From 30741d5536ec8fcd1cf4d6bafc4c0bda36641624 Mon Sep 17 00:00:00 2001
From: mthcht <mathieuchotplassot@gmail.com>
Date: Sat, 2 Nov 2024 13:38:35 +0100
Subject: [PATCH] Create Release_20241102.csv

---
 release_notes/Release_20241102.csv | 3130 ++++++++++++++++++++++++++++
 1 file changed, 3130 insertions(+)
 create mode 100644 release_notes/Release_20241102.csv

diff --git a/release_notes/Release_20241102.csv b/release_notes/Release_20241102.csv
new file mode 100644
index 00000000..b6fcbffa
--- /dev/null
+++ b/release_notes/Release_20241102.csv
@@ -0,0 +1,3130 @@
+"metadata_tool","metadata_link"
+"$index_allocation","https://soroush.me/blog/2010/12/a-dotty-salty-directory-a-secret-place-in-ntfs-for-secret-files/"
+"_","https://twitter.com/malwrhunterteam/status/1737220172220620854/photo/1"
+"_","N/A"
+"_","https://detect.fyi/rhysida-ransomware-and-the-detection-opportunities-3599e9a02bb2"
+"_","http://requestbin.net"
+"_","https://cloud.google.com/blog/topics/threat-intelligence/melting-unc2198-icedid-to-ransomware-operations"
+"0bin.net","https://0bin.net"
+"0d1n","https://github.com/CoolerVoid/0d1n"
+"1clickVPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"1secmail.com","https://www.1secmail.com/"
+"1ty.me","https://1ty.me"
+"365-Stealer","https://github.com/AlteredSecurity/365-Stealer"
+"3proxy","https://github.com/3proxy/3proxy"
+"3snake","https://github.com/blendin/3snake"
+"4everproxy","https://www.4everproxy.com/"
+"4shared.com","4shared.com"
+"7zip","http://www.joeware.net/freetools/tools/adfind/index.htm"
+"AADInternals","https://github.com/Gerenios/AADInternals"
+"AbandonedCOMKeys","https://github.com/matterpreter/OffensiveCSharp/tree/master/AbandonedCOMKeys"
+"ABPTTS","https://github.com/nccgroup/ABPTTS"
+"Accomplice","https://github.com/nccgroup/Accomplice"
+"acheron","https://github.com/f1zm0/acheron"
+"ACLight","https://github.com/cyberark/ACLight"
+"Aclpwn","https://github.com/fox-it/aclpwn.py"
+"acltoolkit","https://github.com/zblurx/acltoolkit"
+"action1","https://app.action1.com/"
+"ActiveScanPlusPlus","https://github.com/albinowax/ActiveScanPlusPlus"
+"Acunetix Web Vulnerability Scanner","https://www.acunetix.com/vulnerability-scanner/"
+"AD exploitation cheat sheet","https://stealthbits.com/blog/compromise-powerupsql-sql-attacks/"
+"AD exploitation cheat sheet","https://powersploit.readthedocs.io/en/latest/Recon/Get-DomainForeignGroupMember/"
+"AD exploitation cheat sheet","https://casvancooten.com/posts/2020/11/windows-active-directory-exploitation-cheat-sheet-and-command-reference"
+"AD_Enumeration_Hunt","https://github.com/alperenugurlu/AD_Enumeration_Hunt"
+"AD_Miner","https://github.com/Mazars-Tech/AD_Miner"
+"ADACLScanner","https://github.com/canix1/ADACLScanner"
+"adalanche","https://github.com/lkarlslund/Adalanche"
+"Adamantium-Thief","https://github.com/LimerBoy/Adamantium-Thief"
+"ADAPE-Script","https://github.com/cjoan75/ADAPE-Script"
+"adaudit","https://github.com/phillips321/adaudit"
+"Adblock Office VPN Proxy Server","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"Adcheck","https://github.com/CobblePot59/Adcheck"
+"ADCollector","https://github.com/dev-2null/ADCollector"
+"AD-common-queries","https://github.com/swarleysez/AD-common-queries"
+"adconnectdump","https://github.com/fox-it/adconnectdump"
+"ADCSCoercePotato","https://github.com/decoder-it/ADCSCoercePotato"
+"adcshunter","https://github.com/danti1988/adcshunter"
+"ADCSKiller","https://github.com/grimlockx/ADCSKiller"
+"ADCSPwn","https://github.com/bats3c/ADCSPwn"
+"adcsync","https://github.com/JPG0mez/ADCSync"
+"adeleg","https://github.com/mtth-bfft/adeleg"
+"Adeleginator","https://github.com/techspence/Adeleginator"
+"adexplorer","https://learn.microsoft.com/en-us/sysinternals/downloads/adexplorer"
+"ADExplorerSnapshot.py","https://github.com/c3c/ADExplorerSnapshot.py"
+"adfind","https://thedfirreport.com/2022/08/08/bumblebee-roasts-its-way-to-domain-admin/"
+"adfind","https://www.virustotal.com/gui/file/484dd00e85c033fbfd506b956ac0acd29b30f239755ed753a2788a842425b384/behavior"
+"adfind","N/A"
+"adfind","http://www.joeware.net/freetools/tools/adfind/index.htm"
+"adfind","https://github.com/3CORESec/MAL-CL/tree/master/Descriptors/Other/AdFind"
+"adfind","https://github.com/aancw/community-threats/blob/82ece2dec931d175ed47276d426f526610aa8262/Ryuk/VFS/adf.bat#L4"
+"adfsbrute","https://github.com/ricardojoserf/adfsbrute"
+"ADFSDump","https://github.com/mandiant/ADFSDump"
+"ADFSDump","https://github.com/jakobfriedl/precompiled-binaries"
+"ADFSDump-PS","https://github.com/ZephrFish/ADFSDump-PS"
+"ADFSpoof","https://github.com/mandiant/ADFSpoof"
+"adfspray","https://github.com/xFreed0m/ADFSpray"
+"ADFSRelay","https://github.com/praetorian-inc/ADFSRelay"
+"adget","https://thedfirreport.com/2023/05/22/icedid-macro-ends-in-nokoyawa-ransomware/"
+"AdGuard VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"adhunt","https://github.com/karendm/ADHunt"
+"adidnsdump","https://github.com/dirkjanm/adidnsdump"
+"adiskreader","https://github.com/skelsec/adiskreader"
+"ad-ldap-enum","https://github.com/CroweCybersecurity/ad-ldap-enum"
+"Admin2Sys","https://github.com/S12cybersecurity/Admin2Sys"
+"ADPassHunt","https://www.virustotal.com/gui/file/73233ca7230fb5848e220723caa06d795a14c0f1f42c6a59482e812bfb8c217f"
+"adrecon","https://github.com/adrecon/ADRecon"
+"adsearch","https://github.com/tomcarver16/ADSearch"
+"ADSyncDecrypt","https://github.com/jakobfriedl/precompiled-binaries"
+"advanced port scanner","https://www.advanced-port-scanner.com/"
+"advanced-ip-scanner","https://www.huntandhackett.com/blog/advanced-ip-scanner-the-preferred-scanner-in-the-apt-toolbox"
+"AdvancedRun","https://medium.com/s2wblog/analysis-of-destructive-malware-whispergate-targeting-ukraine-9d5d158f19f3"
+"Advanced-SQL-Injection-Cheatsheet","https://github.com/kleiton0x00/Advanced-SQL-Injection-Cheatsheet"
+"Adzok","https://sourceforge.net/projects/adzok/files/Adzok_Open_v1.0.0.2.jar/download"
+"aeroadmin","https://ulm.aeroadmin.com/AeroAdmin.exe"
+"afrog","https://github.com/zan8in/afrog"
+"AggressorScripts-1","https://github.com/Cn33liz/AggressorScripts-1/tree/master/Persistence"
+"AggressorScripts-1","https://github.com/Cn33liz/AggressorScripts-1"
+"Ahk2Exe","https://github.com/AutoHotkey/Ahk2Exe"
+"AhMyth-Android-RAT","https://github.com/AhMyth/AhMyth-Android-RAT"
+"Airbash","https://github.com/tehw0lf/airbash"
+"aircrack","https://github.com/aircrack-ng/aircrack-ng"
+"Airgeddon","https://github.com/v1s1t0r1sh3r3/airgeddon"
+"airmon-ng","https://www.aircrack-ng.org/doku.php?id=airmon-ng"
+"airpwn-ng","https://github.com/ICSec/airpwn-ng"
+"Akira","https://github.com/rivitna/Malware"
+"AlanFramework","https://github.com/enkomio/AlanFramework"
+"Alcatraz","https://github.com/weak1337/Alcatraz"
+"al-khaser","https://github.com/LordNoteworthy/al-khaser"
+"Alpemix","https://www.alpemix.com/"
+"Amass","https://github.com/OWASP/Amass"
+"Amass","https://github.com/caffix/amass"
+"Ammyy Admin","N/A"
+"Ammyy Admin","https://www.ammyy.com"
+"Amnesiac","https://github.com/Leo4j/Amnesiac"
+"AmperageKit","https://github.com/thebookisclosed/AmperageKit"
+"amsi.fail","https://amsi.fail/"
+"Amsi_Bypass","https://github.com/senzee1984/Amsi_Bypass_In_2023"
+"AMSI_patch","https://github.com/TheD1rkMtr/AMSI_patch"
+"AmsiBypass","https://github.com/S3cur3Th1sSh1t/Amsi-Bypass-Powershell"
+"Amsi-Killer","https://github.com/ZeroMemoryEx/Amsi-Killer"
+"AMSI-Provider","https://github.com/netbiosX/AMSI-Provider"
+"AMSITrigger","https://github.com/RythmStick/AMSITrigger"
+"AndrewSpecial","https://github.com/hoangprod/AndrewSpecial"
+"Anevicon","https://github.com/rozgo/anevicon"
+"anonfiles.com","https://twitter.com/mthcht/status/1660953897622544384"
+"Anonymous Proxy Vpn Browser","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"Antivirus Signature","N/A"
+"Antivirus Signature","lsass dump malware signature"
+"Antivirus Signature","https://www.trendmicro.com/content/dam/trendmicro/global/en/research/23/e/blackcat-ransomware-deploys-new-signed-kernel-driver/indicators-blackcat-ransomware-deploys-new-signed-kernel-driver.txt"
+"anydesk","https://www.cert.ssi.gouv.fr/alerte/CERTFR-2024-ALE-003/"
+"anydesk","https://www.virustotal.com/gui/url/f83616f0f9cd2337ed40e22b0a675a99d58edf004b31645f56f28f020f5e4f46/detection"
+"anydesk","https://anydesk.com/"
+"anydesk","https://thedfirreport.com/2023/04/03/malicious-iso-file-leads-to-domain-wide-ransomware/"
+"anymailfinder","https://anymailfinder.com"
+"AnyplaceControl","www.anyplace-control[.]com"
+"anyviewer","www.anyviewer.com"
+"AoratosWin","https://github.com/PinoyWH1Z/AoratosWin"
+"Aoyama ","https://github.com/Leeon123/Aoyama"
+"apaste.info","https://apaste.info/"
+"APCLdr","https://github.com/NUL0x4C/APCLdr"
+"apkfold free vpn","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"apollon","https://github.com/codewhitesec/apollon"
+"APT","N/A"
+"APTSimulator","https://github.com/NextronSystems/APTSimulator"
+"Arbitrium-RAT","https://github.com/im-hanzou/Arbitrium-RAT"
+"archerysec","https://github.com/archerysec/archerysec"
+"archstrike","https://archstrike.org/"
+"Arduino Pro Micro","https://github.com/mthcht/awesome-lists/blob/main/Lists/suspicious_usb_ids_list.csv"
+"Ares","https://github.com/sweetsoftware/Ares"
+"Argus","https://github.com/jasonxtn/Argus"
+"armitage","https://github.com/r00t0v3rr1d3/armitage"
+"arp","N/A"
+"arp","https://www.virustotal.com/gui/file/b24ab1f8cb68547932dd8a5c81e9b2133763a7ddf48aa431456530c1340b939e/details"
+"arpspoofing","https://github.com/luijait/arpspoofing"
+"arsenal","https://github.com/Orange-Cyberdefense/arsenal"
+"Ask4Creds","https://github.com/Leo4j/Ask4Creds"
+"asleap","https://github.com/joswr1ght/asleap"
+"ASPJinjaObfuscator","https://github.com/fin3ss3g0d/ASPJinjaObfuscator"
+"ASREPRoast","https://github.com/HarmJ0y/ASREPRoast"
+"assoc","N/A"
+"Astar VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"AsyncRAT-C-Sharp","https://x.com/g0njxa/status/1829177645348860120"
+"AsyncRAT-C-Sharp","https://github.com/NYAN-x-CAT/AsyncRAT-C-Sharp"
+"Atera","https://www.atera.com/"
+"Atera","https://thedfirreport.com/2024/08/12/threat-actors-toolkit-leveraging-sliver-poshc2-batch-scripts/#c01"
+"Atera","https://thedfirreport.com/2023/09/25/from-screenconnect-to-hive-ransomware-in-61-hours/"
+"atexec-pro","https://github.com/Ridter/atexec-pro"
+"AtlasC2","https://github.com/Gr1mmie/AtlasC2"
+"AtlasReaper","https://github.com/werdhaihai/AtlasReaper"
+"atnow","https://www.nirsoft.net/utils/atnow.html"
+"AtomLdr","https://github.com/NUL0x4C/AtomLdr"
+"ATPMiniDump","https://github.com/b4rtik/ATPMiniDump"
+"AttackSurfaceMapper","https://github.com/superhedgy/AttackSurfaceMapper"
+"attifyos","https://github.com/adi0x90/attifyos"
+"attrib","https://github.com/xiaoy-sec/Pentest_Note/blob/52156f816f0c2497c25343c2e872130193acca80/wiki/%E6%9D%83%E9%99%90%E6%8F%90%E5%8D%87/Windows%E6%8F%90%E6%9D%83/RDP%26Firewall/%E5%88%A0%E9%99%A4%E7%97%95%E8%BF%B9.md?plain=1#L4"
+"attrib","N/A"
+"attrib","https://github.com/petikvx/vx-ezine/blob/cfaf09bb089a08a9f33254929209fb32ebd52806/darkcodes/dc1/Sources/Sph1nX_Sources/DeskLock/DeskLock.txt#L13"
+"attrib","https://github.com/RoseSecurity/Red-Teaming-TTPs/blob/main/Anti-Forensics.md"
+"Augustus","https://github.com/TunnelGRE/Augustus"
+"autobloody","https://github.com/CravateRouge/autobloody"
+"AutoC2","https://github.com/assume-breach/Home-Grown-Red-Team/tree/main/AutoC2"
+"AutoHotkey","https://github.com/AutoHotkey/AutoHotkey"
+"AutoIt","https://github.com/PaloAltoNetworks/Unit42-timely-threat-intel/blob/main/2024-05-14-IOCs-for-DarkGate-activity.txt"
+"autonse","https://github.com/m4ll0k/AutoNSE"
+"autoNTDS","https://github.com/hmaverickadams/autoNTDS"
+"autopwn","https://github.com/nccgroup/autopwn"
+"AutoRDPwn","https://github.com/JoelGMSec/AutoRDPwn"
+"AutoRecon","https://github.com/Tib3rius/AutoRecon"
+"AutoSmuggle","https://github.com/surajpkhetani/AutoSmuggle"
+"AutoSUID","https://github.com/IvanGlinkin/AutoSUID"
+"auvik","https://www.auvik.com/"
+"AV_Evasion_Tool","https://github.com/1y0n/AV_Evasion_Tool"
+"Avast","https://rosesecurity.gitbook.io/red-teaming-ttps/windows#av-lsass-dump"
+"avet","https://github.com/govolution/avet"
+"AVKiller","https://github.com/1y0n/AVKiller"
+"avred","https://github.com/dobin/avred"
+"aweray","sun.aweray.com"
+"Awesome-Hacking","https://github.com/Hack-with-Github/Awesome-Hacking"
+"Awesome-Hacking-Resources","https://github.com/vitalysim/Awesome-Hacking-Resources"
+"awesome-osint","https://github.com/jivoi/awesome-osint"
+"awesome-pentest","https://github.com/enaqx/awesome-pentest"
+"awesome-pentest-cheat-sheets","https://github.com/coreb1t/awesome-pentest-cheat-sheets"
+"awesome-scapy","https://github.com/secdev/awesome-scapy"
+"awesome-static-analysis","https://github.com/codefactor-io/awesome-static-analysis"
+"awesome-web-security","https://github.com/qazbnm456/awesome-web-security"
+"awesome-windows-domain-hardening","https://github.com/PaulSec/awesome-windows-domain-hardening"
+"AWS-Loot","https://github.com/sebastian-mora/AWS-Loot"
+"Azino VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"Azure Storage Explorer","https://azure.microsoft.com/en-us/products/storage/storage-explorer"
+"Azure-AccessPermissions","https://github.com/csandker/Azure-AccessPermissions"
+"AzureAD_Autologon_Brute","https://github.com/nyxgeek/AzureAD_Autologon_Brute"
+"AzureADLateralMovement","https://github.com/talmaor/AzureADLateralMovement"
+"AzureC2Relay","https://github.com/Flangvik/AzureC2Relay"
+"b374k","https://github.com/b374k/b374k"
+"BabelStrike","https://github.com/t3l3machus/BabelStrike"
+"BabyShark","https://github.com/UnkL4b/BabyShark"
+"backdoor keyword","N/A"
+"BackHAck","https://github.com/AngelSecurityTeam/BackHAck"
+"Backstab","https://github.com/Yaxser/Backstab"
+"BackupCreds","https://github.com/leftp/BackupCreds"
+"BackupOperatorToDA","https://github.com/mpgn/BackupOperatorToDA"
+"badazure","https://github.com/mvelazc0/BadZure/"
+"Bad-PDF","https://github.com/deepzec/Bad-Pdf"
+"BadPotato","https://github.com/BeichenDream/BadPotato"
+"badrats","https://gitlab.com/KevinJClark/badrats"
+"BadRentdrv2","https://github.com/keowu/BadRentdrv2"
+"badtouch","https://github.com/kpcyrd/badtouch"
+"BadWindowsService","https://github.com/eladshamir/BadWindowsService"
+"BaRMIe","https://github.com/NickstaDB/BaRMIe"
+"BarracudaRMM","https://www.barracudamsp.com/products/rmm/barracuda-rmm"
+"base64","N/A"
+"base64","https://github.com/matterpreter/OffensiveCSharp/tree/master/MockDirUACBypass"
+"bash","https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Reverse%20Shell%20Cheatsheet.md"
+"bash","N/A"
+"bash","https://github.com/RoseSecurity/Red-Teaming-TTPs/blob/main/Linux.md"
+"bash","https://github.com/elastic/detection-rules/blob/main/rules/linux/defense_evasion_deletion_of_bash_command_line_history.toml"
+"bash","https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1146/T1146.yaml"
+"bash keylogger","N/A"
+"bash port scan","N/A"
+"Bashfuscator","https://github.com/Bashfuscator/Bashfuscator"
+"bashupload.com","https://twitter.com/mthcht/status/1660953897622544384"
+"bcdedit","N/A"
+"bcdedit","https://thedfirreport.com/2024/08/12/threat-actors-toolkit-leveraging-sliver-poshc2-batch-scripts/#c01"
+"bcedit","https://github.com/Lifka/hacking-resources/blob/7885f95676c3ba4b2ee79fbaf0f6797add892322/system-hacking-cheat-sheet.md?plain=1#L114"
+"beeceptor.com","https://beeceptor.com/local-tunnel"
+"beef","https://github.com/beefproject/beef"
+"BeeLogger","https://github.com/4w4k3/BeeLogger"
+"BelkaVPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"BeRoot","https://github.com/AlessandroZ/BeRoot"
+"BesoToken","https://github.com/OmriBaso/BesoToken"
+"Best VPN USA","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"BetterBackdoor","https://github.com/thatcherclough/BetterBackdoor"
+"bettercap","https://github.com/bettercap/bettercap"
+"betterdefaultpasslist","https://github.com/govolution/betterdefaultpasslist"
+"BetterSafetyKatz","https://github.com/jakobfriedl/precompiled-binaries"
+"binwalk","https://github.com/ReFirmLabs/binwalk"
+"bitb","https://github.com/mrd0x/BITB"
+"bitsadmin","N/A"
+"BITSInject","https://github.com/SafeBreach-Labs/BITSInject"
+"bittorent","https[://]www[.]bittorrent.com/fr/"
+"Biu-framework","https://awesomeopensource.com/project/0xbug/Biu-framework"
+"blackcat ransomware","https://www.sentinelone.com/labs/blackcat-ransomware-highly-configurable-rust-driven-raas-on-the-prowl-for-victims/"
+"Blackout","https://github.com/ZeroMemoryEx/Blackout"
+"BlackShades","https://github.com/yuankong666/Ultimate-RAT-Collection/tree/main/BlackShades"
+"blackvision","https://github.com/quantumcore/blackvision"
+"Blank-Grabber","https://github.com/Blank-c/Blank-Grabber"
+"BlankOBF","https://github.com/Blank-c/BlankOBF"
+"BlazeStealer","https://medium.com/checkmarx-security/python-obfuscation-traps-1acced941375"
+"BlockEtw","https://github.com/Soledge/BlockEtw"
+"BlockOpenHandle","https://github.com/TheD1rkMtr/BlockOpenHandle"
+"BlockWindows","https://github.com/WindowsLies/BlockWindows"
+"BloodHound","https://github.com/fox-it/BloodHound.py"
+"BloodHound","https://github.com/BloodHoundAD/BloodHound/tree/master/Collectors"
+"BloodHound","https://github.com/BloodHoundAD/BloodHound"
+"BloodHound.py","https://github.com/fox-it/BloodHound.py"
+"bloodhound-quickwin","https://github.com/kaluche/bloodhound-quickwin"
+"bloodyAD","https://github.com/CravateRouge/bloodyAD"
+"BobTheSmuggler","https://github.com/TheCyb3rAlpha/BobTheSmuggler"
+"BOF.NET","https://github.com/CCob/BOF.NET"
+"bof-collection","https://github.com/cube0x0/MiniDump"
+"bof-collection","https://github.com/crypt0p3g/bof-collection"
+"bofhound","https://github.com/fortalice/bofhound"
+"BOFMask","https://github.com/passthehashbrowns/BOFMask"
+"BOINC","https://cyberint.com/wp-content/uploads/2022/02/Mars-Stealer-7.png.webp"
+"boko","https://github.com/bashexplode/boko"
+"Bomgar","https://www.beyondtrust.com/"
+"bootkit-rs","https://github.com/memN0ps/bootkit-rs"
+"bore","https://github.com/ekzhang/bore"
+"boringproxy","https://github.com/boringproxy/boringproxy"
+"bpf-keylogger","https://github.com/willfindlay/bpf-keylogger"
+"bpf-keylogger","https://github.com/SkyperTHC/bpf-keylogger"
+"bropper","https://github.com/Hakumarachi/Bropper"
+"Browsec VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"Browser VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"browser.lol","https://browser.lol"
+"Browser-C2","https://github.com/0x09AL/Browser-C2"
+"browserling","browserling.com"
+"Browser-password-stealer","https://github.com/henry-richard7/Browser-password-stealer"
+"BrowserSnatch","https://github.com/shaddy43/BrowserSnatch"
+"BrowsingHistoryView","https://www.nirsoft.net/utils/browsing_history_view.html"
+"bruteratel","https://bruteratel.com/"
+"BruteSploit","https://github.com/screetsec/Vegile"
+"BruteSploit","https://github.com/screetsec/Microsploit"
+"BruteSploit","https://github.com/screetsec/BruteSploit"
+"brutespray","https://github.com/x90skysn3k/brutespray"
+"BruteX","https://github.com/1N3/BruteX"
+"btunnel","https://www.btunnel.in"
+"btunnel.in","https://www.btunnel.in/"
+"BucketLoot","https://github.com/redhuntlabs/BucketLoot"
+"bulletpassview","https://www.nirsoft.net/utils/bullets_password_view.html"
+"BullVPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"Burntcigar KillAV","https://www.virustotal.com/gui/file/aeb044d310801d546d10b247164c78afde638a90b6ef2f04e1f40170e54dec03?nocache=1"
+"burpsuite","https://github.com/nccgroup/BurpSuiteHTTPSmuggler"
+"burpsuite","https://github.com/Mr-xn/BurpSuite-collections"
+"burpsuite","https://github.com/signorrayan/RedTeam_toolkit"
+"burpsuite","https://portswigger.net/burp"
+"burpsuite","https://portswigger.net/"
+"burpsuite","https://github.com/honoki/burp-digitalocean-openvpn-socks"
+"burpsuite","https://github.com/attackercan/burp-xss-sql-plugin"
+"burpsuite","https://github.com/infodel/burp.extension-payloadparser"
+"burpsuite","https://github.com/laconicwolf/burp-extensions"
+"burpsuite","https://github.com/JGillam/burp-co2"
+"burrow","https://burrow.io"
+"byob","https://github.com/malwaredllc/byob"
+"BYOVD_kill_av_edr","https://github.com/infosecn1nja/red-team-scripts/blob/main/BYOVD_kill_av_edr.c"
+"bypass-clm","https://github.com/calebstewart/bypass-clm"
+"BypassCredGuard","https://github.com/wh0amitz/BypassCredGuard"
+"bypasswaf","https://github.com/codewatchorg/bypasswaf"
+"C2 related tools","https://github.com/mgeeky/ShellcodeFluctuation"
+"C2 related tools","https://github.com/mgeeky/ThreadStackSpoofer"
+"C2 related tools","https://github.com/Rvn0xsy/Cooolis-ms"
+"C2 related tools","https://github.com/med0x2e/SigFlip"
+"C2 related tools","https://github.com/aeverj/NimShellCodeLoader"
+"C2 related tools","https://github.com/bitsadmin/nopowershell"
+"C2 related tools","https://github.com/Ed1s0nZ/cool"
+"C2_Server","https://github.com/reveng007/C2_Server"
+"C2concealer","https://github.com/RedSiege/C2concealer"
+"C2ReverseProxy","https://github.com/Daybr4ak/C2ReverseProxy"
+"C2-Tool-Collection","https://github.com/outflanknl/C2-Tool-Collection"
+"C3","https://github.com/WithSecureLabs/C3"
+"Cable","https://github.com/logangoins/Cable"
+"Cactus WHID","https://github.com/mthcht/awesome-lists/blob/main/Lists/suspicious_usb_ids_list.csv"
+"CACTUSTORCH","https://github.com/mdsecactivebreach/CACTUSTORCH"
+"Cain&Abel","https://github.com/undergroundwires/CEH-in-bullet-points/blob/master/chapters/08-sniffing/sniffing-tools.md"
+"CamHacker","https://github.com/KasRoudra/CamHacker"
+"Cam-Hackers","https://github.com/AngelSecurityTeam/Cam-Hackers"
+"canarytokens.com","http://canarytokens.com"
+"CandyPotato","https://github.com/klezVirus/CandyPotato"
+"canisrufus","https://github.com/maldevel/canisrufus"
+"CarbonCopy","https://github.com/paranoidninja/CarbonCopy"
+"cat","N/A"
+"cat","https://github.com/RoseSecurity/Red-Teaming-TTPs/blob/main/Linux.md"
+"catbox.moe","https://files[.]catbox.moe"
+"catphish","https://github.com/ring0lab/catphish"
+"catspin","https://github.com/rootcathacking/catspin"
+"ccmpwn","https://github.com/mandiant/ccmpwn"
+"cdn-proxy","https://github.com/RyanJarv/cdn-proxy"
+"celerystalk","https://github.com/sethsec/celerystalk"
+"CelestialSpark","https://github.com/Karkas66/CelestialSpark"
+"cerbrutus","https://github.com/Cerbrutus-BruteForcer/cerbrutus"
+"Certify","https://github.com/jakobfriedl/precompiled-binaries"
+"Certipy","https://github.com/ly4k/Certipy"
+"certoc","https://lolbas-project.github.io/lolbas/Binaries/Certoc/"
+"CertStealer","https://github.com/TheWover/CertStealer"
+"certsync","https://github.com/zblurx/certsync"
+"certutil","N/A"
+"ChaiLdr","https://github.com/Cipher7/ChaiLdr"
+"changeme","https://github.com/ztgrace/changeme"
+"chaos","https://github.com/tiagorlampert/CHAOS"
+"chaos","https://blog.qualys.com/vulnerabilities-threat-research/2022/01/17/the-chaos-ransomware-can-be-ravaging"
+"charles-proxy","https://charlesproxy.com/"
+"charlotte","https://github.com/9emin1/charlotte"
+"chashell","https://github.com/sysdream/chashell"
+"chattr","N/A"
+"chcp","https://thedfirreport.com/2023/04/03/malicious-iso-file-leads-to-domain-wide-ransomware/"
+"Checkmate","https://github.com/S3N4T0R-0X0/Checkmate"
+"CheckPort","https://github.com/jakobfriedl/precompiled-binaries"
+"CheckSMBSigning","https://github.com/Leo4j/CheckSMBSigning"
+"CheeseTools","https://github.com/klezVirus/CheeseTools"
+"cheetah","https://github.com/shmilylty/cheetah"
+"chimera","https://github.com/tokyoneon/Chimera/"
+"Chimera","https://github.com/georgesotiriadis/Chimera"
+"chisel","https://github.com/jpillora/chisel"
+"ChkNull","https://github.com/nyxgeek/classic_hacking_tools"
+"chntpw","https://pogostick.net/~pnh/ntpasswd/chntpw-source-140201.zip"
+"ChromeCookiesView","https://www.nirsoft.net/utils/chrome_cookies_view.html"
+"chromedump","https://github.com/g4l4drim/ChromeDump"
+"ChromeKatz","https://github.com/Meckazin/ChromeKatz"
+"chromepass","https://www.nirsoft.net/utils/chromepass.html"
+"chromium","https://www.splunk.com/en_us/blog/security/mockbin-and-the-art-of-deception-tracing-adversaries-going-headless-and-mocking-apis.html"
+"chromium","https://www.mandiant.com/resources/blog/lnk-between-browsers"
+"chromium","https://redcanary.com/blog/intelligence-insights-june-2023/"
+"CIMplant","https://github.com/RedSiege/CIMplant"
+"cirt-fuzzer","https://www.ecrimelabs.com/"
+"clickjack","https://github.com/trustedsec/The_Shelf"
