github.com/iDigitalFlame/xmt@v0.5.4/tools/strs.json (about) 1 { 2 "0": { 3 "value": "@SHELL@", 4 "tags": [ 5 "!implant" 6 ] 7 }, 8 "1": { 9 "value": "ID", 10 "tags": [ 11 "scripts", 12 "!darwin", 13 "!js", 14 "!windows" 15 ] 16 }, 17 "2": { 18 "value": "OS", 19 "tags": [ 20 "scripts" 21 ] 22 }, 23 "3": { 24 "value": "PID", 25 "tags": [ 26 "scripts" 27 ] 28 }, 29 "4": { 30 "value": "PPID", 31 "tags": [ 32 "scripts" 33 ] 34 }, 35 "5": { 36 "value": "ADMIN", 37 "tags": [ 38 "scripts" 39 ] 40 }, 41 "6": { 42 "value": "HOSTNAME", 43 "tags": [ 44 "scripts" 45 ] 46 }, 47 "7": { 48 "value": "*.jpg", 49 "tags": [ 50 "windows" 51 ] 52 }, 53 "8": { 54 "value": "*.dll" 55 }, 56 "9": { 57 "value": "amazon.com\namazonaws.com\napple.com\naws.amazon.com\nbing.com\ndocs.google.com\nduckduckgo.com\nebay.com\nfacebook.com\ngithub.com\ngmail.com\ngoogle.com\nimages.google.com\nimg.t.co\ninstagram.com\nlinkedin.com\nlogin.live.com\nmaps.google.com\nmicrosoft.com\nmsn.com\noffice.com\noffice365.com\noutlook.com\noutlook.office.com\npaypal.com\nredd.it\nreddit.com\ns3.amazon.com\nsharepoint.com\nslack.com\nspotify.com\nt.co\ntwimg.com\ntwitch.tv\ntwitter.com\nupdate.windows.com\nwalmart.com\nwikipedia.org\nwindows.com\nxp.apple.com\nyahoo.com" 58 }, 59 "10": { 60 "value": "SYSTEMROOT", 61 "tags": [ 62 "windows" 63 ] 64 }, 65 "11": { 66 "value": "/proc/", 67 "tags": [ 68 "!js", 69 "!windows" 70 ] 71 }, 72 "12": { 73 "value": "/status", 74 "tags": [ 75 "!js", 76 "!windows" 77 ] 78 }, 79 "13": { 80 "value": "ip" 81 }, 82 "14": { 83 "value": "tcp" 84 }, 85 "15": { 86 "value": "udp" 87 }, 88 "16": { 89 "value": "unix" 90 }, 91 "17": { 92 "value": "pipe" 93 }, 94 "18": { 95 "value": "http" 96 }, 97 "19": { 98 "value": "0766", 99 "tags": [ 100 "!windows" 101 ] 102 }, 103 "20": { 104 "value": "/var/run/", 105 "tags": [ 106 "!windows" 107 ] 108 }, 109 "21": { 110 "value": "/tmp/", 111 "tags": [ 112 "!windows" 113 ] 114 }, 115 "22": { 116 "value": "D:PAI(A;;FA;;;WD)(A;;FA;;;SY)", 117 "tags": [ 118 "windows" 119 ] 120 }, 121 "23": { 122 "value": "connection timeout", 123 "tags": [ 124 "windows" 125 ] 126 }, 127 "24": { 128 "value": "empty connection", 129 "tags": [ 130 "windows" 131 ] 132 }, 133 "25": { 134 "value": "\\\\.\\pipe\\", 135 "tags": [ 136 "windows" 137 ] 138 }, 139 "26": { 140 "value": "User-Agent" 141 }, 142 "27": { 143 "value": "wc2" 144 }, 145 "28": { 146 "value": "Upgrade" 147 }, 148 "29": { 149 "value": "websocket" 150 }, 151 "30": { 152 "value": "Connection" 153 }, 154 "31": { 155 "value": "0.0.0.0" 156 }, 157 "32": { 158 "value": "/bin/sh", 159 "tags": [ 160 "!js", 161 "!windows" 162 ] 163 }, 164 "33": { 165 "value": "pwsh", 166 "tags": [ 167 "!js", 168 "!windows" 169 ] 170 }, 171 "34": { 172 "value": "/proc/self/status", 173 "tags": [ 174 "!js", 175 "!windows" 176 ] 177 }, 178 "35": { 179 "value": "HOME", 180 "tags": [ 181 "!js", 182 "!windows" 183 ] 184 }, 185 "36": { 186 "value": "/sdcard", 