Hugging Face's logo

bencyc1129
/
bert-small

Fill-Mask
Transformers
Safetensors
bert
Model card Files
xet
Community
bencyc1129 commited on
Commit
53a6937
·
verified ·
1 Parent(s): 990e9c9

Upload tokenizer

Browse files
Files changed (2) hide show
  1. tokenizer.json +642 -645
  2. vocab.txt +218 -221
tokenizer.json CHANGED
@@ -216,43 +216,43 @@
216
  "{": 68,
217
  "|": 69,
218
  "}": 70,
219
- "##y": 71,
220
- "##s": 72,
221
- "##t": 73,
222
- "##e": 74,
223
- "##m": 75,
224
- "##3": 76,
225
- "##2": 77,
226
- "##h": 78,
227
- "##i": 79,
228
- "##c": 80,
229
- "##p": 81,
230
- "##d": 82,
231
- "##a": 83,
232
- "##r": 84,
233
- "##k": 85,
234
- "##v": 86,
235
- "##o": 87,
236
- "##l": 88,
237
- "##u": 89,
238
- "##w": 90,
239
- "##1": 91,
240
- "##x": 92,
241
- "##n": 93,
242
- "##f": 94,
243
- "##b": 95,
244
- "##6": 96,
245
- "##4": 97,
246
- "##g": 98,
247
- "##7": 99,
248
- "##8": 100,
249
- "##5": 101,
250
- "##9": 102,
251
- "##z": 103,
252
- "##0": 104,
253
- "##j": 105,
254
- "##em": 106,
255
- "##at": 107,
256
  "##st": 108,
257
  "##er": 109,
258
  "##ut": 110,
@@ -276,28 +276,28 @@
276
  "##mp": 128,
277
  "file": 129,
278
  "out": 130,
279
- "##ce": 131,
280
- "##dow": 132,
281
- "##ar": 133,
282
- "##ass": 134,
283
  "##put": 135,
284
- "##py": 136,
285
- "##pp": 137,
286
  "output": 138,
287
  "##it": 139,
288
- "##ve": 140,
289
- "##or": 141,
290
  "##emp": 142,
291
- "##me": 143,
292
- "##ol": 144,
293
  "pro": 145,
294
- "##ct": 146,
295
- "##al": 147,
296
  "##ump": 148,
297
  "mem": 149,
298
- "##32": 150,
299
- "##nv": 151,
300
- "##tc": 152,
301
  "temp": 153,
302
  "##ch": 154,
303
  "##ur": 155,
@@ -311,24 +311,24 @@
311
  "##ame": 163,
312
  "##ll": 164,
313
  "system32": 165,
314
- "##ha": 166,
315
- "##di": 167,
316
- "##ion": 168,
317
- "##der": 169,
318
- "##ad": 170,
319
- "##act": 171,
320
- "##ot": 172,
321
- "##dows": 173,
322
- "windows": 174,
323
- "##hadow": 175,
324
  "ne": 176,
325
  "re": 177,
326
- "##en": 178,
327
  "##ic": 179,
328
- "##co": 180,
329
- "##ract": 181,
330
- "##kl": 182,
331
- "##ls": 183,
332
  "##ate": 184,
333
  "##cho": 185,
334
  "lsass": 186,
@@ -337,19 +337,19 @@
337
  "it": 189,
338
  "net": 190,
339
  "pass": 191,
340
- "##ter": 192,
341
  "##pt": 193,
342
- "##kdi": 194,
343
- "##no": 195,
344
  "hklm": 196,
345
  "echo": 197,
346
  "npp": 198,
347
  "se": 199,
348
  "te": 200,
349
- "##spy": 201,
350
- "##dump": 202,
351
- "##ag": 203,
352
- "##lo": 204,
353
  "##lea": 205,
354
  "nppspy": 206,
355
  "app": 207,
@@ -358,21 +358,21 @@
358
  "in": 210,
359
  "name": 211,
360
  "rd": 212,
361
- "shadow": 213,
362
- "tar": 214,
363
  "##ty": 215,
364
  "##th": 216,
365
  "##ice": 217,
366
- "##cr": 218,
367
- "##rlea": 219,
368
- "##vid": 220,
369
- "##vice": 221,
370
- "##un": 222,
371
- "##get": 223,
372
  "##roract": 224,
373
  "##rep": 225,
374
- "##ont": 226,
375
- "##cess": 227,
376
  "new": 228,
377
  "##kdiag": 229,
378
  "erroract": 230,
@@ -391,271 +391,271 @@
391
  "ps": 243,
392
  "sa": 244,
393
  "vss": 245,
394
- "##cur": 246,
395
- "##pro": 247,
396
  "##ue": 248,
397
  "##root": 249,
398
  "##art": 250,
399
  "##older": 251,
400
  "passw": 252,
401
  "##nore": 253,
402
- "create": 254,
403
- "ignore": 255,
404
- "co": 256,
405
- "id": 257,
406
  "if": 258,
407
- "lo": 259,
408
- "min": 260,
409
- "ser": 261,
410
- "scr": 262,
411
- "##to": 263,
412
- "##ipt": 264,
413
  "##pa": 265,
414
- "##ds": 266,
415
- "##ull": 267,
416
- "##ing": 268,
417
- "##idump": 269,
418
- "proc": 270,
419
- "process": 271,
420
- "##alue": 272,
421
- "##omic": 273,
422
- "start": 274,
423
- "##ent": 275,
424
- "test": 276,
425
- "##load": 277,
426
- "##ontro": 278,
427
  "passwd": 279,
428
  "minidump": 280,
429
  "script": 281,
430
  "00": 282,
431
- "cur": 283,
432
- "com": 284,
433
- "de": 285,
434
- "di": 286,
435
- "for": 287,
436
- "full": 288,
437
- "he": 289,
438
- "t1": 290,
439
- "##ex": 291,
440
- "##md": 292,
441
- "##po": 293,
442
- "##per": 294,
443
- "##wor": 295,
444
- "##ntc": 296,
445
- "##name": 297,
446
- "##03": 298,
447
- "##003": 299,
448
- "##str": 300,
449
- "##ets": 301,
450
- "##rentc": 302,
451
- "##ary": 303,
452
- "##copy": 304,
453
- "##lset": 305,
454
- "item": 306,
455
- "##thon": 307,
456
- "list": 308,
457
- "python": 309,
458
- "service": 310,
459
- "##omics": 311,
460
- "##ontrolset": 312,
461
- "001": 313,
462
- "currentc": 314,
463
- "t1003": 315,
464
- "##perty": 316,
465
- "currentcontrolset": 317,
466
- "0x": 318,
467
- "13": 319,
468
- "ac": 320,
469
- "bin": 321,
470
- "cut": 322,
471
- "con": 323,
472
- "dr": 324,
473
- "dmp": 325,
474
- "grep": 326,
475
- "ho": 327,
476
- "let": 328,
477
- "nt": 329,
478
- "rv": 330,
479
- "uname": 331,
480
- "value": 332,
481
- "##yload": 333,
482
- "##ser": 334,
483
- "##mi": 335,
484
- "##il": 336,
485
- "##cat": 337,
486
- "##kat": 338,
487
- "##kpro": 339,
488
- "##op": 340,
489
- "##li": 341,
490
- "##ume": 342,
491
- "##nal": 343,
492
- "##folder": 344,
493
- "##atomics": 345,
494
- "##roperty": 346,
495
- "exit": 347,
496
- "exter": 348,
497
- "pathto": 349,
498
- "systemroot": 350,
499
- "##ity": 351,
500
- "##emproperty": 352,
501
- "##olume": 353,
502
- "stop": 354,
503
- "reg": 355,
504
- "itemproperty": 356,
505
- "networ": 357,
506
- "secur": 358,
507
- "##und": 359,
508
- "save": 360,
509
- "copy": 361,
510
- "##payload": 362,
511
- "services": 363,
512
- "binary": 364,
513
- "drive": 365,
514
- "host": 366,
515
- "letter": 367,
516
- "ntds": 368,
517
- "##katz": 369,
518
- "##kprovider": 370,
519
  "##nalpayload": 371,
520
- "##atomicsfolder": 372,
521
- "externalpayload": 373,
522
- "pathtoatomicsfolder": 374,
523
- "networkprovider": 375,
524
- "security": 376,
525
- "externalpayloads": 377,
526
- "dll": 378,
527
- "mi": 379,
528
- "si": 380,
529
- "wh": 381,
530
- "##sk": 382,
531
- "##shadow": 383,
532
- "##eb": 384,
533
- "##ig": 385,
534
- "##cs": 386,
535
- "##cmd": 387,
536
  "##ps": 388,
537
- "##pe": 389,
538
- "##path": 390,
539
- "##de": 391,
540
- "##ac": 392,
541
- "##ap": 393,
542
- "##rv": 394,
543
- "##ke": 395,
544
  "##ul": 396,
545
- "##nd": 397,
546
- "##fig": 398,
547
- "##64": 399,
548
- "##ze": 400,
549
  "##ster": 401,
550
  "##cept": 402,
551
  "provider": 403,
552
  "apppo": 404,
553
  "appcmd": 405,
554
  "inets": 406,
555
- "##unt": 407,
556
- "master": 408,
557
- "log": 409,
558
- "testcat": 410,
559
  "heap": 411,
560
- "config": 412,
561
  "mimi": 413,
562
  "size": 414,
563
  "apppool": 415,
564
  "inetsrv": 416,
565
- "cal": 417,
566
- "dom": 418,
567
- "els": 419,
568
- "fo": 420,
569
- "folder": 421,
570
- "git": 422,
571
- "glo": 423,
572
- "ht": 424,
573
- "har": 425,
574
- "iex": 426,
575
- "lin": 427,
576
- "na": 428,
577
- "pg": 429,
578
- "ra": 430,
579
- "rund": 431,
580
- "s3": 432,
581
- "sh": 433,
582
- "su": 434,
583
- "th": 435,
584
- "tr": 436,
585
  "ter": 437,
586
  "vs": 438,
587
  "wm": 439,
588
  "wr": 440,
589
- "##se": 441,
590
- "##sv": 442,
591
- "##tract": 443,
592
- "##tps": 444,
593
- "##ect": 445,
594
- "##eul": 446,
595
- "##3th": 447,
596
- "##hu": 448,
597
- "##h1": 449,
598
- "##ich": 450,
599
- "##do": 451,
600
- "##ddi": 452,
601
- "##an": 453,
602
- "##ain": 454,
603
- "##volume": 455,
604
- "##wn": 456,
605
- "##1ss": 457,
606
- "##xt": 458,
607
- "##bal": 459,
608
- "##gr": 460,
609
- "extract": 461,
610
- "##rect": 462,
611
- "##ite": 463,
612
- "##ory": 464,
613
- "##order": 465,
614
- "##ll32": 466,
615
- "##ated": 467,
616
- "##nodump": 468,
617
- "shadowcopy": 469,
618
  "##type": 470,
619
- "ps1": 471,
620
- "sam": 472,
621
- "##cur3th": 473,
622
- "comsv": 474,
623
- "device": 475,
624
- "direct": 476,
625
- "##string": 477,
626
- "accept": 478,
627
- "unamestr": 479,
628
- "##lient": 480,
629
- "which": 481,
630
- "##skvolume": 482,
631
- "##shadowcopy": 483,
632
  "providerorder": 484,
633
- "mimikatz": 485,
634
- "call": 486,
635
- "domain": 487,
636
- "else": 488,
637
- "githu": 489,
638
- "global": 490,
639
- "https": 491,
640
- "harddi": 492,
641
- "nanodump": 493,
642
- "pgrep": 494,
643
- "raw": 495,
644
- "rundll32": 496,
645
- "s3cur3th": 497,
646
  "sudo": 498,
647
- "term": 499,
648
- "vsc": 500,
649
- "wmic": 501,
650
- "write": 502,
651
- "##eula": 503,
652
- "##h1t": 504,
653
- "##1ssh1t": 505,
654
- "comsvcs": 506,
655
- "directory": 507,
656
- "accepteula": 508,
657
- "##skvolumeshadowcopy": 509,
658
- "github": 510,
659
  "globalroot": 511,
660
  "harddiskvolumeshadowcopy": 512,
661
  "s3cur3th1ssh1t": 513,
@@ -663,14 +663,14 @@
663
  "and": 515,
