs/html/_static/fonts/fontawesome-webfont.svg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/fonts/fontawesome-webfont.svg -------------------------------------------------------------------------------- /docs/docs/html/_static/fonts/fontawesome-webfont.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/fonts/fontawesome-webfont.ttf -------------------------------------------------------------------------------- /docs/docs/html/_static/fonts/fontawesome-webfont.woff: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/fonts/fontawesome-webfont.woff -------------------------------------------------------------------------------- /docs/docs/html/_static/fonts/fontawesome-webfont.woff2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/fonts/fontawesome-webfont.woff2 -------------------------------------------------------------------------------- /docs/docs/html/_static/jquery-3.2.1.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/jquery-3.2.1.js -------------------------------------------------------------------------------- /docs/docs/html/_static/jquery.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/jquery.js -------------------------------------------------------------------------------- /docs/docs/html/_static/js/modernizr.min.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/js/modernizr.min.js -------------------------------------------------------------------------------- /docs/docs/html/_static/js/theme.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/js/theme.js -------------------------------------------------------------------------------- /docs/docs/html/_static/language_data.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/language_data.js -------------------------------------------------------------------------------- /docs/docs/html/_static/minus.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/minus.png -------------------------------------------------------------------------------- /docs/docs/html/_static/plus.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/plus.png -------------------------------------------------------------------------------- /docs/docs/html/_static/pygments.css: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/pygments.css -------------------------------------------------------------------------------- /docs/docs/html/_static/searchtools.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/searchtools.js -------------------------------------------------------------------------------- /docs/docs/html/_static/underscore-1.3.1.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/underscore-1.3.1.js -------------------------------------------------------------------------------- /docs/docs/html/_static/underscore.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/_static/underscore.js -------------------------------------------------------------------------------- /docs/docs/html/filesystem.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/filesystem.html -------------------------------------------------------------------------------- /docs/docs/html/genindex.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/genindex.html -------------------------------------------------------------------------------- /docs/docs/html/index.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/index.html -------------------------------------------------------------------------------- /docs/docs/html/network.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/network.html -------------------------------------------------------------------------------- /docs/docs/html/new_plugin.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/new_plugin.html -------------------------------------------------------------------------------- /docs/docs/html/objects.inv: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/objects.inv -------------------------------------------------------------------------------- /docs/docs/html/overview.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/overview.html -------------------------------------------------------------------------------- /docs/docs/html/process_manager.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/process_manager.html -------------------------------------------------------------------------------- /docs/docs/html/py-modindex.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/py-modindex.html -------------------------------------------------------------------------------- /docs/docs/html/search.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/search.html -------------------------------------------------------------------------------- /docs/docs/html/searchindex.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/searchindex.js -------------------------------------------------------------------------------- /docs/docs/html/setup.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/setup.html -------------------------------------------------------------------------------- /docs/docs/html/winapi.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/docs/html/winapi.html -------------------------------------------------------------------------------- /docs/filesystem.rst: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/filesystem.rst -------------------------------------------------------------------------------- /docs/index.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/index.html -------------------------------------------------------------------------------- /docs/index.rst: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/index.rst -------------------------------------------------------------------------------- /docs/network.rst: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/network.rst -------------------------------------------------------------------------------- /docs/new_plugin.rst: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/new_plugin.rst -------------------------------------------------------------------------------- /docs/overview.rst: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/overview.rst -------------------------------------------------------------------------------- /docs/process_manager.rst: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/process_manager.rst -------------------------------------------------------------------------------- /docs/setup.rst: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/setup.rst -------------------------------------------------------------------------------- /docs/winapi.rst: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/docs/winapi.rst -------------------------------------------------------------------------------- /orchestrator.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/orchestrator.py -------------------------------------------------------------------------------- /plugins/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /plugins/gh0st_rat.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/plugins/gh0st_rat.py -------------------------------------------------------------------------------- /plugins/njrat.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/plugins/njrat.py -------------------------------------------------------------------------------- /puppet_rat.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/puppet_rat.py -------------------------------------------------------------------------------- /requirements.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/requirements.txt -------------------------------------------------------------------------------- /resources/fs_template.pkl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/resources/fs_template.pkl -------------------------------------------------------------------------------- /resources/map_filesystem.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/resources/map_filesystem.py -------------------------------------------------------------------------------- /resources/pslist.csv: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/resources/pslist.csv -------------------------------------------------------------------------------- /stage_props/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /stage_props/filesystem.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/stage_props/filesystem.py -------------------------------------------------------------------------------- /stage_props/network.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/stage_props/network.py -------------------------------------------------------------------------------- /stage_props/process_manager.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/stage_props/process_manager.py -------------------------------------------------------------------------------- /stage_props/utils.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/stage_props/utils.py -------------------------------------------------------------------------------- /stage_props/winapi.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/stage_props/winapi.py -------------------------------------------------------------------------------- /targets.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/targets.yaml -------------------------------------------------------------------------------- /tests/test_filesystem.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/tests/test_filesystem.py -------------------------------------------------------------------------------- /tests/test_process_manager.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/intezer/MoP/HEAD/tests/test_process_manager.py --------------------------------------------------------------------------------