├── .github └── FUNDING.yml ├── .gitignore ├── LICENSE ├── README.md ├── _utils ├── create_combined_yara_file.py ├── create_specific_guid_only_yara.py ├── create_yara_rules.py ├── create_yara_strict_rules.py ├── download_threathunting-keywords.py ├── scan.py └── threathunting-keywords.csv ├── specific └── CVE │ └── CVE-2025-21298.yara ├── yara_rules ├── all.yara ├── greyware_tool_keyword │ ├── A-C │ │ ├── AADInternals.yara │ │ ├── AD-common-queries.yara │ │ ├── AD_Miner.yara │ │ ├── APT.yara │ │ ├── AVDump.yara │ │ ├── Acunetix Web Vulnerability Scanner.yara │ │ ├── AdGuard VPN.yara │ │ ├── Adblock Office VPN Proxy Server.yara │ │ ├── AdvancedRun.yara │ │ ├── Ahk2Exe.yara │ │ ├── AlanFramework.yara │ │ ├── Alpemix.yara │ │ ├── Ammyy Admin.yara │ │ ├── AmperageKit.yara │ │ ├── Anonymous Proxy Vpn Browser.yara │ │ ├── AnyplaceControl.yara │ │ ├── Astar VPN.yara │ │ ├── Atera.yara │ │ ├── AutoHotkey.yara │ │ ├── AutoIt.yara │ │ ├── AutoSUID.yara │ │ ├── Azino VPN.yara │ │ ├── Azure Storage Explorer.yara │ │ ├── BarracudaRMM.yara │ │ ├── BelkaVPN.yara │ │ ├── Best VPN USA.yara │ │ ├── BitLockerToGo.yara │ │ ├── Bomgar.yara │ │ ├── Box.yara │ │ ├── Browsec VPN.yara │ │ ├── Browser VPN.yara │ │ ├── Browser-C2.yara │ │ ├── BullVPN.yara │ │ ├── Burntcigar KillAV.yara │ │ ├── CIMplant.yara │ │ ├── ChromeCookiesView.yara │ │ ├── Cloud VPN.yara │ │ ├── Cmdkey.yara │ │ ├── ComodoRMM (Itarian RMM).yara │ │ ├── Compress-Archive.yara │ │ ├── CursedChrome.yara │ │ ├── CyberGhost VPN.yara │ │ ├── action1.yara │ │ ├── adaudit.yara │ │ ├── adexplorer.yara │ │ ├── adfind.yara │ │ ├── adget.yara │ │ ├── adiskreader.yara │ │ ├── adobe.com.yara │ │ ├── adrecon.yara │ │ ├── advanced port scanner.yara │ │ ├── advanced-ip-scanner.yara │ │ ├── aeroadmin.yara │ │ ├── anonfiles.com.yara │ │ ├── anydesk.yara │ │ ├── anymailfinder.yara │ │ ├── anyviewer.yara │ │ ├── apaste.info.yara │ │ ├── apkfold free vpn.yara │ │ ├── arp.yara │ │ ├── assoc.yara │ │ ├── atnow.yara │ │ ├── attrib.yara │ │ ├── auditd.yara │ │ ├── auvik.yara │ │ ├── aweray.yara │ │ ├── awk.yara │ │ ├── base64.yara │ │ ├── bash keylogger.yara │ │ ├── bash port scan.yara │ │ ├── bash.yara │ │ ├── bashupload.com.yara │ │ ├── bayfiles.yara │ │ ├── bcdedit.yara │ │ ├── bcedit.yara │ │ ├── beeceptor.com.yara │ │ ├── bitbucket.org.yara │ │ ├── bitsadmin.yara │ │ ├── bittorent.yara │ │ ├── bloodhound.yara │ │ ├── bore.yara │ │ ├── boringproxy.yara │ │ ├── browser.lol.yara │ │ ├── btunnel.in.yara │ │ ├── btunnel.yara │ │ ├── burrow.yara │ │ ├── canarytokens.com.yara │ │ ├── cat.yara │ │ ├── catbox.moe.yara │ │ ├── certoc.yara │ │ ├── certutil.yara │ │ ├── chattr.yara │ │ ├── chcp.yara │ │ ├── chgpass.yara │ │ ├── chromium.yara │ │ ├── clbin.com.yara │ │ ├── cloudflared.yara │ │ ├── cobaltstrike.yara │ │ ├── comsvcs.dll.yara │ │ ├── conhost.exe.yara │ │ ├── copy.yara │ │ ├── cp.yara │ │ ├── croc.yara │ │ ├── crond.yara │ │ ├── crontab.yara │ │ ├── crowbar.yara │ │ ├── crowdstrike falcon.yara │ │ ├── csvde.yara │ │ ├── curl.yara │ │ ├── cut.yara │ │ └── cytool.yara │ ├── D-F │ │ ├── DBC2.yara │ │ ├── DEEPRISM VPN.yara │ │ ├── Daily VPN.yara │ │ ├── Dameware.yara │ │ ├── Dataplicity.yara │ │ ├── Disk2vhd.yara │ │ ├── Dispossessor.yara │ │ ├── DotVPN.yara │ │ ├── EHORUS RMM.yara │ │ ├── Earth VPN.yara │ │ ├── Excel.yara │ │ ├── ExpressVPN.yara │ │ ├── FREE VPN DEWELOPMENT.yara │ │ ├── FastStunnel VPN.yara │ │ ├── FastestVPN Proxy.yara │ │ ├── FileZilla.yara │ │ ├── Fornex VPN.yara │ │ ├── FoxyProxy Standard.yara │ │ ├── Free Avira Phantom VPN.yara │ │ ├── Free Fast VPN.yara │ │ ├── Free One Touch VPN.yara │ │ ├── Free Proxy VPN.yara │ │ ├── Free Residential VPN.yara │ │ ├── Free VPN for Chrome.yara │ │ ├── Free VPN.yara │ │ ├── dd.yara │ │ ├── debugdfs.yara │ │ ├── del.yara │ │ ├── dev-tunnels.yara │ │ ├── dig.yara │ │ ├── dir.yara │ │ ├── discord.yara │ │ ├── diskshadow.yara │ │ ├── dns.yara │ │ ├── dnscmd.yara │ │ ├── dnslog.cn.yara │ │ ├── dpapi.py.yara │ │ ├── dropbear.yara │ │ ├── dropbox.yara │ │ ├── dropmefiles.com.yara │ │ ├── dsquery.yara │ │ ├── duckdns.org.yara │ │ ├── ducktail.yara │ │ ├── dwagent.yara │ │ ├── easyupload.io.yara │ │ ├── echo.yara │ │ ├── elastic-agent.yara │ │ ├── email-format.yara │ │ ├── eraser.yara │ │ ├── esentutl.yara │ │ ├── esxcli.yara │ │ ├── evilrdp.yara │ │ ├── exegol.yara │ │ ├── export.yara │ │ ├── expose.yara │ │ ├── fex.net.yara │ │ ├── fiddler.yara │ │ ├── file.io.yara │ │ ├── filebin.net.yara │ │ ├── filetransfer.io.yara │ │ ├── find.yara │ │ ├── findstr.yara │ │ ├── fleetdeck.yara │ │ ├── fleetdm.yara │ │ ├── freefilesync.yara │ │ ├── frp.yara │ │ └── ftype.yara │ ├── G-H │ │ ├── GeoProxy.yara │ │ ├── Get-WmiObject.yara │ │ ├── GoToMyPC.yara │ │ ├── Gom VPN.yara │ │ ├── Goodsync.yara │ │ ├── Google Remote Desktop.yara │ │ ├── Guru VPN & Proxy.yara │ │ ├── HMA VPN Proxy Unblocker.yara │ │ ├── Hide My IP VPN.yara │ │ ├── HideAll VPN.yara │ │ ├── Hideman VPN.yara │ │ ├── Hola Free VPN.yara │ │ ├── Hola VPN.yara │ │ ├── Hotspot Shield Elite VPN Proxy.yara │ │ ├── Hotspot Shield Free VPN.yara │ │ ├── Hoxx VPN Proxy.yara │ │ ├── Hub VPN.yara │ │ ├── Hunter.io.yara │ │ ├── getcap.yara │ │ ├── getent.yara │ │ ├── github.yara │ │ ├── go-http-tunnel.yara │ │ ├── goMatrixC2.yara │ │ ├── gofile.io.yara │ │ ├── golang_c2.yara │ │ ├── googleweblight.com.yara │ │ ├── gost.yara │ │ ├── gpg.yara │ │ ├── grep.yara │ │ ├── gt.yara │ │ ├── gtfobins.yara │ │ ├── guerrillamail.yara │ │ ├── hackforums.net.yara │ │ ├── history.yara │ │ ├── homeway.io.yara │ │ ├── http.server.yara │ │ └── hypertunnel.yara │ ├── I-K │ │ ├── IObitUnlocker.yara │ │ ├── IP Unblock.yara │ │ ├── IPBurger Proxy & VPN.yara │ │ ├── Invoke-Maldaptive.yara │ │ ├── iNinja VPN.yara │ │ ├── icacls.yara │ │ ├── icalcs.yara │ │ ├── ifconfig.yara │ │ ├── impacket.yara │ │ ├── interactsh.yara │ │ ├── ip-api.com.yara │ │ ├── ip.yara │ │ ├── ipscan.yara │ │ ├── iptables.yara │ │ ├── ipv4.myip.wtf.yara │ │ ├── ired.team.yara │ │ ├── jprq.yara │ │ ├── kaseya VSA.yara │ │ └── killProcessPOC.yara │ ├── L-N │ │ ├── LTProxy.yara │ │ ├── Lansweeper.yara │ │ ├── Lethean Proxy VPN.yara │ │ ├── LogMeIn.yara │ │ ├── MEGAcmd.yara │ │ ├── MEGAsync.yara │ │ ├── Malus VPN.yara │ │ ├── Microsoft Recall.yara │ │ ├── MozillaCookiesView.yara │ │ ├── MpCmdRun.yara │ │ ├── Muscle VPN.yara │ │ ├── My Browser Vpn.yara │ │ ├── Neo-reGeorg.yara │ │ ├── Neo4j.yara │ │ ├── NetSupport.yara │ │ ├── NetshRun.yara │ │ ├── NimScan.yara │ │ ├── NordVPN.yara │ │ ├── Nsight RMM.yara │ │ ├── Nucleus VPN.yara │ │ ├── ldap queries.yara │ │ ├── ldapsearch.yara │ │ ├── ldifde.yara │ │ ├── level.io.yara │ │ ├── linux.yara │ │ ├── ln.yara │ │ ├── localhost.run.yara │ │ ├── localtunnel.yara │ │ ├── localtunnels.yara │ │ ├── localxpose.yara │ │ ├── locate.yara │ │ ├── ls.yara │ │ ├── lsa-whisperer.yara │ │ ├── lyncsmash.yara │ │ ├── macchanger.yara │ │ ├── maildrop.yara │ │ ├── mediafire.yara │ │ ├── mega.co.nz.yara │ │ ├── mega.nz.yara │ │ ├── megatools.yara │ │ ├── meshcentral.yara │ │ ├── mkdir.yara │ │ ├── modproble.yara │ │ ├── movefile64.exe.yara │ │ ├── mshta.yara │ │ ├── msiexec.yara │ │ ├── mv.yara │ │ ├── my-ip.io.yara │ │ ├── myexternalip.com.yara │ │ ├── myftp.biz.yara │ │ ├── myftp.org.yara │ │ ├── nbtscan.yara │ │ ├── nbtstat.yara │ │ ├── nc.yara │ │ ├── ncat.yara │ │ ├── net.yara │ │ ├── netcat.yara │ │ ├── netscan.yara │ │ ├── netsh.yara │ │ ├── netstat.yara │ │ ├── ngrok.yara │ │ ├── nircmd.yara │ │ ├── nirsoft tools.yara │ │ ├── nltest.yara │ │ ├── nmap.yara │ │ ├── nopaste.net.yara │ │ ├── nping.yara │ │ └── ntdsutil.yara │ ├── O-Q │ │ ├── OPENVPN.yara │ │ ├── Openssh.yara │ │ ├── OshiUpload.yara │ │ ├── PAExec.yara │ │ ├── PCHunter.yara │ │ ├── PP VPN.yara │ │ ├── PortQry.yara │ │ ├── Portr.yara │ │ ├── PowerSploit.yara │ │ ├── Powertool.yara │ │ ├── Prime VPN.yara │ │ ├── PrintNightmare.yara │ │ ├── Private Internet Access.yara │ │ ├── Pron VPN.yara │ │ ├── ProxFlow.yara │ │ ├── Proxifier.yara │ │ ├── Proxy SwitchyOmega.yara │ │ ├── Proxy SwitchySharp.yara │ │ ├── ProxyFlow.yara │ │ ├── Pulseway.yara │ │ ├── PureVPN.yara │ │ ├── Push VPN.yara │ │ ├── PyPagekite.yara │ │ ├── Quasar.yara │ │ ├── QuickAssist.yara │ │ ├── openssh-portable.yara │ │ ├── oset.yara │ │ ├── passwd.yara │ │ ├── paste.ee.yara │ │ ├── pastebin.pl.yara │ │ ├── pastebin.yara │ │ ├── pastie.org.yara │ │ ├── pcunlocker.yara │ │ ├── pdbedit.yara │ │ ├── pgrok.yara │ │ ├── phoenix miner.yara │ │ ├── php.yara │ │ ├── pingcastle.yara │ │ ├── pinggy.yara │ │ ├── pktmon.yara │ │ ├── plink.yara │ │ ├── powershell.yara │ │ ├── premiumize.me.yara │ │ ├── privatebin.net.yara │ │ ├── privnote.com.yara │ │ ├── procdump.yara │ │ ├── processhacker.yara │ │ ├── procmon.yara │ │ ├── produkey.yara │ │ ├── psexec.yara │ │ ├── pslist.yara │ │ ├── psloggedon.yara │ │ ├── put.io.yara │ │ ├── putty.yara │ │ ├── py2exe.yara │ │ ├── pyinstaller.yara │ │ ├── pyshark.yara │ │ ├── python.yara │ │ ├── qaz.im.yara │ │ ├── qaz.is.yara │ │ ├── qaz.su.yara │ │ ├── qu.ax.yara │ │ └── qwinsta.yara │ ├── R-T │ │ ├── Radmin.yara │ │ ├── Red Panda VPN.yara │ │ ├── RemCom.yara │ │ ├── RemotePC.yara │ │ ├── RemoteUtilities.yara │ │ ├── RevoUninstaller.yara │ │ ├── RpcView.yara │ │ ├── RusVPN.yara │ │ ├── Rust Localtunnels.yara │ │ ├── RustDesk.yara │ │ ├── SSH-J.com.yara │ │ ├── SaferVPN Proxy.yara │ │ ├── ScreenConnect.yara │ │ ├── SentinelAgent.yara │ │ ├── SetACL.yara │ │ ├── SetupVPN.yara │ │ ├── Shredder.yara │ │ ├── SimpleHelp.yara │ │ ├── SirTunnel.yara │ │ ├── Social VPN.yara │ │ ├── SoftEtherVPN.yara │ │ ├── Soul VPN.yara │ │ ├── SpaceRunner.yara │ │ ├── Splashtop.yara │ │ ├── Supremo.yara │ │ ├── Surf VPN.yara │ │ ├── TDSKiller.yara │ │ ├── Taskmgr.yara │ │ ├── TelegramRAT.yara │ │ ├── Thunder Proxy.yara │ │ ├── TotalRecall.yara │ │ ├── Touch VPN.yara │ │ ├── Trellonet.yara │ │ ├── TunnelBear VPN.yara │ │ ├── Tunnello VPN.yara │ │ ├── Turbo VPN for PC.yara │ │ ├── ransomware_notes.yara │ │ ├── rapid7.yara │ │ ├── ratchatpt.yara │ │ ├── rathole.yara │ │ ├── rclone.yara │ │ ├── rderzh VPN Proxy.yara │ │ ├── rdp.yara │ │ ├── rdpscan.yara │ │ ├── rdpwrap.yara │ │ ├── rdrleakdiag.yara │ │ ├── redpill.yara │ │ ├── reg.yara │ │ ├── regsvr32.yara │ │ ├── remoteit.yara │ │ ├── remotemoe.yara │ │ ├── ren.yara │ │ ├── rentry.co.yara │ │ ├── requestbin.net.yara │ │ ├── requests-ntlm.yara │ │ ├── restic.yara │ │ ├── reverse-tunnel.yara │ │ ├── rm.yara │ │ ├── rmdir .yara │ │ ├── rmdir.yara │ │ ├── rmmod.yara │ │ ├── route.yara │ │ ├── rpcclient.yara │ │ ├── rsocks.yara │ │ ├── rsync.yara │ │ ├── ruby.yara │ │ ├── rundll32.yara │ │ ├── sVPN.yara │ │ ├── samba.yara │ │ ├── sc.yara │ │ ├── schtasks.yara │ │ ├── scp.yara │ │ ├── sdelete.yara │ │ ├── sed.yara │ │ ├── send.exploit.in.yara │ │ ├── sendspace.com.yara │ │ ├── serveo.net.yara │ │ ├── set.yara │ │ ├── setspn.yara │ │ ├── sftp.yara │ │ ├── shadowsocks.yara │ │ ├── share.riseup.net.yara │ │ ├── shell.yara │ │ ├── shred.yara │ │ ├── simplehttpserver.yara │ │ ├── sish.yara │ │ ├── skymen.info.yara │ │ ├── slack.yara │ │ ├── smc.yara │ │ ├── snmpcheck.yara │ │ ├── snmpwalk.yara │ │ ├── socat.yara │ │ ├── softperfect networkscanner.yara │ │ ├── speedtest.yara │ │ ├── ss.yara │ │ ├── ssh.yara │ │ ├── sshtunnel.yara │ │ ├── sshuttle.yara │ │ ├── sshx.yara │ │ ├── sslip.io.yara │ │ ├── staqlab-tunnel.yara │ │ ├── steam.yara │ │ ├── stowaway.yara │ │ ├── stunnel.yara │ │ ├── sudo.yara │ │ ├── sudoers.yara │ │ ├── suo5.yara │ │ ├── supershell.yara │ │ ├── surfshark VPN.yara │ │ ├── syncthing.yara │ │ ├── sysctl.yara │ │ ├── systemctl.yara │ │ ├── systeminfo.yara │ │ ├── tacticalrmm.yara │ │ ├── tailscale.yara │ │ ├── takeown.yara │ │ ├── taskkill.yara │ │ ├── tasklist.yara │ │ ├── tcpdump.yara │ │ ├── teamviewer.yara │ │ ├── telebit.cloud.yara │ │ ├── telegram.yara │ │ ├── telnet.yara │ │ ├── temp-mail.yara │ │ ├── temp.sh.yara │ │ ├── tempsend.com.yara │ │ ├── termbin.com.yara │ │ ├── textbin.net.yara │ │ ├── tightvnc.yara │ │ ├── tir_blanc_holiseum.yara │ │ ├── tmate.yara │ │ ├── tmpfiles.org.yara │ │ ├── tmpwatch.yara │ │ ├── touch.yara │ │ ├── track.adform.net.yara │ │ ├── transfer.sh.yara │ │ ├── transfert-my-files.com.yara │ │ ├── translate.goog.yara │ │ ├── truncate.yara │ │ ├── trycloudflare.com.yara │ │ ├── tunnel.pyjam.as.yara │ │ ├── tunnel.yara │ │ ├── tunneller.yara │ │ ├── tunnelmole-client.yara │ │ ├── tunnelto.dev.yara │ │ ├── tunwg.yara │ │ └── typeperf.yara │ ├── U-W │ │ ├── UltraVNC.yara │ │ ├── Ultrareach VPN.yara │ │ ├── Unblock Websites.yara │ │ ├── Universal Virus Sniffer.yara │ │ ├── Unlimited VPN & Proxy by ibVPN.yara │ │ ├── Upnet.yara │ │ ├── Urban Free VPN.yara │ │ ├── Urban Shield.yara │ │ ├── VPN Free.yara │ │ ├── VPN Master.yara │ │ ├── VPN PROXY MASTER.yara │ │ ├── VPN Professional.yara │ │ ├── VPN Unlimited Free.yara │ │ ├── VPN-free.pro.yara │ │ ├── VPN.AC.yara │ │ ├── VPNMatic.yara │ │ ├── Veee.yara │ │ ├── VirtualBox.yara │ │ ├── VirtualShield VPN.yara │ │ ├── VncSharp.yara │ │ ├── Wachee VPN.yara │ │ ├── WeVPN.yara │ │ ├── Whoer VPN.yara │ │ ├── WinSCP.yara │ │ ├── WindmillVPN.yara │ │ ├── Windscribe.yara │ │ ├── WorkingVPN.yara │ │ ├── uVPN.yara │ │ ├── ufile.io.yara │ │ ├── unlink.yara │ │ ├── unset.yara │ │ ├── unshadow.yara │ │ ├── updog.yara │ │ ├── usaupload.yara │ │ ├── utorrent.yara │ │ ├── vncviewer.yara │ │ ├── vscode.yara │ │ ├── vssadmin.yara │ │ ├── w32times.yara │ │ ├── wbadmin.yara │ │ ├── webhook.site.yara │ │ ├── westwind.yara │ │ ├── wetransfer.yara │ │ ├── wevtutil.yara │ │ ├── wget.yara │ │ ├── where.yara │ │ ├── whoami.yara │ │ ├── winrs.yara │ │ ├── wireproxy.yara │ │ ├── wireshark.yara │ │ ├── wiretap.yara │ │ ├── wiztree.yara │ │ └── wmic.yara │ ├── X-Z │ │ ├── ZenMate VPN.yara │ │ ├── Zoho Assist.yara │ │ ├── xcopy.yara │ │ ├── xeox.yara │ │ ├── xmrig.yara │ │ ├── xxd.yara │ │ ├── yakit.yara │ │ ├── zerobin.net.yara │ │ └── zrok.yara │ └── _Others │ │ ├── $index_allocation.yara │ │ ├── 0bin.net.yara │ │ ├── 12ft.io.yara │ │ ├── 1clickVPN.yara │ │ ├── 1secmail.com.yara │ │ ├── 1ty.me.yara │ │ ├── 3proxy.yara │ │ ├── 4shared.com.yara │ │ └── _.yara ├── greyware_tools.yara ├── guids_only.yara ├── offensive_tool_keyword │ ├── A-C │ │ ├── ABPTTS.yara │ │ ├── ACEshark.yara │ │ ├── ACLight.yara │ │ ├── AD exploitation cheat sheet.yara │ │ ├── ADACLScanner.yara │ │ ├── ADAPE-Script.yara │ │ ├── ADCSCoercePotato.yara │ │ ├── ADCSKiller.yara │ │ ├── ADCSPwn.yara │ │ ├── ADCollector.yara │ │ ├── ADExplorerSnapshot.py.yara │ │ ├── ADFSDump-PS.yara │ │ ├── ADFSDump.yara │ │ ├── ADFSRelay.yara │ │ ├── ADFSpoof.yara │ │ ├── ADPassHunt.yara │ │ ├── ADSyncDecrypt.yara │ │ ├── AD_Enumeration_Hunt.yara │ │ ├── AD_Miner.yara │ │ ├── AMSI-Provider.yara │ │ ├── AMSITrigger.yara │ │ ├── AMSI_patch.yara │ │ ├── APCLdr.yara │ │ ├── APTSimulator.yara │ │ ├── ASPJinjaObfuscator.yara │ │ ├── ASREPRoast.yara │ │ ├── ATPMiniDump.yara │ │ ├── AVKiller.yara │ │ ├── AV_Evasion_Tool.yara │ │ ├── AWS-Loot.yara │ │ ├── AbandonedCOMKeys.yara │ │ ├── Accomplice.yara │ │ ├── Aclpwn.yara │ │ ├── ActiveScanPlusPlus.yara │ │ ├── Adamantium-Thief.yara │ │ ├── AdaptixC2.yara │ │ ├── Adcheck.yara │ │ ├── Adeleginator.yara │ │ ├── Admin2Sys.yara │ │ ├── Advanced-SQL-Injection-Cheatsheet.yara │ │ ├── Adzok.yara │ │ ├── AggressorScripts-1.yara │ │ ├── AhMyth-Android-RAT.yara │ │ ├── Airbash.yara │ │ ├── Airgeddon.yara │ │ ├── Akira.yara │ │ ├── AlanFramework.yara │ │ ├── Alcatraz.yara │ │ ├── Amass.yara │ │ ├── Amnesiac.yara │ │ ├── Amsi-Killer.yara │ │ ├── AmsiBypass.yara │ │ ├── Amsi_Bypass.yara │ │ ├── AndrewSpecial.yara │ │ ├── Anevicon.yara │ │ ├── AoratosWin.yara │ │ ├── Aoyama .yara │ │ ├── AppProxyC2.yara │ │ ├── Arbitrium-RAT.yara │ │ ├── Arduino Pro Micro.yara │ │ ├── Ares.yara │ │ ├── Argus.yara │ │ ├── Ask4Creds.yara │ │ ├── AsyncRAT-C-Sharp.yara │ │ ├── AtlasC2.yara │ │ ├── AtlasReaper.yara │ │ ├── AtomLdr.yara │ │ ├── AttackSurfaceMapper.yara │ │ ├── Augustus.yara │ │ ├── AutoBlue-MS17-010.yara │ │ ├── AutoC2.yara │ │ ├── AutoPwnKey.yara │ │ ├── AutoRDPwn.yara │ │ ├── AutoRecon.yara │ │ ├── AutoSUID.yara │ │ ├── AutoSmuggle.yara │ │ ├── Awesome-Hacking-Resources.yara │ │ ├── Awesome-Hacking.yara │ │ ├── Azure-AccessPermissions.yara │ │ ├── AzureADLateralMovement.yara │ │ ├── AzureAD_Autologon_Brute.yara │ │ ├── AzureC2Relay.yara │ │ ├── BITSInject.yara │ │ ├── BOF.NET.yara │ │ ├── BOFMask.yara │ │ ├── BOINC.yara │ │ ├── BYOVD_kill_av_edr.yara │ │ ├── BaRMIe.yara │ │ ├── BabelStrike.yara │ │ ├── BabyShark.yara │ │ ├── BackHAck.yara │ │ ├── Backstab.yara │ │ ├── BackupCreds.yara │ │ ├── BackupOperatorToDA.yara │ │ ├── Bad-PDF.yara │ │ ├── BadPotato.yara │ │ ├── BadRentdrv2.yara │ │ ├── BadWindowsService.yara │ │ ├── Bashfuscator.yara │ │ ├── Bat-Potato.yara │ │ ├── BeRoot.yara │ │ ├── BeeLogger.yara │ │ ├── BesoToken.yara │ │ ├── BetterBackdoor.yara │ │ ├── BetterSafetyKatz.yara │ │ ├── Biu-framework.yara │ │ ├── BlackShades.yara │ │ ├── Blackout.yara │ │ ├── Blank-Grabber.yara │ │ ├── BlankOBF.yara │ │ ├── BlazeStealer.yara │ │ ├── BlockEtw.yara │ │ ├── BlockOpenHandle.yara │ │ ├── BlockWindows.yara │ │ ├── BloodHound.py.yara │ │ ├── BobTheSmuggler.yara │ │ ├── Browser Data Grabber.yara │ │ ├── Browser-C2.yara │ │ ├── Browser-password-stealer.yara │ │ ├── BrowserGhost.yara │ │ ├── BrowserSnatch.yara │ │ ├── BrowsingHistoryView.yara │ │ ├── BruteSploit.yara │ │ ├── BruteX.yara │ │ ├── BucketLoot.yara │ │ ├── Burntcigar KillAV.yara │ │ ├── BypassAddUser.yara │ │ ├── BypassCredGuard.yara │ │ ├── C2 related tools.yara │ │ ├── C2-Tool-Collection.yara │ │ ├── C2ReverseProxy.yara │ │ ├── C2_Server.yara │ │ ├── C2concealer.yara │ │ ├── C3.yara │ │ ├── CACTUSTORCH.yara │ │ ├── CDK.yara │ │ ├── CIMplant.yara │ │ ├── CLR-Injection.yara │ │ ├── CMLoot.yara │ │ ├── CMSeek.yara │ │ ├── COM-Hunter.yara │ │ ├── COM-Object-hijacking.yara │ │ ├── COMHunter.yara │ │ ├── CSExec.yara │ │ ├── Cable.yara │ │ ├── Cactus WHID.yara │ │ ├── Cain&Abel.yara │ │ ├── Cam-Hackers.yara │ │ ├── CamHacker.yara │ │ ├── CandyPotato.yara │ │ ├── Carbanak.yara │ │ ├── CarbonCopy.yara │ │ ├── Carseat.yara │ │ ├── CelestialSpark.yara │ │ ├── CertStealer.yara │ │ ├── Certify.yara │ │ ├── Certipy.yara │ │ ├── ChaiLdr.yara │ │ ├── CheckPort.yara │ │ ├── CheckSMBSigning.yara │ │ ├── Checkmate.yara │ │ ├── CheeseTools.yara │ │ ├── Chimera.yara │ │ ├── ChkNull.yara │ │ ├── Chrome-App-Bound-Encryption-Decryption.yara │ │ ├── ChromeKatz.yara │ │ ├── ChromeStealer.yara │ │ ├── CloakNDaggerC2.yara │ │ ├── CmdLineSpoofer.yara │ │ ├── CoercedPotato.yara │ │ ├── CoercedPotatoRDLL.yara │ │ ├── Coercer.yara │ │ ├── Commander.yara │ │ ├── ConPtyShell.yara │ │ ├── ConfuserEx.yara │ │ ├── ContainYourself.yara │ │ ├── Cordyceps.yara │ │ ├── Cowpatty.yara │ │ ├── Cr3dOv3r.yara │ │ ├── Crack-allDBs.yara │ │ ├── Crassus.yara │ │ ├── CreateService.yara │ │ ├── CredMaster.yara │ │ ├── CredPhisher.yara │ │ ├── CredsLeaker.yara │ │ ├── Cronos-Rootkit.yara │ │ ├── CrossLinked.yara │ │ ├── Crowbar.yara │ │ ├── CursedChrome.yara │ │ ├── acheron.yara │ │ ├── acltoolkit.yara │ │ ├── ad-ldap-enum.yara │ │ ├── adPEAS.yara │ │ ├── adalanche.yara │ │ ├── adaudit.yara │ │ ├── adconnectdump.yara │ │ ├── adcshunter.yara │ │ ├── adcsync.yara │ │ ├── adeleg.yara │ │ ├── adfind.yara │ │ ├── adfsbrute.yara │ │ ├── adfspray.yara │ │ ├── adhunt.yara │ │ ├── adidnsdump.yara │ │ ├── adsearch.yara │ │ ├── afrog.yara │ │ ├── aircrack.yara │ │ ├── airmon-ng.yara │ │ ├── airpwn-ng.yara │ │ ├── al-khaser.yara │ │ ├── amsi.fail.yara │ │ ├── antSword.yara │ │ ├── anydesk.yara │ │ ├── apollon.yara │ │ ├── archerysec.yara │ │ ├── archstrike.yara │ │ ├── armitage.yara │ │ ├── arpspoofing.yara │ │ ├── arsenal.yara │ │ ├── asleap.yara │ │ ├── atexec-pro.yara │ │ ├── attifyos.yara │ │ ├── autoNTDS.yara │ │ ├── autobloody.yara │ │ ├── autonse.yara │ │ ├── autopwn.yara │ │ ├── avet.yara │ │ ├── avred.yara │ │ ├── awesome-osint.yara │ │ ├── awesome-pentest-cheat-sheets.yara │ │ ├── awesome-pentest.yara │ │ ├── awesome-scapy.yara │ │ ├── awesome-static-analysis.yara │ │ ├── awesome-web-security.yara │ │ ├── awesome-windows-domain-hardening.yara │ │ ├── b374k.yara │ │ ├── backdoor keyword.yara │ │ ├── badazure.yara │ │ ├── badrats.yara │ │ ├── badtouch.yara │ │ ├── base64.yara │ │ ├── beef.yara │ │ ├── bettercap.yara │ │ ├── betterdefaultpasslist.yara │ │ ├── bitb.yara │ │ ├── blackarch.yara │ │ ├── blackcat ransomware.yara │ │ ├── blackvision.yara │ │ ├── blindsight.yara │ │ ├── bloodhound-quickwin.yara │ │ ├── bloodhound.yara │ │ ├── bloodyAD.yara │ │ ├── bof-collection.yara │ │ ├── bofhound.yara │ │ ├── boko.yara │ │ ├── bootkit-rs.yara │ │ ├── bpf-keylogger.yara │ │ ├── bropper.yara │ │ ├── browserling.yara │ │ ├── bruteratel.yara │ │ ├── brutespray.yara │ │ ├── bulletpassview.yara │ │ ├── burp-log4shell.yara │ │ ├── burpsuite.yara │ │ ├── byob.yara │ │ ├── bypass-clm.yara │ │ ├── bypassUAC.yara │ │ ├── bypasswaf.yara │ │ ├── canisrufus.yara │ │ ├── catphish.yara │ │ ├── catspin.yara │ │ ├── ccmpwn.yara │ │ ├── cdn-proxy.yara │ │ ├── celerystalk.yara │ │ ├── cerbrutus.yara │ │ ├── certsync.yara │ │ ├── changeme.yara │ │ ├── chaos.yara │ │ ├── charles-proxy.yara │ │ ├── charlotte.yara │ │ ├── chashell.yara │ │ ├── cheetah.yara │ │ ├── chisel.yara │ │ ├── chntpw.yara │ │ ├── chromedump.yara │ │ ├── chromepass.yara │ │ ├── chunk-Proxy.yara │ │ ├── cirt-fuzzer.yara │ │ ├── clickjack.yara │ │ ├── cliws.yara │ │ ├── cloakify.yara │ │ ├── cloud_enum.yara │ │ ├── cloudsploit.yara │ │ ├── cobaltstrike.yara │ │ ├── combine_harvester.yara │ │ ├── commando-vm.yara │ │ ├── commix.yara │ │ ├── conpass.yara │ │ ├── conti.yara │ │ ├── copy.yara │ │ ├── covenant.yara │ │ ├── crack.sh.yara │ │ ├── cracklord.yara │ │ ├── crackmapexec.yara │ │ ├── crackmd5.ru.yara │ │ ├── crackpkcs12.yara │ │ ├── creddump7.yara │ │ ├── credhistview.yara │ │ ├── crossc2.yara │ │ ├── crunch.yara │ │ ├── crypto_identifier.yara │ │ ├── cryptomining.yara │ │ ├── csploit.yara │ │ ├── cstealer.yara │ │ ├── ctfr.yara │ │ ├── ctftool.yara │ │ ├── cuddlephish.yara │ │ └── curlshell.yara │ ├── D-F │ │ ├── D1rkInject.yara │ │ ├── D3m0n1z3dShell.yara │ │ ├── DAMP.yara │ │ ├── DBC2.yara │ │ ├── DCOMPotato.yara │ │ ├── DCOMUploadExec.yara │ │ ├── DCSyncer.yara │ │ ├── DDSpoof.yara │ │ ├── DEDSEC-RANSOMWARE.yara │ │ ├── DFSCoerce.yara │ │ ├── DKMC.yara │ │ ├── DLHell.yara │ │ ├── DLL-Spoofer.yara │ │ ├── DLLHijackTest.yara │ │ ├── DLLHound.yara │ │ ├── DNS-Hijacking.yara │ │ ├── DNS-Persist.yara │ │ ├── DNS-Tunnel-Keylogger.yara │ │ ├── DNSExfiltrator.yara │ │ ├── DNSStager.yara │ │ ├── DNSTracer.yara │ │ ├── DOME.yara │ │ ├── DPAT.yara │ │ ├── DRSAT.yara │ │ ├── DSInternals.yara │ │ ├── DUBrute.yara │ │ ├── DarkLoadLibrary.yara │ │ ├── DarkWidow.yara │ │ ├── Darkside.yara │ │ ├── DataBouncing.yara │ │ ├── DavRelayUp.yara │ │ ├── DcRat.yara │ │ ├── Ddexec.yara │ │ ├── DeNiSe.yara │ │ ├── DeadPotato.yara │ │ ├── DeathStar.yara │ │ ├── DebugAmsi.yara │ │ ├── Decrypt-RDCMan.yara │ │ ├── DecryptAutoLogon.yara │ │ ├── DecryptRDCManager.yara │ │ ├── DecryptTeamViewer.yara │ │ ├── DefaultCreds-cheat-sheet.yara │ │ ├── Defeat-Defender.yara │ │ ├── DefenderCheck.yara │ │ ├── DelegationBOF.yara │ │ ├── Dendrobate.yara │ │ ├── DesertNut.yara │ │ ├── Diamorphine.yara │ │ ├── Digispark Attiny85.yara │ │ ├── Dinjector.yara │ │ ├── DirCreate2System.yara │ │ ├── Direct-Syscalls.yara │ │ ├── Dirty-Vanity.yara │ │ ├── DirtyCLR.yara │ │ ├── Disable-TamperProtection.yara │ │ ├── Discord-RAT-2.0.yara │ │ ├── DiskCryptor.yara │ │ ├── Dispossessor.yara │ │ ├── DitExplorer.yara │ │ ├── DllNotificationInjection.yara │ │ ├── DllProxy.yara │ │ ├── DoHC2.yara │ │ ├── DocPlz.yara │ │ ├── DockerPwn.yara │ │ ├── DomainPasswordSpray.yara │ │ ├── DoubleAgent.yara │ │ ├── DoubleDrive.yara │ │ ├── Dr0p1t-Framework.yara │ │ ├── DragonCastle.yara │ │ ├── DriverDump.yara │ │ ├── DriverQuery.yara │ │ ├── Droopscan.yara │ │ ├── Drupwn.yara │ │ ├── DuckDuckC2.yara │ │ ├── DueDLLigence.yara │ │ ├── DumpAADSyncCreds.yara │ │ ├── DumpCreds.yara │ │ ├── DumpKernel-S1.ps1.yara │ │ ├── DumpLSASS.yara │ │ ├── DumpNParse.yara │ │ ├── DumpThatLSASS.yara │ │ ├── Dumpert.yara │ │ ├── DumpsterFire.yara │ │ ├── Dumpy.yara │ │ ├── DynastyPersist.yara │ │ ├── EAPHammer.yara │ │ ├── EASSniper.yara │ │ ├── EDR-Test.yara │ │ ├── EDRPrison.yara │ │ ├── EDRSandBlast.yara │ │ ├── EDRSandblast-GodFault.yara │ │ ├── EDRSilencer.yara │ │ ├── EDR_Detector.yara │ │ ├── EDRaser.yara │ │ ├── EQGR.yara │ │ ├── EQGRP tools.yara │ │ ├── ETW.yara │ │ ├── ETWEventSubscription.yara │ │ ├── ETWHash.yara │ │ ├── EXOCET-AV-Evasion.yara │ │ ├── Earth Lusca Operations Tools .yara │ │ ├── Earth Lusca Operations Tools.yara │ │ ├── EarthWorm.yara │ │ ├── Ebowla.yara │ │ ├── EfiGuard.yara │ │ ├── EfsPotato.yara │ │ ├── Eggshell.yara │ │ ├── Egress-Assess.yara │ │ ├── Elevator.yara │ │ ├── ElusiveMice.yara │ │ ├── EmailAll.yara │ │ ├── EmbedInHTML.yara │ │ ├── EnableAllTokenPrivs.yara │ │ ├── EncryptedZIP.yara │ │ ├── EternalBlack.yara │ │ ├── EternalHushFramework.yara │ │ ├── Eternalblue-Doublepulsar-Metasploit.yara │ │ ├── EventCleaner.yara │ │ ├── EventLogCrasher.yara │ │ ├── EventLogMaster.yara │ │ ├── EventViewer-UACBypass.yara │ │ ├── Eventlogedit-evt--General.yara │ │ ├── Eventlogedit-evtx--Evolution.yara │ │ ├── EvilClippy.yara │ │ ├── EvilLsassTwin.yara │ │ ├── EvilSln.yara │ │ ├── EvilnoVNC.yara │ │ ├── EvtMute.yara │ │ ├── Excel-Exploit.yara │ │ ├── Executable_Files.yara │ │ ├── Exploits.yara │ │ ├── Exrop.yara │ │ ├── ExtPassword.exe.yara │ │ ├── ExtensionSpoofer.yara │ │ ├── ExtractBitlockerKeys.yara │ │ ├── EyeWitness.yara │ │ ├── FOCA.yara │ │ ├── FakeAMSI.yara │ │ ├── FakeCmdLine.yara │ │ ├── FakeImageExploiter.yara │ │ ├── Farmer.yara │ │ ├── Fentanyl.yara │ │ ├── FiercePhish.yara │ │ ├── File-Tunnel.yara │ │ ├── FilelessPELoader.yara │ │ ├── FindUncommonShares.yara │ │ ├── Findsploit.yara │ │ ├── FlipperZero.yara │ │ ├── FluxionNetwork.yara │ │ ├── Forensia.yara │ │ ├── Forensike.yara │ │ ├── ForgeCert.yara │ │ ├── ForkPlayground.yara │ │ ├── FormThief.yara │ │ ├── FourEye.yara │ │ ├── Freeze.rs.yara │ │ ├── Freeze.yara │ │ ├── FruityC2.yara │ │ ├── Fuck-Etw.yara │ │ ├── FudgeC2.yara │ │ ├── FunctionalC2.yara │ │ ├── Fynloski Backdoor.yara │ │ ├── daphne.yara │ │ ├── darkarmour.yara │ │ ├── datasploit.yara │ │ ├── dazzleUP.yara │ │ ├── dcipher-cli.yara │ │ ├── dcomhijack.yara │ │ ├── decrypt-chrome-passwords.yara │ │ ├── default-password.info.yara │ │ ├── defender-control.yara │ │ ├── deimosc2.yara │ │ ├── del.yara │ │ ├── demiguise.yara │ │ ├── dialupass.yara │ │ ├── dirbuster.yara │ │ ├── dirdevil.yara │ │ ├── dirscraper.yara │ │ ├── dirty-pipe.yara │ │ ├── discord-c2.yara │ │ ├── disctopia-c2.yara │ │ ├── dll-hijack-by-proxying.yara │ │ ├── dns-black-cat.yara │ │ ├── dns2tcp.yara │ │ ├── dnscan.yara │ │ ├── dnscat.yara │ │ ├── dnschef-ng.yara │ │ ├── dnscrypt.yara │ │ ├── dnsdumpster.yara │ │ ├── dnsenum.yara │ │ ├── dnskire.yara │ │ ├── dnsmorph.yara │ │ ├── dnspot.yara │ │ ├── dnsrecon.yara │ │ ├── dnsteal.yara │ │ ├── dnstwist.yara │ │ ├── domain_analyzer.yara │ │ ├── domained.yara │ │ ├── domainhunter.yara │ │ ├── donpapi.yara │ │ ├── donut.yara │ │ ├── dos-over-tor.yara │ │ ├── doucme.yara │ │ ├── dploot.yara │ │ ├── dropper.yara │ │ ├── dsniff.yara │ │ ├── dsregcmd.yara │ │ ├── dtd-finder.yara │ │ ├── dumper2020.yara │ │ ├── echoac-poc.yara │ │ ├── egressbuster.yara │ │ ├── elevationstation.yara │ │ ├── elite-proxy-finder.yara │ │ ├── emkei.cz.yara │ │ ├── empire.yara │ │ ├── enum4linux.yara │ │ ├── etwunhook.yara │ │ ├── evil-proxy.yara │ │ ├── evil-winrm.yara │ │ ├── evilginx2.yara │ │ ├── evilgrade.yara │ │ ├── evilqr.yara │ │ ├── evilrdp.yara │ │ ├── exe2powershell.yara │ │ ├── exe_to_dll.yara │ │ ├── exegol.yara │ │ ├── expl-bin.yara │ │ ├── exploit-db.yara │ │ ├── fake-sms.yara │ │ ├── fakelogonscreen.yara │ │ ├── fastfuzz.yara │ │ ├── fcrackzip.yara │ │ ├── fetch-some-proxies.yara │ │ ├── ffuf.yara │ │ ├── fgdump.yara │ │ ├── fileless-elf-exec.yara │ │ ├── findstr.yara │ │ ├── findsubdomains.yara │ │ ├── firefox_decrypt.yara │ │ ├── firesheep.yara │ │ ├── fltMC.yara │ │ ├── forkatz.yara │ │ ├── forum.exploit.in.yara │ │ ├── frampton.yara │ │ ├── fscan.yara │ │ ├── fsutil.yara │ │ ├── fuegoshell.yara │ │ ├── fuxploider.yara │ │ ├── fuzz.txt.yara │ │ └── fuzzdb.yara │ ├── G-H │ │ ├── GC2-sheet.yara │ │ ├── GCPBucketBrute.yara │ │ ├── GCR-Google-Calendar-RAT.yara │ │ ├── GIUDA.yara │ │ ├── GMSAPasswordReader.yara │ │ ├── GONET-Scanner.yara │ │ ├── GPOddity.yara │ │ ├── GPSCoordinates.yara │ │ ├── GTFOBLookup.yara │ │ ├── GTFONow.yara │ │ ├── GadgetToJScript.yara │ │ ├── GatherContacts.yara │ │ ├── Gato-X.yara │ │ ├── Gecko.yara │ │ ├── Generate-Macro.yara │ │ ├── Get-NetNTLM.yara │ │ ├── Get-RBCD-Threaded.yara │ │ ├── GetLoggedOnUsersRegistry.yara │ │ ├── GhostDriver.yara │ │ ├── GhostInTheNet.yara │ │ ├── GhostMapper.yara │ │ ├── GhostPack.yara │ │ ├── GhostTask.yara │ │ ├── Ghostpack-CompiledBinaries.yara │ │ ├── Git-Scanner.yara │ │ ├── Github Username.yara │ │ ├── Github Username.yara │ │ ├── GithubC2.yara │ │ ├── Gitleaks.yara │ │ ├── GlllPowerloader.yara │ │ ├── GlobalUnProtect.yara │ │ ├── GoAWSConsoleSpray.yara │ │ ├── GoFetch.yara │ │ ├── Godzilla.yara │ │ ├── GoldenGMSA.yara │ │ ├── GonnaCry.yara │ │ ├── Gorsair.yara │ │ ├── Gotato.yara │ │ ├── GrabChrome.yara │ │ ├── GraphRunner.yara │ │ ├── GraphSpy.yara │ │ ├── GraphStrike.yara │ │ ├── Graphpython.yara │ │ ├── GreatSCT.yara │ │ ├── Greenwolf.yara │ │ ├── Group3r.yara │ │ ├── HEKATOMB.yara │ │ ├── HRShell.yara │ │ ├── HTMLSmuggler.yara │ │ ├── HTTP-Shell.yara │ │ ├── HVNC.yara │ │ ├── HackBrowserData.yara │ │ ├── HackTheWorld.yara │ │ ├── HadesLdr.yara │ │ ├── Hak5 BashBunny.yara │ │ ├── Hak5 Cloud C2.yara │ │ ├── Hak5 Lan turtle.yara │ │ ├── Hak5 O.MG Cable.yara │ │ ├── Hak5 Rubber Ducky.yara │ │ ├── Hak5 Screen Crab.yara │ │ ├── Hak5 Wifi Pineapple.yara │ │ ├── HardHatC2.yara │ │ ├── Harvester_OF_SORROW.yara │ │ ├── Hash-Buster.yara │ │ ├── HeapCrypt.yara │ │ ├── HellsGate.yara │ │ ├── HellsHall.yara │ │ ├── Heroinn.yara │ │ ├── Hibr2Dmp.yara │ │ ├── HideProcess.yara │ │ ├── HijackHunter.yara │ │ ├── Hive.yara │ │ ├── HoneypotBuster.yara │ │ ├── HookDetector.yara │ │ ├── HookSentry.yara │ │ ├── HostRecon.yara │ │ ├── Huan.yara │ │ ├── Hypnos.yara │ │ ├── gMSADumper.yara │ │ ├── gTunnel.yara │ │ ├── gateway-finder-imp.yara │ │ ├── gato.yara │ │ ├── gcat.yara │ │ ├── genHTA.yara │ │ ├── getExploit.yara │ │ ├── getsploit.yara │ │ ├── gh0st.yara │ │ ├── ghauri.yara │ │ ├── ghidra.yara │ │ ├── ghostsocks.yara │ │ ├── gimmeSH.yara │ │ ├── gimmecredz.yara │ │ ├── glit.yara │ │ ├── gmer.yara │ │ ├── go-lsass.yara │ │ ├── go-secdump.yara │ │ ├── goMatrixC2.yara │ │ ├── goPassGen.yara │ │ ├── goWMIExec.yara │ │ ├── goZulipC2.yara │ │ ├── gobfuscate.yara │ │ ├── gobuster.yara │ │ ├── gocrack.yara │ │ ├── godoh.yara │ │ ├── godpotato.yara │ │ ├── golang_c2.yara │ │ ├── gophish.yara │ │ ├── gosecretsdump.yara │ │ ├── gost.yara │ │ ├── gpp-decrypt.yara │ │ ├── gsecdump.yara │ │ ├── gsocket.yara │ │ ├── h8mail.yara │ │ ├── hXOR-Packer.yara │ │ ├── hack-tools.yara │ │ ├── hackingtool.yara │ │ ├── hackshell.yara │ │ ├── hacktricks.xyz.yara │ │ ├── hades.yara │ │ ├── hak5 cloudc2.yara │ │ ├── hakrawler.yara │ │ ├── hashcat-rule.yara │ │ ├── hashcat.yara │ │ ├── hashview.yara │ │ ├── havoc.yara │ │ ├── hcxdumptool.yara │ │ ├── hidden-tear.yara │ │ ├── hiphp.yara │ │ ├── hoaxshell.yara │ │ ├── holehe.yara │ │ ├── hookchain.yara │ │ ├── hotkeyz.yara │ │ ├── hping.yara │ │ ├── hping3.yara │ │ ├── htran.yara │ │ ├── htshells.yara │ │ ├── hyperion.yara │ │ └── hypobrychium.yara │ ├── I-K │ │ ├── I2P.yara │ │ ├── ICMP-TransferTools.yara │ │ ├── IDiagnosticProfileUAC.yara │ │ ├── IEPassView.yara │ │ ├── IHxExec.yara │ │ ├── IIS-Raid.yara │ │ ├── IKEForce.yara │ │ ├── IMDSpoof.yara │ │ ├── IPPrintC2.yara │ │ ├── Ikeext-Privesc.yara │ │ ├── Imminent-Monitor.yara │ │ ├── Imperva_gzip_WAF_Bypass.yara │ │ ├── ImplantSSP.yara │ │ ├── Inc.yara │ │ ├── Indirect-Syscalls.yara │ │ ├── InflativeLoading.yara │ │ ├── Infoga.yara │ │ ├── InsecurePowerShell.yara │ │ ├── InspectAssembly.yara │ │ ├── Intercepter-NG.yara │ │ ├── Internal-Monologue.yara │ │ ├── IntruderPayloads.yara │ │ ├── Inveigh.yara │ │ ├── Invisi-Shell.yara │ │ ├── InvisibilityCloak.yara │ │ ├── Invoke-ACLpwn.yara │ │ ├── Invoke-ADEnum.yara │ │ ├── Invoke-ArgFuscator.yara │ │ ├── Invoke-AzureEnum.yara │ │ ├── Invoke-AzurePasswordSpray.yara │ │ ├── Invoke-BSOD.yara │ │ ├── Invoke-BuildAnonymousSMBServer.yara │ │ ├── Invoke-CleverSpray.yara │ │ ├── Invoke-DNSteal.yara │ │ ├── Invoke-DOSfuscation.yara │ │ ├── Invoke-DumpMDEConfig.yara │ │ ├── Invoke-GrabTheHash.yara │ │ ├── Invoke-Obfuscation.yara │ │ ├── Invoke-PSImage.yara │ │ ├── Invoke-Phant0m.yara │ │ ├── Invoke-PowerIncrease.yara │ │ ├── Invoke-PowerThIEf.yara │ │ ├── Invoke-Pre2kSpray.yara │ │ ├── Invoke-PrintDemon.yara │ │ ├── Invoke-ProcessScan.yara │ │ ├── Invoke-RDPThief.yara │ │ ├── Invoke-RunAsSystem.yara │ │ ├── Invoke-RunAsWithCert.yara │ │ ├── Invoke-SMBRemoting.yara │ │ ├── Invoke-SessionHunter.yara │ │ ├── Invoke-ShareHunter.yara │ │ ├── Invoke-SocksProxy.yara │ │ ├── Invoke-Stealth.yara │ │ ├── Invoke-TheHash.yara │ │ ├── Invoke-TmpDavFS.yara │ │ ├── Invoke-WCMDump.yara │ │ ├── Invoke-WMIpersist.yara │ │ ├── Invoke-ZeroLogon.yara │ │ ├── Invoke-s4u2self.yara │ │ ├── ItWasAllADream.yara │ │ ├── Jasmin-Ransomware.yara │ │ ├── Jatayu.yara │ │ ├── Jira-Lens.yara │ │ ├── JohnTheRipper.yara │ │ ├── Jomungand.yara │ │ ├── Jormungandr.yara │ │ ├── JuicyPotato.yara │ │ ├── JuicyPotatoNG.yara │ │ ├── JumpSession_BOF.yara │ │ ├── JunctionFolder.yara │ │ ├── JustEvadeBro.yara │ │ ├── KCMTicketFormatter.yara │ │ ├── KExecDD.yara │ │ ├── KPortScan.yara │ │ ├── KRBUACBypass.yara │ │ ├── KaynLdr.yara │ │ ├── KaynStrike.yara │ │ ├── KeeFarce.yara │ │ ├── KeePwn.yara │ │ ├── KeeTheft.yara │ │ ├── KeeThiefSyscalls.yara │ │ ├── Keethief.yara │ │ ├── Kematian Stealer.yara │ │ ├── KerberOPSEC.yara │ │ ├── KeyCredentialLink.yara │ │ ├── KeyTabExtract.yara │ │ ├── KillDefenderBOF.yara │ │ ├── KittyStager.yara │ │ ├── Koppeling.yara │ │ ├── Kraken.yara │ │ ├── KrakenMask.yara │ │ ├── KrbRelay-SMBServer.yara │ │ ├── KrbRelay.yara │ │ ├── KrbRelayUp.yara │ │ ├── Krueger.yara │ │ ├── Kubestroyer.yara │ │ ├── icebreaker.yara │ │ ├── icmpsh.yara │ │ ├── icmptunnel.yara │ │ ├── impacket.yara │ │ ├── impacketremoteshell.yara │ │ ├── impersonate-rs.yara │ │ ├── impersonate.yara │ │ ├── inceptor.yara │ │ ├── infernal-twin.yara │ │ ├── injectify.yara │ │ ├── invoke-piper.yara │ │ ├── iodine.yara │ │ ├── ivy.yara │ │ ├── jackdaw.yara │ │ ├── jackit.yara │ │ ├── java-deserialization-exploits.yara │ │ ├── javascript-obfuscator.yara │ │ ├── jecretz.yara │ │ ├── joomscan.yara │ │ ├── jwt_tool.yara │ │ ├── kali-anonsurf.yara │ │ ├── kali.yara │ │ ├── kalitorify.yara │ │ ├── katoolin3.yara │ │ ├── keepass-password-dumper.yara │ │ ├── kekeo.yara │ │ ├── kerberoast.yara │ │ ├── kerbrute.yara │ │ ├── keylogger.yara │ │ ├── keywa7.yara │ │ ├── kiglogger.yara │ │ ├── killer.yara │ │ ├── kismet.yara │ │ ├── knowsmore.yara │ │ ├── koadic.yara │ │ ├── krackattacks-scripts.yara │ │ ├── krbjack.yara │ │ ├── krbrelayx.yara │ │ ├── kubesploit.yara │ │ └── kwetza.yara │ ├── L-N │ │ ├── L0phtCrack.yara │ │ ├── LALIN.yara │ │ ├── LANs.py.yara │ │ ├── LAPSDecrypt.yara │ │ ├── LAPSDumper.yara │ │ ├── LAPSToolkit.yara │ │ ├── LAZYPARIAH.yara │ │ ├── LDAP-Password-Hunter.yara │ │ ├── LDAPPER.yara │ │ ├── LDAPWordlistHarvester.yara │ │ ├── LNKUp.yara │ │ ├── LOLSpoof.yara │ │ ├── LaZagne.yara │ │ ├── LaZagneForensic.yara │ │ ├── Lastenzug.yara │ │ ├── LatLoader.yara │ │ ├── LdapRelayScan.yara │ │ ├── LdrLockLiberator.yara │ │ ├── LetMeowIn.yara │ │ ├── LightsOut.yara │ │ ├── Lime-Crypter.yara │ │ ├── Lime-RAT.yara │ │ ├── LinEnum.yara │ │ ├── LinikatzV2.yara │ │ ├── LoGiC.NET.yara │ │ ├── LocalAdminSharp.yara │ │ ├── LocalShellExtParse.yara │ │ ├── Lockless.yara │ │ ├── Locksmith.yara │ │ ├── LogonTracer.yara │ │ ├── LostMyPassword.yara │ │ ├── Lovely-Potato.yara │ │ ├── LsassReflectDumping.yara │ │ ├── LsassSilentProcessExit.yara │ │ ├── Lsassx.yara │ │ ├── LummaC2-Stealer-sample.yara │ │ ├── Luna-Grabber.yara │ │ ├── LyncSniper.yara │ │ ├── MAAD-AF.yara │ │ ├── MANSPIDER.yara │ │ ├── MDE_Enum.yara │ │ ├── MDExclusionParser.yara │ │ ├── MFASweep.yara │ │ ├── MITMf.yara │ │ ├── MSBuildShell.yara │ │ ├── MSDAT.yara │ │ ├── MSOLSpray.yara │ │ ├── MSSprinkler.yara │ │ ├── MaccaroniC2.yara │ │ ├── MacroMeter.yara │ │ ├── Macrome.yara │ │ ├── Maestro.yara │ │ ├── MailPassView.yara │ │ ├── MailSniper.yara │ │ ├── MakeMeAdmin.yara │ │ ├── MalSCCM.yara │ │ ├── MaliciousMacroGenerator.yara │ │ ├── MaliciousMacroMSBuild.yara │ │ ├── Malware RAT collection.yara │ │ ├── Mara.yara │ │ ├── MegaMedusa.yara │ │ ├── Memcrashed-DDoS-Exploit.yara │ │ ├── MetasploitCoop.yara │ │ ├── MeteTool.yara │ │ ├── MicroBurst.yara │ │ ├── MiniDump.yara │ │ ├── Minimalistic-offensive.yara │ │ ├── MirrorDump.yara │ │ ├── Mobile-Security-Framework-MobSF.yara │ │ ├── Mobile-Security-Framework.yara │ │ ├── MockDirUACBypass.yara │ │ ├── Modlishka .yara │ │ ├── Moriarty.yara │ │ ├── MpCmdRun.yara │ │ ├── Mr.SIP.yara │ │ ├── Mshikaki.yara │ │ ├── MultiDump.yara │ │ ├── MultiPotato.yara │ │ ├── MutationGate.yara │ │ ├── Mystikal.yara │ │ ├── NLBrute.yara │ │ ├── NPPSpy.yara │ │ ├── NTDLLReflection.yara │ │ ├── NTHASH-FPC.yara │ │ ├── NTLMInjector.yara │ │ ├── NTLMRelay2Self.yara │ │ ├── NTLMSleuth.yara │ │ ├── NTMLRecon.yara │ │ ├── NachoVPN.yara │ │ ├── NamedPipeMaster.yara │ │ ├── NamelessC2.yara │ │ ├── NativeBypassCredGuard.yara │ │ ├── NativeDump.yara │ │ ├── Necro-Stealer.yara │ │ ├── Net-GPPPassword.yara │ │ ├── NetExec.yara │ │ ├── NetLoader.yara │ │ ├── NetNTLMtoSilverTicket.yara │ │ ├── NetRipper.yara │ │ ├── NetSess.yara │ │ ├── NetshHelperBeacon.yara │ │ ├── NetworkMiner.yara │ │ ├── NetworkServiceExploit.yara │ │ ├── Nidhogg.yara │ │ ├── Nightmangle.yara │ │ ├── NimBlackout.yara │ │ ├── NimDllSideload.yara │ │ ├── NimExec.yara │ │ ├── Nimcrypt2.yara │ │ ├── Ninja.yara │ │ ├── NixImports.yara │ │ ├── No-powershell.yara │ │ ├── NoArgs.yara │ │ ├── NoFilter.yara │ │ ├── NoSQLMap.yara │ │ ├── NoodleRAT.yara │ │ ├── Nordic NRF52840.yara │ │ ├── Nosql-Exploitation-Framework.yara │ │ ├── NovaLdr.yara │ │ ├── NtRemoteLoad.yara │ │ ├── NtRights.yara │ │ ├── NtdllUnpatcher.yara │ │ ├── NtlmRelayToEWS.yara │ │ ├── NtlmThief.yara │ │ ├── Nuages.yara │ │ ├── ldapdomaindump.yara │ │ ├── ldapminer.yara │ │ ├── ldapnomnom.yara │ │ ├── ldapsearch-ad.yara │ │ ├── ldeep.yara │ │ ├── legba.yara │ │ ├── libprocesshider.yara │ │ ├── ligolo-ng.yara │ │ ├── ligolo.yara │ │ ├── linWinPwn.yara │ │ ├── linikatz.yara │ │ ├── link.yara │ │ ├── linux-exploit-suggester.yara │ │ ├── linux-pam-backdoor.yara │ │ ├── linux-smart-enumeration.yara │ │ ├── linuxprivchecker.yara │ │ ├── litefuzz.yara │ │ ├── lnk2pwn.yara │ │ ├── lnkbomb.yara │ │ ├── localpotato.yara │ │ ├── localtonet.yara │ │ ├── logman.yara │ │ ├── logon_backdoor.yara │ │ ├── lolminer.yara │ │ ├── lsarelayx.yara │ │ ├── lsass.yara │ │ ├── lsassy.yara │ │ ├── lslsass.yara │ │ ├── luckystrike.yara │ │ ├── lyncsmash.yara │ │ ├── m365-fatigue.yara │ │ ├── mRemoteNG-Decrypt.yara │ │ ├── macetrap.yara │ │ ├── macro_pack.yara │ │ ├── mail-in-the-middle.yara │ │ ├── mailpv.yara │ │ ├── malware.yara │ │ ├── mars stealer.yara │ │ ├── masscan.yara │ │ ├── merlin-agent-dll.yara │ │ ├── merlin-agent.yara │ │ ├── merlin.yara │ │ ├── metagoofil.yara │ │ ├── metame.yara │ │ ├── metasploit-payloads.yara │ │ ├── metasploit.yara │ │ ├── metatwin.yara │ │ ├── mhydeath.yara │ │ ├── micr0_shell.yara │ │ ├── mimidogz.yara │ │ ├── mimikatz.yara │ │ ├── mimikittenz.yara │ │ ├── mimipenguin.yara │ │ ├── mimipy.yara │ │ ├── mitm6.yara │ │ ├── mitmAP.yara │ │ ├── mitmproxy.yara │ │ ├── mitmsocks4j.yara │ │ ├── modDetective.yara │ │ ├── monkey.yara │ │ ├── moonwalk.yara │ │ ├── morphHTA.yara │ │ ├── mortar.yara │ │ ├── mousejack.yara │ │ ├── movfuscator.yara │ │ ├── ms-appinstaller.yara │ │ ├── msfpc.yara │ │ ├── msfvenom.yara │ │ ├── msi-search.yara │ │ ├── msldapdump.yara │ │ ├── mspass.yara │ │ ├── mssqlproxy.yara │ │ ├── mythic.yara │ │ ├── nac_bypass.yara │ │ ├── nanodump.yara │ │ ├── nanorobeus.yara │ │ ├── ncrack.yara │ │ ├── nemesis.yara │ │ ├── nessus.yara │ │ ├── net-creds.yara │ │ ├── net.yara │ │ ├── netkit.yara │ │ ├── netpass.yara │ │ ├── netsh.yara │ │ ├── netsniff-ng.yara │ │ ├── nikto.yara │ │ ├── nimbo-c2.yara │ │ ├── nimcrypt.yara │ │ ├── nimplant.yara │ │ ├── nimproxydll.yara │ │ ├── nipe.yara │ │ ├── nircmd.yara │ │ ├── nirsoft.yara │ │ ├── nishang.yara │ │ ├── nmap.yara │ │ ├── noPac.yara │ │ ├── no_defender.yara │ │ ├── nopowershell.yara │ │ ├── noseyparker.yara │ │ ├── novelbfh.yara │ │ ├── nping.yara │ │ ├── nps.yara │ │ ├── nps_payload.yara │ │ ├── nsa-rules.yara │ │ ├── nsocks.yara │ │ ├── ntdissector.yara │ │ ├── ntdlll-unhooking-collection.yara │ │ ├── ntlm.pw.yara │ │ ├── ntlmquic.yara │ │ ├── ntlmscan.yara │ │ ├── ntpescape.yara │ │ ├── nullinux.yara │ │ └── nysm.yara │ ├── O-Q │ │ ├── OMG-Credz-Plz.yara │ │ ├── OMGLogger.yara │ │ ├── OSCP-Archives.yara │ │ ├── OSCP-Cheatsheets.yara │ │ ├── OSEP-Code-Snippets.yara │ │ ├── OWASP rules.yara │ │ ├── OWASP.yara │ │ ├── ObfuscatedSharpCollection.yara │ │ ├── Offensive-Netsh-Helper.yara │ │ ├── Offensive-Payloads.yara │ │ ├── OffensiveCSharp.yara │ │ ├── OffensiveCpp.yara │ │ ├── OffensiveLua.yara │ │ ├── OffensiveNotion.yara │ │ ├── Office-DDE-Payloads.yara │ │ ├── Office-Persistence.yara │ │ ├── Oh365UserFinder.yara │ │ ├── Okta-Password-Sprayer.yara │ │ ├── Omnispray.yara │ │ ├── One-Lin3r.yara │ │ ├── OpenChromeDumps.yara │ │ ├── OpenSSH Trojan.yara │ │ ├── Openssh.yara │ │ ├── OperaPassView.yara │ │ ├── Operative Framework.yara │ │ ├── Orc.yara │ │ ├── Osmedeus.yara │ │ ├── Ouned.yara │ │ ├── PE-Obfuscator.yara │ │ ├── PEASS-ng.yara │ │ ├── PEASS.yara │ │ ├── PENTESTING-BIBLE.yara │ │ ├── PILOT.yara │ │ ├── PKINITtools.yara │ │ ├── POC.yara │ │ ├── POSTDump.yara │ │ ├── PPLBlade.yara │ │ ├── PPLFault.yara │ │ ├── PPLKiller.yara │ │ ├── PPLSystem.yara │ │ ├── PPLmedic.yara │ │ ├── PRT.yara │ │ ├── PS2EXE.yara │ │ ├── PSAmsi.yara │ │ ├── PSAsyncShell.yara │ │ ├── PSAttack.yara │ │ ├── PSBits.yara │ │ ├── PSByPassCLM.yara │ │ ├── PSMapExec.yara │ │ ├── PSRansom.yara │ │ ├── PSRecon.yara │ │ ├── PSSW100AVB.yara │ │ ├── PWA-Phishing.yara │ │ ├── PWCrack.yara │ │ ├── PWDumpX.yara │ │ ├── Pachine.yara │ │ ├── PackMyPayload.yara │ │ ├── ParamPamPam.yara │ │ ├── Parasite-Invoke.yara │ │ ├── PassDetective.yara │ │ ├── PassHunt.yara │ │ ├── PassSpray.yara │ │ ├── PassTheCert.yara │ │ ├── PassTheChallenge.yara │ │ ├── Passware Kit Forensic.yara │ │ ├── Password-Scripts.yara │ │ ├── PasswordHashesView.yara │ │ ├── Pateensy.yara │ │ ├── PayGen.yara │ │ ├── Payload-Download-Cradles.yara │ │ ├── PayloadsAllTheThings.yara │ │ ├── Pazuzu.yara │ │ ├── PcapXray.yara │ │ ├── Pcredz.yara │ │ ├── PerfExec.yara │ │ ├── Perfusion.yara │ │ ├── PeriscopeC2.yara │ │ ├── Persistence-Accessibility-Features.yara │ │ ├── PetitPotato.yara │ │ ├── PewPewPew.yara │ │ ├── Pezor.yara │ │ ├── Phant0m.yara │ │ ├── PhantomService.yara │ │ ├── PhoneInfoga.yara │ │ ├── PhpSploit.yara │ │ ├── PickleC2.yara │ │ ├── PingRAT.yara │ │ ├── PipeViewer .yara │ │ ├── PoolParty.yara │ │ ├── PoolPartyBof.yara │ │ ├── PoshADCS.yara │ │ ├── Poshito.yara │ │ ├── PowerBreach.yara │ │ ├── PowerBruteLogon.yara │ │ ├── PowerForensics.yara │ │ ├── PowerLess.yara │ │ ├── PowerLessShell.yara │ │ ├── PowerMemory.yara │ │ ├── PowerProxy.yara │ │ ├── PowerSCCM.yara │ │ ├── PowerSharpPack.yara │ │ ├── PowerShdll.yara │ │ ├── PowerShell-Suite.yara │ │ ├── PowerShellArsenal.yara │ │ ├── PowerShellRunner.yara │ │ ├── PowerShx.yara │ │ ├── PowerStager.yara │ │ ├── PowerUpSQL.yara │ │ ├── Powerlurk.yara │ │ ├── Powermad.yara │ │ ├── Powerpick.yara │ │ ├── Powershell-Scripts-for-Hackers-and-Pentesters.yara │ │ ├── PowershellKerberos.yara │ │ ├── PowershellTools.yara │ │ ├── PredatorTheStealer.yara │ │ ├── Prince-Ransomware.yara │ │ ├── PrintNightmare.yara │ │ ├── Priv2Admin.yara │ │ ├── PrivExchange.yara │ │ ├── PrivFu.yara │ │ ├── PrivKit.yara │ │ ├── Privesc.yara │ │ ├── PrivescCheck.yara │ │ ├── PrivilegeEscalation.yara │ │ ├── Privileger.yara │ │ ├── Probable-Wordlists.yara │ │ ├── ProtectMyTooling.yara │ │ ├── Proxmark.yara │ │ ├── ProxyLogon.yara │ │ ├── ProxyShell.yara │ │ ├── Psnmap.yara │ │ ├── Pspersist.yara │ │ ├── PstPassword.yara │ │ ├── PurplePanda.yara │ │ ├── PwDump7.yara │ │ ├── PwDump8.yara │ │ ├── PyExec.yara │ │ ├── PyExfil.yara │ │ ├── PySQLRecon.yara │ │ ├── Pyramid.yara │ │ ├── Python-Rootkit.yara │ │ ├── Python-Wordlist-Generator.yara │ │ ├── o365-attack-toolkit.yara │ │ ├── o365creeper.yara │ │ ├── o365enum.yara │ │ ├── o365recon.yara │ │ ├── o365spray.yara │ │ ├── obfy.yara │ │ ├── octopus.yara │ │ ├── omg-payloads.yara │ │ ├── onedrive_user_enum.yara │ │ ├── onesixtyone.yara │ │ ├── onex.yara │ │ ├── onionpipe.yara │ │ ├── openbullet.yara │ │ ├── openvas.yara │ │ ├── ophcrack.yara │ │ ├── orbitaldump.yara │ │ ├── p0f.yara │ │ ├── p0wnedShell.yara │ │ ├── p0wny-shell.yara │ │ ├── pac2.yara │ │ ├── pacu.yara │ │ ├── padre.yara │ │ ├── pamspy.yara │ │ ├── pandora.yara │ │ ├── panix.yara │ │ ├── parrot os.yara │ │ ├── passphrase-wordlist.yara │ │ ├── passwordfox.yara │ │ ├── pastehakk.yara │ │ ├── patator.yara │ │ ├── peCloak.yara │ │ ├── pe_to_shellcode.yara │ │ ├── peeping-tom.yara │ │ ├── pendulum.yara │ │ ├── pentest-machine.yara │ │ ├── pentest-tools.com.yara │ │ ├── pentestbox.yara │ │ ├── persistence_demos.yara │ │ ├── petipotam.yara │ │ ├── phishery.yara │ │ ├── phishing-HTML-linter.yara │ │ ├── php-reverse-shell.yara │ │ ├── phuip-fpizdam.yara │ │ ├── physmem2profit.yara │ │ ├── pico.yara │ │ ├── ping-sweep.yara │ │ ├── pivotnacci.yara │ │ ├── poisontap.yara │ │ ├── polenum.yara │ │ ├── portscan.yara │ │ ├── poshc2.yara │ │ ├── potato.yara │ │ ├── power-pwn.yara │ │ ├── powercat.yara │ │ ├── powerextract.yara │ │ ├── powershell.yara │ │ ├── powersploit.yara │ │ ├── powerview.yara │ │ ├── ppldump.yara │ │ ├── precompiled-binaries.yara │ │ ├── prefetch-tool.yara │ │ ├── pretender.yara │ │ ├── primusC2.yara │ │ ├── printspoofer.yara │ │ ├── processhacker.yara │ │ ├── prometheus.yara │ │ ├── proxychains.yara │ │ ├── psgetsystem.yara │ │ ├── psobf.yara │ │ ├── pspy.yara │ │ ├── pth-toolkit.yara │ │ ├── ptunnel-ng.yara │ │ ├── pupy.yara │ │ ├── pwcrack-framework.yara │ │ ├── pwdump.yara │ │ ├── pwn_jenkins.yara │ │ ├── pwnagotchi.yara │ │ ├── pwnat.yara │ │ ├── pwndrop.yara │ │ ├── pwnlook.yara │ │ ├── pxethief.yara │ │ ├── pyGPOAbuse.yara │ │ ├── pyLAPS.yara │ │ ├── pydictor.yara │ │ ├── pymultitor.yara │ │ ├── pyobfuscate.yara │ │ ├── pypykatz.yara │ │ ├── pyrdp.yara │ │ ├── pysecdump.yara │ │ ├── pyshell.yara │ │ ├── pysnaffler.yara │ │ ├── pysoserial.yara │ │ ├── pysoxy.yara │ │ ├── pywerview.yara │ │ ├── pywhisker.yara │ │ ├── pywsus.yara │ │ ├── quarkspwdump.yara │ │ └── quiet-riot.yara │ ├── R-T │ │ ├── RDE1.yara │ │ ├── RDP Recognizer.yara │ │ ├── RDPCredentialStealer.yara │ │ ├── RDPHijack-BOF.yara │ │ ├── RDPInception.yara │ │ ├── RDPSpray.yara │ │ ├── RDPassSpray.yara │ │ ├── REC2 .yara │ │ ├── RID-Hijacking.yara │ │ ├── RITM.yara │ │ ├── ROADtoken.yara │ │ ├── ROADtools.yara │ │ ├── RPC-Backdoor.yara │ │ ├── RaRCE.yara │ │ ├── Radare2.yara │ │ ├── RadareEye.yara │ │ ├── RagingRotator.yara │ │ ├── RainbowCrack.yara │ │ ├── RandomPS-Scripts.yara │ │ ├── RasmanPotato.yara │ │ ├── RdpStrike.yara │ │ ├── RdpThief.yara │ │ ├── RealBlindingEDR.yara │ │ ├── Recon-AD.yara │ │ ├── RecycledInjector.yara │ │ ├── Red-Baron.yara │ │ ├── Red-Teaming-Toolkit.yara │ │ ├── RedGuard.yara │ │ ├── RedHunt-OS.yara │ │ ├── RedPeanut.yara │ │ ├── RedPersist.yara │ │ ├── RedTeam_Tools_n_Stuff.yara │ │ ├── RedTeam_toolkit.yara │ │ ├── ReelPhish.yara │ │ ├── RefleXXion.yara │ │ ├── ReflectiveNtdll.yara │ │ ├── RegHiveBackup.yara │ │ ├── RemoteKrbRelay.yara │ │ ├── RemotePipeList.yara │ │ ├── RemotePotato0.yara │ │ ├── Rev-Shell.yara │ │ ├── RevengeRAT-Stub-Cssharp.yara │ │ ├── ReverseSock5Proxy.yara │ │ ├── ReverseTCPShell.yara │ │ ├── Rhadamanthys.yara │ │ ├── Rock-ON.yara │ │ ├── RoguePotato.yara │ │ ├── RogueSploit.yara │ │ ├── RogueWinRM.yara │ │ ├── RottenPotatoNG.yara │ │ ├── RouterPassView.yara │ │ ├── RouterScan.yara │ │ ├── Rubeus.yara │ │ ├── Rudrastra.yara │ │ ├── RunAsWinTcb.yara │ │ ├── RunasCs.yara │ │ ├── RuralBishop.yara │ │ ├── Rust-Malware-Samples.yara │ │ ├── Rust-for-Malware-Development.yara │ │ ├── RustHound.yara │ │ ├── RustPotato.yara │ │ ├── RustRedOps.yara │ │ ├── RustiveDump.yara │ │ ├── S-inject.yara │ │ ├── S3Scanner.yara │ │ ├── S4UTomato.yara │ │ ├── SAP_GW_RCE_exploit.yara │ │ ├── SCCMSecrets.yara │ │ ├── SCCMVNC.yara │ │ ├── SCMUACBypass.yara │ │ ├── SCOMDecrypt.yara │ │ ├── SMBCrunch.yara │ │ ├── SMBGhost.yara │ │ ├── SMBGhost_RCE_PoC.yara │ │ ├── SMBSR.yara │ │ ├── SMBTrap.yara │ │ ├── SMBeagle.yara │ │ ├── SMBetray.yara │ │ ├── SMShell.yara │ │ ├── SOAPHound.yara │ │ ├── SQLRecon.yara │ │ ├── SQLiScanner.yara │ │ ├── SQLmate.yara │ │ ├── SSH-PuTTY-login-bruteforcer.yara │ │ ├── SSH-Snake.yara │ │ ├── SSRFmap.yara │ │ ├── SUDO_KILLER.yara │ │ ├── SUID3NUM.yara │ │ ├── SafetyDump.yara │ │ ├── SafetyKatz.yara │ │ ├── Salsa-tools.yara │ │ ├── SamDumpCable.yara │ │ ├── Sandman.yara │ │ ├── Scanners-Box.yara │ │ ├── ScareCrow.yara │ │ ├── SchTask_0x727.yara │ │ ├── ScheduleRunner.yara │ │ ├── ScriptBlock-Smuggling.yara │ │ ├── ScriptSentry.yara │ │ ├── SeManageVolumeExploit.yara │ │ ├── SearchOpenFileShares.yara │ │ ├── SecScanC2.yara │ │ ├── SecretServerSecretStealer.yara │ │ ├── SeeYouCM-Thief.yara │ │ ├── ServerlessRedirector.yara │ │ ├── SessionExec.yara │ │ ├── SessionGopher.yara │ │ ├── SessionSearcher.yara │ │ ├── Set-EtwTraceProvider.yara │ │ ├── SetProcessInjection.yara │ │ ├── Seth.yara │ │ ├── ShadowDumper.yara │ │ ├── ShadowForgeC2.yara │ │ ├── ShadowHound.yara │ │ ├── ShadowSpray.yara │ │ ├── ShadowStealer.yara │ │ ├── SharPersist.yara │ │ ├── SharPyShell.yara │ │ ├── ShareAudit.yara │ │ ├── Sharp-Suite.yara │ │ ├── SharpADWS.yara │ │ ├── SharpAVKB.yara │ │ ├── SharpAltSecIds.yara │ │ ├── SharpAppLocker.yara │ │ ├── SharpAzbelt.yara │ │ ├── SharpBlackout.yara │ │ ├── SharpBlock.yara │ │ ├── SharpBruteForceSSH.yara │ │ ├── SharpBuster.yara │ │ ├── SharpC2.yara │ │ ├── SharpCOM.yara │ │ ├── SharpChrome.yara │ │ ├── SharpChromium.yara │ │ ├── SharpClipHistory.yara │ │ ├── SharpClipboard.yara │ │ ├── SharpCloud.yara │ │ ├── SharpCookieMonster.yara │ │ ├── SharpDPAPI.yara │ │ ├── SharpDXWebcam.yara │ │ ├── SharpDecryptPwd.yara │ │ ├── SharpDllProxy.yara │ │ ├── SharpDomainSpray.yara │ │ ├── SharpDoor.yara │ │ ├── SharpDump.yara │ │ ├── SharpEDRChecker.yara │ │ ├── SharpEdge.yara │ │ ├── SharpEfsPotato.yara │ │ ├── SharpElevator.yara │ │ ├── SharpEventLog.yara │ │ ├── SharpEventPersist.yara │ │ ├── SharpExShell.yara │ │ ├── SharpExfil.yara │ │ ├── SharpExfiltrate.yara │ │ ├── SharpFtpC2.yara │ │ ├── SharpGPOAbuse.yara │ │ ├── SharpGhostTask.yara │ │ ├── SharpGmailC2.yara │ │ ├── SharpGpo.yara │ │ ├── SharpGraphView.yara │ │ ├── SharpHide.yara │ │ ├── SharpHose.yara │ │ ├── SharpIncrease.yara │ │ ├── SharpKatz.yara │ │ ├── SharpKiller.yara │ │ ├── SharpLAPS.yara │ │ ├── SharpLDAP.yara │ │ ├── SharpLdapRelayScan.yara │ │ ├── SharpLocker.yara │ │ ├── SharpLogger.yara │ │ ├── SharpMapExec.yara │ │ ├── SharpMiniDump.yara │ │ ├── SharpMove.yara │ │ ├── SharpNBTScan.yara │ │ ├── SharpNoPSExec.yara │ │ ├── SharpOxidResolver.yara │ │ ├── SharpPack.yara │ │ ├── SharpPersistSD.yara │ │ ├── SharpPrintNightmare.yara │ │ ├── SharpRDP.yara │ │ ├── SharpRDPHijack.yara │ │ ├── SharpRDPThief.yara │ │ ├── SharpRODC.yara │ │ ├── SharpSAMDump.yara │ │ ├── SharpSC.yara │ │ ├── SharpSCCM.yara │ │ ├── SharpSQL.yara │ │ ├── SharpSQLPwn.yara │ │ ├── SharpSSDP.yara │ │ ├── SharpSecDump.yara │ │ ├── SharpShares.yara │ │ ├── SharpShellPipe.yara │ │ ├── SharpShooter.yara │ │ ├── SharpSocks.yara │ │ ├── SharpSploit.yara │ │ ├── SharpSploitConsole.yara │ │ ├── SharpSpray.yara │ │ ├── SharpStay.yara │ │ ├── SharpSword.yara │ │ ├── SharpSystemTriggers.yara │ │ ├── SharpTerminator.yara │ │ ├── SharpThief.yara │ │ ├── SharpToken.yara │ │ ├── SharpUnhooker.yara │ │ ├── SharpUp.yara │ │ ├── SharpVeeamDecryptor.yara │ │ ├── SharpView.yara │ │ ├── SharpWSUS.yara │ │ ├── SharpWeb.yara │ │ ├── SharpZeroLogon.yara │ │ ├── Sharpmad.yara │ │ ├── Shell3er.yara │ │ ├── ShellGen.yara │ │ ├── ShellGhost.yara │ │ ├── ShellPop.yara │ │ ├── ShellPwnsh.yara │ │ ├── ShellServe.yara │ │ ├── ShellSync.yara │ │ ├── Shellcode-Downloader-CreateThread-Execution.yara │ │ ├── Shellcode-Hide.yara │ │ ├── Shellcode-Loader.yara │ │ ├── Shhhloader.yara │ │ ├── ShimDB.yara │ │ ├── ShimMe.yara │ │ ├── Shoggoth.yara │ │ ├── ShuckNT.yara │ │ ├── Shwmae.yara │ │ ├── SigPloit.yara │ │ ├── SigmaPotato.yara │ │ ├── SignToolEx.yara │ │ ├── SilentCryptoMiner.yara │ │ ├── SilentHound.yara │ │ ├── SilentMoonwalk.yara │ │ ├── SillyRAT.yara │ │ ├── Simple-Reverse-Shell.yara │ │ ├── SimpleBackdoorAdmin.yara │ │ ├── SimpleNTSyscallFuzzer.yara │ │ ├── SimplyEmail.yara │ │ ├── SingleDose.yara │ │ ├── SirepRAT.yara │ │ ├── Sitadel.yara │ │ ├── Slackor.yara │ │ ├── SlinkyCat.yara │ │ ├── SmashedPotato.yara │ │ ├── Smbtouch-Scanner.yara │ │ ├── Sn1per.yara │ │ ├── SnaffPoint.yara │ │ ├── Snaffler.yara │ │ ├── SniffAir.yara │ │ ├── SniffPass.yara │ │ ├── SocialBox-Termux.yara │ │ ├── SocialPwned.yara │ │ ├── SomalifuscatorV2.yara │ │ ├── SpaceRunner.yara │ │ ├── SpamChannel.yara │ │ ├── Spartacus.yara │ │ ├── SplunkWhisperer2.yara │ │ ├── SpookFlare.yara │ │ ├── SpoolFool.yara │ │ ├── Spray365.yara │ │ ├── SprayingToolkit.yara │ │ ├── Spring4Shell.yara │ │ ├── SpringCore0day.yara │ │ ├── Spyndicapped.yara │ │ ├── SspiUacBypass.yara │ │ ├── StackCrypt.yara │ │ ├── StandIn.yara │ │ ├── Stardust.yara │ │ ├── StayKit.yara │ │ ├── StealDhcpSecrets.yara │ │ ├── Sticky-Keys-Slayer.yara │ │ ├── Stifle.yara │ │ ├── Stompy.yara │ │ ├── Striker.yara │ │ ├── Sublist3r.yara │ │ ├── Suborner.yara │ │ ├── Sudomy.yara │ │ ├── SunCrypt.yara │ │ ├── Sunder.yara │ │ ├── Supernova.yara │ │ ├── SwampThing.yara │ │ ├── SweetPotato.yara │ │ ├── Synergy-httpx.yara │ │ ├── SysJoker.yara │ │ ├── SysWhispers3.yara │ │ ├── SystemBC.yara │ │ ├── TGSThief.yara │ │ ├── TGT_Monitor.yara │ │ ├── TREVORspray.yara │ │ ├── TakeMyRDP.yara │ │ ├── TartarusGate.yara │ │ ├── Tchopper.yara │ │ ├── TeamFiltration.yara │ │ ├── TeamsEnum.yara │ │ ├── TelegramRAT.yara │ │ ├── Telemetry.yara │ │ ├── Termite.yara │ │ ├── TheFatRat.yara │ │ ├── ThievingFox.yara │ │ ├── ThisIsNotRat.yara │ │ ├── Thread-Pool-Injection-PoC.yara │ │ ├── ThreadlessInject.yara │ │ ├── ThreatCheck.yara │ │ ├── Throwback.yara │ │ ├── ThunderDNS.yara │ │ ├── ThunderShell.yara │ │ ├── TimeException.yara │ │ ├── Timeroast.yara │ │ ├── TinyMet.yara │ │ ├── ToRat.yara │ │ ├── Token-Impersonation.yara │ │ ├── TokenFinder.yara │ │ ├── TokenPlayer.yara │ │ ├── TokenStealer.yara │ │ ├── TokenTactics.yara │ │ ├── TokenTacticsV2.yara │ │ ├── TokenUniverse.yara │ │ ├── Tokenvator.yara │ │ ├── Tool-PassView.yara │ │ ├── Tool-X.yara │ │ ├── Tor.yara │ │ ├── TorPylle.yara │ │ ├── TotalRecall.yara │ │ ├── TrickDump.yara │ │ ├── TripleCross.yara │ │ ├── TrueSocks.yara │ │ ├── Tsunami.yara │ │ ├── TunnelVision.yara │ │ ├── r77-rootkit.yara │ │ ├── ransomware_notes.yara │ │ ├── ratchatgpt.yara │ │ ├── ratchatpt.yara │ │ ├── rattler.yara │ │ ├── rdpscraper.yara │ │ ├── rdpv.yara │ │ ├── reGeorg.yara │ │ ├── reaper.yara │ │ ├── reapoc.yara │ │ ├── recaptcha-phish.yara │ │ ├── recon-archy.yara │ │ ├── reconftw.yara │ │ ├── red-python-scripts.yara │ │ ├── red-team-scripts.yara │ │ ├── red_hawk.yara │ │ ├── redis-rce.yara │ │ ├── redpill.yara │ │ ├── reg.yara │ │ ├── regreeper.yara │ │ ├── remote-method-guesser.yara │ │ ├── rengine.yara │ │ ├── resocks.yara │ │ ├── responder.yara │ │ ├── revbshell.yara │ │ ├── reverse-shell-generator.yara │ │ ├── reverse-ssh.yara │ │ ├── reverst.yara │ │ ├── revsocks.yara │ │ ├── ridrelay.yara │ │ ├── rmdir.yara │ │ ├── ropfuscator.yara │ │ ├── rotateproxy.yara │ │ ├── routerpasswords.com.yara │ │ ├── routersploit.yara │ │ ├── rpivot.yara │ │ ├── rs-shell.yara │ │ ├── rsg.yara │ │ ├── rshijack.yara │ │ ├── rsockstun.yara │ │ ├── rsocx.yara │ │ ├── ruler.yara │ │ ├── rustcat.yara │ │ ├── rwxfinder.yara │ │ ├── sRDI.yara │ │ ├── saint.yara │ │ ├── sam-the-admin.yara │ │ ├── samdump.yara │ │ ├── samdump2.yara │ │ ├── sandcat.yara │ │ ├── saycheese.yara │ │ ├── scan4all.yara │ │ ├── scanless.yara │ │ ├── sccmdecryptpoc.yara │ │ ├── sccmhunter.yara │ │ ├── scshell.yara │ │ ├── seatbelt.yara │ │ ├── secretfinder.yara │ │ ├── secretsdump.yara │ │ ├── securesocketfunneling.yara │ │ ├── security-onion.yara │ │ ├── sgn.yara │ │ ├── shad0w.yara │ │ ├── sharpcollection.yara │ │ ├── sharphound.yara │ │ ├── shellcodetester.yara │ │ ├── shellsilo.yara │ │ ├── shhmon.yara │ │ ├── shodan.io.yara │ │ ├── shootback.yara │ │ ├── shutter.yara │ │ ├── silenttrinity.yara │ │ ├── sish.yara │ │ ├── slip.yara │ │ ├── sliver.yara │ │ ├── smartbrute.yara │ │ ├── smb-reverse-shell.yara │ │ ├── smb-scanner.yara │ │ ├── smbcrawler.yara │ │ ├── smbmap.yara │ │ ├── smbscan.yara │ │ ├── smtp-user-enum.yara │ │ ├── smuggler.py.yara │ │ ├── snallygaster.yara │ │ ├── sniffer.yara │ │ ├── sniffglue.yara │ │ ├── snmpwn.yara │ │ ├── socat.yara │ │ ├── social-engineer-toolkit.yara │ │ ├── specula.yara │ │ ├── spellbound.yara │ │ ├── spiderfoot.yara │ │ ├── spinningteacup.yara │ │ ├── spoofing-office-macro.yara │ │ ├── spoolsploit.yara │ │ ├── spraycharles.yara │ │ ├── sprayhound.yara │ │ ├── spraykatz.yara │ │ ├── spring-core-rce.yara │ │ ├── sqli-labs.yara │ │ ├── sqlipy.yara │ │ ├── sqlmap.yara │ │ ├── sqlninja.yara │ │ ├── ssfd.yara │ │ ├── ssh-auditor.yara │ │ ├── ssh-mitm.yara │ │ ├── sshLooterC.yara │ │ ├── sshamble.yara │ │ ├── sshame.yara │ │ ├── sshimpanzee.yara │ │ ├── sslstrip.yara │ │ ├── statistically-likely-usernames.yara │ │ ├── stowaway.yara │ │ ├── subbrute.yara │ │ ├── subfinder.yara │ │ ├── sudoSnatch.yara │ │ ├── sudo_inject.yara │ │ ├── supershell.yara │ │ ├── susinternals.yara │ │ ├── sysmonquiet.yara │ │ ├── t14m4t.yara │ │ ├── taowu-cobalt-strike.yara │ │ ├── targetedKerberoast.yara │ │ ├── tcpreplay.yara │ │ ├── teams_dump.yara │ │ ├── teamsphisher.yara │ │ ├── teamstracker.yara │ │ ├── tetanus.yara │ │ ├── thc-hydra.yara │ │ ├── the-backdoor-factory.yara │ │ ├── theHarvester.yara │ │ ├── themebleed.yara │ │ ├── thoth.yara │ │ ├── ticket_converter.yara │ │ ├── tor2web.yara │ │ ├── torproject.yara │ │ ├── tplmap.yara │ │ ├── trackerjacker.yara │ │ ├── traitor.yara │ │ ├── transfer.sh.yara │ │ ├── trevorc2.yara │ │ ├── tricky.lnk.yara │ │ ├── truffleHog.yara │ │ ├── tsh-go.yara │ │ ├── tsh.yara │ │ ├── tun2socks.yara │ │ └── twittor.yara │ ├── U-W │ │ ├── UACME.yara │ │ ├── UFONet.yara │ │ ├── UnhookingPatch.yara │ │ ├── UniByAv.yara │ │ ├── UniversalDVC.yara │ │ ├── UnlinkDLL.yara │ │ ├── UnmanagedPowerShell.yara │ │ ├── UnquotedPath.yara │ │ ├── UnstoppableService.yara │ │ ├── UsoDllLoader.yara │ │ ├── V3n0M-Scanner.yara │ │ ├── VBA-RunPE.yara │ │ ├── VDR.yara │ │ ├── VNCPassView.yara │ │ ├── Vajra.yara │ │ ├── VeamHax.yara │ │ ├── VectorKernel.yara │ │ ├── VenomousSway.yara │ │ ├── Villain.yara │ │ ├── VirusTotalC2.yara │ │ ├── VoidCrypt.yara │ │ ├── Voidgate.yara │ │ ├── Volumiser.yara │ │ ├── Vulmap.yara │ │ ├── WAF-bypass-Cheat-Sheet.yara │ │ ├── WDBypass.yara │ │ ├── WDExtract.yara │ │ ├── WINspect.yara │ │ ├── WLAN-Windows-Passwords.yara │ │ ├── WMEye.yara │ │ ├── WMIHACKER.yara │ │ ├── WMIPersistence.yara │ │ ├── WMIcmd.yara │ │ ├── WMImplant.yara │ │ ├── WPScan.yara │ │ ├── WSAAcceptBackdoor.yara │ │ ├── WSMan-WinRM.yara │ │ ├── WSPCoerce.yara │ │ ├── WSUSpendu.yara │ │ ├── Waitfor-Persistence.yara │ │ ├── WebDavC2.yara │ │ ├── WebDeveloperSecurityChecklist.yara │ │ ├── WebSocketReverseShellDotNet.yara │ │ ├── Weevely3.yara │ │ ├── WerTrigger.yara │ │ ├── WhatBreach.yara │ │ ├── WheresMyImplant.yara │ │ ├── Whisker.yara │ │ ├── WiFi-Pumpkin.yara │ │ ├── WinDefenderKiller.yara │ │ ├── WinPirate.yara │ │ ├── WinPwn.yara │ │ ├── WinPwnage.yara │ │ ├── WinSCPPasswdExtractor.yara │ │ ├── WinShellcode.yara │ │ ├── WindfarmDynamite.yara │ │ ├── Windows-Crack.yara │ │ ├── Windows-Exploit-Suggester.yara │ │ ├── Windows-Post-Exploitation.yara │ │ ├── Windows-Privilege-Escalation.yara │ │ ├── WindowsDowndate.yara │ │ ├── WindowsExploitationResources.yara │ │ ├── Windows_MSKSSRV_LPE_CVE-2023-36802.yara │ │ ├── Winpayloads.yara │ │ ├── WirelessKeyView.yara │ │ ├── WitnessMe.yara │ │ ├── Wmisploit.yara │ │ ├── WorldWind-Stealer.yara │ │ ├── udmp-parser.yara │ │ ├── unDefender.yara │ │ ├── undertheradar.yara │ │ ├── unicorn.yara │ │ ├── unshackle.yara │ │ ├── upload.nolog.cz.yara │ │ ├── usbmon.yara │ │ ├── usbpcap.yara │ │ ├── username-anarchy.yara │ │ ├── vRealizeLogInsightRCE.yara │ │ ├── var0xshell.yara │ │ ├── vbad.yara │ │ ├── vcsmap.yara │ │ ├── veeam-creds.yara │ │ ├── venom.yara │ │ ├── viperc2.yara │ │ ├── vncpwdump.yara │ │ ├── w3af.yara │ │ ├── wafw00f.yara │ │ ├── wapiti.yara │ │ ├── warberry.yara │ │ ├── wce.yara │ │ ├── wcreddump.yara │ │ ├── wePWNise.yara │ │ ├── weakpass.yara │ │ ├── web-hacking-toolkit.yara │ │ ├── webBrowserPassView.yara │ │ ├── webshell.yara │ │ ├── webtrufflehog.yara │ │ ├── wfuzz.yara │ │ ├── whatlicense.yara │ │ ├── whiskeysamlandfriends.yara │ │ ├── whoami.yara │ │ ├── wifi-bruteforcer-fsecurify.yara │ │ ├── wifi-bruteforcer-fsecurity.yara │ │ ├── wifibroot.yara │ │ ├── wifigrabber.yara │ │ ├── wifijammer.yara │ │ ├── wifiphisher.yara │ │ ├── wifite2.yara │ │ ├── win-brute-logon.yara │ │ ├── winPEAS.yara │ │ ├── windapsearch.yara │ │ ├── windows-defender-remover.yara │ │ ├── windows-login-phish.yara │ │ ├── windows-privesc-check.yara │ │ ├── winexe.yara │ │ ├── winsos-poc.yara │ │ ├── wiresocks.yara │ │ ├── wmic.yara │ │ ├── wmiexec-pro.yara │ │ ├── wmiexec.yara │ │ ├── wmiexec2.yara │ │ ├── wordlists.yara │ │ ├── wordsmith.yara │ │ ├── wpaf.yara │ │ ├── wraith.yara │ │ ├── wso-webshell.yara │ │ ├── wstunnel.yara │ │ └── wsuxploit.yara │ ├── X-Z │ │ ├── XSS-Payloads.yara │ │ ├── XSStrike.yara │ │ ├── XXEinjector.yara │ │ ├── Xerror.yara │ │ ├── XiebroC2.yara │ │ ├── Xrulez.yara │ │ ├── Xworm.yara │ │ ├── ZeroHVCI.yara │ │ ├── ZipExec.yara │ │ ├── Zloader.yara │ │ ├── xeno-rat.yara │ │ ├── xrdp.yara │ │ ├── xspy.yara │ │ ├── xss-labs.yara │ │ ├── xz.yara │ │ ├── yodo.yara │ │ ├── ysoserial.net.yara │ │ ├── zarp.yara │ │ ├── zeroday-powershell.yara │ │ ├── zerologon.yara │ │ └── zerosum0x0.yara │ └── _Others │ │ ├── 0d1n.yara │ │ ├── 0day.today.yara │ │ ├── 1.6-C2.yara │ │ ├── 365-Stealer.yara │ │ ├── 3snake.yara │ │ ├── 4everproxy.yara │ │ ├── 7zip.yara │ │ └── _.yara ├── offensive_tools.yara └── signature_keyword │ ├── A-C │ ├── Adzok.yara │ ├── Ammyy Admin.yara │ ├── Amnesiac.yara │ ├── AmsiBypass.yara │ ├── Antivirus Signature.yara │ ├── AnyplaceControl.yara │ ├── AsyncRAT-C-Sharp.yara │ ├── BITSInject.yara │ ├── Backstab.yara │ ├── BadPotato.yara │ ├── BadRentdrv2.yara │ ├── Bat-Potato.yara │ ├── BeRoot.yara │ ├── Blank-Grabber.yara │ ├── BlockEtw.yara │ ├── Burntcigar KillAV.yara │ ├── Carbanak.yara │ ├── adPEAS.yara │ ├── adfind.yara │ ├── adrecon.yara │ ├── advanced port scanner.yara │ ├── antSword.yara │ ├── arp.yara │ ├── auditd.yara │ ├── bulletpassview.yara │ ├── cp.yara │ ├── cryptomining.yara │ └── cstealer.yara │ ├── D-F │ ├── DEDSEC-RANSOMWARE.yara │ ├── Dameware.yara │ ├── DeadPotato.yara │ ├── Decrypt-RDCMan.yara │ ├── DumpLSASS.yara │ ├── Dumpert.yara │ ├── EarthWorm.yara │ ├── EternalBlack.yara │ ├── defender-control.yara │ └── fscan.yara │ ├── G-H │ ├── Godzilla.yara │ ├── GonnaCry.yara │ ├── Group3r.yara │ ├── HVNC.yara │ ├── ghostsocks.yara │ ├── gmer.yara │ ├── gsecdump.yara │ ├── hak5 cloudc2.yara │ ├── hidden-tear.yara │ ├── hookchain.yara │ └── htran.yara │ ├── I-K │ ├── Imminent-Monitor.yara │ ├── Invoke-SocksProxy.yara │ ├── Invoke-TheHash.yara │ ├── Jasmin-Ransomware.yara │ ├── KPortScan.yara │ ├── Krueger.yara │ ├── impacket.yara │ └── kiglogger.yara │ ├── L-N │ ├── LAPSToolkit.yara │ ├── LOLSpoof.yara │ ├── LaZagne.yara │ ├── Lime-Crypter.yara │ ├── Lumma Stealer.yara │ ├── MEGAcmd.yara │ ├── MailPassView.yara │ ├── MozillaCookiesView.yara │ ├── NetSess.yara │ ├── NoodleRAT.yara │ ├── NtlmThief.yara │ ├── linuxprivchecker.yara │ ├── lslsass.yara │ ├── merlin-agent-dll.yara │ ├── merlin-agent.yara │ ├── merlin.yara │ ├── mimikatz.yara │ ├── netpass.yara │ └── nping.yara │ ├── O-Q │ ├── PCHunter.yara │ ├── PEASS.yara │ ├── POC.yara │ ├── PWDumpX.yara │ ├── PipeViewer .yara │ ├── Powershell-Scripts-for-Hackers-and-Pentesters.yara │ ├── Powertool.yara │ ├── Prince-Ransomware.yara │ ├── PrintNightmare.yara │ ├── PwDump7.yara │ ├── Python-Rootkit.yara │ ├── passwordfox.yara │ ├── pingcastle.yara │ ├── powercat.yara │ ├── powerview.yara │ └── psexec.yara │ ├── R-T │ ├── RdpThief.yara │ ├── RemoteUtilities.yara │ ├── RouterScan.yara │ ├── S-inject.yara │ ├── Sandman.yara │ ├── SessionGopher.yara │ ├── ShadowDumper.yara │ ├── SharpClipboard.yara │ ├── SharpDump.yara │ ├── SharpEDRChecker.yara │ ├── SharpShares.yara │ ├── Smbtouch-Scanner.yara │ ├── SniffPass.yara │ ├── SpoolFool.yara │ ├── TDSKiller.yara │ ├── Telemetry.yara │ ├── Termite.yara │ ├── r77-rootkit.yara │ ├── rclone.yara │ ├── rdp.yara │ ├── revbshell.yara │ ├── reverse-shell-generator.yara │ ├── seatbelt.yara │ ├── sharphound.yara │ ├── sliver.yara │ ├── softperfect networkscanner.yara │ ├── sshdoor.yara │ ├── stowaway.yara │ ├── susinternals.yara │ ├── tightvnc.yara │ └── tor.yara │ ├── U-W │ ├── UltraVNC.yara │ ├── VNCPassView.yara │ ├── Venom.yara │ ├── WMIHACKER.yara │ ├── vncviewer.yara │ ├── webBrowserPassView.yara │ ├── windows-defender-remover.yara │ └── wraith.yara │ └── X-Z │ └── xz.yara └── yara_rules_binaries_strict ├── all.yara ├── greyware_tool_keyword ├── A-C │ ├── AADInternals.yara │ ├── AD_Miner.yara │ ├── AD_common_queries.yara │ ├── APT.yara │ ├── AVDump.yara │ ├── Acunetix_Web_Vulnerability_Scanner.yara │ ├── AdGuard_VPN.yara │ ├── Adblock_Office_VPN_Proxy_Server.yara │ ├── AdvancedRun.yara │ ├── Ahk2Exe.yara │ ├── AlanFramework.yara │ ├── Alpemix.yara │ ├── Ammyy_Admin.yara │ ├── AmperageKit.yara │ ├── Anonymous_Proxy_Vpn_Browser.yara │ ├── AnyplaceControl.yara │ ├── Astar_VPN.yara │ ├── Atera.yara │ ├── AutoHotkey.yara │ ├── AutoIt.yara │ ├── AutoSUID.yara │ ├── Azino_VPN.yara │ ├── Azure_Storage_Explorer.yara │ ├── BarracudaRMM.yara │ ├── BelkaVPN.yara │ ├── Best_VPN_USA.yara │ ├── BitLockerToGo.yara │ ├── BloodHound.yara │ ├── Bomgar.yara │ ├── Box.yara │ ├── Browsec_VPN.yara │ ├── Browser_C2.yara │ ├── Browser_VPN.yara │ ├── BullVPN.yara │ ├── Burntcigar_KillAV.yara │ ├── CIMplant.yara │ ├── ChromeCookiesView.yara │ ├── Cloud_VPN.yara │ ├── Cmdkey.yara │ ├── ComodoRMM__Itarian_RMM_.yara │ ├── Compress_Archive.yara │ ├── CursedChrome.yara │ ├── CyberGhost_VPN.yara │ ├── _base64.yara │ ├── action1.yara │ ├── adaudit.yara │ ├── adexplorer.yara │ ├── adfind.yara │ ├── adget.yara │ ├── adiskreader.yara │ ├── adobe_com.yara │ ├── adrecon.yara │ ├── advanced_ip_scanner.yara │ ├── advanced_port_scanner.yara │ ├── aeroadmin.yara │ ├── anonfiles_com.yara │ ├── anydesk.yara │ ├── anymailfinder.yara │ ├── anyviewer.yara │ ├── apaste_info.yara │ ├── apkfold_free_vpn.yara │ ├── arp.yara │ ├── assoc.yara │ ├── atnow.yara │ ├── attrib.yara │ ├── auditd.yara │ ├── auvik.yara │ ├── aweray.yara │ ├── awk.yara │ ├── bash.yara │ ├── bash_keylogger.yara │ ├── bash_port_scan.yara │ ├── bashupload_com.yara │ ├── bayfiles.yara │ ├── bcdedit.yara │ ├── bcedit.yara │ ├── beeceptor_com.yara │ ├── bitbucket_org.yara │ ├── bitsadmin.yara │ ├── bittorent.yara │ ├── bore.yara │ ├── boringproxy.yara │ ├── browser_lol.yara │ ├── btunnel.yara │ ├── btunnel_in.yara │ ├── burrow.yara │ ├── canarytokens_com.yara │ ├── cat.yara │ ├── catbox_moe.yara │ ├── certoc.yara │ ├── certutil.yara │ ├── chattr.yara │ ├── chcp.yara │ ├── chgpass.yara │ ├── chromium.yara │ ├── clbin_com.yara │ ├── cloudflared.yara │ ├── cobaltstrike.yara │ ├── comsvcs_dll.yara │ ├── conhost_exe.yara │ ├── copy.yara │ ├── cp.yara │ ├── croc.yara │ ├── crond.yara │ ├── crontab.yara │ ├── crowbar.yara │ ├── crowdstrike_falcon.yara │ ├── csvde.yara │ ├── curl.yara │ ├── cut.yara │ └── cytool.yara ├── D-F │ ├── DBC2.yara │ ├── DEEPRISM_VPN.yara │ ├── Daily_VPN.yara │ ├── Dameware.yara │ ├── Dataplicity.yara │ ├── Disk2vhd.yara │ ├── Dispossessor.yara │ ├── DotVPN.yara │ ├── EHORUS_RMM.yara │ ├── Earth_VPN.yara │ ├── Excel.yara │ ├── ExpressVPN.yara │ ├── FREE_VPN_DEWELOPMENT.yara │ ├── FastStunnel_VPN.yara │ ├── FastestVPN_Proxy.yara │ ├── FileZilla.yara │ ├── Fornex_VPN.yara │ ├── FoxyProxy_Standard.yara │ ├── Free_Avira_Phantom_VPN.yara │ ├── Free_Fast_VPN.yara │ ├── Free_One_Touch_VPN.yara │ ├── Free_Proxy_VPN.yara │ ├── Free_Residential_VPN.yara │ ├── Free_VPN.yara │ ├── Free_VPN_for_Chrome.yara │ ├── dd.yara │ ├── debugdfs.yara │ ├── del.yara │ ├── dev_tunnels.yara │ ├── dig.yara │ ├── dir.yara │ ├── discord.yara │ ├── diskshadow.yara │ ├── dns.yara │ ├── dnscmd.yara │ ├── dnslog_cn.yara │ ├── dpapi_py.yara │ ├── dropbear.yara │ ├── dropbox.yara │ ├── dropmefiles_com.yara │ ├── dsquery.yara │ ├── duckdns_org.yara │ ├── ducktail.yara │ ├── dwagent.yara │ ├── easyupload_io.yara │ ├── echo.yara │ ├── elastic_agent.yara │ ├── email_format.yara │ ├── eraser.yara │ ├── esentutl.yara │ ├── esxcli.yara │ ├── evilrdp.yara │ ├── exegol.yara │ ├── export.yara │ ├── expose.yara │ ├── fex_net.yara │ ├── fiddler.yara │ ├── file_io.yara │ ├── filebin_net.yara │ ├── filetransfer_io.yara │ ├── find.yara │ ├── findstr.yara │ ├── fleetdeck.yara │ ├── fleetdm.yara │ ├── freefilesync.yara │ ├── frp.yara │ └── ftype.yara ├── G-H │ ├── GeoProxy.yara │ ├── Get_WmiObject.yara │ ├── GoToMyPC.yara │ ├── Gom_VPN.yara │ ├── Goodsync.yara │ ├── Google_Remote_Desktop.yara │ ├── Guru_VPN__and__Proxy.yara │ ├── HMA_VPN_Proxy_Unblocker.yara │ ├── HideAll_VPN.yara │ ├── Hide_My_IP_VPN.yara │ ├── Hideman_VPN.yara │ ├── Hola_Free_VPN.yara │ ├── Hola_VPN.yara │ ├── Hotspot_Shield_Elite_VPN_Proxy.yara │ ├── Hotspot_Shield_Free_VPN.yara │ ├── Hoxx_VPN_Proxy.yara │ ├── Hub_VPN.yara │ ├── Hunter_io.yara │ ├── getcap.yara │ ├── getent.yara │ ├── github.yara │ ├── goMatrixC2.yara │ ├── go_http_tunnel.yara │ ├── gofile_io.yara │ ├── golang_c2.yara │ ├── googleweblight_com.yara │ ├── gost.yara │ ├── gpg.yara │ ├── grep.yara │ ├── gt.yara │ ├── gtfobins.yara │ ├── guerrillamail.yara │ ├── hackforums_net.yara │ ├── history.yara │ ├── homeway_io.yara │ ├── http_server.yara │ └── hypertunnel.yara ├── I-K │ ├── IObitUnlocker.yara │ ├── IPBurger_Proxy__and__VPN.yara │ ├── IP_Unblock.yara │ ├── Invoke_Maldaptive.yara │ ├── iNinja_VPN.yara │ ├── icacls.yara │ ├── icalcs.yara │ ├── ifconfig.yara │ ├── impacket.yara │ ├── interactsh.yara │ ├── ip.yara │ ├── ip_api_com.yara │ ├── ipscan.yara │ ├── iptables.yara │ ├── ipv4_myip_wtf.yara │ ├── ired_team.yara │ ├── jprq.yara │ ├── kaseya_VSA.yara │ └── killProcessPOC.yara ├── L-N │ ├── LTProxy.yara │ ├── Lansweeper.yara │ ├── Lethean_Proxy_VPN.yara │ ├── LogMeIn.yara │ ├── MEGAcmd.yara │ ├── MEGAsync.yara │ ├── Malus_VPN.yara │ ├── Microsoft_Recall.yara │ ├── MozillaCookiesView.yara │ ├── MpCmdRun.yara │ ├── Muscle_VPN.yara │ ├── My_Browser_Vpn.yara │ ├── Neo4j.yara │ ├── Neo_reGeorg.yara │ ├── NetSupport.yara │ ├── NetshRun.yara │ ├── NimScan.yara │ ├── NordVPN.yara │ ├── Nsight_RMM.yara │ ├── Nucleus_VPN.yara │ ├── ldap_queries.yara │ ├── ldapsearch.yara │ ├── ldifde.yara │ ├── level_io.yara │ ├── linux.yara │ ├── ln.yara │ ├── localhost_run.yara │ ├── localtunnel.yara │ ├── localtunnels.yara │ ├── localxpose.yara │ ├── locate.yara │ ├── ls.yara │ ├── lsa_whisperer.yara │ ├── lyncsmash.yara │ ├── macchanger.yara │ ├── maildrop.yara │ ├── mediafire.yara │ ├── mega_co_nz.yara │ ├── mega_nz.yara │ ├── megatools.yara │ ├── meshcentral.yara │ ├── mkdir.yara │ ├── modproble.yara │ ├── movefile64_exe.yara │ ├── mshta.yara │ ├── msiexec.yara │ ├── mv.yara │ ├── my_ip_io.yara │ ├── myexternalip_com.yara │ ├── myftp_biz.yara │ ├── myftp_org.yara │ ├── nbtscan.yara │ ├── nbtstat.yara │ ├── nc.yara │ ├── ncat.yara │ ├── net.yara │ ├── netcat.yara │ ├── netscan.yara │ ├── netsh.yara │ ├── netstat.yara │ ├── ngrok.yara │ ├── nircmd.yara │ ├── nirsoft_tools.yara │ ├── nltest.yara │ ├── nmap.yara │ ├── nopaste_net.yara │ ├── nping.yara │ └── ntdsutil.yara ├── O-Q │ ├── OPENVPN.yara │ ├── Openssh.yara │ ├── OshiUpload.yara │ ├── PAExec.yara │ ├── PCHunter.yara │ ├── PP_VPN.yara │ ├── PortQry.yara │ ├── Portr.yara │ ├── PowerSploit.yara │ ├── Powertool.yara │ ├── Prime_VPN.yara │ ├── PrintNightmare.yara │ ├── Private_Internet_Access.yara │ ├── Procdump.yara │ ├── Pron_VPN.yara │ ├── ProxFlow.yara │ ├── Proxifier.yara │ ├── ProxyFlow.yara │ ├── Proxy_SwitchyOmega.yara │ ├── Proxy_SwitchySharp.yara │ ├── Pulseway.yara │ ├── PureVPN.yara │ ├── Push_VPN.yara │ ├── PyPagekite.yara │ ├── Quasar.yara │ ├── QuickAssist.yara │ ├── openssh_portable.yara │ ├── oset.yara │ ├── passwd.yara │ ├── paste_ee.yara │ ├── pastebin.yara │ ├── pastebin_pl.yara │ ├── pastie_org.yara │ ├── pcunlocker.yara │ ├── pdbedit.yara │ ├── pgrok.yara │ ├── phoenix_miner.yara │ ├── php.yara │ ├── pingcastle.yara │ ├── pinggy.yara │ ├── pktmon.yara │ ├── plink.yara │ ├── powershell.yara │ ├── premiumize_me.yara │ ├── privatebin_net.yara │ ├── privnote_com.yara │ ├── processhacker.yara │ ├── procmon.yara │ ├── produkey.yara │ ├── psexec.yara │ ├── pslist.yara │ ├── psloggedon.yara │ ├── put_io.yara │ ├── putty.yara │ ├── py2exe.yara │ ├── pyinstaller.yara │ ├── pyshark.yara │ ├── python.yara │ ├── qaz_im.yara │ ├── qaz_is.yara │ ├── qaz_su.yara │ ├── qu_ax.yara │ └── qwinsta.yara ├── R-T │ ├── Radmin.yara │ ├── Red_Panda_VPN.yara │ ├── RemCom.yara │ ├── RemotePC.yara │ ├── RemoteUtilities.yara │ ├── RevoUninstaller.yara │ ├── RpcView.yara │ ├── RusVPN.yara │ ├── RustDesk.yara │ ├── Rust_Localtunnels.yara │ ├── SSH_J_com.yara │ ├── SaferVPN_Proxy.yara │ ├── ScreenConnect.yara │ ├── SentinelAgent.yara │ ├── SetACL.yara │ ├── SetupVPN.yara │ ├── Shredder.yara │ ├── SimpleHelp.yara │ ├── SirTunnel.yara │ ├── Social_VPN.yara │ ├── SoftEtherVPN.yara │ ├── Soul_VPN.yara │ ├── SpaceRunner.yara │ ├── Splashtop.yara │ ├── Supremo.yara │ ├── Surf_VPN.yara │ ├── TDSKiller.yara │ ├── Taskmgr.yara │ ├── TelegramRAT.yara │ ├── Thunder_Proxy.yara │ ├── TotalRecall.yara │ ├── Touch_VPN.yara │ ├── Trellonet.yara │ ├── TunnelBear_VPN.yara │ ├── Tunnello_VPN.yara │ ├── Turbo_VPN_for_PC.yara │ ├── ransomware_notes.yara │ ├── rapid7.yara │ ├── ratchatpt.yara │ ├── rathole.yara │ ├── rclone.yara │ ├── rderzh_VPN_Proxy.yara │ ├── rdp.yara │ ├── rdpscan.yara │ ├── rdpwrap.yara │ ├── rdrleakdiag.yara │ ├── redpill.yara │ ├── reg.yara │ ├── regsvr32.yara │ ├── remoteit.yara │ ├── remotemoe.yara │ ├── ren.yara │ ├── rentry_co.yara │ ├── requestbin_net.yara │ ├── requests_ntlm.yara │ ├── restic.yara │ ├── reverse_tunnel.yara │ ├── rm.yara │ ├── rmdir.yara │ ├── rmdir_.yara │ ├── rmmod.yara │ ├── route.yara │ ├── rpcclient.yara │ ├── rsocks.yara │ ├── rsync.yara │ ├── ruby.yara │ ├── rundll32.yara │ ├── sVPN.yara │ ├── samba.yara │ ├── sc.yara │ ├── schtasks.yara │ ├── scp.yara │ ├── sdelete.yara │ ├── sed.yara │ ├── send_exploit_in.yara │ ├── sendspace_com.yara │ ├── serveo_net.yara │ ├── set.yara │ ├── setspn.yara │ ├── sftp.yara │ ├── shadowsocks.yara │ ├── share_riseup_net.yara │ ├── shell.yara │ ├── shred.yara │ ├── simplehttpserver.yara │ ├── sish.yara │ ├── skymen_info.yara │ ├── slack.yara │ ├── smc.yara │ ├── snmpcheck.yara │ ├── snmpwalk.yara │ ├── socat.yara │ ├── softperfect_networkscanner.yara │ ├── speedtest.yara │ ├── ss.yara │ ├── ssh.yara │ ├── sshtunnel.yara │ ├── sshuttle.yara │ ├── sshx.yara │ ├── sslip_io.yara │ ├── staqlab_tunnel.yara │ ├── steam.yara │ ├── stowaway.yara │ ├── stunnel.yara │ ├── sudo.yara │ ├── sudoers.yara │ ├── suo5.yara │ ├── supershell.yara │ ├── surfshark_VPN.yara │ ├── syncthing.yara │ ├── sysctl.yara │ ├── systemctl.yara │ ├── systeminfo.yara │ ├── tacticalrmm.yara │ ├── tailscale.yara │ ├── takeown.yara │ ├── taskkill.yara │ ├── tasklist.yara │ ├── tcpdump.yara │ ├── teamviewer.yara │ ├── telebit_cloud.yara │ ├── telegram.yara │ ├── telnet.yara │ ├── temp_mail.yara │ ├── temp_sh.yara │ ├── tempsend_com.yara │ ├── termbin_com.yara │ ├── textbin_net.yara │ ├── tightvnc.yara │ ├── tir_blanc_holiseum.yara │ ├── tmate.yara │ ├── tmpfiles_org.yara │ ├── tmpwatch.yara │ ├── touch.yara │ ├── track_adform_net.yara │ ├── transfer_sh.yara │ ├── transfert_my_files_com.yara │ ├── translate_goog.yara │ ├── truncate.yara │ ├── trycloudflare_com.yara │ ├── tunnel.yara │ ├── tunnel_pyjam_as.yara │ ├── tunneller.yara │ ├── tunnelmole_client.yara │ ├── tunnelto_dev.yara │ ├── tunwg.yara │ └── typeperf.yara ├── U-W │ ├── UltraVNC.yara │ ├── Ultrareach_VPN.yara │ ├── Unblock_Websites.yara │ ├── Universal_Virus_Sniffer.yara │ ├── Unlimited_VPN__and__Proxy_by_ibVPN.yara │ ├── Upnet.yara │ ├── Urban_Free_VPN.yara │ ├── Urban_Shield.yara │ ├── VPNMatic.yara │ ├── VPN_AC.yara │ ├── VPN_Free.yara │ ├── VPN_Master.yara │ ├── VPN_PROXY_MASTER.yara │ ├── VPN_Professional.yara │ ├── VPN_Unlimited_Free.yara │ ├── VPN_free_pro.yara │ ├── Veee.yara │ ├── VirtualBox.yara │ ├── VirtualShield_VPN.yara │ ├── VncSharp.yara │ ├── Wachee_VPN.yara │ ├── WeVPN.yara │ ├── Whoer_VPN.yara │ ├── WinSCP.yara │ ├── WindmillVPN.yara │ ├── Windscribe.yara │ ├── WorkingVPN.yara │ ├── uVPN.yara │ ├── ufile_io.yara │ ├── unlink.yara │ ├── unset.yara │ ├── unshadow.yara │ ├── updog.yara │ ├── usaupload.yara │ ├── utorrent.yara │ ├── vncviewer.yara │ ├── vscode.yara │ ├── vssadmin.yara │ ├── w32times.yara │ ├── wbadmin.yara │ ├── webhook_site.yara │ ├── westwind.yara │ ├── wetransfer.yara │ ├── wevtutil.yara │ ├── wget.yara │ ├── where.yara │ ├── whoami.yara │ ├── winrs.yara │ ├── wireproxy.yara │ ├── wireshark.yara │ ├── wiretap.yara │ ├── wiztree.yara │ └── wmic.yara ├── X-Z │ ├── ZenMate_VPN.yara │ ├── Zoho_Assist.yara │ ├── xcopy.yara │ ├── xeox.yara │ ├── xmrig.yara │ ├── xxd.yara │ ├── yakit.yara │ ├── zerobin_net.yara │ └── zrok.yara └── _Others │ ├── _.yara │ ├── _0bin_net.yara │ ├── _12ft_io.yara │ ├── _1clickVPN.yara │ ├── _1secmail_com.yara │ ├── _1ty_me.yara │ ├── _3proxy.yara │ ├── _4shared_com.yara │ └── index_allocation.yara ├── greyware_tools.yara ├── offensive_tool_keyword ├── A-C │ ├── ABPTTS.yara │ ├── ACEshark.yara │ ├── ACLight.yara │ ├── ADACLScanner.yara │ ├── ADAPE_Script.yara │ ├── ADCSCoercePotato.yara │ ├── ADCSKiller.yara │ ├── ADCSPwn.yara │ ├── ADCollector.yara │ ├── ADExplorerSnapshot_py.yara │ ├── ADFSDump.yara │ ├── ADFSDump_PS.yara │ ├── ADFSRelay.yara │ ├── ADFSpoof.yara │ ├── ADPassHunt.yara │ ├── ADSyncDecrypt.yara │ ├── AD_Enumeration_Hunt.yara │ ├── AD_Miner.yara │ ├── AD_exploitation_cheat_sheet.yara │ ├── AMSITrigger.yara │ ├── AMSI_Provider.yara │ ├── AMSI_patch.yara │ ├── APCLdr.yara │ ├── APTSimulator.yara │ ├── ASPJinjaObfuscator.yara │ ├── ASREPRoast.yara │ ├── ATPMiniDump.yara │ ├── AVKiller.yara │ ├── AV_Evasion_Tool.yara │ ├── AWS_Loot.yara │ ├── AbandonedCOMKeys.yara │ ├── Accomplice.yara │ ├── Aclpwn.yara │ ├── ActiveScanPlusPlus.yara │ ├── Adamantium_Thief.yara │ ├── AdaptixC2.yara │ ├── Adcheck.yara │ ├── Adeleginator.yara │ ├── Admin2Sys.yara │ ├── Advanced_SQL_Injection_Cheatsheet.yara │ ├── Adzok.yara │ ├── AggressorScripts_1.yara │ ├── AhMyth_Android_RAT.yara │ ├── Airbash.yara │ ├── Airgeddon.yara │ ├── Akira.yara │ ├── AlanFramework.yara │ ├── Alcatraz.yara │ ├── Amass.yara │ ├── Amnesiac.yara │ ├── AmsiBypass.yara │ ├── Amsi_Bypass.yara │ ├── Amsi_Killer.yara │ ├── AndrewSpecial.yara │ ├── Anevicon.yara │ ├── AoratosWin.yara │ ├── Aoyama_.yara │ ├── AppProxyC2.yara │ ├── Arbitrium_RAT.yara │ ├── Arduino_Pro_Micro.yara │ ├── Ares.yara │ ├── Argus.yara │ ├── Ask4Creds.yara │ ├── AsyncRAT_C_Sharp.yara │ ├── AtlasC2.yara │ ├── AtlasReaper.yara │ ├── AtomLdr.yara │ ├── AttackSurfaceMapper.yara │ ├── Augustus.yara │ ├── AutoBlue_MS17_010.yara │ ├── AutoC2.yara │ ├── AutoPwnKey.yara │ ├── AutoRDPwn.yara │ ├── AutoRecon.yara │ ├── AutoSUID.yara │ ├── AutoSmuggle.yara │ ├── Awesome_Hacking.yara │ ├── Awesome_Hacking_Resources.yara │ ├── AzureADLateralMovement.yara │ ├── AzureAD_Autologon_Brute.yara │ ├── AzureC2Relay.yara │ ├── Azure_AccessPermissions.yara │ ├── BITSInject.yara │ ├── BOFMask.yara │ ├── BOF_NET.yara │ ├── BOINC.yara │ ├── BYOVD_kill_av_edr.yara │ ├── BaRMIe.yara │ ├── BabelStrike.yara │ ├── BabyShark.yara │ ├── BackHAck.yara │ ├── Backstab.yara │ ├── BackupCreds.yara │ ├── BackupOperatorToDA.yara │ ├── BadPotato.yara │ ├── BadRentdrv2.yara │ ├── BadWindowsService.yara │ ├── Bad_PDF.yara │ ├── Bashfuscator.yara │ ├── Bat_Potato.yara │ ├── BeRoot.yara │ ├── BeeLogger.yara │ ├── BesoToken.yara │ ├── BetterBackdoor.yara │ ├── BetterSafetyKatz.yara │ ├── Biu_framework.yara │ ├── BlackShades.yara │ ├── Blackout.yara │ ├── BlankOBF.yara │ ├── Blank_Grabber.yara │ ├── BlazeStealer.yara │ ├── BlockEtw.yara │ ├── BlockOpenHandle.yara │ ├── BlockWindows.yara │ ├── BloodHound.yara │ ├── BloodHound_py.yara │ ├── BobTheSmuggler.yara │ ├── BrowserGhost.yara │ ├── BrowserSnatch.yara │ ├── Browser_C2.yara │ ├── Browser_Data_Grabber.yara │ ├── Browser_password_stealer.yara │ ├── BrowsingHistoryView.yara │ ├── BruteSploit.yara │ ├── BruteX.yara │ ├── BucketLoot.yara │ ├── Burntcigar_KillAV.yara │ ├── BypassAddUser.yara │ ├── BypassCredGuard.yara │ ├── C2ReverseProxy.yara │ ├── C2_Server.yara │ ├── C2_Tool_Collection.yara │ ├── C2_related_tools.yara │ ├── C2concealer.yara │ ├── C3.yara │ ├── CACTUSTORCH.yara │ ├── CDK.yara │ ├── CIMplant.yara │ ├── CLR_Injection.yara │ ├── CMLoot.yara │ ├── CMSeek.yara │ ├── COMHunter.yara │ ├── COM_Hunter.yara │ ├── COM_Object_hijacking.yara │ ├── CSExec.yara │ ├── Cable.yara │ ├── Cactus_WHID.yara │ ├── Cain_and_Abel.yara │ ├── CamHacker.yara │ ├── Cam_Hackers.yara │ ├── CandyPotato.yara │ ├── Carbanak.yara │ ├── CarbonCopy.yara │ ├── Carseat.yara │ ├── CelestialSpark.yara │ ├── CertStealer.yara │ ├── Certify.yara │ ├── Certipy.yara │ ├── ChaiLdr.yara │ ├── CheckPort.yara │ ├── CheckSMBSigning.yara │ ├── Checkmate.yara │ ├── CheeseTools.yara │ ├── Chimera.yara │ ├── ChkNull.yara │ ├── ChromeKatz.yara │ ├── ChromeStealer.yara │ ├── Chrome_App_Bound_Encryption_Decryption.yara │ ├── CloakNDaggerC2.yara │ ├── CmdLineSpoofer.yara │ ├── CoercedPotato.yara │ ├── CoercedPotatoRDLL.yara │ ├── Coercer.yara │ ├── Commander.yara │ ├── ConPtyShell.yara │ ├── ConfuserEx.yara │ ├── ContainYourself.yara │ ├── Cordyceps.yara │ ├── Cowpatty.yara │ ├── Cr3dOv3r.yara │ ├── Crack_allDBs.yara │ ├── Crassus.yara │ ├── CreateService.yara │ ├── CredMaster.yara │ ├── CredPhisher.yara │ ├── CredsLeaker.yara │ ├── Cronos_Rootkit.yara │ ├── CrossLinked.yara │ ├── Crowbar.yara │ ├── CursedChrome.yara │ ├── _base64.yara │ ├── acheron.yara │ ├── acltoolkit.yara │ ├── adPEAS.yara │ ├── ad_ldap_enum.yara │ ├── adalanche.yara │ ├── adaudit.yara │ ├── adconnectdump.yara │ ├── adcshunter.yara │ ├── adcsync.yara │ ├── adeleg.yara │ ├── adfind.yara │ ├── adfsbrute.yara │ ├── adfspray.yara │ ├── adhunt.yara │ ├── adidnsdump.yara │ ├── adsearch.yara │ ├── afrog.yara │ ├── aircrack.yara │ ├── airmon_ng.yara │ ├── airpwn_ng.yara │ ├── al_khaser.yara │ ├── amsi_fail.yara │ ├── antSword.yara │ ├── anydesk.yara │ ├── apollon.yara │ ├── archerysec.yara │ ├── archstrike.yara │ ├── armitage.yara │ ├── arpspoofing.yara │ ├── arsenal.yara │ ├── asleap.yara │ ├── atexec_pro.yara │ ├── attifyos.yara │ ├── autoNTDS.yara │ ├── autobloody.yara │ ├── autonse.yara │ ├── autopwn.yara │ ├── avet.yara │ ├── avred.yara │ ├── awesome_osint.yara │ ├── awesome_pentest.yara │ ├── awesome_pentest_cheat_sheets.yara │ ├── awesome_scapy.yara │ ├── awesome_static_analysis.yara │ ├── awesome_web_security.yara │ ├── awesome_windows_domain_hardening.yara │ ├── b374k.yara │ ├── backdoor_keyword.yara │ ├── badazure.yara │ ├── badrats.yara │ ├── badtouch.yara │ ├── beef.yara │ ├── bettercap.yara │ ├── betterdefaultpasslist.yara │ ├── bitb.yara │ ├── blackarch.yara │ ├── blackcat_ransomware.yara │ ├── blackvision.yara │ ├── blindsight.yara │ ├── bloodhound_quickwin.yara │ ├── bloodyAD.yara │ ├── bof_collection.yara │ ├── bofhound.yara │ ├── boko.yara │ ├── bootkit_rs.yara │ ├── bpf_keylogger.yara │ ├── bropper.yara │ ├── browserling.yara │ ├── bruteratel.yara │ ├── brutespray.yara │ ├── bulletpassview.yara │ ├── burp_log4shell.yara │ ├── burpsuite.yara │ ├── byob.yara │ ├── bypassUAC.yara │ ├── bypass_clm.yara │ ├── bypasswaf.yara │ ├── canisrufus.yara │ ├── catphish.yara │ ├── catspin.yara │ ├── ccmpwn.yara │ ├── cdn_proxy.yara │ ├── celerystalk.yara │ ├── cerbrutus.yara │ ├── certsync.yara │ ├── changeme.yara │ ├── chaos.yara │ ├── charles_proxy.yara │ ├── charlotte.yara │ ├── chashell.yara │ ├── cheetah.yara │ ├── chisel.yara │ ├── chntpw.yara │ ├── chromedump.yara │ ├── chromepass.yara │ ├── chunk_Proxy.yara │ ├── cirt_fuzzer.yara │ ├── clickjack.yara │ ├── cliws.yara │ ├── cloakify.yara │ ├── cloud_enum.yara │ ├── cloudsploit.yara │ ├── cobaltstrike.yara │ ├── combine_harvester.yara │ ├── commando_vm.yara │ ├── commix.yara │ ├── conpass.yara │ ├── conti.yara │ ├── copy.yara │ ├── covenant.yara │ ├── crack_sh.yara │ ├── cracklord.yara │ ├── crackmapexec.yara │ ├── crackmd5_ru.yara │ ├── crackpkcs12.yara │ ├── creddump7.yara │ ├── credhistview.yara │ ├── crossc2.yara │ ├── crunch.yara │ ├── crypto_identifier.yara │ ├── cryptomining.yara │ ├── csploit.yara │ ├── cstealer.yara │ ├── ctfr.yara │ ├── ctftool.yara │ ├── cuddlephish.yara │ └── curlshell.yara ├── D-F │ ├── D1rkInject.yara │ ├── D3m0n1z3dShell.yara │ ├── DAMP.yara │ ├── DBC2.yara │ ├── DCOMPotato.yara │ ├── DCOMUploadExec.yara │ ├── DCSyncer.yara │ ├── DDSpoof.yara │ ├── DEDSEC_RANSOMWARE.yara │ ├── DFSCoerce.yara │ ├── DKMC.yara │ ├── DLHell.yara │ ├── DLLHijackTest.yara │ ├── DLLHound.yara │ ├── DLL_Spoofer.yara │ ├── DNSExfiltrator.yara │ ├── DNSStager.yara │ ├── DNSTracer.yara │ ├── DNS_Hijacking.yara │ ├── DNS_Persist.yara │ ├── DNS_Tunnel_Keylogger.yara │ ├── DOME.yara │ ├── DPAT.yara │ ├── DRSAT.yara │ ├── DSInternals.yara │ ├── DUBrute.yara │ ├── DarkLoadLibrary.yara │ ├── DarkWidow.yara │ ├── Darkside.yara │ ├── DataBouncing.yara │ ├── DavRelayUp.yara │ ├── DcRat.yara │ ├── Ddexec.yara │ ├── DeNiSe.yara │ ├── DeadPotato.yara │ ├── DeathStar.yara │ ├── DebugAmsi.yara │ ├── DecryptAutoLogon.yara │ ├── DecryptRDCManager.yara │ ├── DecryptTeamViewer.yara │ ├── Decrypt_RDCMan.yara │ ├── DefaultCreds_cheat_sheet.yara │ ├── Defeat_Defender.yara │ ├── DefenderCheck.yara │ ├── DelegationBOF.yara │ ├── Dendrobate.yara │ ├── DesertNut.yara │ ├── Diamorphine.yara │ ├── Digispark_Attiny85.yara │ ├── Dinjector.yara │ ├── DirCreate2System.yara │ ├── Direct_Syscalls.yara │ ├── DirtyCLR.yara │ ├── Dirty_Vanity.yara │ ├── Disable_TamperProtection.yara │ ├── Discord_RAT_2_0.yara │ ├── DiskCryptor.yara │ ├── Dispossessor.yara │ ├── DitExplorer.yara │ ├── DllNotificationInjection.yara │ ├── DllProxy.yara │ ├── DoHC2.yara │ ├── DocPlz.yara │ ├── DockerPwn.yara │ ├── DomainPasswordSpray.yara │ ├── DoubleAgent.yara │ ├── DoubleDrive.yara │ ├── Dr0p1t_Framework.yara │ ├── DragonCastle.yara │ ├── DriverDump.yara │ ├── DriverQuery.yara │ ├── Droopscan.yara │ ├── Drupwn.yara │ ├── DuckDuckC2.yara │ ├── DueDLLigence.yara │ ├── DumpAADSyncCreds.yara │ ├── DumpCreds.yara │ ├── DumpKernel_S1_ps1.yara │ ├── DumpLSASS.yara │ ├── DumpNParse.yara │ ├── DumpThatLSASS.yara │ ├── Dumpert.yara │ ├── DumpsterFire.yara │ ├── Dumpy.yara │ ├── DynastyPersist.yara │ ├── EAPHammer.yara │ ├── EASSniper.yara │ ├── EDRPrison.yara │ ├── EDRSandBlast.yara │ ├── EDRSandblast_GodFault.yara │ ├── EDRSilencer.yara │ ├── EDR_Detector.yara │ ├── EDR_Test.yara │ ├── EDRaser.yara │ ├── EQGR.yara │ ├── EQGRP_tools.yara │ ├── ETW.yara │ ├── ETWEventSubscription.yara │ ├── ETWHash.yara │ ├── EXOCET_AV_Evasion.yara │ ├── EarthWorm.yara │ ├── Earth_Lusca_Operations_Tools.yara │ ├── Earth_Lusca_Operations_Tools_.yara │ ├── Ebowla.yara │ ├── EfiGuard.yara │ ├── EfsPotato.yara │ ├── Eggshell.yara │ ├── Egress_Assess.yara │ ├── Elevator.yara │ ├── ElusiveMice.yara │ ├── EmailAll.yara │ ├── EmbedInHTML.yara │ ├── EnableAllTokenPrivs.yara │ ├── EncryptedZIP.yara │ ├── EternalBlack.yara │ ├── EternalHushFramework.yara │ ├── Eternalblue_Doublepulsar_Metasploit.yara │ ├── EventCleaner.yara │ ├── EventLogCrasher.yara │ ├── EventLogMaster.yara │ ├── EventViewer_UACBypass.yara │ ├── Eventlogedit_evt__General.yara │ ├── Eventlogedit_evtx__Evolution.yara │ ├── EvilClippy.yara │ ├── EvilLsassTwin.yara │ ├── EvilSln.yara │ ├── EvilnoVNC.yara │ ├── EvtMute.yara │ ├── Excel_Exploit.yara │ ├── Executable_Files.yara │ ├── Exploits.yara │ ├── Exrop.yara │ ├── ExtPassword_exe.yara │ ├── ExtensionSpoofer.yara │ ├── ExtractBitlockerKeys.yara │ ├── EyeWitness.yara │ ├── FOCA.yara │ ├── FakeAMSI.yara │ ├── FakeCmdLine.yara │ ├── FakeImageExploiter.yara │ ├── Farmer.yara │ ├── Fentanyl.yara │ ├── FiercePhish.yara │ ├── File_Tunnel.yara │ ├── FilelessPELoader.yara │ ├── FindUncommonShares.yara │ ├── Findsploit.yara │ ├── FlipperZero.yara │ ├── FluxionNetwork.yara │ ├── Forensia.yara │ ├── Forensike.yara │ ├── ForgeCert.yara │ ├── ForkPlayground.yara │ ├── FormThief.yara │ ├── FourEye.yara │ ├── Freeze.yara │ ├── Freeze_rs.yara │ ├── FruityC2.yara │ ├── Fuck_Etw.yara │ ├── FudgeC2.yara │ ├── FunctionalC2.yara │ ├── Fynloski_Backdoor.yara │ ├── daphne.yara │ ├── darkarmour.yara │ ├── datasploit.yara │ ├── dazzleUP.yara │ ├── dcipher_cli.yara │ ├── dcomhijack.yara │ ├── decrypt_chrome_passwords.yara │ ├── default_password_info.yara │ ├── defender_control.yara │ ├── deimosc2.yara │ ├── del.yara │ ├── demiguise.yara │ ├── dialupass.yara │ ├── dirbuster.yara │ ├── dirdevil.yara │ ├── dirscraper.yara │ ├── dirty_pipe.yara │ ├── discord_c2.yara │ ├── disctopia_c2.yara │ ├── dll_hijack_by_proxying.yara │ ├── dns2tcp.yara │ ├── dns_black_cat.yara │ ├── dnscan.yara │ ├── dnscat.yara │ ├── dnschef_ng.yara │ ├── dnscrypt.yara │ ├── dnsdumpster.yara │ ├── dnsenum.yara │ ├── dnskire.yara │ ├── dnsmorph.yara │ ├── dnspot.yara │ ├── dnsrecon.yara │ ├── dnsteal.yara │ ├── dnstwist.yara │ ├── domain_analyzer.yara │ ├── domained.yara │ ├── domainhunter.yara │ ├── donpapi.yara │ ├── donut.yara │ ├── dos_over_tor.yara │ ├── doucme.yara │ ├── dploot.yara │ ├── dropper.yara │ ├── dsniff.yara │ ├── dsregcmd.yara │ ├── dtd_finder.yara │ ├── dumper2020.yara │ ├── echoac_poc.yara │ ├── egressbuster.yara │ ├── elevationstation.yara │ ├── elite_proxy_finder.yara │ ├── emkei_cz.yara │ ├── empire.yara │ ├── enum4linux.yara │ ├── etwunhook.yara │ ├── evil_proxy.yara │ ├── evil_winrm.yara │ ├── evilginx2.yara │ ├── evilgrade.yara │ ├── evilqr.yara │ ├── evilrdp.yara │ ├── exe2powershell.yara │ ├── exe_to_dll.yara │ ├── exegol.yara │ ├── expl_bin.yara │ ├── exploit_db.yara │ ├── fake_sms.yara │ ├── fakelogonscreen.yara │ ├── fastfuzz.yara │ ├── fcrackzip.yara │ ├── fetch_some_proxies.yara │ ├── ffuf.yara │ ├── fgdump.yara │ ├── fileless_elf_exec.yara │ ├── findstr.yara │ ├── findsubdomains.yara │ ├── firefox_decrypt.yara │ ├── firesheep.yara │ ├── fltMC.yara │ ├── forkatz.yara │ ├── forum_exploit_in.yara │ ├── frampton.yara │ ├── fscan.yara │ ├── fsutil.yara │ ├── fuegoshell.yara │ ├── fuxploider.yara │ ├── fuzz_txt.yara │ └── fuzzdb.yara ├── G-H │ ├── GC2_sheet.yara │ ├── GCPBucketBrute.yara │ ├── GCR_Google_Calendar_RAT.yara │ ├── GIUDA.yara │ ├── GMSAPasswordReader.yara │ ├── GONET_Scanner.yara │ ├── GPOddity.yara │ ├── GPSCoordinates.yara │ ├── GTFOBLookup.yara │ ├── GTFONow.yara │ ├── GadgetToJScript.yara │ ├── GatherContacts.yara │ ├── Gato_X.yara │ ├── Gecko.yara │ ├── Generate_Macro.yara │ ├── GetLoggedOnUsersRegistry.yara │ ├── Get_NetNTLM.yara │ ├── Get_RBCD_Threaded.yara │ ├── GhostDriver.yara │ ├── GhostInTheNet.yara │ ├── GhostMapper.yara │ ├── GhostPack.yara │ ├── GhostTask.yara │ ├── Ghostpack_CompiledBinaries.yara │ ├── Git_Scanner.yara │ ├── GithubC2.yara │ ├── Github_Username.yara │ ├── Github__Username.yara │ ├── Gitleaks.yara │ ├── GlllPowerloader.yara │ ├── GlobalUnProtect.yara │ ├── GoAWSConsoleSpray.yara │ ├── GoFetch.yara │ ├── Godzilla.yara │ ├── GoldenGMSA.yara │ ├── GonnaCry.yara │ ├── Gorsair.yara │ ├── Gotato.yara │ ├── GrabChrome.yara │ ├── GraphRunner.yara │ ├── GraphSpy.yara │ ├── GraphStrike.yara │ ├── Graphpython.yara │ ├── GreatSCT.yara │ ├── Greenwolf.yara │ ├── Group3r.yara │ ├── HEKATOMB.yara │ ├── HRShell.yara │ ├── HTMLSmuggler.yara │ ├── HTTP_Shell.yara │ ├── HVNC.yara │ ├── HackBrowserData.yara │ ├── HackTheWorld.yara │ ├── HadesLdr.yara │ ├── Hak5_BashBunny.yara │ ├── Hak5_Cloud_C2.yara │ ├── Hak5_Lan_turtle.yara │ ├── Hak5_O_MG_Cable.yara │ ├── Hak5_Rubber_Ducky.yara │ ├── Hak5_Screen_Crab.yara │ ├── Hak5_Wifi_Pineapple.yara │ ├── HardHatC2.yara │ ├── Harvester_OF_SORROW.yara │ ├── Hash_Buster.yara │ ├── HeapCrypt.yara │ ├── HellsGate.yara │ ├── HellsHall.yara │ ├── Heroinn.yara │ ├── Hibr2Dmp.yara │ ├── HideProcess.yara │ ├── HijackHunter.yara │ ├── Hive.yara │ ├── HoneypotBuster.yara │ ├── HookDetector.yara │ ├── HookSentry.yara │ ├── HostRecon.yara │ ├── Huan.yara │ ├── Hypnos.yara │ ├── gMSADumper.yara │ ├── gTunnel.yara │ ├── gateway_finder_imp.yara │ ├── gato.yara │ ├── gcat.yara │ ├── genHTA.yara │ ├── getExploit.yara │ ├── getsploit.yara │ ├── gh0st.yara │ ├── ghauri.yara │ ├── ghidra.yara │ ├── ghostsocks.yara │ ├── gimmeSH.yara │ ├── gimmecredz.yara │ ├── glit.yara │ ├── gmer.yara │ ├── goMatrixC2.yara │ ├── goPassGen.yara │ ├── goWMIExec.yara │ ├── goZulipC2.yara │ ├── go_lsass.yara │ ├── go_secdump.yara │ ├── gobfuscate.yara │ ├── gobuster.yara │ ├── gocrack.yara │ ├── godoh.yara │ ├── godpotato.yara │ ├── golang_c2.yara │ ├── gophish.yara │ ├── gosecretsdump.yara │ ├── gost.yara │ ├── gpp_decrypt.yara │ ├── gsecdump.yara │ ├── gsocket.yara │ ├── h8mail.yara │ ├── hXOR_Packer.yara │ ├── hack_tools.yara │ ├── hackingtool.yara │ ├── hackshell.yara │ ├── hacktricks_xyz.yara │ ├── hades.yara │ ├── hak5_cloudc2.yara │ ├── hakrawler.yara │ ├── hashcat.yara │ ├── hashcat_rule.yara │ ├── hashview.yara │ ├── havoc.yara │ ├── hcxdumptool.yara │ ├── hidden_tear.yara │ ├── hiphp.yara │ ├── hoaxshell.yara │ ├── holehe.yara │ ├── hookchain.yara │ ├── hotkeyz.yara │ ├── hping.yara │ ├── hping3.yara │ ├── htran.yara │ ├── htshells.yara │ ├── hyperion.yara │ └── hypobrychium.yara ├── I-K │ ├── I2P.yara │ ├── ICMP_TransferTools.yara │ ├── IDiagnosticProfileUAC.yara │ ├── IEPassView.yara │ ├── IHxExec.yara │ ├── IIS_Raid.yara │ ├── IKEForce.yara │ ├── IMDSpoof.yara │ ├── IPPrintC2.yara │ ├── Ikeext_Privesc.yara │ ├── Imminent_Monitor.yara │ ├── Imperva_gzip_WAF_Bypass.yara │ ├── ImplantSSP.yara │ ├── Inc.yara │ ├── Indirect_Syscalls.yara │ ├── InflativeLoading.yara │ ├── Infoga.yara │ ├── InsecurePowerShell.yara │ ├── InspectAssembly.yara │ ├── Intercepter_NG.yara │ ├── Internal_Monologue.yara │ ├── IntruderPayloads.yara │ ├── Inveigh.yara │ ├── Invisi_Shell.yara │ ├── InvisibilityCloak.yara │ ├── Invoke_ACLpwn.yara │ ├── Invoke_ADEnum.yara │ ├── Invoke_ArgFuscator.yara │ ├── Invoke_AzureEnum.yara │ ├── Invoke_AzurePasswordSpray.yara │ ├── Invoke_BSOD.yara │ ├── Invoke_BuildAnonymousSMBServer.yara │ ├── Invoke_CleverSpray.yara │ ├── Invoke_DNSteal.yara │ ├── Invoke_DOSfuscation.yara │ ├── Invoke_DumpMDEConfig.yara │ ├── Invoke_GrabTheHash.yara │ ├── Invoke_Obfuscation.yara │ ├── Invoke_PSImage.yara │ ├── Invoke_Phant0m.yara │ ├── Invoke_PowerIncrease.yara │ ├── Invoke_PowerThIEf.yara │ ├── Invoke_Pre2kSpray.yara │ ├── Invoke_PrintDemon.yara │ ├── Invoke_ProcessScan.yara │ ├── Invoke_RDPThief.yara │ ├── Invoke_RunAsSystem.yara │ ├── Invoke_RunAsWithCert.yara │ ├── Invoke_SMBRemoting.yara │ ├── Invoke_SessionHunter.yara │ ├── Invoke_ShareHunter.yara │ ├── Invoke_SocksProxy.yara │ ├── Invoke_Stealth.yara │ ├── Invoke_TheHash.yara │ ├── Invoke_TmpDavFS.yara │ ├── Invoke_WCMDump.yara │ ├── Invoke_WMIpersist.yara │ ├── Invoke_ZeroLogon.yara │ ├── Invoke_s4u2self.yara │ ├── ItWasAllADream.yara │ ├── Jasmin_Ransomware.yara │ ├── Jatayu.yara │ ├── Jira_Lens.yara │ ├── JohnTheRipper.yara │ ├── Jomungand.yara │ ├── Jormungandr.yara │ ├── JuicyPotato.yara │ ├── JuicyPotatoNG.yara │ ├── JumpSession_BOF.yara │ ├── JunctionFolder.yara │ ├── JustEvadeBro.yara │ ├── KCMTicketFormatter.yara │ ├── KExecDD.yara │ ├── KPortScan.yara │ ├── KRBUACBypass.yara │ ├── KaynLdr.yara │ ├── KaynStrike.yara │ ├── KeeFarce.yara │ ├── KeePwn.yara │ ├── KeeTheft.yara │ ├── KeeThiefSyscalls.yara │ ├── Keethief.yara │ ├── Kematian_Stealer.yara │ ├── KerberOPSEC.yara │ ├── KeyCredentialLink.yara │ ├── KeyTabExtract.yara │ ├── KillDefenderBOF.yara │ ├── KittyStager.yara │ ├── Koppeling.yara │ ├── Kraken.yara │ ├── KrakenMask.yara │ ├── KrbRelay.yara │ ├── KrbRelayUp.yara │ ├── KrbRelay_SMBServer.yara │ ├── Krueger.yara │ ├── Kubestroyer.yara │ ├── icebreaker.yara │ ├── icmpsh.yara │ ├── icmptunnel.yara │ ├── impacket.yara │ ├── impacketremoteshell.yara │ ├── impersonate.yara │ ├── impersonate_rs.yara │ ├── inceptor.yara │ ├── infernal_twin.yara │ ├── injectify.yara │ ├── invoke_piper.yara │ ├── iodine.yara │ ├── ivy.yara │ ├── jackdaw.yara │ ├── jackit.yara │ ├── java_deserialization_exploits.yara │ ├── javascript_obfuscator.yara │ ├── jecretz.yara │ ├── joomscan.yara │ ├── jwt_tool.yara │ ├── kali.yara │ ├── kali_anonsurf.yara │ ├── kalitorify.yara │ ├── katoolin3.yara │ ├── keepass_password_dumper.yara │ ├── kekeo.yara │ ├── kerberoast.yara │ ├── kerbrute.yara │ ├── keylogger.yara │ ├── keywa7.yara │ ├── kiglogger.yara │ ├── killer.yara │ ├── kismet.yara │ ├── knowsmore.yara │ ├── koadic.yara │ ├── krackattacks_scripts.yara │ ├── krbjack.yara │ ├── krbrelayx.yara │ ├── kubesploit.yara │ └── kwetza.yara ├── L-N │ ├── L0phtCrack.yara │ ├── LALIN.yara │ ├── LANs_py.yara │ ├── LAPSDecrypt.yara │ ├── LAPSDumper.yara │ ├── LAPSToolkit.yara │ ├── LAZYPARIAH.yara │ ├── LDAPPER.yara │ ├── LDAPWordlistHarvester.yara │ ├── LDAP_Password_Hunter.yara │ ├── LNKUp.yara │ ├── LOLSpoof.yara │ ├── LaZagne.yara │ ├── LaZagneForensic.yara │ ├── Lastenzug.yara │ ├── LatLoader.yara │ ├── LdapRelayScan.yara │ ├── LdrLockLiberator.yara │ ├── LetMeowIn.yara │ ├── LightsOut.yara │ ├── Lime_Crypter.yara │ ├── Lime_RAT.yara │ ├── LinEnum.yara │ ├── LinikatzV2.yara │ ├── LoGiC_NET.yara │ ├── LocalAdminSharp.yara │ ├── LocalShellExtParse.yara │ ├── Lockless.yara │ ├── Locksmith.yara │ ├── LogonTracer.yara │ ├── LostMyPassword.yara │ ├── Lovely_Potato.yara │ ├── LsassReflectDumping.yara │ ├── LsassSilentProcessExit.yara │ ├── Lsassx.yara │ ├── LummaC2_Stealer_sample.yara │ ├── Luna_Grabber.yara │ ├── LyncSniper.yara │ ├── MAAD_AF.yara │ ├── MANSPIDER.yara │ ├── MDE_Enum.yara │ ├── MDExclusionParser.yara │ ├── MFASweep.yara │ ├── MITMf.yara │ ├── MSBuildShell.yara │ ├── MSDAT.yara │ ├── MSOLSpray.yara │ ├── MSSprinkler.yara │ ├── MaccaroniC2.yara │ ├── MacroMeter.yara │ ├── Macrome.yara │ ├── Maestro.yara │ ├── MailPassView.yara │ ├── MailSniper.yara │ ├── MakeMeAdmin.yara │ ├── MalSCCM.yara │ ├── MaliciousMacroGenerator.yara │ ├── MaliciousMacroMSBuild.yara │ ├── Malware_RAT_collection.yara │ ├── Mara.yara │ ├── MegaMedusa.yara │ ├── Memcrashed_DDoS_Exploit.yara │ ├── MetasploitCoop.yara │ ├── MeteTool.yara │ ├── MicroBurst.yara │ ├── MiniDump.yara │ ├── Minimalistic_offensive.yara │ ├── MirrorDump.yara │ ├── Mobile_Security_Framework.yara │ ├── Mobile_Security_Framework_MobSF.yara │ ├── MockDirUACBypass.yara │ ├── Modlishka_.yara │ ├── Moriarty.yara │ ├── MpCmdRun.yara │ ├── Mr_SIP.yara │ ├── Mshikaki.yara │ ├── MultiDump.yara │ ├── MultiPotato.yara │ ├── MutationGate.yara │ ├── Mystikal.yara │ ├── NLBrute.yara │ ├── NPPSpy.yara │ ├── NTDLLReflection.yara │ ├── NTHASH_FPC.yara │ ├── NTLMInjector.yara │ ├── NTLMRelay2Self.yara │ ├── NTLMSleuth.yara │ ├── NTMLRecon.yara │ ├── NachoVPN.yara │ ├── NamedPipeMaster.yara │ ├── NamelessC2.yara │ ├── NativeBypassCredGuard.yara │ ├── NativeDump.yara │ ├── Necro_Stealer.yara │ ├── NetExec.yara │ ├── NetLoader.yara │ ├── NetNTLMtoSilverTicket.yara │ ├── NetRipper.yara │ ├── NetSess.yara │ ├── Net_GPPPassword.yara │ ├── NetshHelperBeacon.yara │ ├── NetworkMiner.yara │ ├── NetworkServiceExploit.yara │ ├── Nidhogg.yara │ ├── Nightmangle.yara │ ├── NimBlackout.yara │ ├── NimDllSideload.yara │ ├── NimExec.yara │ ├── Nimcrypt2.yara │ ├── Ninja.yara │ ├── NixImports.yara │ ├── NoArgs.yara │ ├── NoFilter.yara │ ├── NoPowerShell.yara │ ├── NoSQLMap.yara │ ├── No_powershell.yara │ ├── NoodleRAT.yara │ ├── Nordic_NRF52840.yara │ ├── Nosql_Exploitation_Framework.yara │ ├── NovaLdr.yara │ ├── NtRemoteLoad.yara │ ├── NtRights.yara │ ├── NtdllUnpatcher.yara │ ├── NtlmRelayToEWS.yara │ ├── NtlmThief.yara │ ├── Nuages.yara │ ├── ldapdomaindump.yara │ ├── ldapminer.yara │ ├── ldapnomnom.yara │ ├── ldapsearch_ad.yara │ ├── ldeep.yara │ ├── legba.yara │ ├── libprocesshider.yara │ ├── ligolo.yara │ ├── ligolo_ng.yara │ ├── linWinPwn.yara │ ├── linikatz.yara │ ├── link.yara │ ├── linux_exploit_suggester.yara │ ├── linux_pam_backdoor.yara │ ├── linux_smart_enumeration.yara │ ├── linuxprivchecker.yara │ ├── litefuzz.yara │ ├── lnk2pwn.yara │ ├── lnkbomb.yara │ ├── localpotato.yara │ ├── localtonet.yara │ ├── logman.yara │ ├── logon_backdoor.yara │ ├── lolminer.yara │ ├── lsarelayx.yara │ ├── lsass.yara │ ├── lsassy.yara │ ├── lslsass.yara │ ├── luckystrike.yara │ ├── lyncsmash.yara │ ├── m365_fatigue.yara │ ├── mRemoteNG_Decrypt.yara │ ├── macetrap.yara │ ├── macro_pack.yara │ ├── mail_in_the_middle.yara │ ├── mailpv.yara │ ├── malware.yara │ ├── mars_stealer.yara │ ├── masscan.yara │ ├── merlin.yara │ ├── merlin_agent.yara │ ├── merlin_agent_dll.yara │ ├── metagoofil.yara │ ├── metame.yara │ ├── metasploit.yara │ ├── metasploit_payloads.yara │ ├── metatwin.yara │ ├── mhydeath.yara │ ├── micr0_shell.yara │ ├── mimidogz.yara │ ├── mimikatz.yara │ ├── mimikittenz.yara │ ├── mimipenguin.yara │ ├── mimipy.yara │ ├── mitm6.yara │ ├── mitmAP.yara │ ├── mitmproxy.yara │ ├── mitmsocks4j.yara │ ├── modDetective.yara │ ├── monkey.yara │ ├── moonwalk.yara │ ├── morphHTA.yara │ ├── mortar.yara │ ├── mousejack.yara │ ├── movfuscator.yara │ ├── ms_appinstaller.yara │ ├── msfpc.yara │ ├── msfvenom.yara │ ├── msi_search.yara │ ├── msldapdump.yara │ ├── mspass.yara │ ├── mssqlproxy.yara │ ├── mythic.yara │ ├── nac_bypass.yara │ ├── nanodump.yara │ ├── nanorobeus.yara │ ├── ncrack.yara │ ├── nemesis.yara │ ├── nessus.yara │ ├── net.yara │ ├── net_creds.yara │ ├── netkit.yara │ ├── netpass.yara │ ├── netsh.yara │ ├── netsniff_ng.yara │ ├── nikto.yara │ ├── nimbo_c2.yara │ ├── nimcrypt.yara │ ├── nimplant.yara │ ├── nimproxydll.yara │ ├── nipe.yara │ ├── nircmd.yara │ ├── nirsoft.yara │ ├── nishang.yara │ ├── nmap.yara │ ├── noPac.yara │ ├── no_defender.yara │ ├── noseyparker.yara │ ├── novelbfh.yara │ ├── nping.yara │ ├── nps.yara │ ├── nps_payload.yara │ ├── nsa_rules.yara │ ├── nsocks.yara │ ├── ntdissector.yara │ ├── ntdlll_unhooking_collection.yara │ ├── ntlm_pw.yara │ ├── ntlmquic.yara │ ├── ntlmscan.yara │ ├── ntpescape.yara │ ├── nullinux.yara │ └── nysm.yara ├── O-Q │ ├── OMGLogger.yara │ ├── OMG_Credz_Plz.yara │ ├── OSCP_Archives.yara │ ├── OSCP_Cheatsheets.yara │ ├── OSEP_Code_Snippets.yara │ ├── OWASP.yara │ ├── OWASP_rules.yara │ ├── ObfuscatedSharpCollection.yara │ ├── OffensiveCSharp.yara │ ├── OffensiveCpp.yara │ ├── OffensiveLua.yara │ ├── OffensiveNotion.yara │ ├── Offensive_Netsh_Helper.yara │ ├── Offensive_Payloads.yara │ ├── Office_DDE_Payloads.yara │ ├── Office_Persistence.yara │ ├── Oh365UserFinder.yara │ ├── Okta_Password_Sprayer.yara │ ├── Omnispray.yara │ ├── One_Lin3r.yara │ ├── OpenChromeDumps.yara │ ├── OpenSSH_Trojan.yara │ ├── Openssh.yara │ ├── OperaPassView.yara │ ├── Operative_Framework.yara │ ├── Orc.yara │ ├── Osmedeus.yara │ ├── Ouned.yara │ ├── PEASS.yara │ ├── PEASS_ng.yara │ ├── PENTESTING_BIBLE.yara │ ├── PE_Obfuscator.yara │ ├── PILOT.yara │ ├── PKINITtools.yara │ ├── POC.yara │ ├── POSTDump.yara │ ├── PPLBlade.yara │ ├── PPLFault.yara │ ├── PPLKiller.yara │ ├── PPLSystem.yara │ ├── PPLmedic.yara │ ├── PRT.yara │ ├── PS2EXE.yara │ ├── PSAmsi.yara │ ├── PSAsyncShell.yara │ ├── PSAttack.yara │ ├── PSBits.yara │ ├── PSByPassCLM.yara │ ├── PSMapExec.yara │ ├── PSRansom.yara │ ├── PSRecon.yara │ ├── PSSW100AVB.yara │ ├── PWA_Phishing.yara │ ├── PWCrack.yara │ ├── PWDumpX.yara │ ├── Pachine.yara │ ├── PackMyPayload.yara │ ├── ParamPamPam.yara │ ├── Parasite_Invoke.yara │ ├── PassDetective.yara │ ├── PassHunt.yara │ ├── PassSpray.yara │ ├── PassTheCert.yara │ ├── PassTheChallenge.yara │ ├── Passware_Kit_Forensic.yara │ ├── PasswordHashesView.yara │ ├── Password_Scripts.yara │ ├── Pateensy.yara │ ├── PayGen.yara │ ├── Payload_Download_Cradles.yara │ ├── PayloadsAllTheThings.yara │ ├── Pazuzu.yara │ ├── PcapXray.yara │ ├── Pcredz.yara │ ├── PerfExec.yara │ ├── Perfusion.yara │ ├── PeriscopeC2.yara │ ├── Persistence_Accessibility_Features.yara │ ├── PetitPotato.yara │ ├── PewPewPew.yara │ ├── Pezor.yara │ ├── Phant0m.yara │ ├── PhantomService.yara │ ├── PhoneInfoga.yara │ ├── PhpSploit.yara │ ├── PickleC2.yara │ ├── PingRAT.yara │ ├── PipeViewer_.yara │ ├── PoolParty.yara │ ├── PoolPartyBof.yara │ ├── PoshADCS.yara │ ├── Poshito.yara │ ├── PowerBreach.yara │ ├── PowerBruteLogon.yara │ ├── PowerForensics.yara │ ├── PowerLess.yara │ ├── PowerLessShell.yara │ ├── PowerMemory.yara │ ├── PowerProxy.yara │ ├── PowerSCCM.yara │ ├── PowerSharpPack.yara │ ├── PowerShdll.yara │ ├── PowerShellArsenal.yara │ ├── PowerShellRunner.yara │ ├── PowerShell_Suite.yara │ ├── PowerShx.yara │ ├── PowerSploit.yara │ ├── PowerStager.yara │ ├── PowerUpSQL.yara │ ├── Powerlurk.yara │ ├── Powermad.yara │ ├── Powerpick.yara │ ├── PowershellKerberos.yara │ ├── PowershellTools.yara │ ├── Powershell_Scripts_for_Hackers_and_Pentesters.yara │ ├── PredatorTheStealer.yara │ ├── Prince_Ransomware.yara │ ├── PrintNightmare.yara │ ├── Priv2Admin.yara │ ├── PrivExchange.yara │ ├── PrivFu.yara │ ├── PrivKit.yara │ ├── Privesc.yara │ ├── PrivescCheck.yara │ ├── PrivilegeEscalation.yara │ ├── Privileger.yara │ ├── Probable_Wordlists.yara │ ├── ProtectMyTooling.yara │ ├── Proxmark.yara │ ├── ProxyLogon.yara │ ├── ProxyShell.yara │ ├── Psnmap.yara │ ├── Pspersist.yara │ ├── PstPassword.yara │ ├── PurplePanda.yara │ ├── PwDump7.yara │ ├── PwDump8.yara │ ├── PyExec.yara │ ├── PyExfil.yara │ ├── PySQLRecon.yara │ ├── Pyramid.yara │ ├── Python_Rootkit.yara │ ├── Python_Wordlist_Generator.yara │ ├── o365_attack_toolkit.yara │ ├── o365creeper.yara │ ├── o365enum.yara │ ├── o365recon.yara │ ├── o365spray.yara │ ├── obfy.yara │ ├── octopus.yara │ ├── omg_payloads.yara │ ├── onedrive_user_enum.yara │ ├── onesixtyone.yara │ ├── onex.yara │ ├── onionpipe.yara │ ├── openbullet.yara │ ├── openvas.yara │ ├── ophcrack.yara │ ├── orbitaldump.yara │ ├── p0f.yara │ ├── p0wnedShell.yara │ ├── p0wny_shell.yara │ ├── pac2.yara │ ├── pacu.yara │ ├── padre.yara │ ├── pamspy.yara │ ├── pandora.yara │ ├── panix.yara │ ├── parrot_os.yara │ ├── passphrase_wordlist.yara │ ├── passwordfox.yara │ ├── pastehakk.yara │ ├── patator.yara │ ├── peCloak.yara │ ├── pe_to_shellcode.yara │ ├── peeping_tom.yara │ ├── pendulum.yara │ ├── pentest_machine.yara │ ├── pentest_tools_com.yara │ ├── pentestbox.yara │ ├── persistence_demos.yara │ ├── petipotam.yara │ ├── phishery.yara │ ├── phishing_HTML_linter.yara │ ├── php_reverse_shell.yara │ ├── phuip_fpizdam.yara │ ├── physmem2profit.yara │ ├── pico.yara │ ├── ping_sweep.yara │ ├── pivotnacci.yara │ ├── poisontap.yara │ ├── polenum.yara │ ├── portscan.yara │ ├── poshc2.yara │ ├── potato.yara │ ├── power_pwn.yara │ ├── powercat.yara │ ├── powerextract.yara │ ├── powershell.yara │ ├── powerview.yara │ ├── ppldump.yara │ ├── precompiled_binaries.yara │ ├── prefetch_tool.yara │ ├── pretender.yara │ ├── primusC2.yara │ ├── printspoofer.yara │ ├── processhacker.yara │ ├── prometheus.yara │ ├── proxychains.yara │ ├── psgetsystem.yara │ ├── psobf.yara │ ├── pspy.yara │ ├── pth_toolkit.yara │ ├── ptunnel_ng.yara │ ├── pupy.yara │ ├── pwcrack_framework.yara │ ├── pwdump.yara │ ├── pwn_jenkins.yara │ ├── pwnagotchi.yara │ ├── pwnat.yara │ ├── pwndrop.yara │ ├── pwnlook.yara │ ├── pxethief.yara │ ├── pyGPOAbuse.yara │ ├── pyLAPS.yara │ ├── pydictor.yara │ ├── pymultitor.yara │ ├── pyobfuscate.yara │ ├── pypykatz.yara │ ├── pyrdp.yara │ ├── pysecdump.yara │ ├── pyshell.yara │ ├── pysnaffler.yara │ ├── pysoserial.yara │ ├── pysoxy.yara │ ├── pywerview.yara │ ├── pywhisker.yara │ ├── pywsus.yara │ ├── quarkspwdump.yara │ └── quiet_riot.yara ├── R-T │ ├── RDE1.yara │ ├── RDPCredentialStealer.yara │ ├── RDPHijack_BOF.yara │ ├── RDPInception.yara │ ├── RDPSpray.yara │ ├── RDP_Recognizer.yara │ ├── RDPassSpray.yara │ ├── REC2_.yara │ ├── RID_Hijacking.yara │ ├── RITM.yara │ ├── ROADtoken.yara │ ├── ROADtools.yara │ ├── RPC_Backdoor.yara │ ├── RaRCE.yara │ ├── Radare2.yara │ ├── RadareEye.yara │ ├── RagingRotator.yara │ ├── RainbowCrack.yara │ ├── RandomPS_Scripts.yara │ ├── RasmanPotato.yara │ ├── RdpStrike.yara │ ├── RdpThief.yara │ ├── RealBlindingEDR.yara │ ├── Recon_AD.yara │ ├── RecycledInjector.yara │ ├── RedGuard.yara │ ├── RedHunt_OS.yara │ ├── RedPeanut.yara │ ├── RedPersist.yara │ ├── RedTeam_Tools_n_Stuff.yara │ ├── RedTeam_toolkit.yara │ ├── Red_Baron.yara │ ├── Red_Teaming_Toolkit.yara │ ├── ReelPhish.yara │ ├── RefleXXion.yara │ ├── ReflectiveNtdll.yara │ ├── RegHiveBackup.yara │ ├── RemoteKrbRelay.yara │ ├── RemotePipeList.yara │ ├── RemotePotato0.yara │ ├── Rev_Shell.yara │ ├── RevengeRAT_Stub_Cssharp.yara │ ├── ReverseSock5Proxy.yara │ ├── ReverseTCPShell.yara │ ├── Rhadamanthys.yara │ ├── Rock_ON.yara │ ├── RoguePotato.yara │ ├── RogueSploit.yara │ ├── RogueWinRM.yara │ ├── RottenPotatoNG.yara │ ├── RouterPassView.yara │ ├── RouterScan.yara │ ├── Rubeus.yara │ ├── Rudrastra.yara │ ├── RunAsWinTcb.yara │ ├── RunasCs.yara │ ├── RuralBishop.yara │ ├── RustHound.yara │ ├── RustPotato.yara │ ├── RustRedOps.yara │ ├── Rust_Malware_Samples.yara │ ├── Rust_for_Malware_Development.yara │ ├── RustiveDump.yara │ ├── S3Scanner.yara │ ├── S4UTomato.yara │ ├── SAP_GW_RCE_exploit.yara │ ├── SCCMSecrets.yara │ ├── SCCMVNC.yara │ ├── SCMUACBypass.yara │ ├── SCOMDecrypt.yara │ ├── SMBCrunch.yara │ ├── SMBGhost.yara │ ├── SMBGhost_RCE_PoC.yara │ ├── SMBTrap.yara │ ├── SMBeagle.yara │ ├── SMBetray.yara │ ├── SMShell.yara │ ├── SOAPHound.yara │ ├── SQLRecon.yara │ ├── SQLiScanner.yara │ ├── SQLmate.yara │ ├── SSH_PuTTY_login_bruteforcer.yara │ ├── SSH_Snake.yara │ ├── SSRFmap.yara │ ├── SUDO_KILLER.yara │ ├── SUID3NUM.yara │ ├── S_inject.yara │ ├── SafetyDump.yara │ ├── SafetyKatz.yara │ ├── Salsa_tools.yara │ ├── SamDumpCable.yara │ ├── Sandman.yara │ ├── Scanners_Box.yara │ ├── ScareCrow.yara │ ├── SchTask_0x727.yara │ ├── ScheduleRunner.yara │ ├── ScriptBlock_Smuggling.yara │ ├── ScriptSentry.yara │ ├── SeManageVolumeExploit.yara │ ├── SearchOpenFileShares.yara │ ├── SecScanC2.yara │ ├── SecretServerSecretStealer.yara │ ├── SeeYouCM_Thief.yara │ ├── ServerlessRedirector.yara │ ├── SessionExec.yara │ ├── SessionGopher.yara │ ├── SessionSearcher.yara │ ├── SetProcessInjection.yara │ ├── Set_EtwTraceProvider.yara │ ├── Seth.yara │ ├── ShadowDumper.yara │ ├── ShadowForgeC2.yara │ ├── ShadowHound.yara │ ├── ShadowSpray.yara │ ├── ShadowStealer.yara │ ├── SharPersist.yara │ ├── SharPyShell.yara │ ├── ShareAudit.yara │ ├── SharpADWS.yara │ ├── SharpAVKB.yara │ ├── SharpAltSecIds.yara │ ├── SharpAppLocker.yara │ ├── SharpAzbelt.yara │ ├── SharpBlackout.yara │ ├── SharpBlock.yara │ ├── SharpBruteForceSSH.yara │ ├── SharpBuster.yara │ ├── SharpC2.yara │ ├── SharpCOM.yara │ ├── SharpChrome.yara │ ├── SharpChromium.yara │ ├── SharpClipHistory.yara │ ├── SharpClipboard.yara │ ├── SharpCloud.yara │ ├── SharpCookieMonster.yara │ ├── SharpDPAPI.yara │ ├── SharpDXWebcam.yara │ ├── SharpDecryptPwd.yara │ ├── SharpDllProxy.yara │ ├── SharpDomainSpray.yara │ ├── SharpDoor.yara │ ├── SharpDump.yara │ ├── SharpEDRChecker.yara │ ├── SharpEdge.yara │ ├── SharpEfsPotato.yara │ ├── SharpElevator.yara │ ├── SharpEventLog.yara │ ├── SharpEventPersist.yara │ ├── SharpExShell.yara │ ├── SharpExfil.yara │ ├── SharpExfiltrate.yara │ ├── SharpFtpC2.yara │ ├── SharpGPOAbuse.yara │ ├── SharpGhostTask.yara │ ├── SharpGmailC2.yara │ ├── SharpGpo.yara │ ├── SharpGraphView.yara │ ├── SharpHide.yara │ ├── SharpHose.yara │ ├── SharpIncrease.yara │ ├── SharpKatz.yara │ ├── SharpKiller.yara │ ├── SharpLAPS.yara │ ├── SharpLDAP.yara │ ├── SharpLdapRelayScan.yara │ ├── SharpLocker.yara │ ├── SharpLogger.yara │ ├── SharpMapExec.yara │ ├── SharpMiniDump.yara │ ├── SharpMove.yara │ ├── SharpNBTScan.yara │ ├── SharpNoPSExec.yara │ ├── SharpOxidResolver.yara │ ├── SharpPack.yara │ ├── SharpPersistSD.yara │ ├── SharpPrintNightmare.yara │ ├── SharpRDP.yara │ ├── SharpRDPHijack.yara │ ├── SharpRDPThief.yara │ ├── SharpRODC.yara │ ├── SharpSAMDump.yara │ ├── SharpSC.yara │ ├── SharpSCCM.yara │ ├── SharpSQL.yara │ ├── SharpSQLPwn.yara │ ├── SharpSSDP.yara │ ├── SharpSecDump.yara │ ├── SharpShares.yara │ ├── SharpShellPipe.yara │ ├── SharpShooter.yara │ ├── SharpSocks.yara │ ├── SharpSploit.yara │ ├── SharpSploitConsole.yara │ ├── SharpSpray.yara │ ├── SharpStay.yara │ ├── SharpSword.yara │ ├── SharpSystemTriggers.yara │ ├── SharpTerminator.yara │ ├── SharpThief.yara │ ├── SharpToken.yara │ ├── SharpUnhooker.yara │ ├── SharpUp.yara │ ├── SharpVeeamDecryptor.yara │ ├── SharpView.yara │ ├── SharpWSUS.yara │ ├── SharpWeb.yara │ ├── SharpZeroLogon.yara │ ├── Sharp_Suite.yara │ ├── Sharpmad.yara │ ├── Shell3er.yara │ ├── ShellGen.yara │ ├── ShellGhost.yara │ ├── ShellPop.yara │ ├── ShellPwnsh.yara │ ├── ShellServe.yara │ ├── ShellSync.yara │ ├── Shellcode_Downloader_CreateThread_Execution.yara │ ├── Shellcode_Hide.yara │ ├── Shellcode_Loader.yara │ ├── Shhhloader.yara │ ├── ShimDB.yara │ ├── ShimMe.yara │ ├── Shoggoth.yara │ ├── ShuckNT.yara │ ├── Shwmae.yara │ ├── SigPloit.yara │ ├── SigmaPotato.yara │ ├── SignToolEx.yara │ ├── SilentCryptoMiner.yara │ ├── SilentHound.yara │ ├── SilentMoonwalk.yara │ ├── SillyRAT.yara │ ├── SimpleBackdoorAdmin.yara │ ├── SimpleNTSyscallFuzzer.yara │ ├── Simple_Reverse_Shell.yara │ ├── SimplyEmail.yara │ ├── SingleDose.yara │ ├── SirepRAT.yara │ ├── Sitadel.yara │ ├── Slackor.yara │ ├── SlinkyCat.yara │ ├── SmashedPotato.yara │ ├── Smbtouch_Scanner.yara │ ├── Sn1per.yara │ ├── SnaffPoint.yara │ ├── Snaffler.yara │ ├── SniffAir.yara │ ├── SniffPass.yara │ ├── SocialBox_Termux.yara │ ├── SocialPwned.yara │ ├── SomalifuscatorV2.yara │ ├── SpaceRunner.yara │ ├── SpamChannel.yara │ ├── Spartacus.yara │ ├── SplunkWhisperer2.yara │ ├── SpookFlare.yara │ ├── SpoolFool.yara │ ├── Spray365.yara │ ├── SprayingToolkit.yara │ ├── Spring4Shell.yara │ ├── SpringCore0day.yara │ ├── Spyndicapped.yara │ ├── SspiUacBypass.yara │ ├── StackCrypt.yara │ ├── StandIn.yara │ ├── Stardust.yara │ ├── StayKit.yara │ ├── StealDhcpSecrets.yara │ ├── Sticky_Keys_Slayer.yara │ ├── Stifle.yara │ ├── Stompy.yara │ ├── Striker.yara │ ├── Sublist3r.yara │ ├── Suborner.yara │ ├── Sudomy.yara │ ├── SunCrypt.yara │ ├── Sunder.yara │ ├── Supernova.yara │ ├── SwampThing.yara │ ├── SweetPotato.yara │ ├── Synergy_httpx.yara │ ├── SysJoker.yara │ ├── SysWhispers3.yara │ ├── SystemBC.yara │ ├── TGSThief.yara │ ├── TGT_Monitor.yara │ ├── TREVORspray.yara │ ├── TakeMyRDP.yara │ ├── TartarusGate.yara │ ├── Tchopper.yara │ ├── TeamFiltration.yara │ ├── TeamsEnum.yara │ ├── TelegramRAT.yara │ ├── Telemetry.yara │ ├── Termite.yara │ ├── TheFatRat.yara │ ├── ThievingFox.yara │ ├── ThisIsNotRat.yara │ ├── Thread_Pool_Injection_PoC.yara │ ├── ThreadlessInject.yara │ ├── ThreatCheck.yara │ ├── Throwback.yara │ ├── ThunderDNS.yara │ ├── ThunderShell.yara │ ├── TimeException.yara │ ├── Timeroast.yara │ ├── TinyMet.yara │ ├── ToRat.yara │ ├── TokenFinder.yara │ ├── TokenPlayer.yara │ ├── TokenStealer.yara │ ├── TokenTactics.yara │ ├── TokenTacticsV2.yara │ ├── TokenUniverse.yara │ ├── Token_Impersonation.yara │ ├── Tokenvator.yara │ ├── Tool_PassView.yara │ ├── Tool_X.yara │ ├── TorPylle.yara │ ├── TotalRecall.yara │ ├── TrickDump.yara │ ├── TripleCross.yara │ ├── TrueSocks.yara │ ├── Tsunami.yara │ ├── TunnelVision.yara │ ├── r77_rootkit.yara │ ├── ransomware_notes.yara │ ├── ratchatgpt.yara │ ├── ratchatpt.yara │ ├── rattler.yara │ ├── rdpscraper.yara │ ├── rdpv.yara │ ├── reGeorg.yara │ ├── reaper.yara │ ├── reapoc.yara │ ├── recaptcha_phish.yara │ ├── recon_archy.yara │ ├── reconftw.yara │ ├── red_hawk.yara │ ├── red_python_scripts.yara │ ├── red_team_scripts.yara │ ├── redis_rce.yara │ ├── redpill.yara │ ├── reg.yara │ ├── regreeper.yara │ ├── remote_method_guesser.yara │ ├── rengine.yara │ ├── resocks.yara │ ├── responder.yara │ ├── revbshell.yara │ ├── reverse_shell_generator.yara │ ├── reverse_ssh.yara │ ├── reverst.yara │ ├── revsocks.yara │ ├── ridrelay.yara │ ├── rmdir.yara │ ├── ropfuscator.yara │ ├── rotateproxy.yara │ ├── routerpasswords_com.yara │ ├── routersploit.yara │ ├── rpivot.yara │ ├── rs_shell.yara │ ├── rsg.yara │ ├── rshijack.yara │ ├── rsockstun.yara │ ├── rsocx.yara │ ├── ruler.yara │ ├── rustcat.yara │ ├── rwxfinder.yara │ ├── sRDI.yara │ ├── saint.yara │ ├── sam_the_admin.yara │ ├── samdump.yara │ ├── samdump2.yara │ ├── sandcat.yara │ ├── saycheese.yara │ ├── scan4all.yara │ ├── scanless.yara │ ├── sccmdecryptpoc.yara │ ├── sccmhunter.yara │ ├── scshell.yara │ ├── seatbelt.yara │ ├── secretfinder.yara │ ├── secretsdump.yara │ ├── securesocketfunneling.yara │ ├── security_onion.yara │ ├── sgn.yara │ ├── shad0w.yara │ ├── sharpcollection.yara │ ├── sharphound.yara │ ├── shellcodetester.yara │ ├── shellsilo.yara │ ├── shhmon.yara │ ├── shodan_io.yara │ ├── shootback.yara │ ├── shutter.yara │ ├── silenttrinity.yara │ ├── sish.yara │ ├── slip.yara │ ├── sliver.yara │ ├── smartbrute.yara │ ├── smb_reverse_shell.yara │ ├── smb_scanner.yara │ ├── smbcrawler.yara │ ├── smbmap.yara │ ├── smbscan.yara │ ├── smbsr.yara │ ├── smtp_user_enum.yara │ ├── smuggler_py.yara │ ├── snallygaster.yara │ ├── sniffer.yara │ ├── sniffglue.yara │ ├── snmpwn.yara │ ├── socat.yara │ ├── social_engineer_toolkit.yara │ ├── specula.yara │ ├── spellbound.yara │ ├── spiderfoot.yara │ ├── spinningteacup.yara │ ├── spoofing_office_macro.yara │ ├── spoolsploit.yara │ ├── spraycharles.yara │ ├── sprayhound.yara │ ├── spraykatz.yara │ ├── spring_core_rce.yara │ ├── sqli_labs.yara │ ├── sqlipy.yara │ ├── sqlmap.yara │ ├── sqlninja.yara │ ├── ssfd.yara │ ├── sshLooterC.yara │ ├── ssh_auditor.yara │ ├── ssh_mitm.yara │ ├── sshamble.yara │ ├── sshame.yara │ ├── sshimpanzee.yara │ ├── sslstrip.yara │ ├── statistically_likely_usernames.yara │ ├── stowaway.yara │ ├── subbrute.yara │ ├── subfinder.yara │ ├── sudoSnatch.yara │ ├── sudo_inject.yara │ ├── supershell.yara │ ├── susinternals.yara │ ├── sysmonquiet.yara │ ├── t14m4t.yara │ ├── taowu_cobalt_strike.yara │ ├── targetedKerberoast.yara │ ├── tcpreplay.yara │ ├── teams_dump.yara │ ├── teamsphisher.yara │ ├── teamstracker.yara │ ├── tetanus.yara │ ├── thc_hydra.yara │ ├── theHarvester.yara │ ├── the_backdoor_factory.yara │ ├── themebleed.yara │ ├── thoth.yara │ ├── ticket_converter.yara │ ├── tor.yara │ ├── tor2web.yara │ ├── torproject.yara │ ├── tplmap.yara │ ├── trackerjacker.yara │ ├── traitor.yara │ ├── transfer_sh.yara │ ├── trevorc2.yara │ ├── tricky_lnk.yara │ ├── truffleHog.yara │ ├── tsh.yara │ ├── tsh_go.yara │ ├── tun2socks.yara │ └── twittor.yara ├── U-W │ ├── UACME.yara │ ├── UFONet.yara │ ├── UnhookingPatch.yara │ ├── UniByAv.yara │ ├── UniversalDVC.yara │ ├── UnlinkDLL.yara │ ├── UnmanagedPowerShell.yara │ ├── UnquotedPath.yara │ ├── UnstoppableService.yara │ ├── UsoDllLoader.yara │ ├── V3n0M_Scanner.yara │ ├── VBA_RunPE.yara │ ├── VDR.yara │ ├── VNCPassView.yara │ ├── Vajra.yara │ ├── VeamHax.yara │ ├── VectorKernel.yara │ ├── VenomousSway.yara │ ├── Villain.yara │ ├── VirusTotalC2.yara │ ├── VoidCrypt.yara │ ├── Voidgate.yara │ ├── Volumiser.yara │ ├── Vulmap.yara │ ├── WAF_bypass_Cheat_Sheet.yara │ ├── WCE.yara │ ├── WDBypass.yara │ ├── WDExtract.yara │ ├── WINspect.yara │ ├── WLAN_Windows_Passwords.yara │ ├── WMEye.yara │ ├── WMIHACKER.yara │ ├── WMIPersistence.yara │ ├── WMIcmd.yara │ ├── WMImplant.yara │ ├── WPScan.yara │ ├── WSAAcceptBackdoor.yara │ ├── WSMan_WinRM.yara │ ├── WSPCoerce.yara │ ├── WSUSpendu.yara │ ├── Waitfor_Persistence.yara │ ├── WebDavC2.yara │ ├── WebDeveloperSecurityChecklist.yara │ ├── WebSocketReverseShellDotNet.yara │ ├── Weevely3.yara │ ├── WerTrigger.yara │ ├── WhatBreach.yara │ ├── WheresMyImplant.yara │ ├── Whisker.yara │ ├── WiFi_Pumpkin.yara │ ├── WinDefenderKiller.yara │ ├── WinPirate.yara │ ├── WinPwn.yara │ ├── WinPwnage.yara │ ├── WinSCPPasswdExtractor.yara │ ├── WinShellcode.yara │ ├── WindfarmDynamite.yara │ ├── WindowsDowndate.yara │ ├── WindowsExploitationResources.yara │ ├── Windows_Crack.yara │ ├── Windows_Exploit_Suggester.yara │ ├── Windows_MSKSSRV_LPE_CVE_2023_36802.yara │ ├── Windows_Post_Exploitation.yara │ ├── Windows_Privilege_Escalation.yara │ ├── Winpayloads.yara │ ├── WirelessKeyView.yara │ ├── WitnessMe.yara │ ├── Wmisploit.yara │ ├── WorldWind_Stealer.yara │ ├── udmp_parser.yara │ ├── unDefender.yara │ ├── undertheradar.yara │ ├── unicorn.yara │ ├── unshackle.yara │ ├── upload_nolog_cz.yara │ ├── usbmon.yara │ ├── usbpcap.yara │ ├── username_anarchy.yara │ ├── vRealizeLogInsightRCE.yara │ ├── var0xshell.yara │ ├── vbad.yara │ ├── vcsmap.yara │ ├── veeam_creds.yara │ ├── venom.yara │ ├── viperc2.yara │ ├── vncpwdump.yara │ ├── w3af.yara │ ├── wafw00f.yara │ ├── wapiti.yara │ ├── warberry.yara │ ├── wcreddump.yara │ ├── wePWNise.yara │ ├── weakpass.yara │ ├── webBrowserPassView.yara │ ├── web_hacking_toolkit.yara │ ├── webshell.yara │ ├── webtrufflehog.yara │ ├── wfuzz.yara │ ├── whatlicense.yara │ ├── whiskeysamlandfriends.yara │ ├── whoami.yara │ ├── wifi_bruteforcer_fsecurify.yara │ ├── wifi_bruteforcer_fsecurity.yara │ ├── wifibroot.yara │ ├── wifigrabber.yara │ ├── wifijammer.yara │ ├── wifiphisher.yara │ ├── wifite2.yara │ ├── winPEAS.yara │ ├── win_brute_logon.yara │ ├── windapsearch.yara │ ├── windows_defender_remover.yara │ ├── windows_login_phish.yara │ ├── windows_privesc_check.yara │ ├── winexe.yara │ ├── winsos_poc.yara │ ├── wiresocks.yara │ ├── wmic.yara │ ├── wmiexec.yara │ ├── wmiexec2.yara │ ├── wmiexec_pro.yara │ ├── wordlists.yara │ ├── wordsmith.yara │ ├── wpaf.yara │ ├── wraith.yara │ ├── wso_webshell.yara │ ├── wstunnel.yara │ └── wsuxploit.yara ├── X-Z │ ├── XSS_Payloads.yara │ ├── XSStrike.yara │ ├── XXEinjector.yara │ ├── Xerror.yara │ ├── XiebroC2.yara │ ├── Xrulez.yara │ ├── Xworm.yara │ ├── ZeroHVCI.yara │ ├── ZipExec.yara │ ├── Zloader.yara │ ├── xeno_rat.yara │ ├── xrdp.yara │ ├── xspy.yara │ ├── xss_labs.yara │ ├── xz.yara │ ├── yodo.yara │ ├── ysoserial_net.yara │ ├── zarp.yara │ ├── zeroday_powershell.yara │ ├── zerologon.yara │ └── zerosum0x0.yara └── _Others │ ├── _.yara │ ├── _0d1n.yara │ ├── _0day_today.yara │ ├── _1_6_C2.yara │ ├── _365_Stealer.yara │ ├── _3snake.yara │ ├── _4everproxy.yara │ └── _7zip.yara ├── offensive_tools.yara └── signature_keyword ├── A-C ├── Adzok.yara ├── Ammyy_Admin.yara ├── Amnesiac.yara ├── AmsiBypass.yara ├── Antivirus_Signature.yara ├── AnyplaceControl.yara ├── AsyncRAT_C_Sharp.yara ├── BITSInject.yara ├── Backstab.yara ├── BadPotato.yara ├── BadRentdrv2.yara ├── Bat_Potato.yara ├── BeRoot.yara ├── Blank_Grabber.yara ├── BlockEtw.yara ├── Burntcigar_KillAV.yara ├── Carbanak.yara ├── adPEAS.yara ├── adfind.yara ├── adrecon.yara ├── advanced_port_scanner.yara ├── antSword.yara ├── arp.yara ├── auditd.yara ├── bulletpassview.yara ├── cp.yara ├── cryptomining.yara └── cstealer.yara ├── D-F ├── DEDSEC_RANSOMWARE.yara ├── Dameware.yara ├── DeadPotato.yara ├── Decrypt_RDCMan.yara ├── DumpLSASS.yara ├── Dumpert.yara ├── EarthWorm.yara ├── EternalBlack.yara ├── defender_control.yara └── fscan.yara ├── G-H ├── Godzilla.yara ├── GonnaCry.yara ├── Group3r.yara ├── HVNC.yara ├── ghostsocks.yara ├── gmer.yara ├── gsecdump.yara ├── hak5_cloudc2.yara ├── hidden_tear.yara ├── hookchain.yara └── htran.yara ├── I-K ├── Imminent_Monitor.yara ├── Invoke_SocksProxy.yara ├── Invoke_TheHash.yara ├── Jasmin_Ransomware.yara ├── KPortScan.yara ├── Krueger.yara ├── impacket.yara └── kiglogger.yara ├── L-N ├── LAPSToolkit.yara ├── LOLSpoof.yara ├── LaZagne.yara ├── Lime_Crypter.yara ├── Lumma_Stealer.yara ├── MEGAcmd.yara ├── MailPassView.yara ├── MozillaCookiesView.yara ├── NetSess.yara ├── NoodleRAT.yara ├── NtlmThief.yara ├── linuxprivchecker.yara ├── lslsass.yara ├── merlin.yara ├── merlin_agent.yara ├── merlin_agent_dll.yara ├── mimikatz.yara ├── netpass.yara └── nping.yara ├── O-Q ├── PCHunter.yara ├── PEASS.yara ├── POC.yara ├── PWDumpX.yara ├── PipeViewer_.yara ├── Powershell_Scripts_for_Hackers_and_Pentesters.yara ├── Powertool.yara ├── Prince_Ransomware.yara ├── PrintNightmare.yara ├── PwDump7.yara ├── Python_Rootkit.yara ├── passwordfox.yara ├── pingcastle.yara ├── powercat.yara ├── powerview.yara └── psexec.yara ├── R-T ├── RdpThief.yara ├── RemoteUtilities.yara ├── RouterScan.yara ├── S_inject.yara ├── Sandman.yara ├── SessionGopher.yara ├── ShadowDumper.yara ├── SharpClipboard.yara ├── SharpDump.yara ├── SharpEDRChecker.yara ├── SharpShares.yara ├── Smbtouch_Scanner.yara ├── SniffPass.yara ├── SpoolFool.yara ├── TDSKiller.yara ├── Telemetry.yara ├── Termite.yara ├── r77_rootkit.yara ├── rclone.yara ├── rdp.yara ├── revbshell.yara ├── reverse_shell_generator.yara ├── seatbelt.yara ├── sharphound.yara ├── sliver.yara ├── softperfect_networkscanner.yara ├── sshdoor.yara ├── stowaway.yara ├── susinternals.yara ├── tightvnc.yara └── tor.yara ├── U-W ├── UltraVNC.yara ├── VNCPassView.yara ├── Venom.yara ├── WMIHACKER.yara ├── vncviewer.yara ├── webBrowserPassView.yara ├── windows_defender_remover.yara └── wraith.yara └── X-Z └── xz.yara /.github/FUNDING.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/.github/FUNDING.yml -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/.gitignore -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/LICENSE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/README.md -------------------------------------------------------------------------------- /_utils/create_combined_yara_file.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/_utils/create_combined_yara_file.py -------------------------------------------------------------------------------- /_utils/create_specific_guid_only_yara.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/_utils/create_specific_guid_only_yara.py -------------------------------------------------------------------------------- /_utils/create_yara_rules.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/_utils/create_yara_rules.py -------------------------------------------------------------------------------- /_utils/create_yara_strict_rules.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/_utils/create_yara_strict_rules.py -------------------------------------------------------------------------------- /_utils/download_threathunting-keywords.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/_utils/download_threathunting-keywords.py -------------------------------------------------------------------------------- /_utils/scan.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/_utils/scan.py -------------------------------------------------------------------------------- /_utils/threathunting-keywords.csv: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/_utils/threathunting-keywords.csv -------------------------------------------------------------------------------- /specific/CVE/CVE-2025-21298.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/specific/CVE/CVE-2025-21298.yara -------------------------------------------------------------------------------- /yara_rules/all.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/all.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/AD_Miner.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/AD_Miner.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/APT.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/APT.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/AVDump.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/AVDump.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/Ahk2Exe.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/Ahk2Exe.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/Alpemix.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/Alpemix.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/Astar VPN.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/Astar VPN.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/Atera.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/Atera.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/AutoIt.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/AutoIt.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/AutoSUID.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/AutoSUID.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/Azino VPN.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/Azino VPN.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/BelkaVPN.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/BelkaVPN.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/Bomgar.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/Bomgar.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/Box.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/Box.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/BullVPN.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/BullVPN.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/CIMplant.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/CIMplant.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/Cloud VPN.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/Cloud VPN.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/Cmdkey.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/Cmdkey.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/action1.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/action1.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/adaudit.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/adaudit.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/adfind.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/adfind.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/adget.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/adget.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/adobe.com.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/adobe.com.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/adrecon.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/adrecon.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/aeroadmin.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/aeroadmin.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/anydesk.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/anydesk.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/anyviewer.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/anyviewer.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/arp.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/arp.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/assoc.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/assoc.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/atnow.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/atnow.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/attrib.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/attrib.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/auditd.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/auditd.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/auvik.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/auvik.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/aweray.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/aweray.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/awk.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/awk.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/base64.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/base64.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/bash.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/bash.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/bayfiles.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/bayfiles.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/bcdedit.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/bcdedit.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/bcedit.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/bcedit.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/bitsadmin.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/bitsadmin.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/bittorent.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/bittorent.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/bore.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/bore.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/btunnel.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/btunnel.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/burrow.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/burrow.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/cat.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/cat.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/certoc.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/certoc.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/certutil.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/certutil.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/chattr.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/chattr.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/chcp.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/chcp.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/chgpass.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/chgpass.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/chromium.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/chromium.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/clbin.com.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/clbin.com.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/copy.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/copy.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/cp.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/cp.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/croc.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/croc.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/crond.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/crond.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/crontab.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/crontab.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/crowbar.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/crowbar.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/csvde.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/csvde.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/curl.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/curl.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/cut.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/cut.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/A-C/cytool.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/A-C/cytool.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/D-F/DBC2.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/D-F/DBC2.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/D-F/Daily VPN.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/D-F/Daily VPN.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/D-F/Dameware.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/D-F/Dameware.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/D-F/Disk2vhd.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/D-F/Disk2vhd.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/D-F/DotVPN.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/D-F/DotVPN.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/D-F/Earth VPN.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/D-F/Earth VPN.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/D-F/Excel.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/D-F/Excel.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/D-F/FileZilla.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/D-F/FileZilla.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/D-F/Free VPN.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/D-F/Free VPN.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/D-F/dd.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/D-F/dd.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/D-F/debugdfs.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/D-F/debugdfs.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/D-F/del.