├── .github └── FUNDING.yml ├── .gitignore ├── README.md ├── _utils ├── README.md ├── _find_requierements.py ├── create_json_files.py ├── create_sigma_rules.py ├── download_hunting_keywords.py ├── main.py ├── requirements.txt └── threathunting-keywords.csv └── sigma_rules ├── greyware_tools ├── 0bin_net │ ├── 0bin_net.json │ └── 0bin_net.yml ├── 12ft_io │ ├── 12ft_io.json │ └── 12ft_io.yml ├── 1clickVPN │ ├── 1clickVPN.json │ └── 1clickVPN.yml ├── 1secmail_com │ ├── 1secmail_com.json │ └── 1secmail_com.yml ├── 1ty_me │ ├── 1ty_me.json │ └── 1ty_me.yml ├── 3proxy │ ├── 3proxy.json │ └── 3proxy.yml ├── 4shared_com │ ├── 4shared_com.json │ └── 4shared_com.yml ├── AADInternals │ ├── AADInternals.json │ └── AADInternals.yml ├── AD_common_queries │ ├── AD_common_queries.json │ └── AD_common_queries.yml ├── APT │ ├── APT.json │ └── APT.yml ├── AVDump │ ├── AVDump.json │ └── AVDump.yml ├── Acunetix_Web_Vulnerability_Scanner │ ├── Acunetix_Web_Vulnerability_Scanner.json │ └── Acunetix_Web_Vulnerability_Scanner.yml ├── AdGuard_VPN │ ├── AdGuard_VPN.json │ └── AdGuard_VPN.yml ├── Adblock_Office_VPN_Proxy_Server │ ├── Adblock_Office_VPN_Proxy_Server.json │ └── Adblock_Office_VPN_Proxy_Server.yml ├── AdvancedRun │ ├── AdvancedRun.json │ └── AdvancedRun.yml ├── Ahk2Exe │ ├── Ahk2Exe.json │ └── Ahk2Exe.yml ├── Alpemix │ ├── Alpemix.json │ └── Alpemix.yml ├── Ammyy_Admin │ ├── Ammyy_Admin.json │ └── Ammyy_Admin.yml ├── AmperageKit │ ├── AmperageKit.json │ └── AmperageKit.yml ├── Anonymous_Proxy_Vpn_Browser │ ├── Anonymous_Proxy_Vpn_Browser.json │ └── Anonymous_Proxy_Vpn_Browser.yml ├── AnyplaceControl │ ├── AnyplaceControl.json │ └── AnyplaceControl.yml ├── Astar_VPN │ ├── Astar_VPN.json │ └── Astar_VPN.yml ├── Atera │ ├── Atera.json │ └── Atera.yml ├── AutoHotkey │ ├── AutoHotkey.json │ └── AutoHotkey.yml ├── AutoIt │ ├── AutoIt.json │ └── AutoIt.yml ├── Avast │ ├── Avast.json │ └── Avast.yml ├── Azino_VPN │ ├── Azino_VPN.json │ └── Azino_VPN.yml ├── Azure_Storage_Explorer │ ├── Azure_Storage_Explorer.json │ └── Azure_Storage_Explorer.yml ├── BarracudaRMM │ ├── BarracudaRMM.json │ └── BarracudaRMM.yml ├── BelkaVPN │ ├── BelkaVPN.json │ └── BelkaVPN.yml ├── Best_VPN_USA │ ├── Best_VPN_USA.json │ └── Best_VPN_USA.yml ├── BitLockerToGo │ ├── BitLockerToGo.json │ └── BitLockerToGo.yml ├── Bomgar │ ├── Bomgar.json │ └── Bomgar.yml ├── Box │ ├── Box.json │ └── Box.yml ├── Browsec_VPN │ ├── Browsec_VPN.json │ └── Browsec_VPN.yml ├── Browser_VPN │ ├── Browser_VPN.json │ └── Browser_VPN.yml ├── BullVPN │ ├── BullVPN.json │ └── BullVPN.yml ├── ChromeCookiesView │ ├── ChromeCookiesView.json │ └── ChromeCookiesView.yml ├── Cloud_VPN │ ├── Cloud_VPN.json │ └── Cloud_VPN.yml ├── Cmdkey │ ├── Cmdkey.json │ └── Cmdkey.yml ├── ComodoRMM │ ├── ComodoRMM.json │ └── ComodoRMM.yml ├── ComodoRMM__Itarian_RMM_ │ ├── ComodoRMM__Itarian_RMM_.json │ └── ComodoRMM__Itarian_RMM_.yml ├── Compress_Archive │ ├── Compress_Archive.json │ └── Compress_Archive.yml ├── CursedChrome │ ├── CursedChrome.json │ └── CursedChrome.yml ├── CyberGhost_VPN │ ├── CyberGhost_VPN.json │ └── CyberGhost_VPN.yml ├── DEEPRISM_VPN │ ├── DEEPRISM_VPN.json │ └── DEEPRISM_VPN.yml ├── Daily_VPN │ ├── Daily_VPN.json │ └── Daily_VPN.yml ├── Dameware │ ├── Dameware.json │ └── Dameware.yml ├── Dataplicity │ ├── Dataplicity.json │ └── Dataplicity.yml ├── Disk2vhd │ ├── Disk2vhd.json │ └── Disk2vhd.yml ├── DotVPN │ ├── DotVPN.json │ └── DotVPN.yml ├── EHORUS_RMM │ ├── EHORUS_RMM.json │ └── EHORUS_RMM.yml ├── Earth_VPN │ ├── Earth_VPN.json │ └── Earth_VPN.yml ├── Excel │ ├── Excel.json │ └── Excel.yml ├── ExpressVPN │ ├── ExpressVPN.json │ └── ExpressVPN.yml ├── FREE_VPN_DEWELOPMENT │ ├── FREE_VPN_DEWELOPMENT.json │ └── FREE_VPN_DEWELOPMENT.yml ├── FastStunnel_VPN │ ├── FastStunnel_VPN.json │ └── FastStunnel_VPN.yml ├── FastestVPN_Proxy │ ├── FastestVPN_Proxy.json │ └── FastestVPN_Proxy.yml ├── FileZilla │ ├── FileZilla.json │ └── FileZilla.yml ├── Fornex_VPN │ ├── Fornex_VPN.json │ └── Fornex_VPN.yml ├── FoxyProxy_Standard │ ├── FoxyProxy_Standard.json │ └── FoxyProxy_Standard.yml ├── Free_Avira_Phantom_VPN │ ├── Free_Avira_Phantom_VPN.json │ └── Free_Avira_Phantom_VPN.yml ├── Free_Fast_VPN │ ├── Free_Fast_VPN.json │ └── Free_Fast_VPN.yml ├── Free_One_Touch_VPN │ ├── Free_One_Touch_VPN.json │ └── Free_One_Touch_VPN.yml ├── Free_Proxy_VPN │ ├── Free_Proxy_VPN.json │ └── Free_Proxy_VPN.yml ├── Free_Residential_VPN │ ├── Free_Residential_VPN.json │ └── Free_Residential_VPN.yml ├── Free_VPN │ ├── Free_VPN.json │ └── Free_VPN.yml ├── Free_VPN_for_Chrome │ ├── Free_VPN_for_Chrome.json │ └── Free_VPN_for_Chrome.yml ├── GeoProxy │ ├── GeoProxy.json │ └── GeoProxy.yml ├── Get_WmiObject │ ├── Get_WmiObject.json │ └── Get_WmiObject.yml ├── Getcap │ ├── Getcap.json │ └── Getcap.yml ├── GoToMyPC │ ├── GoToMyPC.json │ └── GoToMyPC.yml ├── Gom_VPN │ ├── Gom_VPN.json │ └── Gom_VPN.yml ├── Goodsync │ ├── Goodsync.json │ └── Goodsync.yml ├── Google_Remote_Desktop │ ├── Google_Remote_Desktop.json │ └── Google_Remote_Desktop.yml ├── Guru_VPN___Proxy │ ├── Guru_VPN___Proxy.json │ └── Guru_VPN___Proxy.yml ├── HMA_VPN_Proxy_Unblocker │ ├── HMA_VPN_Proxy_Unblocker.json │ └── HMA_VPN_Proxy_Unblocker.yml ├── HideAll_VPN │ ├── HideAll_VPN.json │ └── HideAll_VPN.yml ├── Hide_My_IP_VPN │ ├── Hide_My_IP_VPN.json │ └── Hide_My_IP_VPN.yml ├── Hideman_VPN │ ├── Hideman_VPN.json │ └── Hideman_VPN.yml ├── Hola_Free_VPN │ ├── Hola_Free_VPN.json │ └── Hola_Free_VPN.yml ├── Hola_VPN │ ├── Hola_VPN.json │ └── Hola_VPN.yml ├── Hotspot_Shield_Elite_VPN_Proxy │ ├── Hotspot_Shield_Elite_VPN_Proxy.json │ └── Hotspot_Shield_Elite_VPN_Proxy.yml ├── Hotspot_Shield_Free_VPN │ ├── Hotspot_Shield_Free_VPN.json │ └── Hotspot_Shield_Free_VPN.yml ├── Hoxx_VPN_Proxy │ ├── Hoxx_VPN_Proxy.json │ └── Hoxx_VPN_Proxy.yml ├── Hub_VPN │ ├── Hub_VPN.json │ └── Hub_VPN.yml ├── Hunter_io │ ├── Hunter_io.json │ └── Hunter_io.yml ├── IObitUnlocker │ ├── IObitUnlocker.json │ └── IObitUnlocker.yml ├── IPBurger_Proxy___VPN │ ├── IPBurger_Proxy___VPN.json │ └── IPBurger_Proxy___VPN.yml ├── IP_Unblock │ ├── IP_Unblock.json │ └── IP_Unblock.yml ├── Invoke_Maldaptive │ ├── Invoke_Maldaptive.json │ └── Invoke_Maldaptive.yml ├── LTProxy │ ├── LTProxy.json │ └── LTProxy.yml ├── Lansweeper │ ├── Lansweeper.json │ └── Lansweeper.yml ├── Lethean_Proxy_VPN │ ├── Lethean_Proxy_VPN.json │ └── Lethean_Proxy_VPN.yml ├── LogMeIn │ ├── LogMeIn.json │ └── LogMeIn.yml ├── MEGAcmd │ ├── MEGAcmd.json │ └── MEGAcmd.yml ├── MEGAsync │ ├── MEGAsync.json │ └── MEGAsync.yml ├── Malus_VPN │ ├── Malus_VPN.json │ └── Malus_VPN.yml ├── Microsoft_Recall │ ├── Microsoft_Recall.json │ └── Microsoft_Recall.yml ├── MozillaCookiesView │ ├── MozillaCookiesView.json │ └── MozillaCookiesView.yml ├── MpCmdRun │ ├── MpCmdRun.json │ └── MpCmdRun.yml ├── Muscle_VPN │ ├── Muscle_VPN.json │ └── Muscle_VPN.yml ├── My_Browser_Vpn │ ├── My_Browser_Vpn.json │ └── My_Browser_Vpn.yml ├── Neo4j │ ├── Neo4j.json │ └── Neo4j.yml ├── Neo_reGeorg │ ├── Neo_reGeorg.json │ └── Neo_reGeorg.yml ├── NetSupport │ ├── NetSupport.json │ └── NetSupport.yml ├── NetshRun │ ├── NetshRun.json │ └── NetshRun.yml ├── NimScan │ ├── NimScan.json │ └── NimScan.yml ├── NordVPN │ ├── NordVPN.json │ └── NordVPN.yml ├── Nsight_RMM │ ├── Nsight_RMM.json │ └── Nsight_RMM.yml ├── Nucleus_VPN │ ├── Nucleus_VPN.json │ └── Nucleus_VPN.yml ├── OPENVPN │ ├── OPENVPN.json │ └── OPENVPN.yml ├── OshiUpload │ ├── OshiUpload.json │ └── OshiUpload.yml ├── PAExec │ ├── PAExec.json │ └── PAExec.yml ├── PCHunter │ ├── PCHunter.json │ └── PCHunter.yml ├── PP_VPN │ ├── PP_VPN.json │ └── PP_VPN.yml ├── PortQry │ ├── PortQry.json │ └── PortQry.yml ├── Portr │ ├── Portr.json │ └── Portr.yml ├── Powertool │ ├── Powertool.json │ └── Powertool.yml ├── Prime_VPN │ ├── Prime_VPN.json │ └── Prime_VPN.yml ├── Private_Internet_Access │ ├── Private_Internet_Access.json │ └── Private_Internet_Access.yml ├── Pron_VPN │ ├── Pron_VPN.json │ └── Pron_VPN.yml ├── ProxFlow │ ├── ProxFlow.json │ └── ProxFlow.yml ├── Proxifier │ ├── Proxifier.json │ └── Proxifier.yml ├── ProxyFlow │ ├── ProxyFlow.json │ └── ProxyFlow.yml ├── Proxy_SwitchyOmega │ ├── Proxy_SwitchyOmega.json │ └── Proxy_SwitchyOmega.yml ├── Proxy_SwitchySharp │ ├── Proxy_SwitchySharp.json │ └── Proxy_SwitchySharp.yml ├── Pulseway │ ├── Pulseway.json │ └── Pulseway.yml ├── PureVPN │ ├── PureVPN.json │ └── PureVPN.yml ├── Push_VPN │ ├── Push_VPN.json │ └── Push_VPN.yml ├── PyPagekite │ ├── PyPagekite.json │ └── PyPagekite.yml ├── Quasar │ ├── Quasar.json │ └── Quasar.yml ├── QuickAssist │ ├── QuickAssist.json │ └── QuickAssist.yml ├── Radmin │ ├── Radmin.json │ └── Radmin.yml ├── Red_Panda_VPN │ ├── Red_Panda_VPN.json │ └── Red_Panda_VPN.yml ├── RemCom │ ├── RemCom.json │ └── RemCom.yml ├── RemotePC │ ├── RemotePC.json │ └── RemotePC.yml ├── RemoteUtilities │ ├── RemoteUtilities.json │ └── RemoteUtilities.yml ├── RevoUninstaller │ ├── RevoUninstaller.json │ └── RevoUninstaller.yml ├── RpcView │ ├── RpcView.json │ └── RpcView.yml ├── RusVPN │ ├── RusVPN.json │ └── RusVPN.yml ├── RustDesk │ ├── RustDesk.json │ └── RustDesk.yml ├── Rust_Localtunnels │ ├── Rust_Localtunnels.json │ └── Rust_Localtunnels.yml ├── SSH_J_com │ ├── SSH_J_com.json │ └── SSH_J_com.yml ├── SaferVPN_Proxy │ ├── SaferVPN_Proxy.json │ └── SaferVPN_Proxy.yml ├── ScreenConnect │ ├── ScreenConnect.json │ └── ScreenConnect.yml ├── SentinelAgent │ ├── SentinelAgent.json │ └── SentinelAgent.yml ├── SetACL │ ├── SetACL.json │ └── SetACL.yml ├── SetupVPN │ ├── SetupVPN.json │ └── SetupVPN.yml ├── Shredder │ ├── Shredder.json │ └── Shredder.yml ├── SimpleHelp │ ├── SimpleHelp.json │ └── SimpleHelp.yml ├── SirTunnel │ ├── SirTunnel.json │ └── SirTunnel.yml ├── Social_VPN │ ├── Social_VPN.json │ └── Social_VPN.yml ├── SoftEtherVPN │ ├── SoftEtherVPN.json │ └── SoftEtherVPN.yml ├── Soul_VPN │ ├── Soul_VPN.json │ └── Soul_VPN.yml ├── Splashtop │ ├── Splashtop.json │ └── Splashtop.yml ├── Supremo │ ├── Supremo.json │ └── Supremo.yml ├── Surf_VPN │ ├── Surf_VPN.json │ └── Surf_VPN.yml ├── TDSKiller │ ├── TDSKiller.json │ └── TDSKiller.yml ├── Taskmgr │ ├── Taskmgr.json │ └── Taskmgr.yml ├── Thunder_Proxy │ ├── Thunder_Proxy.json │ └── Thunder_Proxy.yml ├── Touch_VPN │ ├── Touch_VPN.json │ └── Touch_VPN.yml ├── Trellonet │ ├── Trellonet.json │ └── Trellonet.yml ├── Trellonet_Trellonet │ ├── Trellonet_Trellonet.json │ └── Trellonet_Trellonet.yml ├── TunnelBear_VPN │ ├── TunnelBear_VPN.json │ └── TunnelBear_VPN.yml ├── Tunnello_VPN │ ├── Tunnello_VPN.json │ └── Tunnello_VPN.yml ├── Turbo_VPN_for_PC │ ├── Turbo_VPN_for_PC.json │ └── Turbo_VPN_for_PC.yml ├── UltraVNC │ ├── UltraVNC.json │ └── UltraVNC.yml ├── Ultrareach_VPN │ ├── Ultrareach_VPN.json │ └── Ultrareach_VPN.yml ├── Unblock_Websites │ ├── Unblock_Websites.json │ └── Unblock_Websites.yml ├── Universal_Virus_Sniffer │ ├── Universal_Virus_Sniffer.json │ └── Universal_Virus_Sniffer.yml ├── Unlimited_VPN___Proxy_by_ibVPN │ ├── Unlimited_VPN___Proxy_by_ibVPN.json │ └── Unlimited_VPN___Proxy_by_ibVPN.yml ├── Upnet │ ├── Upnet.json │ └── Upnet.yml ├── Urban_Free_VPN │ ├── Urban_Free_VPN.json │ └── Urban_Free_VPN.yml ├── Urban_Shield │ ├── Urban_Shield.json │ └── Urban_Shield.yml ├── VPNMatic │ ├── VPNMatic.json │ └── VPNMatic.yml ├── VPN_AC │ ├── VPN_AC.json │ └── VPN_AC.yml ├── VPN_Free │ ├── VPN_Free.json │ └── VPN_Free.yml ├── VPN_Master │ ├── VPN_Master.json │ └── VPN_Master.yml ├── VPN_PROXY_MASTER │ ├── VPN_PROXY_MASTER.json │ └── VPN_PROXY_MASTER.yml ├── VPN_Professional │ ├── VPN_Professional.json │ └── VPN_Professional.yml ├── VPN_Unlimited_Free │ ├── VPN_Unlimited_Free.json │ └── VPN_Unlimited_Free.yml ├── VPN_free_pro │ ├── VPN_free_pro.json │ └── VPN_free_pro.yml ├── Veee │ ├── Veee.json │ └── Veee.yml ├── VirtualBox │ ├── VirtualBox.json │ └── VirtualBox.yml ├── VirtualShield_VPN │ ├── VirtualShield_VPN.json │ └── VirtualShield_VPN.yml ├── VncSharp │ ├── VncSharp.json │ └── VncSharp.yml ├── Wachee_VPN │ ├── Wachee_VPN.json │ └── Wachee_VPN.yml ├── WeVPN │ ├── WeVPN.json │ └── WeVPN.yml ├── Whoer_VPN │ ├── Whoer_VPN.json │ └── Whoer_VPN.yml ├── WinSCP │ ├── WinSCP.json │ └── WinSCP.yml ├── WindmillVPN │ ├── WindmillVPN.json │ └── WindmillVPN.yml ├── Windscribe │ ├── Windscribe.json │ └── Windscribe.yml ├── WorkingVPN │ ├── WorkingVPN.json │ └── WorkingVPN.yml ├── ZenMate_VPN │ ├── ZenMate_VPN.json │ └── ZenMate_VPN.yml ├── Zoho_Assist │ ├── Zoho_Assist.json │ └── Zoho_Assist.yml ├── _ │ ├── _.json │ └── _.yml ├── _index_allocation │ ├── _index_allocation.json │ └── _index_allocation.yml ├── action1 │ ├── action1.json │ └── action1.yml ├── adexplorer │ ├── adexplorer.json │ └── adexplorer.yml ├── adfind │ ├── adfind.json │ └── adfind.yml ├── adget │ ├── adget.json │ └── adget.yml ├── adiskreader │ ├── adiskreader.json │ └── adiskreader.yml ├── adobe_com │ ├── adobe_com.json │ └── adobe_com.yml ├── adrecon │ ├── adrecon.json │ └── adrecon.yml ├── advanced_ip_scanner │ ├── advanced_ip_scanner.json │ └── advanced_ip_scanner.yml ├── advanced_port_scanner │ ├── advanced_port_scanner.json │ └── advanced_port_scanner.yml ├── aeroadmin │ ├── aeroadmin.json │ └── aeroadmin.yml ├── anonfiles_com │ ├── anonfiles_com.json │ └── anonfiles_com.yml ├── anydesk │ ├── anydesk.json │ └── anydesk.yml ├── anymailfinder │ ├── anymailfinder.json │ └── anymailfinder.yml ├── anyviewer │ ├── anyviewer.json │ └── anyviewer.yml ├── apaste_info │ ├── apaste_info.json │ └── apaste_info.yml ├── apkfold_free_vpn │ ├── apkfold_free_vpn.json │ └── apkfold_free_vpn.yml ├── arp │ ├── arp.json │ └── arp.yml ├── assoc │ ├── assoc.json │ └── assoc.yml ├── atnow │ ├── atnow.json │ └── atnow.yml ├── attrib │ ├── attrib.json │ └── attrib.yml ├── auditd │ ├── auditd.json │ └── auditd.yml ├── auvik │ ├── auvik.json │ └── auvik.yml ├── aweray │ ├── aweray.json │ └── aweray.yml ├── awk │ ├── awk.json │ └── awk.yml ├── base64 │ ├── base64.json │ └── base64.yml ├── bash │ ├── bash.json │ └── bash.yml ├── bash_keylogger │ ├── bash_keylogger.json │ └── bash_keylogger.yml ├── bash_port_scan │ ├── bash_port_scan.json │ └── bash_port_scan.yml ├── bashupload_com │ ├── bashupload_com.json │ └── bashupload_com.yml ├── bayfiles │ ├── bayfiles.json │ └── bayfiles.yml ├── bcdedit │ ├── bcdedit.json │ └── bcdedit.yml ├── bcedit │ ├── bcedit.json │ └── bcedit.yml ├── beeceptor_com │ ├── beeceptor_com.json │ └── beeceptor_com.yml ├── binwalk │ ├── binwalk.json │ └── binwalk.yml ├── bitbucket_org │ ├── bitbucket_org.json │ └── bitbucket_org.yml ├── bitsadmin │ ├── bitsadmin.json │ └── bitsadmin.yml ├── bittorent │ ├── bittorent.json │ └── bittorent.yml ├── bore │ ├── bore.json │ └── bore.yml ├── boringproxy │ ├── boringproxy.json │ └── boringproxy.yml ├── browser_lol │ ├── browser_lol.json │ └── browser_lol.yml ├── btunnel │ ├── btunnel.json │ └── btunnel.yml ├── btunnel_in │ ├── btunnel_in.json │ └── btunnel_in.yml ├── burrow │ ├── burrow.json │ └── burrow.yml ├── canarytokens_com │ ├── canarytokens_com.json │ └── canarytokens_com.yml ├── cat │ ├── cat.json │ └── cat.yml ├── catbox_moe │ ├── catbox_moe.json │ └── catbox_moe.yml ├── certoc │ ├── certoc.json │ └── certoc.yml ├── certutil │ ├── certutil.json │ └── certutil.yml ├── chattr │ ├── chattr.json │ └── chattr.yml ├── chcp │ ├── chcp.json │ └── chcp.yml ├── chgpass │ ├── chgpass.json │ └── chgpass.yml ├── chromium │ ├── chromium.json │ └── chromium.yml ├── clbin_com │ ├── clbin_com.json │ └── clbin_com.yml ├── cloudflared │ ├── cloudflared.json │ └── cloudflared.yml ├── comsvcs_dll │ ├── comsvcs_dll.json │ └── comsvcs_dll.yml ├── conhost_exe │ ├── conhost_exe.json │ └── conhost_exe.yml ├── copy │ ├── copy.json │ └── copy.yml ├── cp │ ├── cp.json │ └── cp.yml ├── croc │ ├── croc.json │ └── croc.yml ├── crond │ ├── crond.json │ └── crond.yml ├── crontab │ ├── crontab.json │ └── crontab.yml ├── crowbar │ ├── crowbar.json │ └── crowbar.yml ├── crowdstrike_falcon │ ├── crowdstrike_falcon.json │ └── crowdstrike_falcon.yml ├── csvde │ ├── csvde.json │ └── csvde.yml ├── curl │ ├── curl.json │ └── curl.yml ├── cut │ ├── cut.json │ └── cut.yml ├── cytool │ ├── cytool.json │ └── cytool.yml ├── dd │ ├── dd.json │ └── dd.yml ├── debugdfs │ ├── debugdfs.json │ └── debugdfs.yml ├── del │ ├── del.json │ └── del.yml ├── dev_tunnels │ ├── dev_tunnels.json │ └── dev_tunnels.yml ├── dig │ ├── dig.json │ └── dig.yml ├── dir │ ├── dir.json │ └── dir.yml ├── discord │ ├── discord.json │ └── discord.yml ├── diskshadow │ ├── diskshadow.json │ └── diskshadow.yml ├── dns │ ├── dns.json │ └── dns.yml ├── dnscmd │ ├── dnscmd.json │ └── dnscmd.yml ├── dnslog_cn │ ├── dnslog_cn.json │ └── dnslog_cn.yml ├── dpapi_py │ ├── dpapi_py.json │ └── dpapi_py.yml ├── dropbear │ ├── dropbear.json │ └── dropbear.yml ├── dropbox │ ├── dropbox.json │ └── dropbox.yml ├── dropmefiles_com │ ├── dropmefiles_com.json │ └── dropmefiles_com.yml ├── dsquery │ ├── dsquery.json │ └── dsquery.yml ├── duckdns_org │ ├── duckdns_org.json │ └── duckdns_org.yml ├── ducktail │ ├── ducktail.json │ └── ducktail.yml ├── dwagent │ ├── dwagent.json │ └── dwagent.yml ├── easyupload_io │ ├── easyupload_io.json │ └── easyupload_io.yml ├── echo │ ├── echo.json │ └── echo.yml ├── elastic_agent │ ├── elastic_agent.json │ └── elastic_agent.yml ├── email_format │ ├── email_format.json │ └── email_format.yml ├── eraser │ ├── eraser.json │ └── eraser.yml ├── esentutl │ ├── esentutl.json │ └── esentutl.yml ├── esxcli │ ├── esxcli.json │ └── esxcli.yml ├── export │ ├── export.json │ └── export.yml ├── expose │ ├── expose.json │ └── expose.yml ├── fex_net │ ├── fex_net.json │ └── fex_net.yml ├── fiddler │ ├── fiddler.json │ └── fiddler.yml ├── file_io │ ├── file_io.json │ └── file_io.yml ├── filebin_net │ ├── filebin_net.json │ └── filebin_net.yml ├── filetransfer_io │ ├── filetransfer_io.json │ └── filetransfer_io.yml ├── find │ ├── find.json │ └── find.yml ├── findstr │ ├── findstr.json │ └── findstr.yml ├── findstr_ │ ├── findstr_.json │ └── findstr_.yml ├── fleetdeck │ ├── fleetdeck.json │ └── fleetdeck.yml ├── fleetdm │ ├── fleetdm.json │ └── fleetdm.yml ├── freefilesync │ ├── freefilesync.json │ └── freefilesync.yml ├── frp │ ├── frp.json │ └── frp.yml ├── ftype │ ├── ftype.json │ └── ftype.yml ├── getent │ ├── getent.json │ └── getent.yml ├── github │ ├── github.json │ └── github.yml ├── go_http_tunnel │ ├── go_http_tunnel.json │ └── go_http_tunnel.yml ├── gofile_io │ ├── gofile_io.json │ └── gofile_io.yml ├── googleweblight_com │ ├── googleweblight_com.json │ └── googleweblight_com.yml ├── gost │ ├── gost.json │ └── gost.yml ├── gpg │ ├── gpg.json │ └── gpg.yml ├── grep │ ├── grep.json │ └── grep.yml ├── greyware_tool_keyword │ ├── greyware_tool_keyword.json │ └── greyware_tool_keyword.yml ├── gsocket │ ├── gsocket.json │ └── gsocket.yml ├── gt │ ├── gt.json │ └── gt.yml ├── gtfobins │ ├── gtfobins.json │ └── gtfobins.yml ├── guerrillamail │ ├── guerrillamail.json │ └── guerrillamail.yml ├── hackforums_net │ ├── hackforums_net.json │ └── hackforums_net.yml ├── history │ ├── history.json │ └── history.yml ├── homeway_io │ ├── homeway_io.json │ └── homeway_io.yml ├── http_server │ ├── http_server.json │ └── http_server.yml ├── hypertunnel │ ├── hypertunnel.json │ └── hypertunnel.yml ├── iNinja_VPN │ ├── iNinja_VPN.json │ └── iNinja_VPN.yml ├── icacls │ ├── icacls.json │ └── icacls.yml ├── icalcs │ ├── icalcs.json │ └── icalcs.yml ├── ifconfig │ ├── ifconfig.json │ └── ifconfig.yml ├── interactsh │ ├── interactsh.json │ └── interactsh.yml ├── ip │ ├── ip.json │ └── ip.yml ├── ip_api_com │ ├── ip_api_com.json │ └── ip_api_com.yml ├── ipscan │ ├── ipscan.json │ └── ipscan.yml ├── iptables │ ├── iptables.json │ └── iptables.yml ├── ipv4_myip_wtf │ ├── ipv4_myip_wtf.json │ └── ipv4_myip_wtf.yml ├── ired_team │ ├── ired_team.json │ └── ired_team.yml ├── ivy │ ├── ivy.json │ └── ivy.yml ├── jprq │ ├── jprq.json │ └── jprq.yml ├── kaseya_VSA │ ├── kaseya_VSA.json │ └── kaseya_VSA.yml ├── killProcessPOC │ ├── killProcessPOC.json │ └── killProcessPOC.yml ├── ldap_queries │ ├── ldap_queries.json │ └── ldap_queries.yml ├── ldapsearch │ ├── ldapsearch.json │ └── ldapsearch.yml ├── ldifde │ ├── ldifde.json │ └── ldifde.yml ├── level_io │ ├── level_io.json │ └── level_io.yml ├── linux │ ├── linux.json │ └── linux.yml ├── ln │ ├── ln.json │ └── ln.yml ├── localhost_run │ ├── localhost_run.json │ └── localhost_run.yml ├── localtunnel │ ├── localtunnel.json │ └── localtunnel.yml ├── localtunnels │ ├── localtunnels.json │ └── localtunnels.yml ├── localxpose │ ├── localxpose.json │ └── localxpose.yml ├── locate │ ├── locate.json │ └── locate.yml ├── ls │ ├── ls.json │ └── ls.yml ├── lsa_whisperer │ ├── lsa_whisperer.json │ └── lsa_whisperer.yml ├── macchanger │ ├── macchanger.json │ └── macchanger.yml ├── maildrop │ ├── maildrop.json │ └── maildrop.yml ├── mediafire │ ├── mediafire.json │ └── mediafire.yml ├── mega_co_nz │ ├── mega_co_nz.json │ └── mega_co_nz.yml ├── mega_nz │ ├── mega_nz.json │ └── mega_nz.yml ├── megatools │ ├── megatools.json │ └── megatools.yml ├── meshcentral │ ├── meshcentral.json │ └── meshcentral.yml ├── mkdir │ ├── mkdir.json │ └── mkdir.yml ├── modproble │ ├── modproble.json │ └── modproble.yml ├── movefile64_exe │ ├── movefile64_exe.json │ └── movefile64_exe.yml ├── mshta │ ├── mshta.json │ └── mshta.yml ├── msiexec │ ├── msiexec.json │ └── msiexec.yml ├── mv │ ├── mv.json │ └── mv.yml ├── my_ip_io │ ├── my_ip_io.json │ └── my_ip_io.yml ├── myexternalip_com │ ├── myexternalip_com.json │ └── myexternalip_com.yml ├── myftp_biz │ ├── myftp_biz.json │ └── myftp_biz.yml ├── myftp_org │ ├── myftp_org.json │ └── myftp_org.yml ├── nbtscan │ ├── nbtscan.json │ └── nbtscan.yml ├── nbtstat │ ├── nbtstat.json │ └── nbtstat.yml ├── nc │ ├── nc.json │ └── nc.yml ├── ncat │ ├── ncat.json │ └── ncat.yml ├── net │ ├── net.json │ └── net.yml ├── netcat │ ├── netcat.json │ └── netcat.yml ├── netscan │ ├── netscan.json │ └── netscan.yml ├── netsh │ ├── netsh.json │ └── netsh.yml ├── netstat │ ├── netstat.json │ └── netstat.yml ├── ngrok │ ├── ngrok.json │ └── ngrok.yml ├── nircmd │ ├── nircmd.json │ └── nircmd.yml ├── nirsoft_tools │ ├── nirsoft_tools.json │ └── nirsoft_tools.yml ├── nltest │ ├── nltest.json │ └── nltest.yml ├── nopaste_net │ ├── nopaste_net.json │ └── nopaste_net.yml ├── nping │ ├── nping.json │ └── nping.yml ├── ntdsutil │ ├── ntdsutil.json │ └── ntdsutil.yml ├── openssh_portable │ ├── openssh_portable.json │ └── openssh_portable.yml ├── openssh_server │ ├── openssh_server.json │ └── openssh_server.yml ├── oset │ ├── oset.json │ └── oset.yml ├── passwd │ ├── passwd.json │ └── passwd.yml ├── paste_ee │ ├── paste_ee.json │ └── paste_ee.yml ├── pastebin │ ├── pastebin.json │ └── pastebin.yml ├── pastebin_pl │ ├── pastebin_pl.json │ └── pastebin_pl.yml ├── pastie_org │ ├── pastie_org.json │ └── pastie_org.yml ├── pcunlocker │ ├── pcunlocker.json │ └── pcunlocker.yml ├── pdbedit │ ├── pdbedit.json │ └── pdbedit.yml ├── pgrok │ ├── pgrok.json │ └── pgrok.yml ├── phoenix_miner │ ├── phoenix_miner.json │ └── phoenix_miner.yml ├── php │ ├── php.json │ └── php.yml ├── pingcastle │ ├── pingcastle.json │ └── pingcastle.yml ├── pinggy │ ├── pinggy.json │ └── pinggy.yml ├── pktmon │ ├── pktmon.json │ └── pktmon.yml ├── plink │ ├── plink.json │ └── plink.yml ├── powershell │ ├── powershell.json │ └── powershell.yml ├── premiumize_me │ ├── premiumize_me.json │ └── premiumize_me.yml ├── privatebin_net │ ├── privatebin_net.json │ └── privatebin_net.yml ├── privnote_com │ ├── privnote_com.json │ └── privnote_com.yml ├── procdump │ ├── procdump.json │ └── procdump.yml ├── processhacker │ ├── processhacker.json │ └── processhacker.yml ├── procmon │ ├── procmon.json │ └── procmon.yml ├── produkey │ ├── produkey.json │ └── produkey.yml ├── psexec │ ├── psexec.json │ └── psexec.yml ├── pslist │ ├── pslist.json │ └── pslist.yml ├── psloggedon │ ├── psloggedon.json │ └── psloggedon.yml ├── put_io │ ├── put_io.json │ └── put_io.yml ├── putty │ ├── putty.json │ └── putty.yml ├── py2exe │ ├── py2exe.json │ └── py2exe.yml ├── pyinstaller │ ├── pyinstaller.json │ └── pyinstaller.yml ├── pyshark │ ├── pyshark.json │ └── pyshark.yml ├── python │ ├── python.json │ └── python.yml ├── qaz_im │ ├── qaz_im.json │ └── qaz_im.yml ├── qaz_is │ ├── qaz_is.json │ └── qaz_is.yml ├── qaz_su │ ├── qaz_su.json │ └── qaz_su.yml ├── qu_ax │ ├── qu_ax.json │ └── qu_ax.yml ├── qwinsta │ ├── qwinsta.json │ └── qwinsta.yml ├── rapid7 │ ├── rapid7.json │ └── rapid7.yml ├── rathole │ ├── rathole.json │ └── rathole.yml ├── rclone │ ├── rclone.json │ └── rclone.yml ├── rderzh_VPN_Proxy │ ├── rderzh_VPN_Proxy.json │ └── rderzh_VPN_Proxy.yml ├── rdp │ ├── rdp.json │ └── rdp.yml ├── rdpscan │ ├── rdpscan.json │ └── rdpscan.yml ├── rdpwrap │ ├── rdpwrap.json │ └── rdpwrap.yml ├── rdrleakdiag │ ├── rdrleakdiag.json │ └── rdrleakdiag.yml ├── reg │ ├── reg.json │ └── reg.yml ├── regsvr32 │ ├── regsvr32.json │ └── regsvr32.yml ├── remoteit │ ├── remoteit.json │ └── remoteit.yml ├── remotemoe │ ├── remotemoe.json │ └── remotemoe.yml ├── ren │ ├── ren.json │ └── ren.yml ├── rentry_co │ ├── rentry_co.json │ └── rentry_co.yml ├── requestbin_net │ ├── requestbin_net.json │ └── requestbin_net.yml ├── requests_ntlm │ ├── requests_ntlm.json │ └── requests_ntlm.yml ├── restic │ ├── restic.json │ └── restic.yml ├── reverse_tunnel │ ├── reverse_tunnel.json │ └── reverse_tunnel.yml ├── rm │ ├── rm.json │ └── rm.yml ├── rmdir_ │ ├── rmdir_.json │ └── rmdir_.yml ├── rmmod │ ├── rmmod.json │ └── rmmod.yml ├── route │ ├── route.json │ └── route.yml ├── routerscan │ ├── routerscan.json │ └── routerscan.yml ├── rpcclient │ ├── rpcclient.json │ └── rpcclient.yml ├── rsocks │ ├── rsocks.json │ └── rsocks.yml ├── rsync │ ├── rsync.json │ └── rsync.yml ├── ruby │ ├── ruby.json │ └── ruby.yml ├── rundll32 │ ├── rundll32.json │ └── rundll32.yml ├── sVPN │ ├── sVPN.json │ └── sVPN.yml ├── samba │ ├── samba.json │ └── samba.yml ├── sc │ ├── sc.json │ └── sc.yml ├── schtasks │ ├── schtasks.json │ └── schtasks.yml ├── scp │ ├── scp.json │ └── scp.yml ├── sdelete │ ├── sdelete.json │ └── sdelete.yml ├── sed │ ├── sed.json │ └── sed.yml ├── send_exploit_in │ ├── send_exploit_in.json │ └── send_exploit_in.yml ├── sendspace_com │ ├── sendspace_com.json │ └── sendspace_com.yml ├── serveo_net │ ├── serveo_net.json │ └── serveo_net.yml ├── set │ ├── set.json │ └── set.yml ├── setspn │ ├── setspn.json │ └── setspn.yml ├── sftp │ ├── sftp.json │ └── sftp.yml ├── shadowsocks │ ├── shadowsocks.json │ └── shadowsocks.yml ├── share_riseup_net │ ├── share_riseup_net.json │ └── share_riseup_net.yml ├── shell │ ├── shell.json │ └── shell.yml ├── shred │ ├── shred.json │ └── shred.yml ├── simplehttpserver │ ├── simplehttpserver.json │ └── simplehttpserver.yml ├── sish │ ├── sish.json │ └── sish.yml ├── skymen_info │ ├── skymen_info.json │ └── skymen_info.yml ├── slack │ ├── slack.json │ └── slack.yml ├── smc │ ├── smc.json │ └── smc.yml ├── snmpcheck │ ├── snmpcheck.json │ └── snmpcheck.yml ├── snmpwalk │ ├── snmpwalk.json │ └── snmpwalk.yml ├── socat │ ├── socat.json │ └── socat.yml ├── softperfect_networkscanner │ ├── softperfect_networkscanner.json │ └── softperfect_networkscanner.yml ├── speedtest │ ├── speedtest.json │ └── speedtest.yml ├── ss │ ├── ss.json │ └── ss.yml ├── ssh │ ├── ssh.json │ └── ssh.yml ├── sshtunnel │ ├── sshtunnel.json │ └── sshtunnel.yml ├── sshuttle │ ├── sshuttle.json │ └── sshuttle.yml ├── sshx │ ├── sshx.json │ └── sshx.yml ├── sslip_io │ ├── sslip_io.json │ └── sslip_io.yml ├── staqlab_tunnel │ ├── staqlab_tunnel.json │ └── staqlab_tunnel.yml ├── steam │ ├── steam.json │ └── steam.yml ├── stunnel │ ├── stunnel.json │ └── stunnel.yml ├── sudo │ ├── sudo.json │ └── sudo.yml ├── sudoers │ ├── sudoers.json │ └── sudoers.yml ├── suo5 │ ├── suo5.json │ └── suo5.yml ├── surfshark_VPN │ ├── surfshark_VPN.json │ └── surfshark_VPN.yml ├── syncthing │ ├── syncthing.json │ └── syncthing.yml ├── sysctl │ ├── sysctl.json │ └── sysctl.yml ├── systemctl │ ├── systemctl.json │ └── systemctl.yml ├── systeminfo │ ├── systeminfo.json │ └── systeminfo.yml ├── tacticalrmm │ ├── tacticalrmm.json │ └── tacticalrmm.yml ├── tailscale │ ├── tailscale.json │ └── tailscale.yml ├── takeown │ ├── takeown.json │ └── takeown.yml ├── taskkill │ ├── taskkill.json │ └── taskkill.yml ├── tasklist │ ├── tasklist.json │ └── tasklist.yml ├── tcpdump │ ├── tcpdump.json │ └── tcpdump.yml ├── teamviewer │ ├── teamviewer.json │ └── teamviewer.yml ├── telebit_cloud │ ├── telebit_cloud.json │ └── telebit_cloud.yml ├── telegram │ ├── telegram.json │ └── telegram.yml ├── telnet │ ├── telnet.json │ └── telnet.yml ├── temp_mail │ ├── temp_mail.json │ └── temp_mail.yml ├── temp_sh │ ├── temp_sh.json │ └── temp_sh.yml ├── tempsend_com │ ├── tempsend_com.json │ └── tempsend_com.yml ├── termbin_com │ ├── termbin_com.json │ └── termbin_com.yml ├── textbin_net │ ├── textbin_net.json │ └── textbin_net.yml ├── tightvnc │ ├── tightvnc.json │ └── tightvnc.yml ├── tir_blanc_holiseum │ ├── tir_blanc_holiseum.json │ └── tir_blanc_holiseum.yml ├── tmate │ ├── tmate.json │ └── tmate.yml ├── tmpfiles_org │ ├── tmpfiles_org.json │ └── tmpfiles_org.yml ├── tmpwatch │ ├── tmpwatch.json │ └── tmpwatch.yml ├── touch │ ├── touch.json │ └── touch.yml ├── track_adform_net │ ├── track_adform_net.json │ └── track_adform_net.yml ├── transfer_sh │ ├── transfer_sh.json │ └── transfer_sh.yml ├── transfert_my_files_com │ ├── transfert_my_files_com.json │ └── transfert_my_files_com.yml ├── translate_goog │ ├── translate_goog.json │ └── translate_goog.yml ├── truncate │ ├── truncate.json │ └── truncate.yml ├── trycloudflare_com │ ├── trycloudflare_com.json │ └── trycloudflare_com.yml ├── tunnel │ ├── tunnel.json │ └── tunnel.yml ├── tunnel_pyjam_as │ ├── tunnel_pyjam_as.json │ └── tunnel_pyjam_as.yml ├── tunneller │ ├── tunneller.json │ └── tunneller.yml ├── tunnelmole_client │ ├── tunnelmole_client.json │ └── tunnelmole_client.yml ├── tunnelto_dev │ ├── tunnelto_dev.json │ └── tunnelto_dev.yml ├── tunwg │ ├── tunwg.json │ └── tunwg.yml ├── typeperf │ ├── typeperf.json │ └── typeperf.yml ├── uVPN │ ├── uVPN.json │ └── uVPN.yml ├── ufile_io │ ├── ufile_io.json │ └── ufile_io.yml ├── unlink │ ├── unlink.json │ └── unlink.yml ├── unset │ ├── unset.json │ └── unset.yml ├── unshadow │ ├── unshadow.json │ └── unshadow.yml ├── updog │ ├── updog.json │ └── updog.yml ├── usaupload │ ├── usaupload.json │ └── usaupload.yml ├── utorrent │ ├── utorrent.json │ └── utorrent.yml ├── vncviewer │ ├── vncviewer.json │ └── vncviewer.yml ├── vscode │ ├── vscode.json │ └── vscode.yml ├── vsftpd │ ├── vsftpd.json │ └── vsftpd.yml ├── vssadmin │ ├── vssadmin.json │ └── vssadmin.yml ├── w32times │ ├── w32times.json │ └── w32times.yml ├── wbadmin │ ├── wbadmin.json │ └── wbadmin.yml ├── webhook_site │ ├── webhook_site.json │ └── webhook_site.yml ├── westwind │ ├── westwind.json │ └── westwind.yml ├── wetransfer │ ├── wetransfer.json │ └── wetransfer.yml ├── wevtutil │ ├── wevtutil.json │ └── wevtutil.yml ├── wget │ ├── wget.json │ └── wget.yml ├── where │ ├── where.json │ └── where.yml ├── whoami │ ├── whoami.json │ └── whoami.yml ├── winrs │ ├── winrs.json │ └── winrs.yml ├── wireproxy │ ├── wireproxy.json │ └── wireproxy.yml ├── wireshark │ ├── wireshark.json │ └── wireshark.yml ├── wiretap │ ├── wiretap.json │ └── wiretap.yml ├── wiztree │ ├── wiztree.json │ └── wiztree.yml ├── wmic │ ├── wmic.json │ └── wmic.yml ├── xcopy │ ├── xcopy.json │ └── xcopy.yml ├── xeox │ ├── xeox.json │ └── xeox.yml ├── xmrig │ ├── xmrig.json │ └── xmrig.yml ├── xxd │ ├── xxd.json │ └── xxd.yml ├── yakit │ ├── yakit.json │ └── yakit.yml ├── zerobin_net │ ├── zerobin_net.json │ └── zerobin_net.yml └── zrok │ ├── zrok.json │ └── zrok.yml ├── offensive_tools ├── 0d1n │ ├── 0d1n.json │ └── 0d1n.yml ├── 0day_today │ ├── 0day_today.json │ └── 0day_today.yml ├── 1_6_C2 │ ├── 1_6_C2.json │ └── 1_6_C2.yml ├── 365_Stealer │ ├── 365_Stealer.json │ └── 365_Stealer.yml ├── 3snake │ ├── 3snake.json │ └── 3snake.yml ├── 4everproxy │ ├── 4everproxy.json │ └── 4everproxy.yml ├── 7zip │ ├── 7zip.json │ └── 7zip.yml ├── ABPTTS │ ├── ABPTTS.json │ └── ABPTTS.yml ├── ACEshark │ ├── ACEshark.json │ └── ACEshark.yml ├── ACLight │ ├── ACLight.json │ └── ACLight.yml ├── ADACLScanner │ ├── ADACLScanner.json │ └── ADACLScanner.yml ├── ADAPE_Script │ ├── ADAPE_Script.json │ └── ADAPE_Script.yml ├── ADCSCoercePotato │ ├── ADCSCoercePotato.json │ └── ADCSCoercePotato.yml ├── ADCSKiller │ ├── ADCSKiller.json │ └── ADCSKiller.yml ├── ADCSPwn │ ├── ADCSPwn.json │ └── ADCSPwn.yml ├── ADCollector │ ├── ADCollector.json │ └── ADCollector.yml ├── ADExplorerSnapshot_py │ ├── ADExplorerSnapshot_py.json │ └── ADExplorerSnapshot_py.yml ├── ADFSDump │ ├── ADFSDump.json │ └── ADFSDump.yml ├── ADFSDump_PS │ ├── ADFSDump_PS.json │ └── ADFSDump_PS.yml ├── ADFSRelay │ ├── ADFSRelay.json │ └── ADFSRelay.yml ├── ADFSpoof │ ├── ADFSpoof.json │ └── ADFSpoof.yml ├── ADPassHunt │ ├── ADPassHunt.json │ └── ADPassHunt.yml ├── ADSyncDecrypt │ ├── ADSyncDecrypt.json │ └── ADSyncDecrypt.yml ├── AD_Enumeration_Hunt │ ├── AD_Enumeration_Hunt.json │ └── AD_Enumeration_Hunt.yml ├── AD_Miner │ ├── AD_Miner.json │ └── AD_Miner.yml ├── AD_exploitation_cheat_sheet │ ├── AD_exploitation_cheat_sheet.json │ └── AD_exploitation_cheat_sheet.yml ├── AMSITrigger │ ├── AMSITrigger.json │ └── AMSITrigger.yml ├── AMSI_Provider │ ├── AMSI_Provider.json │ └── AMSI_Provider.yml ├── AMSI_patch │ ├── AMSI_patch.json │ └── AMSI_patch.yml ├── APCLdr │ ├── APCLdr.json │ └── APCLdr.yml ├── APTSimulator │ ├── APTSimulator.json │ └── APTSimulator.yml ├── ASPJinjaObfuscator │ ├── ASPJinjaObfuscator.json │ └── ASPJinjaObfuscator.yml ├── ASREPRoast │ ├── ASREPRoast.json │ └── ASREPRoast.yml ├── ATPMiniDump │ ├── ATPMiniDump.json │ └── ATPMiniDump.yml ├── AVKiller │ ├── AVKiller.json │ └── AVKiller.yml ├── AV_Evasion_Tool │ ├── AV_Evasion_Tool.json │ └── AV_Evasion_Tool.yml ├── AWS_Loot │ ├── AWS_Loot.json │ └── AWS_Loot.yml ├── AbandonedCOMKeys │ ├── AbandonedCOMKeys.json │ └── AbandonedCOMKeys.yml ├── Accomplice │ ├── Accomplice.json │ └── Accomplice.yml ├── Aclpwn │ ├── Aclpwn.json │ └── Aclpwn.yml ├── ActiveScanPlusPlus │ ├── ActiveScanPlusPlus.json │ └── ActiveScanPlusPlus.yml ├── Adamantium_Thief │ ├── Adamantium_Thief.json │ └── Adamantium_Thief.yml ├── AdaptixC2 │ ├── AdaptixC2.json │ └── AdaptixC2.yml ├── Adcheck │ ├── Adcheck.json │ └── Adcheck.yml ├── Adeleginator │ ├── Adeleginator.json │ └── Adeleginator.yml ├── Admin2Sys │ ├── Admin2Sys.json │ └── Admin2Sys.yml ├── Advanced_SQL_Injection_Cheatsheet │ ├── Advanced_SQL_Injection_Cheatsheet.json │ └── Advanced_SQL_Injection_Cheatsheet.yml ├── Adzok │ ├── Adzok.json │ └── Adzok.yml ├── AggressorScripts_1 │ ├── AggressorScripts_1.json │ └── AggressorScripts_1.yml ├── AhMyth_Android_RAT │ ├── AhMyth_Android_RAT.json │ └── AhMyth_Android_RAT.yml ├── Airbash │ ├── Airbash.json │ └── Airbash.yml ├── Airgeddon │ ├── Airgeddon.json │ └── Airgeddon.yml ├── Akira │ ├── Akira.json │ └── Akira.yml ├── AlanFramework │ ├── AlanFramework.json │ └── AlanFramework.yml ├── Alcatraz │ ├── Alcatraz.json │ └── Alcatraz.yml ├── Amass │ ├── Amass.json │ └── Amass.yml ├── Amnesiac │ ├── Amnesiac.json │ └── Amnesiac.yml ├── AmsiBypass │ ├── AmsiBypass.json │ └── AmsiBypass.yml ├── Amsi_Bypass │ ├── Amsi_Bypass.json │ └── Amsi_Bypass.yml ├── Amsi_Killer │ ├── Amsi_Killer.json │ └── Amsi_Killer.yml ├── AndrewSpecial │ ├── AndrewSpecial.json │ └── AndrewSpecial.yml ├── Anevicon │ ├── Anevicon.json │ └── Anevicon.yml ├── AoratosWin │ ├── AoratosWin.json │ └── AoratosWin.yml ├── Aoyama_ │ ├── Aoyama_.json │ └── Aoyama_.yml ├── AppProxyC2 │ ├── AppProxyC2.json │ └── AppProxyC2.yml ├── Arbitrium_RAT │ ├── Arbitrium_RAT.json │ └── Arbitrium_RAT.yml ├── Arduino_Pro_Micro │ ├── Arduino_Pro_Micro.json │ └── Arduino_Pro_Micro.yml ├── Ares │ ├── Ares.json │ └── Ares.yml ├── Argus │ ├── Argus.json │ └── Argus.yml ├── Ask4Creds │ ├── Ask4Creds.json │ └── Ask4Creds.yml ├── AsyncRAT_C_Sharp │ ├── AsyncRAT_C_Sharp.json │ └── AsyncRAT_C_Sharp.yml ├── AtlasC2 │ ├── AtlasC2.json │ └── AtlasC2.yml ├── AtlasReaper │ ├── AtlasReaper.json │ └── AtlasReaper.yml ├── AtomLdr │ ├── AtomLdr.json │ └── AtomLdr.yml ├── AttackSurfaceMapper │ ├── AttackSurfaceMapper.json │ └── AttackSurfaceMapper.yml ├── Augustus │ ├── Augustus.json │ └── Augustus.yml ├── AutoBlue_MS17_010 │ ├── AutoBlue_MS17_010.json │ └── AutoBlue_MS17_010.yml ├── AutoC2 │ ├── AutoC2.json │ └── AutoC2.yml ├── AutoPwnKey │ ├── AutoPwnKey.json │ └── AutoPwnKey.yml ├── AutoRDPwn │ ├── AutoRDPwn.json │ └── AutoRDPwn.yml ├── AutoRecon │ ├── AutoRecon.json │ └── AutoRecon.yml ├── AutoSUID │ ├── AutoSUID.json │ └── AutoSUID.yml ├── AutoSmuggle │ ├── AutoSmuggle.json │ └── AutoSmuggle.yml ├── Awesome_Hacking │ ├── Awesome_Hacking.json │ └── Awesome_Hacking.yml ├── Awesome_Hacking_Resources │ ├── Awesome_Hacking_Resources.json │ └── Awesome_Hacking_Resources.yml ├── AzureADLateralMovement │ ├── AzureADLateralMovement.json │ └── AzureADLateralMovement.yml ├── AzureAD_Autologon_Brute │ ├── AzureAD_Autologon_Brute.json │ └── AzureAD_Autologon_Brute.yml ├── AzureC2Relay │ ├── AzureC2Relay.json │ └── AzureC2Relay.yml ├── Azure_AccessPermissions │ ├── Azure_AccessPermissions.json │ └── Azure_AccessPermissions.yml ├── BITSInject │ ├── BITSInject.json │ └── BITSInject.yml ├── BOFMask │ ├── BOFMask.json │ └── BOFMask.yml ├── BOF_NET │ ├── BOF_NET.json │ └── BOF_NET.yml ├── BOINC │ ├── BOINC.json │ └── BOINC.yml ├── BYOVD_kill_av_edr │ ├── BYOVD_kill_av_edr.json │ └── BYOVD_kill_av_edr.yml ├── BaRMIe │ ├── BaRMIe.json │ └── BaRMIe.yml ├── BabelStrike │ ├── BabelStrike.json │ └── BabelStrike.yml ├── BabyShark │ ├── BabyShark.json │ └── BabyShark.yml ├── BackHAck │ ├── BackHAck.json │ └── BackHAck.yml ├── Backstab │ ├── Backstab.json │ └── Backstab.yml ├── BackupCreds │ ├── BackupCreds.json │ └── BackupCreds.yml ├── BackupOperatorToDA │ ├── BackupOperatorToDA.json │ └── BackupOperatorToDA.yml ├── BadPotato │ ├── BadPotato.json │ └── BadPotato.yml ├── BadRentdrv2 │ ├── BadRentdrv2.json │ └── BadRentdrv2.yml ├── BadWindowsService │ ├── BadWindowsService.json │ └── BadWindowsService.yml ├── Bad_PDF │ ├── Bad_PDF.json │ └── Bad_PDF.yml ├── Bashfuscator │ ├── Bashfuscator.json │ └── Bashfuscator.yml ├── Bat_Potato │ ├── Bat_Potato.json │ └── Bat_Potato.yml ├── BeRoot │ ├── BeRoot.json │ └── BeRoot.yml ├── BeeLogger │ ├── BeeLogger.json │ └── BeeLogger.yml ├── BesoToken │ ├── BesoToken.json │ └── BesoToken.yml ├── BetterBackdoor │ ├── BetterBackdoor.json │ └── BetterBackdoor.yml ├── BetterSafetyKatz │ ├── BetterSafetyKatz.json │ └── BetterSafetyKatz.yml ├── Biu_framework │ ├── Biu_framework.json │ └── Biu_framework.yml ├── BlackShades │ ├── BlackShades.json │ └── BlackShades.yml ├── Blackout │ ├── Blackout.json │ └── Blackout.yml ├── BlankOBF │ ├── BlankOBF.json │ └── BlankOBF.yml ├── Blank_Grabber │ ├── Blank_Grabber.json │ └── Blank_Grabber.yml ├── BlazeStealer │ ├── BlazeStealer.json │ └── BlazeStealer.yml ├── BlockEtw │ ├── BlockEtw.json │ └── BlockEtw.yml ├── BlockOpenHandle │ ├── BlockOpenHandle.json │ └── BlockOpenHandle.yml ├── BlockWindows │ ├── BlockWindows.json │ └── BlockWindows.yml ├── BloodHound_py │ ├── BloodHound_py.json │ └── BloodHound_py.yml ├── BobTheSmuggler │ ├── BobTheSmuggler.json │ └── BobTheSmuggler.yml ├── BrowserGhost │ ├── BrowserGhost.json │ └── BrowserGhost.yml ├── BrowserSnatch │ ├── BrowserSnatch.json │ └── BrowserSnatch.yml ├── Browser_C2 │ ├── Browser_C2.json │ └── Browser_C2.yml ├── Browser_Data_Grabber │ ├── Browser_Data_Grabber.json │ └── Browser_Data_Grabber.yml ├── Browser_password_stealer │ ├── Browser_password_stealer.json │ └── Browser_password_stealer.yml ├── BrowsingHistoryView │ ├── BrowsingHistoryView.json │ └── BrowsingHistoryView.yml ├── BruteSploit │ ├── BruteSploit.json │ └── BruteSploit.yml ├── BruteX │ ├── BruteX.json │ └── BruteX.yml ├── BucketLoot │ ├── BucketLoot.json │ └── BucketLoot.yml ├── Burntcigar_KillAV │ ├── Burntcigar_KillAV.json │ └── Burntcigar_KillAV.yml ├── BypassAddUser │ ├── BypassAddUser.json │ └── BypassAddUser.yml ├── BypassCredGuard │ ├── BypassCredGuard.json │ └── BypassCredGuard.yml ├── C2ReverseProxy │ ├── C2ReverseProxy.json │ └── C2ReverseProxy.yml ├── C2_Server │ ├── C2_Server.json │ └── C2_Server.yml ├── C2_Tool_Collection │ ├── C2_Tool_Collection.json │ └── C2_Tool_Collection.yml ├── C2_related_tools │ ├── C2_related_tools.json │ └── C2_related_tools.yml ├── C2concealer │ ├── C2concealer.json │ └── C2concealer.yml ├── C3 │ ├── C3.json │ └── C3.yml ├── CACTUSTORCH │ ├── CACTUSTORCH.json │ └── CACTUSTORCH.yml ├── CDK │ ├── CDK.json │ └── CDK.yml ├── CIMplant │ ├── CIMplant.json │ └── CIMplant.yml ├── CLR_Injection │ ├── CLR_Injection.json │ └── CLR_Injection.yml ├── CMLoot │ ├── CMLoot.json │ └── CMLoot.yml ├── CMSeek │ ├── CMSeek.json │ └── CMSeek.yml ├── COMHunter │ ├── COMHunter.json │ └── COMHunter.yml ├── COM_Hunter │ ├── COM_Hunter.json │ └── COM_Hunter.yml ├── COM_Object_hijacking │ ├── COM_Object_hijacking.json │ └── COM_Object_hijacking.yml ├── CSExec │ ├── CSExec.json │ └── CSExec.yml ├── Cable │ ├── Cable.json │ └── Cable.yml ├── Cactus_WHID │ ├── Cactus_WHID.json │ └── Cactus_WHID.yml ├── Cain_Abel │ ├── Cain_Abel.json │ └── Cain_Abel.yml ├── CamHacker │ ├── CamHacker.json │ └── CamHacker.yml ├── Cam_Hackers │ ├── Cam_Hackers.json │ └── Cam_Hackers.yml ├── CandyPotato │ ├── CandyPotato.json │ └── CandyPotato.yml ├── Carbanak │ ├── Carbanak.json │ └── Carbanak.yml ├── CarbonCopy │ ├── CarbonCopy.json │ └── CarbonCopy.yml ├── Carseat │ ├── Carseat.json │ └── Carseat.yml ├── CelestialSpark │ ├── CelestialSpark.json │ └── CelestialSpark.yml ├── CertStealer │ ├── CertStealer.json │ └── CertStealer.yml ├── Certify │ ├── Certify.json │ └── Certify.yml ├── Certipy │ ├── Certipy.json │ └── Certipy.yml ├── ChaiLdr │ ├── ChaiLdr.json │ └── ChaiLdr.yml ├── CheckPlease │ ├── CheckPlease.json │ └── CheckPlease.yml ├── CheckPort │ ├── CheckPort.json │ └── CheckPort.yml ├── CheckSMBSigning │ ├── CheckSMBSigning.json │ └── CheckSMBSigning.yml ├── Checkmate │ ├── Checkmate.json │ └── Checkmate.yml ├── CheeseTools │ ├── CheeseTools.json │ └── CheeseTools.yml ├── ChkNull │ ├── ChkNull.json │ └── ChkNull.yml ├── ChromeKatz │ ├── ChromeKatz.json │ └── ChromeKatz.yml ├── ChromeStealer │ ├── ChromeStealer.json │ └── ChromeStealer.yml ├── Chrome_App_Bound_Encryption_Decryption │ ├── Chrome_App_Bound_Encryption_Decryption.json │ └── Chrome_App_Bound_Encryption_Decryption.yml ├── CloakNDaggerC2 │ ├── CloakNDaggerC2.json │ └── CloakNDaggerC2.yml ├── CmdLineSpoofer │ ├── CmdLineSpoofer.json │ └── CmdLineSpoofer.yml ├── CoercedPotato │ ├── CoercedPotato.json │ └── CoercedPotato.yml ├── CoercedPotatoRDLL │ ├── CoercedPotatoRDLL.json │ └── CoercedPotatoRDLL.yml ├── Coercer │ ├── Coercer.json │ └── Coercer.yml ├── Commander │ ├── Commander.json │ └── Commander.yml ├── ConPtyShell │ ├── ConPtyShell.json │ └── ConPtyShell.yml ├── ConfuserEx │ ├── ConfuserEx.json │ └── ConfuserEx.yml ├── ContainYourself │ ├── ContainYourself.json │ └── ContainYourself.yml ├── Conti_Ranwomware │ ├── Conti_Ranwomware.json │ └── Conti_Ranwomware.yml ├── Cordyceps │ ├── Cordyceps.json │ └── Cordyceps.yml ├── Cowpatty │ ├── Cowpatty.json │ └── Cowpatty.yml ├── Cr3dOv3r │ ├── Cr3dOv3r.json │ └── Cr3dOv3r.yml ├── Crack_allDBs │ ├── Crack_allDBs.json │ └── Crack_allDBs.yml ├── Crassus │ ├── Crassus.json │ └── Crassus.yml ├── CreateService │ ├── CreateService.json │ └── CreateService.yml ├── CredMaster │ ├── CredMaster.json │ └── CredMaster.yml ├── CredPhisher │ ├── CredPhisher.json │ └── CredPhisher.yml ├── CredsLeaker │ ├── CredsLeaker.json │ └── CredsLeaker.yml ├── Cronos_Rootkit │ ├── Cronos_Rootkit.json │ └── Cronos_Rootkit.yml ├── CrossLinked │ ├── CrossLinked.json │ └── CrossLinked.yml ├── Crowbar │ ├── Crowbar.json │ └── Crowbar.yml ├── D1rkInject │ ├── D1rkInject.json │ └── D1rkInject.yml ├── D3m0n1z3dShell │ ├── D3m0n1z3dShell.json │ └── D3m0n1z3dShell.yml ├── DAMP │ ├── DAMP.json │ └── DAMP.yml ├── DBC2 │ ├── DBC2.json │ └── DBC2.yml ├── DCOMPotato │ ├── DCOMPotato.json │ └── DCOMPotato.yml ├── DCOMUploadExec │ ├── DCOMUploadExec.json │ └── DCOMUploadExec.yml ├── DCSyncer │ ├── DCSyncer.json │ └── DCSyncer.yml ├── DDSpoof │ ├── DDSpoof.json │ └── DDSpoof.yml ├── DEDSEC_RANSOMWARE │ ├── DEDSEC_RANSOMWARE.json │ └── DEDSEC_RANSOMWARE.yml ├── DFSCoerce │ ├── DFSCoerce.json │ └── DFSCoerce.yml ├── DKMC │ ├── DKMC.json │ └── DKMC.yml ├── DLHell │ ├── DLHell.json │ └── DLHell.yml ├── DLLHijackTest │ ├── DLLHijackTest.json │ └── DLLHijackTest.yml ├── DLLHound │ ├── DLLHound.json │ └── DLLHound.yml ├── DLL_Spoofer │ ├── DLL_Spoofer.json │ └── DLL_Spoofer.yml ├── DNSExfiltrator │ ├── DNSExfiltrator.json │ └── DNSExfiltrator.yml ├── DNSStager │ ├── DNSStager.json │ └── DNSStager.yml ├── DNSTracer │ ├── DNSTracer.json │ └── DNSTracer.yml ├── DNS_Hijacking │ ├── DNS_Hijacking.json │ └── DNS_Hijacking.yml ├── DNS_Persist │ ├── DNS_Persist.json │ └── DNS_Persist.yml ├── DNS_Tunnel_Keylogger │ ├── DNS_Tunnel_Keylogger.json │ └── DNS_Tunnel_Keylogger.yml ├── DOME │ ├── DOME.json │ └── DOME.yml ├── DPAT │ ├── DPAT.json │ └── DPAT.yml ├── DRSAT │ ├── DRSAT.json │ └── DRSAT.yml ├── DSInternals │ ├── DSInternals.json │ └── DSInternals.yml ├── DUBrute │ ├── DUBrute.json │ └── DUBrute.yml ├── DarkLoadLibrary │ ├── DarkLoadLibrary.json │ └── DarkLoadLibrary.yml ├── DarkWidow │ ├── DarkWidow.json │ └── DarkWidow.yml ├── Darkside │ ├── Darkside.json │ └── Darkside.yml ├── DataBouncing │ ├── DataBouncing.json │ └── DataBouncing.yml ├── DavRelayUp │ ├── DavRelayUp.json │ └── DavRelayUp.yml ├── DcRat │ ├── DcRat.json │ └── DcRat.yml ├── Ddexec │ ├── Ddexec.json │ └── Ddexec.yml ├── DeNiSe │ ├── DeNiSe.json │ └── DeNiSe.yml ├── DeadPotato │ ├── DeadPotato.json │ └── DeadPotato.yml ├── DeathStar │ ├── DeathStar.json │ └── DeathStar.yml ├── DebugAmsi │ ├── DebugAmsi.json │ └── DebugAmsi.yml ├── DecryptAutoLogon │ ├── DecryptAutoLogon.json │ └── DecryptAutoLogon.yml ├── DecryptRDCManager │ ├── DecryptRDCManager.json │ └── DecryptRDCManager.yml ├── DecryptTeamViewer │ ├── DecryptTeamViewer.json │ └── DecryptTeamViewer.yml ├── Decrypt_RDCMan │ ├── Decrypt_RDCMan.json │ └── Decrypt_RDCMan.yml ├── DefaultCreds_cheat_sheet │ ├── DefaultCreds_cheat_sheet.json │ └── DefaultCreds_cheat_sheet.yml ├── Defeat_Defender │ ├── Defeat_Defender.json │ └── Defeat_Defender.yml ├── DefenderCheck │ ├── DefenderCheck.json │ └── DefenderCheck.yml ├── DelegationBOF │ ├── DelegationBOF.json │ └── DelegationBOF.yml ├── Dendrobate │ ├── Dendrobate.json │ └── Dendrobate.yml ├── DesertNut │ ├── DesertNut.json │ └── DesertNut.yml ├── Diamorphine │ ├── Diamorphine.json │ └── Diamorphine.yml ├── Digispark_Attiny85 │ ├── Digispark_Attiny85.json │ └── Digispark_Attiny85.yml ├── Dinjector │ ├── Dinjector.json │ └── Dinjector.yml ├── DirCreate2System │ ├── DirCreate2System.json │ └── DirCreate2System.yml ├── Direct_Syscalls │ ├── Direct_Syscalls.json │ └── Direct_Syscalls.yml ├── DirtyCLR │ ├── DirtyCLR.json │ └── DirtyCLR.yml ├── Dirty_Vanity │ ├── Dirty_Vanity.json │ └── Dirty_Vanity.yml ├── Disable_TamperProtection │ ├── Disable_TamperProtection.json │ └── Disable_TamperProtection.yml ├── Discord_RAT_2_0 │ ├── Discord_RAT_2_0.json │ └── Discord_RAT_2_0.yml ├── DiskCryptor │ ├── DiskCryptor.json │ └── DiskCryptor.yml ├── Dispossessor │ ├── Dispossessor.json │ └── Dispossessor.yml ├── DitExplorer │ ├── DitExplorer.json │ └── DitExplorer.yml ├── DllNotificationInjection │ ├── DllNotificationInjection.json │ └── DllNotificationInjection.yml ├── DllProxy │ ├── DllProxy.json │ └── DllProxy.yml ├── DoHC2 │ ├── DoHC2.json │ └── DoHC2.yml ├── DocPlz │ ├── DocPlz.json │ └── DocPlz.yml ├── DockerPwn │ ├── DockerPwn.json │ └── DockerPwn.yml ├── DomainPasswordSpray │ ├── DomainPasswordSpray.json │ └── DomainPasswordSpray.yml ├── DoubleAgent │ ├── DoubleAgent.json │ └── DoubleAgent.yml ├── DoubleDrive │ ├── DoubleDrive.json │ └── DoubleDrive.yml ├── Dr0p1t_Framework │ ├── Dr0p1t_Framework.json │ └── Dr0p1t_Framework.yml ├── DragonCastle │ ├── DragonCastle.json │ └── DragonCastle.yml ├── DriverDump │ ├── DriverDump.json │ └── DriverDump.yml ├── DriverQuery │ ├── DriverQuery.json │ └── DriverQuery.yml ├── Droopscan │ ├── Droopscan.json │ └── Droopscan.yml ├── Drupwn │ ├── Drupwn.json │ └── Drupwn.yml ├── DuckDuckC2 │ ├── DuckDuckC2.json │ └── DuckDuckC2.yml ├── DueDLLigence │ ├── DueDLLigence.json │ └── DueDLLigence.yml ├── DumpAADSyncCreds │ ├── DumpAADSyncCreds.json │ └── DumpAADSyncCreds.yml ├── DumpCreds │ ├── DumpCreds.json │ └── DumpCreds.yml ├── DumpKernel_S1_ps1 │ ├── DumpKernel_S1_ps1.json │ └── DumpKernel_S1_ps1.yml ├── DumpLSASS │ ├── DumpLSASS.json │ └── DumpLSASS.yml ├── DumpNParse │ ├── DumpNParse.json │ └── DumpNParse.yml ├── DumpThatLSASS │ ├── DumpThatLSASS.json │ └── DumpThatLSASS.yml ├── Dumpert │ ├── Dumpert.json │ └── Dumpert.yml ├── DumpsterFire │ ├── DumpsterFire.json │ └── DumpsterFire.yml ├── Dumpy │ ├── Dumpy.json │ └── Dumpy.yml ├── DynastyPersist │ ├── DynastyPersist.json │ └── DynastyPersist.yml ├── EAPHammer │ ├── EAPHammer.json │ └── EAPHammer.yml ├── EASSniper │ ├── EASSniper.json │ └── EASSniper.yml ├── EDRPrison │ ├── EDRPrison.json │ └── EDRPrison.yml ├── EDRSandBlast │ ├── EDRSandBlast.json │ └── EDRSandBlast.yml ├── EDRSandblast_GodFault │ ├── EDRSandblast_GodFault.json │ └── EDRSandblast_GodFault.yml ├── EDRSilencer │ ├── EDRSilencer.json │ └── EDRSilencer.yml ├── EDR_Detector │ ├── EDR_Detector.json │ └── EDR_Detector.yml ├── EDR_Test │ ├── EDR_Test.json │ └── EDR_Test.yml ├── EDRaser │ ├── EDRaser.json │ └── EDRaser.yml ├── EQGR │ ├── EQGR.json │ └── EQGR.yml ├── EQGRP_tools │ ├── EQGRP_tools.json │ └── EQGRP_tools.yml ├── ETW │ ├── ETW.json │ └── ETW.yml ├── ETWEventSubscription │ ├── ETWEventSubscription.json │ └── ETWEventSubscription.yml ├── ETWHash │ ├── ETWHash.json │ └── ETWHash.yml ├── EXOCET_AV_Evasion │ ├── EXOCET_AV_Evasion.json │ └── EXOCET_AV_Evasion.yml ├── EarthWorm │ ├── EarthWorm.json │ └── EarthWorm.yml ├── Earth_Lusca_Operations_Tools │ ├── Earth_Lusca_Operations_Tools.json │ └── Earth_Lusca_Operations_Tools.yml ├── Earth_Lusca_Operations_Tools_ │ ├── Earth_Lusca_Operations_Tools_.json │ └── Earth_Lusca_Operations_Tools_.yml ├── Ebowla │ ├── Ebowla.json │ └── Ebowla.yml ├── EfiGuard │ ├── EfiGuard.json │ └── EfiGuard.yml ├── EfsPotato │ ├── EfsPotato.json │ └── EfsPotato.yml ├── Eggshell │ ├── Eggshell.json │ └── Eggshell.yml ├── Egress_Assess │ ├── Egress_Assess.json │ └── Egress_Assess.yml ├── Elevator │ ├── Elevator.json │ └── Elevator.yml ├── ElusiveMice │ ├── ElusiveMice.json │ └── ElusiveMice.yml ├── EmailAll │ ├── EmailAll.json │ └── EmailAll.yml ├── EmbedInHTML │ ├── EmbedInHTML.json │ └── EmbedInHTML.yml ├── EnableAllTokenPrivs │ ├── EnableAllTokenPrivs.json │ └── EnableAllTokenPrivs.yml ├── EncryptedZIP │ ├── EncryptedZIP.json │ └── EncryptedZIP.yml ├── EternalBlack │ ├── EternalBlack.json │ └── EternalBlack.yml ├── EternalHushFramework │ ├── EternalHushFramework.json │ └── EternalHushFramework.yml ├── Eternalblue_Doublepulsar_Metasploit │ ├── Eternalblue_Doublepulsar_Metasploit.json │ └── Eternalblue_Doublepulsar_Metasploit.yml ├── EventCleaner │ ├── EventCleaner.json │ └── EventCleaner.yml ├── EventLogCrasher │ ├── EventLogCrasher.json │ └── EventLogCrasher.yml ├── EventLogMaster │ ├── EventLogMaster.json │ └── EventLogMaster.yml ├── EventViewer_UACBypass │ ├── EventViewer_UACBypass.json │ └── EventViewer_UACBypass.yml ├── Eventlogedit_evt__General │ ├── Eventlogedit_evt__General.json │ └── Eventlogedit_evt__General.yml ├── Eventlogedit_evtx__Evolution │ ├── Eventlogedit_evtx__Evolution.json │ └── Eventlogedit_evtx__Evolution.yml ├── EvilClippy │ ├── EvilClippy.json │ └── EvilClippy.yml ├── EvilLsassTwin │ ├── EvilLsassTwin.json │ └── EvilLsassTwin.yml ├── EvilSln │ ├── EvilSln.json │ └── EvilSln.yml ├── EvilnoVNC │ ├── EvilnoVNC.json │ └── EvilnoVNC.yml ├── EvtMute │ ├── EvtMute.json │ └── EvtMute.yml ├── Excel_Exploit │ ├── Excel_Exploit.json │ └── Excel_Exploit.yml ├── Executable_Files │ ├── Executable_Files.json │ └── Executable_Files.yml ├── Exploits │ ├── Exploits.json │ └── Exploits.yml ├── Exrop │ ├── Exrop.json │ └── Exrop.yml ├── ExtPassword_exe │ ├── ExtPassword_exe.json │ └── ExtPassword_exe.yml ├── ExtensionSpoofer │ ├── ExtensionSpoofer.json │ └── ExtensionSpoofer.yml ├── ExtractBitlockerKeys │ ├── ExtractBitlockerKeys.json │ └── ExtractBitlockerKeys.yml ├── EyeWitness │ ├── EyeWitness.json │ └── EyeWitness.yml ├── FMFASweep │ ├── FMFASweep.json │ └── FMFASweep.yml ├── FOCA │ ├── FOCA.json │ └── FOCA.yml ├── FakeAMSI │ ├── FakeAMSI.json │ └── FakeAMSI.yml ├── FakeCmdLine │ ├── FakeCmdLine.json │ └── FakeCmdLine.yml ├── FakeImageExploiter │ ├── FakeImageExploiter.json │ └── FakeImageExploiter.yml ├── Farmer │ ├── Farmer.json │ └── Farmer.yml ├── Fentanyl │ ├── Fentanyl.json │ └── Fentanyl.yml ├── FiercePhish │ ├── FiercePhish.json │ └── FiercePhish.yml ├── File_Tunnel │ ├── File_Tunnel.json │ └── File_Tunnel.yml ├── FilelessPELoader │ ├── FilelessPELoader.json │ └── FilelessPELoader.yml ├── FindUncommonShares │ ├── FindUncommonShares.json │ └── FindUncommonShares.yml ├── Findsploit │ ├── Findsploit.json │ └── Findsploit.yml ├── FlipperZero │ ├── FlipperZero.json │ └── FlipperZero.yml ├── FluxionNetwork │ ├── FluxionNetwork.json │ └── FluxionNetwork.yml ├── Forensia │ ├── Forensia.json │ └── Forensia.yml ├── Forensike │ ├── Forensike.json │ └── Forensike.yml ├── ForgeCert │ ├── ForgeCert.json │ └── ForgeCert.yml ├── ForkPlayground │ ├── ForkPlayground.json │ └── ForkPlayground.yml ├── FormThief │ ├── FormThief.json │ └── FormThief.yml ├── FourEye │ ├── FourEye.json │ └── FourEye.yml ├── Freeze │ ├── Freeze.json │ └── Freeze.yml ├── Freeze_rs │ ├── Freeze_rs.json │ └── Freeze_rs.yml ├── FruityC2 │ ├── FruityC2.json │ └── FruityC2.yml ├── Fuck_Etw │ ├── Fuck_Etw.json │ └── Fuck_Etw.yml ├── FudgeC2 │ ├── FudgeC2.json │ └── FudgeC2.yml ├── FunctionalC2 │ ├── FunctionalC2.json │ └── FunctionalC2.yml ├── Fynloski_Backdoor │ ├── Fynloski_Backdoor.json │ └── Fynloski_Backdoor.yml ├── GC2_sheet │ ├── GC2_sheet.json │ └── GC2_sheet.yml ├── GCPBucketBrute │ ├── GCPBucketBrute.json │ └── GCPBucketBrute.yml ├── GCR_Google_Calendar_RAT │ ├── GCR_Google_Calendar_RAT.json │ └── GCR_Google_Calendar_RAT.yml ├── GIUDA │ ├── GIUDA.json │ └── GIUDA.yml ├── GMSAPasswordReader │ ├── GMSAPasswordReader.json │ └── GMSAPasswordReader.yml ├── GONET_Scanner │ ├── GONET_Scanner.json │ └── GONET_Scanner.yml ├── GPOddity │ ├── GPOddity.json │ └── GPOddity.yml ├── GPSCoordinates │ ├── GPSCoordinates.json │ └── GPSCoordinates.yml ├── GTFOBLookup │ ├── GTFOBLookup.json │ └── GTFOBLookup.yml ├── GTFONow │ ├── GTFONow.json │ └── GTFONow.yml ├── GadgetToJScript │ ├── GadgetToJScript.json │ └── GadgetToJScript.yml ├── GatherContacts │ ├── GatherContacts.json │ └── GatherContacts.yml ├── Gato_X │ ├── Gato_X.json │ └── Gato_X.yml ├── Gecko │ ├── Gecko.json │ └── Gecko.yml ├── Generate_Macro │ ├── Generate_Macro.json │ └── Generate_Macro.yml ├── GetLoggedOnUsersRegistry │ ├── GetLoggedOnUsersRegistry.json │ └── GetLoggedOnUsersRegistry.yml ├── Get_NetNTLM │ ├── Get_NetNTLM.json │ └── Get_NetNTLM.yml ├── Get_RBCD_Threaded │ ├── Get_RBCD_Threaded.json │ └── Get_RBCD_Threaded.yml ├── GhostDriver │ ├── GhostDriver.json │ └── GhostDriver.yml ├── GhostInTheNet │ ├── GhostInTheNet.json │ └── GhostInTheNet.yml ├── GhostMapper │ ├── GhostMapper.json │ └── GhostMapper.yml ├── GhostPack │ ├── GhostPack.json │ └── GhostPack.yml ├── GhostTask │ ├── GhostTask.json │ └── GhostTask.yml ├── Ghostpack_CompiledBinaries │ ├── Ghostpack_CompiledBinaries.json │ └── Ghostpack_CompiledBinaries.yml ├── Git_Scanner │ ├── Git_Scanner.json │ └── Git_Scanner.yml ├── GithubC2 │ ├── GithubC2.json │ └── GithubC2.yml ├── Github_Username │ ├── Github_Username.json │ └── Github_Username.yml ├── Github__Username │ ├── Github__Username.json │ └── Github__Username.yml ├── Gitleaks │ ├── Gitleaks.json │ └── Gitleaks.yml ├── GlllPowerloader │ ├── GlllPowerloader.json │ └── GlllPowerloader.yml ├── GlobalUnProtect │ ├── GlobalUnProtect.json │ └── GlobalUnProtect.yml ├── GoAWSConsoleSpray │ ├── GoAWSConsoleSpray.json │ └── GoAWSConsoleSpray.yml ├── GoFetch │ ├── GoFetch.json │ └── GoFetch.yml ├── Godzilla │ ├── Godzilla.json │ └── Godzilla.yml ├── GoldenGMSA │ ├── GoldenGMSA.json │ └── GoldenGMSA.yml ├── GonnaCry │ ├── GonnaCry.json │ └── GonnaCry.yml ├── GooDork │ ├── GooDork.json │ └── GooDork.yml ├── Gorsair │ ├── Gorsair.json │ └── Gorsair.yml ├── Gotato │ ├── Gotato.json │ └── Gotato.yml ├── GrabChrome │ ├── GrabChrome.json │ └── GrabChrome.yml ├── GraphRunner │ ├── GraphRunner.json │ └── GraphRunner.yml ├── GraphSpy │ ├── GraphSpy.json │ └── GraphSpy.yml ├── GraphStrike │ ├── GraphStrike.json │ └── GraphStrike.yml ├── Graphpython │ ├── Graphpython.json │ └── Graphpython.yml ├── GreatSCT │ ├── GreatSCT.json │ └── GreatSCT.yml ├── Greenwolf │ ├── Greenwolf.json │ └── Greenwolf.yml ├── Group3r │ ├── Group3r.json │ └── Group3r.yml ├── HEKATOMB │ ├── HEKATOMB.json │ └── HEKATOMB.yml ├── HRShell │ ├── HRShell.json │ └── HRShell.yml ├── HTMLSmuggler │ ├── HTMLSmuggler.json │ └── HTMLSmuggler.yml ├── HTTP_Shell │ ├── HTTP_Shell.json │ └── HTTP_Shell.yml ├── HVNC │ ├── HVNC.json │ └── HVNC.yml ├── HackBrowserData │ ├── HackBrowserData.json │ └── HackBrowserData.yml ├── HackTheWorld │ ├── HackTheWorld.json │ └── HackTheWorld.yml ├── HadesLdr │ ├── HadesLdr.json │ └── HadesLdr.yml ├── Hak5_BashBunny │ ├── Hak5_BashBunny.json │ └── Hak5_BashBunny.yml ├── Hak5_Cloud_C2 │ ├── Hak5_Cloud_C2.json │ └── Hak5_Cloud_C2.yml ├── Hak5_Lan_turtle │ ├── Hak5_Lan_turtle.json │ └── Hak5_Lan_turtle.yml ├── Hak5_O_MG_Cable │ ├── Hak5_O_MG_Cable.json │ └── Hak5_O_MG_Cable.yml ├── Hak5_Rubber_Ducky │ ├── Hak5_Rubber_Ducky.json │ └── Hak5_Rubber_Ducky.yml ├── Hak5_Screen_Crab │ ├── Hak5_Screen_Crab.json │ └── Hak5_Screen_Crab.yml ├── Hak5_Wifi_Pineapple │ ├── Hak5_Wifi_Pineapple.json │ └── Hak5_Wifi_Pineapple.yml ├── HardHatC2 │ ├── HardHatC2.json │ └── HardHatC2.yml ├── Harvester_OF_SORROW │ ├── Harvester_OF_SORROW.json │ └── Harvester_OF_SORROW.yml ├── Hash_Buster │ ├── Hash_Buster.json │ └── Hash_Buster.yml ├── HeapCrypt │ ├── HeapCrypt.json │ └── HeapCrypt.yml ├── HeartBleed │ ├── HeartBleed.json │ └── HeartBleed.yml ├── HellsGate │ ├── HellsGate.json │ └── HellsGate.yml ├── HellsHall │ ├── HellsHall.json │ └── HellsHall.yml ├── Heroinn │ ├── Heroinn.json │ └── Heroinn.yml ├── Hibr2Dmp │ ├── Hibr2Dmp.json │ └── Hibr2Dmp.yml ├── HideProcess │ ├── HideProcess.json │ └── HideProcess.yml ├── HijackHunter │ ├── HijackHunter.json │ └── HijackHunter.yml ├── Hijacker │ ├── Hijacker.json │ └── Hijacker.yml ├── Hive │ ├── Hive.json │ └── Hive.yml ├── HoneypotBuster │ ├── HoneypotBuster.json │ └── HoneypotBuster.yml ├── HookDetector │ ├── HookDetector.json │ └── HookDetector.yml ├── HookSentry │ ├── HookSentry.json │ └── HookSentry.yml ├── HostRecon │ ├── HostRecon.json │ └── HostRecon.yml ├── Huan │ ├── Huan.json │ └── Huan.yml ├── Hypnos │ ├── Hypnos.json │ └── Hypnos.yml ├── I2P │ ├── I2P.json │ └── I2P.yml ├── ICMP_TransferTools │ ├── ICMP_TransferTools.json │ └── ICMP_TransferTools.yml ├── IDiagnosticProfileUAC │ ├── IDiagnosticProfileUAC.json │ └── IDiagnosticProfileUAC.yml ├── IEPassView │ ├── IEPassView.json │ └── IEPassView.yml ├── IHxExec │ ├── IHxExec.json │ └── IHxExec.yml ├── IIS_Raid │ ├── IIS_Raid.json │ └── IIS_Raid.yml ├── IKEForce │ ├── IKEForce.json │ └── IKEForce.yml ├── IMDSpoof │ ├── IMDSpoof.json │ └── IMDSpoof.yml ├── IPPrintC2 │ ├── IPPrintC2.json │ └── IPPrintC2.yml ├── Ikeext_Privesc │ ├── Ikeext_Privesc.json │ └── Ikeext_Privesc.yml ├── Imminent_Monitor │ ├── Imminent_Monitor.json │ └── Imminent_Monitor.yml ├── Imperva_gzip_WAF_Bypass │ ├── Imperva_gzip_WAF_Bypass.json │ └── Imperva_gzip_WAF_Bypass.yml ├── ImplantSSP │ ├── ImplantSSP.json │ └── ImplantSSP.yml ├── Inc │ ├── Inc.json │ └── Inc.yml ├── Indirect_Syscalls │ ├── Indirect_Syscalls.json │ └── Indirect_Syscalls.yml ├── InflativeLoading │ ├── InflativeLoading.json │ └── InflativeLoading.yml ├── Infoga │ ├── Infoga.json │ └── Infoga.yml ├── InjectProc │ ├── InjectProc.json │ └── InjectProc.yml ├── InsecurePowerShell │ ├── InsecurePowerShell.json │ └── InsecurePowerShell.yml ├── InspectAssembly │ ├── InspectAssembly.json │ └── InspectAssembly.yml ├── Intercepter_NG │ ├── Intercepter_NG.json │ └── Intercepter_NG.yml ├── Internal_Monologue │ ├── Internal_Monologue.json │ └── Internal_Monologue.yml ├── IntruderPayloads │ ├── IntruderPayloads.json │ └── IntruderPayloads.yml ├── Inveigh │ ├── Inveigh.json │ └── Inveigh.yml ├── Invisi_Shell │ ├── Invisi_Shell.json │ └── Invisi_Shell.yml ├── InvisibilityCloak │ ├── InvisibilityCloak.json │ └── InvisibilityCloak.yml ├── Invoke_ACLpwn │ ├── Invoke_ACLpwn.json │ └── Invoke_ACLpwn.yml ├── Invoke_ADEnum │ ├── Invoke_ADEnum.json │ └── Invoke_ADEnum.yml ├── Invoke_ArgFuscator │ ├── Invoke_ArgFuscator.json │ └── Invoke_ArgFuscator.yml ├── Invoke_AzureEnum │ ├── Invoke_AzureEnum.json │ └── Invoke_AzureEnum.yml ├── Invoke_AzurePasswordSpray │ ├── Invoke_AzurePasswordSpray.json │ └── Invoke_AzurePasswordSpray.yml ├── Invoke_BSOD │ ├── Invoke_BSOD.json │ └── Invoke_BSOD.yml ├── Invoke_BuildAnonymousSMBServer │ ├── Invoke_BuildAnonymousSMBServer.json │ └── Invoke_BuildAnonymousSMBServer.yml ├── Invoke_CleverSpray │ ├── Invoke_CleverSpray.json │ └── Invoke_CleverSpray.yml ├── Invoke_DNSteal │ ├── Invoke_DNSteal.json │ └── Invoke_DNSteal.yml ├── Invoke_DOSfuscation │ ├── Invoke_DOSfuscation.json │ └── Invoke_DOSfuscation.yml ├── Invoke_DumpMDEConfig │ ├── Invoke_DumpMDEConfig.json │ └── Invoke_DumpMDEConfig.yml ├── Invoke_GrabTheHash │ ├── Invoke_GrabTheHash.json │ └── Invoke_GrabTheHash.yml ├── Invoke_Obfuscation │ ├── Invoke_Obfuscation.json │ └── Invoke_Obfuscation.yml ├── Invoke_PSImage │ ├── Invoke_PSImage.json │ └── Invoke_PSImage.yml ├── Invoke_Phant0m │ ├── Invoke_Phant0m.json │ └── Invoke_Phant0m.yml ├── Invoke_PowerIncrease │ ├── Invoke_PowerIncrease.json │ └── Invoke_PowerIncrease.yml ├── Invoke_PowerThIEf │ ├── Invoke_PowerThIEf.json │ └── Invoke_PowerThIEf.yml ├── Invoke_Pre2kSpray │ ├── Invoke_Pre2kSpray.json │ └── Invoke_Pre2kSpray.yml ├── Invoke_PrintDemon │ ├── Invoke_PrintDemon.json │ └── Invoke_PrintDemon.yml ├── Invoke_ProcessScan │ ├── Invoke_ProcessScan.json │ └── Invoke_ProcessScan.yml ├── Invoke_RDPThief │ ├── Invoke_RDPThief.json │ └── Invoke_RDPThief.yml ├── Invoke_RunAsSystem │ ├── Invoke_RunAsSystem.json │ └── Invoke_RunAsSystem.yml ├── Invoke_RunAsWithCert │ ├── Invoke_RunAsWithCert.json │ └── Invoke_RunAsWithCert.yml ├── Invoke_SMBRemoting │ ├── Invoke_SMBRemoting.json │ └── Invoke_SMBRemoting.yml ├── Invoke_SessionHunter │ ├── Invoke_SessionHunter.json │ └── Invoke_SessionHunter.yml ├── Invoke_ShareHunter │ ├── Invoke_ShareHunter.json │ └── Invoke_ShareHunter.yml ├── Invoke_SocksProxy │ ├── Invoke_SocksProxy.json │ └── Invoke_SocksProxy.yml ├── Invoke_Stealth │ ├── Invoke_Stealth.json │ └── Invoke_Stealth.yml ├── Invoke_TheHash │ ├── Invoke_TheHash.json │ └── Invoke_TheHash.yml ├── Invoke_TmpDavFS │ ├── Invoke_TmpDavFS.json │ └── Invoke_TmpDavFS.yml ├── Invoke_WCMDump │ ├── Invoke_WCMDump.json │ └── Invoke_WCMDump.yml ├── Invoke_WMIpersist │ ├── Invoke_WMIpersist.json │ └── Invoke_WMIpersist.yml ├── Invoke_ZeroLogon │ ├── Invoke_ZeroLogon.json │ └── Invoke_ZeroLogon.yml ├── Invoke_s4u2self │ ├── Invoke_s4u2self.json │ └── Invoke_s4u2self.yml ├── ItWasAllADream │ ├── ItWasAllADream.json │ └── ItWasAllADream.yml ├── Jasmin_Ransomware │ ├── Jasmin_Ransomware.json │ └── Jasmin_Ransomware.yml ├── Jatayu │ ├── Jatayu.json │ └── Jatayu.yml ├── Jira_Lens │ ├── Jira_Lens.json │ └── Jira_Lens.yml ├── JohnTheRipper │ ├── JohnTheRipper.json │ └── JohnTheRipper.yml ├── Jomungand │ ├── Jomungand.json │ └── Jomungand.yml ├── Jormungandr │ ├── Jormungandr.json │ └── Jormungandr.yml ├── JuicyPotato │ ├── JuicyPotato.json │ └── JuicyPotato.yml ├── JuicyPotatoNG │ ├── JuicyPotatoNG.json │ └── JuicyPotatoNG.yml ├── JumpSession_BOF │ ├── JumpSession_BOF.json │ └── JumpSession_BOF.yml ├── JunctionFolder │ ├── JunctionFolder.json │ └── JunctionFolder.yml ├── JustEvadeBro │ ├── JustEvadeBro.json │ └── JustEvadeBro.yml ├── KCMTicketFormatter │ ├── KCMTicketFormatter.json │ └── KCMTicketFormatter.yml ├── KExecDD │ ├── KExecDD.json │ └── KExecDD.yml ├── KPortScan │ ├── KPortScan.json │ └── KPortScan.yml ├── KRBUACBypass │ ├── KRBUACBypass.json │ └── KRBUACBypass.yml ├── KaynLdr │ ├── KaynLdr.json │ └── KaynLdr.yml ├── KaynStrike │ ├── KaynStrike.json │ └── KaynStrike.yml ├── KeeFarce │ ├── KeeFarce.json │ └── KeeFarce.yml ├── KeePwn │ ├── KeePwn.json │ └── KeePwn.yml ├── KeeTheft │ ├── KeeTheft.json │ └── KeeTheft.yml ├── KeeThiefSyscalls │ ├── KeeThiefSyscalls.json │ └── KeeThiefSyscalls.yml ├── Keethief │ ├── Keethief.json │ └── Keethief.yml ├── Kematian_Stealer │ ├── Kematian_Stealer.json │ └── Kematian_Stealer.yml ├── KerberOPSEC │ ├── KerberOPSEC.json │ └── KerberOPSEC.yml ├── KeyCredentialLink │ ├── KeyCredentialLink.json │ └── KeyCredentialLink.yml ├── KeyTabExtract │ ├── KeyTabExtract.json │ └── KeyTabExtract.yml ├── KillDefenderBOF │ ├── KillDefenderBOF.json │ └── KillDefenderBOF.yml ├── KittyStager │ ├── KittyStager.json │ └── KittyStager.yml ├── Koppeling │ ├── Koppeling.json │ └── Koppeling.yml ├── Kraken │ ├── Kraken.json │ └── Kraken.yml ├── KrakenMask │ ├── KrakenMask.json │ └── KrakenMask.yml ├── KrbRelay │ ├── KrbRelay.json │ └── KrbRelay.yml ├── KrbRelayUp │ ├── KrbRelayUp.json │ └── KrbRelayUp.yml ├── KrbRelay_SMBServer │ ├── KrbRelay_SMBServer.json │ └── KrbRelay_SMBServer.yml ├── Krueger │ ├── Krueger.json │ └── Krueger.yml ├── Kubestroyer │ ├── Kubestroyer.json │ └── Kubestroyer.yml ├── L0phtCrack │ ├── L0phtCrack.json │ └── L0phtCrack.yml ├── LALIN │ ├── LALIN.json │ └── LALIN.yml ├── LANs_py │ ├── LANs_py.json │ └── LANs_py.yml ├── LAPSDecrypt │ ├── LAPSDecrypt.json │ └── LAPSDecrypt.yml ├── LAPSDumper │ ├── LAPSDumper.json │ └── LAPSDumper.yml ├── LAPSToolkit │ ├── LAPSToolkit.json │ └── LAPSToolkit.yml ├── LAZYPARIAH │ ├── LAZYPARIAH.json │ └── LAZYPARIAH.yml ├── LDAPPER │ ├── LDAPPER.json │ └── LDAPPER.yml ├── LDAPWordlistHarvester │ ├── LDAPWordlistHarvester.json │ └── LDAPWordlistHarvester.yml ├── LDAP_Password_Hunter │ ├── LDAP_Password_Hunter.json │ └── LDAP_Password_Hunter.yml ├── LNKUp │ ├── LNKUp.json │ └── LNKUp.yml ├── LOLBAS_Project │ ├── LOLBAS_Project.json │ └── LOLBAS_Project.yml ├── LOLSpoof │ ├── LOLSpoof.json │ └── LOLSpoof.yml ├── LaZagne │ ├── LaZagne.json │ └── LaZagne.yml ├── LaZagneForensic │ ├── LaZagneForensic.json │ └── LaZagneForensic.yml ├── Lastenzug │ ├── Lastenzug.json │ └── Lastenzug.yml ├── LatLoader │ ├── LatLoader.json │ └── LatLoader.yml ├── LdapRelayScan │ ├── LdapRelayScan.json │ └── LdapRelayScan.yml ├── LdrLockLiberator │ ├── LdrLockLiberator.json │ └── LdrLockLiberator.yml ├── LetMeowIn │ ├── LetMeowIn.json │ └── LetMeowIn.yml ├── LightsOut │ ├── LightsOut.json │ └── LightsOut.yml ├── Lime_Crypter │ ├── Lime_Crypter.json │ └── Lime_Crypter.yml ├── Lime_RAT │ ├── Lime_RAT.json │ └── Lime_RAT.yml ├── LinEnum │ ├── LinEnum.json │ └── LinEnum.yml ├── LinikatzV2 │ ├── LinikatzV2.json │ └── LinikatzV2.yml ├── LinkedInt │ ├── LinkedInt.json │ └── LinkedInt.yml ├── LoGiC_NET │ ├── LoGiC_NET.json │ └── LoGiC_NET.yml ├── LocalAdminSharp │ ├── LocalAdminSharp.json │ └── LocalAdminSharp.yml ├── LocalShellExtParse │ ├── LocalShellExtParse.json │ └── LocalShellExtParse.yml ├── Lockless │ ├── Lockless.json │ └── Lockless.yml ├── Locksmith │ ├── Locksmith.json │ └── Locksmith.yml ├── LogonTracer │ ├── LogonTracer.json │ └── LogonTracer.yml ├── LostMyPassword │ ├── LostMyPassword.json │ └── LostMyPassword.yml ├── Lovely_Potato │ ├── Lovely_Potato.json │ └── Lovely_Potato.yml ├── LsassReflectDumping │ ├── LsassReflectDumping.json │ └── LsassReflectDumping.yml ├── LsassSilentProcessExit │ ├── LsassSilentProcessExit.json │ └── LsassSilentProcessExit.yml ├── Lsassx │ ├── Lsassx.json │ └── Lsassx.yml ├── LummaC2_Stealer_sample │ ├── LummaC2_Stealer_sample.json │ └── LummaC2_Stealer_sample.yml ├── Luna_Grabber │ ├── Luna_Grabber.json │ └── Luna_Grabber.yml ├── LyncSniper │ ├── LyncSniper.json │ └── LyncSniper.yml ├── MAAD_AF │ ├── MAAD_AF.json │ └── MAAD_AF.yml ├── MANSPIDER │ ├── MANSPIDER.json │ └── MANSPIDER.yml ├── MDE_Enum │ ├── MDE_Enum.json │ └── MDE_Enum.yml ├── MDExclusionParser │ ├── MDExclusionParser.json │ └── MDExclusionParser.yml ├── MFASweep │ ├── MFASweep.json │ └── MFASweep.yml ├── MITMf │ ├── MITMf.json │ └── MITMf.yml ├── MSBuildShell │ ├── MSBuildShell.json │ └── MSBuildShell.yml ├── MSDAT │ ├── MSDAT.json │ └── MSDAT.yml ├── MSOLSpray │ ├── MSOLSpray.json │ └── MSOLSpray.yml ├── MSSprinkler │ ├── MSSprinkler.json │ └── MSSprinkler.yml ├── MaccaroniC2 │ ├── MaccaroniC2.json │ └── MaccaroniC2.yml ├── MacroMeter │ ├── MacroMeter.json │ └── MacroMeter.yml ├── Macrome │ ├── Macrome.json │ └── Macrome.yml ├── Maestro │ ├── Maestro.json │ └── Maestro.yml ├── MailPassView │ ├── MailPassView.json │ └── MailPassView.yml ├── MailSniper │ ├── MailSniper.json │ └── MailSniper.yml ├── MakeMeAdmin │ ├── MakeMeAdmin.json │ └── MakeMeAdmin.yml ├── MalSCCM │ ├── MalSCCM.json │ └── MalSCCM.yml ├── MaliciousMacroGenerator │ ├── MaliciousMacroGenerator.json │ └── MaliciousMacroGenerator.yml ├── MaliciousMacroMSBuild │ ├── MaliciousMacroMSBuild.json │ └── MaliciousMacroMSBuild.yml ├── Malware_RAT_collection │ ├── Malware_RAT_collection.json │ └── Malware_RAT_collection.yml ├── Mara │ ├── Mara.json │ └── Mara.yml ├── MegaMedusa │ ├── MegaMedusa.json │ └── MegaMedusa.yml ├── Memcrashed_DDoS_Exploit │ ├── Memcrashed_DDoS_Exploit.json │ └── Memcrashed_DDoS_Exploit.yml ├── MetasploitCoop │ ├── MetasploitCoop.json │ └── MetasploitCoop.yml ├── MeteTool │ ├── MeteTool.json │ └── MeteTool.yml ├── MicroBurst │ ├── MicroBurst.json │ └── MicroBurst.yml ├── MiniDump │ ├── MiniDump.json │ └── MiniDump.yml ├── Minimalistic_offensive │ ├── Minimalistic_offensive.json │ └── Minimalistic_offensive.yml ├── MirrorDump │ ├── MirrorDump.json │ └── MirrorDump.yml ├── Mobile_Security_Framework │ ├── Mobile_Security_Framework.json │ └── Mobile_Security_Framework.yml ├── Mobile_Security_Framework_MobSF │ ├── Mobile_Security_Framework_MobSF.json │ └── Mobile_Security_Framework_MobSF.yml ├── MockDirUACBypass │ ├── MockDirUACBypass.json │ └── MockDirUACBypass.yml ├── Modlishka_ │ ├── Modlishka_.json │ └── Modlishka_.yml ├── Moriarty │ ├── Moriarty.json │ └── Moriarty.yml ├── Mr_SIP │ ├── Mr_SIP.json │ └── Mr_SIP.yml ├── Mshikaki │ ├── Mshikaki.json │ └── Mshikaki.yml ├── MultiDump │ ├── MultiDump.json │ └── MultiDump.yml ├── MultiPotato │ ├── MultiPotato.json │ └── MultiPotato.yml ├── MutationGate │ ├── MutationGate.json │ └── MutationGate.yml ├── Mystikal │ ├── Mystikal.json │ └── Mystikal.yml ├── NLBrute │ ├── NLBrute.json │ └── NLBrute.yml ├── NPPSpy │ ├── NPPSpy.json │ └── NPPSpy.yml ├── NTDLLReflection │ ├── NTDLLReflection.json │ └── NTDLLReflection.yml ├── NTHASH_FPC │ ├── NTHASH_FPC.json │ └── NTHASH_FPC.yml ├── NTLMInjector │ ├── NTLMInjector.json │ └── NTLMInjector.yml ├── NTLMRelay2Self │ ├── NTLMRelay2Self.json │ └── NTLMRelay2Self.yml ├── NTLMSleuth │ ├── NTLMSleuth.json │ └── NTLMSleuth.yml ├── NTMLRecon │ ├── NTMLRecon.json │ └── NTMLRecon.yml ├── NachoVPN │ ├── NachoVPN.json │ └── NachoVPN.yml ├── NamedPipeMaster │ ├── NamedPipeMaster.json │ └── NamedPipeMaster.yml ├── NamelessC2 │ ├── NamelessC2.json │ └── NamelessC2.yml ├── NativeBypassCredGuard │ ├── NativeBypassCredGuard.json │ └── NativeBypassCredGuard.yml ├── NativeDump │ ├── NativeDump.json │ └── NativeDump.yml ├── Necro_Stealer │ ├── Necro_Stealer.json │ └── Necro_Stealer.yml ├── NetExec │ ├── NetExec.json │ └── NetExec.yml ├── NetLoader │ ├── NetLoader.json │ └── NetLoader.yml ├── NetNTLMtoSilverTicket │ ├── NetNTLMtoSilverTicket.json │ └── NetNTLMtoSilverTicket.yml ├── NetRipper │ ├── NetRipper.json │ └── NetRipper.yml ├── NetSess │ ├── NetSess.json │ └── NetSess.yml ├── Net_GPPPassword │ ├── Net_GPPPassword.json │ └── Net_GPPPassword.yml ├── NetshHelperBeacon │ ├── NetshHelperBeacon.json │ └── NetshHelperBeacon.yml ├── NetworkMiner │ ├── NetworkMiner.json │ └── NetworkMiner.yml ├── NetworkServiceExploit │ ├── NetworkServiceExploit.json │ └── NetworkServiceExploit.yml ├── Nidhogg │ ├── Nidhogg.json │ └── Nidhogg.yml ├── Nightmangle │ ├── Nightmangle.json │ └── Nightmangle.yml ├── NimBlackout │ ├── NimBlackout.json │ └── NimBlackout.yml ├── NimDllSideload │ ├── NimDllSideload.json │ └── NimDllSideload.yml ├── NimExec │ ├── NimExec.json │ └── NimExec.yml ├── Nimcrypt2 │ ├── Nimcrypt2.json │ └── Nimcrypt2.yml ├── Ninja │ ├── Ninja.json │ └── Ninja.yml ├── NixImports │ ├── NixImports.json │ └── NixImports.yml ├── NoArgs │ ├── NoArgs.json │ └── NoArgs.yml ├── NoFilter │ ├── NoFilter.json │ └── NoFilter.yml ├── NoSQLMap │ ├── NoSQLMap.json │ └── NoSQLMap.yml ├── No_powershell │ ├── No_powershell.json │ └── No_powershell.yml ├── NoodleRAT │ ├── NoodleRAT.json │ └── NoodleRAT.yml ├── Nordic_NRF52840 │ ├── Nordic_NRF52840.json │ └── Nordic_NRF52840.yml ├── Nosql_Exploitation_Framework │ ├── Nosql_Exploitation_Framework.json │ └── Nosql_Exploitation_Framework.yml ├── NovaLdr │ ├── NovaLdr.json │ └── NovaLdr.yml ├── NtRemoteLoad │ ├── NtRemoteLoad.json │ └── NtRemoteLoad.yml ├── NtRights │ ├── NtRights.json │ └── NtRights.yml ├── NtdllUnpatcher │ ├── NtdllUnpatcher.json │ └── NtdllUnpatcher.yml ├── NtlmRelayToEWS │ ├── NtlmRelayToEWS.json │ └── NtlmRelayToEWS.yml ├── NtlmThief │ ├── NtlmThief.json │ └── NtlmThief.yml ├── Nuages │ ├── Nuages.json │ └── Nuages.yml ├── OMGLogger │ ├── OMGLogger.json │ └── OMGLogger.yml ├── OMG_Credz_Plz │ ├── OMG_Credz_Plz.json │ └── OMG_Credz_Plz.yml ├── OSCP_Archives │ ├── OSCP_Archives.json │ └── OSCP_Archives.yml ├── OSCP_Cheatsheets │ ├── OSCP_Cheatsheets.json │ └── OSCP_Cheatsheets.yml ├── OSEP_Code_Snippets │ ├── OSEP_Code_Snippets.json │ └── OSEP_Code_Snippets.yml ├── OWASP │ ├── OWASP.json │ └── OWASP.yml ├── OWASP_rules │ ├── OWASP_rules.json │ └── OWASP_rules.yml ├── ObfuscatedSharpCollection │ ├── ObfuscatedSharpCollection.json │ └── ObfuscatedSharpCollection.yml ├── OffensiveCSharp │ ├── OffensiveCSharp.json │ └── OffensiveCSharp.yml ├── OffensiveCpp │ ├── OffensiveCpp.json │ └── OffensiveCpp.yml ├── OffensiveLua │ ├── OffensiveLua.json │ └── OffensiveLua.yml ├── OffensiveNotion │ ├── OffensiveNotion.json │ └── OffensiveNotion.yml ├── Offensive_Netsh_Helper │ ├── Offensive_Netsh_Helper.json │ └── Offensive_Netsh_Helper.yml ├── Offensive_Payloads │ ├── Offensive_Payloads.json │ └── Offensive_Payloads.yml ├── Office_DDE_Payloads │ ├── Office_DDE_Payloads.json │ └── Office_DDE_Payloads.yml ├── Office_Persistence │ ├── Office_Persistence.json │ └── Office_Persistence.yml ├── Oh365UserFinder │ ├── Oh365UserFinder.json │ └── Oh365UserFinder.yml ├── Okta_Password_Sprayer │ ├── Okta_Password_Sprayer.json │ └── Okta_Password_Sprayer.yml ├── Omnispray │ ├── Omnispray.json │ └── Omnispray.yml ├── One_Lin3r │ ├── One_Lin3r.json │ └── One_Lin3r.yml ├── OpenChromeDumps │ ├── OpenChromeDumps.json │ └── OpenChromeDumps.yml ├── OpenSSH_Trojan │ ├── OpenSSH_Trojan.json │ └── OpenSSH_Trojan.yml ├── Openssh │ ├── Openssh.json │ └── Openssh.yml ├── OperaPassView │ ├── OperaPassView.json │ └── OperaPassView.yml ├── Operative_Framework │ ├── Operative_Framework.json │ └── Operative_Framework.yml ├── Orc │ ├── Orc.json │ └── Orc.yml ├── Osmedeus │ ├── Osmedeus.json │ └── Osmedeus.yml ├── Ouned │ ├── Ouned.json │ └── Ouned.yml ├── P4wnP1 │ ├── P4wnP1.json │ └── P4wnP1.yml ├── PEASS │ ├── PEASS.json │ └── PEASS.yml ├── PEASS_ng │ ├── PEASS_ng.json │ └── PEASS_ng.yml ├── PENTESTING_BIBLE │ ├── PENTESTING_BIBLE.json │ └── PENTESTING_BIBLE.yml ├── PE_Obfuscator │ ├── PE_Obfuscator.json │ └── PE_Obfuscator.yml ├── PILOT │ ├── PILOT.json │ └── PILOT.yml ├── PKINITtools │ ├── PKINITtools.json │ └── PKINITtools.yml ├── POC │ ├── POC.json │ └── POC.yml ├── POSTDump │ ├── POSTDump.json │ └── POSTDump.yml ├── PPLBlade │ ├── PPLBlade.json │ └── PPLBlade.yml ├── PPLFault │ ├── PPLFault.json │ └── PPLFault.yml ├── PPLKiller │ ├── PPLKiller.json │ └── PPLKiller.yml ├── PPLSystem │ ├── PPLSystem.json │ └── PPLSystem.yml ├── PPLmedic │ ├── PPLmedic.json │ └── PPLmedic.yml ├── PRT │ ├── PRT.json │ └── PRT.yml ├── PS2EXE │ ├── PS2EXE.json │ └── PS2EXE.yml ├── PSAmsi │ ├── PSAmsi.json │ └── PSAmsi.yml ├── PSAsyncShell │ ├── PSAsyncShell.json │ └── PSAsyncShell.yml ├── PSAttack │ ├── PSAttack.json │ └── PSAttack.yml ├── PSBits │ ├── PSBits.json │ └── PSBits.yml ├── PSByPassCLM │ ├── PSByPassCLM.json │ └── PSByPassCLM.yml ├── PSMapExec │ ├── PSMapExec.json │ └── PSMapExec.yml ├── PSRansom │ ├── PSRansom.json │ └── PSRansom.yml ├── PSRecon │ ├── PSRecon.json │ └── PSRecon.yml ├── PSSW100AVB │ ├── PSSW100AVB.json │ └── PSSW100AVB.yml ├── PWA_Phishing │ ├── PWA_Phishing.json │ └── PWA_Phishing.yml ├── PWCrack │ ├── PWCrack.json │ └── PWCrack.yml ├── PWDumpX │ ├── PWDumpX.json │ └── PWDumpX.yml ├── Pachine │ ├── Pachine.json │ └── Pachine.yml ├── PackMyPayload │ ├── PackMyPayload.json │ └── PackMyPayload.yml ├── ParamPamPam │ ├── ParamPamPam.json │ └── ParamPamPam.yml ├── Parasite_Invoke │ ├── Parasite_Invoke.json │ └── Parasite_Invoke.yml ├── PassDetective │ ├── PassDetective.json │ └── PassDetective.yml ├── PassHunt │ ├── PassHunt.json │ └── PassHunt.yml ├── PassSpray │ ├── PassSpray.json │ └── PassSpray.yml ├── PassTheCert │ ├── PassTheCert.json │ └── PassTheCert.yml ├── PassTheChallenge │ ├── PassTheChallenge.json │ └── PassTheChallenge.yml ├── Passware_Kit_Forensic │ ├── Passware_Kit_Forensic.json │ └── Passware_Kit_Forensic.yml ├── PasswordHashesView │ ├── PasswordHashesView.json │ └── PasswordHashesView.yml ├── Password_Scripts │ ├── Password_Scripts.json │ └── Password_Scripts.yml ├── Pateensy │ ├── Pateensy.json │ └── Pateensy.yml ├── PayGen │ ├── PayGen.json │ └── PayGen.yml ├── Payload_Download_Cradles │ ├── Payload_Download_Cradles.json │ └── Payload_Download_Cradles.yml ├── PayloadsAllTheThings │ ├── PayloadsAllTheThings.json │ └── PayloadsAllTheThings.yml ├── Pazuzu │ ├── Pazuzu.json │ └── Pazuzu.yml ├── PcapXray │ ├── PcapXray.json │ └── PcapXray.yml ├── Pcredz │ ├── Pcredz.json │ └── Pcredz.yml ├── PerfExec │ ├── PerfExec.json │ └── PerfExec.yml ├── Perfusion │ ├── Perfusion.json │ └── Perfusion.yml ├── PeriscopeC2 │ ├── PeriscopeC2.json │ └── PeriscopeC2.yml ├── Persistence_Accessibility_Features │ ├── Persistence_Accessibility_Features.json │ └── Persistence_Accessibility_Features.yml ├── PetitPotato │ ├── PetitPotato.json │ └── PetitPotato.yml ├── PewPewPew │ ├── PewPewPew.json │ └── PewPewPew.yml ├── Pezor │ ├── Pezor.json │ └── Pezor.yml ├── Phant0m │ ├── Phant0m.json │ └── Phant0m.yml ├── PhantomService │ ├── PhantomService.json │ └── PhantomService.yml ├── PhoneInfoga │ ├── PhoneInfoga.json │ └── PhoneInfoga.yml ├── PhpSploit │ ├── PhpSploit.json │ └── PhpSploit.yml ├── PickleC2 │ ├── PickleC2.json │ └── PickleC2.yml ├── PingRAT │ ├── PingRAT.json │ └── PingRAT.yml ├── PipeViewer_ │ ├── PipeViewer_.json │ └── PipeViewer_.yml ├── PoolParty │ ├── PoolParty.json │ └── PoolParty.yml ├── PoolPartyBof │ ├── PoolPartyBof.json │ └── PoolPartyBof.yml ├── PoshADCS │ ├── PoshADCS.json │ └── PoshADCS.yml ├── Poshito │ ├── Poshito.json │ └── Poshito.yml ├── PowerBreach │ ├── PowerBreach.json │ └── PowerBreach.yml ├── PowerBruteLogon │ ├── PowerBruteLogon.json │ └── PowerBruteLogon.yml ├── PowerForensics │ ├── PowerForensics.json │ └── PowerForensics.yml ├── PowerLess │ ├── PowerLess.json │ └── PowerLess.yml ├── PowerLessShell │ ├── PowerLessShell.json │ └── PowerLessShell.yml ├── PowerMemory │ ├── PowerMemory.json │ └── PowerMemory.yml ├── PowerOPS │ ├── PowerOPS.json │ └── PowerOPS.yml ├── PowerProxy │ ├── PowerProxy.json │ └── PowerProxy.yml ├── PowerSCCM │ ├── PowerSCCM.json │ └── PowerSCCM.yml ├── PowerSharpPack │ ├── PowerSharpPack.json │ └── PowerSharpPack.yml ├── PowerShdll │ ├── PowerShdll.json │ └── PowerShdll.yml ├── PowerShellArsenal │ ├── PowerShellArsenal.json │ └── PowerShellArsenal.yml ├── PowerShellRunner │ ├── PowerShellRunner.json │ └── PowerShellRunner.yml ├── PowerShell_Suite │ ├── PowerShell_Suite.json │ └── PowerShell_Suite.yml ├── PowerShx │ ├── PowerShx.json │ └── PowerShx.yml ├── PowerSploit │ ├── PowerSploit.json │ └── PowerSploit.yml ├── PowerStager │ ├── PowerStager.json │ └── PowerStager.yml ├── PowerUpSQL │ ├── PowerUpSQL.json │ └── PowerUpSQL.yml ├── Powerlurk │ ├── Powerlurk.json │ └── Powerlurk.yml ├── Powermad │ ├── Powermad.json │ └── Powermad.yml ├── Powerpick │ ├── Powerpick.json │ └── Powerpick.yml ├── PowershellKerberos │ ├── PowershellKerberos.json │ └── PowershellKerberos.yml ├── PowershellTools │ ├── PowershellTools.json │ └── PowershellTools.yml ├── Powershell_Scripts_for_Hackers_and_Pentesters │ ├── Powershell_Scripts_for_Hackers_and_Pentesters.json │ └── Powershell_Scripts_for_Hackers_and_Pentesters.yml ├── PredatorTheStealer │ ├── PredatorTheStealer.json │ └── PredatorTheStealer.yml ├── Prince_Ransomware │ ├── Prince_Ransomware.json │ └── Prince_Ransomware.yml ├── PrintNightmare │ ├── PrintNightmare.json │ └── PrintNightmare.yml ├── PrintSpoofer │ ├── PrintSpoofer.json │ └── PrintSpoofer.yml ├── Priv2Admin │ ├── Priv2Admin.json │ └── Priv2Admin.yml ├── PrivExchange │ ├── PrivExchange.json │ └── PrivExchange.yml ├── PrivFu │ ├── PrivFu.json │ └── PrivFu.yml ├── PrivKit │ ├── PrivKit.json │ └── PrivKit.yml ├── Privesc │ ├── Privesc.json │ └── Privesc.yml ├── PrivescCheck │ ├── PrivescCheck.json │ └── PrivescCheck.yml ├── PrivilegeEscalation │ ├── PrivilegeEscalation.json │ └── PrivilegeEscalation.yml ├── Privileger │ ├── Privileger.json │ └── Privileger.yml ├── Probable_Wordlists │ ├── Probable_Wordlists.json │ └── Probable_Wordlists.yml ├── ProtectMyTooling │ ├── ProtectMyTooling.json │ └── ProtectMyTooling.yml ├── Proxmark │ ├── Proxmark.json │ └── Proxmark.yml ├── ProxyLogon │ ├── ProxyLogon.json │ └── ProxyLogon.yml ├── ProxyShell │ ├── ProxyShell.json │ └── ProxyShell.yml ├── Psnmap │ ├── Psnmap.json │ └── Psnmap.yml ├── Pspersist │ ├── Pspersist.json │ └── Pspersist.yml ├── PstPassword │ ├── PstPassword.json │ └── PstPassword.yml ├── PurplePanda │ ├── PurplePanda.json │ └── PurplePanda.yml ├── PwDump7 │ ├── PwDump7.json │ └── PwDump7.yml ├── PwDump8 │ ├── PwDump8.json │ └── PwDump8.yml ├── PyExec │ ├── PyExec.json │ └── PyExec.yml ├── PyExfil │ ├── PyExfil.json │ └── PyExfil.yml ├── PySQLRecon │ ├── PySQLRecon.json │ └── PySQLRecon.yml ├── Pyramid │ ├── Pyramid.json │ └── Pyramid.yml ├── Python_Rootkit │ ├── Python_Rootkit.json │ └── Python_Rootkit.yml ├── Python_Wordlist_Generator │ ├── Python_Wordlist_Generator.json │ └── Python_Wordlist_Generator.yml ├── QuasarRAT │ ├── QuasarRAT.json │ └── QuasarRAT.yml ├── RDE1 │ ├── RDE1.json │ └── RDE1.yml ├── RDPCredentialStealer │ ├── RDPCredentialStealer.json │ └── RDPCredentialStealer.yml ├── RDPHijack_BOF │ ├── RDPHijack_BOF.json │ └── RDPHijack_BOF.yml ├── RDPInception │ ├── RDPInception.json │ └── RDPInception.yml ├── RDPSpray │ ├── RDPSpray.json │ └── RDPSpray.yml ├── RDP_Recognizer │ ├── RDP_Recognizer.json │ └── RDP_Recognizer.yml ├── RDPassSpray │ ├── RDPassSpray.json │ └── RDPassSpray.yml ├── REC2_ │ ├── REC2_.json │ └── REC2_.yml ├── RID_Hijacking │ ├── RID_Hijacking.json │ └── RID_Hijacking.yml ├── RITM │ ├── RITM.json │ └── RITM.yml ├── ROADtoken │ ├── ROADtoken.json │ └── ROADtoken.yml ├── ROADtools │ ├── ROADtools.json │ └── ROADtools.yml ├── RPC_Backdoor │ ├── RPC_Backdoor.json │ └── RPC_Backdoor.yml ├── RaRCE │ ├── RaRCE.json │ └── RaRCE.yml ├── Radare2 │ ├── Radare2.json │ └── Radare2.yml ├── RadareEye │ ├── RadareEye.json │ └── RadareEye.yml ├── RagingRotator │ ├── RagingRotator.json │ └── RagingRotator.yml ├── RainbowCrack │ ├── RainbowCrack.json │ └── RainbowCrack.yml ├── RandomPS_Scripts │ ├── RandomPS_Scripts.json │ └── RandomPS_Scripts.yml ├── RasmanPotato │ ├── RasmanPotato.json │ └── RasmanPotato.yml ├── RdpStrike │ ├── RdpStrike.json │ └── RdpStrike.yml ├── RdpThief │ ├── RdpThief.json │ └── RdpThief.yml ├── RealBlindingEDR │ ├── RealBlindingEDR.json │ └── RealBlindingEDR.yml ├── Recon_AD │ ├── Recon_AD.json │ └── Recon_AD.yml ├── RecycledInjector │ ├── RecycledInjector.json │ └── RecycledInjector.yml ├── RedGuard │ ├── RedGuard.json │ └── RedGuard.yml ├── RedHunt_OS │ ├── RedHunt_OS.json │ └── RedHunt_OS.yml ├── RedPeanut │ ├── RedPeanut.json │ └── RedPeanut.yml ├── RedPersist │ ├── RedPersist.json │ └── RedPersist.yml ├── RedTeam_Tools_n_Stuff │ ├── RedTeam_Tools_n_Stuff.json │ └── RedTeam_Tools_n_Stuff.yml ├── RedTeam_toolkit │ ├── RedTeam_toolkit.json │ └── RedTeam_toolkit.yml ├── Red_Baron │ ├── Red_Baron.json │ └── Red_Baron.yml ├── Red_Teaming_Toolkit │ ├── Red_Teaming_Toolkit.json │ └── Red_Teaming_Toolkit.yml ├── ReelPhish │ ├── ReelPhish.json │ └── ReelPhish.yml ├── RefleXXion │ ├── RefleXXion.json │ └── RefleXXion.yml ├── ReflectiveNtdll │ ├── ReflectiveNtdll.json │ └── ReflectiveNtdll.yml ├── RegHiveBackup │ ├── RegHiveBackup.json │ └── RegHiveBackup.yml ├── RemoteKrbRelay │ ├── RemoteKrbRelay.json │ └── RemoteKrbRelay.yml ├── RemotePipeList │ ├── RemotePipeList.json │ └── RemotePipeList.yml ├── RemotePotato0 │ ├── RemotePotato0.json │ └── RemotePotato0.yml ├── Rev_Shell │ ├── Rev_Shell.json │ └── Rev_Shell.yml ├── RevengeRAT_Stub_Cssharp │ ├── RevengeRAT_Stub_Cssharp.json │ └── RevengeRAT_Stub_Cssharp.yml ├── ReverseSock5Proxy │ ├── ReverseSock5Proxy.json │ └── ReverseSock5Proxy.yml ├── ReverseTCPShell │ ├── ReverseTCPShell.json │ └── ReverseTCPShell.yml ├── Rhadamanthys │ ├── Rhadamanthys.json │ └── Rhadamanthys.yml ├── Rock_ON │ ├── Rock_ON.json │ └── Rock_ON.yml ├── RoguePotato │ ├── RoguePotato.json │ └── RoguePotato.yml ├── RogueSploit │ ├── RogueSploit.json │ └── RogueSploit.yml ├── RogueWinRM │ ├── RogueWinRM.json │ └── RogueWinRM.yml ├── RottenPotatoNG │ ├── RottenPotatoNG.json │ └── RottenPotatoNG.yml ├── RouterPassView │ ├── RouterPassView.json │ └── RouterPassView.yml ├── RouterScan │ ├── RouterScan.json │ └── RouterScan.yml ├── Rubeus │ ├── Rubeus.json │ └── Rubeus.yml ├── Rudrastra │ ├── Rudrastra.json │ └── Rudrastra.yml ├── RunAsWinTcb │ ├── RunAsWinTcb.json │ └── RunAsWinTcb.yml ├── RunasCs │ ├── RunasCs.json │ └── RunasCs.yml ├── RuralBishop │ ├── RuralBishop.json │ └── RuralBishop.yml ├── RustHound │ ├── RustHound.json │ └── RustHound.yml ├── RustPotato │ ├── RustPotato.json │ └── RustPotato.yml ├── RustRedOps │ ├── RustRedOps.json │ └── RustRedOps.yml ├── Rust_Malware_Samples │ ├── Rust_Malware_Samples.json │ └── Rust_Malware_Samples.yml ├── Rust_for_Malware_Development │ ├── Rust_for_Malware_Development.json │ └── Rust_for_Malware_Development.yml ├── RustiveDump │ ├── RustiveDump.json │ └── RustiveDump.yml ├── S3Scanner │ ├── S3Scanner.json │ └── S3Scanner.yml ├── S4UTomato │ ├── S4UTomato.json │ └── S4UTomato.yml ├── SAP_GW_RCE_exploit │ ├── SAP_GW_RCE_exploit.json │ └── SAP_GW_RCE_exploit.yml ├── SCCMSecrets │ ├── SCCMSecrets.json │ └── SCCMSecrets.yml ├── SCCMVNC │ ├── SCCMVNC.json │ └── SCCMVNC.yml ├── SCMUACBypass │ ├── SCMUACBypass.json │ └── SCMUACBypass.yml ├── SCOMDecrypt │ ├── SCOMDecrypt.json │ └── SCOMDecrypt.yml ├── SMBCrunch │ ├── SMBCrunch.json │ └── SMBCrunch.yml ├── SMBGhost │ ├── SMBGhost.json │ └── SMBGhost.yml ├── SMBGhost_RCE_PoC │ ├── SMBGhost_RCE_PoC.json │ └── SMBGhost_RCE_PoC.yml ├── SMBSR │ ├── SMBSR.json │ └── SMBSR.yml ├── SMBTrap │ ├── SMBTrap.json │ └── SMBTrap.yml ├── SMBeagle │ ├── SMBeagle.json │ └── SMBeagle.yml ├── SMBetray │ ├── SMBetray.json │ └── SMBetray.yml ├── SMShell │ ├── SMShell.json │ └── SMShell.yml ├── SOAPHound │ ├── SOAPHound.json │ └── SOAPHound.yml ├── SQLRecon │ ├── SQLRecon.json │ └── SQLRecon.yml ├── SQLiScanner │ ├── SQLiScanner.json │ └── SQLiScanner.yml ├── SQLmate │ ├── SQLmate.json │ └── SQLmate.yml ├── SSH_PuTTY_login_bruteforcer │ ├── SSH_PuTTY_login_bruteforcer.json │ └── SSH_PuTTY_login_bruteforcer.yml ├── SSH_Snake │ ├── SSH_Snake.json │ └── SSH_Snake.yml ├── SSRFmap │ ├── SSRFmap.json │ └── SSRFmap.yml ├── SUDO_KILLER │ ├── SUDO_KILLER.json │ └── SUDO_KILLER.yml ├── SUID3NUM │ ├── SUID3NUM.json │ └── SUID3NUM.yml ├── S_inject │ ├── S_inject.json │ └── S_inject.yml ├── SafetyDump │ ├── SafetyDump.json │ └── SafetyDump.yml ├── SafetyKatz │ ├── SafetyKatz.json │ └── SafetyKatz.yml ├── Salsa_tools │ ├── Salsa_tools.json │ └── Salsa_tools.yml ├── SamDumpCable │ ├── SamDumpCable.json │ └── SamDumpCable.yml ├── Sandman │ ├── Sandman.json │ └── Sandman.yml ├── Scanners_Box │ ├── Scanners_Box.json │ └── Scanners_Box.yml ├── ScareCrow │ ├── ScareCrow.json │ └── ScareCrow.yml ├── SchTask_0x727 │ ├── SchTask_0x727.json │ └── SchTask_0x727.yml ├── ScheduleRunner │ ├── ScheduleRunner.json │ └── ScheduleRunner.yml ├── ScriptBlock_Smuggling │ ├── ScriptBlock_Smuggling.json │ └── ScriptBlock_Smuggling.yml ├── ScriptSentry │ ├── ScriptSentry.json │ └── ScriptSentry.yml ├── SeManageVolumeExploit │ ├── SeManageVolumeExploit.json │ └── SeManageVolumeExploit.yml ├── SearchOpenFileShares │ ├── SearchOpenFileShares.json │ └── SearchOpenFileShares.yml ├── SecLists │ ├── SecLists.json │ └── SecLists.yml ├── SecScanC2 │ ├── SecScanC2.json │ └── SecScanC2.yml ├── SecretServerSecretStealer │ ├── SecretServerSecretStealer.json │ └── SecretServerSecretStealer.yml ├── SeeYouCM_Thief │ ├── SeeYouCM_Thief.json │ └── SeeYouCM_Thief.yml ├── ServerlessRedirector │ ├── ServerlessRedirector.json │ └── ServerlessRedirector.yml ├── SessionExec │ ├── SessionExec.json │ └── SessionExec.yml ├── SessionGopher │ ├── SessionGopher.json │ └── SessionGopher.yml ├── SessionSearcher │ ├── SessionSearcher.json │ └── SessionSearcher.yml ├── SetProcessInjection │ ├── SetProcessInjection.json │ └── SetProcessInjection.yml ├── Set_EtwTraceProvider │ ├── Set_EtwTraceProvider.json │ └── Set_EtwTraceProvider.yml ├── Seth │ ├── Seth.json │ └── Seth.yml ├── ShadowDumper │ ├── ShadowDumper.json │ └── ShadowDumper.yml ├── ShadowForgeC2 │ ├── ShadowForgeC2.json │ └── ShadowForgeC2.yml ├── ShadowHound │ ├── ShadowHound.json │ └── ShadowHound.yml ├── ShadowSpray │ ├── ShadowSpray.json │ └── ShadowSpray.yml ├── ShadowStealer │ ├── ShadowStealer.json │ └── ShadowStealer.yml ├── SharPersist │ ├── SharPersist.json │ └── SharPersist.yml ├── SharPyShell │ ├── SharPyShell.json │ └── SharPyShell.yml ├── ShareAudit │ ├── ShareAudit.json │ └── ShareAudit.yml ├── SharpADWS │ ├── SharpADWS.json │ └── SharpADWS.yml ├── SharpAVKB │ ├── SharpAVKB.json │ └── SharpAVKB.yml ├── SharpAltSecIds │ ├── SharpAltSecIds.json │ └── SharpAltSecIds.yml ├── SharpAppLocker │ ├── SharpAppLocker.json │ └── SharpAppLocker.yml ├── SharpAzbelt │ ├── SharpAzbelt.json │ └── SharpAzbelt.yml ├── SharpBlackout │ ├── SharpBlackout.json │ └── SharpBlackout.yml ├── SharpBlock │ ├── SharpBlock.json │ └── SharpBlock.yml ├── SharpBruteForceSSH │ ├── SharpBruteForceSSH.json │ └── SharpBruteForceSSH.yml ├── SharpBuster │ ├── SharpBuster.json │ └── SharpBuster.yml ├── SharpC2 │ ├── SharpC2.json │ └── SharpC2.yml ├── SharpCOM │ ├── SharpCOM.json │ └── SharpCOM.yml ├── SharpChrome │ ├── SharpChrome.json │ └── SharpChrome.yml ├── SharpChromium │ ├── SharpChromium.json │ └── SharpChromium.yml ├── SharpClipHistory │ ├── SharpClipHistory.json │ └── SharpClipHistory.yml ├── SharpClipboard │ ├── SharpClipboard.json │ └── SharpClipboard.yml ├── SharpCloud │ ├── SharpCloud.json │ └── SharpCloud.yml ├── SharpCookieMonster │ ├── SharpCookieMonster.json │ └── SharpCookieMonster.yml ├── SharpDPAPI │ ├── SharpDPAPI.json │ └── SharpDPAPI.yml ├── SharpDXWebcam │ ├── SharpDXWebcam.json │ └── SharpDXWebcam.yml ├── SharpDecryptPwd │ ├── SharpDecryptPwd.json │ └── SharpDecryptPwd.yml ├── SharpDllProxy │ ├── SharpDllProxy.json │ └── SharpDllProxy.yml ├── SharpDomainSpray │ ├── SharpDomainSpray.json │ └── SharpDomainSpray.yml ├── SharpDoor │ ├── SharpDoor.json │ └── SharpDoor.yml ├── SharpDump │ ├── SharpDump.json │ └── SharpDump.yml ├── SharpEDRChecker │ ├── SharpEDRChecker.json │ └── SharpEDRChecker.yml ├── SharpEdge │ ├── SharpEdge.json │ └── SharpEdge.yml ├── SharpEfsPotato │ ├── SharpEfsPotato.json │ └── SharpEfsPotato.yml ├── SharpElevator │ ├── SharpElevator.json │ └── SharpElevator.yml ├── SharpEventLog │ ├── SharpEventLog.json │ └── SharpEventLog.yml ├── SharpEventPersist │ ├── SharpEventPersist.json │ └── SharpEventPersist.yml ├── SharpExShell │ ├── SharpExShell.json │ └── SharpExShell.yml ├── SharpExfil │ ├── SharpExfil.json │ └── SharpExfil.yml ├── SharpExfiltrate │ ├── SharpExfiltrate.json │ └── SharpExfiltrate.yml ├── SharpFtpC2 │ ├── SharpFtpC2.json │ └── SharpFtpC2.yml ├── SharpGPOAbuse │ ├── SharpGPOAbuse.json │ └── SharpGPOAbuse.yml ├── SharpGhostTask │ ├── SharpGhostTask.json │ └── SharpGhostTask.yml ├── SharpGmailC2 │ ├── SharpGmailC2.json │ └── SharpGmailC2.yml ├── SharpGpo │ ├── SharpGpo.json │ └── SharpGpo.yml ├── SharpGraphView │ ├── SharpGraphView.json │ └── SharpGraphView.yml ├── SharpHide │ ├── SharpHide.json │ └── SharpHide.yml ├── SharpHose │ ├── SharpHose.json │ └── SharpHose.yml ├── SharpIncrease │ ├── SharpIncrease.json │ └── SharpIncrease.yml ├── SharpKatz │ ├── SharpKatz.json │ └── SharpKatz.yml ├── SharpKiller │ ├── SharpKiller.json │ └── SharpKiller.yml ├── SharpLAPS │ ├── SharpLAPS.json │ └── SharpLAPS.yml ├── SharpLDAP │ ├── SharpLDAP.json │ └── SharpLDAP.yml ├── SharpLdapRelayScan │ ├── SharpLdapRelayScan.json │ └── SharpLdapRelayScan.yml ├── SharpLocker │ ├── SharpLocker.json │ └── SharpLocker.yml ├── SharpLogger │ ├── SharpLogger.json │ └── SharpLogger.yml ├── SharpMapExec │ ├── SharpMapExec.json │ └── SharpMapExec.yml ├── SharpMiniDump │ ├── SharpMiniDump.json │ └── SharpMiniDump.yml ├── SharpMove │ ├── SharpMove.json │ └── SharpMove.yml ├── SharpNBTScan │ ├── SharpNBTScan.json │ └── SharpNBTScan.yml ├── SharpNoPSExec │ ├── SharpNoPSExec.json │ └── SharpNoPSExec.yml ├── SharpOxidResolver │ ├── SharpOxidResolver.json │ └── SharpOxidResolver.yml ├── SharpPack │ ├── SharpPack.json │ └── SharpPack.yml ├── SharpPersistSD │ ├── SharpPersistSD.json │ └── SharpPersistSD.yml ├── SharpPrintNightmare │ ├── SharpPrintNightmare.json │ └── SharpPrintNightmare.yml ├── SharpRDP │ ├── SharpRDP.json │ └── SharpRDP.yml ├── SharpRDPHijack │ ├── SharpRDPHijack.json │ └── SharpRDPHijack.yml ├── SharpRDPThief │ ├── SharpRDPThief.json │ └── SharpRDPThief.yml ├── SharpRODC │ ├── SharpRODC.json │ └── SharpRODC.yml ├── SharpSAMDump │ ├── SharpSAMDump.json │ └── SharpSAMDump.yml ├── SharpSC │ ├── SharpSC.json │ └── SharpSC.yml ├── SharpSCCM │ ├── SharpSCCM.json │ └── SharpSCCM.yml ├── SharpSQL │ ├── SharpSQL.json │ └── SharpSQL.yml ├── SharpSQLPwn │ ├── SharpSQLPwn.json │ └── SharpSQLPwn.yml ├── SharpSSDP │ ├── SharpSSDP.json │ └── SharpSSDP.yml ├── SharpSecDump │ ├── SharpSecDump.json │ └── SharpSecDump.yml ├── SharpShares │ ├── SharpShares.json │ └── SharpShares.yml ├── SharpShellPipe │ ├── SharpShellPipe.json │ └── SharpShellPipe.yml ├── SharpShooter │ ├── SharpShooter.json │ └── SharpShooter.yml ├── SharpSocks │ ├── SharpSocks.json │ └── SharpSocks.yml ├── SharpSploit │ ├── SharpSploit.json │ └── SharpSploit.yml ├── SharpSploitConsole │ ├── SharpSploitConsole.json │ └── SharpSploitConsole.yml ├── SharpSpray │ ├── SharpSpray.json │ └── SharpSpray.yml ├── SharpStay │ ├── SharpStay.json │ └── SharpStay.yml ├── SharpSword │ ├── SharpSword.json │ └── SharpSword.yml ├── SharpSystemTriggers │ ├── SharpSystemTriggers.json │ └── SharpSystemTriggers.yml ├── SharpTerminator │ ├── SharpTerminator.json │ └── SharpTerminator.yml ├── SharpThief │ ├── SharpThief.json │ └── SharpThief.yml ├── SharpToken │ ├── SharpToken.json │ └── SharpToken.yml ├── SharpUnhooker │ ├── SharpUnhooker.json │ └── SharpUnhooker.yml ├── SharpUp │ ├── SharpUp.json │ └── SharpUp.yml ├── SharpVeeamDecryptor │ ├── SharpVeeamDecryptor.json │ └── SharpVeeamDecryptor.yml ├── SharpView │ ├── SharpView.json │ └── SharpView.yml ├── SharpWSUS │ ├── SharpWSUS.json │ └── SharpWSUS.yml ├── SharpWeb │ ├── SharpWeb.json │ └── SharpWeb.yml ├── SharpZeroLogon │ ├── SharpZeroLogon.json │ └── SharpZeroLogon.yml ├── Sharp_Suite │ ├── Sharp_Suite.json │ └── Sharp_Suite.yml ├── Sharpmad │ ├── Sharpmad.json │ └── Sharpmad.yml ├── Shell3er │ ├── Shell3er.json │ └── Shell3er.yml ├── ShellGen │ ├── ShellGen.json │ └── ShellGen.yml ├── ShellGhost │ ├── ShellGhost.json │ └── ShellGhost.yml ├── ShellPop │ ├── ShellPop.json │ └── ShellPop.yml ├── ShellPwnsh │ ├── ShellPwnsh.json │ └── ShellPwnsh.yml ├── ShellServe │ ├── ShellServe.json │ └── ShellServe.yml ├── ShellSync │ ├── ShellSync.json │ └── ShellSync.yml ├── Shellcode_Downloader_CreateThread_Execution │ ├── Shellcode_Downloader_CreateThread_Execution.json │ └── Shellcode_Downloader_CreateThread_Execution.yml ├── Shellcode_Hide │ ├── Shellcode_Hide.json │ └── Shellcode_Hide.yml ├── Shellcode_Loader │ ├── Shellcode_Loader.json │ └── Shellcode_Loader.yml ├── Shhhloader │ ├── Shhhloader.json │ └── Shhhloader.yml ├── ShimDB │ ├── ShimDB.json │ └── ShimDB.yml ├── ShimMe │ ├── ShimMe.json │ └── ShimMe.yml ├── Shoggoth │ ├── Shoggoth.json │ └── Shoggoth.yml ├── ShuckNT │ ├── ShuckNT.json │ └── ShuckNT.yml ├── Shwmae │ ├── Shwmae.json │ └── Shwmae.yml ├── SigPloit │ ├── SigPloit.json │ └── SigPloit.yml ├── SigmaPotato │ ├── SigmaPotato.json │ └── SigmaPotato.yml ├── SignToolEx │ ├── SignToolEx.json │ └── SignToolEx.yml ├── SilentCryptoMiner │ ├── SilentCryptoMiner.json │ └── SilentCryptoMiner.yml ├── SilentHound │ ├── SilentHound.json │ └── SilentHound.yml ├── SilentMoonwalk │ ├── SilentMoonwalk.json │ └── SilentMoonwalk.yml ├── SillyRAT │ ├── SillyRAT.json │ └── SillyRAT.yml ├── SimpleBackdoorAdmin │ ├── SimpleBackdoorAdmin.json │ └── SimpleBackdoorAdmin.yml ├── SimpleNTSyscallFuzzer │ ├── SimpleNTSyscallFuzzer.json │ └── SimpleNTSyscallFuzzer.yml ├── Simple_Reverse_Shell │ ├── Simple_Reverse_Shell.json │ └── Simple_Reverse_Shell.yml ├── SimplyEmail │ ├── SimplyEmail.json │ └── SimplyEmail.yml ├── SingleDose │ ├── SingleDose.json │ └── SingleDose.yml ├── SirepRAT │ ├── SirepRAT.json │ └── SirepRAT.yml ├── Sitadel │ ├── Sitadel.json │ └── Sitadel.yml ├── Slackor │ ├── Slackor.json │ └── Slackor.yml ├── SlinkyCat │ ├── SlinkyCat.json │ └── SlinkyCat.yml ├── SlowLoris │ ├── SlowLoris.json │ └── SlowLoris.yml ├── SmashedPotato │ ├── SmashedPotato.json │ └── SmashedPotato.yml ├── Smbtouch_Scanner │ ├── Smbtouch_Scanner.json │ └── Smbtouch_Scanner.yml ├── Sn1per │ ├── Sn1per.json │ └── Sn1per.yml ├── SnaffPoint │ ├── SnaffPoint.json │ └── SnaffPoint.yml ├── Snaffler │ ├── Snaffler.json │ └── Snaffler.yml ├── SniffAir │ ├── SniffAir.json │ └── SniffAir.yml ├── SniffPass │ ├── SniffPass.json │ └── SniffPass.yml ├── SocialBox_Termux │ ├── SocialBox_Termux.json │ └── SocialBox_Termux.yml ├── SocialPwned │ ├── SocialPwned.json │ └── SocialPwned.yml ├── SomalifuscatorV2 │ ├── SomalifuscatorV2.json │ └── SomalifuscatorV2.yml ├── SpaceRunner │ ├── SpaceRunner.json │ └── SpaceRunner.yml ├── SpamChannel │ ├── SpamChannel.json │ └── SpamChannel.yml ├── Spartacus │ ├── Spartacus.json │ └── Spartacus.yml ├── SplunkWhisperer2 │ ├── SplunkWhisperer2.json │ └── SplunkWhisperer2.yml ├── SpookFlare │ ├── SpookFlare.json │ └── SpookFlare.yml ├── SpoolFool │ ├── SpoolFool.json │ └── SpoolFool.yml ├── Spray365 │ ├── Spray365.json │ └── Spray365.yml ├── SprayingToolkit │ ├── SprayingToolkit.json │ └── SprayingToolkit.yml ├── Spring4Shell │ ├── Spring4Shell.json │ └── Spring4Shell.yml ├── SpringCore0day │ ├── SpringCore0day.json │ └── SpringCore0day.yml ├── Spyndicapped │ ├── Spyndicapped.json │ └── Spyndicapped.yml ├── SspiUacBypass │ ├── SspiUacBypass.json │ └── SspiUacBypass.yml ├── StackCrypt │ ├── StackCrypt.json │ └── StackCrypt.yml ├── StandIn │ ├── StandIn.json │ └── StandIn.yml ├── StarFighters │ ├── StarFighters.json │ └── StarFighters.yml ├── Stardust │ ├── Stardust.json │ └── Stardust.yml ├── Starkiller │ ├── Starkiller.json │ └── Starkiller.yml ├── StayKit │ ├── StayKit.json │ └── StayKit.yml ├── StealDhcpSecrets │ ├── StealDhcpSecrets.json │ └── StealDhcpSecrets.yml ├── Sticky_Keys_Slayer │ ├── Sticky_Keys_Slayer.json │ └── Sticky_Keys_Slayer.yml ├── Stifle │ ├── Stifle.json │ └── Stifle.yml ├── Stompy │ ├── Stompy.json │ └── Stompy.yml ├── Striker │ ├── Striker.json │ └── Striker.yml ├── Sublist3r │ ├── Sublist3r.json │ └── Sublist3r.yml ├── Suborner │ ├── Suborner.json │ └── Suborner.yml ├── Sudomy │ ├── Sudomy.json │ └── Sudomy.yml ├── SunCrypt │ ├── SunCrypt.json │ └── SunCrypt.yml ├── Sunder │ ├── Sunder.json │ └── Sunder.yml ├── Supernova │ ├── Supernova.json │ └── Supernova.yml ├── SwampThing │ ├── SwampThing.json │ └── SwampThing.yml ├── SweetPotato │ ├── SweetPotato.json │ └── SweetPotato.yml ├── Synergy_httpx │ ├── Synergy_httpx.json │ └── Synergy_httpx.yml ├── SysJoker │ ├── SysJoker.json │ └── SysJoker.yml ├── SysWhispers3 │ ├── SysWhispers3.json │ └── SysWhispers3.yml ├── SystemBC │ ├── SystemBC.json │ └── SystemBC.yml ├── TGSThief │ ├── TGSThief.json │ └── TGSThief.yml ├── TGT_Monitor │ ├── TGT_Monitor.json │ └── TGT_Monitor.yml ├── TREVORspray │ ├── TREVORspray.json │ └── TREVORspray.yml ├── TakeMyRDP │ ├── TakeMyRDP.json │ └── TakeMyRDP.yml ├── TartarusGate │ ├── TartarusGate.json │ └── TartarusGate.yml ├── Tchopper │ ├── Tchopper.json │ └── Tchopper.yml ├── TeamFiltration │ ├── TeamFiltration.json │ └── TeamFiltration.yml ├── TeamsEnum │ ├── TeamsEnum.json │ └── TeamsEnum.yml ├── TelegramRAT │ ├── TelegramRAT.json │ └── TelegramRAT.yml ├── Telemetry │ ├── Telemetry.json │ └── Telemetry.yml ├── Termite │ ├── Termite.json │ └── Termite.yml ├── TheFatRat │ ├── TheFatRat.json │ └── TheFatRat.yml ├── ThievingFox │ ├── ThievingFox.json │ └── ThievingFox.yml ├── ThisIsNotRat │ ├── ThisIsNotRat.json │ └── ThisIsNotRat.yml ├── Thread_Pool_Injection_PoC │ ├── Thread_Pool_Injection_PoC.json │ └── Thread_Pool_Injection_PoC.yml ├── ThreadlessInject │ ├── ThreadlessInject.json │ └── ThreadlessInject.yml ├── ThreatCheck │ ├── ThreatCheck.json │ └── ThreatCheck.yml ├── Throwback │ ├── Throwback.json │ └── Throwback.yml ├── ThunderDNS │ ├── ThunderDNS.json │ └── ThunderDNS.yml ├── ThunderShell │ ├── ThunderShell.json │ └── ThunderShell.yml ├── TimeException │ ├── TimeException.json │ └── TimeException.yml ├── Timeroast │ ├── Timeroast.json │ └── Timeroast.yml ├── TinyMet │ ├── TinyMet.json │ └── TinyMet.yml ├── ToRat │ ├── ToRat.json │ └── ToRat.yml ├── TokenFinder │ ├── TokenFinder.json │ └── TokenFinder.yml ├── TokenPlayer │ ├── TokenPlayer.json │ └── TokenPlayer.yml ├── TokenStealer │ ├── TokenStealer.json │ └── TokenStealer.yml ├── TokenTactics │ ├── TokenTactics.json │ └── TokenTactics.yml ├── TokenTacticsV2 │ ├── TokenTacticsV2.json │ └── TokenTacticsV2.yml ├── TokenUniverse │ ├── TokenUniverse.json │ └── TokenUniverse.yml ├── Token_Impersonation │ ├── Token_Impersonation.json │ └── Token_Impersonation.yml ├── Tokenvator │ ├── Tokenvator.json │ └── Tokenvator.yml ├── Tool_PassView │ ├── Tool_PassView.json │ └── Tool_PassView.yml ├── Tool_X │ ├── Tool_X.json │ └── Tool_X.yml ├── Tor │ ├── Tor.json │ └── Tor.yml ├── TorPylle │ ├── TorPylle.json │ └── TorPylle.yml ├── TotalRecall │ ├── TotalRecall.json │ └── TotalRecall.yml ├── TrickDump │ ├── TrickDump.json │ └── TrickDump.yml ├── TripleCross │ ├── TripleCross.json │ └── TripleCross.yml ├── TrueSocks │ ├── TrueSocks.json │ └── TrueSocks.yml ├── Tsunami │ ├── Tsunami.json │ └── Tsunami.yml ├── TunnelVision │ ├── TunnelVision.json │ └── TunnelVision.yml ├── UACME │ ├── UACME.json │ └── UACME.yml ├── UFONet │ ├── UFONet.json │ └── UFONet.yml ├── UnhookingPatch │ ├── UnhookingPatch.json │ └── UnhookingPatch.yml ├── UniByAv │ ├── UniByAv.json │ └── UniByAv.yml ├── UniversalDVC │ ├── UniversalDVC.json │ └── UniversalDVC.yml ├── UnlinkDLL │ ├── UnlinkDLL.json │ └── UnlinkDLL.yml ├── UnmanagedPowerShell │ ├── UnmanagedPowerShell.json │ └── UnmanagedPowerShell.yml ├── UnquotedPath │ ├── UnquotedPath.json │ └── UnquotedPath.yml ├── UnstoppableService │ ├── UnstoppableService.json │ └── UnstoppableService.yml ├── UserEnum │ ├── UserEnum.json │ └── UserEnum.yml ├── UsoDllLoader │ ├── UsoDllLoader.json │ └── UsoDllLoader.yml ├── V3n0M_Scanner │ ├── V3n0M_Scanner.json │ └── V3n0M_Scanner.yml ├── VBA_RunPE │ ├── VBA_RunPE.json │ └── VBA_RunPE.yml ├── VDR │ ├── VDR.json │ └── VDR.yml ├── VNCPassView │ ├── VNCPassView.json │ └── VNCPassView.yml ├── VPNPivot │ ├── VPNPivot.json │ └── VPNPivot.yml ├── Vajra │ ├── Vajra.json │ └── Vajra.yml ├── VeamHax │ ├── VeamHax.json │ └── VeamHax.yml ├── VectorKernel │ ├── VectorKernel.json │ └── VectorKernel.yml ├── VenomousSway │ ├── VenomousSway.json │ └── VenomousSway.yml ├── Villain │ ├── Villain.json │ └── Villain.yml ├── VirusTotalC2 │ ├── VirusTotalC2.json │ └── VirusTotalC2.yml ├── VoidCrypt │ ├── VoidCrypt.json │ └── VoidCrypt.yml ├── Voidgate │ ├── Voidgate.json │ └── Voidgate.yml ├── Volumiser │ ├── Volumiser.json │ └── Volumiser.yml ├── Vulmap │ ├── Vulmap.json │ └── Vulmap.yml ├── WAF_bypass_Cheat_Sheet │ ├── WAF_bypass_Cheat_Sheet.json │ └── WAF_bypass_Cheat_Sheet.yml ├── WDBypass │ ├── WDBypass.json │ └── WDBypass.yml ├── WDExtract │ ├── WDExtract.json │ └── WDExtract.yml ├── WINspect │ ├── WINspect.json │ └── WINspect.yml ├── WLAN_Windows_Passwords │ ├── WLAN_Windows_Passwords.json │ └── WLAN_Windows_Passwords.yml ├── WMEye │ ├── WMEye.json │ └── WMEye.yml ├── WMIHACKER │ ├── WMIHACKER.json │ └── WMIHACKER.yml ├── WMIPersistence │ ├── WMIPersistence.json │ └── WMIPersistence.yml ├── WMIcmd │ ├── WMIcmd.json │ └── WMIcmd.yml ├── WMImplant │ ├── WMImplant.json │ └── WMImplant.yml ├── WPScan │ ├── WPScan.json │ └── WPScan.yml ├── WSAAcceptBackdoor │ ├── WSAAcceptBackdoor.json │ └── WSAAcceptBackdoor.yml ├── WSMan_WinRM │ ├── WSMan_WinRM.json │ └── WSMan_WinRM.yml ├── WSPCoerce │ ├── WSPCoerce.json │ └── WSPCoerce.yml ├── WSUSpendu │ ├── WSUSpendu.json │ └── WSUSpendu.yml ├── Waitfor_Persistence │ ├── Waitfor_Persistence.json │ └── Waitfor_Persistence.yml ├── WebDavC2 │ ├── WebDavC2.json │ └── WebDavC2.yml ├── WebDeveloperSecurityChecklist │ ├── WebDeveloperSecurityChecklist.json │ └── WebDeveloperSecurityChecklist.yml ├── WebSocketReverseShellDotNet │ ├── WebSocketReverseShellDotNet.json │ └── WebSocketReverseShellDotNet.yml ├── Weevely3 │ ├── Weevely3.json │ └── Weevely3.yml ├── WerTrigger │ ├── WerTrigger.json │ └── WerTrigger.yml ├── WhatBreach │ ├── WhatBreach.json │ └── WhatBreach.yml ├── WheresMyImplant │ ├── WheresMyImplant.json │ └── WheresMyImplant.yml ├── Whisker │ ├── Whisker.json │ └── Whisker.yml ├── WiFi_Pumpkin │ ├── WiFi_Pumpkin.json │ └── WiFi_Pumpkin.yml ├── WinDefenderKiller │ ├── WinDefenderKiller.json │ └── WinDefenderKiller.yml ├── WinPirate │ ├── WinPirate.json │ └── WinPirate.yml ├── WinPwn │ ├── WinPwn.json │ └── WinPwn.yml ├── WinPwnage │ ├── WinPwnage.json │ └── WinPwnage.yml ├── WinSCPPasswdExtractor │ ├── WinSCPPasswdExtractor.json │ └── WinSCPPasswdExtractor.yml ├── WinShellcode │ ├── WinShellcode.json │ └── WinShellcode.yml ├── WindfarmDynamite │ ├── WindfarmDynamite.json │ └── WindfarmDynamite.yml ├── WindowsDowndate │ ├── WindowsDowndate.json │ └── WindowsDowndate.yml ├── WindowsExploitationResources │ ├── WindowsExploitationResources.json │ └── WindowsExploitationResources.yml ├── Windows_Crack │ ├── Windows_Crack.json │ └── Windows_Crack.yml ├── Windows_Exploit_Suggester │ ├── Windows_Exploit_Suggester.json │ └── Windows_Exploit_Suggester.yml ├── Windows_MSKSSRV_LPE_CVE_2023_36802 │ ├── Windows_MSKSSRV_LPE_CVE_2023_36802.json │ └── Windows_MSKSSRV_LPE_CVE_2023_36802.yml ├── Windows_Post_Exploitation │ ├── Windows_Post_Exploitation.json │ └── Windows_Post_Exploitation.yml ├── Windows_Privilege_Escalation │ ├── Windows_Privilege_Escalation.json │ └── Windows_Privilege_Escalation.yml ├── Winpayloads │ ├── Winpayloads.json │ └── Winpayloads.yml ├── WirelessKeyView │ ├── WirelessKeyView.json │ └── WirelessKeyView.yml ├── WitnessMe │ ├── WitnessMe.json │ └── WitnessMe.yml ├── Wmisploit │ ├── Wmisploit.json │ └── Wmisploit.yml ├── WorldWind_Stealer │ ├── WorldWind_Stealer.json │ └── WorldWind_Stealer.yml ├── XSS_Payloads │ ├── XSS_Payloads.json │ └── XSS_Payloads.yml ├── XSStrike │ ├── XSStrike.json │ └── XSStrike.yml ├── XXEinjector │ ├── XXEinjector.json │ └── XXEinjector.yml ├── Xerror │ ├── Xerror.json │ └── Xerror.yml ├── XiebroC2 │ ├── XiebroC2.json │ └── XiebroC2.yml ├── Xrulez │ ├── Xrulez.json │ └── Xrulez.yml ├── Xworm │ ├── Xworm.json │ └── Xworm.yml ├── ZeroHVCI │ ├── ZeroHVCI.json │ └── ZeroHVCI.yml ├── ZipExec │ ├── ZipExec.json │ └── ZipExec.yml ├── Zloader │ ├── Zloader.json │ └── Zloader.yml ├── _ │ ├── _.json │ └── _.yml ├── acheron │ ├── acheron.json │ └── acheron.yml ├── acltoolkit │ ├── acltoolkit.json │ └── acltoolkit.yml ├── adPEAS │ ├── adPEAS.json │ └── adPEAS.yml ├── ad_ldap_enum │ ├── ad_ldap_enum.json │ └── ad_ldap_enum.yml ├── adalanche │ ├── adalanche.json │ └── adalanche.yml ├── adaudit │ ├── adaudit.json │ └── adaudit.yml ├── adconnectdump │ ├── adconnectdump.json │ └── adconnectdump.yml ├── adcshunter │ ├── adcshunter.json │ └── adcshunter.yml ├── adcsync │ ├── adcsync.json │ └── adcsync.yml ├── adeleg │ ├── adeleg.json │ └── adeleg.yml ├── adfsbrute │ ├── adfsbrute.json │ └── adfsbrute.yml ├── adfspray │ ├── adfspray.json │ └── adfspray.yml ├── adhunt │ ├── adhunt.json │ └── adhunt.yml ├── adidnsdump │ ├── adidnsdump.json │ └── adidnsdump.yml ├── adsearch │ ├── adsearch.json │ └── adsearch.yml ├── afrog │ ├── afrog.json │ └── afrog.yml ├── aircrack │ ├── aircrack.json │ └── aircrack.yml ├── aircrack_ng │ ├── aircrack_ng.json │ └── aircrack_ng.yml ├── airmon_ng │ ├── airmon_ng.json │ └── airmon_ng.yml ├── airpwn_ng │ ├── airpwn_ng.json │ └── airpwn_ng.yml ├── al_khaser │ ├── al_khaser.json │ └── al_khaser.yml ├── amsi_fail │ ├── amsi_fail.json │ └── amsi_fail.yml ├── antSword │ ├── antSword.json │ └── antSword.yml ├── apollon │ ├── apollon.json │ └── apollon.yml ├── aquatone │ ├── aquatone.json │ └── aquatone.yml ├── archerysec │ ├── archerysec.json │ └── archerysec.yml ├── archstrike │ ├── archstrike.json │ └── archstrike.yml ├── armitage │ ├── armitage.json │ └── armitage.yml ├── arpspoofing │ ├── arpspoofing.json │ └── arpspoofing.yml ├── arsenal │ ├── arsenal.json │ └── arsenal.yml ├── asleap │ ├── asleap.json │ └── asleap.yml ├── atexec_pro │ ├── atexec_pro.json │ └── atexec_pro.yml ├── attifyos │ ├── attifyos.json │ └── attifyos.yml ├── autoNTDS │ ├── autoNTDS.json │ └── autoNTDS.yml ├── autobloody │ ├── autobloody.json │ └── autobloody.yml ├── autonse │ ├── autonse.json │ └── autonse.yml ├── autopwn │ ├── autopwn.json │ └── autopwn.yml ├── autotimeliner │ ├── autotimeliner.json │ └── autotimeliner.yml ├── avet │ ├── avet.json │ └── avet.yml ├── avred │ ├── avred.json │ └── avred.yml ├── awesome_osint │ ├── awesome_osint.json │ └── awesome_osint.yml ├── awesome_pentest │ ├── awesome_pentest.json │ └── awesome_pentest.yml ├── awesome_pentest_cheat_sheets │ ├── awesome_pentest_cheat_sheets.json │ └── awesome_pentest_cheat_sheets.yml ├── awesome_scapy │ ├── awesome_scapy.json │ └── awesome_scapy.yml ├── awesome_static_analysis │ ├── awesome_static_analysis.json │ └── awesome_static_analysis.yml ├── awesome_web_security │ ├── awesome_web_security.json │ └── awesome_web_security.yml ├── awesome_windows_domain_hardening │ ├── awesome_windows_domain_hardening.json │ └── awesome_windows_domain_hardening.yml ├── b374k │ ├── b374k.json │ └── b374k.yml ├── backdoor_keyword │ ├── backdoor_keyword.json │ └── backdoor_keyword.yml ├── badazure │ ├── badazure.json │ └── badazure.yml ├── badrats │ ├── badrats.json │ └── badrats.yml ├── badtouch │ ├── badtouch.json │ └── badtouch.yml ├── base64 │ ├── base64.json │ └── base64.yml ├── beef │ ├── beef.json │ └── beef.yml ├── bettercap │ ├── bettercap.json │ └── bettercap.yml ├── betterdefaultpasslist │ ├── betterdefaultpasslist.json │ └── betterdefaultpasslist.yml ├── bitb │ ├── bitb.json │ └── bitb.yml ├── blackarch │ ├── blackarch.json │ └── blackarch.yml ├── blackcat_ransomware │ ├── blackcat_ransomware.json │ └── blackcat_ransomware.yml ├── blackvision │ ├── blackvision.json │ └── blackvision.yml ├── blindsight │ ├── blindsight.json │ └── blindsight.yml ├── bloodhound │ ├── bloodhound.json │ └── bloodhound.yml ├── bloodhound_quickwin │ ├── bloodhound_quickwin.json │ └── bloodhound_quickwin.yml ├── bloodyAD │ ├── bloodyAD.json │ └── bloodyAD.yml ├── bof_collection │ ├── bof_collection.json │ └── bof_collection.yml ├── bofhound │ ├── bofhound.json │ └── bofhound.yml ├── boko │ ├── boko.json │ └── boko.yml ├── bootkit_rs │ ├── bootkit_rs.json │ └── bootkit_rs.yml ├── bpf_keylogger │ ├── bpf_keylogger.json │ └── bpf_keylogger.yml ├── bropper │ ├── bropper.json │ └── bropper.yml ├── browserling │ ├── browserling.json │ └── browserling.yml ├── bruteratel │ ├── bruteratel.json │ └── bruteratel.yml ├── brutespray │ ├── brutespray.json │ └── brutespray.yml ├── bulletpassview │ ├── bulletpassview.json │ └── bulletpassview.yml ├── burp_log4shell │ ├── burp_log4shell.json │ └── burp_log4shell.yml ├── burpsuite │ ├── burpsuite.json │ └── burpsuite.yml ├── byob │ ├── byob.json │ └── byob.yml ├── bypassUAC │ ├── bypassUAC.json │ └── bypassUAC.yml ├── bypass_clm │ ├── bypass_clm.json │ └── bypass_clm.yml ├── bypasswaf │ ├── bypasswaf.json │ └── bypasswaf.yml ├── canisrufus │ ├── canisrufus.json │ └── canisrufus.yml ├── catphish │ ├── catphish.json │ └── catphish.yml ├── catspin │ ├── catspin.json │ └── catspin.yml ├── ccmpwn │ ├── ccmpwn.json │ └── ccmpwn.yml ├── cdn_proxy │ ├── cdn_proxy.json │ └── cdn_proxy.yml ├── celerystalk │ ├── celerystalk.json │ └── celerystalk.yml ├── cerbrutus │ ├── cerbrutus.json │ └── cerbrutus.yml ├── certsync │ ├── certsync.json │ └── certsync.yml ├── changeme │ ├── changeme.json │ └── changeme.yml ├── chaos │ ├── chaos.json │ └── chaos.yml ├── charles_proxy │ ├── charles_proxy.json │ └── charles_proxy.yml ├── charlotte │ ├── charlotte.json │ └── charlotte.yml ├── chashell │ ├── chashell.json │ └── chashell.yml ├── cheetah │ ├── cheetah.json │ └── cheetah.yml ├── chimera │ ├── chimera.json │ └── chimera.yml ├── chisel │ ├── chisel.json │ └── chisel.yml ├── chntpw │ ├── chntpw.json │ └── chntpw.yml ├── chromedump │ ├── chromedump.json │ └── chromedump.yml ├── chromepass │ ├── chromepass.json │ └── chromepass.yml ├── chunk_Proxy │ ├── chunk_Proxy.json │ └── chunk_Proxy.yml ├── cirt_fuzzer │ ├── cirt_fuzzer.json │ └── cirt_fuzzer.yml ├── clickjack │ ├── clickjack.json │ └── clickjack.yml ├── cliws │ ├── cliws.json │ └── cliws.yml ├── cloakify │ ├── cloakify.json │ └── cloakify.yml ├── cloud_enum │ ├── cloud_enum.json │ └── cloud_enum.yml ├── cloudsploit │ ├── cloudsploit.json │ └── cloudsploit.yml ├── cobaltstrike │ ├── cobaltstrike.json │ └── cobaltstrike.yml ├── combine_harvester │ ├── combine_harvester.json │ └── combine_harvester.yml ├── commando_vm │ ├── commando_vm.json │ └── commando_vm.yml ├── commix │ ├── commix.json │ └── commix.yml ├── comsvcs_dll │ ├── comsvcs_dll.json │ └── comsvcs_dll.yml ├── conpass │ ├── conpass.json │ └── conpass.yml ├── conti │ ├── conti.json │ └── conti.yml ├── covenant │ ├── covenant.json │ └── covenant.yml ├── crack_sh │ ├── crack_sh.json │ └── crack_sh.yml ├── cracklord │ ├── cracklord.json │ └── cracklord.yml ├── crackmapexec │ ├── crackmapexec.json │ └── crackmapexec.yml ├── crackmd5_ru │ ├── crackmd5_ru.json │ └── crackmd5_ru.yml ├── crackpkcs12 │ ├── crackpkcs12.json │ └── crackpkcs12.yml ├── creddump7 │ ├── creddump7.json │ └── creddump7.yml ├── credhistview │ ├── credhistview.json │ └── credhistview.yml ├── crossc2 │ ├── crossc2.json │ └── crossc2.yml ├── crunch │ ├── crunch.json │ └── crunch.yml ├── crypto_identifier │ ├── crypto_identifier.json │ └── crypto_identifier.yml ├── cryptomining │ ├── cryptomining.json │ └── cryptomining.yml ├── csploit │ ├── csploit.json │ └── csploit.yml ├── cstealer │ ├── cstealer.json │ └── cstealer.yml ├── ctfr │ ├── ctfr.json │ └── ctfr.yml ├── ctftool │ ├── ctftool.json │ └── ctftool.yml ├── cuddlephish │ ├── cuddlephish.json │ └── cuddlephish.yml ├── curlshell │ ├── curlshell.json │ └── curlshell.yml ├── daphne │ ├── daphne.json │ └── daphne.yml ├── darkarmour │ ├── darkarmour.json │ └── darkarmour.yml ├── datasploit │ ├── datasploit.json │ └── datasploit.yml ├── dazzleUP │ ├── dazzleUP.json │ └── dazzleUP.yml ├── dcipher_cli │ ├── dcipher_cli.json │ └── dcipher_cli.yml ├── dcomhijack │ ├── dcomhijack.json │ └── dcomhijack.yml ├── decrypt_chrome_passwords │ ├── decrypt_chrome_passwords.json │ └── decrypt_chrome_passwords.yml ├── default_password_info │ ├── default_password_info.json │ └── default_password_info.yml ├── defender_control │ ├── defender_control.json │ └── defender_control.yml ├── deimosc2 │ ├── deimosc2.json │ └── deimosc2.yml ├── demiguise │ ├── demiguise.json │ └── demiguise.yml ├── dialupass │ ├── dialupass.json │ └── dialupass.yml ├── dirbuster │ ├── dirbuster.json │ └── dirbuster.yml ├── dirdevil │ ├── dirdevil.json │ └── dirdevil.yml ├── dirscraper │ ├── dirscraper.json │ └── dirscraper.yml ├── dirsearch │ ├── dirsearch.json │ └── dirsearch.yml ├── dirty_pipe │ ├── dirty_pipe.json │ └── dirty_pipe.yml ├── dirtycow │ ├── dirtycow.json │ └── dirtycow.yml ├── discord_c2 │ ├── discord_c2.json │ └── discord_c2.yml ├── disctopia_c2 │ ├── disctopia_c2.json │ └── disctopia_c2.yml ├── dll_hijack_by_proxying │ ├── dll_hijack_by_proxying.json │ └── dll_hijack_by_proxying.yml ├── dns2tcp │ ├── dns2tcp.json │ └── dns2tcp.yml ├── dns_black_cat │ ├── dns_black_cat.json │ └── dns_black_cat.yml ├── dnscan │ ├── dnscan.json │ └── dnscan.yml ├── dnscat │ ├── dnscat.json │ └── dnscat.yml ├── dnscat2 │ ├── dnscat2.json │ └── dnscat2.yml ├── dnschef_ng │ ├── dnschef_ng.json │ └── dnschef_ng.yml ├── dnscrypt │ ├── dnscrypt.json │ └── dnscrypt.yml ├── dnsdumpster │ ├── dnsdumpster.json │ └── dnsdumpster.yml ├── dnsenum │ ├── dnsenum.json │ └── dnsenum.yml ├── dnskire │ ├── dnskire.json │ └── dnskire.yml ├── dnsmorph │ ├── dnsmorph.json │ └── dnsmorph.yml ├── dnspot │ ├── dnspot.json │ └── dnspot.yml ├── dnsrecon │ ├── dnsrecon.json │ └── dnsrecon.yml ├── dnsteal │ ├── dnsteal.json │ └── dnsteal.yml ├── dnstwist │ ├── dnstwist.json │ └── dnstwist.yml ├── domain_analyzer │ ├── domain_analyzer.json │ └── domain_analyzer.yml ├── domained │ ├── domained.json │ └── domained.yml ├── domainhunter │ ├── domainhunter.json │ └── domainhunter.yml ├── donpapi │ ├── donpapi.json │ └── donpapi.yml ├── donut │ ├── donut.json │ └── donut.yml ├── dos_over_tor │ ├── dos_over_tor.json │ └── dos_over_tor.yml ├── doucme │ ├── doucme.json │ └── doucme.yml ├── dploot │ ├── dploot.json │ └── dploot.yml ├── dropper │ ├── dropper.json │ └── dropper.yml ├── dsniff │ ├── dsniff.json │ └── dsniff.yml ├── dsregcmd │ ├── dsregcmd.json │ └── dsregcmd.yml ├── dtd_finder │ ├── dtd_finder.json │ └── dtd_finder.yml ├── ducky │ ├── ducky.json │ └── ducky.yml ├── dumper2020 │ ├── dumper2020.json │ └── dumper2020.yml ├── echoac_poc │ ├── echoac_poc.json │ └── echoac_poc.yml ├── egressbuster │ ├── egressbuster.json │ └── egressbuster.yml ├── elevationstation │ ├── elevationstation.json │ └── elevationstation.yml ├── elite_proxy_finder │ ├── elite_proxy_finder.json │ └── elite_proxy_finder.yml ├── emkei_cz │ ├── emkei_cz.json │ └── emkei_cz.yml ├── empire │ ├── empire.json │ └── empire.yml ├── enum4linux │ ├── enum4linux.json │ └── enum4linux.yml ├── etwunhook │ ├── etwunhook.json │ └── etwunhook.yml ├── evil_proxy │ ├── evil_proxy.json │ └── evil_proxy.yml ├── evil_winrm │ ├── evil_winrm.json │ └── evil_winrm.yml ├── evilginx │ ├── evilginx.json │ └── evilginx.yml ├── evilginx2 │ ├── evilginx2.json │ └── evilginx2.yml ├── evilgrade │ ├── evilgrade.json │ └── evilgrade.yml ├── evilqr │ ├── evilqr.json │ └── evilqr.yml ├── evilrdp │ ├── evilrdp.json │ └── evilrdp.yml ├── exe2powershell │ ├── exe2powershell.json │ └── exe2powershell.yml ├── exe_to_dll │ ├── exe_to_dll.json │ └── exe_to_dll.yml ├── exegol │ ├── exegol.json │ └── exegol.yml ├── expl_bin │ ├── expl_bin.json │ └── expl_bin.yml ├── exploit_db │ ├── exploit_db.json │ └── exploit_db.yml ├── fake_sms │ ├── fake_sms.json │ └── fake_sms.yml ├── fakelogonscreen │ ├── fakelogonscreen.json │ └── fakelogonscreen.yml ├── fastfuzz │ ├── fastfuzz.json │ └── fastfuzz.yml ├── fcrackzip │ ├── fcrackzip.json │ └── fcrackzip.yml ├── fetch_some_proxies │ ├── fetch_some_proxies.json │ └── fetch_some_proxies.yml ├── ffuf │ ├── ffuf.json │ └── ffuf.yml ├── fgdump │ ├── fgdump.json │ └── fgdump.yml ├── fileless_elf_exec │ ├── fileless_elf_exec.json │ └── fileless_elf_exec.yml ├── findstr │ ├── findstr.json │ └── findstr.yml ├── findsubdomains │ ├── findsubdomains.json │ └── findsubdomains.yml ├── firefox_decrypt │ ├── firefox_decrypt.json │ └── firefox_decrypt.yml ├── firesheep │ ├── firesheep.json │ └── firesheep.yml ├── fltMC │ ├── fltMC.json │ └── fltMC.yml ├── forkatz │ ├── forkatz.json │ └── forkatz.yml ├── forum_exploit_in │ ├── forum_exploit_in.json │ └── forum_exploit_in.yml ├── frampton │ ├── frampton.json │ └── frampton.yml ├── fscan │ ├── fscan.json │ └── fscan.yml ├── fsutil │ ├── fsutil.json │ └── fsutil.yml ├── fuegoshell │ ├── fuegoshell.json │ └── fuegoshell.yml ├── fuxploider │ ├── fuxploider.json │ └── fuxploider.yml ├── fuzz_txt │ ├── fuzz_txt.json │ └── fuzz_txt.yml ├── fuzzdb │ ├── fuzzdb.json │ └── fuzzdb.yml ├── gMSADumper │ ├── gMSADumper.json │ └── gMSADumper.yml ├── gTunnel │ ├── gTunnel.json │ └── gTunnel.yml ├── gateway_finder_imp │ ├── gateway_finder_imp.json │ └── gateway_finder_imp.yml ├── gato │ ├── gato.json │ └── gato.yml ├── gcat │ ├── gcat.json │ └── gcat.yml ├── genHTA │ ├── genHTA.json │ └── genHTA.yml ├── getExploit │ ├── getExploit.json │ └── getExploit.yml ├── getsploit │ ├── getsploit.json │ └── getsploit.yml ├── gh0st │ ├── gh0st.json │ └── gh0st.yml ├── ghauri │ ├── ghauri.json │ └── ghauri.yml ├── ghidra │ ├── ghidra.json │ └── ghidra.yml ├── ghostsocks │ ├── ghostsocks.json │ └── ghostsocks.yml ├── gimmeSH │ ├── gimmeSH.json │ └── gimmeSH.yml ├── gimmecredz │ ├── gimmecredz.json │ └── gimmecredz.yml ├── glit │ ├── glit.json │ └── glit.yml ├── gmer │ ├── gmer.json │ └── gmer.yml ├── goMatrixC2 │ ├── goMatrixC2.json │ └── goMatrixC2.yml ├── goPassGen │ ├── goPassGen.json │ └── goPassGen.yml ├── goWMIExec │ ├── goWMIExec.json │ └── goWMIExec.yml ├── goZulipC2 │ ├── goZulipC2.json │ └── goZulipC2.yml ├── go_lsass │ ├── go_lsass.json │ └── go_lsass.yml ├── go_secdump │ ├── go_secdump.json │ └── go_secdump.yml ├── gobfuscate │ ├── gobfuscate.json │ └── gobfuscate.yml ├── gobuster │ ├── gobuster.json │ └── gobuster.yml ├── gocrack │ ├── gocrack.json │ └── gocrack.yml ├── godoh │ ├── godoh.json │ └── godoh.yml ├── godpotato │ ├── godpotato.json │ └── godpotato.yml ├── golang_c2 │ ├── golang_c2.json │ └── golang_c2.yml ├── gophish │ ├── gophish.json │ └── gophish.yml ├── gosecretsdump │ ├── gosecretsdump.json │ └── gosecretsdump.yml ├── gost │ ├── gost.json │ └── gost.yml ├── gpp_decrypt │ ├── gpp_decrypt.json │ └── gpp_decrypt.yml ├── gsecdump │ ├── gsecdump.json │ └── gsecdump.yml ├── gsocket │ ├── gsocket.json │ └── gsocket.yml ├── gtfobins │ ├── gtfobins.json │ └── gtfobins.yml ├── h8mail │ ├── h8mail.json │ └── h8mail.yml ├── hXOR_Packer │ ├── hXOR_Packer.json │ └── hXOR_Packer.yml ├── hack_tools │ ├── hack_tools.json │ └── hack_tools.yml ├── hackingtool │ ├── hackingtool.json │ └── hackingtool.yml ├── hackshell │ ├── hackshell.json │ └── hackshell.yml ├── hacktricks_xyz │ ├── hacktricks_xyz.json │ └── hacktricks_xyz.yml ├── hades │ ├── hades.json │ └── hades.yml ├── hak5_cloudc2 │ ├── hak5_cloudc2.json │ └── hak5_cloudc2.yml ├── hakrawler │ ├── hakrawler.json │ └── hakrawler.yml ├── hashcat │ ├── hashcat.json │ └── hashcat.yml ├── hashcat_rule │ ├── hashcat_rule.json │ └── hashcat_rule.yml ├── hashview │ ├── hashview.json │ └── hashview.yml ├── havoc │ ├── havoc.json │ └── havoc.yml ├── hcxdumptool │ ├── hcxdumptool.json │ └── hcxdumptool.yml ├── hidden_tear │ ├── hidden_tear.json │ └── hidden_tear.yml ├── hiphp │ ├── hiphp.json │ └── hiphp.yml ├── hoaxshell │ ├── hoaxshell.json │ └── hoaxshell.yml ├── holehe │ ├── holehe.json │ └── holehe.yml ├── hookchain │ ├── hookchain.json │ └── hookchain.yml ├── hotkeyz │ ├── hotkeyz.json │ └── hotkeyz.yml ├── hping │ ├── hping.json │ └── hping.yml ├── hping3 │ ├── hping3.json │ └── hping3.yml ├── htran │ ├── htran.json │ └── htran.yml ├── htshells │ ├── htshells.json │ └── htshells.yml ├── https_portal │ ├── https_portal.json │ └── https_portal.yml ├── hyperion │ ├── hyperion.json │ └── hyperion.yml ├── hypobrychium │ ├── hypobrychium.json │ └── hypobrychium.yml ├── icebreaker │ ├── icebreaker.json │ └── icebreaker.yml ├── icmpsh │ ├── icmpsh.json │ └── icmpsh.yml ├── icmptunnel │ ├── icmptunnel.json │ └── icmptunnel.yml ├── impacket │ ├── impacket.json │ └── impacket.yml ├── impacketremoteshell │ ├── impacketremoteshell.json │ └── impacketremoteshell.yml ├── impersonate │ ├── impersonate.json │ └── impersonate.yml ├── impersonate_rs │ ├── impersonate_rs.json │ └── impersonate_rs.yml ├── inceptor │ ├── inceptor.json │ └── inceptor.yml ├── infernal_twin │ ├── infernal_twin.json │ └── infernal_twin.yml ├── injectify │ ├── injectify.json │ └── injectify.yml ├── interactsh │ ├── interactsh.json │ └── interactsh.yml ├── invoke_piper │ ├── invoke_piper.json │ └── invoke_piper.yml ├── iodine │ ├── iodine.json │ └── iodine.yml ├── ivy │ ├── ivy.json │ └── ivy.yml ├── jackdaw │ ├── jackdaw.json │ └── jackdaw.yml ├── jackit │ ├── jackit.json │ └── jackit.yml ├── java_deserialization_exploits │ ├── java_deserialization_exploits.json │ └── java_deserialization_exploits.yml ├── javascript_obfuscator │ ├── javascript_obfuscator.json │ └── javascript_obfuscator.yml ├── jecretz │ ├── jecretz.json │ └── jecretz.yml ├── john │ ├── john.json │ └── john.yml ├── joomscan │ ├── joomscan.json │ └── joomscan.yml ├── jwt_tool │ ├── jwt_tool.json │ └── jwt_tool.yml ├── kali │ ├── kali.json │ └── kali.yml ├── kali_anonsurf │ ├── kali_anonsurf.json │ └── kali_anonsurf.yml ├── kalitorify │ ├── kalitorify.json │ └── kalitorify.yml ├── katoolin3 │ ├── katoolin3.json │ └── katoolin3.yml ├── keepass_password_dumper │ ├── keepass_password_dumper.json │ └── keepass_password_dumper.yml ├── kekeo │ ├── kekeo.json │ └── kekeo.yml ├── kerberoast │ ├── kerberoast.json │ └── kerberoast.yml ├── kerbrute │ ├── kerbrute.json │ └── kerbrute.yml ├── keylogger │ ├── keylogger.json │ └── keylogger.yml ├── keylogger_keyword │ ├── keylogger_keyword.json │ └── keylogger_keyword.yml ├── keywa7 │ ├── keywa7.json │ └── keywa7.yml ├── kiglogger │ ├── kiglogger.json │ └── kiglogger.yml ├── killer │ ├── killer.json │ └── killer.yml ├── kismet │ ├── kismet.json │ └── kismet.yml ├── knowsmore │ ├── knowsmore.json │ └── knowsmore.yml ├── koadic │ ├── koadic.json │ └── koadic.yml ├── krackattacks_scripts │ ├── krackattacks_scripts.json │ └── krackattacks_scripts.yml ├── krbjack │ ├── krbjack.json │ └── krbjack.yml ├── krbrelayx │ ├── krbrelayx.json │ └── krbrelayx.yml ├── kubesploit │ ├── kubesploit.json │ └── kubesploit.yml ├── kwetza │ ├── kwetza.json │ └── kwetza.yml ├── ldapdomaindump │ ├── ldapdomaindump.json │ └── ldapdomaindump.yml ├── ldapminer │ ├── ldapminer.json │ └── ldapminer.yml ├── ldapnomnom │ ├── ldapnomnom.json │ └── ldapnomnom.yml ├── ldapsearch_ad │ ├── ldapsearch_ad.json │ └── ldapsearch_ad.yml ├── ldeep │ ├── ldeep.json │ └── ldeep.yml ├── legba │ ├── legba.json │ └── legba.yml ├── libprocesshider │ ├── libprocesshider.json │ └── libprocesshider.yml ├── ligolo │ ├── ligolo.json │ └── ligolo.yml ├── ligolo_ng │ ├── ligolo_ng.json │ └── ligolo_ng.yml ├── linWinPwn │ ├── linWinPwn.json │ └── linWinPwn.yml ├── linikatz │ ├── linikatz.json │ └── linikatz.yml ├── link │ ├── link.json │ └── link.yml ├── linux_exploit_suggester │ ├── linux_exploit_suggester.json │ └── linux_exploit_suggester.yml ├── linux_pam_backdoor │ ├── linux_pam_backdoor.json │ └── linux_pam_backdoor.yml ├── linux_smart_enumeration │ ├── linux_smart_enumeration.json │ └── linux_smart_enumeration.yml ├── linuxprivchecker │ ├── linuxprivchecker.json │ └── linuxprivchecker.yml ├── litefuzz │ ├── litefuzz.json │ └── litefuzz.yml ├── lnk2pwn │ ├── lnk2pwn.json │ └── lnk2pwn.yml ├── lnkbomb │ ├── lnkbomb.json │ └── lnkbomb.yml ├── localpotato │ ├── localpotato.json │ └── localpotato.yml ├── localtonet │ ├── localtonet.json │ └── localtonet.yml ├── logman │ ├── logman.json │ └── logman.yml ├── logon_backdoor │ ├── logon_backdoor.json │ └── logon_backdoor.yml ├── lolminer │ ├── lolminer.json │ └── lolminer.yml ├── lsarelayx │ ├── lsarelayx.json │ └── lsarelayx.yml ├── lsass │ ├── lsass.json │ └── lsass.yml ├── lsassy │ ├── lsassy.json │ └── lsassy.yml ├── lslsass │ ├── lslsass.json │ └── lslsass.yml ├── luckystrike │ ├── luckystrike.json │ └── luckystrike.yml ├── lyncsmash │ ├── lyncsmash.json │ └── lyncsmash.yml ├── m365_fatigue │ ├── m365_fatigue.json │ └── m365_fatigue.yml ├── mRemoteNG_Decrypt │ ├── mRemoteNG_Decrypt.json │ └── mRemoteNG_Decrypt.yml ├── macetrap │ ├── macetrap.json │ └── macetrap.yml ├── macro_pack │ ├── macro_pack.json │ └── macro_pack.yml ├── mail_in_the_middle │ ├── mail_in_the_middle.json │ └── mail_in_the_middle.yml ├── mailpv │ ├── mailpv.json │ └── mailpv.yml ├── malware │ ├── malware.json │ └── malware.yml ├── mars_stealer │ ├── mars_stealer.json │ └── mars_stealer.yml ├── masscan │ ├── masscan.json │ └── masscan.yml ├── merlin │ ├── merlin.json │ └── merlin.yml ├── merlin_agent │ ├── merlin_agent.json │ └── merlin_agent.yml ├── merlin_agent_dll │ ├── merlin_agent_dll.json │ └── merlin_agent_dll.yml ├── metagoofil │ ├── metagoofil.json │ └── metagoofil.yml ├── metame │ ├── metame.json │ └── metame.yml ├── metasploit │ ├── metasploit.json │ └── metasploit.yml ├── metasploit_payloads │ ├── metasploit_payloads.json │ └── metasploit_payloads.yml ├── metatwin │ ├── metatwin.json │ └── metatwin.yml ├── mhydeath │ ├── mhydeath.json │ └── mhydeath.yml ├── micr0_shell │ ├── micr0_shell.json │ └── micr0_shell.yml ├── mimidogz │ ├── mimidogz.json │ └── mimidogz.yml ├── mimikatz │ ├── mimikatz.json │ └── mimikatz.yml ├── mimikittenz │ ├── mimikittenz.json │ └── mimikittenz.yml ├── mimipenguin │ ├── mimipenguin.json │ └── mimipenguin.yml ├── mimipy │ ├── mimipy.json │ └── mimipy.yml ├── mitm6 │ ├── mitm6.json │ └── mitm6.yml ├── mitmAP │ ├── mitmAP.json │ └── mitmAP.yml ├── mitmproxy │ ├── mitmproxy.json │ └── mitmproxy.yml ├── mitmsocks4j │ ├── mitmsocks4j.json │ └── mitmsocks4j.yml ├── modDetective │ ├── modDetective.json │ └── modDetective.yml ├── monkey │ ├── monkey.json │ └── monkey.yml ├── moonwalk │ ├── moonwalk.json │ └── moonwalk.yml ├── morphHTA │ ├── morphHTA.json │ └── morphHTA.yml ├── mortar │ ├── mortar.json │ └── mortar.yml ├── mousejack │ ├── mousejack.json │ └── mousejack.yml ├── movfuscator │ ├── movfuscator.json │ └── movfuscator.yml ├── ms_appinstaller │ ├── ms_appinstaller.json │ └── ms_appinstaller.yml ├── msfpc │ ├── msfpc.json │ └── msfpc.yml ├── msfvenom │ ├── msfvenom.json │ └── msfvenom.yml ├── msi_search │ ├── msi_search.json │ └── msi_search.yml ├── msldapdump │ ├── msldapdump.json │ └── msldapdump.yml ├── mspass │ ├── mspass.json │ └── mspass.yml ├── mssqlproxy │ ├── mssqlproxy.json │ └── mssqlproxy.yml ├── mythic │ ├── mythic.json │ └── mythic.yml ├── nac_bypass │ ├── nac_bypass.json │ └── nac_bypass.yml ├── nanodump │ ├── nanodump.json │ └── nanodump.yml ├── nanorobeus │ ├── nanorobeus.json │ └── nanorobeus.yml ├── ncrack │ ├── ncrack.json │ └── ncrack.yml ├── nemesis │ ├── nemesis.json │ └── nemesis.yml ├── nessus │ ├── nessus.json │ └── nessus.yml ├── net_creds │ ├── net_creds.json │ └── net_creds.yml ├── netkit │ ├── netkit.json │ └── netkit.yml ├── netpass │ ├── netpass.json │ └── netpass.yml ├── netsniff_ng │ ├── netsniff_ng.json │ └── netsniff_ng.yml ├── nikto │ ├── nikto.json │ └── nikto.yml ├── nimbo_c2 │ ├── nimbo_c2.json │ └── nimbo_c2.yml ├── nimcrypt │ ├── nimcrypt.json │ └── nimcrypt.yml ├── nimplant │ ├── nimplant.json │ └── nimplant.yml ├── nimproxydll │ ├── nimproxydll.json │ └── nimproxydll.yml ├── nipe │ ├── nipe.json │ └── nipe.yml ├── nirsoft │ ├── nirsoft.json │ └── nirsoft.yml ├── nishang │ ├── nishang.json │ └── nishang.yml ├── nmap │ ├── nmap.json │ └── nmap.yml ├── noPac │ ├── noPac.json │ └── noPac.yml ├── no_defender │ ├── no_defender.json │ └── no_defender.yml ├── nopowershell │ ├── nopowershell.json │ └── nopowershell.yml ├── noseyparker │ ├── noseyparker.json │ └── noseyparker.yml ├── novelbfh │ ├── novelbfh.json │ └── novelbfh.yml ├── nping │ ├── nping.json │ └── nping.yml ├── nps │ ├── nps.json │ └── nps.yml ├── nps_payload │ ├── nps_payload.json │ └── nps_payload.yml ├── nsa_rules │ ├── nsa_rules.json │ └── nsa_rules.yml ├── nsocks │ ├── nsocks.json │ └── nsocks.yml ├── ntdissector │ ├── ntdissector.json │ └── ntdissector.yml ├── ntdlll_unhooking_collection │ ├── ntdlll_unhooking_collection.json │ └── ntdlll_unhooking_collection.yml ├── ntlm_pw │ ├── ntlm_pw.json │ └── ntlm_pw.yml ├── ntlmquic │ ├── ntlmquic.json │ └── ntlmquic.yml ├── ntlmscan │ ├── ntlmscan.json │ └── ntlmscan.yml ├── ntpescape │ ├── ntpescape.json │ └── ntpescape.yml ├── nullinux │ ├── nullinux.json │ └── nullinux.yml ├── nysm │ ├── nysm.json │ └── nysm.yml ├── o365_attack_toolkit │ ├── o365_attack_toolkit.json │ └── o365_attack_toolkit.yml ├── o365creeper │ ├── o365creeper.json │ └── o365creeper.yml ├── o365enum │ ├── o365enum.json │ └── o365enum.yml ├── o365recon │ ├── o365recon.json │ └── o365recon.yml ├── o365spray │ ├── o365spray.json │ └── o365spray.yml ├── obfy │ ├── obfy.json │ └── obfy.yml ├── octopus │ ├── octopus.json │ └── octopus.yml ├── omg_payloads │ ├── omg_payloads.json │ └── omg_payloads.yml ├── onedrive_user_enum │ ├── onedrive_user_enum.json │ └── onedrive_user_enum.yml ├── onesixtyone │ ├── onesixtyone.json │ └── onesixtyone.yml ├── onex │ ├── onex.json │ └── onex.yml ├── onionpipe │ ├── onionpipe.json │ └── onionpipe.yml ├── onionscan │ ├── onionscan.json │ └── onionscan.yml ├── openbullet │ ├── openbullet.json │ └── openbullet.yml ├── openvas │ ├── openvas.json │ └── openvas.yml ├── ophcrack │ ├── ophcrack.json │ └── ophcrack.yml ├── orbitaldump │ ├── orbitaldump.json │ └── orbitaldump.yml ├── p0f │ ├── p0f.json │ └── p0f.yml ├── p0wnedShell │ ├── p0wnedShell.json │ └── p0wnedShell.yml ├── p0wny_shell │ ├── p0wny_shell.json │ └── p0wny_shell.yml ├── pac2 │ ├── pac2.json │ └── pac2.yml ├── pacu │ ├── pacu.json │ └── pacu.yml ├── padre │ ├── padre.json │ └── padre.yml ├── pamspy │ ├── pamspy.json │ └── pamspy.yml ├── pandora │ ├── pandora.json │ └── pandora.yml ├── panix │ ├── panix.json │ └── panix.yml ├── parrot_os │ ├── parrot_os.json │ └── parrot_os.yml ├── passphrase_wordlist │ ├── passphrase_wordlist.json │ └── passphrase_wordlist.yml ├── passwordfox │ ├── passwordfox.json │ └── passwordfox.yml ├── pastehakk │ ├── pastehakk.json │ └── pastehakk.yml ├── patator │ ├── patator.json │ └── patator.yml ├── peCloak │ ├── peCloak.json │ └── peCloak.yml ├── pe_to_shellcode │ ├── pe_to_shellcode.json │ └── pe_to_shellcode.yml ├── peeping_tom │ ├── peeping_tom.json │ └── peeping_tom.yml ├── pendulum │ ├── pendulum.json │ └── pendulum.yml ├── pentest_machine │ ├── pentest_machine.json │ └── pentest_machine.yml ├── pentest_tools_com │ ├── pentest_tools_com.json │ └── pentest_tools_com.yml ├── pentestbox │ ├── pentestbox.json │ └── pentestbox.yml ├── persistence_demos │ ├── persistence_demos.json │ └── persistence_demos.yml ├── petipotam │ ├── petipotam.json │ └── petipotam.yml ├── phishery │ ├── phishery.json │ └── phishery.yml ├── phishing_HTML_linter │ ├── phishing_HTML_linter.json │ └── phishing_HTML_linter.yml ├── php_reverse_shell │ ├── php_reverse_shell.json │ └── php_reverse_shell.yml ├── phuip_fpizdam │ ├── phuip_fpizdam.json │ └── phuip_fpizdam.yml ├── physmem2profit │ ├── physmem2profit.json │ └── physmem2profit.yml ├── pico │ ├── pico.json │ └── pico.yml ├── ping_sweep │ ├── ping_sweep.json │ └── ping_sweep.yml ├── pingcastle │ ├── pingcastle.json │ └── pingcastle.yml ├── pivotnacci │ ├── pivotnacci.json │ └── pivotnacci.yml ├── poisontap │ ├── poisontap.json │ └── poisontap.yml ├── polenum │ ├── polenum.json │ └── polenum.yml ├── portscan │ ├── portscan.json │ └── portscan.yml ├── poshc2 │ ├── poshc2.json │ └── poshc2.yml ├── potato │ ├── potato.json │ └── potato.yml ├── power_pwn │ ├── power_pwn.json │ └── power_pwn.yml ├── powercat │ ├── powercat.json │ └── powercat.yml ├── powerextract │ ├── powerextract.json │ └── powerextract.yml ├── powershell │ ├── powershell.json │ └── powershell.yml ├── powerview │ ├── powerview.json │ └── powerview.yml ├── ppldump │ ├── ppldump.json │ └── ppldump.yml ├── precompiled_binaries │ ├── precompiled_binaries.json │ └── precompiled_binaries.yml ├── prefetch_tool │ ├── prefetch_tool.json │ └── prefetch_tool.yml ├── pretender │ ├── pretender.json │ └── pretender.yml ├── primusC2 │ ├── primusC2.json │ └── primusC2.yml ├── produkey │ ├── produkey.json │ └── produkey.yml ├── prometheus │ ├── prometheus.json │ └── prometheus.yml ├── proxychains │ ├── proxychains.json │ └── proxychains.yml ├── psgetsystem │ ├── psgetsystem.json │ └── psgetsystem.yml ├── psobf │ ├── psobf.json │ └── psobf.yml ├── pspy │ ├── pspy.json │ └── pspy.yml ├── pth_toolkit │ ├── pth_toolkit.json │ └── pth_toolkit.yml ├── ptunnel_ng │ ├── ptunnel_ng.json │ └── ptunnel_ng.yml ├── pupy │ ├── pupy.json │ └── pupy.yml ├── pwcrack_framework │ ├── pwcrack_framework.json │ └── pwcrack_framework.yml ├── pwdump │ ├── pwdump.json │ └── pwdump.yml ├── pwn_jenkins │ ├── pwn_jenkins.json │ └── pwn_jenkins.yml ├── pwnagotchi │ ├── pwnagotchi.json │ └── pwnagotchi.yml ├── pwnat │ ├── pwnat.json │ └── pwnat.yml ├── pwndrop │ ├── pwndrop.json │ └── pwndrop.yml ├── pwnlook │ ├── pwnlook.json │ └── pwnlook.yml ├── pxethief │ ├── pxethief.json │ └── pxethief.yml ├── pyGPOAbuse │ ├── pyGPOAbuse.json │ └── pyGPOAbuse.yml ├── pyLAPS │ ├── pyLAPS.json │ └── pyLAPS.yml ├── pydictor │ ├── pydictor.json │ └── pydictor.yml ├── pymultitor │ ├── pymultitor.json │ └── pymultitor.yml ├── pyobfuscate │ ├── pyobfuscate.json │ └── pyobfuscate.yml ├── pypykatz │ ├── pypykatz.json │ └── pypykatz.yml ├── pyrdp │ ├── pyrdp.json │ └── pyrdp.yml ├── pysecdump │ ├── pysecdump.json │ └── pysecdump.yml ├── pyshell │ ├── pyshell.json │ └── pyshell.yml ├── pysnaffler │ ├── pysnaffler.json │ └── pysnaffler.yml ├── pysoserial │ ├── pysoserial.json │ └── pysoserial.yml ├── pysoxy │ ├── pysoxy.json │ └── pysoxy.yml ├── pywerview │ ├── pywerview.json │ └── pywerview.yml ├── pywhisker │ ├── pywhisker.json │ └── pywhisker.yml ├── pywsus │ ├── pywsus.json │ └── pywsus.yml ├── quarkspwdump │ ├── quarkspwdump.json │ └── quarkspwdump.yml ├── quiet_riot │ ├── quiet_riot.json │ └── quiet_riot.yml ├── r77_rootkit │ ├── r77_rootkit.json │ └── r77_rootkit.yml ├── ransomware_notes │ ├── ransomware_notes.json │ └── ransomware_notes.yml ├── rapid7 │ ├── rapid7.json │ └── rapid7.yml ├── ratchatgpt │ ├── ratchatgpt.json │ └── ratchatgpt.yml ├── ratchatpt │ ├── ratchatpt.json │ └── ratchatpt.yml ├── rattler │ ├── rattler.json │ └── rattler.yml ├── rdpscraper │ ├── rdpscraper.json │ └── rdpscraper.yml ├── rdpv │ ├── rdpv.json │ └── rdpv.yml ├── reGeorg │ ├── reGeorg.json │ └── reGeorg.yml ├── reaper │ ├── reaper.json │ └── reaper.yml ├── reapoc │ ├── reapoc.json │ └── reapoc.yml ├── recaptcha_phish │ ├── recaptcha_phish.json │ └── recaptcha_phish.yml ├── recon_archy │ ├── recon_archy.json │ └── recon_archy.yml ├── reconftw │ ├── reconftw.json │ └── reconftw.yml ├── red_hawk │ ├── red_hawk.json │ └── red_hawk.yml ├── red_python_scripts │ ├── red_python_scripts.json │ └── red_python_scripts.yml ├── red_team_scripts │ ├── red_team_scripts.json │ └── red_team_scripts.yml ├── redhuntlabs │ ├── redhuntlabs.json │ └── redhuntlabs.yml ├── redis_rce │ ├── redis_rce.json │ └── redis_rce.yml ├── redpill │ ├── redpill.json │ └── redpill.yml ├── regreeper │ ├── regreeper.json │ └── regreeper.yml ├── remote_method_guesser │ ├── remote_method_guesser.json │ └── remote_method_guesser.yml ├── rengine │ ├── rengine.json │ └── rengine.yml ├── resocks │ ├── resocks.json │ └── resocks.yml ├── responder │ ├── responder.json │ └── responder.yml ├── revbshell │ ├── revbshell.json │ └── revbshell.yml ├── reverse_shell_generator │ ├── reverse_shell_generator.json │ └── reverse_shell_generator.yml ├── reverse_ssh │ ├── reverse_ssh.json │ └── reverse_ssh.yml ├── reverst │ ├── reverst.json │ └── reverst.yml ├── revsocks │ ├── revsocks.json │ └── revsocks.yml ├── ridrelay │ ├── ridrelay.json │ └── ridrelay.yml ├── rmdir │ ├── rmdir.json │ └── rmdir.yml ├── ropfuscator │ ├── ropfuscator.json │ └── ropfuscator.yml ├── rotateproxy │ ├── rotateproxy.json │ └── rotateproxy.yml ├── routerpasswords_com │ ├── routerpasswords_com.json │ └── routerpasswords_com.yml ├── routersploit │ ├── routersploit.json │ └── routersploit.yml ├── rpivot │ ├── rpivot.json │ └── rpivot.yml ├── rs_shell │ ├── rs_shell.json │ └── rs_shell.yml ├── rsg │ ├── rsg.json │ └── rsg.yml ├── rshijack │ ├── rshijack.json │ └── rshijack.yml ├── rsockstun │ ├── rsockstun.json │ └── rsockstun.yml ├── rsocx │ ├── rsocx.json │ └── rsocx.yml ├── ruler │ ├── ruler.json │ └── ruler.yml ├── rustcat │ ├── rustcat.json │ └── rustcat.yml ├── rwxfinder │ ├── rwxfinder.json │ └── rwxfinder.yml ├── sRDI │ ├── sRDI.json │ └── sRDI.yml ├── saint │ ├── saint.json │ └── saint.yml ├── sam_the_admin │ ├── sam_the_admin.json │ └── sam_the_admin.yml ├── samdump │ ├── samdump.json │ └── samdump.yml ├── samdump2 │ ├── samdump2.json │ └── samdump2.yml ├── sandcat │ ├── sandcat.json │ └── sandcat.yml ├── saycheese │ ├── saycheese.json │ └── saycheese.yml ├── scan4all │ ├── scan4all.json │ └── scan4all.yml ├── scanless │ ├── scanless.json │ └── scanless.yml ├── sccmdecryptpoc │ ├── sccmdecryptpoc.json │ └── sccmdecryptpoc.yml ├── sccmhunter │ ├── sccmhunter.json │ └── sccmhunter.yml ├── scshell │ ├── scshell.json │ └── scshell.yml ├── seatbelt │ ├── seatbelt.json │ └── seatbelt.yml ├── secretfinder │ ├── secretfinder.json │ └── secretfinder.yml ├── secretsdump │ ├── secretsdump.json │ └── secretsdump.yml ├── securesocketfunneling │ ├── securesocketfunneling.json │ └── securesocketfunneling.yml ├── security_onion │ ├── security_onion.json │ └── security_onion.yml ├── sgn │ ├── sgn.json │ └── sgn.yml ├── shad0w │ ├── shad0w.json │ └── shad0w.yml ├── sharpcollection │ ├── sharpcollection.json │ └── sharpcollection.yml ├── sharphound │ ├── sharphound.json │ └── sharphound.yml ├── shellcodetester │ ├── shellcodetester.json │ └── shellcodetester.yml ├── shellsilo │ ├── shellsilo.json │ └── shellsilo.yml ├── shhmon │ ├── shhmon.json │ └── shhmon.yml ├── shodan_io │ ├── shodan_io.json │ └── shodan_io.yml ├── shootback │ ├── shootback.json │ └── shootback.yml ├── shutter │ ├── shutter.json │ └── shutter.yml ├── silenttrinity │ ├── silenttrinity.json │ └── silenttrinity.yml ├── slip │ ├── slip.json │ └── slip.yml ├── sliver │ ├── sliver.json │ └── sliver.yml ├── smartbrute │ ├── smartbrute.json │ └── smartbrute.yml ├── smb_reverse_shell │ ├── smb_reverse_shell.json │ └── smb_reverse_shell.yml ├── smb_scanner │ ├── smb_scanner.json │ └── smb_scanner.yml ├── smbcrawler │ ├── smbcrawler.json │ └── smbcrawler.yml ├── smbmap │ ├── smbmap.json │ └── smbmap.yml ├── smbscan │ ├── smbscan.json │ └── smbscan.yml ├── smtp_user_enum │ ├── smtp_user_enum.json │ └── smtp_user_enum.yml ├── smuggler_py │ ├── smuggler_py.json │ └── smuggler_py.yml ├── snallygaster │ ├── snallygaster.json │ └── snallygaster.yml ├── sniffer │ ├── sniffer.json │ └── sniffer.yml ├── sniffglue │ ├── sniffglue.json │ └── sniffglue.yml ├── snmpwn │ ├── snmpwn.json │ └── snmpwn.yml ├── socat │ ├── socat.json │ └── socat.yml ├── social_engineer_toolkit │ ├── social_engineer_toolkit.json │ └── social_engineer_toolkit.yml ├── specula │ ├── specula.json │ └── specula.yml ├── spellbound │ ├── spellbound.json │ └── spellbound.yml ├── spiderfoot │ ├── spiderfoot.json │ └── spiderfoot.yml ├── spinningteacup │ ├── spinningteacup.json │ └── spinningteacup.yml ├── spoofing_office_macro │ ├── spoofing_office_macro.json │ └── spoofing_office_macro.yml ├── spoolsploit │ ├── spoolsploit.json │ └── spoolsploit.yml ├── spraycharles │ ├── spraycharles.json │ └── spraycharles.yml ├── sprayhound │ ├── sprayhound.json │ └── sprayhound.yml ├── spraykatz │ ├── spraykatz.json │ └── spraykatz.yml ├── spring_core_rce │ ├── spring_core_rce.json │ └── spring_core_rce.yml ├── sqli_labs │ ├── sqli_labs.json │ └── sqli_labs.yml ├── sqlipy │ ├── sqlipy.json │ └── sqlipy.yml ├── sqlmap │ ├── sqlmap.json │ └── sqlmap.yml ├── sqlninja │ ├── sqlninja.json │ └── sqlninja.yml ├── ssfd │ ├── ssfd.json │ └── ssfd.yml ├── sshLooterC │ ├── sshLooterC.json │ └── sshLooterC.yml ├── ssh_auditor │ ├── ssh_auditor.json │ └── ssh_auditor.yml ├── ssh_mitm │ ├── ssh_mitm.json │ └── ssh_mitm.yml ├── sshamble │ ├── sshamble.json │ └── sshamble.yml ├── sshame │ ├── sshame.json │ └── sshame.yml ├── sshimpanzee │ ├── sshimpanzee.json │ └── sshimpanzee.yml ├── sslstrip │ ├── sslstrip.json │ └── sslstrip.yml ├── statistically_likely_usernames │ ├── statistically_likely_usernames.json │ └── statistically_likely_usernames.yml ├── stowaway │ ├── stowaway.json │ └── stowaway.yml ├── subbrute │ ├── subbrute.json │ └── subbrute.yml ├── subfinder │ ├── subfinder.json │ └── subfinder.yml ├── sudoSnatch │ ├── sudoSnatch.json │ └── sudoSnatch.yml ├── sudo_inject │ ├── sudo_inject.json │ └── sudo_inject.yml ├── supershell │ ├── supershell.json │ └── supershell.yml ├── susinternals │ ├── susinternals.json │ └── susinternals.yml ├── sysmonquiet │ ├── sysmonquiet.json │ └── sysmonquiet.yml ├── t14m4t │ ├── t14m4t.json │ └── t14m4t.yml ├── taowu_cobalt_strike │ ├── taowu_cobalt_strike.json │ └── taowu_cobalt_strike.yml ├── targetedKerberoast │ ├── targetedKerberoast.json │ └── targetedKerberoast.yml ├── taskkill │ ├── taskkill.json │ └── taskkill.yml ├── tcpreplay │ ├── tcpreplay.json │ └── tcpreplay.yml ├── teams_dump │ ├── teams_dump.json │ └── teams_dump.yml ├── teamsphisher │ ├── teamsphisher.json │ └── teamsphisher.yml ├── teamstracker │ ├── teamstracker.json │ └── teamstracker.yml ├── tetanus │ ├── tetanus.json │ └── tetanus.yml ├── thc_hydra │ ├── thc_hydra.json │ └── thc_hydra.yml ├── theHarvester │ ├── theHarvester.json │ └── theHarvester.yml ├── the_backdoor_factory │ ├── the_backdoor_factory.json │ └── the_backdoor_factory.yml ├── themebleed │ ├── themebleed.json │ └── themebleed.yml ├── thoth │ ├── thoth.json │ └── thoth.yml ├── ticket_converter │ ├── ticket_converter.json │ └── ticket_converter.yml ├── tor2web │ ├── tor2web.json │ └── tor2web.yml ├── torproject │ ├── torproject.json │ └── torproject.yml ├── tplmap │ ├── tplmap.json │ └── tplmap.yml ├── trackerjacker │ ├── trackerjacker.json │ └── trackerjacker.yml ├── traitor │ ├── traitor.json │ └── traitor.yml ├── trevorc2 │ ├── trevorc2.json │ └── trevorc2.yml ├── tricky_lnk │ ├── tricky_lnk.json │ └── tricky_lnk.yml ├── truffleHog │ ├── truffleHog.json │ └── truffleHog.yml ├── tsh │ ├── tsh.json │ └── tsh.yml ├── tsh_go │ ├── tsh_go.json │ └── tsh_go.yml ├── tun2socks │ ├── tun2socks.json │ └── tun2socks.yml ├── twittor │ ├── twittor.json │ └── twittor.yml ├── udmp_parser │ ├── udmp_parser.json │ └── udmp_parser.yml ├── unDefender │ ├── unDefender.json │ └── unDefender.yml ├── undertheradar │ ├── undertheradar.json │ └── undertheradar.yml ├── unicorn │ ├── unicorn.json │ └── unicorn.yml ├── unshackle │ ├── unshackle.json │ └── unshackle.yml ├── upload_nolog_cz │ ├── upload_nolog_cz.json │ └── upload_nolog_cz.yml ├── usbmon │ ├── usbmon.json │ └── usbmon.yml ├── usbpcap │ ├── usbpcap.json │ └── usbpcap.yml ├── username_anarchy │ ├── username_anarchy.json │ └── username_anarchy.yml ├── vRealizeLogInsightRCE │ ├── vRealizeLogInsightRCE.json │ └── vRealizeLogInsightRCE.yml ├── var0xshell │ ├── var0xshell.json │ └── var0xshell.yml ├── vbad │ ├── vbad.json │ └── vbad.yml ├── vcsmap │ ├── vcsmap.json │ └── vcsmap.yml ├── veeam_creds │ ├── veeam_creds.json │ └── veeam_creds.yml ├── venom │ ├── venom.json │ └── venom.yml ├── viperc2 │ ├── viperc2.json │ └── viperc2.yml ├── vncpwdump │ ├── vncpwdump.json │ └── vncpwdump.yml ├── w3af │ ├── w3af.json │ └── w3af.yml ├── wafw00f │ ├── wafw00f.json │ └── wafw00f.yml ├── wapiti │ ├── wapiti.json │ └── wapiti.yml ├── warberry │ ├── warberry.json │ └── warberry.yml ├── wce │ ├── wce.json │ └── wce.yml ├── wcreddump │ ├── wcreddump.json │ └── wcreddump.yml ├── wePWNise │ ├── wePWNise.json │ └── wePWNise.yml ├── weakpass │ ├── weakpass.json │ └── weakpass.yml ├── webBrowserPassView │ ├── webBrowserPassView.json │ └── webBrowserPassView.yml ├── web_hacking_toolkit │ ├── web_hacking_toolkit.json │ └── web_hacking_toolkit.yml ├── webshell │ ├── webshell.json │ └── webshell.yml ├── webtrufflehog │ ├── webtrufflehog.json │ └── webtrufflehog.yml ├── weevely │ ├── weevely.json │ └── weevely.yml ├── wfuzz │ ├── wfuzz.json │ └── wfuzz.yml ├── whatlicense │ ├── whatlicense.json │ └── whatlicense.yml ├── whiskeysamlandfriends │ ├── whiskeysamlandfriends.json │ └── whiskeysamlandfriends.yml ├── whoami │ ├── whoami.json │ └── whoami.yml ├── wifi_arsenal │ ├── wifi_arsenal.json │ └── wifi_arsenal.yml ├── wifi_bruteforcer_fsecurify │ ├── wifi_bruteforcer_fsecurify.json │ └── wifi_bruteforcer_fsecurify.yml ├── wifi_bruteforcer_fsecurity │ ├── wifi_bruteforcer_fsecurity.json │ └── wifi_bruteforcer_fsecurity.yml ├── wifibroot │ ├── wifibroot.json │ └── wifibroot.yml ├── wifigrabber │ ├── wifigrabber.json │ └── wifigrabber.yml ├── wifijammer │ ├── wifijammer.json │ └── wifijammer.yml ├── wifiphisher │ ├── wifiphisher.json │ └── wifiphisher.yml ├── wifite2 │ ├── wifite2.json │ └── wifite2.yml ├── winPEAS │ ├── winPEAS.json │ └── winPEAS.yml ├── win_brute_logon │ ├── win_brute_logon.json │ └── win_brute_logon.yml ├── windapsearch │ ├── windapsearch.json │ └── windapsearch.yml ├── windows_defender_remover │ ├── windows_defender_remover.json │ └── windows_defender_remover.yml ├── windows_login_phish │ ├── windows_login_phish.json │ └── windows_login_phish.yml ├── windows_privesc_check │ ├── windows_privesc_check.json │ └── windows_privesc_check.yml ├── winexe │ ├── winexe.json │ └── winexe.yml ├── winsos_poc │ ├── winsos_poc.json │ └── winsos_poc.yml ├── wiresocks │ ├── wiresocks.json │ └── wiresocks.yml ├── wmiexec │ ├── wmiexec.json │ └── wmiexec.yml ├── wmiexec2 │ ├── wmiexec2.json │ └── wmiexec2.yml ├── wmiexec_pro │ ├── wmiexec_pro.json │ └── wmiexec_pro.yml ├── wordlists │ ├── wordlists.json │ └── wordlists.yml ├── wordsmith │ ├── wordsmith.json │ └── wordsmith.yml ├── wpaf │ ├── wpaf.json │ └── wpaf.yml ├── wraith │ ├── wraith.json │ └── wraith.yml ├── wso_webshell │ ├── wso_webshell.json │ └── wso_webshell.yml ├── wstunnel │ ├── wstunnel.json │ └── wstunnel.yml ├── wsuxploit │ ├── wsuxploit.json │ └── wsuxploit.yml ├── xeno_rat │ ├── xeno_rat.json │ └── xeno_rat.yml ├── xrdp │ ├── xrdp.json │ └── xrdp.yml ├── xspy │ ├── xspy.json │ └── xspy.yml ├── xspy__display │ ├── xspy__display.json │ └── xspy__display.yml ├── xss_labs │ ├── xss_labs.json │ └── xss_labs.yml ├── xz │ ├── xz.json │ └── xz.yml ├── yodo │ ├── yodo.json │ └── yodo.yml ├── ysoserial_net │ ├── ysoserial_net.json │ └── ysoserial_net.yml ├── zarp │ ├── zarp.json │ └── zarp.yml ├── zeroday_powershell │ ├── zeroday_powershell.json │ └── zeroday_powershell.yml ├── zerologon │ ├── zerologon.json │ └── zerologon.yml └── zerosum0x0 │ ├── zerosum0x0.json │ └── zerosum0x0.yml └── signatures ├── Antivirus_Signature ├── Antivirus_Signature.json └── Antivirus_Signature.yml ├── Lumma_Stealer ├── Lumma_Stealer.json └── Lumma_Stealer.yml └── sshdoor ├── sshdoor.json └── sshdoor.yml /.github/FUNDING.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/.github/FUNDING.yml -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/.gitignore -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/README.md -------------------------------------------------------------------------------- /_utils/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/_utils/README.md -------------------------------------------------------------------------------- /_utils/_find_requierements.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/_utils/_find_requierements.py -------------------------------------------------------------------------------- /_utils/create_json_files.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/_utils/create_json_files.py -------------------------------------------------------------------------------- /_utils/create_sigma_rules.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/_utils/create_sigma_rules.py -------------------------------------------------------------------------------- /_utils/download_hunting_keywords.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/_utils/download_hunting_keywords.py -------------------------------------------------------------------------------- /_utils/main.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/_utils/main.py -------------------------------------------------------------------------------- /_utils/requirements.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/_utils/requirements.txt -------------------------------------------------------------------------------- /_utils/threathunting-keywords.csv: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/_utils/threathunting-keywords.csv -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/1ty_me/1ty_me.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/1ty_me/1ty_me.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/1ty_me/1ty_me.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/1ty_me/1ty_me.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/3proxy/3proxy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/3proxy/3proxy.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/3proxy/3proxy.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/3proxy/3proxy.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/APT/APT.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/APT/APT.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/APT/APT.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/APT/APT.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/AVDump/AVDump.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/AVDump/AVDump.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/AVDump/AVDump.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/AVDump/AVDump.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/Atera/Atera.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/Atera/Atera.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/Atera/Atera.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/Atera/Atera.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/AutoIt/AutoIt.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/AutoIt/AutoIt.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/AutoIt/AutoIt.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/AutoIt/AutoIt.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/Avast/Avast.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/Avast/Avast.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/Avast/Avast.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/Avast/Avast.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/Bomgar/Bomgar.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/Bomgar/Bomgar.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/Bomgar/Bomgar.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/Bomgar/Bomgar.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/Box/Box.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/Box/Box.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/Box/Box.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/Box/Box.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/Cmdkey/Cmdkey.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/Cmdkey/Cmdkey.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/Cmdkey/Cmdkey.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/Cmdkey/Cmdkey.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/DotVPN/DotVPN.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/DotVPN/DotVPN.