av-gantimurov · December 4, 2020 06:13
diff --git a/151c1498ad114e882ceed52e03333ded.txt b/151c1498ad114e882ceed52e03333ded.txt
 '\x00'
 '\x00\x00\x00'
 '\x02'
 '\x03'
 '\tINTEGER '
 '\tOBJECTIDENTIFIER '
 '\tOCTETSTRING '
 '\n'
 '\r'
 '\r\n'
 '\r\n\r\n'
 '\r\n--'
 '\r\n.\r\n'
 '\r\nHost: '
 ' '
 ' -convert xml1 -s -o "'
 ' 1.85 (Hash, version 2, native byte-order)'
 ' <b>]</b> <font color="#000000">('
 ' MB'
 ' Recovered!'
 '"'
 '"encrypted_key":"(.*?)"'
 '%2B'
 '%PostURL%'
 '%ProgramW6432%'
 '%chatid%'
 '%ftphost%/'
 '%ftppassword%'
 '%ftpuser%'
 '%hash%'
 '%insregname%'
 '%startupfolder%'
 '%tordir%'
 '%torpass%'
 '%urlkey%'
 '&'
 '&H'
 '&amp;'
 '&gt;'
 '&lt;'
 '&quot;'
 '('
 ')'
 ')</font></font>'
 '*'
 '+'
 '+-0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'
 ','
 '-'
 '--\r\n'
 '---'
 '---------------------------'
 '-f '
 '.'
 '.*"password":"(.*?)"'
 '.*"username":"(.*?)"'
 '.dll'
 '.html'
 '.jpeg'
 '.tmp'
 '.zip'
 '/'
 "//setting[@name='Password']/value"
 "//setting[@name='Username']/value"
 '/log.tmp'
 '00000000-0000-0000-0000-000000000000'
 '00000002'
 '00061561'
 '10'
 '11'
 '12'
 '127.0.0.1'
 '13'
 '14'
 '15'
 '154E23D0-C644-4E6F-8CE6-5069272F999F'
 '16:'
 '200 Connection established\r\nProxy-Agent: HToS5x\r\n\r\n'
 '22'
 '250'
 '2F1A6504-0641-44CF-8BB5-3612D865F2E5'
 '2a864886f70d010c050103'
 '2a864886f70d0209'
 '360 Browser'
 '360Chrome\\Chrome\\User Data'
 '39aaf87b-22fd-4c26-96b1-f60c4f454355'
 '3C886FF3-2669-4AA2-A8FB-3F6759A77548'
 '3CCD5499-87A8-4B10-A215-608888DD3B55'
 '3E0E35BE-1B77-43E7-B873-AED901B6275B'
 '401\r\n\r\n'
 '4BF4C442-9B8A-41A0-B380-DD4A704DDB28'
 '4a54be81-ee83-4518-b82a-83f35a89d571'
 '500 '
 '502 '
 '5A'
 '60'
 '71'
 '72905C47-F4FD-4CF7-A489-4E8121A155BD'
 '77BC582B-F0A6-4E15-4E80-61736B6F3B29'
 '7Star'
 '7Star\\7Star\\User Data'
 ':'
 ': '
 ':Zone.Identifier'
 ';'
 ';Anonymous='
 ';Password='
 ';Port='
 ';Server='
 ';User='
 '<'
 '</Host>'
 '</Name>'
 '</Pass>'
 '</Password>'
 '</Port>'
 '</User>'
 '</b>'
 '</data>'
 '</font>'
 '</html>'
 '</name>'
 '</password>'
 '</protocol>'
 '</server_ip>'
 '</server_port>'
 '</server_user_name>'
 '</server_user_password>'
 '</string>'
 '<Host>'
 '<Name>'
 '<Pass encoding="base64">'
 '<Pass>'
 '<Password>'
 '<Port>'
 '<Server>'