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/D-F/del.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/D-F/dig.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/D-F/dig.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/D-F/dir.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/D-F/dir.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/D-F/discord.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/D-F/discord.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/D-F/dns.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/D-F/dns.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/D-F/dnscmd.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/D-F/dnscmd.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/D-F/dnslog.cn.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/D-F/dnslog.cn.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/D-F/dpapi.py.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/D-F/dpapi.py.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/D-F/dropbear.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/D-F/dropbear.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/D-F/dropbox.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/D-F/dropbox.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/D-F/dsquery.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/D-F/dsquery.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/D-F/ducktail.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/D-F/ducktail.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/D-F/dwagent.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/D-F/dwagent.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/D-F/echo.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/D-F/echo.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/D-F/eraser.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/D-F/eraser.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/D-F/esentutl.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/D-F/esentutl.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/D-F/esxcli.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/D-F/esxcli.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/D-F/evilrdp.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/D-F/evilrdp.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/D-F/exegol.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/D-F/exegol.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/D-F/export.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/D-F/export.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/D-F/expose.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/D-F/expose.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/D-F/fex.net.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/D-F/fex.net.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/D-F/fiddler.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/D-F/fiddler.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/D-F/file.io.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/D-F/file.io.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/D-F/find.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/D-F/find.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/D-F/findstr.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/D-F/findstr.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/D-F/fleetdeck.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/D-F/fleetdeck.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/D-F/fleetdm.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/D-F/fleetdm.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/D-F/frp.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/D-F/frp.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/D-F/ftype.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/D-F/ftype.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/G-H/GeoProxy.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/G-H/GeoProxy.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/G-H/GoToMyPC.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/G-H/GoToMyPC.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/G-H/Gom VPN.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/G-H/Gom VPN.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/G-H/Goodsync.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/G-H/Goodsync.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/G-H/Hola VPN.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/G-H/Hola VPN.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/G-H/Hub VPN.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/G-H/Hub VPN.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/G-H/Hunter.io.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/G-H/Hunter.io.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/G-H/getcap.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/G-H/getcap.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/G-H/getent.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/G-H/getent.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/G-H/github.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/G-H/github.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/G-H/gofile.io.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/G-H/gofile.io.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/G-H/golang_c2.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/G-H/golang_c2.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/G-H/gost.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/G-H/gost.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/G-H/gpg.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/G-H/gpg.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/G-H/grep.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/G-H/grep.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/G-H/gt.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/G-H/gt.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/G-H/gtfobins.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/G-H/gtfobins.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/G-H/history.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/G-H/history.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/I-K/icacls.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/I-K/icacls.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/I-K/icalcs.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/I-K/icalcs.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/I-K/ifconfig.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/I-K/ifconfig.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/I-K/impacket.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/I-K/impacket.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/I-K/ip.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/I-K/ip.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/I-K/ipscan.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/I-K/ipscan.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/I-K/iptables.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/I-K/iptables.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/I-K/ired.team.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/I-K/ired.team.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/I-K/jprq.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/I-K/jprq.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/L-N/LTProxy.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/L-N/LTProxy.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/L-N/LogMeIn.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/L-N/LogMeIn.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/L-N/MEGAcmd.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/L-N/MEGAcmd.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/L-N/MEGAsync.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/L-N/MEGAsync.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/L-N/Malus VPN.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/L-N/Malus VPN.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/L-N/MpCmdRun.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/L-N/MpCmdRun.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/L-N/Neo4j.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/L-N/Neo4j.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/L-N/NetshRun.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/L-N/NetshRun.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/L-N/NimScan.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/L-N/NimScan.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/L-N/NordVPN.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/L-N/NordVPN.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/L-N/ldifde.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/L-N/ldifde.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/L-N/level.io.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/L-N/level.io.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/L-N/linux.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/L-N/linux.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/L-N/ln.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/L-N/ln.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/L-N/locate.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/L-N/locate.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/L-N/ls.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/L-N/ls.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/L-N/lyncsmash.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/L-N/lyncsmash.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/L-N/maildrop.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/L-N/maildrop.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/L-N/mediafire.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/L-N/mediafire.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/L-N/mega.nz.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/L-N/mega.nz.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/L-N/megatools.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/L-N/megatools.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/L-N/mkdir.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/L-N/mkdir.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/L-N/modproble.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/L-N/modproble.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/L-N/mshta.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/L-N/mshta.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/L-N/msiexec.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/L-N/msiexec.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/L-N/mv.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/L-N/mv.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/L-N/my-ip.io.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/L-N/my-ip.io.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/L-N/myftp.biz.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/L-N/myftp.biz.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/L-N/myftp.org.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/L-N/myftp.org.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/L-N/nbtscan.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/L-N/nbtscan.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/L-N/nbtstat.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/L-N/nbtstat.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/L-N/nc.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/L-N/nc.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/L-N/ncat.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/L-N/ncat.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/L-N/net.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/L-N/net.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/L-N/netcat.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/L-N/netcat.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/L-N/netscan.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/L-N/netscan.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/L-N/netsh.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/L-N/netsh.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/L-N/netstat.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/L-N/netstat.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/L-N/ngrok.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/L-N/ngrok.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/L-N/nircmd.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/L-N/nircmd.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/L-N/nltest.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/L-N/nltest.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/L-N/nmap.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/L-N/nmap.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/L-N/nping.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/L-N/nping.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/L-N/ntdsutil.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/L-N/ntdsutil.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/O-Q/OPENVPN.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/O-Q/OPENVPN.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/O-Q/Openssh.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/O-Q/Openssh.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/O-Q/PAExec.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/O-Q/PAExec.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/O-Q/PCHunter.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/O-Q/PCHunter.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/O-Q/PP VPN.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/O-Q/PP VPN.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/O-Q/PortQry.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/O-Q/PortQry.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/O-Q/Portr.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/O-Q/Portr.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/O-Q/Powertool.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/O-Q/Powertool.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/O-Q/Prime VPN.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/O-Q/Prime VPN.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/O-Q/Pron VPN.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/O-Q/Pron VPN.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/O-Q/ProxFlow.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/O-Q/ProxFlow.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/O-Q/Proxifier.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/O-Q/Proxifier.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/O-Q/ProxyFlow.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/O-Q/ProxyFlow.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/O-Q/Pulseway.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/O-Q/Pulseway.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/O-Q/PureVPN.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/O-Q/PureVPN.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/O-Q/Push VPN.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/O-Q/Push VPN.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/O-Q/Quasar.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/O-Q/Quasar.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/O-Q/oset.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/O-Q/oset.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/O-Q/passwd.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/O-Q/passwd.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/O-Q/paste.ee.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/O-Q/paste.ee.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/O-Q/pastebin.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/O-Q/pastebin.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/O-Q/pdbedit.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/O-Q/pdbedit.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/O-Q/pgrok.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/O-Q/pgrok.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/O-Q/php.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/O-Q/php.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/O-Q/pinggy.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/O-Q/pinggy.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/O-Q/pktmon.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/O-Q/pktmon.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/O-Q/plink.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/O-Q/plink.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/O-Q/procdump.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/O-Q/procdump.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/O-Q/procmon.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/O-Q/procmon.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/O-Q/produkey.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/O-Q/produkey.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/O-Q/psexec.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/O-Q/psexec.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/O-Q/pslist.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/O-Q/pslist.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/O-Q/put.io.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/O-Q/put.io.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/O-Q/putty.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/O-Q/putty.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/O-Q/py2exe.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/O-Q/py2exe.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/O-Q/pyshark.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/O-Q/pyshark.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/O-Q/python.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/O-Q/python.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/O-Q/qaz.im.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/O-Q/qaz.im.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/O-Q/qaz.is.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/O-Q/qaz.is.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/O-Q/qaz.su.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/O-Q/qaz.su.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/O-Q/qu.ax.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/O-Q/qu.ax.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/O-Q/qwinsta.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/O-Q/qwinsta.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/Radmin.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/Radmin.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/RemCom.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/RemCom.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/RemotePC.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/RemotePC.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/RpcView.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/RpcView.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/RusVPN.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/RusVPN.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/RustDesk.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/RustDesk.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/SSH-J.com.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/SSH-J.com.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/SetACL.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/SetACL.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/SetupVPN.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/SetupVPN.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/Shredder.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/Shredder.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/SirTunnel.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/SirTunnel.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/Soul VPN.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/Soul VPN.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/Splashtop.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/Splashtop.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/Supremo.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/Supremo.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/Surf VPN.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/Surf VPN.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/TDSKiller.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/TDSKiller.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/Taskmgr.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/Taskmgr.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/Touch VPN.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/Touch VPN.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/Trellonet.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/Trellonet.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/rapid7.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/rapid7.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/ratchatpt.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/ratchatpt.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/rathole.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/rathole.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/rclone.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/rclone.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/rdp.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/rdp.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/rdpscan.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/rdpscan.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/rdpwrap.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/rdpwrap.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/redpill.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/redpill.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/reg.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/reg.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/regsvr32.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/regsvr32.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/remoteit.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/remoteit.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/remotemoe.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/remotemoe.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/ren.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/ren.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/rentry.co.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/rentry.co.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/restic.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/restic.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/rm.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/rm.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/rmdir .yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/rmdir .yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/rmdir.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/rmdir.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/rmmod.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/rmmod.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/route.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/route.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/rpcclient.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/rpcclient.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/rsocks.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/rsocks.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/rsync.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/rsync.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/ruby.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/ruby.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/rundll32.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/rundll32.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/sVPN.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/sVPN.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/samba.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/samba.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/sc.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/sc.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/schtasks.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/schtasks.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/scp.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/scp.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/sdelete.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/sdelete.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/sed.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/sed.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/set.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/set.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/setspn.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/setspn.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/sftp.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/sftp.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/shell.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/shell.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/shred.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/shred.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/sish.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/sish.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/slack.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/slack.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/smc.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/smc.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/snmpcheck.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/snmpcheck.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/snmpwalk.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/snmpwalk.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/socat.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/socat.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/speedtest.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/speedtest.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/ss.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/ss.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/ssh.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/ssh.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/sshtunnel.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/sshtunnel.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/sshuttle.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/sshuttle.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/sshx.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/sshx.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/sslip.io.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/sslip.io.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/steam.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/steam.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/stowaway.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/stowaway.