664
  "be": 516,
665
  "cmd": 517,
666
- "dd": 518,
667
- "do": 519,
668
  "dow": 520,
669
  "dit": 521,
670
  "dump": 522,
671
  "dot": 523,
672
- "es": 524,
673
- "ed": 525,
674
  "f2": 526,
675
  "f1": 527,
676
  "fre": 528,
@@ -695,71 +695,71 @@
695
  "wa": 547,
696
  "web": 548,
697
  "x64": 549,
698
- "##ym": 550,
699
- "##sh": 551,
700
- "##sd": 552,
701
- "##so": 553,
702
- "##sw": 554,
703
- "##mem": 555,
704
- "##min": 556,
705
- "##mit": 557,
706
- "##38": 558,
707
- "##21": 559,
708
- "##2b": 560,
709
- "##ip": 561,
710
- "##col": 562,
711
- "##cont": 563,
712
- "##client": 564,
713
- "##pass": 565,
714
- "##pwn": 566,
715
- "##dmp": 567,
716
- "##dated": 568,
717
- "##am": 569,
718
- "##ab": 570,
719
- "##kur": 571,
720
- "##ver": 572,
721
- "##value": 573,
722
- "##out": 574,
723
- "##oke": 575,
724
- "##user": 576,
725
- "##net": 577,
726
- "##nload": 578,
727
- "##file": 579,
728
- "##56": 580,
729
- "##ject": 581,
730
  "##ert": 582,
731
  "##erdump": 583,
732
  "##utl": 584,
733
  "##util": 585,
734
  "expa": 586,
735
  "##ink": 587,
736
- "sysw": 588,
737
- "##ow64": 589,
738
- "exepath": 590,
739
  "##pykatz": 591,
740
  "##ort": 592,
741
  "lsa": 593,
742
  "winpwn": 594,
743
- "##admin": 595,
744
  "res": 596,
745
- "red": 597,
746
  "##code": 598,
747
  "##count": 599,
748
- "##lsa": 600,
749
- "##chost": 601,
750
- "secr": 602,
751
- "sekur": 603,
752
- "text": 604,
753
- "catch": 605,
754
- "limit": 606,
755
- "map": 607,
756
- "pypykatz": 608,
757
- "vssadmin": 609,
758
- "##proto": 610,
759
  "count": 611,
760
  "loc": 612,
761
- "procdump": 613,
762
- "##entutl": 614,
763
  "scripts": 615,
764
  "dest": 616,
765
  "force": 617,
@@ -770,8 +770,8 @@
770
  "logon": 622,
771
  "found": 623,
772
  "line": 624,
773
- "then": 625,
774
- "try": 626,
775
  "githubuser": 627,
776
  "download": 628,
777
  "dotnet": 629,
@@ -790,189 +790,189 @@
790
  "venv": 642,
791
  "wait": 643,
792
  "webclient": 644,
793
- "##ymgr": 645,
794
- "##content": 646,
795
- "expand": 647,
796
- "syswow64": 648,
797
- "secrets": 649,
798
- "sekurlsa": 650,
799
- "fullmemdmp": 651,
800
- "securityprotocol": 652,
801
- "githubusercontent": 653,
802
- "downloadstring": 654,
803
- "updatedvalue": 655,
804
- "121": 656,
805
- "338": 657,
806
- "9a": 658,
807
- "ad": 659,
808
- "all": 660,
809
- "by": 661,
810
- "bac": 662,
811
- "cl": 663,
812
- "cle": 664,
813
- "contro": 665,
814
- "can": 666,
815
- "client": 667,
816
- "cert": 668,
817
- "don": 669,
818
- "dcs": 670,
819
- "en": 671,
820
- "est": 672,
821
- "eli": 673,
822
- "fi": 674,
823
- "go": 675,
824
- "gw": 676,
825
- "gre": 677,
826
- "gse": 678,
827
- "is": 679,
828
- "io": 680,
829
- "iw": 681,
830
- "imp": 682,
831
- "ke": 683,
832
- "kr": 684,
833
- "mm": 685,
834
- "mo": 686,
835
- "mon": 687,
836
- "mic": 688,
837
- "mkl": 689,
838
- "non": 690,
839
- "null": 691,
840
- "nul": 692,
841
- "or": 693,
842
- "own": 694,
843
- "pol": 695,
844
- "plea": 696,
845
- "rem": 697,
846
- "sr": 698,
847
- "so": 699,
848
- "sile": 700,
849
- "sha": 701,
850
- "ty": 702,
851
- "tls": 703,
852
- "txt": 704,
853
- "xor": 705,
854
- "##yn": 706,
855
- "##sid": 707,
856
- "##sab": 708,
857
- "##scode": 709,
858
- "##tm": 710,
859
- "##ti": 711,
860
- "##e2": 712,
861
- "##ec": 713,
862
- "##ed": 714,
863
- "##e9": 715,
864
- "##ml": 716,
865
- "##3c": 717,
866
- "##36": 718,
867
- "##hex": 719,
868
- "##is": 720,
869
- "##if": 721,
870
  "##ib": 722,
871
- "##c5": 723,
872
- "##cre": 724,
873
- "##con": 725,
874
- "##cdump": 726,
875
- "##can": 727,
876
- "##pon": 728,
877
- "##pen": 729,
878
- "##port": 730,
879
- "##pcon": 731,
880
- "##du": 732,
881
- "##dce": 733,
882
- "##a7": 734,
883
- "##a36": 735,
884
- "##ring": 736,
885
- "##lac": 737,
886
- "##ux": 738,
887
- "##uin": 739,
888
- "##uscode": 740,
889
- "##12": 741,
890
- "##nt": 742,
891
- "##nect": 743,
892
- "##ft": 744,
893
- "##fen": 745,
894
- "##fil": 746,
895
- "##be9": 747,
896
- "##6a7": 748,
897
- "##41": 749,
898
- "##guin": 750,
899
- "##73": 751,
900
- "##773": 752,
901
- "##88": 753,
902
- "##ation": 754,
903
- "##atuscode": 755,
904
- "##roso": 756,
905
- "except": 757,
906
- "exfil": 758,
907
- "##inter": 759,
908
- "##intm": 760,
909
- "##ination": 761,
910
- "##lect": 762,
911
- "##leout": 763,
912
- "##red": 764,
913
- "syml": 765,
914
- "##owke": 766,
915
- "filename": 767,
916
- "##ord": 768,
917
- "##olve": 769,
918
- "property": 770,
919
- "progr": 771,
920
- "##alti": 772,
921
- "##alport": 773,
922
- "##tcpcon": 774,
923
- "##urce": 775,
924
- "lsad": 776,
925
- "win32": 777,
926
- "state": 778,
927
- "string": 779,
928
- "statuscode": 780,
929
- "##active": 781,
930
- "##ote": 782,
931
- "read": 783,
932
- "repo": 784,
933
- "realti": 785,
934
- "##icy": 786,
935
- "##core": 787,
936
- "nettcpcon": 788,
937
- "netcore": 789,
938
- "select": 790,
939
- "team": 791,
940
- "##ager": 792,
941
- "input": 793,
942
- "insid": 794,
943
- "##replac": 795,
944
- "##cessib": 796,
945
- "maps": 797,
946
- "psex": 798,
947
- "pspath": 799,
948
- "##process": 800,
949
- "##artex": 801,
950
- "password": 802,
951
- "createdump": 803,
952
- "ifm": 804,
953
- "locat": 805,
954
- "server": 806,
955
- "##ingprocess": 807,
956
- "starting": 808,
957
- "defen": 809,
958
- "dir": 810,
959
- "disk": 811,
960
- "disab": 812,
961
- "##pointm": 813,
962
- "##words": 814,
963
- "##aryco": 815,
964
- "itemtype": 816,
965
- "python3": 817,
966
- "python2": 818,
967
- "servicepointm": 819,
968
- "0x41": 820,
969
- "account": 821,
970
- "conso": 822,
971
- "##server": 823,
972
- "##lish": 824,
973
  "ntdsutil": 825,
974
  "while": 826,
975
- "##aca36": 827,
976
  "##accessib": 828,
977
  "##key": 829,
978
  "providerpath": 830,
@@ -980,8 +980,8 @@
980
  "mimipen": 832,
981
  "fore": 833,
982
  "linux": 834,
983
- "this": 835,
984
- "true": 836,
985
  "##anager": 837,
986
  "samfile": 838,
987
  "elseif": 839,
@@ -991,106 +991,103 @@
991
  "cmdkey": 843,
992
  "dumpert": 844,
993
  "dumpcre": 845,
994
- "##showke": 846,
995
- "##38c5": 847,
996
- "##2156": 848,
997
- "##2b2b": 849,
998
- "##passwords": 850,
999
- "##amfile": 851,
1000
- "##ablish": 852,
1001
- "##5638c5": 853,
1002
  "respon": 854,
1003
  "resolve": 855,
1004
- "redcan": 856,
1005
- "##codehex": 857,
1006
- "located": 858,
1007
- "localport": 859,
1008
- "destination": 860,
1009
- "logonserver": 861,
1010
- "logonpasswords": 862,
1011
- "expandstring": 863,
1012
- "securityprotocoltype": 864,
1013
- "121dce": 865,
1014
- "3389": 866,
1015
- "adreplac": 867,
1016
- "bypass": 868,
1017
- "back": 869,
1018
- "class": 870,
1019
- "cleartex": 871,
1020
- "control": 872,
1021
- "clientaccessib": 873,
1022
- "certutil": 874,
1023
- "done": 875,
1024
- "dcsyn": 876,
1025
- "encodehex": 877,
1026
- "establish": 878,
1027
- "elif": 879,
1028
- "going": 880,
1029
- "gwmi": 881,
1030
- "green": 882,
1031
- "gsecdump": 883,
1032
- "iwr": 884,
1033
- "import": 885,
1034
- "keymgr": 886,
1035
- "krshowke": 887,
1036
- "modu": 888,
1037
- "microso": 889,
1038
- "mklink": 890,
1039
- "noninter": 891,
1040
- "order": 892,
1041
- "owningprocess": 893,
1042
- "policy": 894,
1043
- "please": 895,
1044
- "remote": 896,
1045
- "src": 897,
1046
- "source": 898,
1047
- "silent": 899,
1048
- "shared": 900,
1049
- "type": 901,
1050
- "tls12": 902,
1051
- "xordump": 903,
1052
- "##e26a7": 904,
1053
- "##3cbe9": 905,
1054
- "##nection": 906,
1055
- "##882156": 907,
1056
- "exception": 908,
1057
- "##leoutput": 909,
1058
- "symlink": 910,
1059
- "propertytype": 911,
1060
- "programfile": 912,
1061
- "lsadump": 913,
1062
- "strings": 914,
1063
- "realtime": 915,
1064
- "nettcpconnection": 916,
1065
- "inside": 917,
1066
- "psexec": 918,
1067
- "location": 919,
1068
- "defender": 920,
1069
- "diskshadow": 921,
1070
- "disable": 922,
1071
- "servicepointmanager": 923,
1072
- "consoleoutput": 924,
1073
  "##aca36882156": 925,
1074
  "mimipenguin": 926,
1075
  "dumpcreds": 927,
1076
- "##2b2b5638c5": 928,
1077
- "response": 929,
1078
- "redcanaryco": 930,
1079
  "121dcee26a7": 931,
1080
  "adreplaccount": 932,
1081
  "cleartext": 933,
1082
  "clientaccessible": 934,
1083
- "dcsync": 935,
1084
- "established": 936,
1085
- "krshowkeymgr": 937,
1086
- "module": 938,
1087
- "microsoft": 939,
1088
- "noninteractive": 940,
1089
- "##3cbe92b2b5638c5": 941,
1090
- "programfiles": 942,
1091
- "##aca368821563cbe92b2b5638c5": 943,
1092
- "121dcee26a7aca368821563cbe92b2b5638c5": 944,
1093
- "121dcee26a7aca368821563cbe92b2b5638c5773": 945
1094
  }
1095
  }
1096
  }
 