+"cloakify","https://github.com/TryCatchHCF/Cloakify"
+"CloakNDaggerC2","https://github.com/matt-culbert/CloakNDaggerC2"
+"Cloud VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"cloud_enum","https://github.com/initstring/cloud_enum"
+"cloudflared","https://github.com/cloudflare/cloudflared"
+"cloudsploit","https://github.com/aquasecurity/cloudsploit"
+"CLR-Injection","https://github.com/3gstudent/CLR-Injection"
+"Cmdkey","https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-290a"
+"CmdLineSpoofer","https://github.com/plackyhacker/CmdLineSpoofer"
+"CMLoot","https://github.com/1njected/CMLoot"
+"CMSeek","https://github.com/Tuhinshubhra/CMSeek"
+"cobaltstrike","https://github.com/outflanknl/Recon-AD"
+"cobaltstrike","https://github.com/outflanknl/InlineWhispers"
+"cobaltstrike","https://github.com/outflanknl/Spray-AD"
+"cobaltstrike","https://github.com/p292/Phant0m_cobaltstrike"
+"cobaltstrike","https://github.com/outflanknl/WdToggle"
+"cobaltstrike","https://github.com/outflanknl/FindObjects-BOF"
+"cobaltstrike","https://github.com/optiv/Dent"
+"cobaltstrike","https://github.com/OneHone/C--Shellcode"
+"cobaltstrike","https://github.com/optiv/Registry-Recon"
+"cobaltstrike","https://github.com/outflanknl/Dumpert/tree/master/Dumpert-Aggressor"
+"cobaltstrike","https://github.com/optiv/ScareCrow"
+"cobaltstrike","https://github.com/praetorian-inc/PortBender"
+"cobaltstrike","https://github.com/RiccardoAncarani/BOFs"
+"cobaltstrike","https://github.com/realoriginal/beacon-object-file"
+"cobaltstrike","https://github.com/RiccardoAncarani/LiquidSnake"
+"cobaltstrike","https://github.com/rkervella/CarbonMonoxide"
+"cobaltstrike","https://github.com/RiccardoAncarani/TaskShell"
+"cobaltstrike","https://github.com/RCStep/CSSG"
+"cobaltstrike","https://github.com/pwn1sher/CS-BOFs"
+"cobaltstrike","https://github.com/pureqh/bypassAV"
+"cobaltstrike","https://github.com/RalfHacker/Kerbeus-BOF"
+"cobaltstrike","https://github.com/rasta-mouse/TikiTorch"
+"cobaltstrike","https://github.com/rasta-mouse/PPEnum"
+"cobaltstrike","https://github.com/netero1010/RDPHijack-BOF"
+"cobaltstrike","https://github.com/netero1010/Quser-BOF"
+"cobaltstrike","https://github.com/netero1010/ServiceMove-BOF"
+"cobaltstrike","https://github.com/nettitude/RunOF"
+"cobaltstrike","https://github.com/netero1010/TrustedPath-UACBypass-BOF"
+"cobaltstrike","https://github.com/nccgroup/nccfsas/"
+"cobaltstrike","https://github.com/mlcsec/ASRenum-BOF"
+"cobaltstrike","https://github.com/mgeeky/RedWarden"
+"cobaltstrike","https://github.com/Mr-Un1k0d3r/Cookie-Graber-BOF"
+"cobaltstrike","https://github.com/nccgroup/nccfsas"
+"cobaltstrike","https://github.com/Mr-Un1k0d3r/SCShell"
+"cobaltstrike","https://github.com/nick-frischkorn/TokenStripBOF"
+"cobaltstrike","https://github.com/OG-Sadpanda/SharpCat"
+"cobaltstrike","https://github.com/OG-Sadpanda/SharpCalendar"
+"cobaltstrike","https://github.com/OG-Sadpanda/SharpExcelibur"
+"cobaltstrike","https://github.com/OG-Sadpanda/SharpZippo"
+"cobaltstrike","https://github.com/OG-Sadpanda/SharpSword"
+"cobaltstrike","https://github.com/offsecginger/AggressorScripts"
+"cobaltstrike","https://github.com/obscuritylabs/RAI"
+"cobaltstrike","https://github.com/NtQuerySystemInformation/CustomKeyboardLayoutPersistence"
+"cobaltstrike","https://github.com/Octoberfest7/EventViewerUAC_BOF"
+"cobaltstrike","https://github.com/Octoberfest7/KillDefender_BOF"
+"cobaltstrike","https://github.com/Octoberfest7/KDStab"
+"cobaltstrike","https://github.com/uknowsec/TailorScan"
+"cobaltstrike","https://github.com/Tylous/SourcePoint"
+"cobaltstrike","https://github.com/Unknow101/FuckThatPacker"
+"cobaltstrike","https://github.com/wahyuhadi/beacon-c2-go"
+"cobaltstrike","https://github.com/vysecurity/ANGRYPUPPY"
+"cobaltstrike","https://github.com/Tycx2ry/SweetPotato_CS"
+"cobaltstrike","https://github.com/trustedsec/CS-Remote-OPs-BOF"
+"cobaltstrike","https://github.com/trustedsec/COFFLoader"
+"cobaltstrike","https://github.com/trustedsec/CS-Situational-Awareness-BOF"
+"cobaltstrike","https://github.com/trustedsec/PPLFaultDumpBOF"
+"cobaltstrike","https://github.com/trustedsec/ELFLoader"
+"cobaltstrike","https://github.com/WKL-Sec/HiddenDesktop"
+"cobaltstrike","https://github.com/YDHCUI/csload.net"
+"cobaltstrike","https://github.com/Yaxser/COFFLoader2"
+"cobaltstrike","https://github.com/YDHCUI/manjusaka"
+"cobaltstrike","https://www.cobaltstrike.com/"
+"cobaltstrike","https://github.com/zha0gongz1/DesertFox"
+"cobaltstrike","https://github.com/Yaxser/CobaltStrike-BOF"
+"cobaltstrike","https://github.com/wumb0/rust_bof"
+"cobaltstrike","https://github.com/WKL-Sec/Winsocky"
+"cobaltstrike","https://github.com/xforcered/CredBandit"
+"cobaltstrike","https://github.com/yanghaoi/CobaltStrike_CNA"
+"cobaltstrike","https://github.com/xforcered/Detect-Hooks"
+"cobaltstrike","https://github.com/S3cur3Th1sSh1t/Sharp-HackBrowserData"
+"cobaltstrike","https://github.com/rxwx/cs-rdll-ipc-example"
+"cobaltstrike","https://github.com/securifybv/Visual-Studio-BOF-template"
+"cobaltstrike","https://github.com/Sh0ckFR/InlineWhispers2"
+"cobaltstrike","https://github.com/seventeenman/CallBackDump"
+"cobaltstrike","https://github.com/rvrsh3ll/BOF_Collection"
+"cobaltstrike","https://github.com/rsmudge/ElevateKit"
+"cobaltstrike","https://github.com/rookuu/BOFs"
+"cobaltstrike","https://github.com/rsmudge/Malleable-C2-Profiles"
+"cobaltstrike","https://github.com/rsmudge/ZeroLogon-BOF"
+"cobaltstrike","https://github.com/rsmudge/unhook-bof"
+"cobaltstrike","https://github.com/SpiderLabs/SharpCompile"
+"cobaltstrike","https://github.com/timwhitez/Doge-Loader"
+"cobaltstrike","https://github.com/tijme/kernel-mii"
+"cobaltstrike","https://github.com/tomcarver16/BOF-DLL-Inject"
+"cobaltstrike","https://github.com/trainr3kt/Readfile_BoF"
+"cobaltstrike","https://github.com/trainr3kt/MemReader_BoF"
+"cobaltstrike","https://github.com/threatexpress/red-team-scripts"
+"cobaltstrike","https://github.com/tevora-threat/PowerView3-Aggressor"
+"cobaltstrike","https://github.com/tevora-threat/aggressor-powerview"
+"cobaltstrike","https://github.com/threatexpress/cs2modrewrite"
+"cobaltstrike","https://github.com/threatexpress/random_c2_profile"
+"cobaltstrike","https://github.com/threatexpress/malleable-c2"
+"cobaltstrike","https://github.com/mez-0/winrmdll"
+"cobaltstrike","https://github.com/byt3bl33d3r/BOF-Nim"
+"cobaltstrike","https://github.com/BronzeTicket/ClipboardWindow-Inject"
+"cobaltstrike","https://github.com/C0axx/AggressorScripts"
+"cobaltstrike","https://github.com/ceramicskate0/BOF-Builder"
+"cobaltstrike","https://github.com/CCob/BOF.NET"
+"cobaltstrike","https://github.com/boku7/xPipe"
+"cobaltstrike","https://github.com/boku7/injectAmsiBypass"
+"cobaltstrike","https://github.com/boku7/HOLLOW"
+"cobaltstrike","https://github.com/boku7/injectEtwBypass"
+"cobaltstrike","https://github.com/boku7/whereami"
+"cobaltstrike","https://github.com/boku7/spawn"
+"cobaltstrike","https://github.com/Cobalt-Strike/beacon_health_check"
+"cobaltstrike","https://github.com/CrossC2/CrossC2Kit"
+"cobaltstrike","https://github.com/crisprss/PrintSpoofer"
+"cobaltstrike","https://github.com/crypt0p3g/bof-collection"
+"cobaltstrike","https://github.com/DallasFR/Cobalt-Clip"
+"cobaltstrike","https://github.com/cube0x0/LdapSignCheck"
+"cobaltstrike","https://github.com/cribdragg3r/Alaris"
+"cobaltstrike","https://github.com/Cobalt-Strike/unhook-bof"
+"cobaltstrike","https://github.com/Cobalt-Strike/sleep_python_bridge"
+"cobaltstrike","https://github.com/CodeXTF2/Burp2Malleable"
+"cobaltstrike","https://github.com/Cracked5pider/CoffeeLdr"
+"cobaltstrike","https://github.com/connormcgarr/tgtdelegation"
+"cobaltstrike","https://github.com/1135/1135-CobaltStrike-ToolKit"
+"cobaltstrike","https://github.com/0xthirteen/StayKit"
+"cobaltstrike","https://github.com/Adminisme/ServerScan"
+"cobaltstrike","https://github.com/ajpc500/BOFs"
+"cobaltstrike","https://github.com/airbus-cert/Invoke-Bof"
+"cobaltstrike","https://github.com/0xthirteen/MoveKit"
+"cobaltstrike","https://gist.github.com/G0ldenGunSec/8ca0e853dd5637af2881697f8de6aecc"
+"cobaltstrike","https://bohops.com/2021/03/16/investigating-net-clr-usage-log-tampering-techniques-for-edr-evasion/"
+"cobaltstrike","https://github.com//EspressoCake/HandleKatz_BOF"
+"cobaltstrike","https://github.com/0xEr3bus/PoolPartyBof"
+"cobaltstrike","https://github.com/0x3rhy/AddUser-Bof"
+"cobaltstrike","https://github.com/alfarom256/BOF-ForeignLsass"
+"cobaltstrike","https://github.com/Axx8/ShellCode_Loader"
+"cobaltstrike","https://github.com/ausecwa/bof-registry"
+"cobaltstrike","https://github.com/BC-SECURITY/Malleable-C2-Profiles"
+"cobaltstrike","https://github.com/boku7/BokuLoader"
+"cobaltstrike","https://github.com/bluscreenofjeff/Malleable-C2-Randomizer"
+"cobaltstrike","https://github.com/AttackTeamFamily/cobaltstrike-bof-toolset"
+"cobaltstrike","https://github.com/anthemtotheego/Detect-Hooks"
+"cobaltstrike","https://github.com/AlphabugX/csOnvps"
+"cobaltstrike","https://github.com/anthemtotheego/InlineExecute-Assembly"
+"cobaltstrike","https://github.com/apokryptein/secinject"
+"cobaltstrike","https://github.com/anthemtotheego/SharpCradle"
+"cobaltstrike","https://github.com/hack2fun/BypassAV"
+"cobaltstrike","https://github.com/guervild/BOFs"
+"cobaltstrike","https://github.com/Hangingsword/HouQing"
+"cobaltstrike","https://github.com/IcebreakerSecurity/DelegationBOF"
+"cobaltstrike","https://github.com/Henkru/cs-token-vault"
+"cobaltstrike","https://github.com/gloxec/CrossC2"
+"cobaltstrike","https://github.com/G0ldenGunSec/GetWebDAVStatus"
+"cobaltstrike","https://github.com/FunnyWolf/pystinger"
+"cobaltstrike","https://github.com/Gality369/CS-Loader"
+"cobaltstrike","https://github.com/GhostPack/Koh"
+"cobaltstrike","https://github.com/GeorgePatsias/ScareCrow-CobaltStrike"
+"cobaltstrike","https://github.com/IcebreakerSecurity/PersistBOF"
+"cobaltstrike","https://github.com/lengjibo/NetUser"
+"cobaltstrike","https://github.com/kyleavery/inject-assembly"
+"cobaltstrike","https://github.com/m57/cobaltstrike_bofs"
+"cobaltstrike","https://github.com/med0x2e/SigFlip"
+"cobaltstrike","https://github.com/mdsecactivebreach/CACTUSTORCH"
+"cobaltstrike","https://github.com/kyleavery/AceLdr"
+"cobaltstrike","https://github.com/improsec/SharpEventPersist"
+"cobaltstrike","https://github.com/idiotc4t/Reflective-HackBrowserData"
+"cobaltstrike","https://github.com/jas502n/bypassAV-1"
+"cobaltstrike","https://github.com/k8gege/scrun"
+"cobaltstrike","https://github.com/k8gege/Ladon"
+"cobaltstrike","https://github.com/EncodeGroup/AggressiveProxy"
+"cobaltstrike","https://github.com/eddiezab/aggressor-scripts/tree/master"
+"cobaltstrike","https://github.com/EncodeGroup/BOF-RegSave"
+"cobaltstrike","https://github.com/EspressoCake/DLL_Imports_BOF"
+"cobaltstrike","https://github.com/EncodeGroup/UAC-SilentClean"
+"cobaltstrike","https://github.com/dtmsecurity/bof_helper"
+"cobaltstrike","https://github.com/Daybr4ak/C2ReverseProxy"
+"cobaltstrike","https://github.com/darkr4y/geacon"
+"cobaltstrike","https://github.com/dcsync/pycobalt"
+"cobaltstrike","https://github.com/dr0op/CrossNet-Beta"
+"cobaltstrike","https://github.com/DeEpinGh0st/Erebus"
+"cobaltstrike","https://github.com/EspressoCake/DLL-Hijack-Search-Order-BOF"
+"cobaltstrike","https://github.com/ewby/Mockingjay_BOF"
+"cobaltstrike","https://github.com/EspressoCake/Toggle_Token_Privileges_BOF"
+"cobaltstrike","https://github.com/FalconForceTeam/BOF2shellcode"
+"cobaltstrike","https://github.com/fortra/No-Consolation"
+"cobaltstrike","https://github.com/fcre1938/goShellCodeByPassVT"
+"cobaltstrike","https://github.com/EspressoCake/Self_Deletion_BOF"
+"cobaltstrike","https://github.com/EspressoCake/HandleKatz_BOF"
+"cobaltstrike","https://github.com/EspressoCake/Firewall_Walker_BOF"
+"cobaltstrike","https://github.com/EspressoCake/Needle_Sift_BOF"
+"cobaltstrike","https://github.com/EspressoCake/Process_Protection_Level_BOF"
+"cobaltstrike","https://github.com/EspressoCake/PPLDump_BOF"
+"CoercedPotato","https://github.com/Prepouce/CoercedPotato"
+"CoercedPotatoRDLL","https://github.com/sokaRepo/CoercedPotatoRDLL"
+"Coercer","https://github.com/p0dalirius/Coercer"
+"combine_harvester","https://github.com/m3f157O/combine_harvester"
+"COMHunter","https://github.com/matterpreter/OffensiveCSharp/tree/master/COMHunter"
+"COM-Hunter","https://github.com/nickvourd/COM-Hunter"
+"Commander","https://github.com/voukatas/Commander"
+"commando-vm","https://github.com/mandiant/commando-vm"
+"commix","https://github.com/commixproject/commix"
+"COM-Object-hijacking","https://github.com/3gstudent/COM-Object-hijacking"
+"ComodoRMM (Itarian RMM)","https://one.comodo.com/"
+"Compress-Archive","https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-347a"
+"comsvcs.dll","N/A"
+"ConfuserEx","https://github.com/yck1509/ConfuserEx"
+"conhost.exe","https://x.com/TheDFIRReport/status/1721521617908473907?s=20"
+"conpass","https://github.com/login-securite/conpass"
+"ConPtyShell","https://github.com/antonioCoco/ConPtyShell"
+"ContainYourself","https://github.com/deepinstinct/ContainYourself"
+"conti","https://www.securonix.com/blog/on-conti-ransomware-tradecraft-detection/"
+"Conti Ranwomware","https://news.sophos.com/en-us/2021/09/03/conti-affiliates-use-proxyshell-exchange-exploit-in-ransomware-attacks/"
+"copy","N/A"
+"copy","https://x.com/ACEResponder/status/1720906842631549377"
+"copy","https://media.defense.gov/2023/May/24/2003229517/-1/-1/0/CSA_Living_off_the_Land.PDF"
+"Cordyceps","https://github.com/pard0p/Cordyceps"
+"covenant","https://github.com/cobbr/Covenant"
+"Cowpatty","https://github.com/joswr1ght/cowpatty"
+"cp","N/A"
+"Cr3dOv3r","https://github.com/D4Vinci/Cr3dOv3r"
+"crack.sh","https://crack.sh/get-cracking/"
+"Crack-allDBs","https://github.com/d3ckx1/Crack-allDBs"
+"cracklord","https://github.com/jmmcatee/cracklord"
+"crackmapexec","https://github.com/Porchetta-Industries/CrackMapExec"
+"crackmapexec","https://github.com/byt3bl33d3r/CrackMapExec"
+"crackpkcs12","https://github.com/crackpkcs12/crackpkcs12"
+"Crassus","https://github.com/vu-ls/Crassus"
+"creddump7","https://github.com/CiscoCXSecurity/creddump7"
+"CredMaster","https://github.com/knavesec/CredMaster"
+"CredPhisher","https://github.com/matterpreter/OffensiveCSharp/tree/master/CredPhisher"
+"CredsLeaker","https://github.com/Dviros/CredsLeaker"
+"crond","https://github.com/SigmaHQ/sigma/blob/master/rules/linux/auditd/lnx_auditd_masquerading_crond.yml"
+"Cronos-Rootkit","https://github.com/XaFF-XaFF/Cronos-Rootkit"
+"crontab","N/A"
+"crossc2","https://github.com/gloxec/CrossC2"
+"CrossLinked","https://github.com/m8r0wn/CrossLinked"
+"crowbar","https://github.com/q3k/crowbar"
+"Crowbar","https://github.com/galkan/crowbar"
+"crowdstrike falcon","N/A"
+"crunch","https://sourceforge.net/projects/crunch-wordlist/"
+"crypto_identifier","https://github.com/Acceis/crypto_identifier"
+"CSExec","https://github.com/Metro-Holografix/CSExec.py"
+"csexec","https://github.com/malcomvetter/CSExec"
+"csploit","https://github.com/cSploit/android"
+"cstealer","https://github.com/can-kat/cstealer"
+"cstealer","https://github.com/0x00G/NiceRAT"
+"csvde","https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/cc732101(v=ws.11)"
+"ctfr","https://github.com/UnaPibaGeek/ctfr"
+"ctftool","https://github.com/taviso/ctftool"
+"cuddlephish","https://github.com/fkasler/cuddlephish"
+"curl","https://x.com/CraigHRowland/status/1782938242108837896"
+"curl","https://thedfirreport.com/2024/04/29/from-icedid-to-dagon-locker-ransomware-in-29-days/"
+"curlshell","https://github.com/irsl/curlshell"
+"CursedChrome","https://github.com/mandatoryprogrammer/CursedChrome"
+"cut","N/A"
+"CyberGhost VPN","https://www.cyberghostvpn.com/"
+"CyberGhost VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"cytool","N/A"
+"D1rkInject","https://github.com/TheD1rkMtr/D1rkInject"
+"D3m0n1z3dShell","https://github.com/MatheuZSecurity/D3m0n1z3dShell"
+"Daily VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"Dameware","https://www.solarwinds.com/fr/remote-support-software"
+"Dameware","https://www.solarwinds.com/dameware-mini-remote-control"
+"DAMP","https://github.com/HarmJ0y/DAMP"
+"daphne","https://github.com/codewhitesec/daphne"
+"darkarmour","https://github.com/bats3c/darkarmour"
+"DarkLoadLibrary","https://github.com/bats3c/DarkLoadLibrary"
+"Darkside","https://github.com/ph4nt0mbyt3/Darkside"
+"DarkWidow","https://github.com/reveng007/DarkWidow"
+"DataBouncing","https://github.com/Unit-259/DataBouncing"
+"Dataplicity","https://github.com/wildfoundry/dataplicity-agent"
+"datasploit","https://github.com/dvopsway/datasploit"
+"DavRelayUp","https://github.com/ShorSec/DavRelayUp"
+"dazzleUP","https://github.com/hlldz/dazzleUP"
+"DBC2","https://github.com/Arno0x/DBC2"
+"dcipher-cli","https://github.com/k4m4/dcipher-cli"
+"dcomhijack","https://github.com/WKL-Sec/dcomhijack"
+"DCOMPotato","https://github.com/zcgonvh/DCOMPotato"
+"DcRat","https://github.com/qwqdanchun/DcRat"
+"dd","https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1485/T1485.yaml"
+"Ddexec","https://github.com/arget13/DDexec"
+"DDSpoof","https://github.com/akamai/DDSpoof"
+"DeadPotato","https://github.com/lypd0/DeadPotato"
+"DeathStar","https://github.com/byt3bl33d3r/DeathStar"
+"DebugAmsi","https://github.com/MzHmO/DebugAmsi"
+"debugdfs","https://github.com/RoseSecurity/Red-Teaming-TTPs/blob/main/Anti-Forensics.md"
+"decrypt-chrome-passwords","https://github.com/ohyicong/decrypt-chrome-passwords"
+"Decrypt-RDCMan","https://github.com/vmamuaya/Powershell/blob/master/Decrypt-RDCMan.ps1"
+"DecryptRDCManager","https://github.com/mez-0/DecryptRDCManager"
+"DEDSEC-RANSOMWARE","https://github.com/xelroth/DEDSEC-RANSOMWARE"
+"DEEPRISM VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"DefaultCreds-cheat-sheet","https://github.com/ihebski/DefaultCreds-cheat-sheet"
+"default-password.info","https://default-password.info/"
+"Defeat-Defender","https://github.com/swagkarna/Defeat-Defender-V1.2.0"
+"DefenderCheck","https://github.com/rasta-mouse/ThreatCheck"
+"DefenderCheck","https://github.com/matterpreter/DefenderCheck"
+"defender-control","https://www.sordum.org/9480/defender-control-v2-1/"
+"defender-control","https://github.com/pgkt04/defender-control"
+"deimosc2","https://github.com/DeimosC2/DeimosC2"
+"del","https://github.com/xiaoy-sec/Pentest_Note/blob/52156f816f0c2497c25343c2e872130193acca80/wiki/%E6%9D%83%E9%99%90%E6%8F%90%E5%8D%87/Windows%E6%8F%90%E6%9D%83/RDP%26Firewall/%E5%88%A0%E9%99%A4%E7%97%95%E8%BF%B9.md?plain=1#L4"
+"DelegationBOF","https://github.com/IcebreakerSecurity/DelegationBOF"
+"demiguise","https://github.com/nccgroup/demiguise"
+"Dendrobate","https://github.com/FuzzySecurity/Dendrobate"
+"DeNiSe","https://github.com/mdornseif/DeNiSe"
+"DesertNut","https://github.com/FuzzySecurity/Sharp-Suite/tree/master/DesertNut"
+"dev-tunnels","https://learn.microsoft.com/en-us/azure/developer/dev-tunnels/overview"
+"DFSCoerce","https://github.com/Wh04m1001/DFSCoerce"
+"dialupass","https://www.nirsoft.net/utils/dialupass.html"
+"Diamorphine","https://github.com/m0nad/Diamorphine"
+"dig","https://linux.die.net/man/1/dig"
+"Digispark Attiny85","https://github.com/mthcht/awesome-lists/blob/main/Lists/suspicious_usb_ids_list.csv"
+"Dinjector","https://github.com/Metro-Holografix/DInjector"
+"dir","https://thedfirreport.com/2023/04/03/malicious-iso-file-leads-to-domain-wide-ransomware/"
+"dir","N/A"
+"dir","https://casvancooten.com/posts/2020/11/windows-active-directory-exploitation-cheat-sheet-and-command-reference"
+"dir","https://github.com/peass-ng/PEASS-ng"
+"dirbuster","https://github.com/vulnersCom/burp-Dirbuster"
+"DirCreate2System","https://github.com/binderlabs/DirCreate2System"
+"dirdevil","https://github.com/nyxgeek/dirdevil"
+"Direct-Syscalls","https://github.com/VirtualAlllocEx/Direct-Syscalls-vs-Indirect-Syscalls"
+"dirscraper","https://github.com/Cillian-Collins/dirscraper"
+"dirsearch","https://github.com/maurosoria/dirsearch"
+"DirtyCLR","https://github.com/ipSlav/DirtyCLR"
+"dirtycow","multiple pocs on github and others places "
+"dirty-pipe","https://github.com/0xIronGoat/dirty-pipe"
+"Dirty-Vanity","https://github.com/deepinstinct/Dirty-Vanity"
+"Disable-TamperProtection","https://github.com/AlteredSecurity/Disable-TamperProtection"
+"discord","N/A"
+"discord-c2","https://github.com/bmdyy/discord-c2"
+"Discord-RAT-2.0","https://github.com/moom825/Discord-RAT-2.0"
+"disctopia-c2","https://github.com/3ct0s/disctopia-c2"
+"DiskCryptor","https://github.com/DavidXanatos/DiskCryptor"
+"diskshadow","N/A"
+"DKMC","https://github.com/Mr-Un1k0d3r/DKMC"
+"DLHell","https://github.com/synacktiv/DLHell"
+"dll-hijack-by-proxying","https://github.com/tothi/dll-hijack-by-proxying"
+"DLLHijackTest","https://github.com/slyd0g/DLLHijackTest"
+"DllNotificationInjection","https://github.com/ShorSec/DllNotificationInjection"
+"DllProxy","https://github.com/Iansus/DllProxy/"
+"DLL-Spoofer","https://github.com/MitchHS/DLL-Spoofer"
+"dns","https://github.com/ossec/ossec-hids/blob/master/etc/rules/named_rules.xml"
+"dns2tcp","https://github.com/alex-sector/dns2tcp"
+"dns-black-cat","https://github.com/lawrenceamer/dns-black-cat"
+"dnscan","https://github.com/rbsec/dnscan"
+"dnscat","https://github.com/iagox86/dnscat2"
+"dnscat2","https://github.com/iagox86/dnscat2"
+"dnschef-ng","https://github.com/byt3bl33d3r/dnschef-ng"
+"dnscmd","https://media.defense.gov/2023/May/24/2003229517/-1/-1/0/CSA_Living_off_the_Land.PDF"
+"dnscrypt","https://github.com/DNSCrypt/dnscrypt-proxy"
+"dnsdumpster","https://dnsdumpster.com/"
+"dnsenum","https://github.com/fwaeytens/dnsenum"
+"DNSExfiltrator","https://github.com/Arno0x/DNSExfiltrator"
+"DNS-Hijacking","https://github.com/DyeKuu/DNS-Hijacking"
+"dnskire","https://github.com/0xtosh/dnskire"
+"dnslog.cn","http://dnslog.cn"
+"dnsmorph","https://github.com/netevert/dnsmorph"
+"DNS-Persist","https://github.com/0x09AL/DNS-Persist"
+"dnspot","https://github.com/mosajjal/dnspot"
+"dnsrecon","https://github.com/darkoperator/dnsrecon"
+"DNSStager","https://github.com/mhaskar/DNSStager"
+"dnsteal","https://github.com/m57/dnsteal"
+"DNSTracer","https://github.com/pcoder/DNSTracer"
+"DNS-Tunnel-Keylogger","https://github.com/Geeoon/DNS-Tunnel-Keylogger"
+"dnstwist","https://github.com/elceef/dnstwist"
+"DockerPwn","https://github.com/AbsoZed/DockerPwn.py"
+"DocPlz","https://github.com/TheD1rkMtr/DocPlz"
+"DoHC2","https://github.com/SpiderLabs/DoHC2"
+"domain_analyzer","https://github.com/eldraco/domain_analyzer"
+"domained","https://github.com/TypeError/domained"
+"domainhunter","https://github.com/threatexpress/domainhunter"
+"DomainPasswordSpray","https://github.com/dafthack/DomainPasswordSpray"
+"DOME","https://github.com/v4d1/Dome"
+"donpapi","https://github.com/login-securite/DonPAPI"
+"donut","https://github.com/TheWover/donut"
+"dos-over-tor","https://github.com/skizap/dos-over-tor"
+"DotVPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"DoubleAgent","https://github.com/Cybellum/DoubleAgent"
+"DoubleDrive","https://github.com/SafeBreach-Labs/DoubleDrive"
+"doucme","https://github.com/Ben0xA/DoUCMe"
+"dpapi.py","N/A"
+"dploot","https://github.com/zblurx/dploot"
+"Dr0p1t-Framework","https://github.com/D4Vinci/Dr0p1t-Framework"
+"DragonCastle","https://github.com/mdsecactivebreach/DragonCastle"
+"DriverDump","https://github.com/trustedsec/The_Shelf"
+"DriverQuery","https://github.com/matterpreter/OffensiveCSharp/tree/master/DriverQuery"
+"Droopscan","https://github.com/droope/droopescan"
+"dropbear","https://github.com/mkj/dropbear"
+"dropbox","https://github.com/I-Am-Jakoby/PowerShell-for-Hackers/blob/main/Functions/DropBox-Upload.md"
+"dropmefiles.com","https://github.com/Casualtek/Ransomchats/blob/4a25ac6ad165a4e600aeb72718c3ad41e8f6ce3a/Mallox/20230427.json#L286C25-L286C48"
+"dropper","https://github.com/SaadAhla/dropper"
+"Drupwn","https://github.com/immunIT/drupwn"
+"DSInternals","https://github.com/MichaelGrafnetter/DSInternals"
+"dsniff","https://github.com/tecknicaltom/dsniff"
+"dsquery","N/A"
+"dsquery","https://www.politoinc.com/post/ldap-queries-for-offensive-and-defensive-operations"
+"dsregcmd","https://github.com/Mayyhem/Maestro"
+"dtd-finder","https://github.com/GoSecure/dtd-finder"
+"DUBrute","https://github.com/ch0sys/DUBrute"
+"duckdns.org","https://www.duckdns.org/install.jsp"
+"DuckDuckC2","https://github.com/nopcorn/DuckDuckC2"