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/stunnel.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/stunnel.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/sudo.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/sudo.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/sudoers.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/sudoers.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/suo5.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/suo5.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/syncthing.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/syncthing.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/sysctl.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/sysctl.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/systemctl.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/systemctl.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/tailscale.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/tailscale.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/takeown.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/takeown.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/taskkill.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/taskkill.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/tasklist.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/tasklist.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/tcpdump.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/tcpdump.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/telegram.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/telegram.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/telnet.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/telnet.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/temp-mail.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/temp-mail.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/temp.sh.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/temp.sh.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/tightvnc.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/tightvnc.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/tmate.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/tmate.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/tmpwatch.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/tmpwatch.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/touch.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/touch.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/truncate.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/truncate.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/tunnel.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/tunnel.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/tunneller.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/tunneller.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/tunwg.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/tunwg.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/R-T/typeperf.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/R-T/typeperf.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/U-W/UltraVNC.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/U-W/UltraVNC.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/U-W/Upnet.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/U-W/Upnet.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/U-W/VPN Free.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/U-W/VPN Free.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/U-W/VPN.AC.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/U-W/VPN.AC.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/U-W/VPNMatic.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/U-W/VPNMatic.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/U-W/Veee.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/U-W/Veee.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/U-W/VncSharp.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/U-W/VncSharp.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/U-W/WeVPN.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/U-W/WeVPN.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/U-W/Whoer VPN.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/U-W/Whoer VPN.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/U-W/WinSCP.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/U-W/WinSCP.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/U-W/uVPN.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/U-W/uVPN.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/U-W/ufile.io.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/U-W/ufile.io.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/U-W/unlink.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/U-W/unlink.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/U-W/unset.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/U-W/unset.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/U-W/unshadow.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/U-W/unshadow.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/U-W/updog.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/U-W/updog.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/U-W/usaupload.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/U-W/usaupload.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/U-W/utorrent.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/U-W/utorrent.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/U-W/vncviewer.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/U-W/vncviewer.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/U-W/vscode.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/U-W/vscode.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/U-W/vssadmin.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/U-W/vssadmin.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/U-W/w32times.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/U-W/w32times.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/U-W/wbadmin.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/U-W/wbadmin.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/U-W/westwind.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/U-W/westwind.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/U-W/wevtutil.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/U-W/wevtutil.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/U-W/wget.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/U-W/wget.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/U-W/where.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/U-W/where.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/U-W/whoami.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/U-W/whoami.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/U-W/winrs.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/U-W/winrs.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/U-W/wireproxy.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/U-W/wireproxy.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/U-W/wireshark.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/U-W/wireshark.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/U-W/wiretap.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/U-W/wiretap.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/U-W/wiztree.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/U-W/wiztree.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/U-W/wmic.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/U-W/wmic.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/X-Z/xcopy.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/X-Z/xcopy.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/X-Z/xeox.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/X-Z/xeox.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/X-Z/xmrig.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/X-Z/xmrig.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/X-Z/xxd.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/X-Z/xxd.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/X-Z/yakit.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/X-Z/yakit.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/X-Z/zrok.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/X-Z/zrok.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tool_keyword/_Others/_.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tool_keyword/_Others/_.yara -------------------------------------------------------------------------------- /yara_rules/greyware_tools.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/greyware_tools.yara -------------------------------------------------------------------------------- /yara_rules/guids_only.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/guids_only.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/ABPTTS.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/ABPTTS.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/ACEshark.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/ACEshark.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/ACLight.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/ACLight.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/ADCSPwn.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/ADCSPwn.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/ADFSDump.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/ADFSDump.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/ADFSpoof.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/ADFSpoof.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/AD_Miner.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/AD_Miner.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/APCLdr.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/APCLdr.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/AVKiller.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/AVKiller.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/AWS-Loot.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/AWS-Loot.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/Aclpwn.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/Aclpwn.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/Adcheck.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/Adcheck.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/Adzok.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/Adzok.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/Airbash.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/Airbash.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/Akira.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/Akira.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/Alcatraz.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/Alcatraz.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/Amass.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/Amass.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/Amnesiac.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/Amnesiac.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/Anevicon.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/Anevicon.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/Aoyama .yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/Aoyama .yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/Ares.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/Ares.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/Argus.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/Argus.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/AtlasC2.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/AtlasC2.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/AtomLdr.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/AtomLdr.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/Augustus.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/Augustus.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/AutoC2.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/AutoC2.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/AutoSUID.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/AutoSUID.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/BOF.NET.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/BOF.NET.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/BOFMask.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/BOFMask.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/BOINC.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/BOINC.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/BaRMIe.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/BaRMIe.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/BackHAck.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/BackHAck.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/Backstab.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/Backstab.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/Bad-PDF.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/Bad-PDF.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/BeRoot.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/BeRoot.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/Blackout.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/Blackout.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/BlankOBF.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/BlankOBF.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/BlockEtw.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/BlockEtw.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/BruteX.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/BruteX.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/C3.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/C3.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/CDK.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/CDK.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/CIMplant.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/CIMplant.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/CMLoot.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/CMLoot.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/CMSeek.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/CMSeek.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/CSExec.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/CSExec.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/Cable.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/Cable.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/Carbanak.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/Carbanak.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/Carseat.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/Carseat.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/Certify.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/Certify.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/Certipy.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/Certipy.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/ChaiLdr.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/ChaiLdr.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/Chimera.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/Chimera.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/ChkNull.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/ChkNull.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/Coercer.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/Coercer.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/Cowpatty.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/Cowpatty.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/Cr3dOv3r.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/Cr3dOv3r.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/Crassus.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/Crassus.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/Crowbar.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/Crowbar.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/acheron.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/acheron.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/adPEAS.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/adPEAS.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/adaudit.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/adaudit.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/adcsync.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/adcsync.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/adeleg.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/adeleg.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/adfind.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/adfind.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/adfspray.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/adfspray.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/adhunt.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/adhunt.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/adsearch.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/adsearch.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/afrog.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/afrog.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/aircrack.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/aircrack.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/antSword.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/antSword.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/anydesk.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/anydesk.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/apollon.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/apollon.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/armitage.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/armitage.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/arsenal.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/arsenal.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/asleap.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/asleap.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/attifyos.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/attifyos.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/autoNTDS.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/autoNTDS.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/autonse.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/autonse.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/autopwn.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/autopwn.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/avet.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/avet.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/avred.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/avred.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/b374k.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/b374k.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/badazure.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/badazure.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/badrats.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/badrats.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/badtouch.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/badtouch.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/base64.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/base64.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/beef.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/beef.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/bitb.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/bitb.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/bloodyAD.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/bloodyAD.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/bofhound.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/bofhound.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/boko.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/boko.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/bropper.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/bropper.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/byob.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/byob.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/catphish.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/catphish.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/catspin.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/catspin.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/ccmpwn.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/ccmpwn.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/certsync.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/certsync.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/changeme.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/changeme.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/chaos.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/chaos.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/chashell.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/chashell.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/cheetah.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/cheetah.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/chisel.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/chisel.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/chntpw.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/chntpw.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/cliws.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/cliws.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/cloakify.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/cloakify.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/commix.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/commix.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/conpass.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/conpass.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/conti.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/conti.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/copy.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/copy.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/covenant.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/covenant.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/crack.sh.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/crack.sh.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/crossc2.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/crossc2.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/crunch.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/crunch.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/csploit.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/csploit.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/cstealer.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/cstealer.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/ctfr.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/ctfr.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/A-C/ctftool.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/A-C/ctftool.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/D-F/DAMP.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/D-F/DAMP.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/D-F/DBC2.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/D-F/DBC2.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/D-F/DCSyncer.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/D-F/DCSyncer.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/D-F/DDSpoof.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/D-F/DDSpoof.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/D-F/DKMC.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/D-F/DKMC.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/D-F/DLHell.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/D-F/DLHell.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/D-F/DLLHound.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/D-F/DLLHound.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/D-F/DOME.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/D-F/DOME.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/D-F/DPAT.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/D-F/DPAT.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/D-F/DRSAT.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/D-F/DRSAT.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/D-F/DUBrute.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/D-F/DUBrute.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/D-F/Darkside.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/D-F/Darkside.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/D-F/DcRat.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/D-F/DcRat.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/D-F/Ddexec.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/D-F/Ddexec.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/D-F/DeNiSe.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/D-F/DeNiSe.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/D-F/DirtyCLR.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/D-F/DirtyCLR.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/D-F/DllProxy.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/D-F/DllProxy.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/D-F/DoHC2.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/D-F/DoHC2.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/D-F/DocPlz.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/D-F/DocPlz.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/D-F/Drupwn.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/D-F/Drupwn.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/D-F/Dumpert.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/D-F/Dumpert.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/D-F/Dumpy.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/D-F/Dumpy.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/D-F/EDR-Test.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/D-F/EDR-Test.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/D-F/EDRaser.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/D-F/EDRaser.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/D-F/EQGR.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/D-F/EQGR.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/D-F/ETW.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/D-F/ETW.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/D-F/ETWHash.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/D-F/ETWHash.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/D-F/Ebowla.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/D-F/Ebowla.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/D-F/EfiGuard.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/D-F/EfiGuard.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/D-F/Eggshell.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/D-F/Eggshell.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/D-F/Elevator.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/D-F/Elevator.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/D-F/EmailAll.