216
  "{": 68,
217
  "|": 69,
218
  "}": 70,
219
+ "##a": 71,
220
+ "##n": 72,
221
+ "##e": 73,
222
+ "##p": 74,
223
+ "##t": 75,
224
+ "##x": 76,
225
+ "##f": 77,
226
+ "##i": 78,
227
+ "##l": 79,
228
+ "##o": 80,
229
+ "##m": 81,
230
+ "##k": 82,
231
+ "##r": 83,
232
+ "##d": 84,
233
+ "##c": 85,
234
+ "##u": 86,
235
+ "##y": 87,
236
+ "##h": 88,
237
+ "##w": 89,
238
+ "##g": 90,
239
+ "##s": 91,
240
+ "##z": 92,
241
+ "##3": 93,
242
+ "##2": 94,
243
+ "##v": 95,
244
+ "##8": 96,
245
+ "##9": 97,
246
+ "##b": 98,
247
+ "##1": 99,
248
+ "##0": 100,
249
+ "##j": 101,
250
+ "##6": 102,
251
+ "##4": 103,
252
+ "##7": 104,
253
+ "##5": 105,
254
+ "##at": 106,
255
+ "##em": 107,
256
  "##st": 108,
257
  "##er": 109,
258
  "##ut": 110,
 
276
  "##mp": 128,
277
  "file": 129,
278
  "out": 130,
279
+ "##ar": 131,
280
+ "##ad": 132,
281
+ "##ass": 133,
282
+ "##ce": 134,
283
  "##put": 135,
284
+ "##pp": 136,
285
+ "##py": 137,
286
  "output": 138,
287
  "##it": 139,
288
+ "##or": 140,
289
+ "##ve": 141,
290
  "##emp": 142,
291
+ "##ol": 143,
292
+ "##me": 144,
293
  "pro": 145,
294
+ "##al": 146,
295
+ "##ct": 147,
296
  "##ump": 148,
297
  "mem": 149,
298
+ "##nv": 150,
299
+ "##32": 151,
300
+ "##nt": 152,
301
  "temp": 153,
302
  "##ch": 154,
303
  "##ur": 155,
 
311
  "##ame": 163,
312
  "##ll": 164,
313
  "system32": 165,
314
+ "##di": 166,
315
+ "sh": 167,
316
+ "##act": 168,
317
+ "##ion": 169,
318
+ "##ot": 170,
319
+ "##der": 171,
320
+ "##dow": 172,
321
+ "##adow": 173,
322
+ "window": 174,
323
+ "windows": 175,
324
  "ne": 176,
325
  "re": 177,
326
+ "##tc": 178,
327
  "##ic": 179,
328
+ "##ls": 180,
329
+ "##kl": 181,
330
+ "##ract": 182,
331
+ "##co": 183,
332
  "##ate": 184,
333
  "##cho": 185,
334
  "lsass": 186,
 
337
  "it": 189,
338
  "net": 190,
339
  "pass": 191,
340
+ "##no": 192,
341
  "##pt": 193,
342
+ "##ter": 194,
343
+ "##kdi": 195,
344
  "hklm": 196,
345
  "echo": 197,
346
  "npp": 198,
347
  "se": 199,
348
  "te": 200,
349
+ "##ag": 201,
350
+ "##lo": 202,
351
+ "##dump": 203,
352
+ "##spy": 204,
353
  "##lea": 205,
354
  "nppspy": 206,
355
  "app": 207,
 
358
  "in": 210,
359
  "name": 211,
360
  "rd": 212,
361
+ "tar": 213,
362
+ "##nd": 214,
363
  "##ty": 215,
364
  "##th": 216,
365
  "##ice": 217,
366
+ "##rlea": 218,
367
+ "##cr": 219,
368
+ "##con": 220,
369
+ "##get": 221,
370
+ "##vid": 222,
371
+ "##vice": 223,
372
  "##roract": 224,
373
  "##rep": 225,
374
+ "##cess": 226,
375
+ "shadow": 227,
376
  "new": 228,
377
  "##kdiag": 229,
378
  "erroract": 230,
 