 '<User>'
 '<a.+?href\\s*=\\s*(["\'])(?<href>.+?)\\1[^>]*>'
 '<account>'
 '<array>'
 '<br>'
 '<data>'
 '<dict>'
 '<font color="#00b1ba"><b>[ '
 '<font color="#00ba66">&darr;</font>'
 '<font color="#00ba66">&larr;</font>'
 '<font color="#00ba66">&rarr;</font>'
 '<font color="#00ba66">&uarr;</font>'
 '<font color="#00ba66">{ALT+F4}</font>'
 '<font color="#00ba66">{ALT+TAB}</font>'
 '<font color="#00ba66">{BACK}</font>'
 '<font color="#00ba66">{CAPSLOCK}</font>'
 '<font color="#00ba66">{CTRL}</font>'
 '<font color="#00ba66">{DEL}</font>'
 '<font color="#00ba66">{END}</font>'
 '<font color="#00ba66">{ENTER}</font>'
 '<font color="#00ba66">{ESC}</font>'
 '<font color="#00ba66">{F10}</font>'
 '<font color="#00ba66">{F11}</font>'
 '<font color="#00ba66">{F12}</font>'
 '<font color="#00ba66">{F1}</font>'
 '<font color="#00ba66">{F2}</font>'
 '<font color="#00ba66">{F3}</font>'
 '<font color="#00ba66">{F4}</font>'
 '<font color="#00ba66">{F5}</font>'
 '<font color="#00ba66">{F6}</font>'
 '<font color="#00ba66">{F7}</font>'
 '<font color="#00ba66">{F8}</font>'
 '<font color="#00ba66">{F9}</font>'
 '<font color="#00ba66">{HOME}</font>'
 '<font color="#00ba66">{Insert}</font>'
 '<font color="#00ba66">{NumLock}</font>'
 '<font color="#00ba66">{PageDown}</font>'
 '<font color="#00ba66">{PageUp}</font>'
 '<font color="#00ba66">{TAB}</font>'
 '<font color="#00ba66">{Win}</font>'
 '<hr>'
 '<html>'
 '<name>'
 '<password>'
 '<protocol>'
 '<server>'
 '<server_ip>'
 '<server_port>'
 '<server_user_name>'
 '<server_user_password>'
 '<string>'
 '='
 '>'
 'A'
 'ABCDEF'
 'AES'
 'ALLUSERSPROFILE'
 'APPDATA'
 'AUTHENTICATE "%torpass%"'
 'Account'
 'AccountConfiguration'
 'AccountConfiguration+accountName'
 'AccountConfiguration+password'
 'AccountConfiguration+username'
 'Accounts'
 'Add'
 'All Users'
 'Amigo'
 'Amigo\\User Data'
 'Application:'
 'Application: '
 'Arguments'
 'AuthTagLength'
 'AvoidDiskWrites 1\r\nLog notice stdout\r\nDormantCanceledByStartup 1\r\nControlPort 9051\r\nCookieAuthentication 1\r\nrunasdaemon 1\r\nExtORPort auto\r\nhashedcontrolpassword %hash%\r\nDataDirectory %tordir%\\Data\\Tor\r\nGeoIPFile %tordir%\\Data\\Tor\\geoip\r\nGeoIPv6File %tordir%\\Data\\Tor\\geoip6\r\n'
 'B'
 'Backend=([A-z0-9\\/\\.-]+)'
 'Becky!'