+"ducktail","https://www.trendmicro.com/en_be/research/23/e/managed-xdr-investigation-of-ducktail-in-trend-micro-vision-one.html"
+"DueDLLigence","https://github.com/mandiant/DueDLLigence"
+"DumpAADSyncCreds","https://github.com/Hagrid29/DumpAADSyncCreds"
+"DumpCreds","https://github.com/ponypot/dumpcreds"
+"Dumpert","https://github.com/outflanknl/Dumpert"
+"DumpKernel-S1.ps1","https://gist.github.com/adamsvoboda/8f29e09d74b73e1dec3f9049c4358e80"
+"DumpsterFire","https://github.com/TryCatchHCF/DumpsterFire"
+"DumpThatLSASS","https://github.com/peiga/DumpThatLSASS"
+"dwagent","https://github.com/dwservice/agent"
+"DynastyPersist","https://github.com/Trevohack/DynastyPersist"
+"EAPHammer","https://github.com/s0lst1c3/eaphammer"
+"Earth Lusca Operations Tools","https://www.trendmicro.com/content/dam/trendmicro/global/en/research/22/a/earth-lusca-employs-sophisticated-infrastructure-varied-tools-and-techniques/technical-brief-delving-deep-an-analysis-of-earth-lusca-operations.pdf"
+"Earth Lusca Operations Tools ","https://www.trendmicro.com/content/dam/trendmicro/global/en/research/22/a/earth-lusca-employs-sophisticated-infrastructure-varied-tools-and-techniques/technical-brief-delving-deep-an-analysis-of-earth-lusca-operations.pdf https://github.com/RickGeex/ProxyLogon"
+"Earth Lusca Operations Tools ","https://www.trendmicro.com/content/dam/trendmicro/global/en/research/22/a/earth-lusca-employs-sophisticated-infrastructure-varied-tools-and-techniques/technical-brief-delving-deep-an-analysis-of-earth-lusca-operations.pdf https://github.com/winscripting/UAC-bypass/blob/master/FodhelperBypass.ps1"
+"Earth Lusca Operations Tools ","https://www.trendmicro.com/content/dam/trendmicro/global/en/research/22/a/earth-lusca-employs-sophisticated-infrastructure-varied-tools-and-techniques/technical-brief-delving-deep-an-analysis-of-earth-lusca-operations.pdf https://github.com/BeichenDream/BadPotato"
+"Earth Lusca Operations Tools ","https://www.trendmicro.com/content/dam/trendmicro/global/en/research/22/a/earth-lusca-employs-sophisticated-infrastructure-varied-tools-and-techniques/technical-brief-delving-deep-an-analysis-of-earth-lusca-operations.pdf https://github.com/dmaasland/proxyshell-poc"
+"Earth VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"EarthWorm","https://github.com/rootkiter/Binary-files/tree/212c43b40e2e4c2e2703400caaa732557b6080a4"
+"EASSniper","https://github.com/fugawi/EASSniper"
+"easyupload.io","N/A"
+"Ebowla","https://github.com/Genetic-Malware/Ebowla"
+"echo","https://thedfirreport.com/2023/04/03/malicious-iso-file-leads-to-domain-wide-ransomware/"
+"echo","N/A"
+"echo","https://rosesecurity.gitbook.io/red-teaming-ttps/linux"
+"echo","https://github.com/IcebreakerSecurity/DelegationBOF"
+"echo","https://github.com/SigmaHQ/sigma/blob/master/rules/windows/process_creation/win_meterpreter_or_cobaltstrike_getsystem_service_start.yml"
+"echoac-poc","https://github.com/kite03/echoac-poc"
+"EDR_Detector","https://github.com/trickster0/EDR_Detector"
+"EDRaser","https://github.com/SafeBreach-Labs/EDRaser"
+"EDRPrison","https://github.com/senzee1984/EDRPrison"
+"EDRSandBlast","https://github.com/wavestone-cdt/EDRSandblast"
+"EDRSandblast-GodFault","https://github.com/gabriellandau/EDRSandblast-GodFault"
+"EDRSilencer","https://github.com/netero1010/EDRSilencer"
+"EDR-Test","https://github.com/TH3xACE/EDR-Test"
+"EfiGuard","https://github.com/Mattiwatti/EfiGuard"
+"EfsPotato","https://github.com/zcgonvh/EfsPotato"
+"Eggshell","https://github.com/neoneggplant/EggShell"
+"Egress-Assess","https://github.com/FortyNorthSecurity/Egress-Assess"
+"egressbuster","https://github.com/trustedsec/egressbuster"
+"EHORUS RMM","https://pandorafms.com/en/remote-control/"
+"elastic-agent","N/A"
+"elevationstation","https://github.com/g3tsyst3m/elevationstation"
+"Elevator","https://github.com/Kudaes/Elevator"
+"elite-proxy-finder","https://github.com/DanMcInerney/elite-proxy-finder"
+"EmailAll","https://github.com/Taonn/EmailAll"
+"email-format","https://www.email-format.com"
+"EmbedInHTML","https://github.com/Arno0x/EmbedInHTML"
+"emkei.cz","https://emkei.cz/"
+"empire","https://github.com/EmpireProject/Empire-GUI"
+"empire","https://www.powershellempire.com/"
+"empire","https://github.com/EmpireProject/Empire"
+"empire","https://github.com/BC-SECURITY/Empire"
+"empire","https://github.com/BC-SECURITY/Starkiller"
+"EnableAllTokenPrivs","https://github.com/xvt-void/EnableAllTokenPrivs"
+"EncryptedZIP","https://github.com/matterpreter/OffensiveCSharp/tree/master/EncryptedZIP"
+"enum4linux","https://github.com/CiscoCXSecurity/enum4linux"
+"EQGR","https://fdik.org/EQGRP/Linux/doc/old/etc/user.tool.elgingamble.COMMON"
+"EQGR","https://fdik.org/EQGRP/Linux/doc/old/etc/abopscript.txt"
+"EQGRP tools","https://github.com/x0rz/EQGRP/blob/master/Linux/bin/noclient-3.3.2.3-linux-i386"
+"EQGRP tools","https://github.com/x0rz/EQGRP/blob/master/Linux/bin/emptybowl.py"
+"EQGRP tools","https://github.com/x0rz/EQGRP/blob/master/Linux/doc/old/etc/user.tool.dubmoat.COMMON"
+"EQGRP tools","https://github.com/x0rz/EQGRP/tree/master/Linux/bin"
+"EQGRP tools","https://github.com/x0rz/EQGRP/blob/master/Linux/doc/user.tool.elatedmonkey"
+"EQGRP tools","https://github.com/Artogn/EQGRP-1/blob/master/Linux/bin/ftshell.v3.10.2.1"
+"EQGRP tools","https://github.com/Artogn/EQGRP-1/blob/master/Linux/bin/Auditcleaner"
+"EQGRP tools","https://github.com/thePevertedSpartan/EQ1/blob/0c2354ff1073099b2aa417030b3167ec29d7279c/Linux/doc/old/etc/user.tool.poptop.COMMON"
+"EQGRP tools","https://github.com/x0rz/EQGRP/blob/master/Linux/bin/echowrecker"
+"EQGRP tools","https://github.com/wolf-project/NSA-TOOLS-SHADOW-BROKERS"
+"eraser","https://sourceforge.net/projects/eraser"
+"esentutl","https://lolbas-project.github.io/lolbas/Binaries/Esentutl/"
+"esxcli","https://medium.com/detect-fyi/detecting-and-responding-to-esxi-compromise-with-splunk-f33998ce7823"
+"Eternalblue-Doublepulsar-Metasploit","https://github.com/Telefonica/Eternalblue-Doublepulsar-Metasploit"
+"EternalHushFramework","https://github.com/APT64/EternalHushFramework"
+"ETW","https://gist.github.com/xpn/64e5b6f7ad370c343e3ab7e9f9e22503"
+"ETWEventSubscription","https://github.com/matterpreter/OffensiveCSharp/tree/master/ETWEventSubscription"
+"ETWHash","https://github.com/nettitude/ETWHash"
+"etwunhook","https://github.com/Meowmycks/etwunhook"
+"EventCleaner","https://github.com/QAX-A-Team/EventCleaner"
+"EventLogCrasher","https://github.com/floesen/EventLogCrasher"
+"Eventlogedit-evt--General","https://github.com/3gstudent/Eventlogedit-evt--General"
+"Eventlogedit-evtx--Evolution","https://github.com/3gstudent/Eventlogedit-evtx--Evolution"
+"EventViewer-UACBypass","https://github.com/CsEnox/EventViewer-UACBypass"
+"EvilClippy","https://github.com/outflanknl/EvilClippy"
+"evilginx2","https://github.com/kgretzky/evilginx2"
+"evilginx2","https://github.com/An0nUD4Y/Evilginx2-Phishlets"
+"evilginx2","https://github.com/An0nUD4Y/evilginx2"
+"evilgrade","https://github.com/infobyte/evilgrade"
+"EvilLsassTwin","https://github.com/RePRGM/Nimperiments/tree/main/EvilLsassTwin"
+"EvilnoVNC","https://github.com/JoelGMSec/EvilnoVNC"
+"evil-proxy","https://github.com/bbtfr/evil-proxy"
+"evilqr","https://github.com/kgretzky/evilqr"
+"evilrdp","https://github.com/skelsec/evilrdp"
+"EvilSln","https://github.com/cjm00n/EvilSln"
+"evil-winrm","https://github.com/Hackplayers/evil-winrm"
+"EvtMute","https://github.com/bats3c/EvtMute"
+"Excel","https://github.com/tsale/Sigma_rules/blob/main/MISC/pythonfunctionwarnings_disabled.yml"
+"Excel-Exploit","https://github.com/Mr-Cyb3rgh0st/Excel-Exploit/tree/main"
+"exe_to_dll","https://github.com/hasherezade/exe_to_dll"
+"exe2powershell","https://github.com/yanncam/exe2powershell"
+"Executable_Files","https://github.com/reveng007/Executable_Files"
+"exegol","https://github.com/ThePorgs/Exegol"
+"EXOCET-AV-Evasion","https://github.com/tanc7/EXOCET-AV-Evasion"
+"expl-bin","https://github.com/sailay1996/expl-bin"
+"exploit-db","https://www.exploit-db.com/exploits/38576"
+"exploits","https://github.com/XiphosResearch/exploits"
+"Exploits","https://github.com/WindowsExploits/Exploits"
+"export","N/A"
+"expose","https://github.com/beyondcode/expose"
+"ExpressVPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"Exrop","https://github.com/d4em0n/exrop"
+"ExtensionSpoofer","https://github.com/henriksb/ExtensionSpoofer"
+"ExtPassword.exe","https://www.nirsoft.net/utils/external_drive_password_recovery.html"
+"ExtractBitlockerKeys","https://github.com/p0dalirius/ExtractBitlockerKeys"
+"EyeWitness","https://github.com/FortyNorthSecurity/EyeWitness"
+"FakeAMSI","https://github.com/gtworek/PSBits/tree/master/FakeAMSI"
+"FakeCmdLine","https://github.com/gtworek/PSBits/tree/master/FakeCmdLine"
+"FakeImageExploiter","https://github.com/r00t-3xp10it/FakeImageExploiter"
+"fakelogonscreen","https://github.com/bitsadmin/fakelogonscreen"
+"fake-sms","https://github.com/Narasimha1997/fake-sms"
+"Farmer","https://github.com/mdsecactivebreach/Farmer"
+"FastestVPN Proxy","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"fastfuzz","https://github.com/tismayil/fastfuz-chrome-ext"
+"FastStunnel VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"fcrackzip","https://manpages.ubuntu.com/manpages/trusty/man1/fcrackzip.1.html"
+"Fentanyl","https://github.com/dekrypted/Fentanyl"
+"fetch-some-proxies","https://github.com/stamparm/fetch-some-proxies"
+"fex.net","https://fex.net"
+"ffuf","https://github.com/ffuf/ffuf"
+"fgdump","https://gitlab.com/kalilinux/packages/windows-binaries/-/tree/kali/master/fgdump"
+"fgdump","https://github.com/ihamburglar/fgdump"
+"fiddler","https://www.telerik.com/"
+"FiercePhish","https://github.com/Raikia/FiercePhish"
+"file.io","https://twitter.com/mthcht/status/1660953897622544384"
+"fileless-elf-exec","https://github.com/nnsee/fileless-elf-exec"
+"FilelessPELoader","https://github.com/TheD1rkMtr/FilelessPELoader"
+"filetransfer.io","https://filetransfer.io"
+"File-Tunnel","https://github.com/fiddyschmitt/File-Tunnel"
+"FileZilla","https://filezilla-project.org/"
+"find","https://github.com/mIcHyAmRaNe/wso-webshell"
+"find","N/A"
+"find","https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/"
+"find","https://github.com/ice-wzl/wmiexec2"
+"Findsploit","https://github.com/1N3/Findsploit"
+"findstr","N/A"
+"findstr","https://github.com/gabriellandau/PPLFault"
+"findstr ","N/A"
+"findsubdomains","https://findsubdomains.com/"
+"FindUncommonShares","https://github.com/p0dalirius/FindUncommonShares"
+"firefox_decrypt","https://github.com/unode/firefox_decrypt"
+"firesheep","https://codebutler.github.io/firesheep/"
+"fleetdeck","https://fleetdeck.io/"
+"fleetdm","https://github.com/fleetdm/fleet"
+"FlipperZero","https://docs.flipper.net/qflipper/windows-debug"
+"fltMC","https://github.com/mthcht/Purpleteam/blob/main/Simulation/Windows/System/unload_sysmon_driver_with_fltmc.ps1"
+"FluxionNetwork","https://github.com/FluxionNetwork/fluxion"
+"FOCA","https://github.com/ElevenPaths/FOCA"
+"Forensike","https://github.com/bmarchev/Forensike"
+"ForgeCert","https://github.com/jakobfriedl/precompiled-binaries"
+"ForgeCert","https://github.com/GhostPack/ForgeCert"
+"forkatz","https://github.com/Barbarisch/forkatz"
+"ForkPlayground","https://github.com/D4stiny/ForkPlayground"
+"Fornex VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"FourEye","https://github.com/lengjibo/FourEye"
+"FoxyProxy Standard","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"frampton","https://github.com/ins1gn1a/Frampton"
+"Free Avira Phantom VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"Free Fast VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"Free One Touch VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"Free Proxy VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"Free Residential VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"Free VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"FREE VPN DEWELOPMENT","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"Free VPN for Chrome","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"freefilesync","https://freefilesync.org/download.php"
+"Freeze","https://github.com/optiv/Freeze"
+"Freeze.rs","https://github.com/optiv/Freeze.rs"
+"frp","https://github.com/fatedier/frp"
+"FruityC2","https://github.com/xtr4nge/FruityC2"
+"fscan","https://github.com/shadow1ng/fscan"
+"fsutil","https://x.com/0gtweet/status/1720532496847167784"
+"ftype","N/A"
+"Fuck-Etw","https://github.com/unkvolism/Fuck-Etw"
+"FudgeC2","https://github.com/Ziconius/FudgeC2"
+"fuegoshell","https://github.com/v1k1ngfr/fuegoshell"
+"FunctionalC2","https://github.com/FortyNorthSecurity/FunctionalC2"
+"fuxploider","https://github.com/almandin/fuxploider"
+"fuzz.txt","https://github.com/Bo0oM/fuzz.txt/blob/master/fuzz.txt"
+"fuzzdb","https://github.com/fuzzdb-project/fuzzdb"
+"Fynloski Backdoor","https://www.hybrid-analysis.com/sample/43b40a12a966313f889c338e07239a42af67a69745507e45c4e899bcfa913b81/5a3d55d27ca3e1257f7044f3"
+"GadgetToJScript","https://github.com/med0x2e/GadgetToJScript"
+"gateway-finder-imp","https://github.com/whitel1st/gateway-finder-imp"
+"GatherContacts","https://github.com/clr2of8/GatherContacts"
+"gato","https://github.com/praetorian-inc/gato"
+"Gato-X","https://github.com/adnanekhan/Gato-X"
+"GC2-sheet","https://github.com/looCiprian/GC2-sheet"
+"gcat","https://github.com/byt3bl33d3r/gcat"
+"GCPBucketBrute","https://github.com/RhinoSecurityLabs/GCPBucketBrute"
+"GCR-Google-Calendar-RAT","https://github.com/MrSaighnal/GCR-Google-Calendar-RAT"
+"Gecko","https://github.com/MadExploits/Gecko"
+"Generate-Macro","https://github.com/enigma0x3/Generate-Macro"
+"genHTA","https://github.com/mdsecactivebreach/genHTA"
+"GeoProxy","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"getcap","N/A"
+"Getcap","https://github.com/RoseSecurity/Red-Teaming-TTPs/blob/main/Linux.md"
+"getent","N/A"
+"getExploit","https://github.com/Gioyik/getExploit"
+"GetLoggedOnUsersRegistry","https://gist.github.com/RalphDesmangles/22f580655f479f189c1de9e7720776f1"
+"Get-RBCD-Threaded","https://github.com/FatRodzianko/Get-RBCD-Threaded"
+"getsploit","https://github.com/vulnersCom/getsploit"
+"Get-WmiObject","https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.management/get-wmiobject?view=powershell-5.1"
+"Get-WmiObject","https://github.com/alperenugurlu/AD_Enumeration_Hunt/blob/alperen_ugurlu_hack/AD_Enumeration_Hunt.ps1"
+"ghauri","https://github.com/r0oth3x49/ghauri"
+"ghidra","https://github.com/NationalSecurityAgency/ghidra"
+"GhostDriver","https://github.com/BlackSnufkin/GhostDriver"
+"GhostInTheNet","https://github.com/cryptolok/GhostInTheNet"
+"GhostMapper","https://github.com/Oliver-1-1/GhostMapper"
+"GhostPack","https://github.com/GhostPack"
+"Ghostpack-CompiledBinaries","https://github.com/r3motecontrol/Ghostpack-CompiledBinaries"
+"GhostTask","https://github.com/netero1010/GhostTask"
+"gimmecredz","https://github.com/0xmitsurugi/gimmecredz"
+"gimmeSH","https://github.com/A3h1nt/gimmeSH"
+"github","https://github.com/"
+"Github  Username","https://github.com/SecureAuthCorp"
+"Github  Username","https://github.com/SpiderLabs"
+"Github  Username","https://github.com/0x00-0x00"
+"Github  Username","https://github.com/RhinoSecurityLabs"
+"Github Username","https://github.com/RedTeamOperations"
+"Github Username","https://github.com/s0lst1c3"
+"Github Username","https://github.com/realgam3"
+"Github Username","https://github.com/r00t-3xp10it"
+"Github Username","https://github.com/rasta-mouse"
+"Github Username","https://github.com/s0md3v"
+"Github Username","https://github.com/sc0tfree"
+"Github Username","https://github.com/Screetsec"
+"Github Username","https://github.com/sailay1996"
+"Github Username","https://github.com/S3cur3Th1sSh1t"
+"Github Username","https://github.com/S3cur3Th1sSh1t/Amsi-Bypass-Powershell"
+"Github Username","https://github.com/quickbreach"
+"Github Username","https://github.com/n1nj4sec"
+"Github Username","https://github.com/nccgroup"
+"Github Username","https://github.com/mwrlabs"
+"Github Username","https://github.com/MooseDojo"
+"Github Username","https://github.com/Mr-Un1k0d3r"
+"Github Username","https://github.com/neoneggplant"
+"Github Username","https://github.com/P0cL4bs"
+"Github Username","https://github.com/pentestmonkey"
+"Github Username","https://github.com/obscuritylabs"
+"Github Username","https://github.com/NextronSystems"
+"Github Username","https://github.com/nyxgeek"
+"Github Username","https://github.com/virajkulkarni14"
+"Github Username","https://github.com/Viralmaniar"
+"Github Username","https://github.com/unixpickle"
+"Github Username","https://github.com/TryCatchHCF"
+"Github Username","https://github.com/Und3rf10w"
+"Github Username","https://github.com/vysecurity"
+"Github Username","https://github.com/xoreaxeaxeax"
+"Github Username","https://twitter.com/Cneelis"
+"Github Username","https://github.com/xillwillx"
+"Github Username","https://github.com/x0rz"
+"Github Username","https://github.com/x90skysn3k"
+"Github Username","https://github.com/trustedsec"
+"Github Username","https://github.com/SecWiki/windows-kernel-exploits"
+"Github Username","https://github.com/sensepost"
+"Github Username","https://github.com/securitywithoutborders"
+"Github Username","https://github.com/secgroundzero"
+"Github Username","https://github.com/secrary"
+"Github Username","https://github.com/SilverPoision"
+"Github Username","https://github.com/toolswatch/blackhat-arsenal-tools"
+"Github Username","https://github.com/True-Demon"
+"Github Username","https://github.com/tiagorlampert"
+"Github Username","https://github.com/SySS-Research"
+"Github Username","https://github.com/threatexpress"
+"Github Username","https://github.com/mogwailabs"
+"Github Username","https://github.com/CyDefUnicorn"
+"Github Username","https://github.com/D4Vinci/"
+"Github Username","https://github.com/Cybellum"
+"Github Username","https://github.com/cryptolok"
+"Github Username","https://github.com/curi0usJack"
+"Github Username","https://github.com/dafthack"
+"Github Username","https://github.com/DominicBreuker"
+"Github Username","https://github.com/enigma0x3"
+"Github Username","https://github.com/deepzec"
+"Github Username","https://github.com/danielbohannon"
+"Github Username","https://github.com/dchrastil"
+"Github Username","https://github.com/Coalfire-Research"
+"Github Username","https://github.com/BastilleResearch"
+"Github Username","https://github.com/BC-SECURITY"
+"Github Username","https://github.com/attackercan/"
+"Github Username","https://github.com/aboul3la"
+"Github Username","https://github.com/Arno0x"
+"Github Username","https://github.com/Ben0xA"
+"Github Username","https://github.com/byt3bl33d3r"
+"Github Username","https://github.com/Cn33liz"
+"Github Username","https://github.com/Bo0oM"
+"Github Username","https://github.com/berzerk0"
+"Github Username","https://github.com/BishopFox"
+"Github Username","https://github.com/klsecservices/s7scan"
+"Github Username","https://github.com/lanjelot"
+"Github Username","https://github.com/klsecservices"
+"Github Username","https://github.com/kgretzky"
+"Github Username","https://github.com/khast3x"
+"Github Username","https://github.com/leapsecurity"
+"Github Username","https://github.com/matterpreter"
+"Github Username","https://github.com/mdsecactivebreach/"
+"Github Username","https://github.com/m8r0wn"
+"Github Username","https://github.com/LordNoteworthy"
+"Github Username","https://github.com/m4ll0k"
+"Github Username","https://github.com/JPCERTCC"
+"Github Username","https://github.com/GoSecure"
+"Github Username","https://github.com/h0nus"
+"Github Username","https://github.com/g0tmi1k"
+"Github Username","https://github.com/evilsocket"
+"Github Username","https://github.com/FortyNorthSecurity"
+"Github Username","https://github.com/Hack-with-Github"
+"Github Username","https://github.com/itsKindred"
+"Github Username","https://github.com/jedisct1"
+"Github Username","https://github.com/Invoke-IR"
+"Github Username","https://github.com/HarmJ0y"
+"Github Username","https://github.com/hlldz"
+"GithubC2","https://github.com/TheD1rkMtr/GithubC2"
+"Gitleaks","https://github.com/zricethezav/gitleaks"
+"Git-Scanner","https://github.com/HightechSec/git-scanner"
+"GIUDA","https://github.com/foxlox/GIUDA"
+"glit","https://github.com/shadawck/glit"
+"GlllPowerloader","https://github.com/INotGreen/GlllPowerloader"
+"GlobalUnProtect","https://github.com/rotarydrone/GlobalUnProtect"
+"gmer","gmer.net"
+"gMSADumper","https://github.com/micahvandeusen/gMSADumper"
+"GMSAPasswordReader","https://github.com/rvazarkar/GMSAPasswordReader"
+"GMSAPasswordReader","https://github.com/jakobfriedl/precompiled-binaries"
+"GoAWSConsoleSpray","https://github.com/WhiteOakSecurity/GoAWSConsoleSpray"
+"gobfuscate","https://github.com/unixpickle/gobfuscate"
+"gobuster","https://github.com/OJ/gobuster"
+"gocrack","https://github.com/mandiant/gocrack"
+"godoh","https://github.com/sensepost/godoh"
+"godpotato","https://github.com/weaselsec/GodPotato-Aggressor-Script"
+"GodPotato","https://github.com/jakobfriedl/precompiled-binaries"
+"godpotato","https://github.com/BeichenDream/GodPotato"
+"Godzilla","https://github.com/BeichenDream/Godzilla"
+"GoFetch","https://github.com/GoFetchAD/GoFetch"
+"gofile.io","https://gofile.io"
+"go-http-tunnel","https://github.com/mmatczuk/go-http-tunnel"
+"golang_c2","https://github.com/m00zh33/golang_c2"
+"GoldenGMSA","https://github.com/Semperis/GoldenGMSA"
+"Gom VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"goMatrixC2","https://github.com/n1k7l4i/goMatrixC2"
+"GONET-Scanner","https://github.com/luijait/GONET-Scanner"
+"Goodsync","https://www.goodsync.com/"
+"Google Remote Desktop","https://remotedesktop.google.com"
+"googleweblight.com","https://x.com/1ZRR4H/status/1723062039680000255"
+"goPassGen","https://github.com/bigb0sss/goPassGen"
+"gophish","https://github.com/puzzlepeaches/sneaky_gophish/"
+"gophish","https://github.com/gophish/gophish"
+"gophish","https://github.com/fin3ss3g0d/evilgophish"
+"Gorsair","https://github.com/Ullaakut/Gorsair"
+"go-secdump","https://github.com/jfjallid/go-secdump"
+"gosecretsdump","https://github.com/C-Sto/gosecretsdump"
+"gost","https://github.com/go-gost/gost"
+"gost","https://github.com/ginuerzh/gost"
+"Gotato","https://github.com/iammaguire/Gotato"
+"GoToMyPC","https://www.gotomypc.com/"
+"goWMIExec","https://github.com/C-Sto/goWMIExec"
+"goZulipC2","https://github.com/n1k7l4i/goZulipC2"
+"gpg","N/A"
+"GPOddity","https://github.com/synacktiv/GPOddity"
+"gpp-decrypt","https://gitlab.com/kalilinux/packages/gpp-decrypt"
+"GPSCoordinates","https://github.com/matterpreter/OffensiveCSharp/tree/master/GPSCoordinates"
+"GraphRunner","https://github.com/dafthack/GraphRunner"
+"GraphSpy","https://github.com/RedByte1337/GraphSpy"
+"GraphStrike","https://github.com/RedSiege/GraphStrike"
+"GreatSCT","https://github.com/GreatSCT/GreatSCT"
+"Greenwolf","https://github.com/Greenwolf/social_mapper"
+"grep","https://gtfobins.github.io/"
+"grep","N/A"
+"grep","https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/"
+"grep","https://github.com/RoseSecurity/Red-Teaming-TTPs/blob/main/Linux.md"
+"Group3r","https://github.com/Group3r/Group3r"
+"gsecdump","https://web.archive.org/web/20150606043951if_/http://www.truesec.se/Upload/Sakerhet/Tools/gsecdump-v2b5.exe"
+"gsocket","https://github.com/hackerschoice/gsocket"
+"gt","https://github.com/ao-space/gt"
+"gtfobins","https://gtfobins.github.io/"
+"GTFOBLookup","https://github.com/nccgroup/GTFOBLookup"
+"GTFONow","https://github.com/Frissi0n/GTFONow"
+"guerrillamail","https://www.guerrillamail.com"
+"Guru VPN & Proxy","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"h8mail","https://github.com/opencubicles/h8mail"
+"h8mail","https://github.com/khast3x/h8mail"
+"HackBrowserData","https://github.com/moonD4rk/HackBrowserData"
+"hackforums.net","hackforums.net"
+"hackingtool","https://github.com/Z4nzu/hackingtool"
+"hackshell","https://github.com/hackerschoice/hackshell"
+"HackTheWorld","https://github.com/stormshadow07/HackTheWorld"
+"hack-tools","https://github.com/LasCC/Hack-Tools"
+"hacktricks.xyz","https://hacktricks.xyz"
+"hades","https://github.com/f1zm0/hades"
+"HadesLdr","https://github.com/CognisysGroup/HadesLdr"
+"Hak5 BashBunny","https://github.com/mthcht/awesome-lists/blob/main/Lists/suspicious_usb_ids_list.csv"
+"Hak5 Cloud C2","https://shop.hak5.org/products/c2"
+"hak5 cloudc2","https://shop.hak5.org/products/c2?"