391
  "ps": 243,
392
  "sa": 244,
393
  "vss": 245,
394
+ "##pro": 246,
395
+ "##cur": 247,
396
  "##ue": 248,
397
  "##root": 249,
398
  "##art": 250,
399
  "##older": 251,
400
  "passw": 252,
401
  "##nore": 253,
402
+ "##cont": 254,
403
+ "create": 255,
404
+ "ignore": 256,
405
+ "co": 257,
406
  "if": 258,
407
+ "id": 259,
408
+ "lo": 260,
409
+ "min": 261,
410
+ "ser": 262,
411
+ "scr": 263,
412
+ "##ent": 264,
413
  "##pa": 265,
414
+ "##to": 266,
415
+ "##ipt": 267,
416
+ "##ds": 268,
417
+ "##ull": 269,
418
+ "##ing": 270,
419
+ "##idump": 271,
420
+ "proc": 272,
421
+ "process": 273,
422
+ "##alue": 274,
423
+ "##omic": 275,
424
+ "start": 276,
425
+ "test": 277,
426
+ "##load": 278,
427
  "passwd": 279,
428
  "minidump": 280,
429
  "script": 281,
430
  "00": 282,
431
+ "con": 283,
432
+ "cur": 284,
433
+ "com": 285,
434
+ "de": 286,
435
+ "di": 287,
436
+ "for": 288,
437
+ "full": 289,
438
+ "he": 290,
439
+ "t1": 291,
440
+ "##name": 292,
441
+ "##ex": 293,
442
+ "##po": 294,
443
+ "##per": 295,
444
+ "##md": 296,
445
+ "##wor": 297,
446
+ "##sh": 298,
447
+ "##03": 299,
448
+ "##003": 300,
449
+ "##str": 301,
450
+ "##rols": 302,
451
+ "##ets": 303,
452
+ "##rent": 304,
453
+ "##ary": 305,
454
+ "##copy": 306,
455
+ "item": 307,
456
+ "##thon": 308,
457
+ "list": 309,
458
+ "python": 310,
459
+ "##controls": 311,
460
+ "service": 312,
461
+ "##omics": 313,
462
+ "001": 314,
463
+ "current": 315,
464
+ "t1003": 316,
465
+ "##perty": 317,
466
+ "##controlset": 318,
467
+ "currentcontrolset": 319,
468
+ "0x": 320,
469
+ "13": 321,
470
+ "ac": 322,
471
+ "bin": 323,
472
+ "cut": 324,
473
+ "dr": 325,
474
+ "dmp": 326,
475
+ "grep": 327,
476
+ "ho": 328,
477
+ "let": 329,
478
+ "nt": 330,
479
+ "rv": 331,
480
+ "uname": 332,
481
+ "value": 333,
482
+ "##nal": 334,
483
+ "##en": 335,
484
+ "##fi": 336,
485
+ "##folder": 337,
486
+ "##li": 338,
487
+ "##op": 339,
488
+ "##mi": 340,
489
+ "##kat": 341,
490
+ "##kpro": 342,
491
+ "##cat": 343,
492
+ "##ume": 344,
493
+ "##und": 345,
494
+ "##yload": 346,
495
+ "##ser": 347,
496
+ "##atomics": 348,
497
+ "##roperty": 349,
498
+ "exit": 350,
499
+ "exter": 351,
500
+ "pathto": 352,
501
+ "systemroot": 353,
502
+ "##ity": 354,
503
+ "##emproperty": 355,
504
+ "##olume": 356,
505
+ "stop": 357,
506
+ "reg": 358,
507
+ "itemproperty": 359,
508
+ "networ": 360,
509
+ "secur": 361,
510
+ "save": 362,
511
+ "copy": 363,
512
+ "##payload": 364,
513
+ "services": 365,
514
+ "binary": 366,
515
+ "drive": 367,
516
+ "host": 368,
517
+ "letter": 369,
518
+ "ntds": 370,
519
  "##nalpayload": 371,
520
+ "##katz": 372,
521
+ "##kprovider": 373,
522
+ "##atomicsfolder": 374,
523
+ "externalpayload": 375,
524
+ "pathtoatomicsfolder": 376,
525
+ "networkprovider": 377,
526
+ "security": 378,
527
+ "externalpayloads": 379,
528
+ "dll": 380,
529
+ "mi": 381,
530
+ "si": 382,
531
+ "wh": 383,
532
+ "##ap": 384,
533
+ "##ac": 385,
534
+ "##eb": 386,
535
+ "##pe": 387,
536
  "##ps": 388,
537
+ "##path": 389,
538
+ "##il": 390,
539
+ "##ke": 391,
540
+ "##rv": 392,
541
+ "##de": 393,
542
+ "##cs": 394,
543
+ "##cmd": 395,
544
  "##ul": 396,
545
+ "##unt": 397,
546
+ "##sk": 398,
547
+ "##ze": 399,
548
+ "##64": 400,
549
  "##ster": 401,
550
  "##cept": 402,
551
  "provider": 403,
552
  "apppo": 404,
553
  "appcmd": 405,
554
  "inets": 406,
555
+ "master": 407,
556
+ "log": 408,
557
+ "testcat": 409,
558
+ "confi": 410,
559
  "heap": 411,
560
+ "##shadow": 412,
561
  "mimi": 413,
562
  "size": 414,
563
  "apppool": 415,
564
  "inetsrv": 416,
565
+ "config": 417,
566
+ "cal": 418,
567
+ "dom": 419,
568
+ "els": 420,
569
+ "fo": 421,
570
+ "folder": 422,
571
+ "git": 423,
572
+ "glo": 424,
573
+ "ht": 425,
574
+ "har": 426,
575
+ "iex": 427,
576
+ "lin": 428,
577
+ "na": 429,
578
+ "pg": 430,
579
+ "ra": 431,
580
+ "rund": 432,
581
+ "su": 433,
582
+ "s3": 434,
583
+ "tr": 435,
584
+ "th": 436,
585
  "ter": 437,
586
  "vs": 438,
587
  "wm": 439,
588
  "wr": 440,
589
+ "##an": 441,
590
+ "##ain": 442,
591
+ "##ect": 443,
592
+ "##eul": 444,
593
+ "##tract": 445,
594
+ "##tps": 446,
595
+ "##xt": 447,
596
+ "##ich": 448,
597
+ "##do": 449,
598
+ "##ddi": 450,
599
+ "##ub": 451,
600
+ "##h1": 452,
601
+ "##hub": 453,
602
+ "##wn": 454,
603
+ "##gr": 455,
604
+ "##se": 456,
605
+ "##sv": 457,
606
+ "##3th": 458,
607
+ "##volume": 459,
608
+ "##bal": 460,
609
+ "##1ss": 461,
610
+ "extract": 462,
611
+ "##rect": 463,
612
+ "##ite": 464,
613
+ "##ory": 465,
614
+ "##order": 466,
615
+ "##ll32": 467,
616
+ "##ated": 468,
617
+ "##nodump": 469,
618
  "##type": 470,
619
+ "shadowcopy": 471,
620
+ "ps1": 472,
621
+ "sam": 473,
622
+ "##cur3th": 474,
623
+ "comsv": 475,
624
+ "device": 476,
625
+ "direct": 477,
626
+ "##string": 478,
627
+ "accept": 479,
628
+ "unamestr": 480,
629
+ "##lient": 481,
630
+ "which": 482,
631
+ "##skvolume": 483,
632
  "providerorder": 484,
633
+ "##shadowcopy": 485,
634
+ "mimikatz": 486,
635
+ "call": 487,
636
+ "domain": 488,
637
+ "else": 489,
638
+ "github": 490,
639
+ "global": 491,
640
+ "https": 492,
641
+ "harddi": 493,
642
+ "nanodump": 494,
643
+ "pgrep": 495,
644
+ "raw": 496,
645
+ "rundll32": 497,
646
  "sudo": 498,
647
+ "s3cur3th": 499,
648
+ "term": 500,
649
+ "vsc": 501,
650
+ "wmic": 502,
651
+ "write": 503,
652
+ "##eula": 504,
653
+ "##h1t": 505,
654
+ "##1ssh1t": 506,
655
+ "comsvcs": 507,
656
+ "directory": 508,
657
+ "accepteula": 509,
658
+ "##skvolumeshadowcopy": 510,
659
  "globalroot": 511,
660
  "harddiskvolumeshadowcopy": 512,
661
  "s3cur3th1ssh1t": 513,
 
663
  "and": 515,
664
  "be": 516,
665
  "cmd": 517,
666
+ "do": 518,
667
+ "dd": 519,
668
  "dow": 520,
669
  "dit": 521,
670
  "dump": 522,
671
  "dot": 523,
672
+ "ed": 524,
673
+ "es": 525,
674
  "f2": 526,
675
  "f1": 527,
676
  "fre": 528,
 
695
  "wa": 547,
696
  "web": 548,
697
  "x64": 549,
698
+ "##am": 550,
699
+ "##ab": 551,
700
+ "##net": 552,
701
+ "##nload": 553,
702
+ "##pass": 554,
703
+ "##pwn": 555,
704
+ "##file": 556,
705
+ "##ip": 557,
706
+ "##out": 558,
707
+ "##oke": 559,
708
+ "##mem": 560,
709
+ "##min": 561,
710
+ "##mit": 562,
711
+ "##mgr": 563,
712
+ "##kur": 564,
713
+ "##dmp": 565,
714
+ "##dated": 566,
715
+ "##col": 567,
716
+ "##client": 568,
717
+ "##user": 569,
718
+ "##ymgr": 570,
719
+ "##wow": 571,
720
+ "##so": 572,
721
+ "##sd": 573,
722
+ "##swow": 574,
723
+ "##38": 575,
724
+ "##2b": 576,
725
+ "##21": 577,
726
+ "##ver": 578,
727
+ "##value": 579,
728
+ "##ject": 580,
729
+ "##56": 581,
730
  "##ert": 582,
731
  "##erdump": 583,
732
  "##utl": 584,
733
  "##util": 585,
734
  "expa": 586,
735
  "##ink": 587,
736
+ "syswow": 588,
737
+ "exepath": 589,
738
+ "##admin": 590,
739
  "##pykatz": 591,
740
  "##ort": 592,
741
  "lsa": 593,
742
  "winpwn": 594,
743
+ "red": 595,
744
  "res": 596,
745
+ "##lsa": 597,
746
  "##code": 598,
747
  "##count": 599,
748
+ "##chost": 600,
749
+ "secr": 601,
750
+ "sekur": 602,
751
+ "text": 603,
752
+ "catch": 604,
753
+ "limit": 605,
754
+ "map": 606,
755
+ "pypykatz": 607,
756
+ "vssadmin": 608,
757
+ "##proto": 609,
758
+ "##content": 610,
759
  "count": 611,
760
  "loc": 612,
761
+ "##entutl": 613,
762
+ "procdump": 614,
763
  "scripts": 615,
764
  "dest": 616,
765
  "force": 617,
 