 'Berkelet DB'
 'BlackHawk'
 'Bootstrapped 100%'
 'Brave'
 'Brave Browser'
 'BraveSoftware\\Brave-Browser\\User Data'
 'C'
 'CO'
 'CONNECTION'
 'CO_'
 'CPU: '
 'CatalinaGroup\\Citrio\\User Data'
 'CentBrowser'
 'CentBrowser\\User Data'
 'ChainingMode'
 'ChainingModeGCM'
 'Chedot'
 'Chedot\\User Data'
 'Chrome'
 'Chromium'
 'Chromium\\User Data'
 'Citrio'
 'ClawsMail'
 'Close'
 'CocCoc'
 'CocCoc\\Browser\\User Data'
 'Coccoc'
 'Comodo Dragon'
 'Comodo\\Dragon\\User Data'
 'ComputeHash'
 'Computer Name: '
 'Connect'
 'Contains'
 'Content-Disposition: form-data; name="{0}"\r\n\r\n{1}'
 'Content-Disposition: form-data; name="{0}"; filename="{1}"\r\nContent-Type: {2}\r\n\r\n'
 'ControlPassword'
 'Cookie'
 'Cookies'
 'Cool Novo'
 'CoolNovo'
 'Coowon'
 'Coowon\\Coowon\\User Data'
 'Copied Text: '
 'Copy'
 'CopyTo'
 'CoreFTP'
 'CreateDecryptor'
 'CreateNoWindow'
 'CyberFox'
 'D'
 'Data'
 'DataDir'
 'DecryptTripleDes'
 'Dispose'
 'DynDNS'
 'DynDNS\\Updater\\config.dyndns'
 'E'
 'E69D7838-91B5-4FC9-89D5-230D4D4CC2BC'
 'Edge Chromium'
 'Elements Browser'
 'Elements Browser\\User Data'
 'Email'
 'EmailAddress'
 'EncPassword'
 'EncryptedPassword'
 'EndOfStream'
 'EndsWith'
 'Epic Privacy'
 'Epic Privacy Browser'
 'Epic Privacy Browser\\User Data'
 'Eudora'
 'Executable'
 'ExtractFile'
 'F'
 'FTP Navigator'
 'FTPCommander'
 'FTPGetter'
 'Falkon Browser'
 'False'
 'Fenrir Inc\\Sleipnir5\\setting\\modules\\ChromiumViewer'
 'FileName'
 'FileZilla'
 'Firefox'
 'FlashFXP'
 'Flock'
 'Flock Browser'
 'Folder.lst'
 'Foxmail'
 'FoxmailPath'
 'Fragment'
 'GET'
 'GetBytes'
 'GuidMasterKey'
 'HKEY_CURRENT_USERSoftwareFTPWareCOREFTPSites'
 'HKEY_CURRENT_USER\\SOFTWARE\\Vitalwerks\\DUC'
 'HKEY_CURRENT_USER\\Software\\Aerofox\\FoxmailPreview'
 'HKEY_CURRENT_USER\\Software\\Aerofox\\Foxmail\\V3.1'
 'HKEY_CURRENT_USER\\Software\\FTPWare\\COREFTP\\Sites\\'
 'HKEY_CURRENT_USER\\Software\\Paltalk\\'
 'HKEY_CURRENT_USER\\Software\\Qualcomm\\Eudora\\CommandLine'
 'HKEY_CURRENT_USER\\Software\\RimArts\\B2\\Settings'
 'HKEY_LOCAL_MACHINE\\SOFTWARE\\Vitalwerks\\DUC'
 'HOST'
 'HTTP Password'
 'HTTP/1.1 '
 'Hash'
 'Host'
 'HostName'
 'Hostname'
 'IE/Edge'
 'IMAP Password'
 "INSERT INTO CONFIG VALUES('AccountController','"
 'IP Address: '
 'IP='
 'IPEnabled'
 'IV'
 'IceCat'
 'IceDragon'
 'Id'
 'IncomingServer'
 'IndexOf'
 'InnerText'
 'InstancesOf'
 'Internet Download Manager'
 'Iridium Browser'
 'Iridium\\User Data'
 'IterationCount'
 'JDownloader'
 'K-Meleon'
 'KEEP-ALIVE'
 'KL'
 'KL_'
 'Key'
 'KeyDataBlob'
 'Kometa'
 'Kometa\\User Data'
 'Length'
 'Liebao Browser'
 'Load'
 'Log'
 'Login Data'
 'MM/dd/yyyy HH:mm:ss'
 'MacAddress'
 'MailAddress'
 'MailClient.Accounts.ArchivingScope'
 'MailClient.Accounts.CredentialsModelTypes'
 'MailClient.Accounts.Mail.MailAccountConfiguration'
 'MailClient.Accounts.TlsType'
 'MailClient.Mail.MailAddress'
 'MailClient.Protocols.Smtp.SmtpAccountConfiguration'
 'Mailbird'
 'Major'
 'MapleStudio\\ChromePlus\\User Data'
 'Microsoft Primitive Provider'
 'Minor'
 'Mode'
 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:80.0) Gecko/20100101 Firefox/80.0'
 'MySQL Workbench'
 'NO-IP'
 'Name'
 'Name='
 'New '
 'No Password'
 'None'
 'NordVPN'
 'NordVPN directory not found!'
