Example: incident-response

Inputs
Profile
Report outputs
- Triage report (converted from triage_report.json)
- CSV outputs

Inputs

examples/inputs/incident-response-samples/credential_access.txt
examples/inputs/incident-response-samples/data_exfiltration.txt
examples/inputs/incident-response-samples/lateral_movement.txt
examples/inputs/incident-response-samples/persistence_indicators.sh

Profile

# Incident Response Profile
# Profile for incident response and forensic analysis

decode = ["base64", "hex", "percent-encoding", "unicode-escape-sequences"]

max-file-size = 104857600  # 100 MiB

include-path-globs = []
exclude-path-globs = []

tag = "incident-response"

# C2 Communication Indicators
[[patterns]]
  name = "URL Pattern"
  pattern = "https?://((\\w+)|((\\d+\\.){3}\\d+))(:\\d+)?/\\S+"
  type = "regex"

[[patterns]]
  name = "IP Address"
  pattern = "\\b(?:\\d{1,3}\\.){3}\\d{1,3}\\b"
  type = "regex"

[[patterns]]
  name = "Domain with Port"
  pattern = "[a-zA-Z0-9][-a-zA-Z0-9]*\\.[a-zA-Z]{2,}:\\d+"
  type = "regex"

# Persistence Mechanisms
[[patterns]]
  name = "Cron Entry"
  pattern = "^\\s*(\\*|\\d+)\\s+(\\*|\\d+)\\s+(\\*|\\d+)\\s+(\\*|\\d+)\\s+(\\*|\\d+)\\s+"
  type = "regex"

[[patterns]]
  name = "Registry Run Key"
  pattern = "Software\\\\Microsoft\\\\Windows\\\\CurrentVersion\\\\Run"
  type = "regex"
  case-insensitive = true

[[patterns]]
  name = "Scheduled Task"
  pattern = "schtasks\\s+/create"
  type = "regex"
  case-insensitive = true

# Lateral Movement
[[patterns]]
  name = "PsExec Usage"
  pattern = "psexec\\s+(\\\\\\\\)?[\\w.-]+"
  type = "regex"
  case-insensitive = true

[[patterns]]
  name = "WMI Command"
  pattern = "wmic\\s+/node:"
  type = "regex"
  case-insensitive = true

[[patterns]]
  name = "SSH Command"
  pattern = "ssh\\s+(-[\\w]+\\s+)*[\\w@.-]+"
  type = "regex"

# Data Exfiltration
[[patterns]]
  name = "Large Data Copy"
  pattern = "(xcopy|robocopy|tar\\s+cf|zip\\s+-r)"
  type = "regex"
  case-insensitive = true

[[patterns]]
  name = "FTP Command"
  pattern = "ftp\\s+[\\w.-]+"
  type = "regex"

[[patterns]]
  name = "Cloud Upload"
  pattern = "(aws\\s+s3\\s+cp|gsutil\\s+cp|azcopy)"
  type = "regex"

# Credential Access
[[patterns]]
  name = "Mimikatz"
  pattern = "mimikatz|sekurlsa::logonpasswords"
  type = "regex"
  case-insensitive = true

[[patterns]]
  name = "LSASS Dump"
  pattern = "lsass\\.dmp|lsass\\.exe"
  type = "regex"
  case-insensitive = true

[[patterns]]
  name = "Shadow Copy"
  pattern = "vssadmin.*shadows|ntdsutil.*snapshot"
  type = "regex"
  case-insensitive = true

# Encoding and Obfuscation
[[patterns]]
  name = "Base64 Decode"
  pattern = "base64\\s+-d|FromBase64String|atob\\("
  type = "regex"
  case-insensitive = true

[[patterns]]
  name = "Certutil Download"
  pattern = "certutil.*-urlcache.*-split"
  type = "regex"
  case-insensitive = true

# Known Bad Indicators
[[patterns]]
  name = "OAST Domain"
  pattern = "(\\w+\\.)+(oast\\.me|burpcollaborator\\.net|interact\\.sh)"
  type = "regex"

[[patterns]]
  name = "Pastebin/Hastebin"
  pattern = "(pastebin\\.com|hastebin\\.com|paste\\.ee)/raw/"
  type = "regex"

# Signatures
[[signatures]]
  name = "High Entropy Files"
  query = "SELECT sha256 FROM unique_files WHERE shannon_entropy > 7.0"