770
  "logon": 622,
771
  "found": 623,
772
  "line": 624,
773
+ "try": 625,
774
+ "then": 626,
775
  "githubuser": 627,
776
  "download": 628,
777
  "dotnet": 629,
 
790
  "venv": 642,
791
  "wait": 643,
792
  "webclient": 644,
793
+ "expand": 645,
794
+ "syswow64": 646,
795
+ "secrets": 647,
796
+ "sekurlsa": 648,
797
+ "fullmemdmp": 649,
798
+ "securityprotocol": 650,
799
+ "githubusercontent": 651,
800
+ "downloadstring": 652,
801
+ "updatedvalue": 653,
802
+ "121": 654,
803
+ "338": 655,
804
+ "9a": 656,
805
+ "ad": 657,
806
+ "all": 658,
807
+ "by": 659,
808
+ "bac": 660,
809
+ "cl": 661,
810
+ "cle": 662,
811
+ "can": 663,
812
+ "client": 664,
813
+ "cert": 665,
814
+ "don": 666,
815
+ "dcs": 667,
816
+ "en": 668,
817
+ "est": 669,
818
+ "eli": 670,
819
+ "fi": 671,
820
+ "go": 672,
821
+ "gw": 673,
822
+ "gre": 674,
823
+ "gse": 675,
824
+ "io": 676,
825
+ "iw": 677,
826
+ "is": 678,
827
+ "imp": 679,
828
+ "ke": 680,
829
+ "kr": 681,
830
+ "mo": 682,
831
+ "mm": 683,
832
+ "mon": 684,
833
+ "mic": 685,
834
+ "mkl": 686,
835
+ "non": 687,
836
+ "null": 688,
837
+ "nul": 689,
838
+ "or": 690,
839
+ "own": 691,
840
+ "pol": 692,
841
+ "plea": 693,
842
+ "rem": 694,
843
+ "so": 695,
844
+ "sr": 696,
845
+ "sile": 697,
846
+ "ty": 698,
847
+ "tls": 699,
848
+ "txt": 700,
849
+ "xor": 701,
850
+ "##a3": 702,
851
+ "##a7": 703,
852
+ "##are": 704,
853
+ "##nc": 705,
854
+ "##nect": 706,
855
+ "##ed": 707,
856
+ "##ec": 708,
857
+ "##e2": 709,
858
+ "##e9": 710,
859
+ "##pon": 711,
860
+ "##pcon": 712,
861
+ "##pen": 713,
862
+ "##port": 714,
863
+ "##ti": 715,
864
+ "##tm": 716,
865
+ "##tro": 717,
866
+ "##ft": 718,
867
+ "##fen": 719,
868
+ "##if": 720,
869
+ "##is": 721,
870
  "##ib": 722,
871
+ "##lac": 723,
872
+ "##link": 724,
873
+ "##mlink": 725,
874
+ "##ring": 726,
875
+ "##du": 727,
876
+ "##dce": 728,
877
+ "##cb": 729,
878
+ "##c5": 730,
879
+ "##cre": 731,
880
+ "##cdump": 732,
881
+ "##can": 733,
882
+ "##ux": 734,
883
+ "##us": 735,
884
+ "##uin": 736,
885
+ "##ync": 737,
886
+ "##hex": 738,
887
+ "##guin": 739,
888
+ "##sid": 740,
889
+ "##sab": 741,
890
+ "##3cb": 742,
891
+ "##88": 743,
892
+ "##12": 744,
893
+ "##6a7": 745,
894
+ "##688": 746,
895
+ "##41": 747,
896
+ "##73": 748,
897
+ "##773": 749,
898
+ "##ation": 750,
899
+ "##atus": 751,
900
+ "##roso": 752,
901
+ "exfi": 753,
902
+ "except": 754,
903
+ "##inter": 755,
904
+ "##intm": 756,
905
+ "##ination": 757,
906
+ "##lect": 758,
907
+ "##leout": 759,
908
+ "symlink": 760,
909
+ "##owke": 761,
910
+ "filename": 762,
911
+ "##adump": 763,
912
+ "##ord": 764,
913
+ "##olve": 765,
914
+ "property": 766,
915
+ "progr": 767,
916
+ "##alport": 768,
917
+ "##alti": 769,
918
+ "##urce": 770,
919
+ "lsadump": 771,
920
+ "win32": 772,
921
+ "state": 773,
922
+ "string": 774,
923
+ "status": 775,
924
+ "share": 776,
925
+ "##active": 777,
926
+ "##ote": 778,
927
+ "read": 779,
928
+ "repo": 780,
929
+ "realti": 781,
930
+ "##tcpcon": 782,
931
+ "##icy": 783,
932
+ "##core": 784,
933
+ "nettcpcon": 785,
934
+ "netcore": 786,
935
+ "select": 787,
936
+ "team": 788,
937
+ "##ager": 789,
938
+ "input": 790,
939
+ "insid": 791,
940
+ "##replac": 792,
941
+ "##cessib": 793,
942
+ "maps": 794,
943
+ "psex": 795,
944
+ "pspath": 796,
945
+ "##process": 797,
946
+ "##artex": 798,
947
+ "password": 799,
948
+ "createdump": 800,
949
+ "ifm": 801,
950
+ "locat": 802,
951
+ "server": 803,
952
+ "##ingprocess": 804,
953
+ "starting": 805,
954
+ "conso": 806,
955
+ "contro": 807,
956
+ "defen": 808,
957
+ "dir": 809,
958
+ "disk": 810,
959
+ "disab": 811,
960
+ "##pointm": 812,
961
+ "##words": 813,
962
+ "##shed": 814,
963
+ "##showke": 815,
964
+ "##aryco": 816,
965
+ "itemtype": 817,
966
+ "python3": 818,
967
+ "python2": 819,
968
+ "servicepointm": 820,
969
+ "0x41": 821,
970
+ "account": 822,
971
+ "##lished": 823,
972
+ "##server": 824,
973
  "ntdsutil": 825,
974
  "while": 826,
975
+ "##aca3": 827,
976
  "##accessib": 828,
977
  "##key": 829,
978
  "providerpath": 830,
 
980
  "mimipen": 832,
981
  "fore": 833,
982
  "linux": 834,
983
+ "true": 835,
984
+ "this": 836,
985
  "##anager": 837,
986
  "samfile": 838,
987
  "elseif": 839,
 
991
  "cmdkey": 843,
992
  "dumpert": 844,
993
  "dumpcre": 845,
994
+ "##amfile": 846,
995
+ "##ablished": 847,
996
+ "##passwords": 848,
997
+ "##38c5": 849,
998
+ "##2b2b": 850,
999
+ "##2156": 851,
1000
+ "##5638c5": 852,
1001
+ "redcan": 853,
1002
  "respon": 854,
1003
  "resolve": 855,
1004
+ "##codehex": 856,
1005
+ "located": 857,
1006
+ "localport": 858,
1007
+ "destination": 859,
1008
+ "logonserver": 860,
1009
+ "logonpasswords": 861,
1010
+ "expandstring": 862,
1011
+ "securityprotocoltype": 863,
1012
+ "121dce": 864,
1013
+ "3389": 865,
1014
+ "adreplac": 866,
1015
+ "bypass": 867,
1016
+ "back": 868,
1017
+ "class": 869,
1018
+ "cleartex": 870,
1019
+ "clientaccessib": 871,
1020
+ "certutil": 872,
1021
+ "done": 873,
1022
+ "dcsync": 874,
1023
+ "encodehex": 875,
1024
+ "established": 876,
1025
+ "elif": 877,
1026
+ "going": 878,
1027
+ "gwmi": 879,
1028
+ "green": 880,
1029
+ "gsecdump": 881,
1030
+ "iwr": 882,
1031
+ "import": 883,
1032
+ "keymgr": 884,
1033
+ "krshowke": 885,
1034
+ "modu": 886,
1035
+ "microso": 887,
1036
+ "mklink": 888,
1037
+ "noninter": 889,
1038
+ "order": 890,
1039
+ "owningprocess": 891,
1040
+ "policy": 892,
1041
+ "please": 893,
1042
+ "remote": 894,
1043
+ "source": 895,
1044
+ "src": 896,
1045
+ "silent": 897,
1046
+ "type": 898,
1047
+ "tls12": 899,
1048
+ "xordump": 900,
1049
+ "##nection": 901,
1050
+ "##e26a7": 902,
1051
+ "##e92b2b": 903,
1052
+ "##3cbe92b2b": 904,
1053
+ "##6882156": 905,
1054
+ "exfil": 906,
1055
+ "exception": 907,
1056
+ "##leoutput": 908,
1057
+ "propertytype": 909,
1058
+ "programfile": 910,
1059
+ "strings": 911,
1060
+ "statuscode": 912,
1061
+ "shared": 913,
1062
+ "realtime": 914,
1063
+ "nettcpconnection": 915,
1064
+ "inside": 916,
1065
+ "psexec": 917,
1066
+ "location": 918,
1067
+ "consoleoutput": 919,
1068
+ "control": 920,
1069
+ "defender": 921,
1070
+ "diskshadow": 922,
1071
+ "disable": 923,
1072
+ "servicepointmanager": 924,
1073
  "##aca36882156": 925,
1074
  "mimipenguin": 926,
1075
  "dumpcreds": 927,
1076
+ "##5638c5773": 928,
1077
+ "redcanaryco": 929,
1078
+ "response": 930,
1079
  "121dcee26a7": 931,
1080
  "adreplaccount": 932,
1081
  "cleartext": 933,
1082
  "clientaccessible": 934,
1083
+ "krshowkeymgr": 935,
1084
+ "module": 936,
1085
+ "microsoft": 937,
1086
+ "noninteractive": 938,
1087
+ "##3cbe92b2b5638c5773": 939,
1088
+ "programfiles": 940,
1089
+ "##aca368821563cbe92b2b5638c5773": 941,
1090
+ "121dcee26a7aca368821563cbe92b2b5638c5773": 942
 