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/DotVPN/DotVPN.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/DotVPN/DotVPN.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/Excel/Excel.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/Excel/Excel.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/Excel/Excel.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/Excel/Excel.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/Getcap/Getcap.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/Getcap/Getcap.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/Getcap/Getcap.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/Getcap/Getcap.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/Neo4j/Neo4j.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/Neo4j/Neo4j.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/Neo4j/Neo4j.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/Neo4j/Neo4j.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/PAExec/PAExec.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/PAExec/PAExec.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/PAExec/PAExec.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/PAExec/PAExec.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/PP_VPN/PP_VPN.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/PP_VPN/PP_VPN.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/PP_VPN/PP_VPN.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/PP_VPN/PP_VPN.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/Portr/Portr.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/Portr/Portr.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/Portr/Portr.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/Portr/Portr.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/Quasar/Quasar.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/Quasar/Quasar.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/Quasar/Quasar.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/Quasar/Quasar.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/Radmin/Radmin.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/Radmin/Radmin.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/Radmin/Radmin.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/Radmin/Radmin.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/RemCom/RemCom.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/RemCom/RemCom.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/RemCom/RemCom.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/RemCom/RemCom.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/RusVPN/RusVPN.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/RusVPN/RusVPN.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/RusVPN/RusVPN.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/RusVPN/RusVPN.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/SetACL/SetACL.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/SetACL/SetACL.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/SetACL/SetACL.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/SetACL/SetACL.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/Upnet/Upnet.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/Upnet/Upnet.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/Upnet/Upnet.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/Upnet/Upnet.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/VPN_AC/VPN_AC.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/VPN_AC/VPN_AC.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/VPN_AC/VPN_AC.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/VPN_AC/VPN_AC.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/Veee/Veee.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/Veee/Veee.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/Veee/Veee.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/Veee/Veee.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/WeVPN/WeVPN.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/WeVPN/WeVPN.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/WeVPN/WeVPN.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/WeVPN/WeVPN.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/WinSCP/WinSCP.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/WinSCP/WinSCP.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/WinSCP/WinSCP.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/WinSCP/WinSCP.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/_/_.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/_/_.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/_/_.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/_/_.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/adfind/adfind.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/adfind/adfind.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/adfind/adfind.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/adfind/adfind.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/adget/adget.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/adget/adget.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/adget/adget.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/adget/adget.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/arp/arp.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/arp/arp.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/arp/arp.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/arp/arp.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/assoc/assoc.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/assoc/assoc.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/assoc/assoc.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/assoc/assoc.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/atnow/atnow.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/atnow/atnow.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/atnow/atnow.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/atnow/atnow.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/attrib/attrib.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/attrib/attrib.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/attrib/attrib.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/attrib/attrib.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/auditd/auditd.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/auditd/auditd.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/auditd/auditd.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/auditd/auditd.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/auvik/auvik.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/auvik/auvik.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/auvik/auvik.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/auvik/auvik.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/aweray/aweray.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/aweray/aweray.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/aweray/aweray.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/aweray/aweray.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/awk/awk.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/awk/awk.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/awk/awk.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/awk/awk.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/base64/base64.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/base64/base64.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/base64/base64.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/base64/base64.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/bash/bash.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/bash/bash.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/bash/bash.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/bash/bash.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/bcedit/bcedit.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/bcedit/bcedit.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/bcedit/bcedit.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/bcedit/bcedit.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/bore/bore.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/bore/bore.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/bore/bore.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/bore/bore.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/burrow/burrow.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/burrow/burrow.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/burrow/burrow.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/burrow/burrow.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/cat/cat.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/cat/cat.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/cat/cat.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/cat/cat.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/certoc/certoc.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/certoc/certoc.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/certoc/certoc.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/certoc/certoc.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/chattr/chattr.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/chattr/chattr.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/chattr/chattr.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/chattr/chattr.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/chcp/chcp.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/chcp/chcp.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/chcp/chcp.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/chcp/chcp.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/copy/copy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/copy/copy.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/copy/copy.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/copy/copy.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/cp/cp.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/cp/cp.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/cp/cp.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/cp/cp.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/croc/croc.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/croc/croc.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/croc/croc.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/croc/croc.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/crond/crond.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/crond/crond.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/crond/crond.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/crond/crond.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/csvde/csvde.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/csvde/csvde.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/csvde/csvde.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/csvde/csvde.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/curl/curl.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/curl/curl.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/curl/curl.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/curl/curl.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/cut/cut.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/cut/cut.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/cut/cut.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/cut/cut.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/cytool/cytool.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/cytool/cytool.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/cytool/cytool.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/cytool/cytool.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/dd/dd.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/dd/dd.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/dd/dd.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/dd/dd.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/del/del.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/del/del.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/del/del.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/del/del.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/dig/dig.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/dig/dig.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/dig/dig.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/dig/dig.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/dir/dir.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/dir/dir.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/dir/dir.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/dir/dir.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/dns/dns.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/dns/dns.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/dns/dns.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/dns/dns.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/dnscmd/dnscmd.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/dnscmd/dnscmd.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/dnscmd/dnscmd.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/dnscmd/dnscmd.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/echo/echo.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/echo/echo.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/echo/echo.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/echo/echo.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/eraser/eraser.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/eraser/eraser.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/eraser/eraser.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/eraser/eraser.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/esxcli/esxcli.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/esxcli/esxcli.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/esxcli/esxcli.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/esxcli/esxcli.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/export/export.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/export/export.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/export/export.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/export/export.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/expose/expose.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/expose/expose.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/expose/expose.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/expose/expose.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/find/find.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/find/find.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/find/find.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/find/find.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/frp/frp.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/frp/frp.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/frp/frp.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/frp/frp.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/ftype/ftype.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/ftype/ftype.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/ftype/ftype.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/ftype/ftype.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/getent/getent.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/getent/getent.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/getent/getent.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/getent/getent.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/github/github.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/github/github.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/github/github.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/github/github.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/gost/gost.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/gost/gost.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/gost/gost.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/gost/gost.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/gpg/gpg.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/gpg/gpg.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/gpg/gpg.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/gpg/gpg.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/grep/grep.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/grep/grep.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/grep/grep.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/grep/grep.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/gt/gt.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/gt/gt.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/gt/gt.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/gt/gt.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/icacls/icacls.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/icacls/icacls.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/icacls/icacls.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/icacls/icacls.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/icalcs/icalcs.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/icalcs/icalcs.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/icalcs/icalcs.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/icalcs/icalcs.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/ip/ip.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/ip/ip.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/ip/ip.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/ip/ip.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/ipscan/ipscan.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/ipscan/ipscan.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/ipscan/ipscan.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/ipscan/ipscan.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/ivy/ivy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/ivy/ivy.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/ivy/ivy.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/ivy/ivy.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/jprq/jprq.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/jprq/jprq.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/jprq/jprq.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/jprq/jprq.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/ldifde/ldifde.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/ldifde/ldifde.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/ldifde/ldifde.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/ldifde/ldifde.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/linux/linux.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/linux/linux.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/linux/linux.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/linux/linux.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/ln/ln.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/ln/ln.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/ln/ln.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/ln/ln.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/locate/locate.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/locate/locate.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/locate/locate.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/locate/locate.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/ls/ls.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/ls/ls.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/ls/ls.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/ls/ls.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/mkdir/mkdir.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/mkdir/mkdir.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/mkdir/mkdir.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/mkdir/mkdir.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/mshta/mshta.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/mshta/mshta.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/mshta/mshta.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/mshta/mshta.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/mv/mv.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/mv/mv.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/mv/mv.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/mv/mv.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/nc/nc.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/nc/nc.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/nc/nc.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/nc/nc.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/ncat/ncat.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/ncat/ncat.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/ncat/ncat.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/ncat/ncat.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/net/net.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/net/net.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/net/net.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/net/net.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/netcat/netcat.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/netcat/netcat.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/netcat/netcat.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/netcat/netcat.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/netsh/netsh.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/netsh/netsh.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/netsh/netsh.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/netsh/netsh.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/ngrok/ngrok.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/ngrok/ngrok.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/ngrok/ngrok.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/ngrok/ngrok.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/nircmd/nircmd.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/nircmd/nircmd.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/nircmd/nircmd.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/nircmd/nircmd.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/nltest/nltest.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/nltest/nltest.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/nltest/nltest.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/nltest/nltest.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/nping/nping.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/nping/nping.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/nping/nping.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/nping/nping.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/oset/oset.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/oset/oset.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/oset/oset.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/oset/oset.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/passwd/passwd.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/passwd/passwd.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/passwd/passwd.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/passwd/passwd.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/pgrok/pgrok.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/pgrok/pgrok.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/pgrok/pgrok.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/pgrok/pgrok.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/php/php.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/php/php.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/php/php.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/php/php.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/pinggy/pinggy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/pinggy/pinggy.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/pinggy/pinggy.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/pinggy/pinggy.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/pktmon/pktmon.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/pktmon/pktmon.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/pktmon/pktmon.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/pktmon/pktmon.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/plink/plink.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/plink/plink.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/plink/plink.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/plink/plink.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/psexec/psexec.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/psexec/psexec.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/psexec/psexec.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/psexec/psexec.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/pslist/pslist.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/pslist/pslist.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/pslist/pslist.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/pslist/pslist.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/put_io/put_io.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/put_io/put_io.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/put_io/put_io.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/put_io/put_io.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/putty/putty.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/putty/putty.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/putty/putty.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/putty/putty.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/py2exe/py2exe.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/py2exe/py2exe.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/py2exe/py2exe.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/py2exe/py2exe.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/python/python.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/python/python.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/python/python.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/python/python.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/qaz_im/qaz_im.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/qaz_im/qaz_im.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/qaz_im/qaz_im.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/qaz_im/qaz_im.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/qaz_is/qaz_is.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/qaz_is/qaz_is.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/qaz_is/qaz_is.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/qaz_is/qaz_is.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/qaz_su/qaz_su.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/qaz_su/qaz_su.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/qaz_su/qaz_su.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/qaz_su/qaz_su.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/qu_ax/qu_ax.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/qu_ax/qu_ax.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/qu_ax/qu_ax.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/qu_ax/qu_ax.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/rapid7/rapid7.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/rapid7/rapid7.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/rapid7/rapid7.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/rapid7/rapid7.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/rclone/rclone.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/rclone/rclone.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/rclone/rclone.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/rclone/rclone.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/rdp/rdp.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/rdp/rdp.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/rdp/rdp.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/rdp/rdp.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/reg/reg.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/reg/reg.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/reg/reg.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/reg/reg.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/ren/ren.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/ren/ren.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/ren/ren.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/ren/ren.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/restic/restic.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/restic/restic.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/restic/restic.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/restic/restic.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/rm/rm.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/rm/rm.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/rm/rm.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/rm/rm.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/rmdir_/rmdir_.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/rmdir_/rmdir_.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/rmdir_/rmdir_.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/rmdir_/rmdir_.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/rmmod/rmmod.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/rmmod/rmmod.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/rmmod/rmmod.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/rmmod/rmmod.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/route/route.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/route/route.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/route/route.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/route/route.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/rsocks/rsocks.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/rsocks/rsocks.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/rsocks/rsocks.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/rsocks/rsocks.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/rsync/rsync.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/rsync/rsync.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/rsync/rsync.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/rsync/rsync.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/ruby/ruby.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/ruby/ruby.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/ruby/ruby.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/ruby/ruby.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/sVPN/sVPN.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/sVPN/sVPN.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/sVPN/sVPN.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/sVPN/sVPN.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/samba/samba.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/samba/samba.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/samba/samba.