187 "tags": [ 188 "!js", 189 "!windows" 190 ] 191 }, 192 "37": { 193 "value": "/var/run/utmp", 194 "tags": [ 195 "!js", 196 "!windows" 197 ] 198 }, 199 "38": { 200 "value": "/proc/self/mounts", 201 "tags": [ 202 "!js", 203 "!windows" 204 ] 205 }, 206 "39": { 207 "value": "/etc/mtab", 208 "tags": [ 209 "!js", 210 "!windows" 211 ] 212 }, 213 "40": { 214 "value": "/maps", 215 "tags": [ 216 "!js", 217 "!windows" 218 ] 219 }, 220 "41": { 221 "value": "/mem", 222 "tags": [ 223 "!js", 224 "!windows" 225 ] 226 }, 227 "42": { 228 "value": "powershell.exe", 229 "tags": [ 230 "windows" 231 ] 232 }, 233 "43": { 234 "value": "hal.dll\nwmi.dll\nwpx.dll\nwdc.dll\nzipfldr.dll\ninput.dll\nspp.dll", 235 "tags": [ 236 "windows" 237 ] 238 }, 239 "44": { 240 "value": "ComSpec", 241 "tags": [ 242 "windows" 243 ] 244 }, 245 "45": { 246 "value": "WinDir", 247 "tags": [ 248 "windows" 249 ] 250 }, 251 "46": { 252 "value": "\\system32\\cmd.exe", 253 "tags": [ 254 "windows" 255 ] 256 }, 257 "47": { 258 "value": "%WinDir%\\system32\\cmd.exe", 259 "tags": [ 260 "windows" 261 ] 262 }, 263 "48": { 264 "value": "USERPROFILE", 265 "tags": [ 266 "windows" 267 ] 268 }, 269 "49": { 270 "value": "/proc/vz", 271 "tags": [ 272 "!386", 273 "!amd64", 274 "!s390x", 275 "!windows" 276 ] 277 }, 278 "50": { 279 "value": "/proc/bc", 280 "tags": [ 281 "!386", 282 "!amd64", 283 "!s390x", 284 "!windows" 285 ] 286 }, 287 "51": { 288 "value": "/.dockerenv", 289 "tags": [ 290 "!386", 291 "!amd64", 292 "!s390x", 293 "!windows" 294 ] 295 }, 296 "52": { 297 "value": "/run/.containerenv", 298 "tags": [ 299 "!386", 300 "!amd64", 301 "!s390x", 302 "!windows" 303 ] 304 }, 305 "53": { 306 "value": "/run/systemd/container", 307 "tags": [ 308 "!386", 309 "!amd64", 310 "!s390x", 311 "!windows" 312 ] 313 }, 314 "54": { 315 "value": "/proc/sys/kernel/osrelease", 316 "tags": [ 317 "!386", 318 "!amd64", 319 "!s390x", 320 "!windows" 321 ] 322 }, 323 "55": { 324 "value": "/comm", 325 "tags": [ 326 "!386", 327 "!amd64", 328 "!s390x", 329 "!windows" 330 ] 331 }, 332 "56": { 333 "value": "CONTAINER", 334 "tags": [ 335 "!386", 336 "!amd64", 337 "!s390x", 338 "!windows" 339 ] 340 }, 341 "57": { 342 "value": "/proc/1/environ", 343 "tags": [ 344 "!386", 345 "!amd64", 346 "!s390x", 347 "!windows" 348 ] 349 }, 350 "58": { 351 "value": "/proc/cpuinfo", 352 "tags": [ 353 "!386", 354 "!amd64", 355 "!s390x", 356 "!windows" 357 ] 358 }, 359 "59": { 360 "value": "/sys/class/dmi/id/sys_vendor", 361 "tags": [ 362 "!386", 363 "!amd64", 364 "!s390x", 365 "!windows" 366 ] 367 }, 368 "60": { 369 "value": "/sys/class/dmi/id/board_vendor", 370 "tags": [ 371 "!386", 372 "!amd64", 373 "!s390x", 374 "!windows" 375 ] 376 }, 377 "61": { 378 "value": "/sys/class/dmi/id/bios_vendor", 379 "tags": [ 380 "!386", 381 "!amd64", 382 "!s390x", 383 "!windows" 384 ] 385 }, 386 "62": { 387 "value": "/sys/class/dmi/id/product_version", 388 "tags": [ 389 "!386", 390 "!amd64", 391 "!s390x", 