+"Hak5 Lan turtle","https://github.com/mthcht/awesome-lists/blob/main/Lists/suspicious_usb_ids_list.csv"
+"Hak5 O.MG Cable","https://github.com/mthcht/awesome-lists/blob/main/Lists/suspicious_usb_ids_list.csv"
+"Hak5 Rubber Ducky","https://github.com/mthcht/awesome-lists/blob/main/Lists/suspicious_usb_ids_list.csv"
+"Hak5 Rubber Ducky","https://github.com/greghanley/ducky-decode-wiki/blob/master/Guide_Change_USB_VID_PID.wiki"
+"Hak5 Screen Crab","https://github.com/mthcht/awesome-lists/blob/main/Lists/suspicious_usb_ids_list.csv"
+"Hak5 Wifi Pineapple","https://github.com/mthcht/awesome-lists/blob/main/Lists/suspicious_usb_ids_list.csv"
+"hakrawler","https://github.com/hakluke/hakrawler"
+"HardHatC2","https://github.com/DragoQCC/HardHatC2"
+"Harvester_OF_SORROW","https://github.com/hak5/omg-payloads/blob/master/payloads/library/credentials/Harvester_OF_SORROW/payload.txt"
+"Hash-Buster","https://github.com/s0md3v/Hash-Buster"
+"hashcat","https://github.com/hashcat/hashcat"
+"hashcat-rule","https://github.com/clem9669/hashcat-rule"
+"hashview","https://github.com/hashview/hashview"
+"havoc","https://github.com/its-a-feature/Mythic"
+"havoc","https://github.com/HavocFramework/Havoc"
+"hcxdumptool","https://github.com/ZerBea/hcxdumptool"
+"HeapCrypt","https://github.com/TheD1rkMtr/HeapCrypt"
+"HeartBleed","https://github.com/TechnicalMujeeb/HeartBleed"
+"HEKATOMB","https://github.com/Processus-Thief/HEKATOMB"
+"HEKATOMB","https://github.com/ProcessusT/HEKATOMB"
+"HellsGate","https://github.com/am0nsec/HellsGate"
+"HellsHall","https://github.com/Maldev-Academy/HellHall"
+"Heroinn","https://github.com/b23r0/Heroinn"
+"Hibr2Dmp","https://github.com/mthcht/Purpleteam/blob/main/Simulation/Windows/System/dump_lsass_by_converting_hiberfil_to_dmp.ps1"
+"hidden-tear","https://github.com/goliate/hidden-tear"
+"Hide My IP VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"HideAll VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"Hideman VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"HideProcess","https://github.com/landhb/HideProcess"
+"Hijacker","https://github.com/chrisk44/Hijacker"
+"HijackHunter","https://github.com/matterpreter/OffensiveCSharp/tree/master/HijackHunter"
+"hiphp","https://github.com/yasserbdj96/hiphp"
+"history","N/A"
+"Hive","https://github.com/rivitna/Malware"
+"HMA VPN Proxy Unblocker","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"hoaxshell","https://github.com/t3l3machus/hoaxshell"
+"Hola Free VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"Hola VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"holehe","https://github.com/megadose/holehe"
+"homeway.io","https://homeway.io/"
+"HoneypotBuster","https://github.com/JavelinNetworks/HoneypotBuster"
+"hookchain","https://github.com/helviojunior/hookchain"
+"HookDetector","https://github.com/matterpreter/OffensiveCSharp/tree/master/HookDetector"
+"HostRecon","https://github.com/dafthack/HostRecon"
+"Hotspot Shield Elite VPN Proxy","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"Hotspot Shield Free VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"Hoxx VPN Proxy","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"hping","https://github.com/antirez/hping"
+"hping3","https://github.com/RoseSecurity/Red-Teaming-TTPs"
+"HRShell","https://github.com/chrispetrou/HRShell"
+"HTMLSmuggler","https://github.com/D00Movenok/HTMLSmuggler"
+"htran","https://github.com/HiwinCN/Htran"
+"htshells","https://github.com/wireghoul/htshells"
+"http.server","https://x.com/mthcht/status/1827714529687658796"
+"HTTP-Shell","https://github.com/JoelGMSec/HTTP-Shell"
+"Huan","https://github.com/frkngksl/Huan"
+"Hub VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"Hunter.io","https://hunter.io/"
+"HVNC","https://github.com/Meltedd/HVNC"
+"hXOR-Packer","https://github.com/akuafif/hXOR-Packer"
+"hyperion","https://www.kali.org/tools/hyperion/"
+"hypertunnel","https://github.com/berstend/hypertunnel"
+"Hypnos","https://github.com/CaptainNox/Hypnos"
+"hypobrychium","https://github.com/foxlox/hypobrychium"
+"I2P","https://geti2p.net/"
+"icacls","https://github.com/peass-ng/PEASS-ng"
+"icalcs","https://www.hybrid-analysis.com/sample/22a2fc907d960e67fe9def8946907fd324f77afce3f2792750f1ddb1de76fc9f/5ed63f715448965c0d232702"
+"icalcs","https://www.pavel.gr/blog/neutralising-amsi-system-wide-as-an-admin"
+"icalcs","https://github.com/ice-wzl/wmiexec2"
+"icalcs","https://github.com/l3m0n/WinPirate"
+"icebreaker","https://github.com/DanMcInerney/icebreaker"
+"icmpsh","https://github.com/r00t-3xp10it/venom"
+"icmpsh","https://github.com/bdamele/icmpsh"
+"ICMP-TransferTools","https://github.com/icyguider/ICMP-TransferTools"
+"icmptunnel","https://github.com/s-h-3-l-l/katoolin3"
+"IDiagnosticProfileUAC","https://github.com/Wh04m1001/IDiagnosticProfileUAC"
+"IEPassView","https://www.nirsoft.net/utils/internet_explorer_password.html"
+"ifconfig","N/A"
+"ifconfig","https://github.com/RoseSecurity/Red-Teaming-TTPs/blob/main/Linux.md"
+"IHxExec","https://github.com/CICADA8-Research/IHxExec"
+"IIS-Raid","https://github.com/0x09AL/IIS-Raid"
+"Ikeext-Privesc","https://github.com/securycore/Ikeext-Privesc"
+"IKEForce","https://github.com/SpiderLabs/ikeforce"
+"IMDSpoof","https://github.com/grahamhelton/IMDSpoof"
+"Imminent-Monitor","https://github.com/Indestructible7/Imminent-Monitor-v3.9"
+"impacket","https://github.com/oldboy21/LDAP-Password-Hunter"
+"impacket","https://github.com/SecureAuthCorp/impacket"
+"impacket","https://github.com/SecureAuthCorp/impacket/blob/master/examples/getST.py"
+"impacket","https://github.com/LuemmelSec/ntlmrelayx.py_to_exe"
+"impacket","https://casvancooten.com/posts/2020/11/windows-active-directory-exploitation-cheat-sheet-and-command-reference"
+"impacket","https://github.com/dirkjanm/krbrelayx"
+"impacket","https://github.com/fortra/impacket"
+"impacketremoteshell","https://github.com/trustedsec/The_Shelf"
+"impersonate","https://github.com/sensepost/impersonate"
+"impersonate-rs","https://github.com/zblurx/impersonate-rs"
+"Imperva_gzip_WAF_Bypass","https://github.com/BishopFox/Imperva_gzip_WAF_Bypass"
+"ImplantSSP","https://github.com/matterpreter/OffensiveCSharp/tree/master/ImplantSSP"
+"Inc","https://github.com/rivitna/Malware"
+"inceptor","https://github.com/klezVirus/inceptor"
+"Indirect-Syscalls","https://github.com/VirtualAlllocEx/Direct-Syscalls-vs-Indirect-Syscalls"
+"infernal-twin","https://github.com/entropy1337/infernal-twin"
+"InflativeLoading","https://github.com/senzee1984/InflativeLoading"
+"Infoga","https://github.com/m4ll0k/Infoga"
+"iNinja VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"injectify","https://github.com/samdenty/injectify"
+"InjectProc","https://github.com/secrary/InjectProc"
+"InsecurePowerShell","https://github.com/cobbr/InsecurePowerShell"
+"InspectAssembly","https://github.com/matterpreter/OffensiveCSharp/tree/master/InspectAssembly"
+"interactsh","https://github.com/projectdiscovery/interactsh"
+"Intercepter-NG","https://github.com/intercepter-ng"
+"Internal-Monologue","https://github.com/eladshamir/Internal-Monologue"
+"IntruderPayloads","https://github.com/1N3/IntruderPayloads"
+"Inveigh","https://github.com/Kevin-Robertson/Inveigh"
+"Inveigh","https://github.com/jakobfriedl/precompiled-binaries"
+"InvisibilityCloak","https://github.com/h4wkst3r/InvisibilityCloak"
+"Invisi-Shell","https://github.com/OmerYa/Invisi-Shell"
+"Invoke-ACLpwn","https://github.com/fox-it/Invoke-ACLPwn"
+"Invoke-ADEnum","https://github.com/Leo4j/Invoke-ADEnum"
+"Invoke-AzureEnum","https://github.com/tobor88/PowerShell-Red-Team/blob/master/Invoke-AzureEnum.ps1"
+"Invoke-AzurePasswordSpray","https://github.com/tobor88/PowerShell-Red-Team/blob/master/Invoke-AzurePasswordSpray.ps1"
+"Invoke-BSOD","https://github.com/peewpw/Invoke-BSOD"
+"Invoke-BuildAnonymousSMBServer","https://github.com/3gstudent/Invoke-BuildAnonymousSMBServer"
+"Invoke-CleverSpray","https://github.com/wavestone-cdt/Invoke-CleverSpray"
+"Invoke-DNSteal","https://github.com/JoelGMSec/Invoke-DNSteal"
+"Invoke-DOSfuscation","https://github.com/danielbohannon/Revoke-Obfuscation"
+"Invoke-DOSfuscation","https://github.com/danielbohannon/Invoke-DOSfuscation"
+"Invoke-DumpMDEConfig","https://github.com/BlackSnufkin/Invoke-DumpMDEConfig"
+"Invoke-GrabTheHash","https://github.com/Leo4j/Invoke-GrabTheHash"
+"Invoke-Maldaptive","https://github.com/MaLDAPtive/Invoke-Maldaptive"
+"Invoke-Obfuscation","https://github.com/danielbohannon/Invoke-Obfuscation"
+"Invoke-Phant0m","https://github.com/hlldz/Invoke-Phant0m"
+"invoke-piper","https://github.com/p3nt4/Invoke-Piper"
+"Invoke-PowerIncrease","https://github.com/The-Viper-One/Invoke-PowerIncrease"
+"Invoke-PowerThIEf","https://github.com/nettitude/Invoke-PowerThIEf"
+"Invoke-PrintDemon","https://github.com/BC-SECURITY/Invoke-PrintDemon"
+"Invoke-ProcessScan","https://github.com/vysecurity/Invoke-ProcessScan"
+"Invoke-PSImage","https://github.com/peewpw/Invoke-PSImage"
+"Invoke-RDPThief","https://github.com/The-Viper-One/Invoke-RDPThief"
+"Invoke-RunAsSystem","https://github.com/Leo4j/Invoke-RunAsSystem"
+"Invoke-s4u2self","https://github.com/Leo4j/Invoke-s4u2self"
+"Invoke-SMBRemoting","https://github.com/Leo4j/Invoke-SMBRemoting"
+"Invoke-SocksProxy","N/A"
+"Invoke-SocksProxy","https://github.com/roadwy/DefenderYara/blob/9bbdb7f9fd3513ce30aa69cd1d88830e3cf596ca/Backdoor/Win64/PortStarter/Backdoor_Win64_PortStarter_B.yar#L8"
+"Invoke-SocksProxy","https://github.com/p3nt4/Invoke-SocksProxy"
+"Invoke-Stealth","https://github.com/JoelGMSec/Invoke-Stealth"
+"Invoke-TheHash","https://github.com/Kevin-Robertson/Invoke-TheHash"
+"Invoke-TmpDavFS","https://github.com/p3nt4/Invoke-TmpDavFS"
+"Invoke-WCMDump","https://github.com/peewpw/Invoke-WCMDump"
+"Invoke-WMIpersist","https://github.com/bspence7337/Invoke-WMIpersist"
+"Invoke-ZeroLogon","https://github.com/BC-SECURITY/Invoke-ZeroLogon"
+"IObitUnlocker","https://www.iobit.com/en/iobit-unlocker.php#"
+"iodine","https://github.com/yarrick/iodine"
+"ip","N/A"
+"IP Unblock","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"ip-api.com","https://media.defense.gov/2023/May/24/2003229517/-1/-1/0/CSA_Living_off_the_Land.PDF"
+"IPBurger Proxy & VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"IPPrintC2","https://github.com/Diverto/IPPrintC2"
+"ipscan","https://github.com/angryip/ipscan"
+"iptables","https://attack.mitre.org/techniques/T1562/001/"
+"ipv4.myip.wtf","https://github.com/3ct0s/disctopia-c2/blob/main/libraries/disctopia.py"
+"ired.team","https://github.com/mantvydasb/RedTeaming-Tactics-and-Techniques"
+"ItWasAllADream","https://github.com/byt3bl33d3r/ItWasAllADream"
+"ivy","https://github.com/optiv/Ivy"
+"jackdaw","https://github.com/skelsec/jackdaw"
+"jackit","https://github.com/insecurityofthings/jackit"
+"Jasmin-Ransomware","https://github.com/codesiddhant/Jasmin-Ransomware"
+"Jatayu","https://github.com/SpiderMate/Jatayu"
+"java-deserialization-exploits","https://github.com/Coalfire-Research/java-deserialization-exploits"
+"javascript-obfuscator","https://github.com/javascript-obfuscator/javascript-obfuscator"
+"jecretz","https://github.com/sahadnk72/jecretz"
+"Jira-Lens","https://powersploit.readthedocs.io/en/stable/Recon/README/"
+"Jira-Lens","https://github.com/MayankPandey01/Jira-Lens"
+"john","https://github.com/openwall/john/"
+"JohnTheRipper","https://github.com/magnumripper/JohnTheRipper"
+"Jomungand","https://github.com/RtlDallas/Jomungand"
+"joomscan","https://github.com/rezasp/joomscan"
+"Jormungandr","https://github.com/Idov31/Jormungandr"
+"jprq","https://github.com/azimjohn/jprq"
+"JuicyPotato","https://github.com/jakobfriedl/precompiled-binaries"
+"JuicyPotatoNG","https://github.com/antonioCoco/JuicyPotatoNG"
+"JumpSession_BOF","https://github.com/Octoberfest7/JumpSession_BOF"
+"JunctionFolder","https://github.com/matterpreter/OffensiveCSharp/tree/master/JunctionFolder"
+"JustEvadeBro","https://github.com/sinfulz/JustEvadeBro"
+"jwt_tool","https://github.com/ticarpi/jwt_tool"
+"kali","https://www.kali.org/"
+"kali-anonsurf","https://github.com/Und3rf10w/kali-anonsurf"
+"kalitorify","https://github.com/brainfucksec/kalitorify"
+"kaseya VSA","https://www.kaseya.com/products/vsa/"
+"katoolin3","https://github.com/s-h-3-l-l/katoolin3"
+"KaynLdr","https://github.com/Cracked5pider/KaynLdr"
+"KaynStrike","https://github.com/Cracked5pider/KaynStrike"
+"KCMTicketFormatter","https://github.com/blacklanternsecurity/KCMTicketFormatter"
+"KeeFarce","https://github.com/denandz/KeeFarce"
+"keepass-password-dumper","https://github.com/vdohney/keepass-password-dumper"
+"KeePwn","https://github.com/Orange-Cyberdefense/KeePwn"
+"KeeTheft","https://github.com/jakobfriedl/precompiled-binaries"
+"Keethief","https://github.com/GhostPack/KeeThief"
+"KeeThiefSyscalls","https://github.com/Metro-Holografix/KeeThiefSyscalls"
+"kekeo","https://github.com/gentilkiwi/kekeo"
+"Kematian Stealer","https://github[.]com/sap3r-encrypthub/encrypthub"
+"Kematian Stealer","https://github.com/Pirate-Devs/Kematian"
+"kerberoast","https://github.com/xan7r/kerberoast"
+"kerberoast","https://github.com/nidem/kerberoast"
+"KerberOPSEC","https://github.com/Luct0r/KerberOPSEC"
+"kerbrute","https://github.com/ropnop/kerbrute"
+"KExecDD","https://github.com/floesen/KExecDD"
+"KeyCredentialLink","https://github.com/Leo4j/KeyCredentialLink"
+"keylogger keyword","N/A"
+"KeyTabExtract","https://github.com/sosdave/KeyTabExtract"
+"keywa7","https://github.com/keywa7/keywa7"
+"kiglogger","https://kidlogger.net/download.html"
+"KillDefenderBOF","https://github.com/Cerbersec/KillDefenderBOF"
+"killer","https://github.com/0xHossam/Killer"
+"killProcessPOC","https://github.com/timwhitez/killProcessPOC"
+"kismet","https://github.com/kismetwireless/kismet"
+"KittyStager","https://github.com/Enelg52/KittyStager"
+"knowsmore","https://github.com/helviojunior/knowsmore"
+"koadic","https://github.com/zerosum0x0/koadic"
+"koadic","https://github.com/offsecginger/koadic"
+"Koppeling","https://github.com/monoxgas/Koppeling"
+"KPortScan","https://github.com/stardust50578/rdp_brute"
+"krackattacks-scripts","https://github.com/vanhoefm/krackattacks-scripts"
+"Kraken","https://github.com/kraken-ng/Kraken"
+"KrakenMask","https://github.com/RtlDallas/KrakenMask"
+"krbjack","https://github.com/almandin/krbjack"
+"KrbRelay","https://github.com/jakobfriedl/precompiled-binaries"
+"KrbRelay","https://github.com/cube0x0/KrbRelay"
+"KrbRelay-SMBServer","https://github.com/decoder-it/KrbRelay-SMBServer"
+"KrbRelayUp","https://github.com/jakobfriedl/precompiled-binaries"
+"KrbRelayUp","https://github.com/Dec0ne/KrbRelayUp"
+"krbrelayx","https://github.com/dirkjanm/krbrelayx"
+"KRBUACBypass","https://github.com/wh0amitz/KRBUACBypass"
+"kubesploit","https://github.com/cyberark/kubesploit"
+"Kubestroyer","https://github.com/Rolix44/Kubestroyer"
+"kwetza","https://github.com/sensepost/kwetza"
+"L0phtCrack","http://www.l0phtcrack.com/"
+"LALIN","https://github.com/screetsec/LALIN"
+"LANs.py","https://github.com/DanMcInerney/LANs.py"
+"Lansweeper","https://www.lansweeper.com/"
+"LAPSDecrypt","https://gist.github.com/xpn/23dc5b6c260a7571763ca8ca745c32f4"
+"LAPSDumper","https://github.com/n00py/LAPSDumper"
+"LAPSToolkit","https://github.com/leoloobeek/LAPSToolkit"
+"LAPSToolkit","https://github.com/jakobfriedl/precompiled-binaries"
+"LaZagne","https://github.com/AlessandroZ/LaZagne"
+"LaZagneForensic","https://github.com/AlessandroZ/LaZagneForensic"
+"LAZYPARIAH","https://github.com/octetsplicer/LAZYPARIAH"
+"ldap queries","https://research.splunk.com/endpoint/089c862f-5f83-49b5-b1c8-7e4ff66560c7/"
+"ldap queries","https://jsecurity101.medium.com/uncovering-adversarial-ldap-tradecraft-658b2deca384"
+"ldap queries","https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/hunting-for-reconnaissance-activities-using-ldap-search-filters/ba-p/824726"
+"ldap queries","N/A"
+"ldap queries","https://web.archive.org/web/20240109000256/https://cyberdom.blog/2024/01/07/defender-for-identity-hunting-for-ldap/"
+"ldap queries","https://gist.github.com/jsecurity101/9c7e94f95b8d90f9252d64949562ba5d"
+"ldap queries","https://adsecurity.org/?p=299"
+"ldap queries","https://github.com/mthcht/ThreatHunting-Keywords"
+"ldap queries","https://github.com/swarleysez/AD-common-queries"
+"ldap queries","https://github.com/rapid7/metasploit-framework/blob/d37a82500d1d08f9d8ab3da9b194653835748fae/modules/post/windows/gather/enum_ad_managedby_groups.rb#L59"
+"ldapdomaindump","https://github.com/dirkjanm/ldapdomaindump"
+"ldapminer","https://sourceforge.net/projects/ldapminer/"
+"ldapnomnom","https://github.com/lkarlslund/ldapnomnom"
+"LDAP-Password-Hunter","https://github.com/oldboy21/LDAP-Password-Hunter"
+"LDAPPER","https://github.com/shellster/LDAPPER"
+"LdapRelayScan","https://github.com/zyn3rgy/LdapRelayScan"
+"ldapsearch","https://man7.org/linux/man-pages/man1/ldapsearch.1.html"
+"ldapsearch-ad","https://github.com/yaap7/ldapsearch-ad"
+"LDAPWordlistHarvester","https://github.com/p0dalirius/LDAPWordlistHarvester"
+"ldeep","https://github.com/franc-pentest/ldeep"
+"ldifde","https://media.defense.gov/2023/May/24/2003229517/-1/-1/0/CSA_Living_off_the_Land.PDF"
+"LdrLockLiberator","https://github.com/ElliotKillick/LdrLockLiberator"
+"legba","https://github.com/evilsocket/legba"
+"Lethean Proxy VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"LetMeowIn","https://github.com/Meowmycks/LetMeowIn"
+"level.io","https://level.io/"
+"libprocesshider","https://github.com/gianlucaborello/libprocesshider"
+"LightsOut","https://github.com/icyguider/LightsOut"
+"ligolo","https://github.com/sysdream/ligolo"
+"ligolo-ng","https://github.com/nicocha30/ligolo-ng"
+"Lime-Crypter","https://github.com/NYAN-x-CAT/Lime-Crypter"
+"Lime-RAT","https://github.com/NYAN-x-CAT/Lime-RAT"
+"LinEnum","https://github.com/rebootuser/LinEnum"
+"linikatz","https://github.com/CiscoCXSecurity/linikatz"
+"LinikatzV2","https://github.com/Orange-Cyberdefense/LinikatzV2"
+"link","https://github.com/postrequest/link"
+"LinkedInt","https://github.com/mdsecactivebreach/LinkedInt"
+"linux","https://github.com/RoseSecurity/Red-Teaming-TTPs"
+"linux-exploit-suggester","https://github.com/The-Z-Labs/linux-exploit-suggester"
+"linux-pam-backdoor","https://github.com/zephrax/linux-pam-backdoor"
+"linuxprivchecker","https://github.com/sleventyeleven/linuxprivchecker/blob/master/linuxprivchecker.py"
+"linux-smart-enumeration","https://github.com/diego-treitos/linux-smart-enumeration"
+"linWinPwn","https://github.com/lefayjey/linWinPwn"
+"litefuzz","https://github.com/sec-tools/litefuzz"
+"ln","https://rosesecurity.gitbook.io/red-teaming-ttps/linux"
+"lnk2pwn","https://github.com/it-gorillaz/lnk2pwn"
+"lnkbomb","https://github.com/dievus/lnkbomb"
+"LNKUp","https://github.com/Plazmaz/LNKUp"
+"LocalAdminSharp","https://github.com/notdodo/LocalAdminSharp"
+"localhost.run","https://localhost.run/"
+"localpotato","https://github.com/decoder-it/LocalPotato"
+"LocalShellExtParse","https://github.com/herrcore/LocalShellExtParse"
+"localtonet","https://github.com/engineseller/localtonet"
+"localtunnel","https://github.com/NoahShen/gotunnelme"
+"localtunnel","https://github.com/localtunnel/localtunnel"
+"localtunnels","https://github.com/localtunnel/server"
+"localtunnels","https://github.com/localtunnel/localtunnel"
+"localxpose","https://localxpose.io/"
+"locate","N/A"
+"Lockless","https://github.com/GhostPack/Lockless"
+"Locksmith","https://github.com/TrimarcJake/Locksmith"
+"LoGiC.NET","https://github.com/AnErrupTion/LoGiC.NET"
+"logman","N/A"
+"LogMeIn","https://www.logmein.com"
+"logon_backdoor","https://github.com/szymon1118/logon_backdoor"
+"LogonTracer","https://github.com/JPCERTCC/LogonTracer"
+"LOLBAS-Project","https://lolbas-project.github.io/"
+"lolminer","https://github.com/Lolliedieb/lolMiner-releases"
+"LOLSpoof","https://github.com/itaymigdal/LOLSpoof"
+"LostMyPassword","https://www.nirsoft.net/alpha/lostmypassword-x64.zip"
+"Lovely-Potato","https://github.com/TsukiCTF/Lovely-Potato"
+"ls","https://outflank.nl/blog/2023/10/19/listing-remote-named-pipes/"
+"lsarelayx","https://github.com/CCob/lsarelayx"
+"lsass","https://casvancooten.com/posts/2020/11/windows-active-directory-exploitation-cheat-sheet-and-command-reference"
+"LsassReflectDumping","https://github.com/Offensive-Panda/LsassReflectDumping"
+"LsassSilentProcessExit","https://github.com/deepinstinct/LsassSilentProcessExit"
+"lsassy","https://github.com/login-securite/lsassy"
+"lsa-whisperer","https://github.com/EvanMcBroom/lsa-whisperer"
+"lslsass","https://www.virustotal.com/gui/file/b24ab1f8cb68547932dd8a5c81e9b2133763a7ddf48aa431456530c1340b939e/details"
+"LTProxy","https://github.com/L-codes/LTProxy"
+"luckystrike","https://github.com/curi0usJack/luckystrike"
+"Luna-Grabber","https://github.com/Smug246/Luna-Grabber"
+"lyncsmash","https://github.com/nyxgeek/lyncsmash"
+"LyncSniper","https://github.com/mdsecactivebreach/LyncSniper"
+"MAAD-AF","https://github.com/vectra-ai-research/MAAD-AF"
+"MaccaroniC2","https://github.com/CalfCrusher/MaccaroniC2"
+"macchanger","N/A"
+"macetrap","https://github.com/FuzzySecurity/Sharp-Suite/tree/master/MaceTrap"
+"macro_pack","https://github.com/sevagas/macro_pack"
+"Macrome","https://github.com/michaelweber/Macrome"
+"MacroMeter","https://github.com/xillwillx/tricky.lnk"
+"MacroMeter","https://github.com/Cn33liz/MacroMeter"
+"Maestro","https://github.com/Mayyhem/Maestro"
+"maildrop","https://maildrop.cc/"
+"mail-in-the-middle","https://github.com/sensepost/mail-in-the-middle"
+"MailPassView","https://www.nirsoft.net/utils/mailpv.html"
+"mailpv","https://www.nirsoft.net/utils/mailpv.html"
+"MailSniper","https://github.com/dafthack/MailSniper/blob/master/MailSniper.ps1"
+"MailSniper","https://github.com/dafthack/MailSniper"
+"MakeMeAdmin","https://github.com/pseymour/MakeMeAdmin"
+"MaliciousMacroGenerator","https://github.com/Mr-Un1k0d3r/MaliciousMacroGenerator"
+"MaliciousMacroMSBuild","https://github.com/infosecn1nja/MaliciousMacroMSBuild"
+"MalSCCM","https://github.com/nettitude/MalSCCM"
+"Malus VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"malware","N/A"
+"malware","https://www.microsoft.com/security/blog/2022/01/15/destructive-malware-targeting-ukrainian-organizations/"
+"Malware RAT collection","https://github.com/x-cod3r/Remote-administration-tools-archive"
+"MANSPIDER","https://github.com/blacklanternsecurity/MANSPIDER"
+"Mara","https://github.com/io-tl/Mara/"
+"mars stealer","https://3xp0rt.com/posts/mars-stealer"
+"masscan","https://github.com/robertdavidgraham/masscan"
+"MDE_Enum","https://github.com/0xsp-SRD/MDE_Enum"
+"mega.co.nz","https://mega.io/"
+"MEGAcmd","https://github.com/meganz/MEGAcmd"
+"MEGAsync","https://mega.io/en/desktop"
+"megatools","https://github.com/megous/megatools"
+"Memcrashed-DDoS-Exploit","https://github.com/649/Memcrashed-DDoS-Exploit"
+"merlin","https://github.com/Ne0nd0g/merlin"
+"merlin-agent","https://github.com/Ne0nd0g/merlin-agent"
+"merlin-agent-dll","https://github.com/Ne0nd0g/merlin-agent-dll"
+"meshcentral","https://github.com/Ylianst/MeshCentral"
+"meshcentral","https://github.com/Ylianst/MeshAgent"
+"metagoofil","https://github.com/laramies/metagoofi"
+"metame","https://github.com/a0rtega/metame"
+"metasploit","https://www.metasploit.com/"
+"metasploit","N/A"
+"metasploit","https://github.com/RoseSecurity/Red-Teaming-TTPs/blob/main/Linux.md"
+"metasploit","https://github.com/rapid7/metasploit-framework"
+"metasploit","https://github.com/rapid7/metasploit-omnibus"
+"MetasploitCoop","https://github.com/0x727/MetasploitCoop-Frontend"
+"MetasploitCoop","https://github.com/0x727/MetasploitCoop-Backend"
+"MetasploitCoop","https://github.com/0x727/MetasploitCoop_0x727"
+"metasploit-payloads","https://github.com/rapid7/metasploit-payloads"
+"metatwin","https://github.com/threatexpress/metatwin"
+"MeteTool","https://github.com/S-S-X/metatool"
+"MFASweep","https://github.com/dafthack/MFASweep"
+"mhydeath","https://github.com/zer0condition/mhydeath"
+"micr0_shell","https://github.com/senzee1984/micr0_shell"
+"MicroBurst","https://github.com/NetSPI/MicroBurst"