[[signatures]]
  name = "Files with Network and Encoding Indicators"
  query = "SELECT DISTINCT sha256 FROM pattern_matches WHERE pattern_name = 'URL Pattern' AND sha256 IN (SELECT sha256 FROM pattern_matches WHERE pattern_name = 'Base64 Decode')"

[[signatures]]
  name = "Files with Persistence and C2"
  query = "SELECT sha256, COUNT(DISTINCT pattern_name) as indicator_count FROM pattern_matches WHERE pattern_name IN ('Registry Run Key', 'Cron Entry', 'Scheduled Task', 'URL Pattern', 'IP Address') GROUP BY sha256 HAVING indicator_count > 2"

Report outputs

Triage report (converted from triage_report.json)

total_files	6
critical_count	0
high_count	0
medium_count	0
low_count	1
minimal_count	5
must_investigate_count	0
all_scores	None
generated_at	2025-12-03T09:19:43.851413371+00:00

top_scores

file_type	file_type_score	must_investigate	path	pattern_count_score	pattern_matches	pattern_severity_score	reasons	risk_level	score	sha256
Script	20	False	/persistence_indicators.sh	15	12	12	["12 suspicious patterns detected"]	Low	47	2bbf8049420f6fa9aaca4d2a555847fe6629060a462d562d45a3ad500c4adc51
Other	0	False	/lateral_movement.txt	15	17	14	["17 suspicious patterns detected"]	Minimal	29	77c31b59fca0dfabbec4e1a539fff381ff2f7a1b02d5fa5910b7a2029dde44f9
Other	0	False	/credential_access.txt/credential_access.txt.unicode-escape-sequences	15	17	14	["17 suspicious patterns detected"]	Minimal	29	9594b8608605933c88923a608d129720f305d12223df224937d1bfad81c8677e
Other	0	False	/credential_access.txt	15	17	14	["17 suspicious patterns detected"]	Minimal	29	7e7eca3c8e6b17d20e3eeb96536ff5720faa80b2bd79e3c7abf3701f2fa3e129
Other	0	False	/data_exfiltration.txt	15	14	13	["14 suspicious patterns detected"]	Minimal	28	f640a3db6d1cf9c2344ec7eb8dd1bc1468f0a01778046439c26adfcfe6fafa81
Other	0	False	/persistence_indicators.sh/persistence_indicators.sh.unicode-escape-sequences	10	10	11	["10 suspicious patterns detected"]	Minimal	21	14fa97f55252ce4a4d29ac509fb831bc7bf5fc72c38774d7adad704a6df96728

CSV outputs

errors.csv

Empty CSV

files.csv

path	file_name	sha256	file_created	file_modified	file_accessed	mime_types_from_file_extension	is_decoded_file
/lateral_movement.txt	lateral_movement.txt	77c31b59fca0dfabbec4e1a539fff381ff2f7a1b02d5fa5910b7a2029dde44f9	2025-12-03T08:56:20.495889189Z	2025-12-03T08:56:20.495889189Z	2025-12-03T08:56:20.495889189Z	["text/plain"]	0
/data_exfiltration.txt	data_exfiltration.txt	f640a3db6d1cf9c2344ec7eb8dd1bc1468f0a01778046439c26adfcfe6fafa81	2025-12-03T08:56:20.495889189Z	2025-12-03T08:56:20.495889189Z	2025-12-03T08:56:20.495889189Z	["text/plain"]	0
/persistence_indicators.sh/persistence_indicators.sh.unicode-escape-sequences	persistence_indicators.sh.unicode-escape-sequences	14fa97f55252ce4a4d29ac509fb831bc7bf5fc72c38774d7adad704a6df96728				[]	1
/persistence_indicators.sh	persistence_indicators.sh	2bbf8049420f6fa9aaca4d2a555847fe6629060a462d562d45a3ad500c4adc51	2025-12-03T08:56:20.496889204Z	2025-12-03T08:56:20.496889204Z	2025-12-03T08:56:20.496889204Z	["text/x-shellscript"]	0
/credential_access.txt/credential_access.txt.unicode-escape-sequences	credential_access.txt.unicode-escape-sequences	9594b8608605933c88923a608d129720f305d12223df224937d1bfad81c8677e				[]	1
/credential_access.txt	credential_access.txt	7e7eca3c8e6b17d20e3eeb96536ff5720faa80b2bd79e3c7abf3701f2fa3e129	2025-12-03T08:56:20.495889189Z	2025-12-03T08:56:20.495889189Z	2025-12-03T08:56:20.495889189Z	["text/plain"]	0