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/samba/samba.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/sc/sc.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/sc/sc.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/sc/sc.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/sc/sc.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/scp/scp.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/scp/scp.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/scp/scp.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/scp/scp.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/sed/sed.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/sed/sed.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/sed/sed.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/sed/sed.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/set/set.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/set/set.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/set/set.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/set/set.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/setspn/setspn.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/setspn/setspn.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/setspn/setspn.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/setspn/setspn.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/sftp/sftp.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/sftp/sftp.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/sftp/sftp.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/sftp/sftp.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/shell/shell.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/shell/shell.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/shell/shell.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/shell/shell.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/shred/shred.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/shred/shred.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/shred/shred.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/shred/shred.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/sish/sish.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/sish/sish.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/sish/sish.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/sish/sish.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/slack/slack.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/slack/slack.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/slack/slack.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/slack/slack.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/smc/smc.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/smc/smc.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/smc/smc.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/smc/smc.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/socat/socat.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/socat/socat.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/socat/socat.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/socat/socat.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/ss/ss.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/ss/ss.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/ss/ss.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/ss/ss.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/ssh/ssh.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/ssh/ssh.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/ssh/ssh.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/ssh/ssh.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/sshx/sshx.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/sshx/sshx.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/sshx/sshx.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/sshx/sshx.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/steam/steam.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/steam/steam.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/steam/steam.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/steam/steam.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/sudo/sudo.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/sudo/sudo.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/sudo/sudo.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/sudo/sudo.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/suo5/suo5.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/suo5/suo5.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/suo5/suo5.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/suo5/suo5.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/sysctl/sysctl.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/sysctl/sysctl.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/sysctl/sysctl.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/sysctl/sysctl.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/telnet/telnet.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/telnet/telnet.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/telnet/telnet.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/telnet/telnet.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/tmate/tmate.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/tmate/tmate.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/tmate/tmate.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/tmate/tmate.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/touch/touch.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/touch/touch.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/touch/touch.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/touch/touch.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/tunnel/tunnel.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/tunnel/tunnel.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/tunnel/tunnel.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/tunnel/tunnel.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/tunwg/tunwg.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/tunwg/tunwg.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/tunwg/tunwg.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/tunwg/tunwg.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/uVPN/uVPN.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/uVPN/uVPN.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/uVPN/uVPN.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/uVPN/uVPN.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/unlink/unlink.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/unlink/unlink.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/unlink/unlink.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/unlink/unlink.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/unset/unset.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/unset/unset.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/unset/unset.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/unset/unset.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/updog/updog.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/updog/updog.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/updog/updog.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/updog/updog.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/vscode/vscode.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/vscode/vscode.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/vscode/vscode.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/vscode/vscode.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/vsftpd/vsftpd.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/vsftpd/vsftpd.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/vsftpd/vsftpd.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/vsftpd/vsftpd.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/wget/wget.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/wget/wget.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/wget/wget.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/wget/wget.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/where/where.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/where/where.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/where/where.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/where/where.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/whoami/whoami.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/whoami/whoami.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/whoami/whoami.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/whoami/whoami.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/winrs/winrs.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/winrs/winrs.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/winrs/winrs.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/winrs/winrs.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/wmic/wmic.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/wmic/wmic.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/wmic/wmic.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/wmic/wmic.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/xcopy/xcopy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/xcopy/xcopy.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/xcopy/xcopy.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/xcopy/xcopy.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/xeox/xeox.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/xeox/xeox.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/xeox/xeox.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/xeox/xeox.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/xmrig/xmrig.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/xmrig/xmrig.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/xmrig/xmrig.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/xmrig/xmrig.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/xxd/xxd.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/xxd/xxd.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/xxd/xxd.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/xxd/xxd.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/yakit/yakit.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/yakit/yakit.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/yakit/yakit.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/yakit/yakit.yml -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/zrok/zrok.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/zrok/zrok.json -------------------------------------------------------------------------------- /sigma_rules/greyware_tools/zrok/zrok.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/greyware_tools/zrok/zrok.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/0d1n/0d1n.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/0d1n/0d1n.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/0d1n/0d1n.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/0d1n/0d1n.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/1_6_C2/1_6_C2.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/1_6_C2/1_6_C2.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/3snake/3snake.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/3snake/3snake.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/7zip/7zip.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/7zip/7zip.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/7zip/7zip.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/7zip/7zip.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/ABPTTS/ABPTTS.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/ABPTTS/ABPTTS.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/APCLdr/APCLdr.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/APCLdr/APCLdr.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Aclpwn/Aclpwn.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Aclpwn/Aclpwn.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Adzok/Adzok.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Adzok/Adzok.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Adzok/Adzok.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Adzok/Adzok.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Akira/Akira.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Akira/Akira.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Akira/Akira.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Akira/Akira.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Amass/Amass.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Amass/Amass.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Amass/Amass.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Amass/Amass.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Ares/Ares.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Ares/Ares.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Ares/Ares.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Ares/Ares.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Argus/Argus.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Argus/Argus.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Argus/Argus.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Argus/Argus.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/AutoC2/AutoC2.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/AutoC2/AutoC2.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/BOINC/BOINC.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/BOINC/BOINC.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/BOINC/BOINC.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/BOINC/BOINC.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/BaRMIe/BaRMIe.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/BaRMIe/BaRMIe.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/BeRoot/BeRoot.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/BeRoot/BeRoot.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/BruteX/BruteX.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/BruteX/BruteX.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/C3/C3.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/C3/C3.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/C3/C3.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/C3/C3.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/CDK/CDK.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/CDK/CDK.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/CDK/CDK.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/CDK/CDK.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/CMLoot/CMLoot.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/CMLoot/CMLoot.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/CMSeek/CMSeek.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/CMSeek/CMSeek.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/CSExec/CSExec.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/CSExec/CSExec.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Cable/Cable.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Cable/Cable.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Cable/Cable.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Cable/Cable.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/DAMP/DAMP.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/DAMP/DAMP.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/DAMP/DAMP.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/DAMP/DAMP.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/DBC2/DBC2.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/DBC2/DBC2.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/DBC2/DBC2.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/DBC2/DBC2.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/DKMC/DKMC.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/DKMC/DKMC.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/DKMC/DKMC.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/DKMC/DKMC.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/DLHell/DLHell.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/DLHell/DLHell.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/DOME/DOME.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/DOME/DOME.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/DOME/DOME.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/DOME/DOME.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/DPAT/DPAT.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/DPAT/DPAT.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/DPAT/DPAT.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/DPAT/DPAT.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/DRSAT/DRSAT.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/DRSAT/DRSAT.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/DRSAT/DRSAT.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/DRSAT/DRSAT.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/DcRat/DcRat.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/DcRat/DcRat.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/DcRat/DcRat.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/DcRat/DcRat.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Ddexec/Ddexec.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Ddexec/Ddexec.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/DeNiSe/DeNiSe.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/DeNiSe/DeNiSe.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/DoHC2/DoHC2.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/DoHC2/DoHC2.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/DoHC2/DoHC2.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/DoHC2/DoHC2.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/DocPlz/DocPlz.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/DocPlz/DocPlz.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Drupwn/Drupwn.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Drupwn/Drupwn.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Dumpy/Dumpy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Dumpy/Dumpy.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Dumpy/Dumpy.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Dumpy/Dumpy.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/EQGR/EQGR.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/EQGR/EQGR.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/EQGR/EQGR.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/EQGR/EQGR.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/ETW/ETW.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/ETW/ETW.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/ETW/ETW.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/ETW/ETW.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Ebowla/Ebowla.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Ebowla/Ebowla.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Exrop/Exrop.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Exrop/Exrop.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Exrop/Exrop.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Exrop/Exrop.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/FOCA/FOCA.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/FOCA/FOCA.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/FOCA/FOCA.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/FOCA/FOCA.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Farmer/Farmer.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Farmer/Farmer.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Freeze/Freeze.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Freeze/Freeze.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/GIUDA/GIUDA.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/GIUDA/GIUDA.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/GIUDA/GIUDA.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/GIUDA/GIUDA.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Gato_X/Gato_X.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Gato_X/Gato_X.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Gecko/Gecko.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Gecko/Gecko.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Gecko/Gecko.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Gecko/Gecko.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Gotato/Gotato.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Gotato/Gotato.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/HVNC/HVNC.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/HVNC/HVNC.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/HVNC/HVNC.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/HVNC/HVNC.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Hive/Hive.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Hive/Hive.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Hive/Hive.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Hive/Hive.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Huan/Huan.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Huan/Huan.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Huan/Huan.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Huan/Huan.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Hypnos/Hypnos.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Hypnos/Hypnos.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/I2P/I2P.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/I2P/I2P.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/I2P/I2P.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/I2P/I2P.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Inc/Inc.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Inc/Inc.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Inc/Inc.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Inc/Inc.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Infoga/Infoga.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Infoga/Infoga.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Jatayu/Jatayu.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Jatayu/Jatayu.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/KeePwn/KeePwn.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/KeePwn/KeePwn.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Kraken/Kraken.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Kraken/Kraken.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/LALIN/LALIN.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/LALIN/LALIN.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/LALIN/LALIN.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/LALIN/LALIN.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/LNKUp/LNKUp.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/LNKUp/LNKUp.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/LNKUp/LNKUp.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/LNKUp/LNKUp.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Lsassx/Lsassx.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Lsassx/Lsassx.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/MITMf/MITMf.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/MITMf/MITMf.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/MITMf/MITMf.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/MITMf/MITMf.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/MSDAT/MSDAT.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/MSDAT/MSDAT.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/MSDAT/MSDAT.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/MSDAT/MSDAT.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Mara/Mara.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Mara/Mara.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Mara/Mara.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Mara/Mara.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Mr_SIP/Mr_SIP.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Mr_SIP/Mr_SIP.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/NPPSpy/NPPSpy.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/NPPSpy/NPPSpy.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Ninja/Ninja.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Ninja/Ninja.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Ninja/Ninja.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Ninja/Ninja.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/NoArgs/NoArgs.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/NoArgs/NoArgs.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Nuages/Nuages.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Nuages/Nuages.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/OWASP/OWASP.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/OWASP/OWASP.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/OWASP/OWASP.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/OWASP/OWASP.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Orc/Orc.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Orc/Orc.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Orc/Orc.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Orc/Orc.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Ouned/Ouned.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Ouned/Ouned.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Ouned/Ouned.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Ouned/Ouned.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/P4wnP1/P4wnP1.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/P4wnP1/P4wnP1.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/PEASS/PEASS.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/PEASS/PEASS.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/PEASS/PEASS.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/PEASS/PEASS.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/PILOT/PILOT.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/PILOT/PILOT.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/PILOT/PILOT.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/PILOT/PILOT.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/POC/POC.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/POC/POC.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/POC/POC.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/POC/POC.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/PRT/PRT.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/PRT/PRT.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/PRT/PRT.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/PRT/PRT.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/PS2EXE/PS2EXE.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/PS2EXE/PS2EXE.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/PSAmsi/PSAmsi.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/PSAmsi/PSAmsi.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/PSBits/PSBits.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/PSBits/PSBits.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/PayGen/PayGen.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/PayGen/PayGen.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Pazuzu/Pazuzu.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Pazuzu/Pazuzu.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Pcredz/Pcredz.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Pcredz/Pcredz.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Pezor/Pezor.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Pezor/Pezor.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Pezor/Pezor.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Pezor/Pezor.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/PrivFu/PrivFu.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/PrivFu/PrivFu.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Psnmap/Psnmap.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Psnmap/Psnmap.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/PyExec/PyExec.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/PyExec/PyExec.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/RDE1/RDE1.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/RDE1/RDE1.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/RDE1/RDE1.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/RDE1/RDE1.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/REC2_/REC2_.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/REC2_/REC2_.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/REC2_/REC2_.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/REC2_/REC2_.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/RITM/RITM.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/RITM/RITM.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/RITM/RITM.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/RITM/RITM.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/RaRCE/RaRCE.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/RaRCE/RaRCE.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/RaRCE/RaRCE.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/RaRCE/RaRCE.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Rubeus/Rubeus.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Rubeus/Rubeus.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/SMBSR/SMBSR.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/SMBSR/SMBSR.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/SMBSR/SMBSR.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/SMBSR/SMBSR.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Seth/Seth.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Seth/Seth.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Seth/Seth.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Seth/Seth.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/ShimDB/ShimDB.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/ShimDB/ShimDB.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/ShimMe/ShimMe.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/ShimMe/ShimMe.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Shwmae/Shwmae.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Shwmae/Shwmae.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Sn1per/Sn1per.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Sn1per/Sn1per.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Stifle/Stifle.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Stifle/Stifle.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Stompy/Stompy.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Stompy/Stompy.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Sudomy/Sudomy.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Sudomy/Sudomy.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Sunder/Sunder.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Sunder/Sunder.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/ToRat/ToRat.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/ToRat/ToRat.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/ToRat/ToRat.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/ToRat/ToRat.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Tool_X/Tool_X.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Tool_X/Tool_X.