 'NordVpn.exe*'
 'OK'
 'OSFullName'
 'OSFullName: '
 'ObjectLength'
 'Open VPN'
 'Opera'
 'Opera Browser'
 'Opera Mail'
 'Opera Software\\Opera Stable'
 'Orbitum'
 'Orbitum\\User Data'
 'Outlook'
 'POP3 Password'
 'POP3Host'
 'POP3Password'
 'POPPass'
 'POST'
 'PROXY-AUTHENTICATE'
 'PROXY-AUTHORIZATION'
 'PW'
 'PWD'
 'PWD='
 'PW_'
 'Padding'
 'PaleMoon'
 'Paltalk'
 'PassWd'
 'Password'
 'Password:'
 'Password: '
 'PasswordViewOnly'
 'Path=([A-z0-9\\/\\.\\-]+)'
 'PathAndQuery'
 'Pidgin'
 'PocoMail'
 'PopPassword'
 'Port'
 'PortNumber'
 'Postbox'
 'Private Internet Access'
 'Private Internet Access\\data'
 'Profile'
 'ProgramFiles'
 'ProgramFiles(x86)'
 'Programfiles(x86)'
 'Psi/Psi+'
 'PublicKeyFile'
 'QIP Surf'
 'QIP Surf\\User Data'
 'QQ Browser'
 'RAM: '
 'Read'
 'ReadLine'
 'RealVNC 3.x'
 'RealVNC 4.x'
 'RedirectStandardOutput'
 'RegRead'
 'Replace'
 'ReturnAddress'
 'SC'
 'SC_'
 'SELECT * FROM Win32_Processor'
 'SEQUENCE {'
 'SIGNAL NEWNYM'
 'SMTP'
 'SMTP Password'
 'SMTP Server'
 'SMTPHost'
 'SMTPPass'
 'SMTPServer'
 'SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run'
 'SOFTWARE\\RealVNC\\WinVNC4'
 'SOFTWARE\\RealVNC\\vncserver'
 'SOFTWARE\\Wow6432Node\\RealVNC\\WinVNC4'
 'SOFTWARE\\\\Martin Prikryl\\\\WinSCP 2\\\\Sessions'
 'SRWare Iron'
 'STOR'
 'Safari Browser'
 'SavePasswordText'
 'SchemaId'
 'Screenshot'
 'SeaMonkey'
 'SelectSingleNode'
 'SenderIdentities'
 'SerialNumber'
 'Server'
 'Server_Host'
 'Settings'
 'Sleipnir 6'
 'SmartFTP'
 'SmtpPassword'
 'SmtpServer'
 'Software\\DownloadManager\\Passwords\\'
 'Software\\IncrediMail\\Identities\\'
 'Software\\Microsoft\\Office\\15.0\\Outlook\\Profiles\\Outlook\\9375CFF0413111d3B88A00104B2A6676'
 'Software\\Microsoft\\Office\\16.0\\Outlook\\Profiles\\Outlook\\9375CFF0413111d3B88A00104B2A6676'
 'Software\\Microsoft\\Windows Messaging Subsystem\\Profiles\\9375CFF0413111d3B88A00104B2A6676'
 'Software\\Microsoft\\Windows NT\\CurrentVersion\\Windows'
 'Software\\Microsoft\\Windows NT\\CurrentVersion\\Windows Messaging Subsystem\\Profiles\\Outlook\\9375CFF0413111d3B88A00104B2A6676'
 'Software\\Microsoft\\Windows\\CurrentVersion\\Run'
 'Software\\ORL\\WinVNC3'
 'Software\\OpenVPN-GUI\\configs'
 'Software\\OpenVPN-GUI\\configs\\'
 'Software\\Paltalk'
 'Software\\TigerVNC\\Server'
 'Software\\TightVNC\\Server'
 'Sputnik'
 'Sputnik\\Sputnik\\User Data'
 'StandardOutput'
 'Start'
 'StartInfo'
 'Substring'
 'System'
 'SystemDrive'
 'TE'
 'TRAILER'
 'TRANSFER-ENCODING'
 'Tencent\\QQBrowser\\User Data'
 'TheBat'
 'Thunderbird'
 'TigerVNC'
 'TightVNC'
 'TightVNC ControlPassword'