pattern_matches.csv

id	sha256	pattern_name	match_type	match	location	length
1	77c31b59fca0dfabbec4e1a539fff381ff2f7a1b02d5fa5910b7a2029dde44f9	IP Address	regex	192.168.1.100	5:9	13
2	77c31b59fca0dfabbec4e1a539fff381ff2f7a1b02d5fa5910b7a2029dde44f9	IP Address	regex	192.168.1.50	10:11	12
3	77c31b59fca0dfabbec4e1a539fff381ff2f7a1b02d5fa5910b7a2029dde44f9	IP Address	regex	192.168.1.1	15:9	11
4	77c31b59fca0dfabbec4e1a539fff381ff2f7a1b02d5fa5910b7a2029dde44f9	IP Address	regex	10.0.0.5	17:10	8
5	77c31b59fca0dfabbec4e1a539fff381ff2f7a1b02d5fa5910b7a2029dde44f9	IP Address	regex	192.168.1.100	20:9	13
6	77c31b59fca0dfabbec4e1a539fff381ff2f7a1b02d5fa5910b7a2029dde44f9	IP Address	regex	10.0.0.1	21:9	8
7	77c31b59fca0dfabbec4e1a539fff381ff2f7a1b02d5fa5910b7a2029dde44f9	IP Address	regex	192.168.1.100	24:33	13
8	77c31b59fca0dfabbec4e1a539fff381ff2f7a1b02d5fa5910b7a2029dde44f9	PsExec Usage	regex	PsExec patterns	4:2	15
9	77c31b59fca0dfabbec4e1a539fff381ff2f7a1b02d5fa5910b7a2029dde44f9	PsExec Usage	regex	psexec \\192.168.1.100	5:0	22
10	77c31b59fca0dfabbec4e1a539fff381ff2f7a1b02d5fa5910b7a2029dde44f9	PsExec Usage	regex	psexec \\fileserver	6:0	19
11	77c31b59fca0dfabbec4e1a539fff381ff2f7a1b02d5fa5910b7a2029dde44f9	PsExec Usage	regex	psexec \\dc01.domain.local	7:0	26
12	77c31b59fca0dfabbec4e1a539fff381ff2f7a1b02d5fa5910b7a2029dde44f9	WMI Command	regex	wmic /node:	10:0	11
13	77c31b59fca0dfabbec4e1a539fff381ff2f7a1b02d5fa5910b7a2029dde44f9	WMI Command	regex	wmic /node:	11:0	11
14	77c31b59fca0dfabbec4e1a539fff381ff2f7a1b02d5fa5910b7a2029dde44f9	WMI Command	regex	wmic /node:	12:0	11
15	77c31b59fca0dfabbec4e1a539fff381ff2f7a1b02d5fa5910b7a2029dde44f9	SSH Command	regex	ssh root@192.168.1.1	15:0	20
16	77c31b59fca0dfabbec4e1a539fff381ff2f7a1b02d5fa5910b7a2029dde44f9	SSH Command	regex	ssh -i	16:0	6
17	77c31b59fca0dfabbec4e1a539fff381ff2f7a1b02d5fa5910b7a2029dde44f9	SSH Command	regex	ssh admin@10.0.0.5	17:0	18
18	f640a3db6d1cf9c2344ec7eb8dd1bc1468f0a01778046439c26adfcfe6fafa81	Large Data Copy	regex	xcopy	5:0	5
19	f640a3db6d1cf9c2344ec7eb8dd1bc1468f0a01778046439c26adfcfe6fafa81	Large Data Copy	regex	robocopy	6:0	8
20	f640a3db6d1cf9c2344ec7eb8dd1bc1468f0a01778046439c26adfcfe6fafa81	Large Data Copy	regex	tar cf	7:0	6
21	f640a3db6d1cf9c2344ec7eb8dd1bc1468f0a01778046439c26adfcfe6fafa81	Large Data Copy	regex	zip -r	8:0	6
22	f640a3db6d1cf9c2344ec7eb8dd1bc1468f0a01778046439c26adfcfe6fafa81	FTP Command	regex	ftp ftp.attacker.com	17:0	20
23	f640a3db6d1cf9c2344ec7eb8dd1bc1468f0a01778046439c26adfcfe6fafa81	Cloud Upload	regex	aws s3 cp	11:0	9
24	f640a3db6d1cf9c2344ec7eb8dd1bc1468f0a01778046439c26adfcfe6fafa81	Cloud Upload	regex	aws s3 cp	12:0	9
25	f640a3db6d1cf9c2344ec7eb8dd1bc1468f0a01778046439c26adfcfe6fafa81	Cloud Upload	regex	gsutil cp	13:0	9
26	f640a3db6d1cf9c2344ec7eb8dd1bc1468f0a01778046439c26adfcfe6fafa81	Cloud Upload	regex	azcopy	14:0	6
27	f640a3db6d1cf9c2344ec7eb8dd1bc1468f0a01778046439c26adfcfe6fafa81	Base64 Decode	regex	base64 -d	22:0	9
28	f640a3db6d1cf9c2344ec7eb8dd1bc1468f0a01778046439c26adfcfe6fafa81	Base64 Decode	regex	FromBase64String	23:29	16
29	f640a3db6d1cf9c2344ec7eb8dd1bc1468f0a01778046439c26adfcfe6fafa81	Base64 Decode	regex	base64 -d	24:17	9
30	f640a3db6d1cf9c2344ec7eb8dd1bc1468f0a01778046439c26adfcfe6fafa81	Base64 Decode	regex	atob(	25:0	5