 
 
1091
  }
1092
  }
1093
  }
vocab.txt CHANGED
@@ -69,43 +69,43 @@ z
69
  {
70
  |
71
  }
72
- ##y
73
- ##s
74
- ##t
75
  ##e
76
- ##m
77
- ##3
78
- ##2
79
- ##h
80
- ##i
81
- ##c
82
  ##p
83
- ##d
84
- ##a
85
- ##r
86
- ##k
87
- ##v
88
- ##o
89
  ##l
 
 
 
 
 
 
90
  ##u
 
 
91
  ##w
92
- ##1
93
- ##x
94
- ##n
95
- ##f
96
- ##b
97
- ##6
98
- ##4
99
  ##g
100
- ##7
 
 
 
 
101
  ##8
102
- ##5
103
  ##9
104
- ##z
 
105
  ##0
106
  ##j
107
- ##em
 
 
 
108
  ##at
 
109
  ##st
110
  ##er
111
  ##ut
@@ -129,28 +129,28 @@ exe
129
  ##mp
130
  file
131
  out
132
- ##ce
133
- ##dow
134
  ##ar
 
135
  ##ass
 
136
  ##put
137
- ##py
138
  ##pp
 
139
  output
140
  ##it
141
- ##ve
142
  ##or
 
143
  ##emp
144
- ##me
145
  ##ol
 
146
  pro
147
- ##ct
148
  ##al
 
149
  ##ump
150
  mem
151
- ##32
152
  ##nv
153
- ##tc
 
154
  temp
155
  ##ch
156
  ##ur
@@ -164,24 +164,24 @@ st
164
  ##ame
165
  ##ll
166
  system32
167
- ##ha
168
  ##di
169
- ##ion
170
- ##der
171
- ##ad
172
  ##act
 
173
  ##ot
174
- ##dows
 
 
 
175
  windows
176
- ##hadow
177
  ne
178
  re
179
- ##en
180
  ##ic
181
- ##co
182
- ##ract
183
- ##kl
184
  ##ls
 
 
 
185
  ##ate
186
  ##cho
187
  lsass
@@ -190,19 +190,19 @@ hkl
190
  it
191
  net
192
  pass
193
- ##ter
194
  ##pt
 
195
  ##kdi
196
- ##no
197
  hklm
198
  echo
199
  npp
200
  se
201
  te
202
- ##spy
203
- ##dump
204
  ##ag
205
  ##lo
 
 
206
  ##lea
207
  nppspy
208
  app
@@ -211,21 +211,21 @@ er
211
  in
212
  name
213
  rd
214
- shadow
215
  tar
 
216
  ##ty
217
  ##th
218
  ##ice
219
- ##cr
220
  ##rlea
 
 
 
221
  ##vid
222
  ##vice
223
- ##un
224
- ##get
225
  ##roract
226
  ##rep
227
- ##ont
228
  ##cess
 
229
  new
230
  ##kdiag
231
  erroract
@@ -244,26 +244,28 @@ py
244
  ps
245
  sa
246
  vss
247
- ##cur
248
  ##pro
 
249
  ##ue
250
  ##root
251
  ##art
252
  ##older
253
  passw
254
  ##nore
 
255
  create
256
  ignore
257
  co
258
- id
259
  if
 
260
  lo
261
  min
262
  ser
263
  scr
 
 
264
  ##to
265
  ##ipt
266
- ##pa
267
  ##ds
268
  ##ull
269
  ##ing
@@ -273,14 +275,13 @@ process
273
  ##alue
274
  ##omic
275
  start
276
- ##ent
277
  test
278
  ##load
279
- ##ontro
280
  passwd
281
  minidump
282
  script
283
  00
 
284
  cur
285
  com
286
  de
@@ -289,39 +290,39 @@ for
289
  full
290
  he
291
  t1
 
292
  ##ex
293
- ##md
294
  ##po
295
  ##per
 
296
  ##wor
297
- ##ntc
298
- ##name
299
  ##03
300
  ##003
301
  ##str
 
302
  ##ets
303
- ##rentc
304
  ##ary
305
  ##copy
306
- ##lset
307
  item
308
  ##thon
309
  list
310
  python
 
311
  service
312
  ##omics
313
- ##ontrolset
314
  001
315
- currentc
316
  t1003
317
  ##perty
 
318
  currentcontrolset
319
  0x
320
  13
321
  ac
322
  bin
323
  cut
324
- con
325
  dr
326
  dmp
327
  grep
@@ -331,18 +332,20 @@ nt
331
  rv
332
  uname
333
  value
334
- ##yload
335
- ##ser
 
 
 
 
336
  ##mi
337
- ##il
338
- ##cat
339
  ##kat
340
  ##kpro
341
- ##op
342
- ##li
343
  ##ume
344
- ##nal
345
- ##folder
 
346
  ##atomics
347
  ##roperty
348
  exit
@@ -357,7 +360,6 @@ reg
357
  itemproperty
358
  networ
359
  secur
360
- ##und
361
  save
362
  copy
363
  ##payload
@@ -367,9 +369,9 @@ drive
367
  host
368
  letter
369
  ntds
 
370
  ##katz
371
  ##kprovider
372
- ##nalpayload
373
  ##atomicsfolder
374
  externalpayload
375
  pathtoatomicsfolder
@@ -380,41 +382,40 @@ dll
380
  mi
381
  si
382
  wh
383
- ##sk
384
- ##shadow
385
  ##eb
386
- ##ig
387
- ##cs
388
- ##cmd
389
- ##ps
390
  ##pe
 
391
  ##path
392
- ##de
393
- ##ac
394
- ##ap
395
- ##rv
396
  ##ke
 
 
 
 
397
  ##ul
398
- ##nd
399
- ##fig
400
- ##64
401
  ##ze
 
402
  ##ster
403
  ##cept
404
  provider
405
  apppo
406
  appcmd
407
  inets
408
- ##unt
409
  master
410
  log
411
  testcat
 
412
  heap
413
- config
414
  mimi
415
  size
416
  apppool
417
  inetsrv
 
418
  cal
419
  dom
420
  els
@@ -430,35 +431,35 @@ na
430
  pg
431
  ra
432
  rund
433
- s3
434
- sh
435
  su
436
- th
437
  tr
 
438
  ter
439
  vs
440
  wm
441
  wr
442
- ##se
443
- ##sv
444
- ##tract
445
- ##tps
446
  ##ect
447
  ##eul
448
- ##3th
449
- ##hu
450
- ##h1
451
  ##ich
452
  ##do
453
  ##ddi
454
- ##an
455
- ##ain
456
- ##volume
457
  ##wn
458
- ##1ss
459
- ##xt
460
- ##bal
461
  ##gr
 
 
 
 
 
 
462
  extract
463
  ##rect
464
  ##ite
@@ -467,8 +468,8 @@ extract
467
  ##ll32
468
  ##ated
469
  ##nodump
470
- shadowcopy
471
  ##type
 
472
  ps1
473
  sam
474
  ##cur3th
@@ -481,13 +482,13 @@ unamestr
481
  ##lient
482
  which
483
  ##skvolume
484
- ##shadowcopy
485
  providerorder
 
486
  mimikatz
487
  call
488
  domain
489
  else
490
- githu
491
  global
492
  https
493
  harddi
@@ -495,8 +496,8 @@ nanodump
495
  pgrep
496
  raw
497
  rundll32
498
- s3cur3th
499
  sudo
 
500
  term
501
  vsc
502
  wmic
@@ -508,7 +509,6 @@ comsvcs
508
  directory
509
  accepteula
510
  ##skvolumeshadowcopy
511
- github
512
  globalroot
513
  harddiskvolumeshadowcopy
514
  s3cur3th1ssh1t
@@ -516,14 +516,14 @@ at
516
  and
517
  be
518
  cmd
519
- dd
520
  do
 
521
  dow
522
  dit
523
  dump
524
  dot
525
- es
526
  ed
 
527
  f2
528
  f1
529
  fre
@@ -548,57 +548,56 @@ volume
548
  wa
549
  web
550
  x64
551
- ##ym
552
- ##sh
553
- ##sd
554
- ##so
555
- ##sw
 
 
 
 
 
556
  ##mem
557
  ##min
558
  ##mit
559
- ##38
560
- ##21
561
- ##2b
562
- ##ip
563
- ##col
564
- ##cont
565
- ##client
566
- ##pass
567
- ##pwn
568
  ##dmp
569
  ##dated
570
- ##am
571
- ##ab
572
- ##kur
 
 
 
 
 
 
 
 
573
  ##ver
574
  ##value
575
- ##out
576
- ##oke
577
- ##user
578
- ##net
579
- ##nload
580
- ##file
581
- ##56
582
  ##ject
 
583
  ##ert
584
  ##erdump
585
  ##utl
586
  ##util
587
  expa
588
  ##ink
589
- sysw
590
- ##ow64
591
  exepath
 
592
  ##pykatz
593
  ##ort
594
  lsa
595
  winpwn
596
- ##admin
597
- res
598
  red
 