 'Time: '
 'Tor'
 'Torch Browser'
 'Torch\\User Data'
 'TransformBlock'
 'TransformFinalBlock'
 'Trillian'
 'Trim'
 'TrimEnd'
 'TrimStart'
 'True'
 'Type'
 'UC Browser'
 'UCBrowser\\'
 'UID'
 'UNIQUE'
 'UPGRADE'
 'URL:'
 'URL:      '
 'USERPROFILE'
 'USERname'
 'UltraVNC'
 'Unknow database format'
 'Unknown'
 'Uran'
 'UseShellExecute'
 'User'
 'User Name'
 'User Name: '
 'UserName'
 'Username'
 'Username:'
 'Username: '
 'Value'
 'Version'
 'Version=4.0.0.0'
 'Vivaldi'
 'Vivaldi\\User Data'
 'W'
 'WS_FTP'
 'WScript.Shell'
 'WaterFox'
 'Web Credentials'
 'Win32_BaseBoard'
 'Win32_NetworkAdapterConfiguration'
 'WinMgmts:'
 'WinSCP'
 'Windows Credential Picker Protector'
 'Windows Credentials'
 'Windows Domain Certificate Credential'
 'Windows Domain Password Credential'
 'Windows Extended Credential'
 'Windows RDP'
 'Windows Secure Note'
 'Windows Web Password Credential'
 'Wr'
 'Write'
 'Yandex'
 'Yandex Browser'
 'Yandex\\YandexBrowser\\User Data'
 '['
 '[PRIVATE KEY LOCATION: "{0}"]'
 '[^\\u0020-\\u007F]'
 '\\'
 '\\"(hostname|encryptedPassword|encryptedUsername)":"(.*?)"'
 '\\%insfolder%\\'
 '\\%insfolder%\\%insname%'
 '\\.purple\\accounts.xml'
 '\\360Chrome\\Chrome\\User Data'
 '\\8pecxstudios\\Cyberfox\\'
 '\\Account.CFN'
 '\\Account.stg'
 '\\Accounts\\Account.rec0'
 '\\Accounts_New'
 '\\Apple Computer\\Preferences\\keychain.plist'
 '\\Claws-mail'
 '\\Common Files\\Apple\\Apple Application Support\\plutil.exe'
 '\\Comodo\\IceDragon\\'
 '\\CoreFTP\\sites.idx'
 '\\Data\\Tor\\torrc'
 '\\Default\\'
 '\\Default\\EncryptedStorage'
 '\\Default\\Login Data'
 '\\EncryptedStorage'
 '\\FTP Navigator\\Ftplist.txt'
 '\\FTPGetter\\servers.xml'
 '\\FileZilla\\recentservers.xml'
 '\\FlashFXP\\3quick.dat'
 '\\Flock\\Browser\\'
 '\\Google\\Chrome\\User Data'
 '\\Google\\Chrome\\User Data\\'
 '\\Ipswitch\\WS_FTP\\Sites\\ws_ftp.ini'
 '\\Iridium\\User Data'
 '\\K-Meleon\\'
 '\\Local State'
 '\\Login Data'
 '\\Mailbird\\Store\\Store.db'
 '\\Mailbox.ini'
 '\\Microsoft\\Credentials\\'
 '\\Microsoft\\Edge\\User Data'
 '\\Microsoft\\Protect\\'
 '\\Moonchild Productions\\Pale Moon\\'
 '\\Mozilla\\Firefox\\'
 '\\Mozilla\\SeaMonkey\\'
 '\\Mozilla\\icecat\\'
 '\\MySQL\\Workbench\\workbench_user_data.dat'
 '\\NETGATE Technologies\\BlackHawk\\'
 '\\OpenVPN\\config\\'
 '\\Opera Mail\\Opera Mail\\wand.dat'
 '\\Pocomail\\accounts.ini'
 '\\Postbox\\'
 '\\Private Internet Access\\data'
 '\\Psi+\\profiles'
 '\\Psi\\profiles'
 '\\SmartFTP\\Client 2.0\\Favorites\\Quick Connect\\'
 '\\SmartFTP\\Client 2.0\\Favorites\\Quick Connect\\*.xml'
 '\\Storage\\'
 '\\The Bat!'