392 "!windows" 393 ] 394 }, 395 "63": { 396 "value": "Hardware\\Description\\System\\BIOS", 397 "tags": [ 398 "!386", 399 "!amd64", 400 "!s390x", 401 "windows" 402 ] 403 }, 404 "64": { 405 "value": "BaseBoardManufacturer", 406 "tags": [ 407 "!386", 408 "!amd64", 409 "!s390x", 410 "windows" 411 ] 412 }, 413 "65": { 414 "value": "BaseBoardProduct", 415 "tags": [ 416 "!386", 417 "!amd64", 418 "!s390x", 419 "windows" 420 ] 421 }, 422 "66": { 423 "value": "BIOSVendor", 424 "tags": [ 425 "!386", 426 "!amd64", 427 "!s390x", 428 "windows" 429 ] 430 }, 431 "67": { 432 "value": "SystemManufacturer", 433 "tags": [ 434 "!386", 435 "!amd64", 436 "!s390x", 437 "windows" 438 ] 439 }, 440 "68": { 441 "value": "SystemFamily", 442 "tags": [ 443 "!386", 444 "!amd64", 445 "!s390x", 446 "windows" 447 ] 448 }, 449 "69": { 450 "value": "SystemProductName", 451 "tags": [ 452 "!386", 453 "!amd64", 454 "!s390x", 455 "windows" 456 ] 457 }, 458 "70": { 459 "value": "SystemVersion", 460 "tags": [ 461 "!386", 462 "!amd64", 463 "!s390x", 464 "windows" 465 ] 466 }, 467 "71": { 468 "value": "lsattr -l sys0 -a os_uuid -E", 469 "tags": [ 470 "!android", 471 "!darwin", 472 "!js", 473 "!linux", 474 "!plan9", 475 "!windows" 476 ] 477 }, 478 "72": { 479 "value": "sysctl -n hw.uuid", 480 "tags": [ 481 "!android", 482 "!darwin", 483 "!js", 484 "!linux", 485 "!plan9", 486 "!windows" 487 ] 488 }, 489 "73": { 490 "value": "/etc/hostid", 491 "tags": [ 492 "!android", 493 "!darwin", 494 "!js", 495 "!linux", 496 "!windows" 497 ] 498 }, 499 "74": { 500 "value": "kenv -q smbios.system.uuid", 501 "tags": [ 502 "!android", 503 "!darwin", 504 "!js", 505 "!linux", 506 "!windows" 507 ] 508 }, 509 "75": { 510 "value": "PRETTY_NAME", 511 "tags": [ 512 "!darwin", 513 "!js", 514 "!windows" 515 ] 516 }, 517 "76": { 518 "value": "VERSION_ID", 519 "tags": [ 520 "!darwin", 521 "!js", 522 "!windows" 523 ] 524 }, 525 "77": { 526 "value": "freebsd-version -k", 527 "tags": [ 528 "!android", 529 "!darwin", 530 "!js", 531 "!linux", 532 "!plan9", 533 "!windows" 534 ] 535 }, 536 "78": { 537 "value": "BSD", 538 "tags": [ 539 "!android", 540 "!darwin", 541 "!js", 542 "!linux", 543 "!plan9", 544 "!windows" 545 ] 546 }, 547 "79": { 548 "value": "JavaScript", 549 "tags": [ 550 "js" 551 ] 552 }, 553 "80": { 554 "value": "/var/lib/dbus/machine-id", 555 "tags": [ 556 "android", 557 "linux" 558 ] 559 }, 560 "81": { 561 "value": "/etc/machine-id", 562 "tags": [ 563 "android", 564 "linux" 565 ] 566 }, 567 "82": { 568 "value": "Linux", 569 "tags": [ 570 "android", 571 "linux" 572 ] 573 }, 574 "83": { 575 "value": "framework-v7" 576 }, 577 "84": { 578 "value": "/usr/sbin/ioreg -rd1 -c IOPlatformExpertDevice", 579 "tags": [ 580 "darwin", 581 "ios" 582 ] 583 }, 584 "85": { 585 "value": "IOPlatformUUID", 586 "tags": [ 587 "darwin", 588 "ios" 589 ] 590 }, 591 "86": { 592 "value": "/usr/bin/sw_vers", 593 "tags": [ 594 "darwin", 595 "ios" 596 ] 597 }, 598 "87": { 