+"Microsoft Recall","N/A"
+"mimidogz","https://github.com/projectb-temp/mimidogz"
+"mimikatz","https://github.com/skelsec/pypykatz"
+"mimikatz","https://github.com/SafeBreach-Labs/EDRaser"
+"mimikatz","https://github.com/Stealthbits/poshkatz"
+"mimikatz","https://github.com/xorrior/RandomPS-Scripts"
+"mimikatz","https://github.com/vyrus001/go-mimikatz"
+"mimikatz","https://github.com/g4uss47/Invoke-Mimikatz"
+"mimikatz","https://casvancooten.com/posts/2020/11/windows-active-directory-exploitation-cheat-sheet-and-command-reference"
+"mimikatz","https://github.com/gentilkiwi/"
+"mimikatz","https://github.com/PowerShellMafia/PowerSploit/blob/master/Exfiltration/Invoke-Mimikatz.ps1"
+"mimikatz","https://github.com/gentilkiwi/mimikatz"
+"mimikittenz","https://github.com/orlyjamie/mimikittenz"
+"mimipenguin","https://github.com/huntergregal/mimipenguin"
+"mimipy","https://github.com/n1nj4sec/mimipy"
+"MirrorDump","https://github.com/CCob/MirrorDump"
+"mitm6","https://github.com/fox-it/mitm6"
+"mitmAP","https://github.com/xdavidhu/mitmAP"
+"MITMf","https://github.com/byt3bl33d3r/MITMf"
+"mitmproxy","https://github.com/mitmproxy/mitmproxy"
+"mitmsocks4j","https://github.com/Akdeniz/mitmsocks4j"
+"mkdir","N/A"
+"Mobile-Security-Framework","https://github.com/MobSF/Mobile-Security-Framework-MobSF"
+"Mobile-Security-Framework-MobSF","https://github.com/MobSF/Mobile-Security-Framework-MobSF"
+"MockDirUACBypass","https://github.com/matterpreter/OffensiveCSharp/tree/master/MockDirUACBypass"
+"modDetective","https://github.com/itsKindred/modDetective"
+"Modlishka ","https://github.com/drk1wi/Modlishka"
+"modproble","https://github.com/elastic/detection-rules/blob/main/rules/linux/defense_evasion_kernel_module_removal.toml"
+"monkey","https://github.com/guardicore/monkey"
+"moonwalk","https://github.com/mufeedvh/moonwalk"
+"Moriarty","https://github.com/BC-SECURITY/Moriarty"
+"morphHTA","https://github.com/vysecurity/morphHTA"
+"mortar","https://github.com/0xsp-SRD/mortar"
+"mousejack","https://github.com/BastilleResearch/mousejack"
+"movefile64.exe","https://www.pavel.gr/blog/neutralising-amsi-system-wide-as-an-admin"
+"movfuscator","https://github.com/xoreaxeaxeax/movfuscator"
+"MozillaCookiesView","https://www.nirsoft.net/utils/mzcv.html"
+"MpCmdRun","N/A"
+"Mr.SIP","https://github.com/meliht/Mr.SIP"
+"mRemoteNG-Decrypt","https://github.com/haseebT/mRemoteNG-Decrypt"
+"ms-appinstaller","N/A"
+"MSBuildShell","https://github.com/Cn33liz/MSBuildShell"
+"MSDAT","https://github.com/quentinhardy/msdat"
+"msfpc","https://github.com/g0tmi1k/msfpc"
+"msfvenom","https://github.com/rapid7/metasploit-framework/wiki/How-to-use-msfvenom"
+"Mshikaki","https://github.com/trevorsaudi/Mshikaki"
+"mshta","N/A"
+"mshta","https://lolbas-project.github.io/lolbas/Binaries/Mshta/"
+"msi-search","https://github.com/mandiant/msi-search"
+"msldapdump","https://github.com/dievus/msLDAPDump"
+"MSOLSpray","https://github.com/dafthack/MSOLSpray"
+"mspass","https://www.nirsoft.net/utils/mspass.html"
+"MSSprinkler","https://github.com/TheresAFewConors/MSSprinkler"
+"mssqlproxy","https://github.com/blackarrowsec/mssqlproxy"
+"MultiDump","https://github.com/Xre0uS/MultiDump"
+"MultiPotato","https://github.com/S3cur3Th1sSh1t/MultiPotato"
+"Muscle VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"MutationGate","https://github.com/senzee1984/MutationGate"
+"My Browser Vpn","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"myexternalip.com","https://myexternalip.com/raw"
+"myftp.biz","https://github.com/hagezi/dns-blocklists/blob/9d6562bddc175b59241d5935531f648cd6b6d9c8/rpz/dyndns.txt#L103"
+"myftp.org","https://github.com/pan-unit42/iocs/blob/master/rat_nest/iocs.csv"
+"my-ip.io","https://github.com/rivitna/Malware"
+"Mystikal","https://github.com/D00MFist/Mystikal"
+"mythic","https://github.com/MythicAgents/freyja/"
+"mythic","https://github.com/MythicAgents/merlin"
+"mythic","https://github.com/MythicAgents/thanatos"
+"mythic","https://github.com/its-a-feature/Mythic"
+"mythic","https://github.com/MythicAgents/Apollo/"
+"mythic","https://github.com/MythicAgents/Athena"
+"nac_bypass","https://github.com/scipag/nac_bypass"
+"NamedPipeMaster","https://github.com/zeze-zeze/NamedPipeMaster"
+"NamelessC2","https://github.com/trickster0/NamelessC2"
+"nanodump","https://github.com/Meowmycks/LetMeowIn"
+"nanodump","https://github.com/fortra/nanodump"
+"nanorobeus","https://github.com/wavvs/nanorobeus"
+"NativeDump","https://github.com/ricardojoserf/NativeDump"
+"nbtscan","N/A"
+"nbtscan","https://github.com/charlesroelli/nbtscan"
+"nbtstat","https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/nbtstat"
+"nc","N/A"
+"nc","https://github.com/RoseSecurity/Red-Teaming-TTPs/blob/main/NetcatCheatSheet.pdf"
+"nc","https://github.com/RoseSecurity/Red-Teaming-TTPs/blob/main/Linux.md"
+"ncat","N/A"
+"ncrack","https://github.com/nmap/ncrack"
+"Necro-Stealer","https://github.com/SecUser1/Necro-Stealer"
+"nemesis","https://github.com/SpecterOps/Nemesis"
+"Neo4j","https://hideandsec.sh/books/cheatsheets-82c/page/active-directory"
+"Neo-reGeorg","https://github.com/L-codes/Neo-reGeorg"
+"nessus","https://fr.tenable.com/products/nessus"
+"net","https://www.microsoft.com/en-us/security/blog/2024/07/29/ransomware-operators-exploit-esxi-hypervisor-vulnerability-for-mass-encryption/"
+"net","https://thedfirreport.com/2024/08/12/threat-actors-toolkit-leveraging-sliver-poshc2-batch-scripts/#c01"
+"net","https://www.virustotal.com/gui/file/b24ab1f8cb68547932dd8a5c81e9b2133763a7ddf48aa431456530c1340b939e/details"
+"net","N/A"
+"net","https://www.virustotal.com/gui/file/cde4ca499282045eecd4fc15ac80a232294556a59b3c8c8a7a593e8333cfd3c7/behavior"
+"net","https://thedfirreport.com/2023/02/06/collect-exfiltrate-sleep-repeat/"
+"net","https://github.com/rivitna/Malware"
+"net","https://github.com/alperenugurlu/AD_Enumeration_Hunt/blob/alperen_ugurlu_hack/AD_Enumeration_Hunt.ps1"
+"net","https://github.com/RoseSecurity/Red-Teaming-TTPs"
+"net","https://news.sophos.com/en-us/2021/09/03/conti-affiliates-use-proxyshell-exchange-exploit-in-ransomware-attacks/"
+"net","https://github.com/TheParmak/conti-leaks-englished/blob/45d49307f347aff10e0f088af25142f8929b4c4f/anonfile_dumps/31.txt#L236"
+"netcat","https://nmap.org/ncat/"
+"netcat","https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Reverse%20Shell%20Cheatsheet.md"
+"net-creds","https://github.com/DanMcInerney/net-creds"
+"NetExec","https://github.com/Pennyw0rth/NetExec"
+"Net-GPPPassword","https://github.com/outflanknl/Net-GPPPassword"
+"netkit","https://github.com/Notselwyn/netkit"
+"NetLoader","https://github.com/Flangvik/NetLoader"
+"NetNTLMtoSilverTicket","https://github.com/NotMedic/NetNTLMtoSilverTicket"
+"netpass","https://www.nirsoft.net/utils/network_password_recovery.html"
+"NetRipper","https://github.com/NytroRST/NetRipper"
+"netscan","https://www.softperfect.com/products/networkscanner/"
+"NetSess","https://www.joeware.net/freetools/tools/netsess/"
+"netsh","https://tria.ge/231006-ydmxjsfe5s/behavioral1/analog?proc=66"
+"netsh","https://www.cisa.gov/sites/default/files/2023-05/aa23-136a_stopransomware_bianlian_ransomware_group_1.pdf"
+"netsh","N/A"
+"netsh","https://media.defense.gov/2024/Feb/07/2003389936/-1/-1/0/JOINT-GUIDANCE-IDENTIFYING-AND-MITIGATING-LOTL.PDF"
+"netsh","https://github.com/ice-wzl/wmiexec2"
+"netsh","https://github.com/swagkarna/Defeat-Defender-V1.2.0"
+"netsh","https://media.defense.gov/2023/May/24/2003229517/-1/-1/0/CSA_Living_off_the_Land.PDF"
+"NetshHelperBeacon","https://github.com/outflanknl/NetshHelperBeacon"
+"NetshRun","https://github.com/gtworek/PSBits/blob/master/NetShRun"
+"netsniff-ng","https://packages.debian.org/fr/sid/netsniff-ng"
+"netstat","N/A"
+"NetSupport","https://www.netsupportmanager.com/"
+"NetworkMiner","http://www.netresec.com/?page=NetworkMiner"
+"NetworkServiceExploit","https://github.com/jakobfriedl/precompiled-binaries"
+"ngrok","https://github.com/RoseSecurity/Red-Teaming-TTPs/blob/main/Linux.md"
+"ngrok","https://github.com/inconshreveable/ngrok"
+"Nidhogg","https://github.com/Idov31/Nidhogg"
+"Nightmangle","https://github.com/1N73LL1G3NC3x/Nightmangle"
+"nikto","https://github.com/sullo/nikto"
+"NimBlackout","https://github.com/Helixo32/NimBlackout"
+"nimbo-c2","https://github.com/itaymigdal/Nimbo-C2"
+"nimcrypt","https://github.com/icyguider/nimcrypt"
+"Nimcrypt2","https://github.com/icyguider/Nimcrypt2"
+"NimDllSideload","https://github.com/byt3bl33d3r/NimDllSideload"
+"NimExec","https://github.com/frkngksl/NimExec"
+"nimplant","https://github.com/chvancooten/NimPlant"
+"nimproxydll","https://github.com/cyllective/nimproxydll"
+"NimScan","https://github.com/elddy/NimScan"
+"Ninja","https://github.com/ahmedkhlief/Ninja"
+"nipe","https://github.com/htrgouvea/nipe"
+"nipe","https://github.com/GouveaHeitor/nipe"
+"nircmd","https://www.nirsoft.net/utils/nircmd.html"
+"nirsoft","https://medium.com/checkmarx-security/python-obfuscation-traps-1acced941375"
+"nirsoft tools","nirsoft.net"
+"nirsoft tools","N/A"
+"nishang","https://github.com/samratashok/nishang/tree/master/Antak-WebShell"
+"nishang","https://github.com/samratashok/nishang"
+"NixImports","https://github.com/dr4k0nia/NixImports"
+"NLBrute","https://github.com/amazond/NLBrute-1.2"
+"nltest","N/A"
+"nltest","https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-347a"
+"nmap","https://nmap.org/"
+"nmap","https://github.com/zmap/zmap"
+"nmap","https://github.com/vulnersCom/nmap-vulners"
+"nmap","N/A"
+"nmap","https://svn.nmap.org/nmap/scripts/"
+"nmap","https://nmap.org/book/nse-usage.html"
+"nmap","https://github.com/shadawck/nse-install"
+"nmap","https://github.com/nccgroup/nmap-nse-vulnerability-scripts"
+"nmap","https://github.com/Diverto/nse-log4shell"
+"nmap","https://github.com/cldrn/nmap-nse-scripts/tree/master/scripts"
+"nmap","https://github.com/RoseSecurity/Red-Teaming-TTPs/blob/main/Linux.md"
+"nmap","https://github.com/nmap/nmap/blob/635675b1430a89e950f71112d3bfc74feee4b19a/nselib/http.lua#L2600"
+"nmap","https://github.com/nmap/nmap"
+"no_defender","https://github.com/es3n1n/no-defender"
+"NoArgs","https://github.com/oh-az/NoArgs"
+"NoFilter","https://github.com/deepinstinct/NoFilter"
+"NoodleRAT","https://www.trendmicro.com/en_us/research/24/f/noodle-rat-reviewing-the-new-backdoor-used-by-chinese-speaking-g.html"
+"NoPowerShell","https://github.com/jakobfriedl/precompiled-binaries"
+"nopowershell","https://github.com/bitsadmin/nopowershell"
+"No-powershell","https://github.com/gtworek/PSBits/blob/master/Misc/No-PowerShell.cs"
+"Nordic NRF52840","https://github.com/mthcht/awesome-lists/blob/main/Lists/suspicious_usb_ids_list.csv"
+"NordVPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"NordVPN","https://nordvpn.com"
+"noseyparker","https://github.com/praetorian-inc/noseyparker"
+"Nosql-Exploitation-Framework","https://github.com/torque59/Nosql-Exploitation-Framework"
+"NoSQLMap","https://github.com/codingo/NoSQLMap"
+"NovaLdr","https://github.com/BlackSnufkin/NovaLdr"
+"novelbfh","https://github.com/nyxgeek/classic_hacking_tools"
+"nping","https://nmap.org/nping/"
+"NPPSpy","https://github.com/gtworek/PSBits/blob/master/PasswordStealing/NPPSpy"
+"nps","https://github.com/yisier/nps"
+"nps_payload","https://github.com/trustedsec/nps_payload"
+"nsa-rules","https://github.com/NSAKEY/nsa-rules"
+"Nsight RMM","https://www.n-able.com/products/n-sight-rmm"
+"nsocks","https://nsocks.net"
+"nsocks","https://github.com/bbepis/Nsocks"
+"ntdissector","https://github.com/synacktiv/ntdissector"
+"ntdlll-unhooking-collection","https://github.com/TheD1rkMtr/ntdlll-unhooking-collection"
+"NTDLLReflection","https://github.com/TheD1rkMtr/NTDLLReflection"
+"NtdllUnpatcher","https://github.com/Signal-Labs/NtdllUnpatcher"
+"ntdsutil","N/A"
+"NTHASH-FPC","https://github.com/erwan2212/NTHASH-FPC"
+"ntlm.pw","https://ntlm.pw"
+"NTLMInjector","https://github.com/vletoux/NTLMInjector"
+"ntlmquic","https://github.com/xpn/ntlmquic"
+"NTLMRelay2Self","https://github.com/med0x2e/NTLMRelay2Self"
+"NtlmRelayToEWS","https://github.com/Arno0x/NtlmRelayToEWS"
+"ntlmscan","https://github.com/nyxgeek/ntlmscan"
+"NTLMSleuth","https://github.com/jmarr73/NTLMSleuth"
+"NtlmThief","https://github.com/MzHmO/NtlmThief"
+"NTMLRecon","https://github.com/pwnfoo/NTLMRecon"
+"NTMLRecon","https://github.com/puzzlepeaches/NTLMRecon"
+"ntpescape","https://github.com/evallen/ntpescape"
+"NtRemoteLoad","https://github.com/florylsk/NtRemoteLoad"
+"NtRights","https://github.com/gtworek/PSBits/tree/master/NtRights"
+"Nuages","https://github.com/p3nt4/Nuages"
+"Nucleus VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"nullinux","https://github.com/m8sec/nullinux"
+"nysm","https://github.com/eeriedusk/nysm"
+"o365-attack-toolkit","https://github.com/mdsecactivebreach/o365-attack-toolkit"
+"o365creeper","https://github.com/LMGsec/o365creeper"
+"o365enum","https://github.com/gremwell/o365enum"
+"o365recon","https://github.com/nyxgeek/o365recon"
+"obfy","https://github.com/fritzone/obfy"
+"octopus","https://github.com/mhaskar/Octopus"
+"OffensiveCpp","https://github.com/lsecqt/OffensiveCpp"
+"OffensiveCSharp","https://github.com/matterpreter/OffensiveCSharp/tree/master"
+"OffensiveLua","https://github.com/hackerhouse-opensource/OffensiveLua"
+"Offensive-Netsh-Helper","https://github.com/rtcrowley/Offensive-Netsh-Helper"
+"OffensiveNotion","https://github.com/mttaggart/OffensiveNotion"
+"Offensive-Payloads","https://github.com/InfoSecWarrior/Offensive-Payloads/"
+"Office-DDE-Payloads","https://github.com/0xdeadbeefJERKY/Office-DDE-Payloads"
+"Office-Persistence","https://github.com/3gstudent/Office-Persistence"
+"Oh365UserFinder","https://github.com/dievus/Oh365UserFinder"
+"Okta-Password-Sprayer","https://github.com/Rhynorater/Okta-Password-Sprayer"
+"OMG-Credz-Plz","https://github.com/hak5/omg-payloads/tree/master/payloads/library/credentials/-OMG-Credz-Plz"
+"OMGLogger","https://github.com/hak5/omg-payloads/tree/master/payloads/library/credentials/OMGLogger"
+"omg-payloads","https://github.com/hak5/omg-payloads"
+"Omnispray","https://github.com/0xZDH/Omnispray"
+"onedrive_user_enum","https://github.com/nyxgeek/onedrive_user_enum"
+"One-Lin3r","https://github.com/D4Vinci/One-Lin3r"
+"onesixtyone","https://github.com/trailofbits/onesixtyone"
+"onex","https://github.com/rajkumardusad/onex"
+"onex","https://github.com/cube0x0/MiniDump"
+"onionpipe","https://github.com/cmars/onionpipe"
+"onionscan","https://onionscan.org/"
+"openbullet","https://github.com/openbullet/OpenBullet2"
+"openbullet","https://github.com/openbullet/openbullet"
+"Openssh","https://learn.microsoft.com/en-us/windows-server/administration/openssh/openssh_install_firstuse?tabs=powershell#install-openssh-for-windows"
+"Openssh","https://github.com/PowerShell/openssh-portable"
+"Openssh","https://blog.thc.org/infecting-ssh-public-keys-with-backdoors"
+"OpenSSH Trojan","https://www.ic3.gov/Media/News/2024/240227.pdf"
+"openssh-portable","https://github.com/PowerShell/openssh-portable"
+"openvas","https://www.openvas.org/"
+"OPENVPN","https://openvpn.net/"
+"OperaPassView","https://www.nirsoft.net/utils/opera_password_recovery.html"
+"Operative Framework","https://github.com/graniet/operative-framework"
+"ophcrack","https://gitlab.com/objectifsecurite/ophcrack"
+"orbitaldump","https://github.com/k4yt3x/orbitaldump"
+"OSCP-Archives","https://github.com/CyDefUnicorn/OSCP-Archives"
+"OSCP-Cheatsheets","https://github.com/blackc03r/OSCP-Cheatsheets/blob/master/offensive-security-experiments/active-directory-kerberos-abuse/t1208-kerberoasting.md"
+"OSEP-Code-Snippets","https://github.com/chvancooten/OSEP-Code-Snippets"
+"oset","https://x.com/0gtweet/status/1817859483445461406"
+"OshiUpload","https://github.com/somenonymous/OshiUpload"
+"Osmedeus","https://github.com/j3ssie/osmedeus"
+"Ouned","https://github.com/synacktiv/Ouned"
+"OWASP","https://github.com/OWASP"
+"OWASP rules","https://github.com/coreruleset/coreruleset/"
+"p0f","https://www.kali.org/tools/p0f/"
+"p0wnedShell","https://github.com/Cn33liz/p0wnedShell"
+"p0wny-shell","https://github.com/flozz/p0wny-shell"
+"P4wnP1","https://github.com/RoganDawes/P4wnP1"
+"Pachine","https://github.com/ly4k/Pachine"
+"PackMyPayload","https://github.com/mgeeky/PackMyPayload/"
+"pacu","https://github.com/RhinoSecurityLabs/pacu"
+"padre","https://github.com/glebarez/padre"
+"PAExec","https://github.com/poweradminllc/PAExec"
+"pamspy","https://github.com/citronneur/pamspy"
+"pandora","https://github.com/efchatz/pandora"
+"panix","https://github.com/Aegrah/PANIX"
+"ParamPamPam","https://github.com/Bo0oM/ParamPamPam"
+"Parasite-Invoke","https://github.com/MzHmO/Parasite-Invoke"
+"parrot os","https://www.parrotsec.org/download/"
+"PassDetective","https://github.com/aydinnyunus/PassDetective"
+"PassHunt","https://github.com/Dionach/PassHunt"
+"passphrase-wordlist","https://github.com/initstring/passphrase-wordlist"
+"PassSpray","https://github.com/Leo4j/PassSpray"
+"PassTheCert","https://github.com/jakobfriedl/precompiled-binaries"
+"PassTheCert","https://github.com/AlmondOffSec/PassTheCert"
+"PassTheChallenge","https://github.com/ly4k/PassTheChallenge"
+"Passware Kit Forensic","https://www.passware.com/kit-forensic/"
+"passwd","N/A"
+"passwordfox","https://www.nirsoft.net/utils/passwordfox.html"
+"Password-Scripts","https://github.com/laconicwolf/Password-Scripts"
+"paste.ee","paste.ee"
+"pastebin","pastebin.com"
+"patator","https://github.com/lanjelot/patator"
+"Pateensy","https://github.com/screetsec/Pateensy"
+"PayGen","https://github.com/youhacker55/PayGen"
+"Payload-Download-Cradles","https://github.com/VirtualAlllocEx/Payload-Download-Cradles"
+"PayloadsAllTheThings","https://github.com/Bo0oM/PayloadsAllTheThings"
+"Pazuzu","https://github.com/BorjaMerino/Pazuzu"
+"PcapXray","https://github.com/Srinivas11789/PcapXray"
+"PCHunter","https://www.majorgeeks.com/files/details/pc_hunter.html"
+"Pcredz","https://github.com/lgandx/Pcredz"
+"pcunlocker","https://www.pcunlocker.com/"
+"pdbedit","https://github.com/RoseSecurity/Red-Teaming-TTPs/blob/main/Linux.md"
+"pe_to_shellcode","https://github.com/hasherezade/pe_to_shellcode"
+"PEASS","https://github.com/carlospolop/PEASS-ng"
+"PEASS-ng","https://github.com/peass-ng/PEASS-ng"
+"peCloak","https://github.com/v-p-b/peCloakCapstone/blob/master/peCloak.py"
+"pendulum","https://github.com/kyleavery/pendulum"
+"pentestbox","https://pentestbox.org/fr/"
+"PENTESTING-BIBLE","https://github.com/blaCCkHatHacEEkr/PENTESTING-BIBLE"
+"pentest-machine","https://github.com/DanMcInerney/pentest-machine"
+"pentest-tools.com","https://pentest-tools.com"
+"PE-Obfuscator","https://github.com/TheD1rkMtr/PE-Obfuscator"
+"PerfExec","https://github.com/0xthirteen/PerfExec"
+"Perfusion","https://github.com/itm4n/Perfusion"
+"persistence_demos","https://github.com/hasherezade/persistence_demos"
+"Persistence-Accessibility-Features","https://github.com/Ignitetechnologies/Persistence-Accessibility-Features"
+"petipotam","https://github.com/topotam/PetitPotam"
+"PetitPotato","https://github.com/wh0amitz/PetitPotato"
+"PewPewPew","https://github.com/PowerShellEmpire/PowerTools"
+"Pezor","https://github.com/phra/PEzor"
+"pgrok","https://github.com/pgrok/pgrok"
+"pgrok","https://github.com/jerson/pgrok"
+"Phant0m","https://github.com/hlldz/Phant0m"
+"PhantomService","https://github.com/matterpreter/OffensiveCSharp/tree/master/PhantomService"
+"phishery","https://github.com/ryhanson/phishery"
+"phishing-HTML-linter","https://github.com/mgeeky/Penetration-Testing-Tools/blob/master/phishing"
+"phoenix miner","N/A"
+"PhoneInfoga","https://github.com/sundowndev/PhoneInfoga"
+"php","https://github.com/RoseSecurity/Red-Teaming-TTPs/blob/main/Linux.md"
+"PhpSploit","https://github.com/nil0x42/phpsploit"
+"phuip-fpizdam","https://github.com/neex/phuip-fpizdam"
+"PickleC2","https://github.com/xRET2pwn/PickleC2"
+"pico","https://github.com/picosh/pico"
+"PILOT","https://github.com/dahvidschloss/PILOT"
+"pingcastle","https://www.pingcastle.com/"
+"pingcastle","https://www.trendmicro.com/content/dam/trendmicro/global/en/research/22/a/earth-lusca-employs-sophisticated-infrastructure-varied-tools-and-techniques/technical-brief-delving-deep-an-analysis-of-earth-lusca-operations.pdf https://github.com/vletoux/pingcastle"
+"pingcastle","https://github.com/vletoux/pingcastle"
+"pingcastle","https://github.com/netwrix/pingcastle"
+"pingcastle","https://github.com/sense-of-security/ADRecon"
+"pinggy","https://pinggy.io/"
+"PingRAT","https://github.com/umutcamliyurt/PingRAT"
+"ping-sweep","https://github.com/libresec/ping-sweep"
+"PipeViewer ","https://github.com/cyberark/PipeViewer"
+"pivotnacci","https://github.com/blackarrowsec/pivotnacci"
+"PKINITtools","https://github.com/dirkjanm/PKINITtools"
+"pktmon","https://learn.microsoft.com/en-us/windows-server/networking/technologies/pktmon/pktmon"
+"plink","N/A"
+"POC","https://github.com/rapid7/metasploit-framework/blob/62bfe03b50a22785b59a069319520531f2663b2b/modules/exploits/linux/http/vmware_workspace_one_access_cve_2022_22954.rb"
+"POC","https://github.com/ricardojba/Invoke-noPac"
+"POC","https://github.com/ricardojba/noPac"
+"POC","https://github.com/random-robbie/cve-2022-23131-exp/blob/main/zabbix.py"
+"POC","https://github.com/QHpix/CVE-2021-44521"
+"POC","https://github.com/rahul1406/cve-2022-0847dirtypipe-exploit"
+"POC","https://github.com/random-robbie/cve-2022-23131-exp"
+"POC","https://github.com/sfewer-r7/CVE-2023-34362"
+"POC","https://github.com/sherlocksecurity"
+"POC","https://github.com/sherlocksecurity/VMware-CVE-2022-22954"
+"POC","https://github.com/SaumyajeetDas/CVE-2023-46604-RCE-Reverse-Shell-Apache-ActiveMQ"
+"POC","https://github.com/Ridter/noPac"
+"POC","https://github.com/risksense/zerologon"
+"POC","https://github.com/rzte/pdf-exploit"
+"POC","https://github.com/qazbnm456/awesome-cve-poc"
+"POC","https://github.com/Notselwyn/CVE-2024-1086"
+"POC","https://github.com/nowsecure/dirtycow"
+"POC","https://github.com/onecloudemoji/CVE-2022-30190"
+"POC","https://github.com/nikhil1232/LibSSH-Authentication-Bypass"
+"POC","https://github.com/Mr-xn/cve-2022-23131"
+"POC","https://github.com/Mr-xn/sunlogin_rce"
+"POC","https://github.com/mtivadar/windows10_ntfs_crash_dos"
+"POC","https://github.com/ptresearch/AttackDetection"
+"POC","https://github.com/puckiestyle/CVE-2022-0847"
+"POC","https://github.com/pykiller/CVE-2022-23131"
+"POC","https://github.com/Privia-Security/ADZero"
+"POC","https://github.com/peterspbr/dirty-pipe-otw"
+"POC","https://github.com/plummm/CVE-2022-27666"
+"POC","https://github.com/positive-security/dompdf-rce"
+"POC","https://github.com/yuanLink/CVE-2022-26809"
+"POC","https://github.com/yunuscadirci/CallStranger"
+"POC","https://github.com/ZecOps/CVE-2020-0796-LPE-POC"
+"POC","https://github.com/yasserjanah/CVE-2020-5902"
+"POC","https://github.com/WiIs0n/Zerologon_CVE-2020-1472"
+"POC","https://github.com/worawit/MS17-010"
+"POC","https://github.com/xndpxs/CVE-2022-0847"
+"POC","https://x.com/HackingLZ/status/1780239802496864474"
+"POC","https://x.com/mthcht/status/1823463842459848906"
+"POC","N/A"
+"POC","https://www.thehacker.recipes/ad/movement/kerberos/samaccountname-spoofing"
+"POC","https://github.com/zhzyker/CVE-2020-5902/"
+"POC","https://github.com/zwjjustdoit/cve-2022-23131"
+"POC","https://gteltsc.vn/blog/warning-new-attack-campaign-utilized-a-new-0day-rce-vulnerability-on-microsoft-exchange-server-12715.html"
+"POC","https://github.com/welk1n/JNDI-Injection-Exploit"
+"POC","https://github.com/sinsinology/CVE-2024-4358"
+"POC","https://github.com/smgorelik/Windows-RCE-exploits"
+"poc","https://github.com/sqrtZeroKnowledge/CVE-2023-23397_EXPLOIT_0DAY"
+"POC","https://github.com/sinsinology/CVE-2024-29855"
+"POC","https://github.com/si1ent-le/CVE-2022-0847"
+"POC","https://github.com/SimoneLazzaris/ditty"
+"POC","https://github.com/sinsinology/CVE-2023-20887"
+"POC","https://github.com/watchtowrlabs/CVE-2024-4577"
+"POC","https://github.com/WazeHell/sam-the-admin/tree/main/utils"
+"POC","https://github.com/websecnl/CVE-2022-26809"
+"POC","https://github.com/trganda/CVE-2022-23131"