 
599
  ##code
600
  ##count
601
- ##lsa
602
  ##chost
603
  secr
604
  sekur
@@ -609,10 +608,11 @@ map
609
  pypykatz
610
  vssadmin
611
  ##proto
 
612
  count
613
  loc
614
- procdump
615
  ##entutl
 
616
  scripts
617
  dest
618
  force
@@ -623,8 +623,8 @@ securityproto
623
  logon
624
  found
625
  line
626
- then
627
  try
 
628
  githubuser
629
  download
630
  dotnet
@@ -643,8 +643,6 @@ updated
643
  venv
644
  wait
645
  webclient
646
- ##ymgr
647
- ##content
648
  expand
649
  syswow64
650
  secrets
@@ -663,7 +661,6 @@ by
663
  bac
664
  cl
665
  cle
666
- contro
667
  can
668
  client
669
  cert
@@ -677,14 +674,14 @@ go
677
  gw
678
  gre
679
  gse
680
- is
681
  io
682
  iw
 
683
  imp
684
  ke
685
  kr
686
- mm
687
  mo
 
688
  mon
689
  mic
690
  mkl
@@ -696,94 +693,94 @@ own
696
  pol
697
  plea
698
  rem
699
- sr
700
  so
 
701
  sile
702
- sha
703
  ty
704
  tls
705
  txt
706
  xor
707
- ##yn
708
- ##sid
709
- ##sab
710
- ##scode
711
- ##tm
712
- ##ti
713
- ##e2
714
- ##ec
715
  ##ed
 
 
716
  ##e9
717
- ##ml
718
- ##3c
719
- ##36
720
- ##hex
721
- ##is
 
 
 
 
722
  ##if
 
723
  ##ib
 
 
 
 
 
 
 
724
  ##c5
725
  ##cre
726
- ##con
727
  ##cdump
728
  ##can
729
- ##pon
730
- ##pen
731
- ##port
732
- ##pcon
733
- ##du
734
- ##dce
735
- ##a7
736
- ##a36
737
- ##ring
738
- ##lac
739
  ##ux
 
740
  ##uin
741
- ##uscode
 
 
 
 
 
 
742
  ##12
743
- ##nt
744
- ##nect
745
- ##ft
746
- ##fen
747
- ##fil
748
- ##be9
749
  ##6a7
 
750
  ##41
751
- ##guin
752
  ##73
753
  ##773
754
- ##88
755
  ##ation
756
- ##atuscode
757
  ##roso
 
758
  except
759
- exfil
760
  ##inter
761
  ##intm
762
  ##ination
763
  ##lect
764
  ##leout
765
- ##red
766
- syml
767
  ##owke
768
  filename
 
769
  ##ord
770
  ##olve
771
  property
772
  progr
773
- ##alti
774
  ##alport
775
- ##tcpcon
776
  ##urce
777
- lsad
778
  win32
779
  state
780
  string
781
- statuscode
 
782
  ##active
783
  ##ote
784
  read
785
  repo
786
  realti
 
787
  ##icy
788
  ##core
789
  nettcpcon
@@ -807,12 +804,16 @@ locat
807
  server
808
  ##ingprocess
809
  starting
 
 
810
  defen
811
  dir
812
  disk
813
  disab
814
  ##pointm
815
  ##words
 
 
816
  ##aryco
817
  itemtype
818
  python3
@@ -820,12 +821,11 @@ python2
820
  servicepointm
821
  0x41
822
  account
823
- conso
824
  ##server
825
- ##lish
826
  ntdsutil
827
  while
828
- ##aca36
829
  ##accessib
830
  ##key
831
  providerpath
@@ -833,8 +833,8 @@ logout
833
  mimipen
834
  fore
835
  linux
836
- this
837
  true
 
838
  ##anager
839
  samfile
840
  elseif
@@ -844,17 +844,16 @@ atomics
844
  cmdkey
845
  dumpert
846
  dumpcre
847
- ##showke
 
 
848
  ##38c5
849
- ##2156
850
  ##2b2b
851
- ##passwords
852
- ##amfile
853
- ##ablish
854
  ##5638c5
 
855
  respon
856
  resolve
857
- redcan
858
  ##codehex
859
  located
860
  localport
@@ -870,13 +869,12 @@ bypass
870
  back
871
  class
872
  cleartex
873
- control
874
  clientaccessib
875
  certutil
876
  done
877
- dcsyn
878
  encodehex
879
- establish
880
  elif
881
  going
882
  gwmi
@@ -895,52 +893,51 @@ owningprocess
895
  policy
896
  please
897
  remote
898
- src
899
  source
 
900
  silent
901
- shared
902
  type
903
  tls12
904
  xordump
905
- ##e26a7
906
- ##3cbe9
907
  ##nection
908
- ##882156
 
 
 
 
909
  exception
910
  ##leoutput
911
- symlink
912
  propertytype
913
  programfile
914
- lsadump
915
  strings
 
 
916
  realtime
917
  nettcpconnection
918
  inside
919
  psexec
920
  location
 
 
921
  defender
922
  diskshadow
923
  disable
924
  servicepointmanager
925
- consoleoutput
926
  ##aca36882156
927
  mimipenguin
928
  dumpcreds
929
- ##2b2b5638c5
930
- response
931
  redcanaryco
 
932
  121dcee26a7
933
  adreplaccount
934
  cleartext
935
  clientaccessible
936
- dcsync
937
- established
938
  krshowkeymgr
939
  module
940
  microsoft
941
  noninteractive
942
- ##3cbe92b2b5638c5
943
  programfiles
944
- ##aca368821563cbe92b2b5638c5
945
- 121dcee26a7aca368821563cbe92b2b5638c5
946
  121dcee26a7aca368821563cbe92b2b5638c5773
 
69
  {
70
  |
71
  }
72
+ ##a
73
+ ##n
 
74
  ##e
 
 
 
 
 
 
75
  ##p
76
+ ##t
77
+ ##x
78
+ ##f
79
+ ##i
 
 
80
  ##l
81
+ ##o
82
+ ##m
83
+ ##k
84
+ ##r
85
+ ##d
86
+ ##c
87
  ##u
88
+ ##y
89
+ ##h
90
  ##w
 
 
 
 
 
 
 
91
  ##g
92
+ ##s
93
+ ##z
94
+ ##3
95
+ ##2
96
+ ##v
97
  ##8
 
98
  ##9
99
+ ##b
100
+ ##1
101
  ##0
102
  ##j
103
+ ##6
104
+ ##4
105
+ ##7
106
+ ##5
107
  ##at
108
+ ##em
109
  ##st
110
  ##er
111
  ##ut
 
129
  ##mp
130
  file
131
  out
 
 
132
  ##ar
133
+ ##ad
134
  ##ass
135
+ ##ce
136
  ##put
 
137
  ##pp
138
+ ##py
139
  output
140
  ##it
 
141
  ##or
142
+ ##ve
143
  ##emp
 
144
  ##ol
145
+ ##me
146
  pro
 
147
  ##al
148
+ ##ct
149
  ##ump
150
  mem
 
151
  ##nv
152
+ ##32
153
+ ##nt
154
  temp
155
  ##ch
156
  ##ur
 
164
  ##ame
165
  ##ll
166
  system32
 
167
  ##di
168
+ sh
 
 
169
  ##act
170
+ ##ion
171
  ##ot
172
+ ##der
173
+ ##dow
174
+ ##adow
175
+ window
176
  windows
 
177
  ne
178
  re
179
+ ##tc
180
  ##ic
 
 
 
181
  ##ls
182
+ ##kl
183
+ ##ract
184
+ ##co
185
  ##ate
186
  ##cho
187
  lsass
 
190
  it
191
  net
192
  pass
193
+ ##no
194
  ##pt
195
+ ##ter
196
  ##kdi
 
197
  hklm
198
  echo
199
  npp
200
  se
201
  te
 
 
202
  ##ag
203
  ##lo
204
+ ##dump
205
+ ##spy
206
  ##lea
207
  nppspy
208
  app
 
211
  in
212
  name
213
  rd
 
214
  tar
215
+ ##nd
216
  ##ty
217
  ##th
218
  ##ice
 
219
  ##rlea
220
+ ##cr
221
+ ##con
222
+ ##get
223
  ##vid
224
  ##vice
 
 
225
  ##roract
226
  ##rep
 
227
  ##cess
228
+ shadow
229
  new
230
  ##kdiag
231
  erroract
 
244
  ps
245
  sa
246
  vss
 
247
  ##pro
248
+ ##cur
249
  ##ue
250
  ##root
251
  ##art
252
  ##older
253
  passw
254
  ##nore
255
+ ##cont
256
  create
257
  ignore
258
  co
 
259
  if
260
+ id
261
  lo
262
  min
263
  ser
264
  scr
265
+ ##ent
266
+ ##pa
267
  ##to
268
  ##ipt
 
269
  ##ds
270
  ##ull
271
  ##ing
 
275
  ##alue
276
  ##omic
277
  start
 
278
  test
279
  ##load
 
280
  passwd
281
  minidump
282
  script
283
  00
284
+ con
285
  cur
286
  com
287
  de
 
290
  full
291
  he
292
  t1
293
+ ##name
294
  ##ex
 
295
  ##po
296
  ##per
297
+ ##md
298
  ##wor
299
+ ##sh
 
300
  ##03
301
  ##003
302
  ##str
303
+ ##rols
304
  ##ets
305
+ ##rent
306
  ##ary
307
  ##copy
 
308
  item
309
  ##thon
310
  list
311
  python
312
+ ##controls
313
  service
314
  ##omics
 