599 "value": "PRODUCTNAME", 600 "tags": [ 601 "darwin", 602 "ios" 603 ] 604 }, 605 "88": { 606 "value": "BUILDVERSION", 607 "tags": [ 608 "darwin", 609 "ios" 610 ] 611 }, 612 "89": { 613 "value": "PRODUCTVERSION", 614 "tags": [ 615 "darwin", 616 "ios" 617 ] 618 }, 619 "90": { 620 "value": "MacOS", 621 "tags": [ 622 "darwin", 623 "ios" 624 ] 625 }, 626 "91": { 627 "value": "plan9", 628 "tags": [ 629 "plan9" 630 ] 631 }, 632 "92": { 633 "value": "/etc", 634 "tags": [ 635 "!darwin", 636 "!ios", 637 "!js", 638 "!windows" 639 ] 640 }, 641 "93": { 642 "value": "release", 643 "tags": [ 644 "!darwin", 645 "!ios", 646 "!js", 647 "!windows" 648 ] 649 }, 650 "94": { 651 "value": "Software\\Microsoft\\Cryptography", 652 "tags": [ 653 "windows" 654 ] 655 }, 656 "95": { 657 "value": "MachineGuid", 658 "tags": [ 659 "windows" 660 ] 661 }, 662 "96": { 663 "value": "Software\\Microsoft\\Windows NT\\CurrentVersion", 664 "tags": [ 665 "windows" 666 ] 667 }, 668 "97": { 669 "value": "ProductName", 670 "tags": [ 671 "windows" 672 ] 673 }, 674 "98": { 675 "value": "Windows", 676 "tags": [ 677 "windows" 678 ] 679 }, 680 "99": { 681 "value": "\\SystemRoot", 682 "tags": [ 683 "windows" 684 ] 685 }, 686 "100": { 687 "value": "SeDebugPrivilege", 688 "tags": [ 689 "windows" 690 ] 691 }, 692 "101": { 693 "value": "amsi.dll", 694 "tags": [ 695 "windows" 696 ] 697 }, 698 "102": { 699 "value": "ntdll.dll", 700 "tags": [ 701 "windows" 702 ] 703 }, 704 "103": { 705 "value": "gdi32.dll", 706 "tags": [ 707 "windows" 708 ] 709 }, 710 "104": { 711 "value": "user32.dll", 712 "tags": [ 713 "windows" 714 ] 715 }, 716 "105": { 717 "value": "winhttp.dll", 718 "tags": [ 719 "windows" 720 ] 721 }, 722 "106": { 723 "value": "DbgHelp.dll", 724 "tags": [ 725 "windows" 726 ] 727 }, 728 "107": { 729 "value": "crypt32.dll", 730 "tags": [ 731 "windows" 732 ] 733 }, 734 "108": { 735 "value": "kernel32.dll", 736 "tags": [ 737 "windows" 738 ] 739 }, 740 "109": { 741 "value": "advapi32.dll", 742 "tags": [ 743 "windows" 744 ] 745 }, 746 "110": { 747 "value": "wtsapi32.dll", 748 "tags": [ 749 "windows" 750 ] 751 }, 752 "111": { 753 "value": "kernelbase.dll", 754 "tags": [ 755 "windows" 756 ] 757 }, 758 "112": { 759 "value": "psapi.dll", 760 "tags": [ 761 "windows" 762 ] 763 }, 764 "113": { 765 "value": "localhost:" 766 }, 767 "114": { 768 "value": "*.so" 769 }, 770 "115": { 771 "value": "*.exe" 772 }, 773 "116": { 774 "value": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.88 Safari/537.36" 775 }, 776 "117": { 777 "value": "\\\\.\\mailslot\\", 778 "tags": [ 779 "windows" 780 ] 781 }, 782 "118": { 783 "value": "Global\\", 784 "tags": [ 785 "windows" 786 ] 787 }, 788 "119": { 789 "value": "\\\\.\\C:", 790 "tags": [ 791 "windows" 792 ] 793 }, 794 "120": { 795 "value": "(\\%(\\d+f?)?[dhcsuln])", 796 "tags": [ 797 "regexp" 798 ] 799 }, 800 "121": { 801 "value": "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789" 802 } 803 }