+"POC","https://github.com/tangxiaofeng7/CVE-2022-22965-Spring-CachedintrospectionResults-Rce"
+"POC","https://github.com/timwr/CVE-2016-5195"
+"poc","https://github.com/Trackflaw/CVE-2023-23397"
+"POC","https://github.com/colincowie/Safer_PoC_CVE-2022-22965"
+"POC","https://github.com/Crusaders-of-Rust/CVE-2022-0185"
+"POC","https://github.com/cspshivam/CVE-2022-0847-dirty-pipe-exploit"
+"POC","https://github.com/chaudharyarjun/LooneyPwner"
+"POC","https://github.com/Bonfee/CVE-2022-0995"
+"POC","https://github.com/carlosevieira/Dirty-Pipe"
+"POC","https://github.com/chaosec2021/Spring-cloud-function-SpEL-RCE"
+"POC","https://github.com/Fa1c0n35/zabbix-cve-2022-23131"
+"POC","https://github.com/febinrev/dirtypipez-exploit"
+"POC","https://github.com/FireFart/dirtycow"
+"POC","https://github.com/exrienz/DirtyCow"
+"POC","https://github.com/cube0x0/noPac"
+"POC","https://github.com/drgreenthumb93/CVE-2022-30190-follina"
+"POC","https://github.com/dunderhay/CVE-2020-5902"
+"POC","https://github.com/bbaranoff/CVE-2022-0847"
+"POC","https://github.com/ahrixia/CVE_2022_0847"
+"POC","https://github.com/AlexisAhmed/CVE-2022-0847-DirtyPipe-Exploits"
+"POC","https://github.com/antx-code/CVE-2022-0847"
+"POC","https://github.com/4luc4rdr5290/CVE-2022-0847"
+"POC","https://gist.github.com/cihanmehmet/07d2f9dac55f278839b054b8eb7d4cc5"
+"POC","https://github.com/0tt7/CVE-2022-23131"
+"POC","https://github.com/1mxml/CVE-2022-23131"
+"POC","https://github.com/Ayrx/CVE-2021-4034"
+"POC","https://github.com/Ayrx/CVE-2021-4034 "
+"POC","https://github.com/basharkey/CVE-2022-0847-dirty-pipe-checker"
+"POC","https://github.com/Axx8/SpringFramework_CVE-2022-22965_RCE"
+"POC","https://github.com/api0cradle/CVE-2023-23397-POC-Powershell"
+"POC","https://github.com/aqhmal/CVE-2020-5902-Scanner"
+"POC","https://github.com/Arinerron/CVE-2022-0847-DirtyPipe-Exploit"
+"POC","https://github.com/knqyf263/CVE-2022-0847"
+"POC","https://github.com/komomon/CVE-2022-30190-follina-Office-MSDT-Fixed"
+"POC","https://github.com/L0ading-x/cve-2022-23131"
+"POC","https://github.com/kh4sh3i/Spring-CVE"
+"POC","https://github.com/jweny/zabbix-saml-bypass-exp"
+"poc","https://github.com/ka7ana/CVE-2023-23397"
+"POC","https://github.com/KaLendsi/CVE-2022-21882"
+"POC","https://github.com/luijait/PwnKit-Exploit"
+"POC","https://github.com/michaelpoznecki/zerologon"
+"POC","https://github.com/mrchucu1/CVE-2022-0847-Docker"
+"POC","https://github.com/lucksec/CVE-2022-0847"
+"POC","https://github.com/l0n3m4n/CVE-2024-22274-RCE"
+"POC","https://github.com/lcashdol/Exploits"
+"POC","https://github.com/LucasKatashi/CVE-2024-24919"
+"POC","https://github.com/JMousqueton/PoC-CVE-2022-30190"
+"POC","https://github.com/hacksysteam/CVE-2023-21608"
+"POC","https://github.com/hakaioffsec/CVE-2024-21338"
+"poc","https://github.com/Hashi0x/PoC-CVE-2023-21554"
+"POC","https://github.com/gyaansastra/CVE-2022-0847"
+"POC","https://github.com/fortra/CVE-2024-6768"
+"POC","https://github.com/gbonacini/CVE-2016-5195"
+"POC","https://github.com/gottburgm/Exploits"
+"POC","https://github.com/ItsNee/Follina-CVE-2022-30190-POC"
+"POC","https://github.com/jas502n/CVE-2020-5902"
+"POC","https://github.com/jiansiting/CVE-2020-5902"
+"POC","https://github.com/initstring/dirty_sock"
+"POC","https://github.com/horizon3ai/CVE-2024-29824"
+"POC","https://github.com/imfiver/CVE-2022-0847"
+"POC","https://github.com/Immersive-Labs-Sec/nimbuspwn"
+"poisontap","https://github.com/samyk/poisontap"
+"polenum","https://salsa.debian.org/pkg-security-team/polenum"
+"PoolParty","https://github.com/SafeBreach-Labs/PoolParty"
+"PortQry","https://www.microsoft.com/en-us/download/details.aspx?id=17148"
+"Portr","https://github.com/amalshaji/portr"
+"portscan","https://github.com/zs5460/portscan"
+"poshc2","https://github.com/nettitude/PoshC2"
+"Poshito","https://github.com/itaymigdal/Poshito"
+"POSTDump","https://github.com/YOLOP0wn/POSTDump"
+"POSTDump","https://github.com/S3cur3Th1sSh1t/PowerSharpPack"
+"PowerBreach","https://github.com/PowerShellEmpire/PowerTools"
+"PowerBruteLogon","https://github.com/DarkCoderSc/PowerBruteLogon"
+"powercat","https://github.com/besimorhino/powercat"
+"powerextract","https://github.com/powerseb/PowerExtract"
+"PowerForensics","https://github.com/Invoke-IR/PowerForensics"
+"PowerLess","https://gist.github.com/farzinenddo/bb1f1ecb56aa9326abc7b47fc99e588e"
+"PowerLessShell","https://github.com/Mr-Un1k0d3r/PowerLessShell"
+"Powerlurk","https://github.com/Sw4mpf0x/PowerLurk"
+"Powermad","https://github.com/Kevin-Robertson/Powermad"
+"PowerMemory","https://github.com/giMini/PowerMemory"
+"PowerOPS","https://github.com/fdiskyou/PowerOPS"
+"Powerpick","https://github.com/PowerShellEmpire/PowerTools"
+"power-pwn","https://github.com/mbrg/power-pwn"
+"PowerSCCM","https://github.com/PowerShellMafia/PowerSCCM"
+"PowerSharpPack","https://github.com/S3cur3Th1sSh1t/PowerSharpPack"
+"PowerShdll","https://github.com/p3nt4/PowerShdll"
+"powershell","https://thedfirreport.com/2023/02/06/collect-exfiltrate-sleep-repeat/"
+"powershell","https://thedfirreport.com/2023/04/03/malicious-iso-file-leads-to-domain-wide-ransomware/"
+"powershell","https://thedfirreport.com/2023/09/25/from-screenconnect-to-hive-ransomware-in-61-hours/"
+"powershell","https://rexorvc0.com/2024/06/19/Akira-The-Old-New-Style-Crime/"
+"powershell","https://github.com/theyoge/AD-Pentesting-Tools/blob/main/Invoke-SDPropagator.ps1"
+"powershell","https://hideandsec.sh/books/cheatsheets-82c/page/active-directory"
+"powershell","https://learn.microsoft.com/en-us/powershell/module/dnsclient/add-dnsclientdohserveraddress?view=windowsserver2022-ps"
+"powershell","https://www.trendmicro.com/en_us/research/24/b/threat-actor-groups-including-black-basta-are-exploiting-recent-.html"
+"powershell","https://www.virustotal.com/gui/file/00820a1f0972678cfe7885bc989ab3e5602b0febc96baf9bf3741d56aa374f03/behavior"
+"powershell","N/A"
+"powershell","https://www.trendmicro.com/en_us/research/22/g/analyzing-penetration-testing-tools-that-threat-actors-use-to-br.html"
+"powershell","https://thedfirreport.com/2023/10/30/netsupport-intrusion-results-in-domain-compromise/"
+"powershell","https://www.cisa.gov/sites/default/files/2024-08/aa24-241a-iran-based-cyber-actors-enabling-ransomware-attacks-on-us-organizations_0.pdf"
+"powershell","https://www.microsoft.com/en-us/security/blog/2022/04/12/tarrask-malware-uses-scheduled-tasks-for-defense-evasion/"
+"powershell","https://github.com/TheParmak/conti-leaks-englished/blob/45d49307f347aff10e0f088af25142f8929b4c4f/anonfile_dumps/31.txt#L236"
+"powershell","https://github.com/byt3bl33d3r/CrackMapExec"
+"powershell","https://github.com/hak5/omg-payloads/tree/master/payloads/library/credentials/-OMG-Credz-Plz"
+"powershell","https://github.com/ice-wzl/wmiexec2"
+"powershell","https://github.com/alperenugurlu/AD_Enumeration_Hunt/blob/alperen_ugurlu_hack/AD_Enumeration_Hunt.ps1"
+"powershell","https://casvancooten.com/posts/2020/11/windows-active-directory-exploitation-cheat-sheet-and-command-reference"
+"powershell","https://gist.github.com/analyticsearch/7453d22d737e46657eb57c44d5cf4cbb"
+"powershell","https://github.com/Akabanwa-toma/hacke/blob/aaebb5cb188eb3a17bebfedfbde6b354e5522b92/installer.bat#L29C21-L29C63"
+"powershell","https://github.com/reveng007/C2_Server"
+"powershell","https://github.com/spicy-bear/Threat-Hunting/blob/2c89b519862672e29547b4db4796caa923044595/95.213.145.101/%D1%81%D0%B8%D1%80/bat/defendermalwar.bat#L7"
+"powershell","https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Reverse%20Shell%20Cheatsheet.md"
+"powershell","https://github.com/Porchetta-Industries/CrackMapExec"
+"powershell","https://github.com/mthcht/Purpleteam/blob/main/Simulation/Windows/ActiveDirectory/Bruteforce.ps1"
+"powershell","https://github.com/PaloAltoNetworks/Unit42-timely-threat-intel/blob/main/2024-05-14-IOCs-for-DarkGate-activity.txt"
+"powershell","https://github.com/Pennyw0rth/NetExec"
+"PowerShellArsenal","https://github.com/mattifestation/PowerShellArsenal"
+"PowershellKerberos","https://github.com/MzHmO/PowershellKerberos"
+"PowerShellRunner","https://github.com/dievus/PowerShellRunner"
+"Powershell-Scripts-for-Hackers-and-Pentesters","https://github.com/Whitecat18/Powershell-Scripts-for-Hackers-and-Pentesters"
+"PowerShell-Suite","https://github.com/FuzzySecurity/PowerShell-Suite"
+"PowershellTools","https://github.com/gustanini/PowershellTools"
+"PowerShx","https://github.com/iomoath/PowerShx"
+"PowerSploit","https://github.com/PowerShellMafia/PowerSploit"
+"PowerStager","https://github.com/z0noxz/powerstager"
+"PowerUpSQL","https://github.com/NetSPI/PowerUpSQL"
+"PowerUpSQL","https://github.com/jakobfriedl/precompiled-binaries"
+"powerview","https://github.com/PowerShellMafia/PowerSploit/tree/master/Recon"
+"powerview","https://github.com/zloeber/PSAD/blob/master/src/inprogress/Add-ObjectACL.ps1"
+"PowerView","https://github.com/jakobfriedl/precompiled-binaries"
+"powerview","https://github.com/PowerShellMafia/PowerSploit/blob/master/Recon/PowerView.ps1"
+"PP VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"PPLBlade","https://github.com/tastypepperoni/PPLBlade"
+"ppldump","https://github.com/itm4n/PPLdump"
+"PPLFault","https://github.com/gabriellandau/PPLFault"
+"PPLKiller","https://github.com/RedCursorSecurityConsulting/PPLKiller"
+"PPLmedic","https://github.com/itm4n/PPLmedic"
+"PPLSystem","https://github.com/Slowerzs/PPLSystem"
+"precompiled-binaries","https://github.com/jakobfriedl/precompiled-binaries"
+"PredatorTheStealer","https://github.com/SecUser1/PredatorTheStealer"
+"prefetch-tool","https://github.com/exploits-forsale/prefetch-tool"
+"premiumize.me","www.premiumize.me"
+"pretender","https://github.com/RedTeamPentesting/pretender"
+"Prime VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"primusC2","https://github.com/Primusinterp/PrimusC2"
+"Prince-Ransomware","https://github.com/SecDbg/Prince-Ransomware"
+"PrintSpoofer","https://github.com/jakobfriedl/precompiled-binaries"
+"PrintSpoofer","https://github.com/itm4n/PrintSpoofer"
+"Priv2Admin","https://github.com/gtworek/Priv2Admin"
+"Private Internet Access","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"Privesc","https://github.com/enjoiz/Privesc"
+"PrivescCheck","https://github.com/itm4n/PrivescCheck"
+"PrivExchange","https://github.com/dirkjanm/PrivExchange"
+"PrivFu","https://github.com/daem0nc0re/PrivFu/"
+"PrivFu","https://github.com/daem0nc0re/PrivFu"
+"PrivilegeEscalation","https://github.com/LouisVallat/PrivilegeEscalation"
+"Privileger","https://github.com/MzHmO/Privileger"
+"PrivKit","https://github.com/mertdas/PrivKit"
+"privnote.com","https://github.com/Casualtek/Ransomchats/blob/4a25ac6ad165a4e600aeb72718c3ad41e8f6ce3a/Akira/20240620.json#L31C27-L31C48"
+"Probable-Wordlists","https://github.com/berzerk0/Probable-Wordlists"
+"Procdump","https://media.defense.gov/2023/May/24/2003229517/-1/-1/0/CSA_Living_off_the_Land.PDF"
+"Procdump","https://learn.microsoft.com/en-us/sysinternals/downloads/procdump"
+"processhacker","https://processhacker.sourceforge.io/"
+"processhacker","https://learn.microsoft.com/en-us/sysinternals/downloads/procdump"
+"procmon","N/A"
+"produkey","https://www.nirsoft.net/utils/product_cd_key_viewer.html"
+"prometheus","https://github.com/paranoidninja/0xdarkvortex-MalwareDevelopment"
+"Pron VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"ProtectMyTooling","https://github.com/mgeeky/ProtectMyTooling"
+"ProxFlow","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"Proxifier","https://www.proxifier.com/download/"
+"Proxmark","https://github.com/Proxmark/proxmark3"
+"Proxy SwitchyOmega","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"Proxy SwitchySharp","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"proxychains","https://github.com/haad/proxychains"
+"ProxyFlow","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"ProxyShell","https://www.cert.ssi.gouv.fr/uploads/ANSSI_TLPWHITE_ProxyShell_ProxyLogon_Sigma_yml.txt"
+"PRT","https://github.com/RUB-NDS/PRT"
+"PS2EXE","https://github.com/MScholtes/PS2EXE"
+"PS2EXE","https://github.com/Leo4j/PS2EXE"
+"PSAmsi","https://github.com/cobbr/PSAmsi"
+"PSAsyncShell","https://github.com/JoelGMSec/PSAsyncShell"
+"PSAttack","https://github.com/jaredhaight/PSAttack"
+"PSAttack","https://github.com/GDSSecurity/PSAttack"
+"PSBits","https://github.com/gtworek/PSBits/tree/master/EnableAllParentPrivileges"
+"PSByPassCLM","https://github.com/padovah4ck/PSByPassCLM"
+"psexec","https://learn.microsoft.com/fr-fr/sysinternals/downloads/psexec"
+"psgetsystem","https://github.com/decoder-it/psgetsystem"
+"pslist","https://learn.microsoft.com/pt-br/sysinternals/downloads/pslist"
+"psloggedon","https://learn.microsoft.com/en-us/sysinternals/downloads/psloggedon"
+"PSMapExec","https://github.com/The-Viper-One/PsMapExec"
+"Psnmap","https://github.com/KurtDeGreeff/PlayPowershell/blob/master/PSnmap.ps1"
+"psobf","https://github.com/TaurusOmar/psobf"
+"Pspersist","https://github.com/TheD1rkMtr/Pspersist"
+"pspy","https://github.com/DominicBreuker/pspy"
+"PSRansom","https://github.com/JoelGMSec/PSRansom"
+"PSRecon","https://github.com/gfoss/PSRecon"
+"PSSW100AVB","https://github.com/tihanyin/PSSW100AVB"
+"PstPassword","https://www.nirsoft.net/utils/pst_password.html"
+"pth-toolkit","https://github.com/byt3bl33d3r/pth-toolkit"
+"ptunnel-ng","https://github.com/utoni/ptunnel-ng"
+"Pulseway","https://www.pulseway.com/"
+"pupy","https://github.com/n1nj4sec/pupy"
+"PureVPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"PurplePanda","https://github.com/carlospolop/PurplePanda"
+"Push VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"put.io","https://put.i"
+"putty","N/A"
+"PWA-Phishing","https://github.com/mrd0x/PWA-Phishing"
+"PWCrack","https://github.com/L-codes/pwcrack-framework"
+"pwcrack-framework","https://github.com/L-codes/pwcrack-framework"
+"pwdump","https://ftp.samba.org/pub/samba/pwdump/"
+"PwDump7","https://www.openwall.com/passwords/windows-pwdump"
+"PwDump8","https://download.openwall.net/pub/projects/john/contrib/pwdump/pwdump8-8.2.zip"
+"PWDumpX","https://packetstormsecurity.com/files/download/52580/PWDumpX.zip"
+"pwn_jenkins","https://github.com/gquere/pwn_jenkins"
+"pwnagotchi","https://github.com/evilsocket/pwnagotchi"
+"pwnat","https://github.com/samyk/pwnat"
+"pwndrop","https://github.com/kgretzky/pwndrop"
+"pwnlook","https://github.com/amjcyber/pwnlook"
+"pxethief","https://github.com/MWR-CyberSec/PXEThief"
+"py2exe","https://github.com/py2exe/py2exe"
+"pydictor","https://github.com/LandGrey/pydictor"
+"PyExec","https://github.com/OlivierLaflamme/PyExec"
+"PyExfil","https://github.com/ytisf/PyExfil"
+"pyGPOAbuse","https://github.com/Hackndo/pyGPOAbuse"
+"pyinstaller","https://www.pyinstaller.org/"
+"pyLAPS","https://github.com/p0dalirius/pyLAPS"
+"pymultitor","https://github.com/realgam3/pymultitor"
+"pyobfuscate","https://pyobfuscate.com/pyd"
+"PyPagekite","https://github.com/pagekite/PyPagekite"
+"pypykatz","https://github.com/skelsec/pypykatz"
+"Pyramid","https://github.com/naksyn/Pyramid"
+"pyrdp","https://github.com/GoSecure/pyrdp"
+"pyshark","https://github.com/KimiNewt/pyshark"
+"pyshell","https://github.com/JoelGMSec/PyShell"
+"pysnaffler","https://github.com/skelsec/pysnaffler"
+"pysoserial","https://github.com/aStrowxyu/Pysoserial"
+"pysoxy","https://github.com/MisterDaneel/pysoxy"
+"PySQLRecon","https://github.com/Tw1sm/PySQLRecon"
+"python","N/A"
+"python","https://x.com/Ax_Sharma/status/1795813203500322953/photo/4"
+"Python-Rootkit","https://github.com/0xIslamTaha/Python-Rootkit"
+"Python-Wordlist-Generator","https://github.com/agusmakmun/Python-Wordlist-Generator"
+"pywerview","https://github.com/the-useless-one/pywerview"
+"pywhisker","https://github.com/ShutdownRepo/pywhisker"
+"pywsus","https://github.com/GoSecure/pywsus"
+"qaz.im","https://qaz.im/"
+"qaz.is","https://qaz.is/"
+"qaz.su","https://qaz.su/"
+"qu.ax","https://qu[.]ax/"
+"quarkspwdump","https://github.com/quarkslab/quarkspwdump"
+"quarkspwdump","https://github.com/peterdocter/quarkspwdump"
+"Quasar","https://github.com/quasar/Quasar"
+"QuickAssist","https://apps.microsoft.com/detail/9p7bp5vnwkx5"
+"quiet-riot","https://github.com/righteousgambit/quiet-riot"
+"qwinsta","N/A"
+"r77-rootkit","https://github.com/bytecode77/r77-rootkit"
+"Radare2","https://github.com/radareorg/radare2"
+"RadareEye","https://github.com/souravbaghz/RadareEye"
+"Radmin","https://www.radmin.com/download/"
+"RagingRotator","https://github.com/nickzer0/RagingRotator"
+"RainbowCrack","http://project-rainbowcrack.com/"
+"RandomPS-Scripts","https://github.com/xorrior/RandomPS-Scripts"
+"ransomware_notes","https://tria.ge/230901-c2fbqacb36"
+"ransomware_notes","https://github.com/threatlabz/ransomware_notes"
+"rapid7","https://www.rapid7.com/"
+"RaRCE","https://github.com/ignis-sec/CVE-2023-38831-RaRCE"
+"RasmanPotato","https://github.com/crisprss/RasmanPotato"
+"ratchatgpt","https://github.com/spartan-conseil/ratchatpt"
+"ratchatpt","https://github.com/spartan-conseil/ratchatpt"
+"rathole","https://github.com/rapiz1/rathole"
+"rattler","https://github.com/sensepost/rattler"
+"rclone","https://github.com/rclone/rclone"
+"RDE1","https://github.com/g0h4n/RDE1"
+"rderzh VPN Proxy","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"rdp","https://www.microsoft.com/en-us/security/blog/2024/10/29/midnight-blizzard-conducts-large-scale-spear-phishing-campaign-using-rdp-files"
+"RDP Recognizer","https://www.virustotal.com/gui/file/74788c34f3606e482ad28752c14550dc469bb0c04fa72e184a1e457613c2e4f6/details"
+"RDPassSpray","https://github.com/xFreed0m/RDPassSpray"
+"RDPCredentialStealer","https://github.com/S12cybersecurity/RDPCredentialStealer"
+"RDPHijack-BOF","https://github.com/netero1010/RDPHijack-BOF"
+"RDPInception","https://github.com/mdsecactivebreach/RDPInception"
+"rdpscraper","https://github.com/x90skysn3k/rdpscraper"
+"RDPSpray","https://github.com/dafthack/RDPSpray"
+"RdpStrike","https://github.com/0xEr3bus/RdpStrike"
+"RdpThief","https://github.com/0x09AL/RdpThief"
+"rdpv","https://www.nirsoft.net/utils/remote_desktop_password.html"
+"rdpwrap","https://github.com/stascorp/rdpwrap"
+"rdrleakdiag","https://lolbas-project.github.io/lolbas/Binaries/Rdrleakdiag/"
+"RealBlindingEDR","https://github.com/myzxcg/RealBlindingEDR"
+"reaper","https://github.com/MrEmpy/Reaper"
+"reapoc","https://github.com/cckuailong/reapoc"
+"REC2 ","https://github.com/g0h4n/REC2"
+"Recon-AD","https://github.com/outflanknl/Recon-AD"
+"recon-archy","https://github.com/shadawck/recon-archy"
+"reconftw","https://github.com/six2dez/reconftw"
+"RecycledInjector","https://github.com/florylsk/RecycledInjector"
+"Red Panda VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"red_hawk","https://github.com/Tuhinshubhra/RED_HAWK"
+"Red-Baron","https://github.com/byt3bl33d3r/Red-Baron"
+"RedGuard","https://github.com/wikiZ/RedGuard"
+"RedHunt-OS","https://github.com/redhuntlabs/RedHunt-OS"
+"redis-rce","https://github.com/Ridter/redis-rce"
+"RedPeanut","https://github.com/b4rtik/RedPeanut"
+"RedPersist","https://github.com/mertdas/RedPersist"
+"redpill","https://github.com/r00t-3xp10it/redpill"
+"red-python-scripts","https://github.com/davidbombal/red-python-scripts"
+"RedTeam_toolkit","https://github.com/signorrayan/RedTeam_toolkit"
+"RedTeam_toolkit","https://github.com/MayankPandey01/Jira-Lens"
+"RedTeam_Tools_n_Stuff","https://github.com/samkenxstream/SAMkenXCCorePHdLAwiN8SoLr77"
+"Red-Teaming-Toolkit","https://github.com/infosecn1nja/Red-Teaming-Toolkit"
+"red-team-scripts","https://github.com/threatexpress/red-team-scripts"
+"ReelPhish","https://github.com/fireeye/ReelPhish"
+"ReflectiveNtdll","https://github.com/reveng007/ReflectiveNtdll"
+"RefleXXion","https://github.com/hlldz/RefleXXion"
+"reg","https://media.defense.gov/2023/May/24/2003229517/-1/-1/0/CSA_Living_off_the_Land.PDF"
+"reg","https://raw.githubusercontent.com/carlospolop/PEASS-ng/master/winPEAS/winPEASbat/winPEAS.bat"
+"reg","https://github.com/xiaoy-sec/Pentest_Note/blob/52156f816f0c2497c25343c2e872130193acca80/wiki/%E6%9D%83%E9%99%90%E6%8F%90%E5%8D%87/Windows%E6%8F%90%E6%9D%83/RDP%26Firewall/%E5%88%A0%E9%99%A4%E7%97%95%E8%BF%B9.md?plain=1#L4"
+"reg","https://github.com/spicy-bear/Threat-Hunting/blob/2c89b519862672e29547b4db4796caa923044595/95.213.145.101/%D1%81%D0%B8%D1%80/bat/cmd.cmd#L19"
+"reg","https://github.com/spicy-bear/Threat-Hunting/blob/2c89b519862672e29547b4db4796caa923044595/95.213.145.101/%D1%81%D0%B8%D1%80/bat/defendermalwar.bat#L7"
+"reg","https://www.virustotal.com/gui/file/00820a1f0972678cfe7885bc989ab3e5602b0febc96baf9bf3741d56aa374f03/behavior"
+"reg","N/A"
+"reg","https://www.microsoft.com/en-us/security/blog/2022/04/12/tarrask-malware-uses-scheduled-tasks-for-defense-evasion/"
+"reg","https://thedfirreport.com/2024/08/12/threat-actors-toolkit-leveraging-sliver-poshc2-batch-scripts/#c01"
+"reg","https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-347a"
+"reg","https://github.com/ice-wzl/wmiexec2"
+"reg","https://github.com/nathanlopez/Stitch/blob/8e22e91c94237959c02d521aab58dc7e3d994cea/PyLib/disableUAC.py#L8"
+"reg","https://github.com/hak5/omg-payloads/tree/master/payloads/library/credentials/-OMG-Credz-Plz"
+"reg","https://blog.talosintelligence.com/uat-5647-romcom/"
+"reg","https://github.com/gentilkiwi/mimikatz"
+"reg","https://github.com/RoseSecurity/Red-Teaming-TTPs/blob/main/Anti-Forensics.md"
+"reg","https://github.com/spicy-bear/Threat-Hunting/blob/2c89b519862672e29547b4db4796caa923044595/95.213.145.101/%D1%81%D0%B8%D1%80/bat/cmd.cmd#L12"
+"reg","https://github.com/roadwy/DefenderYara/blob/9bbdb7f9fd3513ce30aa69cd1d88830e3cf596ca/Ransom/Win32/Ergop/Ransom_Win32_Ergop_A_.yar#L10"
+"reg","https://github.com/peass-ng/PEASS-ng"
+"reg","https://github.com/Pennyw0rth/NetExec"
+"reGeorg","https://github.com/sensepost/reGeorg"
+"regreeper","https://github.com/tccontre/Reg-Restore-Persistence-Mole"
+"regsvr32","https://www.virustotal.com/gui/file/faca8b6f046dad8f0e27a75fa2dc5477d3ccf44adced64481ef1b0dd968b4b0e/behavior"
+"regsvr32","https://github.com/netbiosX/AMSI-Provider"
+"RemCom","https://github.com/kavika13/RemCom"
+"remoteit","https://github.com/remoteit/installer"
+"remoteit","https://github.com/remoteit/desktop"
+"RemoteKrbRelay","https://github.com/CICADA8-Research/RemoteKrbRelay"
+"remote-method-guesser","https://github.com/qtc-de/remote-method-guesser"
+"remotemoe","https://github.com/fasmide/remotemoe"
+"RemotePC","https://www.remotedesktop.com/"
+"RemotePC","https://remotepc.com/"
+"RemotePipeList","https://github.com/outflanknl/C2-Tool-Collection/tree/main/Other/RemotePipeList"
+"RemotePotato0","https://github.com/antonioCoco/RemotePotato0"
+"RemoteUtilities","https://www.remoteutilities.com/"
+"ren","https://www.pavel.gr/blog/neutralising-amsi-system-wide-as-an-admin"
+"ren","https://github.com/l3m0n/WinPirate"
+"rengine","https://github.com/yogeshojha/rengine"
+"requestbin.net","http://requestbin.net"
+"requests-ntlm","https://pypi.org/project/requests-ntlm/"
+"resocks","https://github.com/RedTeamPentesting/resocks"
+"responder","https://github.com/SpiderLabs/Responder"
+"responder","https://github.com/lgandx/Responder-Windows/"
+"restic","https://github.com/restic/restic"
+"RevengeRAT-Stub-Cssharp","https://github.com/NYAN-x-CAT/RevengeRAT-Stub-Cssharp"
+"reverse-shell-generator","https://github.com/0dayCTF/reverse-shell-generator"
+"reverse-ssh","https://github.com/Fahrj/reverse-ssh"
+"ReverseTCPShell","https://github.com/ZHacker13/ReverseTCPShell"
+"reverse-tunnel","https://github.com/snsinfu/reverse-tunnel"
+"reverst","https://github.com/flipt-io/reverst"
+"Rev-Shell","https://github.com/washingtonP1974/Rev-Shell"
+"revsocks","https://github.com/kost/revsocks"
+"revsocks","https://github.com/emilarner/revsocks"
+"Rhadamanthys","https://github.com/koyaxZ/XWorm-v5-Remote-Access-Tool"
+"RID-Hijacking","https://github.com/STEALTHbits/RIDHijackingProofofConceptKJ"
+"RID-Hijacking","https://github.com/r4wd3r/RID-Hijacking"
+"ridrelay","https://github.com/skorov/ridrelay"
+"RITM","https://github.com/Tw1sm/RITM"