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Tor/Tor.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Tor/Tor.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Tor/Tor.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Tor/Tor.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/UACME/UACME.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/UACME/UACME.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/UACME/UACME.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/UACME/UACME.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/UFONet/UFONet.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/UFONet/UFONet.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/VDR/VDR.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/VDR/VDR.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/VDR/VDR.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/VDR/VDR.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Vajra/Vajra.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Vajra/Vajra.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Vajra/Vajra.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Vajra/Vajra.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Vulmap/Vulmap.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Vulmap/Vulmap.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/WMEye/WMEye.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/WMEye/WMEye.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/WMEye/WMEye.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/WMEye/WMEye.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/WMIcmd/WMIcmd.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/WMIcmd/WMIcmd.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/WPScan/WPScan.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/WPScan/WPScan.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/WinPwn/WinPwn.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/WinPwn/WinPwn.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Xerror/Xerror.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Xerror/Xerror.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Xrulez/Xrulez.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Xrulez/Xrulez.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Xworm/Xworm.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Xworm/Xworm.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/Xworm/Xworm.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/Xworm/Xworm.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/_/_.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/_/_.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/_/_.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/_/_.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/adPEAS/adPEAS.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/adPEAS/adPEAS.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/adeleg/adeleg.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/adeleg/adeleg.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/adhunt/adhunt.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/adhunt/adhunt.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/afrog/afrog.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/afrog/afrog.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/afrog/afrog.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/afrog/afrog.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/asleap/asleap.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/asleap/asleap.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/avet/avet.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/avet/avet.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/avet/avet.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/avet/avet.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/avred/avred.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/avred/avred.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/avred/avred.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/avred/avred.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/b374k/b374k.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/b374k/b374k.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/b374k/b374k.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/b374k/b374k.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/base64/base64.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/base64/base64.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/beef/beef.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/beef/beef.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/beef/beef.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/beef/beef.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/bitb/bitb.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/bitb/bitb.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/bitb/bitb.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/bitb/bitb.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/boko/boko.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/boko/boko.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/boko/boko.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/boko/boko.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/byob/byob.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/byob/byob.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/byob/byob.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/byob/byob.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/ccmpwn/ccmpwn.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/ccmpwn/ccmpwn.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/chaos/chaos.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/chaos/chaos.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/chaos/chaos.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/chaos/chaos.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/chisel/chisel.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/chisel/chisel.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/chntpw/chntpw.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/chntpw/chntpw.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/cliws/cliws.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/cliws/cliws.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/cliws/cliws.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/cliws/cliws.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/commix/commix.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/commix/commix.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/conti/conti.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/conti/conti.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/conti/conti.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/conti/conti.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/crunch/crunch.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/crunch/crunch.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/ctfr/ctfr.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/ctfr/ctfr.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/ctfr/ctfr.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/ctfr/ctfr.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/daphne/daphne.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/daphne/daphne.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/dnscan/dnscan.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/dnscan/dnscan.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/dnscat/dnscat.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/dnscat/dnscat.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/dnspot/dnspot.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/dnspot/dnspot.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/donut/donut.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/donut/donut.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/donut/donut.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/donut/donut.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/doucme/doucme.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/doucme/doucme.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/dploot/dploot.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/dploot/dploot.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/dsniff/dsniff.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/dsniff/dsniff.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/ducky/ducky.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/ducky/ducky.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/ducky/ducky.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/ducky/ducky.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/empire/empire.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/empire/empire.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/evilqr/evilqr.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/evilqr/evilqr.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/exegol/exegol.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/exegol/exegol.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/ffuf/ffuf.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/ffuf/ffuf.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/ffuf/ffuf.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/ffuf/ffuf.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/fgdump/fgdump.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/fgdump/fgdump.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/fltMC/fltMC.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/fltMC/fltMC.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/fltMC/fltMC.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/fltMC/fltMC.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/fscan/fscan.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/fscan/fscan.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/fscan/fscan.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/fscan/fscan.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/fsutil/fsutil.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/fsutil/fsutil.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/fuzzdb/fuzzdb.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/fuzzdb/fuzzdb.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/gato/gato.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/gato/gato.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/gato/gato.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/gato/gato.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/gcat/gcat.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/gcat/gcat.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/gcat/gcat.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/gcat/gcat.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/genHTA/genHTA.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/genHTA/genHTA.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/gh0st/gh0st.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/gh0st/gh0st.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/gh0st/gh0st.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/gh0st/gh0st.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/ghauri/ghauri.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/ghauri/ghauri.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/ghidra/ghidra.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/ghidra/ghidra.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/glit/glit.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/glit/glit.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/glit/glit.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/glit/glit.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/gmer/gmer.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/gmer/gmer.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/gmer/gmer.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/gmer/gmer.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/godoh/godoh.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/godoh/godoh.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/godoh/godoh.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/godoh/godoh.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/gost/gost.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/gost/gost.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/gost/gost.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/gost/gost.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/h8mail/h8mail.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/h8mail/h8mail.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/hades/hades.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/hades/hades.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/hades/hades.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/hades/hades.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/havoc/havoc.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/havoc/havoc.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/havoc/havoc.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/havoc/havoc.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/hiphp/hiphp.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/hiphp/hiphp.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/hiphp/hiphp.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/hiphp/hiphp.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/holehe/holehe.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/holehe/holehe.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/hping/hping.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/hping/hping.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/hping/hping.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/hping/hping.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/hping3/hping3.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/hping3/hping3.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/htran/htran.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/htran/htran.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/htran/htran.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/htran/htran.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/icmpsh/icmpsh.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/icmpsh/icmpsh.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/iodine/iodine.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/iodine/iodine.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/ivy/ivy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/ivy/ivy.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/ivy/ivy.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/ivy/ivy.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/jackit/jackit.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/jackit/jackit.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/john/john.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/john/john.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/john/john.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/john/john.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/kali/kali.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/kali/kali.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/kali/kali.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/kali/kali.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/kekeo/kekeo.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/kekeo/kekeo.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/kekeo/kekeo.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/kekeo/kekeo.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/keywa7/keywa7.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/keywa7/keywa7.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/killer/killer.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/killer/killer.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/kismet/kismet.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/kismet/kismet.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/koadic/koadic.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/koadic/koadic.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/kwetza/kwetza.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/kwetza/kwetza.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/ldeep/ldeep.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/ldeep/ldeep.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/ldeep/ldeep.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/ldeep/ldeep.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/legba/legba.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/legba/legba.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/legba/legba.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/legba/legba.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/ligolo/ligolo.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/ligolo/ligolo.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/link/link.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/link/link.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/link/link.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/link/link.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/logman/logman.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/logman/logman.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/lsass/lsass.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/lsass/lsass.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/lsass/lsass.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/lsass/lsass.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/lsassy/lsassy.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/lsassy/lsassy.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/mailpv/mailpv.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/mailpv/mailpv.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/merlin/merlin.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/merlin/merlin.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/metame/metame.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/metame/metame.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/mimipy/mimipy.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/mimipy/mimipy.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/mitm6/mitm6.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/mitm6/mitm6.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/mitm6/mitm6.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/mitm6/mitm6.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/mitmAP/mitmAP.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/mitmAP/mitmAP.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/monkey/monkey.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/monkey/monkey.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/mortar/mortar.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/mortar/mortar.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/msfpc/msfpc.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/msfpc/msfpc.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/msfpc/msfpc.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/msfpc/msfpc.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/mspass/mspass.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/mspass/mspass.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/mythic/mythic.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/mythic/mythic.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/ncrack/ncrack.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/ncrack/ncrack.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/nessus/nessus.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/nessus/nessus.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/netkit/netkit.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/netkit/netkit.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/nikto/nikto.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/nikto/nikto.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/nikto/nikto.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/nikto/nikto.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/nipe/nipe.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/nipe/nipe.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/nipe/nipe.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/nipe/nipe.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/nmap/nmap.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/nmap/nmap.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/nmap/nmap.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/nmap/nmap.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/noPac/noPac.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/noPac/noPac.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/noPac/noPac.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/noPac/noPac.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/nping/nping.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/nping/nping.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/nping/nping.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/nping/nping.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/nps/nps.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/nps/nps.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/nps/nps.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/nps/nps.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/nsocks/nsocks.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/nsocks/nsocks.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/nysm/nysm.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/nysm/nysm.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/nysm/nysm.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/nysm/nysm.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/obfy/obfy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/obfy/obfy.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/obfy/obfy.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/obfy/obfy.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/onex/onex.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/onex/onex.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/onex/onex.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/onex/onex.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/p0f/p0f.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/p0f/p0f.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/p0f/p0f.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/p0f/p0f.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/pac2/pac2.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/pac2/pac2.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/pac2/pac2.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/pac2/pac2.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/pacu/pacu.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/pacu/pacu.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/pacu/pacu.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/pacu/pacu.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/padre/padre.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/padre/padre.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/padre/padre.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/padre/padre.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/pamspy/pamspy.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/pamspy/pamspy.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/panix/panix.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/panix/panix.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/panix/panix.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/panix/panix.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/pico/pico.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/pico/pico.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/pico/pico.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/pico/pico.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/poshc2/poshc2.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/poshc2/poshc2.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/potato/potato.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/potato/potato.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/psobf/psobf.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/psobf/psobf.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/psobf/psobf.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/psobf/psobf.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/pspy/pspy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/pspy/pspy.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/pspy/pspy.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/pspy/pspy.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/pupy/pupy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/pupy/pupy.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/pupy/pupy.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/pupy/pupy.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/pwdump/pwdump.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/pwdump/pwdump.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/pwnat/pwnat.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/pwnat/pwnat.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/pyrdp/pyrdp.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/pyrdp/pyrdp.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/rdpv/rdpv.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/rdpv/rdpv.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/rdpv/rdpv.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/rdpv/rdpv.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/rmdir/rmdir.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/rmdir/rmdir.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/rsg/rsg.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/rsg/rsg.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/rsg/rsg.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/rsg/rsg.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/rsocx/rsocx.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/rsocx/rsocx.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/ruler/ruler.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/ruler/ruler.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/sRDI/sRDI.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/sRDI/sRDI.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/sRDI/sRDI.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/sRDI/sRDI.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/saint/saint.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/saint/saint.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/sgn/sgn.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/sgn/sgn.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/sgn/sgn.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/sgn/sgn.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/slip/slip.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/slip/slip.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/slip/slip.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/slip/slip.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/socat/socat.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/socat/socat.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/ssfd/ssfd.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/ssfd/ssfd.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/ssfd/ssfd.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/ssfd/ssfd.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/thoth/thoth.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/thoth/thoth.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/tsh/tsh.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/tsh/tsh.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/tsh/tsh.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/tsh/tsh.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/vbad/vbad.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/vbad/vbad.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/vbad/vbad.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/vbad/vbad.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/venom/venom.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/venom/venom.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/w3af/w3af.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/w3af/w3af.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/w3af/w3af.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/w3af/w3af.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/wce/wce.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/wce/wce.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/wce/wce.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/wce/wce.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/wfuzz/wfuzz.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/wfuzz/wfuzz.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/wpaf/wpaf.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/wpaf/wpaf.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/wpaf/wpaf.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/wpaf/wpaf.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/xrdp/xrdp.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/xrdp/xrdp.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/xrdp/xrdp.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/xrdp/xrdp.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/xspy/xspy.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/xspy/xspy.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/xspy/xspy.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/xspy/xspy.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/xz/xz.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/xz/xz.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/xz/xz.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/xz/xz.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/yodo/yodo.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/yodo/yodo.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/yodo/yodo.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/yodo/yodo.yml -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/zarp/zarp.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/zarp/zarp.json -------------------------------------------------------------------------------- /sigma_rules/offensive_tools/zarp/zarp.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/offensive_tools/zarp/zarp.yml -------------------------------------------------------------------------------- /sigma_rules/signatures/sshdoor/sshdoor.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/signatures/sshdoor/sshdoor.json -------------------------------------------------------------------------------- /sigma_rules/signatures/sshdoor/sshdoor.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-sigma-rules/HEAD/sigma_rules/signatures/sshdoor/sshdoor.yml --------------------------------------------------------------------------------