31	f640a3db6d1cf9c2344ec7eb8dd1bc1468f0a01778046439c26adfcfe6fafa81	Certutil Download	regex	certutil -urlcache -split	28:0	25
32	14fa97f55252ce4a4d29ac509fb831bc7bf5fc72c38774d7adad704a6df96728	URL Pattern	regex	http://192.168.1.100:8080/beacon	6:5	32
33	14fa97f55252ce4a4d29ac509fb831bc7bf5fc72c38774d7adad704a6df96728	URL Pattern	regex	http://10.0.0.1:4444/payload	7:5	28
34	14fa97f55252ce4a4d29ac509fb831bc7bf5fc72c38774d7adad704a6df96728	IP Address	regex	192.168.1.100	6:12	13
35	14fa97f55252ce4a4d29ac509fb831bc7bf5fc72c38774d7adad704a6df96728	IP Address	regex	10.0.0.1	7:12	8
36	14fa97f55252ce4a4d29ac509fb831bc7bf5fc72c38774d7adad704a6df96728	IP Address	regex	172.16.0.1	8:16	10
37	14fa97f55252ce4a4d29ac509fb831bc7bf5fc72c38774d7adad704a6df96728	Domain with Port	regex	example.com:443	11:30	15
38	14fa97f55252ce4a4d29ac509fb831bc7bf5fc72c38774d7adad704a6df96728	Domain with Port	regex	domain.com:8080	12:17	15
39	14fa97f55252ce4a4d29ac509fb831bc7bf5fc72c38774d7adad704a6df96728	Domain with Port	regex	malware.org:443	15:23	15
40	14fa97f55252ce4a4d29ac509fb831bc7bf5fc72c38774d7adad704a6df96728	Domain with Port	regex	attacker.net:8080	16:26	17
41	14fa97f55252ce4a4d29ac509fb831bc7bf5fc72c38774d7adad704a6df96728	Scheduled Task	regex	schtasks /create	29:0	16
42	2bbf8049420f6fa9aaca4d2a555847fe6629060a462d562d45a3ad500c4adc51	URL Pattern	regex	http://192.168.1.100:8080/beacon	6:5	32
43	2bbf8049420f6fa9aaca4d2a555847fe6629060a462d562d45a3ad500c4adc51	URL Pattern	regex	http://10.0.0.1:4444/payload	7:5	28
44	2bbf8049420f6fa9aaca4d2a555847fe6629060a462d562d45a3ad500c4adc51	IP Address	regex	192.168.1.100	6:12	13
45	2bbf8049420f6fa9aaca4d2a555847fe6629060a462d562d45a3ad500c4adc51	IP Address	regex	10.0.0.1	7:12	8
46	2bbf8049420f6fa9aaca4d2a555847fe6629060a462d562d45a3ad500c4adc51	IP Address	regex	172.16.0.1	8:16	10
47	2bbf8049420f6fa9aaca4d2a555847fe6629060a462d562d45a3ad500c4adc51	Domain with Port	regex	example.com:443	11:30	15
48	2bbf8049420f6fa9aaca4d2a555847fe6629060a462d562d45a3ad500c4adc51	Domain with Port	regex	domain.com:8080	12:17	15
49	2bbf8049420f6fa9aaca4d2a555847fe6629060a462d562d45a3ad500c4adc51	Domain with Port	regex	malware.org:443	15:23	15
50	2bbf8049420f6fa9aaca4d2a555847fe6629060a462d562d45a3ad500c4adc51	Domain with Port	regex	attacker.net:8080	16:26	17
51	2bbf8049420f6fa9aaca4d2a555847fe6629060a462d562d45a3ad500c4adc51	Registry Run Key	regex	Software\Microsoft\Windows\CurrentVersion\Run	25:9	45
52	2bbf8049420f6fa9aaca4d2a555847fe6629060a462d562d45a3ad500c4adc51	Registry Run Key	regex	Software\Microsoft\Windows\CurrentVersion\Run	26:5	45
53	2bbf8049420f6fa9aaca4d2a555847fe6629060a462d562d45a3ad500c4adc51	Scheduled Task	regex	schtasks /create	29:0	16
54	9594b8608605933c88923a608d129720f305d12223df224937d1bfad81c8677e	Mimikatz	regex	Mimikatz	4:2	8
55	9594b8608605933c88923a608d129720f305d12223df224937d1bfad81c8677e	Mimikatz	regex	mimikatz	5:0	8
56	9594b8608605933c88923a608d129720f305d12223df224937d1bfad81c8677e	Mimikatz	regex	mimikatz	6:0	8
57	9594b8608605933c88923a608d129720f305d12223df224937d1bfad81c8677e	Mimikatz	regex	sekurlsa::logonpasswords	7:0	24
58	9594b8608605933c88923a608d129720f305d12223df224937d1bfad81c8677e	LSASS Dump	regex	lsass.exe	12:13	9