315
  001
316
+ current
317
  t1003
318
  ##perty
319
+ ##controlset
320
  currentcontrolset
321
  0x
322
  13
323
  ac
324
  bin
325
  cut
 
326
  dr
327
  dmp
328
  grep
 
332
  rv
333
  uname
334
  value
335
+ ##nal
336
+ ##en
337
+ ##fi
338
+ ##folder
339
+ ##li
340
+ ##op
341
  ##mi
 
 
342
  ##kat
343
  ##kpro
344
+ ##cat
 
345
  ##ume
346
+ ##und
347
+ ##yload
348
+ ##ser
349
  ##atomics
350
  ##roperty
351
  exit
 
360
  itemproperty
361
  networ
362
  secur
 
363
  save
364
  copy
365
  ##payload
 
369
  host
370
  letter
371
  ntds
372
+ ##nalpayload
373
  ##katz
374
  ##kprovider
 
375
  ##atomicsfolder
376
  externalpayload
377
  pathtoatomicsfolder
 
382
  mi
383
  si
384
  wh
385
+ ##ap
386
+ ##ac
387
  ##eb
 
 
 
 
388
  ##pe
389
+ ##ps
390
  ##path
391
+ ##il
 
 
 
392
  ##ke
393
+ ##rv
394
+ ##de
395
+ ##cs
396
+ ##cmd
397
  ##ul
398
+ ##unt
399
+ ##sk
 
400
  ##ze
401
+ ##64
402
  ##ster
403
  ##cept
404
  provider
405
  apppo
406
  appcmd
407
  inets
 
408
  master
409
  log
410
  testcat
411
+ confi
412
  heap
413
+ ##shadow
414
  mimi
415
  size
416
  apppool
417
  inetsrv
418
+ config
419
  cal
420
  dom
421
  els
 
431
  pg
432
  ra
433
  rund
 
 
434
  su
435
+ s3
436
  tr
437
+ th
438
  ter
439
  vs
440
  wm
441
  wr
442
+ ##an
443
+ ##ain
 
 
444
  ##ect
445
  ##eul
446
+ ##tract
447
+ ##tps
448
+ ##xt
449
  ##ich
450
  ##do
451
  ##ddi
452
+ ##ub
453
+ ##h1
454
+ ##hub
455
  ##wn
 
 
 
456
  ##gr
457
+ ##se
458
+ ##sv
459
+ ##3th
460
+ ##volume
461
+ ##bal
462
+ ##1ss
463
  extract
464
  ##rect
465
  ##ite
 
468
  ##ll32
469
  ##ated
470
  ##nodump
 
471
  ##type
472
+ shadowcopy
473
  ps1
474
  sam
475
  ##cur3th
 
482
  ##lient
483
  which
484
  ##skvolume
 
485
  providerorder
486
+ ##shadowcopy
487
  mimikatz
488
  call
489
  domain
490
  else
491
+ github
492
  global
493
  https
494
  harddi
 
496
  pgrep
497
  raw
498
  rundll32
 
499
  sudo
500
+ s3cur3th
501
  term
502
  vsc
503
  wmic
 
509
  directory
510
  accepteula
511
  ##skvolumeshadowcopy
 
512
  globalroot
513
  harddiskvolumeshadowcopy
514
  s3cur3th1ssh1t
 
516
  and
517
  be
518
  cmd
 
519
  do
520
+ dd
521
  dow
522
  dit
523
  dump
524
  dot
 
525
  ed
526
+ es
527
  f2
528
  f1
529
  fre
 
548
  wa
549
  web
550
  x64
551
+ ##am
552
+ ##ab
553
+ ##net
554
+ ##nload
555
+ ##pass
556
+ ##pwn
557
+ ##file
558
+ ##ip
559
+ ##out
560
+ ##oke
561
  ##mem
562
  ##min
563
  ##mit
564
+ ##mgr
565
+ ##kur
 
 
 
 
 
 
 
566
  ##dmp
567
  ##dated
568
+ ##col
569
+ ##client
570
+ ##user
571
+ ##ymgr
572
+ ##wow
573
+ ##so
574
+ ##sd
575
+ ##swow
576
+ ##38
577
+ ##2b
578
+ ##21
579
  ##ver
580
  ##value
 
 
 
 
 
 
 
581
  ##ject
582
+ ##56
583
  ##ert
584
  ##erdump
585
  ##utl
586
  ##util
587
  expa
588
  ##ink
589
+ syswow
 
590
  exepath
591
+ ##admin
592
  ##pykatz
593
  ##ort
594
  lsa
595
  winpwn
 
 
596
  red
597
+ res
598
+ ##lsa
599
  ##code
600
  ##count
 
601
  ##chost
602
  secr
603
  sekur
 
608
  pypykatz
609
  vssadmin
610
  ##proto
611
+ ##content
612
  count
613
  loc
 
614
  ##entutl
615
+ procdump
616
  scripts
617
  dest
618
  force
 
623
  logon
624
  found
625
  line
 
626
  try
627
+ then
628
  githubuser
629
  download
630
  dotnet
 
643
  venv
644
  wait
645
  webclient
 
 
646
  expand
647
  syswow64
648
  secrets
 
661
  bac
662
  cl
663
  cle
 
664
  can
665
  client
666
  cert
 
674
  gw
675
  gre
676
  gse
 
677
  io
678
  iw
679
+ is
680
  imp
681
  ke
682
  kr
 
683
  mo
684
+ mm
685
  mon
686
  mic
687
  mkl
 
693
  pol
694
  plea
695
  rem
 
696
  so
697
+ sr
698
  sile
 
699
  ty
700
  tls
701
  txt
702
  xor
703
+ ##a3
704
+ ##a7
705
+ ##are
706
+ ##nc
707
+ ##nect
 
 
 
708
  ##ed
709
+ ##ec
710
+ ##e2
711
  ##e9
712
+ ##pon
713
+ ##pcon
714
+ ##pen
715
+ ##port
716
+ ##ti
717
+ ##tm
718
+ ##tro
719
+ ##ft
720
+ ##fen
721
  ##if
722
+ ##is
723
  ##ib
724
+ ##lac
725
+ ##link
726
+ ##mlink
727
+ ##ring
728
+ ##du
729
+ ##dce
730
+ ##cb
731
  ##c5
732
  ##cre
 
733
  ##cdump
734
  ##can
 
 
 
 
 
 
 
 
 
 
735
  ##ux
736
+ ##us
737
  ##uin
738
+ ##ync
739
+ ##hex
740
+ ##guin
741
+ ##sid
742
+ ##sab
743
+ ##3cb
744
+ ##88
745
  ##12
 
 
 
 
 
 
746
  ##6a7
747
+ ##688
748
  ##41
 
749
  ##73
750
  ##773
 
751
  ##ation
752
+ ##atus
753
  ##roso
754
+ exfi
755
  except
 
756
  ##inter
757
  ##intm
758
  ##ination
759
  ##lect
760
  ##leout
761
+ symlink
 
762
  ##owke
763
  filename
764
+ ##adump
765
  ##ord
766
  ##olve
767
  property
768
  progr
 
769
  ##alport
770
+ ##alti
771
  ##urce
772
+ lsadump
773
  win32
774
  state
775
  string
776
+ status
777
+ share
778
  ##active
779
  ##ote
780
  read
781
  repo
782
  realti
783
+ ##tcpcon
784
  ##icy
785
  ##core
786
  nettcpcon
 
804
  server
805
  ##ingprocess
806
  starting
807
+ conso
808
+ contro
809
  defen
810
  dir
811
  disk
812
  disab
813
  ##pointm
814
  ##words
815
+ ##shed
816
+ ##showke
817
  ##aryco
818
  itemtype
819
  python3
 
821
  servicepointm
822
  0x41
823
  account
824
+ ##lished
825
  ##server
 
826
  ntdsutil
827
  while
828
+ ##aca3
829
  ##accessib
830
  ##key
831
  providerpath
 
833
  mimipen
834
  fore
835
  linux
 
836
  true
837
+ this
838
  ##anager
839
  samfile
840
  elseif
 
844
  cmdkey
845
  dumpert
846
  dumpcre
847
+ ##amfile
848
+ ##ablished
849
+ ##passwords
850
  ##38c5
 
851
  ##2b2b
852
+ ##2156
 
 
853
  ##5638c5
854
+ redcan
855
  respon
856
  resolve
 
857
  ##codehex
858
  located
859
  localport
 
869
  back
870
  class
871
  cleartex
 
872
  clientaccessib
873
  certutil
874
  done
875
+ dcsync
876
  encodehex
877
+ established
878
  elif
879
  going
880
  gwmi
 
893
  policy
894
  please
895
  remote
 
896
  source
897
+ src
898
  silent
 
899
  type
900
  tls12
901
  xordump
 
 
902
  ##nection
903
+ ##e26a7
904
+ ##e92b2b
905
+ ##3cbe92b2b
906
+ ##6882156
907
+ exfil
908
  exception
909
  ##leoutput
 
910
  propertytype
911
  programfile
 
912
  strings
913
+ statuscode
914
+ shared
915
  realtime
916
  nettcpconnection
917
  inside
918
  psexec
919
  location
920
+ consoleoutput
921
+ control
922
  defender
923
  diskshadow
924
  disable
925
  servicepointmanager
 
926
  ##aca36882156
927
  mimipenguin
928
  dumpcreds
929
+ ##5638c5773
 
930
  redcanaryco
931
+ response
932
  121dcee26a7
933
  adreplaccount
934
  cleartext
935
  clientaccessible
 
 
936
  krshowkeymgr
937
  module
938
  microsoft
939
  noninteractive
940
+ ##3cbe92b2b5638c5773
941
  programfiles
942
+ ##aca368821563cbe92b2b5638c5773
 
943
  121dcee26a7aca368821563cbe92b2b5638c5773