+"rm","N/A"
+"rmdir ","https://github.com/roadwy/DefenderYara/blob/9bbdb7f9fd3513ce30aa69cd1d88830e3cf596ca/Ransom/MSIL/Hakbit/Ransom_MSIL_Hakbit_PA_MTB.yar#L7"
+"rmmod","https://github.com/elastic/detection-rules/blob/main/rules/linux/defense_evasion_kernel_module_removal.toml"
+"ROADtoken","https://github.com/dirkjanm/ROADtoken"
+"ROADtools","https://github.com/dirkjanm/ROADtools"
+"Rock-ON","https://github.com/SilverPoision/Rock-ON"
+"RoguePotato","https://github.com/antonioCoco/RoguePotato"
+"RogueSploit","https://github.com/h0nus/RogueSploit"
+"RogueWinRM","https://github.com/antonioCoco/RogueWinRM"
+"ropfuscator","https://github.com/ropfuscator/ropfuscator"
+"rotateproxy","https://github.com/akkuman/rotateproxy"
+"RottenPotatoNG","https://github.com/breenmachine/RottenPotatoNG"
+"RouterPassView","https://www.nirsoft.net/utils/router_password_recovery.html"
+"routerpasswords.com","https://github.com/RoseSecurity/Red-Teaming-TTPs/blob/main/Linux.md"
+"RouterScan","https://github.com/mustafashykh/router-scan"
+"routersploit","https://github.com/threat9/routersploit"
+"RPC-Backdoor","https://github.com/eladshamir/RPC-Backdoor"
+"rpcclient","https://www.samba.org/samba/docs/current/man-html/rpcclient.1.html"
+"rpivot","https://github.com/klsecservices/rpivot"
+"rsg","https://github.com/mthbernardes/rsg"
+"rshijack","https://github.com/kpcyrd/rshijack"
+"rsocks","https://github.com/tonyseek/rsocks"
+"rsocks","https://github.com/brimstone/rsocks"
+"rsockstun","https://github.com/llkat/rsockstun"
+"rsocx","https://github.com/b23r0/rsocx"
+"rs-shell","https://github.com/BlWasp/rs-shell"
+"rsync","https://attack.mitre.org/techniques/T1105/"
+"Rubeus","https://github.com/rvrsh3ll/Rubeus-Rundll32"
+"Rubeus","https://x.com/_RastaMouse/status/1747636529613197757"
+"Rubeus","https://github.com/GhostPack/Rubeus"
+"Rubeus","https://github.com/jakobfriedl/precompiled-binaries"
+"ruby","https://github.com/RoseSecurity/Red-Teaming-TTPs/blob/main/Linux.md"
+"Rudrastra","https://github.com/SxNade/Rudrastra"
+"ruler","https://github.com/sensepost/ruler"
+"RunasCs","https://github.com/jakobfriedl/precompiled-binaries"
+"RunasCs","https://github.com/antonioCoco/RunasCs/"
+"RunasCs","https://github.com/antonioCoco/RunasCs"
+"RunAsWinTcb","https://github.com/tastypepperoni/RunAsWinTcb"
+"rundll32","N/A"
+"rundll32","https://github.com/SigmaHQ/sigma/blob/master/rules/windows/process_creation/win_meterpreter_or_cobaltstrike_getsystem_service_start.yml"
+"rundll32","https://github.com/MichaelKoczwara/Awesome-CobaltStrike-Defence"
+"RuralBishop","https://github.com/rasta-mouse/RuralBishop"
+"Rust Localtunnels","https://github.com/kaichaosun/rlt"
+"rustcat","https://github.com/robiot/rustcat"
+"RustDesk","https://github.com/rustdesk/rustdesk"
+"Rust-for-Malware-Development","https://github.com/Whitecat18/Rust-for-Malware-Development"
+"RustHound","https://github.com/OPENCYBER-FR/RustHound"
+"RustiveDump","https://github.com/safedv/RustiveDump"
+"Rust-Malware-Samples","https://github.com/Whitecat18/Rust-for-Malware-Development/tree/main/Malware-Samples"
+"RustRedOps","https://github.com/joaoviictorti/RustRedOps"
+"RusVPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"rwxfinder","https://github.com/pwnsauc3/RWXFinder"
+"S3Scanner","https://github.com/sa7mon/S3Scanner"
+"S4UTomato","https://github.com/wh0amitz/S4UTomato"
+"SaferVPN Proxy","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"SafetyDump","https://github.com/riskydissonance/SafetyDump"
+"SafetyKatz","https://github.com/GhostPack/SafetyKatz"
+"saint","https://github.com/tiagorlampert/sAINT"
+"Salsa-tools","https://github.com/Hackplayers/Salsa-tools"
+"samba","https://www.samba.org/samba/docs/old/Samba3-HOWTO/NetCommand.html"
+"samdump","https://github.com/nyxgeek/classic_hacking_tools"
+"samdump2","https://salsa.debian.org/pkg-security-team/samdump2"
+"SamDumpCable","https://github.com/hak5/omg-payloads/tree/master/payloads/library/credentials/SamDumpCable"
+"sam-the-admin","https://github.com/WazeHell/sam-the-admin/tree/main/utils"
+"sandcat","https://github.com/syhunt/sandcat"
+"Sandman","https://github.com/Idov31/Sandman"
+"SAP_GW_RCE_exploit","https://github.com/chipik/SAP_GW_RCE_exploit"
+"saycheese","https://github.com/hangetzzu/saycheese"
+"sc","https://www.virustotal.com/gui/file/00820a1f0972678cfe7885bc989ab3e5602b0febc96baf9bf3741d56aa374f03/behavior"
+"sc","https://twitter.com/splinter_code/status/1715876413474025704"
+"sc","N/A"
+"sc","https://x.com/0gtweet/status/1628720819537936386"
+"sc","https://thedfirreport.com/wp-content/uploads/2023/12/19208-013.png"
+"sc","https://github.com/swagkarna/Defeat-Defender-V1.2.0"
+"sc","https://github.com/spicy-bear/Threat-Hunting/blob/2c89b519862672e29547b4db4796caa923044595/95.213.145.101/%D1%81%D0%B8%D1%80/bat/defendermalwar.bat#L3"
+"sc","https://thedfirreport.com/2024/08/12/threat-actors-toolkit-leveraging-sliver-poshc2-batch-scripts/#c01"
+"sc","https://thedfirreport.com/2023/02/06/collect-exfiltrate-sleep-repeat/"
+"scan4all","https://github.com/hktalent/scan4all"
+"scanless","https://github.com/vesche/scanless"
+"Scanners-Box","https://github.com/We5ter/Scanners-Box"
+"ScareCrow","https://github.com/optiv/ScareCrow"
+"sccmdecryptpoc","https://gist.github.com/xpn/5f497d2725a041922c427c3aaa3b37d1"
+"sccmhunter","https://github.com/garrettfoster13/sccmhunter"
+"SCCMSecrets","https://github.com/synacktiv/SCCMSecrets"
+"ScheduleRunner","https://github.com/netero1010/ScheduleRunner"
+"SchTask_0x727","https://github.com/0x727/SchTask_0x727"
+"schtasks","N/A"
+"schtasks","https://www.trellix.com/blogs/research/cactus-ransomware-new-strain-in-the-market/"
+"schtasks","https://thedfirreport.com/2024/08/12/threat-actors-toolkit-leveraging-sliver-poshc2-batch-scripts/#c01"
+"SCMUACBypass","https://github.com/rasta-mouse/SCMUACBypass"
+"SCMUACBypass","https://github.com/jakobfriedl/precompiled-binaries"
+"SCOMDecrypt","https://github.com/nccgroup/SCOMDecrypt"
+"scp","https://attack.mitre.org/techniques/T1105/"
+"ScreenConnect","screenconnect.com"
+"ScreenConnect","https://thedfirreport.com/2023/09/25/from-screenconnect-to-hive-ransomware-in-61-hours/"
+"ScreenConnect","https://screenconnect.connectwise.com/download"
+"ScriptBlock-Smuggling","https://github.com/BC-SECURITY/ScriptBlock-Smuggling"
+"ScriptSentry","https://github.com/techspence/ScriptSentry"
+"scshell","https://github.com/Mr-Un1k0d3r/SCShell"
+"sdelete","https://learn.microsoft.com/en-us/sysinternals/downloads/sdelete"
+"Seatbelt","https://github.com/jakobfriedl/precompiled-binaries"
+"seatbelt","https://github.com/GhostPack/Seatbelt"
+"SecLists","https://github.com/danielmiessler/SecLists"
+"secretfinder","https://github.com/m4ll0k/SecretFinder"
+"secretsdump","https://github.com/fortra/impacket"
+"secretsdump","https://github.com/fin3ss3g0d/secretsdump.py"
+"SecretServerSecretStealer","https://github.com/denandz/SecretServerSecretStealer"
+"SecScanC2","https://github.com/T1esh0u/SecScanC2"
+"securesocketfunneling","https://securesocketfunneling.github.io/ssf/#home"
+"security-onion","https://github.com/Security-Onion-Solutions/security-onion"
+"sed","N/A"
+"SeeYouCM-Thief","https://github.com/trustedsec/SeeYouCM-Thief"
+"SeManageVolumeExploit","https://github.com/CsEnox/SeManageVolumeExploit"
+"send.exploit.in","https://www.cisa.gov/sites/default/files/publications/aa22-321a_joint_csa_stopransomware_hive.pdf"
+"sendspace.com","https://twitter.com/mthcht/status/1660953897622544384"
+"SentinelAgent","https://gist.github.com/adamsvoboda/8e248c6b7fb812af5d04daba141c867e"
+"serveo.net","https://serveo.net"
+"ServerlessRedirector","https://github.com/KINGSABRI/ServerlessRedirector"
+"SessionExec","https://github.com/Leo4j/SessionExec"
+"SessionGopher","https://github.com/Arvanaghi/SessionGopher"
+"SessionSearcher","https://github.com/matterpreter/OffensiveCSharp/tree/master/SessionSearcher"
+"set","N/A"
+"set","https://tria.ge/240617-mn75pa1cnl/behavioral2/analog?proc=87"
+"SetACL","https://helgeklein.com/download/"
+"Set-EtwTraceProvider","N/A"
+"Seth","https://github.com/SySS-Research/Seth"
+"SetProcessInjection","https://github.com/OtterHacker/SetProcessInjection"
+"setspn","https://thedfirreport.com/2024/04/29/from-icedid-to-dagon-locker-ransomware-in-29-days/"
+"setspn","https://github.com/b401/Wiki/blob/main/Security/Windows/AD/enumeration.md?plain=1"
+"SetupVPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"sftp","https://attack.mitre.org/techniques/T1105/"
+"sgn","https://github.com/EgeBalci/sgn"
+"ShadowForgeC2","https://github.com/0xEr3bus/ShadowForgeC2"
+"shadowsocks","https://github.com/shadowsocks/shadowsocks-windows"
+"shadowsocks","https://github.com/shadowsocks/shadowsocks-rust"
+"ShadowSpray","https://github.com/ShorSec/ShadowSpray"
+"ShadowSpray","https://github.com/Dec0ne/ShadowSpray"
+"ShadowStealer","https://github.com/xelroth/ShadowStealer"
+"share.riseup.net","https://share.riseup.net"
+"ShareAudit","https://github.com/dionach/ShareAudit"
+"SharpADWS","https://github.com/wh0amitz/SharpADWS"
+"SharpAppLocker","https://github.com/Flangvik/SharpAppLocker"
+"SharpAzbelt","https://github.com/redskal/SharpAzbelt"
+"SharpBlackout","https://github.com/dmcxblue/SharpBlackout"
+"SharpBlock","https://github.com/CCob/SharpBlock"
+"SharpBruteForceSSH","https://github.com/HernanRodriguez1/SharpBruteForceSSH"
+"SharpBuster","https://github.com/passthehashbrowns/SharpBuster"
+"SharpC2","https://github.com/rasta-mouse/SharpC2"
+"SharpChrome","https://github.com/jakobfriedl/precompiled-binaries"
+"SharpChromium","https://github.com/djhohnstein/SharpChromium"
+"SharpClipHistory","https://github.com/FSecureLABS/SharpClipHistory"
+"SharpCloud","https://github.com/chrismaddalena/SharpCloud"
+"sharpcollection","https://github.com/Flangvik/SharpCollection"
+"SharpCOM","https://github.com/rvrsh3ll/SharpCOM"
+"SharpCookieMonster","https://github.com/m0rv4i/SharpCookieMonster"
+"SharpDecryptPwd","https://github.com/RowTeam/SharpDecryptPwd"
+"SharpDllProxy","https://github.com/Flangvik/SharpDllProxy"
+"SharpDomainSpray","https://github.com/HunnicCyber/SharpDomainSpray"
+"SharpDoor","https://github.com/infosecn1nja/SharpDoor"
+"SharpDPAPI","https://github.com/jakobfriedl/precompiled-binaries"
+"SharpDPAPI","https://github.com/GhostPack/SharpDPAPI"
+"SharpDump","https://github.com/GhostPack/SharpDump"
+"SharpDXWebcam","https://github.com/snovvcrash/SharpDXWebcam"
+"SharpEdge","https://github.com/rvrsh3ll/SharpEdge"
+"SharpEDRChecker","https://github.com/PwnDexter/SharpEDRChecker"
+"SharpEfsPotato","https://github.com/jakobfriedl/precompiled-binaries"
+"SharpEfsPotato","https://github.com/bugch3ck/SharpEfsPotato"
+"SharpElevator","https://github.com/eladshamir/SharpElevator"
+"SharPersist","https://github.com/fireeye/SharPersist"
+"SharpEventPersist","https://github.com/improsec/SharpEventPersist"
+"SharpExfiltrate","https://github.com/Flangvik/SharpExfiltrate"
+"SharpFtpC2","https://github.com/DarkCoderSc/SharpFtpC2"
+"SharpGhostTask","https://github.com/dmcxblue/SharpGhostTask"
+"SharpGmailC2","https://github.com/reveng007/SharpGmailC2"
+"SharpGpo","https://github.com/jakobfriedl/precompiled-binaries"
+"SharpGPOAbuse","https://github.com/jakobfriedl/precompiled-binaries"
+"SharpGPOAbuse","https://github.com/FSecureLABS/SharpGPOAbuse"
+"SharpHide","https://github.com/outflanknl/SharpHide"
+"SharpHose","https://github.com/ustayready/SharpHose"
+"sharphound","https://thedfirreport.com/2024/08/26/blacksuit-ransomware/"
+"SharpHound","https://github.com/jakobfriedl/precompiled-binaries"
+"sharphound","https://github.com/BloodHoundAD/SharpHound"
+"SharpIncrease","https://github.com/mertdas/SharpIncrease"
+"SharpKatz","https://github.com/jakobfriedl/precompiled-binaries"
+"SharpKiller","https://github.com/S1lkys/SharpKiller"
+"SharpLAPS","https://github.com/swisskyrepo/SharpLAPS"
+"SharpLAPS","https://github.com/jakobfriedl/precompiled-binaries"
+"SharpLDAP","https://github.com/mertdas/SharpLDAP"
+"SharpLdapRelayScan","https://github.com/klezVirus/SharpLdapRelayScan"
+"SharpLogger","https://github.com/djhohnstein/SharpLogger"
+"Sharpmad","https://github.com/jakobfriedl/precompiled-binaries"
+"SharpMove","https://github.com/jakobfriedl/precompiled-binaries"
+"SharpNoPSExec","https://github.com/juliourena/SharpNoPSExec"
+"SharpOxidResolver","https://github.com/S3cur3Th1sSh1t/SharpOxidResolver"
+"SharpPack","https://github.com/mdsecactivebreach/SharpPack"
+"SharpPack","https://github.com/Lexus89/SharpPack"
+"SharpPersistSD","https://github.com/cybersectroll/SharpPersistSD"
+"SharpPrintNightmare","https://github.com/cube0x0/CVE-2021-1675"
+"SharpRDP","https://github.com/jakobfriedl/precompiled-binaries"
+"SharpRDP","https://github.com/0xthirteen/SharpRDP"
+"SharpRDPHijack","https://github.com/bohops/SharpRDPHijack"
+"SharpRDPThief","https://github.com/passthehashbrowns/SharpRDPThief"
+"SharpRODC","https://github.com/wh0amitz/SharpRODC"
+"SharpSC","https://github.com/djhohnstein/SharpSC"
+"SharpSCCM","https://github.com/Mayyhem/SharpSCCM/"
+"SharpSCCM","https://github.com/jakobfriedl/precompiled-binaries"
+"SharpSecDump","https://github.com/G0ldenGunSec/SharpSecDump"
+"SharpShares","https://github.com/mitchmoser/SharpShares"
+"SharpShares","https://github.com/Hackcraft-Labs/SharpShares"
+"SharpShellPipe","https://github.com/DarkCoderSc/SharpShellPipe"
+"SharpShooter","https://github.com/mdsecactivebreach/SharpShooter"
+"SharpSocks","https://github.com/nettitude/SharpSocks"
+"SharpSploit","https://github.com/cobbr/SharpSploit"
+"SharpSploitConsole","https://github.com/anthemtotheego/SharpSploitConsole"
+"SharpSpray","https://github.com/jnqpblc/SharpSpray"
+"SharpSpray","https://github.com/iomoath/SharpSpray"
+"SharpSQL","https://github.com/jakobfriedl/precompiled-binaries"
+"SharpSQLPwn","https://github.com/lefayjey/SharpSQLPwn"
+"SharpSSDP","https://github.com/rvrsh3ll/SharpSSDP"
+"SharpStay","https://github.com/0xthirteen/SharpStay"
+"Sharp-Suite","https://github.com/FuzzySecurity/Sharp-Suite"
+"SharpSword","https://github.com/OG-Sadpanda/SharpSword"
+"SharpSystemTriggers","https://github.com/cube0x0/SharpSystemTriggers"
+"SharpTerminator","https://github.com/mertdas/SharpTerminator"
+"SharpThief","https://github.com/INotGreen/SharpThief"
+"SharpToken","https://github.com/BeichenDream/SharpToken"
+"SharpUnhooker","https://github.com/GetRektBoy724/SharpUnhooker"
+"SharpUp","https://github.com/jakobfriedl/precompiled-binaries"
+"SharpUp","https://github.com/GhostPack/SharpUp"
+"SharpVeeamDecryptor","https://github.com/S3cur3Th1sSh1t/SharpVeeamDecryptor"
+"SharpView","https://github.com/tevora-threat/SharpView/"
+"SharpView","https://github.com/jakobfriedl/precompiled-binaries"
+"SharpWSUS","https://github.com/nettitude/SharpWSUS"
+"SharPyShell","https://github.com/antonioCoco/SharPyShell"
+"shell","N/A"
+"shell","https://github.com/SigmaHQ/sigma/blob/master/rules/linux/lnx_shell_susp_rev_shells.yml"
+"shell","https://attack.mitre.org/techniques/T1562/001/"
+"Shell3er","https://github.com/yehia-mamdouh/Shell3er/blob/main/Shell3er.ps1"
+"Shell3er","https://github.com/yehia-mamdouh/Shell3er"
+"Shellcode-Downloader-CreateThread-Execution","https://github.com/VirtualAlllocEx/Shellcode-Downloader-CreateThread-Execution"
+"Shellcode-Hide","https://github.com/TheD1rkMtr/Shellcode-Hide"
+"Shellcode-Loader","https://github.com/ReversingID/Shellcode-Loader"
+"shellcodetester","https://github.com/helviojunior/shellcodetester"
+"ShellGen","https://github.com/Leo4j/ShellGen"
+"ShellGhost","https://github.com/lem0nSec/ShellGhost"
+"ShellPop","https://github.com/0x00-0x00/ShellPop"
+"ShellServe","https://github.com/7etsuo/ShellServe"
+"shellsilo","https://github.com/nixpal/shellsilo"
+"ShellSync","https://github.com/I-Am-Jakoby/ShellSync"
+"Shhhloader","https://github.com/icyguider/Shhhloader"
+"shhmon","https://github.com/matterpreter/Shhmon"
+"ShimDB","https://github.com/jackson5sec/ShimDB"
+"ShimMe","https://github.com/deepinstinct/ShimMe"
+"shodan.io","https://www.shodan.io/"
+"Shoggoth","https://github.com/frkngksl/Shoggoth"
+"shootback","https://github.com/aploium/shootback"
+"shred","N/A"
+"shred","https://github.com/elastic/detection-rules/blob/main/rules/linux/defense_evasion_file_deletion_via_shred.toml"
+"Shredder","https://www.fileshredder.org/"
+"ShuckNT","https://github.com/yanncam/ShuckNT"
+"shutter","https://github.com/dsnezhkov/shutter"
+"Shwmae","https://github.com/CCob/Shwmae"
+"SigmaPotato","https://github.com/tylerdotrar/SigmaPotato"
+"SignToolEx","https://github.com/hackerhouse-opensource/SignToolEx"
+"SigPloit","https://github.com/SigPloiter/SigPloit"
+"SilentCryptoMiner","https://github.com/UnamSanctam/SilentCryptoMiner"
+"SilentHound","https://github.com/layer8secure/SilentHound"
+"SilentMoonwalk","https://github.com/klezVirus/SilentMoonwalk"
+"silenttrinity","https://github.com/byt3bl33d3r/SILENTTRINITY"
+"SillyRAT","https://github.com/hash3liZer/SillyRAT"
+"SimpleBackdoorAdmin","https://github.com/jakobfriedl/precompiled-binaries"
+"SimpleHelp","simple-help.com"
+"simplehttpserver","https://docs.python.org/2/library/simplehttpserver.html"
+"SimpleNTSyscallFuzzer","https://github.com/waleedassar/SimpleNTSyscallFuzzer"
+"Simple-Reverse-Shell","https://github.com/tihanyin/Simple-Reverse-Shell/"
+"SimplyEmail","https://github.com/SimplySecurity/SimplyEmail"
+"SingleDose","https://github.com/Wra7h/SingleDose"
+"S-inject","https://github.com/Joe1sn/S-inject"
+"SirepRAT","https://github.com/SafeBreach-Labs/SirepRAT"
+"SirTunnel","https://github.com/anderspitman/SirTunnel"
+"sish","https://github.com/antoniomika/sish"
+"Sitadel","https://github.com/shenril/Sitadel"
+"skymen.info","https://www.skymem.info"
+"slack","https://github.com/mthcht/Purpleteam/blob/main/Detection/Threat%20Hunting/generic/C2_abusing_API_services.md"
+"Slackor","https://github.com/Coalfire-Research/Slackor"
+"SlinkyCat","https://github.com/LaresLLC/SlinkyCat"
+"slip","https://github.com/0xless/slip"
+"sliver","https://github.com/trustedsec/SliverKeylogger"
+"sliver","https://github.com/BishopFox/sliver"
+"smartbrute","https://github.com/ShutdownRepo/smartbrute"
+"SmashedPotato","https://github.com/Cn33liz/SmashedPotato"
+"smbcrawler","https://github.com/SySS-Research/smbcrawler"
+"SMBCrunch","https://github.com/Raikia/SMBCrunch"
+"SMBeagle","https://github.com/punk-security/SMBeagle"
+"SMBetray","https://github.com/quickbreach/SMBetray"
+"SMBGhost","https://github.com/ollypwn/SMBGhost"
+"SMBGhost_RCE_PoC","https://github.com/chompie1337/SMBGhost_RCE_PoC"
+"smbmap","https://github.com/ShawnDEvans/smbmap"
+"smb-reverse-shell","https://github.com/r1cksec/smb-reverse-shell"
+"smbscan","https://github.com/jeffhacks/smbscan"
+"smb-scanner","https://github.com/TechnicalMujeeb/smb-scanner"
+"smbsr","https://github.com/oldboy21/SMBSR"
+"Smbtouch-Scanner","https://github.com/3gstudent/Smbtouch-Scanner"
+"SMBTrap","https://github.com/cylance/SMBTrap"
+"smc","https://github.com/3CORESec/MAL-CL/tree/master/Descriptors/Antivirus/Symantec%20Endpoint%20Protection#threat-actor-ops-taops"
+"SMShell","https://github.com/persistent-security/SMShell"
+"smtp-user-enum","https://pentestmonkey.net/tools/user-enumeration/smtp-user-enum"
+"smuggler.py","https://github.com/infosecn1nja/red-team-scripts/blob/main/smuggler.py"
+"Sn1per","https://github.com/1N3/Sn1per"
+"Snaffler","https://github.com/SnaffCon/Snaffler"
+"SnaffPoint","https://github.com/nheiniger/SnaffPoint"
+"snallygaster","https://github.com/hannob/snallygaster"
+"SniffAir","https://github.com/Tylous/SniffAir"
+"sniffer","https://github.com/chenjiandongx/sniffer"
+"sniffglue","https://github.com/kpcyrd/sniffglue"
+"SniffPass","https://www.nirsoft.net/utils/password_sniffer.html"
+"snmpcheck","http://www.nothink.org/codes/snmpcheck/index.php"
+"snmpwalk","https://wiki.debian.org/SNMP"
+"snmpwn","https://github.com/hatlord/snmpwn"
+"SOAPHound","https://github.com/FalconForceTeam/SOAPHound"
+"socat","https://x.com/CraigHRowland/status/1821176342999921040"
+"socat","N/A"
+"socat","https://linuxfr.org/news/socat-un-outil-en-ligne-de-commande-pour-maitriser-vos-sockets"
+"socat","https://github.com/RoseSecurity/Red-Teaming-TTPs/blob/main/Linux.md"
+"socat","https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Reverse%20Shell%20Cheatsheet.md"
+"Social VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"SocialBox-Termux","https://github.com/umeshshinde19/instainsane"
+"SocialBox-Termux","https://raw.githubusercontent.com/Sup3r-Us3r/scripts/master/fb-brute.pl"
+"SocialBox-Termux","https://github.com/samsesh/SocialBox-Termux"
+"SocialBox-Termux","https://github.com/Ha3MrX/Gemail-Hack"
+"SocialBox-Termux","https://github.com/samsesh/insta-bf"
+"social-engineer-toolkit","https://github.com/trustedsec/social-engineer-toolkit"
+"SocialPwned","https://github.com/MrTuxx/SocialPwned"
+"SoftEtherVPN","https://github.com/SoftEtherVPN/SoftEtherVPN"
+"softperfect networkscanner","https://www.softperfect.com/products/networkscanner/"
+"softperfect networkscanner","https://www.softperfect.com.cach3.com/board/read.php%3F12,10134,12202.html"
+"SomalifuscatorV2","https://github.com/KDot227/SomalifuscatorV2"
+"Soul VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"SpaceRunner","https://github.com/Mr-B0b/SpaceRunner"
+"SpamChannel","https://github.com/byt3bl33d3r/SpamChannel"
+"Spartacus","https://github.com/Accenture/Spartacus"
+"specula","https://github.com/trustedsec/specula"
+"spellbound","https://github.com/mhuzaifi0604/spellbound"
+"spiderfoot","https://www.spiderfoot.net/"
+"spinningteacup","https://github.com/trustedsec/The_Shelf"
+"Splashtop","https://thedfirreport.com/2023/09/25/from-screenconnect-to-hive-ransomware-in-61-hours/"
+"Splashtop","https://ruler-project.github.io/ruler-project/RULER/remote/Splashtop/"
+"Splashtop","https://hybrid-analysis.com/sample/18c10b0235bd341e065ac5c53ca04b68eaeacd98a120e043fb4883628baf644e/6267eb693836e7217b1a3c72"
+"SplunkWhisperer2","https://github.com/cnotin/SplunkWhisperer2"
+"spoofing-office-macro","https://github.com/christophetd/spoofing-office-macro"
+"SpookFlare","https://github.com/hlldz/SpookFlare"
+"SpoolFool","https://github.com/ly4k/SpoolFool"
+"spoolsploit","https://github.com/BeetleChunks/SpoolSploit"
+"Spray365","https://github.com/MarkoH17/Spray365"
+"spraycharles","https://github.com/Tw1sm/spraycharles"
+"sprayhound","https://github.com/Hackndo/sprayhound"
+"SprayingToolkit","https://github.com/byt3bl33d3r/SprayingToolkit"
+"spraykatz","https://github.com/aas-n/spraykatz"
+"Spring4Shell","https://github.com/reznok/Spring4Shell-POC"
+"Spring4Shell","https://github.com/TheGejr/SpringShell"
+"Spring4Shell","https://github.com/BobTheShoplifter/Spring4Shell-POC"
+"Spring4Shell","https://github.com/DDuarte/springshell-rce-poc"
+"SpringCore0day","https://github.com/craig/SpringCore0day"
+"spring-core-rce","https://github.com/Mr-xn/spring-core-rce"
+"sqli-labs","https://github.com/Audi-1/sqli-labs"
+"sqlipy","https://github.com/codewatchorg/sqlipy"
+"SQLiScanner","https://github.com/0xbug/SQLiScanner"
+"sqlmap","https://github.com/sqlmapproject/sqlmap"
+"SQLmate","https://github.com/s0md3v/sqlmate"
+"sqlninja","http://sqlninja.sourceforge.net/"
+"SQLRecon","https://github.com/skahwah/SQLRecon"
+"sRDI","https://github.com/monoxgas/sRDI"
+"ss","N/A"
+"ssfd","https://github.com/securesocketfunneling/ssf"
+"ssh","https://x.com/mthcht/status/1827714529687658796"
+"ssh","https://x.com/0x64616e/status/1817149974724956286"
+"ssh","https://github.com/ossec/ossec-hids/blob/master/etc/rules/sshd_rules.xml"
+"sshamble","https://github.com/runZeroInc/sshamble"
+"sshame","https://github.com/HynekPetrak/sshame"
+"ssh-auditor","https://github.com/ncsa/ssh-auditor"
+"sshdoor","https://web-assets.esetstatic.com/wls/2018/12/ESET-The_Dark_Side_of_the_ForSSHe.pdf"
+"sshimpanzee","https://github.com/lexfo/sshimpanzee"
+"SSH-J.com","https://bitbucket.org/ValdikSS/dropbear-sshj/src/master/"
+"sshLooterC","https://github.com/mthbernardes/sshLooterC"
+"ssh-mitm","https://github.com/jtesta/ssh-mitm"
+"SSH-PuTTY-login-bruteforcer","https://github.com/InfosecMatter/SSH-PuTTY-login-bruteforcer"