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/D-F/EmailAll.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/D-F/EvilSln.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/D-F/EvilSln.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/D-F/EvtMute.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/D-F/EvtMute.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/D-F/Exploits.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/D-F/Exploits.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/D-F/Exrop.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/D-F/Exrop.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/D-F/FOCA.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/D-F/FOCA.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/D-F/FakeAMSI.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/D-F/FakeAMSI.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/D-F/Farmer.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/D-F/Farmer.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/D-F/Fentanyl.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/D-F/Fentanyl.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/D-F/Forensia.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/D-F/Forensia.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/D-F/del.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/D-F/del.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/D-F/donut.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/D-F/donut.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/D-F/ffuf.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/D-F/ffuf.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/D-F/fltMC.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/D-F/fltMC.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/D-F/fscan.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/D-F/fscan.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/G-H/GIUDA.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/G-H/GIUDA.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/G-H/Gecko.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/G-H/Gecko.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/G-H/HVNC.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/G-H/HVNC.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/G-H/Hive.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/G-H/Hive.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/G-H/Huan.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/G-H/Huan.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/G-H/gato.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/G-H/gato.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/G-H/gcat.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/G-H/gcat.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/G-H/gh0st.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/G-H/gh0st.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/G-H/glit.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/G-H/glit.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/G-H/gmer.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/G-H/gmer.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/G-H/godoh.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/G-H/godoh.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/G-H/gost.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/G-H/gost.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/G-H/hades.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/G-H/hades.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/G-H/havoc.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/G-H/havoc.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/G-H/hiphp.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/G-H/hiphp.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/G-H/hping.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/G-H/hping.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/G-H/htran.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/G-H/htran.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/I-K/I2P.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/I-K/I2P.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/I-K/Inc.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/I-K/Inc.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/I-K/ivy.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/I-K/ivy.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/I-K/kali.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/I-K/kali.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/I-K/kekeo.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/I-K/kekeo.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/L-N/LALIN.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/L-N/LALIN.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/L-N/LNKUp.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/L-N/LNKUp.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/L-N/MITMf.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/L-N/MITMf.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/L-N/MSDAT.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/L-N/MSDAT.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/L-N/Mara.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/L-N/Mara.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/L-N/Ninja.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/L-N/Ninja.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/L-N/ldeep.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/L-N/ldeep.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/L-N/legba.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/L-N/legba.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/L-N/link.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/L-N/link.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/L-N/lsass.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/L-N/lsass.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/L-N/mitm6.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/L-N/mitm6.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/L-N/msfpc.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/L-N/msfpc.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/L-N/net.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/L-N/net.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/L-N/netsh.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/L-N/netsh.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/L-N/nikto.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/L-N/nikto.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/L-N/nipe.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/L-N/nipe.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/L-N/nmap.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/L-N/nmap.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/L-N/noPac.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/L-N/noPac.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/L-N/nping.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/L-N/nping.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/L-N/nps.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/L-N/nps.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/L-N/nysm.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/L-N/nysm.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/O-Q/OWASP.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/O-Q/OWASP.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/O-Q/Orc.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/O-Q/Orc.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/O-Q/Ouned.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/O-Q/Ouned.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/O-Q/PEASS.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/O-Q/PEASS.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/O-Q/PILOT.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/O-Q/PILOT.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/O-Q/POC.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/O-Q/POC.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/O-Q/PRT.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/O-Q/PRT.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/O-Q/Pezor.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/O-Q/Pezor.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/O-Q/obfy.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/O-Q/obfy.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/O-Q/onex.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/O-Q/onex.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/O-Q/p0f.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/O-Q/p0f.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/O-Q/pac2.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/O-Q/pac2.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/O-Q/pacu.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/O-Q/pacu.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/O-Q/padre.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/O-Q/padre.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/O-Q/panix.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/O-Q/panix.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/O-Q/pico.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/O-Q/pico.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/O-Q/psobf.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/O-Q/psobf.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/O-Q/pspy.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/O-Q/pspy.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/O-Q/pupy.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/O-Q/pupy.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/O-Q/pwnat.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/O-Q/pwnat.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/O-Q/pyrdp.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/O-Q/pyrdp.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/R-T/RDE1.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/R-T/RDE1.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/R-T/REC2 .yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/R-T/REC2 .yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/R-T/RITM.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/R-T/RITM.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/R-T/RaRCE.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/R-T/RaRCE.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/R-T/SMBSR.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/R-T/SMBSR.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/R-T/Seth.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/R-T/Seth.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/R-T/ToRat.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/R-T/ToRat.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/R-T/Tor.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/R-T/Tor.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/R-T/rdpv.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/R-T/rdpv.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/R-T/reg.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/R-T/reg.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/R-T/rmdir.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/R-T/rmdir.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/R-T/rsg.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/R-T/rsg.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/R-T/rsocx.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/R-T/rsocx.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/R-T/ruler.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/R-T/ruler.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/R-T/sRDI.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/R-T/sRDI.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/R-T/saint.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/R-T/saint.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/R-T/sgn.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/R-T/sgn.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/R-T/sish.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/R-T/sish.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/R-T/slip.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/R-T/slip.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/R-T/socat.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/R-T/socat.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/R-T/ssfd.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/R-T/ssfd.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/R-T/thoth.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/R-T/thoth.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/R-T/tsh.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/R-T/tsh.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/U-W/UACME.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/U-W/UACME.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/U-W/VDR.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/U-W/VDR.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/U-W/Vajra.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/U-W/Vajra.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/U-W/WMEye.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/U-W/WMEye.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/U-W/vbad.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/U-W/vbad.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/U-W/venom.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/U-W/venom.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/U-W/w3af.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/U-W/w3af.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/U-W/wce.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/U-W/wce.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/U-W/wfuzz.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/U-W/wfuzz.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/U-W/wmic.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/U-W/wmic.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/U-W/wpaf.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/U-W/wpaf.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/X-Z/Xworm.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/X-Z/Xworm.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/X-Z/xrdp.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/X-Z/xrdp.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/X-Z/xspy.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/X-Z/xspy.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/X-Z/xz.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/X-Z/xz.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/X-Z/yodo.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/X-Z/yodo.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/X-Z/zarp.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/X-Z/zarp.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tool_keyword/_Others/_.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tool_keyword/_Others/_.yara -------------------------------------------------------------------------------- /yara_rules/offensive_tools.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/offensive_tools.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/A-C/Adzok.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/A-C/Adzok.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/A-C/Amnesiac.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/A-C/Amnesiac.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/A-C/AmsiBypass.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/A-C/AmsiBypass.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/A-C/BITSInject.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/A-C/BITSInject.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/A-C/Backstab.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/A-C/Backstab.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/A-C/BadPotato.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/A-C/BadPotato.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/A-C/Bat-Potato.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/A-C/Bat-Potato.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/A-C/BeRoot.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/A-C/BeRoot.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/A-C/BlockEtw.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/A-C/BlockEtw.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/A-C/Carbanak.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/A-C/Carbanak.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/A-C/adPEAS.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/A-C/adPEAS.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/A-C/adfind.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/A-C/adfind.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/A-C/adrecon.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/A-C/adrecon.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/A-C/antSword.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/A-C/antSword.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/A-C/arp.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/A-C/arp.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/A-C/auditd.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/A-C/auditd.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/A-C/cp.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/A-C/cp.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/A-C/cstealer.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/A-C/cstealer.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/D-F/Dameware.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/D-F/Dameware.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/D-F/DeadPotato.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/D-F/DeadPotato.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/D-F/DumpLSASS.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/D-F/DumpLSASS.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/D-F/Dumpert.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/D-F/Dumpert.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/D-F/EarthWorm.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/D-F/EarthWorm.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/D-F/fscan.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/D-F/fscan.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/G-H/Godzilla.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/G-H/Godzilla.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/G-H/GonnaCry.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/G-H/GonnaCry.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/G-H/Group3r.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/G-H/Group3r.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/G-H/HVNC.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/G-H/HVNC.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/G-H/ghostsocks.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/G-H/ghostsocks.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/G-H/gmer.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/G-H/gmer.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/G-H/gsecdump.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/G-H/gsecdump.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/G-H/hookchain.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/G-H/hookchain.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/G-H/htran.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/G-H/htran.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/I-K/KPortScan.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/I-K/KPortScan.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/I-K/Krueger.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/I-K/Krueger.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/I-K/impacket.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/I-K/impacket.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/I-K/kiglogger.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/I-K/kiglogger.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/L-N/LOLSpoof.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/L-N/LOLSpoof.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/L-N/LaZagne.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/L-N/LaZagne.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/L-N/MEGAcmd.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/L-N/MEGAcmd.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/L-N/NetSess.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/L-N/NetSess.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/L-N/NoodleRAT.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/L-N/NoodleRAT.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/L-N/NtlmThief.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/L-N/NtlmThief.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/L-N/lslsass.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/L-N/lslsass.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/L-N/merlin.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/L-N/merlin.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/L-N/mimikatz.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/L-N/mimikatz.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/L-N/netpass.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/L-N/netpass.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/L-N/nping.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/L-N/nping.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/O-Q/PCHunter.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/O-Q/PCHunter.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/O-Q/PEASS.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/O-Q/PEASS.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/O-Q/POC.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/O-Q/POC.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/O-Q/PWDumpX.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/O-Q/PWDumpX.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/O-Q/Powertool.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/O-Q/Powertool.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/O-Q/PwDump7.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/O-Q/PwDump7.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/O-Q/pingcastle.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/O-Q/pingcastle.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/O-Q/powercat.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/O-Q/powercat.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/O-Q/powerview.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/O-Q/powerview.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/O-Q/psexec.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/O-Q/psexec.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/R-T/RdpThief.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/R-T/RdpThief.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/R-T/RouterScan.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/R-T/RouterScan.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/R-T/S-inject.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/R-T/S-inject.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/R-T/Sandman.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/R-T/Sandman.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/R-T/SharpDump.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/R-T/SharpDump.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/R-T/SniffPass.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/R-T/SniffPass.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/R-T/SpoolFool.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/R-T/SpoolFool.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/R-T/TDSKiller.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/R-T/TDSKiller.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/R-T/Telemetry.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/R-T/Telemetry.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/R-T/Termite.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/R-T/Termite.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/R-T/rclone.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/R-T/rclone.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/R-T/rdp.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/R-T/rdp.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/R-T/revbshell.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/R-T/revbshell.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/R-T/seatbelt.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/R-T/seatbelt.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/R-T/sharphound.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/R-T/sharphound.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/R-T/sliver.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/R-T/sliver.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/R-T/sshdoor.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/R-T/sshdoor.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/R-T/stowaway.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/R-T/stowaway.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/R-T/tightvnc.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/R-T/tightvnc.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/R-T/tor.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/R-T/tor.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/U-W/UltraVNC.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/U-W/UltraVNC.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/U-W/Venom.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/U-W/Venom.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/U-W/WMIHACKER.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/U-W/WMIHACKER.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/U-W/vncviewer.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/U-W/vncviewer.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/U-W/wraith.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/U-W/wraith.yara -------------------------------------------------------------------------------- /yara_rules/signature_keyword/X-Z/xz.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules/signature_keyword/X-Z/xz.yara -------------------------------------------------------------------------------- /yara_rules_binaries_strict/all.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules_binaries_strict/all.yara -------------------------------------------------------------------------------- /yara_rules_binaries_strict/greyware_tools.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules_binaries_strict/greyware_tools.yara -------------------------------------------------------------------------------- /yara_rules_binaries_strict/offensive_tools.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mthcht/ThreatHunting-Keywords-yara-rules/HEAD/yara_rules_binaries_strict/offensive_tools.yara --------------------------------------------------------------------------------