 '\\Thunderbird\\'
 '\\Tor\\tor.exe'
 '\\Trillian\\users\\global\\accounts.dat'
 '\\UltraVNC\\ultravnc.ini'
 '\\VirtualStore\\Program Files (x86)\\Foxmail\\mail\\'
 '\\VirtualStore\\Program Files\\Foxmail\\mail\\'
 '\\Waterfox\\'
 '\\XMM'
 '\\\\'
 '\\account.json'
 '\\accountrc'
 '\\accounts.xml'
 '\\browsedata.db'
 '\\cftp\\Ftplist.txt'
 '\\clawsrc'
 '\\eM Client'
 '\\falkon\\profiles\\'
 '\\fixed_keychain.xml" '
 '\\jDownloader\\config\\database.script'
 '\\mail\\'
 '\\passwordstorerc'
 '\\settings.ini'
 '\\tmpG'
 '\\tor.zip'
 '\\uvnc bvba\\UltraVNC\\ultravnc.ini'
 ']'
 '_'
 'a102'
 'a11'
 "abcçdefgğhıijklmnoöpqrsştuüvwxyz1234567890_-.~!@#$%^&*()[{]}\\|';:,<>/?+=\r\n "
 'account'
 'address'
 'appdata'
 'application/x-www-form-urlencoded'
 'application/zip'
 'auth-data'
 'autofill'
 'blob'
 'blob0'
 'caption'
 'category'
 'chat_id'
 'chrome'
 'control'
 'cookies.sqlite'
 'created='
 'credential'
 'current'
 'document'
 'e8936e51-9fc8-4746-bc00-1f57e8cefdb1'
 'eM Client'
 'eM Client\\accounts.dat'
 'encryptedPassword'
 'encryptedUsername'
 'entries'
 'entropy'
 'ftp'
 'g'
 'global-salt'
 'host'
 'hostname'
 'href'
 'http://127.0.0.1:'
 'http://DynDns.com'
 'http://oWttag.com'
 'https://api.ipify.org'
 'https://api.telegram.org/bot%telegramapi%/sendDocument'
 'https://www.theonionrouter.com/dist.torproject.org/torbrowser/'
 'https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.zip'
 'id'
 'image/jpeg'
 'image/jpg'
 'incredimail'
 'info'
 'item1'
 'item2'
 'jid'
 'journal'
 'key3.db'
 'key4.db'
 'liebao\\User Data'
 'logins'
 'logins.json'
 'mail.privateemail.com'
 'master_passphrase_pbkdf2_rounds=(.+)'
 'master_passphrase_salt=(.+)'
 'metaData'
 'moz_logins'
 'mscorlib'
 'multipart/form-data; boundary='
 'n'
 'name'
 'nssPrivate'
 'o6806642kbM7c5'
 'objects'
 'opera:'
 'origin_url'
 'p='
 'pAuthenticatorElement'
 'pIdentityElement'
 'pPackageSid'
 'pResourceElement'
 'pass='
 'passkey0'
 'passwd'
 'passwd2'
 'password'
 'password-check'
 'password='
 'password_value'
 'policy'
 'port='
 'processorID'
 'profiles.ini'
 'programfiles'
 'programfiles(x86)'
 'providerNam'
 'pwd'
 'rdg'
 'remote '
 'sha256'
 'sha512'
 'signons.sqlite'
 'signons3.txt'
 'smtp'
 'smtp_server'
 'sq'
 'startProfile="([A-z0-9\\/\\.]+)"'
 'startProfile=([A-z0-9\\/\\.]+)'
 'str2'