+"SSH-Snake","https://github.com/MegaManSec/SSH-Snake"
+"sshtunnel","https://github.com/pahaz/sshtunnel"
+"sshuttle","https://github.com/sshuttle/sshuttle"
+"sshx","https://github.com/ekzhang/sshx"
+"sslip.io","https://github.com/cunnie/sslip.io"
+"sslstrip","https://github.com/moxie0/sslstrip"
+"SspiUacBypass","https://github.com/antonioCoco/SspiUacBypass"
+"SSRFmap","https://github.com/swisskyrepo/SSRFmap"
+"StackCrypt","https://github.com/TheD1rkMtr/StackCrypt"
+"StandIn","https://github.com/FuzzySecurity/StandIn"
+"staqlab-tunnel","https://github.com/cocoflan/Staqlab-tunnel"
+"Stardust","https://github.com/Cracked5pider/Stardust"
+"statistically-likely-usernames","https://github.com/insidetrust/statistically-likely-usernames"
+"StayKit","https://github.com/0xthirteen/StayKit"
+"StealDhcpSecrets","https://github.com/gtworek/PSBits/tree/master/PasswordStealing/DHCP"
+"Sticky-Keys-Slayer","https://github.com/linuz/Sticky-Keys-Slayer"
+"Stompy","https://github.com/ZephrFish/Stompy"
+"stowaway","https://github.com/ph4ntonn/Stowaway"
+"Striker","https://github.com/s0md3v/Striker"
+"Striker","https://github.com/4g3nt47/Striker"
+"stunnel","https://www.stunnel.org/index.html"
+"subbrute","https://github.com/TheRook/subbrute"
+"subfinder","https://github.com/subfinder/subfinder"
+"Sublist3r","https://github.com/aboul3la/Sublist3r"
+"Suborner","https://github.com/r4wd3r/Suborner"
+"sudo","N/A"
+"sudo","https://www.tiraniddo.dev/2024/02/sudo-on-windows-quick-rundown.html"
+"sudo","https://github.com/RoseSecurity/Red-Teaming-TTPs/blob/main/Linux.md"
+"sudo_inject","https://github.com/nongiach/sudo_inject"
+"SUDO_KILLER","https://github.com/TH3xACE/SUDO_KILLER"
+"sudoers","N/A"
+"Sudomy","https://github.com/screetsec/Vegile"
+"Sudomy","https://github.com/screetsec/Sudomy"
+"sudoSnatch","https://github.com/hak5/omg-payloads/tree/master/payloads/library/credentials/SudoSnatch"
+"SUID3NUM","https://github.com/Anon-Exploiter/SUID3NUM"
+"SunCrypt","https://github.com/rivitna/Malware"
+"suo5","https://github.com/zema1/suo5"
+"Supernova","https://github.com/nickvourd/Supernova"
+"supershell","https://github.com/tdragon6/Supershell"
+"Supremo","https://www.supremocontrol.com"
+"Surf VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"sVPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"SwampThing","https://github.com/FuzzySecurity/Sharp-Suite/tree/master/SwampThing"
+"SweetPotato","https://github.com/CCob/SweetPotato"
+"Synergy-httpx","https://github.com/t3l3machus/Synergy-httpx"
+"sysctl","https://github.com/bdamele/icmpsh"
+"SysJoker","https://www.intezer.com/blog/malware-analysis/new-backdoor-sysjoker/"
+"sysmonquiet","https://github.com/ScriptIdiot/SysmonQuiet"
+"SystemBC","https://github.com/Leeon123/Python3-botnet"
+"systemctl","https://attack.mitre.org/techniques/T1562/001/"
+"systeminfo","https://thedfirreport.com/2024/08/26/blacksuit-ransomware/"
+"SysWhispers3","https://github.com/klezVirus/SysWhispers3"
+"t14m4t","https://github.com/MS-WEB-BN/t14m4t"
+"tacticalrmm","https://github.com/amidaware/tacticalrmm"
+"tailscale","https://github.com/tailscale/tailscale"
+"TakeMyRDP","https://github.com/TheD1rkMtr/TakeMyRDP"
+"TakeMyRDP","https://github.com/nocerainfosec/TakeMyRDP2.0"
+"takeown","https://www.pavel.gr/blog/neutralising-amsi-system-wide-as-an-admin"
+"takeown","https://github.com/l3m0n/WinPirate"
+"takeown","https://github.com/ice-wzl/wmiexec2"
+"targetedKerberoast","https://github.com/ShutdownRepo/targetedKerberoast"
+"TartarusGate","https://github.com/trickster0/TartarusGate"
+"taskkill","https://thedfirreport.com/2024/08/12/threat-actors-toolkit-leveraging-sliver-poshc2-batch-scripts/#c01"
+"taskkill","https://x.com/malmoeb/status/1741114854037987437"
+"taskkill","https://badoption.eu/blog/2024/03/23/cortex.html"
+"taskkill","https://github.com/TheParmak/conti-leaks-englished/blob/45d49307f347aff10e0f088af25142f8929b4c4f/anonfile_dumps/31.txt#L236"
+"tasklist","N/A"
+"tasklist","https://github.com/ice-wzl/wmiexec2"
+"tasklist",""
+"Taskmgr","https://learn.microsoft.com/en-us/sysinternals/downloads/procdump"
+"Tchopper","https://github.com/lawrenceamer/Tchopper"
+"tcpdump","http://www.tcpdump.org/"
+"tcpreplay","https://tcpreplay.appneta.com/"
+"TDSKiller","https://www.majorgeeks.com/files/details/kaspersky_tdsskiller.html"
+"TeamFiltration","https://github.com/Flangvik/TeamFiltration"
+"teams_dump","https://github.com/byinarie/teams_dump"
+"teamsphisher","https://github.com/Octoberfest7/TeamsPhisher"
+"teamstracker","https://github.com/nyxgeek/teamstracker"
+"teamviewer","https://www.teamviewer.com/"
+"telebit.cloud","https://telebit.cloud/"
+"telegram","api.telegram.org"
+"TelegramRAT","https://github.com/machine1337/TelegramRAT"
+"Telemetry","https://github.com/Imanfeng/Telemetry"
+"telnet","https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Reverse%20Shell%20Cheatsheet.md"
+"telnet","https://github.com/SigmaHQ/sigma/blob/master/rules/linux/lnx_apt_equationgroup_lnx.yml"
+"temp.sh","https://twitter.com/mthcht/status/1660953897622544384"
+"temp-mail","temp-mail.org"
+"tempsend.com","https://twitter.com/mthcht/status/1660953897622544384"
+"Termite","https://github.com/rootkiter/Binary-files/tree/212c43b40e2e4c2e2703400caaa732557b6080a4"
+"tetanus","https://github.com/MythicAgents/tetanus"
+"textbin.net","textbin.net"
+"TGSThief","https://github.com/MzHmO/TGSThief"
+"TGT_Monitor","https://github.com/Leo4j/TGT_Monitor"
+"thc-hydra","https://github.com/vanhauser-thc/thc-hydra"
+"the-backdoor-factory","https://github.com/secretsquirrel/the-backdoor-factory"
+"TheFatRat","https://github.com/Screetsec/TheFatRat"
+"theHarvester","https://github.com/laramies/theHarvester"
+"themebleed","https://github.com/gabe-k/themebleed"
+"ThievingFox","https://github.com/Slowerzs/ThievingFox"
+"ThisIsNotRat","https://github.com/RealBey/ThisIsNotRat"
+"thoth","https://github.com/r1cksec/thoth"
+"ThreadlessInject","https://github.com/CCob/ThreadlessInject"
+"Thread-Pool-Injection-PoC","https://github.com/Uri3n/Thread-Pool-Injection-PoC"
+"ThreatCheck","https://github.com/rasta-mouse/ThreatCheck"
+"Throwback","https://github.com/silentbreaksec/Throwback"
+"Thunder Proxy","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"ThunderDNS","https://github.com/fbkcs/ThunderDNS"
+"ThunderShell","https://github.com/Mr-Un1k0d3r/ThunderShell"
+"ticket_converter","https://github.com/zer1t0/ticket_converter"
+"tightvnc","https://www.tightvnc.com"
+"TimeException","https://github.com/bananabr/TimeException"
+"Timeroast","https://github.com/SecuraBV/Timeroast"
+"TinyMet","https://github.com/SherifEldeeb/TinyMet"
+"tir_blanc_holiseum","https://www.holiseum.com/services/auditer/tir-a-blanc-ransomware"
+"tmate","https://github.com/tmate-io/tmate-ssh-server"
+"tmate","https://github.com/tmate-io/tmate"
+"tmpfiles.org","N/A"
+"tmpwatch","https://linux.die.net/man/8/tmpwatch"
+"TokenFinder","https://github.com/doredry/TokenFinder"
+"Token-Impersonation","https://github.com/Leo4j/Token-Impersonation"
+"TokenPlayer","https://github.com/S1ckB0y1337/TokenPlayer"
+"TokenStealer","https://github.com/decoder-it/TokenStealer"
+"TokenTactics","https://github.com/rvrsh3ll/TokenTactics"
+"TokenTacticsV2","https://github.com/f-bader/TokenTacticsV2"
+"TokenUniverse","https://github.com/diversenok/TokenUniverse"
+"Tokenvator","https://github.com/0xbadjuju/Tokenvator"
+"Tool-PassView","https://www.nirsoft.net/password_recovery_tools.html"
+"Tool-X","https://github.com/rajkumardusad/Tool-X"
+"tor","https://github.com/r0oth3x49/Tor"
+"tor","https://deb.torproject.org/torproject.org/"
+"tor2web","https://github.com/tor2web/Tor2web"
+"ToRat","https://github.com/lu4p/ToRat"
+"torproject","torproject.org"
+"TorPylle","https://github.com/cea-sec/TorPylle"
+"TotalRecall","https://github.com/xaitax/TotalRecall"
+"touch","https://github.com/elastic/detection-rules/blob/main/rules/linux/defense_evasion_timestomp_touch.toml"
+"Touch VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"tplmap","https://github.com/epinna/tplmap"
+"trackerjacker","https://github.com/calebmadrigal/trackerjacker"
+"traitor","https://github.com/liamg/traitor"
+"transfer.sh","https://twitter.com/mthcht/status/1660953897622544384"
+"transfer.sh","https://medium.com/checkmarx-security/python-obfuscation-traps-1acced941375"
+"transfert-my-files.com","https://twitter.com/mthcht/status/1660953897622544384"
+"translate.goog","https://*-com.translate.goog/*"
+"Trellonet","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"trevorc2","https://github.com/trustedsec/trevorc2"
+"TREVORspray","https://github.com/blacklanternsecurity/TREVORspray"
+"TrickDump","https://github.com/ricardojoserf/TrickDump"
+"tricky.lnk","https://github.com/xillwillx/tricky.lnk"
+"TripleCross","https://github.com/h3xduck/TripleCross"
+"TrueSocks","https://github.com/c0dn/truesocks_rs"
+"truffleHog","https://github.com/dxa4481/truffleHog"
+"tsh","https://github.com/creaktive/tsh"
+"tsh-go","https://github.com/CykuTW/tsh-go"
+"Tsunami","https://github.com/trustedsec/The_Shelf"
+"tun2socks","https://github.com/xjasonlyu/tun2socks"
+"tunnel","https://gitlab.com/pyjam.as/tunnel"
+"tunnel","https://github.com/koding/tunnel"
+"tunnel.pyjam.as","https://gitlab.com/pyjam.as/tunnel"
+"TunnelBear VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"tunneller","https://github.com/skx/tunneller"
+"Tunnello VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"tunnelmole-client","https://github.com/robbie-cahill/tunnelmole-client/"
+"tunnelto.dev","https://github.com/agrinman/tunnelto"
+"TunnelVision","https://github.com/leviathansecurity/TunnelVision"
+"tunwg","https://github.com/ntnj/tunwg"
+"Turbo VPN for PC","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"twittor","https://github.com/PaulSec/twittor"
+"UACME","https://github.com/hfiref0x/UACME"
+"udmp-parser","https://github.com/0vercl0k/udmp-parser"
+"ufile.io","https://ufile.io"
+"UFONet","https://github.com/epsylon/ufonet"
+"Ultrareach VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"UltraVNC","https://uvnc.com/downloads/ultravnc.html"
+"Unblock Websites","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"unDefender","https://github.com/APTortellini/unDefender"
+"undertheradar","https://github.com/g3tsyst3m/undertheradar"
+"UnhookingPatch","https://github.com/TheD1rkMtr/UnhookingPatch"
+"UnhookingPatch","https://github.com/SaadAhla/UnhookingPatch"
+"UniByAv","https://github.com/Mr-Un1k0d3r/UniByAv"
+"unicorn","https://github.com/trustedsec/unicorn"
+"Universal Virus Sniffer","https://www.majorgeeks.com/files/details/universal_virus_sniffer.html"
+"UniversalDVC","https://github.com/earthquake/UniversalDVC"
+"Unlimited VPN & Proxy by ibVPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"UnlinkDLL","https://github.com/frkngksl/UnlinkDLL"
+"UnmanagedPowerShell","https://github.com/leechristensen/UnmanagedPowerShell"
+"UnquotedPath","https://github.com/matterpreter/OffensiveCSharp/tree/master/UnquotedPath"
+"unset","N/A"
+"unset","https://rosesecurity.gitbook.io/red-teaming-ttps/linux"
+"unset","https://github.com/hak5/omg-payloads/tree/master/payloads/library/credentials/OMGLogger"
+"unshackle","https://github.com/Fadi002/unshackle"
+"unshadow","N/A"
+"updog","https://github.com/sc0tfree/updog"
+"upload.nolog.cz","https://upload.nolog.cz/"
+"Upnet","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"Urban Free VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"Urban Shield","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"usaupload","https://usaupload.com/"
+"usbmon","https://www.kernel.org/doc/Documentation/usb/usbmon.txt"
+"usbpcap","https://github.com/s-h-3-l-l/katoolin3"
+"username-anarchy","https://github.com/urbanadventurer/username-anarchy"
+"UsoDllLoader","https://github.com/itm4n/UsoDllLoader"
+"utorrent","https[://]www[.]utorrent[.]com/intl/fr/"
+"uVPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"V3n0M-Scanner","https://github.com/v3n0m-Scanner/V3n0M-Scanner"
+"Vajra","https://github.com/TROUBLE-1/Vajra"
+"var0xshell","https://github.com/yehia-mamdouh/var0xshell/tree/main"
+"vbad","https://github.com/Pepitoh/Vbad"
+"VBA-RunPE","https://github.com/itm4n/VBA-RunPE"
+"vcsmap","https://github.com/melvinsh/vcsmap"
+"VDR","https://github.com/TakahiroHaruyama/VDR"
+"VectorKernel","https://github.com/daem0nc0re/VectorKernel/"
+"veeam-creds","https://github.com/sadshade/veeam-creds"
+"Veee","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"venom","https://github.com/r00t-3xp10it/venom"
+"Venom","https://github.com/Dliv3/Venom"
+"VenomousSway","https://github.com/trustedsec/The_Shelf"
+"Villain","https://github.com/t3l3machus/Villain"
+"viperc2","https://github.com/FunnyWolf/viperpython"
+"viperc2","https://github.com/FunnyWolf/vipermsf"
+"VirtualShield VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"VirusTotalC2","https://github.com/RATandC2/VirusTotalC2"
+"VNCPassView","https://www.nirsoft.net/utils/vnc_password.html"
+"vncpwdump","https://www.codebus.net/d-2v0u.html"
+"vncviewer","simple-help.com"
+"vncviewer","N/A"
+"VoidCrypt","https://github.com/rivitna/Malware"
+"Voidgate","https://github.com/undergroundwires/privacy.sexy"
+"Volumiser","https://github.com/CCob/Volumiser"
+"VPN Free","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"VPN Master","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"VPN Professional","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"VPN PROXY MASTER","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"VPN Unlimited Free","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"VPN.AC","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"VPN-free.pro","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"VPNMatic","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"VPNPivot","https://github.com/0x36/VPNPivot"
+"vRealizeLogInsightRCE","https://github.com/horizon3ai/vRealizeLogInsightRCE"
+"vscode","https://twitter.com/code/status/1699869087071899669"
+"vscode","https://badoption.eu/blog/2023/01/31/code_c2.html"
+"vssadmin","N/A"
+"vssadmin","https://media.defense.gov/2023/May/24/2003229517/-1/-1/0/CSA_Living_off_the_Land.PDF"
+"Vulmap","https://github.com/vulmon/Vulmap"
+"w32times","N/A"
+"w3af","https://w3af.org/"
+"Wachee VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"WAF-bypass-Cheat-Sheet","https://github.com/Bo0oM/WAF-bypass-Cheat-Sheet"
+"wafw00f","https://github.com/EnableSecurity/wafw00f"
+"Waitfor-Persistence","https://github.com/3gstudent/Waitfor-Persistence"
+"wapiti","https://github.com/wapiti-scanner/wapiti"
+"warberry","https://github.com/secgroundzero/warberry"
+"wbadmin","N/A"
+"wce","https://www.kali.org/tools/wce/"
+"WCE","https://github.com/returnvar/wce"
+"wcreddump","https://github.com/truerustyy/wcreddump"
+"WDBypass","https://bitbucket.org/evilgreyswork/wd-uac/downloads/"
+"WDExtract","https://github.com/hfiref0x/WDExtract/"
+"weakpass","https://github.com/zzzteph/weakpass"
+"webBrowserPassView","https://www.nirsoft.net/utils/web_browser_password.html"
+"WebDavC2","https://github.com/Arno0x/WebDavC2"
+"WebDeveloperSecurityChecklist","https://github.com/virajkulkarni14/WebDeveloperSecurityChecklist"
+"web-hacking-toolkit","https://github.com/signedsecurity/web-hacking-toolkit"
+"webhook.site","https://github.com/webhooksite/webhook.site"
+"webshell","https://github.com/Peaky-XD/webshell"
+"WebSocketReverseShellDotNet","https://github.com/The-Hustler-Hattab/WebSocketReverseShellDotNet"
+"Weevely3","https://github.com/epinna/weevely3"
+"wePWNise","https://github.com/FSecureLABS/wePWNise"
+"WerTrigger","https://github.com/sailay1996/WerTrigger"
+"westwind","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"wetransfer","https://twitter.com/mthcht/status/1658853848323182597"
+"WeVPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"wevtutil","N/A"
+"wevtutil","https://www.virustotal.com/gui/file/b24ab1f8cb68547932dd8a5c81e9b2133763a7ddf48aa431456530c1340b939e/details"
+"wevtutil","https://github.com/CCob/Shwmae"
+"wfuzz","https://github.com/xmendez/wfuzz"
+"wget","https://x.com/CraigHRowland/status/1782938242108837896"
+"WhatBreach","https://github.com/Ekultek/WhatBreach"
+"whatlicense","https://github.com/charlesnathansmith/whatlicense"
+"where","https://thedfirreport.com/2023/04/03/malicious-iso-file-leads-to-domain-wide-ransomware/"
+"WheresMyImplant","https://github.com/0xbadjuju/WheresMyImplant"
+"Whisker","https://github.com/jakobfriedl/precompiled-binaries"
+"whiskeysamlandfriends","https://github.com/secureworks/whiskeysamlandfriends"
+"whoami","N/A"
+"whoami","https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-347a"
+"whoami","https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1485/T1485.yaml"
+"Whoer VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"wifibroot","https://github.com/hash3liZer/WiFiBroot"
+"wifi-bruteforcer-fsecurify","https://github.com/faizann24/wifi-bruteforcer-fsecurify"
+"wifi-bruteforcer-fsecurity","https://github.com/faizann24/wifi-bruteforcer-fsecurify"
+"wifigrabber","https://github.com/hak5/omg-payloads/tree/master/payloads/library/credentials/wifigrabber"
+"wifijammer","https://github.com/hash3liZer/wifijammer"
+"wifijammer","https://github.com/DanMcInerney/wifijammer"
+"wifiphisher","https://github.com/wifiphisher/wifiphisher"
+"WiFi-Pumpkin","https://github.com/P0cL4bs/WiFi-Pumpkin"
+"wifite2","https://github.com/derv82/wifite2"
+"win-brute-logon","https://github.com/PhrozenIO/win-brute-logon"
+"win-brute-logon","https://github.com/DarkCoderSc/win-brute-logon"
+"windapsearch","https://github.com/ropnop/windapsearch"
+"WinDefenderKiller","https://github.com/S12cybersecurity/WinDefenderKiller"
+"WindfarmDynamite","https://github.com/FuzzySecurity/Sharp-Suite/tree/master/WindfarmDynamite"
+"WindmillVPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"Windows_MSKSSRV_LPE_CVE-2023-36802","https://github.com/chompie1337/Windows_MSKSSRV_LPE_CVE-2023-36802"
+"Windows-Crack","https://github.com/japd06/Windows-Crack/"
+"WindowsDowndate","https://github.com/SafeBreach-Labs/WindowsDowndate"
+"WindowsExploitationResources","https://github.com/FULLSHADE/WindowsExploitationResources"
+"Windows-Exploit-Suggester","https://github.com/AonCyberLabs/Windows-Exploit-Suggester"
+"windows-login-phish","https://github.com/CipherKill/windows-login-phish"
+"Windows-Post-Exploitation","https://github.com/emilyanncr/Windows-Post-Exploitation"
+"windows-privesc-check","https://github.com/pentestmonkey/windows-privesc-check"
+"Windows-Privilege-Escalation","https://github.com/frizb/Windows-Privilege-Escalation"
+"Windscribe","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"winexe","https://www.kali.org/tools/winexe/"
+"Winpayloads","https://github.com/nccgroup/Winpayloads"
+"winPEAS","https://github.com/jakobfriedl/precompiled-binaries"
+"WinPirate","https://github.com/l3m0n/WinPirate"
+"WinPwn","https://github.com/S3cur3Th1sSh1t/WinPwn"
+"WinPwnage","https://github.com/rootm0s/WinPwnage"
+"winrs","N/A"
+"WinSCP","N/A"
+"WinSCPPasswdExtractor","https://github.com/NeffIsBack/WinSCPPasswdExtractor"
+"WinShellcode","https://github.com/DallasFR/WinShellcode"
+"winsos-poc","https://github.com/thiagopeixoto/winsos-poc"
+"WINspect","https://github.com/A-mIn3/WINspect"
+"WirelessKeyView","https://www.nirsoft.net/utils/wireless_key.html"
+"wireproxy","https://github.com/pufferffish/wireproxy"
+"wireshark","https://www.wireshark.org/"
+"wiresocks","https://github.com/sensepost/wiresocks"
+"wiretap","https://github.com/sandialabs/wiretap"
+"WitnessMe","https://github.com/byt3bl33d3r/WitnessMe"
+"WLAN-Windows-Passwords","https://github.com/hak5/omg-payloads/tree/master/payloads/library/credentials/WLAN-Windows-Passwords"
+"WMEye","https://github.com/pwn1sher/WMEye"
+"wmic","https://www.microsoft.com/en-us/security/blog/2022/04/12/tarrask-malware-uses-scheduled-tasks-for-defense-evasion/"
+"wmic","https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-347a"
+"wmic","N/A"
+"wmic","https://www.virustotal.com/gui/file/00820a1f0972678cfe7885bc989ab3e5602b0febc96baf9bf3741d56aa374f03/behavior"
+"wmic","https://thedfirreport.com/2024/08/12/threat-actors-toolkit-leveraging-sliver-poshc2-batch-scripts/#c01"
+"wmic","https://github.com/TheParmak/conti-leaks-englished/blob/45d49307f347aff10e0f088af25142f8929b4c4f/anonfile_dumps/31.txt#L236"
+"wmic","https://github.com/RoseSecurity/Red-Teaming-TTPs/blob/main/Anti-Forensics.md"
+"wmic","https://thedfirreport.com/2023/05/22/icedid-macro-ends-in-nokoyawa-ransomware/"
+"wmic","https://media.defense.gov/2023/May/24/2003229517/-1/-1/0/CSA_Living_off_the_Land.PDF"
+"WMIcmd","https://github.com/nccgroup/WMIcmd"
+"wmiexec","https://github.com/WKL-Sec/wmiexec"
+"wmiexec","https://github.com/rapid7/metasploit-framework/blob/2722067108b5c034da9f77b95eaf1c1db33db4fa/modules/auxiliary/scanner/smb/impacket/wmiexec.py#L127"
+"wmiexec2","https://github.com/ice-wzl/wmiexec2"
+"wmiexec-pro","https://github.com/XiaoliChan/wmiexec-Pro"
+"WMImplant","https://github.com/FortyNorthSecurity/WMImplant"
+"WMIPersistence","https://github.com/mdsecactivebreach/WMIPersistence"
+"Wmisploit","https://github.com/secabstraction/WmiSploit"
+"wordlists","https://www.kali.org/tools/wordlists/"
+"wordlists","https://github.com/clem9669/wordlists"
+"wordsmith","https://github.com/skahwah/wordsmith"
+"WorkingVPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"WorldWind-Stealer","https://github.com/Leecher21/WorldWind-Stealer"
+"wpaf","https://github.com/kancotdiq/wpaf"
+"WPScan","https://github.com/wpscanteam/wpscan"
+"wraith","https://github.com/wraith-labs/wraith"
+"WSAAcceptBackdoor","https://github.com/EgeBalci/WSAAcceptBackdoor"
+"WSMan-WinRM","https://github.com/bohops/WSMan-WinRM"
+"wso-webshell","https://github.com/mIcHyAmRaNe/wso-webshell"
+"WSPCoerce","https://github.com/slemire/WSPCoerce"
+"wstunnel","https://github.com/erebe/wstunnel"
+"WSUSpendu","https://github.com/AlsidOfficial/WSUSpendu"
+"wsuxploit","https://github.com/pimps/wsuxploit"
+"xcopy","N/A"
+"xeno-rat","https://github.com/moom825/xeno-rat"
+"Xerror","https://github.com/projectdiscovery/nuclei-burp-plugin"
+"Xerror","https://github.com/Chudry/Xerror"
+"XiebroC2","https://github.com/INotGreen/Xiebro-Plugins"
+"XiebroC2","https://github.com/INotGreen/XiebroC2"
+"xmrig","https://www.huntress.com/blog/slashandgrab-screen-connect-post-exploitation-in-the-wild-cve-2024-1709-cve-2024-1708"
+"xmrig","https://github.com/xmrig/xmrig/"
+"xmrig","https://github.com/C3Pool/xmrig_setup/"
+"xrdp","https://github.com/neutrinolabs/xrdp"
+"Xrulez","https://github.com/FSecureLABS/Xrulez"
+"xspy","https://github.com/mnp/xspy/blob/master/xspy.c"
+"xss-labs","https://github.com/paralax/xss-labs"
+"XSS-Payloads","http://www.xss-payloads.com/"
+"XSStrike","https://github.com/UltimateHackers/XSStrike"
+"Xworm","https://github.com/guessthatname99/XWorm-RAT-V2.1"
+"xxd","https://github.com/RoseSecurity/Red-Teaming-TTPs/blob/main/Linux.md"
+"XXEinjector","https://github.com/enjoiz/XXEinjector"
+"xz","https://www.openwall.com/lists/oss-security/2024/03/29/4"
+"xz","https://securelist.com/xz-backdoor-story-part-1/112354/"
+"yakit","https://github.com/Gerenios/AADInternals"
+"yodo","https://github.com/b3rito/yodo"
+"ysoserial.net","https://github.com/pwntester/ysoserial.net"
+"zarp","https://github.com/hatRiot/zarp"
+"ZenMate VPN","https://raw.githubusercontent.com/SigmaHQ/sigma/43277f26fc1c81fc98fc79147b711189e901b757/rules/windows/registry/registry_set/registry_set_chrome_extension.yml"
+"zeroday-powershell","https://github.com/OneLogicalMyth/zeroday-powershell"
+"ZeroHVCI","https://github.com/zer0condition/ZeroHVCI"
+"zerologon","https://github.com/michaelpoznecki/zerologon"
+"zerosum0x0","https://github.com/zerosum0x0"
+"ZipExec","https://github.com/Tylous/ZipExec"
+"Zloader","https://www.mcafee.com/blogs/other-blogs/mcafee-labs/zloader-with-a-new-infection-technique/"
+"Zloader","https://news.sophos.com/en-us/2022/01/19/zloader-installs-remote-access-backdoors-and-delivers-cobalt-strike/"
+"Zoho Assist","https://www.zoho.com/assist/"
+"zrok","https://github.com/openziti/zrok"