59	9594b8608605933c88923a608d129720f305d12223df224937d1bfad81c8677e	LSASS Dump	regex	lsass.dmp	12:23	9
60	9594b8608605933c88923a608d129720f305d12223df224937d1bfad81c8677e	LSASS Dump	regex	lsass.exe	13:34	9
61	9594b8608605933c88923a608d129720f305d12223df224937d1bfad81c8677e	LSASS Dump	regex	lsass.dmp	13:44	9
62	9594b8608605933c88923a608d129720f305d12223df224937d1bfad81c8677e	LSASS Dump	regex	lsass.exe	14:19	9
63	9594b8608605933c88923a608d129720f305d12223df224937d1bfad81c8677e	Shadow Copy	regex	vssadmin list shadows	18:0	21
64	9594b8608605933c88923a608d129720f305d12223df224937d1bfad81c8677e	Shadow Copy	regex	ntdsutil snapshot	21:0	17
65	9594b8608605933c88923a608d129720f305d12223df224937d1bfad81c8677e	OAST Domain	regex	uniqueid.oast.me	24:13	16
66	9594b8608605933c88923a608d129720f305d12223df224937d1bfad81c8677e	OAST Domain	regex	callback.burpcollaborator.net	25:9	29
67	9594b8608605933c88923a608d129720f305d12223df224937d1bfad81c8677e	OAST Domain	regex	test123.interact.sh	26:5	19
68	9594b8608605933c88923a608d129720f305d12223df224937d1bfad81c8677e	Pastebin/Hastebin	regex	pastebin.com/raw/	29:13	17
69	9594b8608605933c88923a608d129720f305d12223df224937d1bfad81c8677e	Pastebin/Hastebin	regex	hastebin.com/raw/	30:13	17
70	9594b8608605933c88923a608d129720f305d12223df224937d1bfad81c8677e	Pastebin/Hastebin	regex	paste.ee/raw/	31:13	13
71	7e7eca3c8e6b17d20e3eeb96536ff5720faa80b2bd79e3c7abf3701f2fa3e129	Mimikatz	regex	Mimikatz	4:2	8
72	7e7eca3c8e6b17d20e3eeb96536ff5720faa80b2bd79e3c7abf3701f2fa3e129	Mimikatz	regex	mimikatz	5:0	8
73	7e7eca3c8e6b17d20e3eeb96536ff5720faa80b2bd79e3c7abf3701f2fa3e129	Mimikatz	regex	mimikatz	6:0	8
74	7e7eca3c8e6b17d20e3eeb96536ff5720faa80b2bd79e3c7abf3701f2fa3e129	Mimikatz	regex	sekurlsa::logonpasswords	7:0	24
75	7e7eca3c8e6b17d20e3eeb96536ff5720faa80b2bd79e3c7abf3701f2fa3e129	LSASS Dump	regex	lsass.exe	12:13	9
76	7e7eca3c8e6b17d20e3eeb96536ff5720faa80b2bd79e3c7abf3701f2fa3e129	LSASS Dump	regex	lsass.dmp	12:23	9
77	7e7eca3c8e6b17d20e3eeb96536ff5720faa80b2bd79e3c7abf3701f2fa3e129	LSASS Dump	regex	lsass.exe	13:34	9
78	7e7eca3c8e6b17d20e3eeb96536ff5720faa80b2bd79e3c7abf3701f2fa3e129	LSASS Dump	regex	lsass.dmp	13:44	9
79	7e7eca3c8e6b17d20e3eeb96536ff5720faa80b2bd79e3c7abf3701f2fa3e129	LSASS Dump	regex	lsass.exe	14:19	9
80	7e7eca3c8e6b17d20e3eeb96536ff5720faa80b2bd79e3c7abf3701f2fa3e129	Shadow Copy	regex	vssadmin list shadows	18:0	21
81	7e7eca3c8e6b17d20e3eeb96536ff5720faa80b2bd79e3c7abf3701f2fa3e129	Shadow Copy	regex	ntdsutil snapshot	21:0	17
82	7e7eca3c8e6b17d20e3eeb96536ff5720faa80b2bd79e3c7abf3701f2fa3e129	OAST Domain	regex	uniqueid.oast.me	24:13	16
83	7e7eca3c8e6b17d20e3eeb96536ff5720faa80b2bd79e3c7abf3701f2fa3e129	OAST Domain	regex	callback.burpcollaborator.net	25:9	29
84	7e7eca3c8e6b17d20e3eeb96536ff5720faa80b2bd79e3c7abf3701f2fa3e129	OAST Domain	regex	test123.interact.sh	26:5	19
85	7e7eca3c8e6b17d20e3eeb96536ff5720faa80b2bd79e3c7abf3701f2fa3e129	Pastebin/Hastebin	regex	pastebin.com/raw/	29:13	17
86	7e7eca3c8e6b17d20e3eeb96536ff5720faa80b2bd79e3c7abf3701f2fa3e129	Pastebin/Hastebin	regex	hastebin.com/raw/	30:13	17
87	7e7eca3c8e6b17d20e3eeb96536ff5720faa80b2bd79e3c7abf3701f2fa3e129	Pastebin/Hastebin	regex	paste.ee/raw/	31:13	13

signature_matches.csv

id	signature_name	sha256
1	Files with Persistence and C2	14fa97f55252ce4a4d29ac509fb831bc7bf5fc72c38774d7adad704a6df96728
2	Files with Persistence and C2	2bbf8049420f6fa9aaca4d2a555847fe6629060a462d562d45a3ad500c4adc51

unique_files.csv

sha256	sha1	md5	file_size	mime_type_for_content	shannon_entropy
77c31b59fca0dfabbec4e1a539fff381ff2f7a1b02d5fa5910b7a2029dde44f9	34a0bcdaccd429c7aba12beb6e605b39fcf2d8c0	0339227d5e12cb2537140b89289147ec	827	text/plain	5.08565263168859
f640a3db6d1cf9c2344ec7eb8dd1bc1468f0a01778046439c26adfcfe6fafa81	cfb06547898ef427402f9ad1dbf7eac830cde4ff	03ab0151439a393d703300ecd80f23a7	991	text/plain	5.19946251680103
14fa97f55252ce4a4d29ac509fb831bc7bf5fc72c38774d7adad704a6df96728	cc745426d0145aaaf0650c3f0e6a89ad3668947a	8100cb646d5b23278a53a4df6029ec85	1027	text/x-shellscript	5.21059999015889
2bbf8049420f6fa9aaca4d2a555847fe6629060a462d562d45a3ad500c4adc51	9b59ccf2e4662a228d3688f209c1216fc1bf41ed	b5e907e5d4704e5006bdfbfbaeaae804	1041	text/x-shellscript	5.24339777508192
9594b8608605933c88923a608d129720f305d12223df224937d1bfad81c8677e	d48a61d79dc8570bdc20d2c76d37ec8775902ec0	ae50451a2dc69467e533d67efc7735c2	944	text/plain	5.07353039059472
7e7eca3c8e6b17d20e3eeb96536ff5720faa80b2bd79e3c7abf3701f2fa3e129	7c891f5e60afb2261836013167d6cb53526a48bc	7132c4a0055086a0f5270c66c1d03315	951	text/plain	5.09169093686567

Keyboard shortcuts

sus - Systematic Universal Scanner - Documentation