 'str3'
 'success21'
 't'
 't6KzXhCh'
 'table'
 'text/html'
 'tor'
 'tor-win32-'
 'uCozMedia'
 'uCozMedia\\Uran\\User Data'
 'uninstall'
 'use_master_passphrase=(.+)'
 'user.config'
 'user='
 'username'
 'username='
 'username_value'
 'v10'
 'v11'
 'version=2.0.0.0'
 '[email protected]'
 'webpanel'
 'win32_processor'
 'wow_logins'
 'x'
 'x2'
 'xt'
 'yyyy-MM-dd HH:mm:ss'
 'yyyy-MM-dd hh-mm-ss'
 'yyyy_MM_dd_HH_mm_ss'
 'zzz'
 '{(.*),(.*)}(.*)'
 '{0:X2}'
 '{0}'
 '{{{0}}}'
 '}'
	'\x00'
	'\x00\x00\x00'
	'\x02'
	'\x03'
	'\tINTEGER '
	'\tOBJECTIDENTIFIER '
	'\tOCTETSTRING '
	'\n'
	'\r'
	'\r\n'
	'\r\n\r\n'
	'\r\n--'
	'\r\n.\r\n'
	'\r\nHost: '
	' '
	' -convert xml1 -s -o "'
	' 1.85 (Hash, version 2, native byte-order)'
	' <b>]</b> <font color="#000000">('
	' MB'
	' Recovered!'
	'"'
	'"encrypted_key":"(.*?)"'
	'%2B'
	'%PostURL%'
	'%ProgramW6432%'
	'%chatid%'
	'%ftphost%/'
	'%ftppassword%'
	'%ftpuser%'
	'%hash%'
	'%insregname%'
	'%startupfolder%'
	'%tordir%'
	'%torpass%'
	'%urlkey%'
	'&'
	'&H'
	'&'
	'>'
	'<'
	'"'
	'('
	')'
	')</font></font>'
	'*'
	'+'
	'+-0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'
	','
	'-'
	'--\r\n'
	'---'
	'---------------------------'
	'-f '
	'.'
	'."password":"(.?)"'
	'."username":"(.?)"'
	'.dll'
	'.html'
	'.jpeg'
	'.tmp'
	'.zip'
	'/'
	"//setting[@name='Password']/value"
	"//setting[@name='Username']/value"
	'/log.tmp'
	'00000000-0000-0000-0000-000000000000'
	'00000002'
	'00061561'
	'10'
	'11'
	'12'
	'127.0.0.1'
	'13'
	'14'
	'15'
	'154E23D0-C644-4E6F-8CE6-5069272F999F'
	'16:'
	'200 Connection established\r\nProxy-Agent: HToS5x\r\n\r\n'
	'22'
	'250'
	'2F1A6504-0641-44CF-8BB5-3612D865F2E5'
	'2a864886f70d010c050103'
	'2a864886f70d0209'
	'360 Browser'
	'360Chrome\\Chrome\\User Data'
	'39aaf87b-22fd-4c26-96b1-f60c4f454355'
	'3C886FF3-2669-4AA2-A8FB-3F6759A77548'
	'3CCD5499-87A8-4B10-A215-608888DD3B55'
	'3E0E35BE-1B77-43E7-B873-AED901B6275B'
	'401\r\n\r\n'
	'4BF4C442-9B8A-41A0-B380-DD4A704DDB28'
	'4a54be81-ee83-4518-b82a-83f35a89d571'
	'500 '
	'502 '
	'5A'
	'60'
	'71'
	'72905C47-F4FD-4CF7-A489-4E8121A155BD'
	'77BC582B-F0A6-4E15-4E80-61736B6F3B29'
	'7Star'
	'7Star\\7Star\\User Data'
	':'
	': '
	':Zone.Identifier'
	';'
	';Anonymous='
	';Password='
	';Port='
	';Server='
	';User='
	'<'
	'</Host>'
	'</Name>'
	'</Pass>'
	'</Password>'
	'</Port>'
	'</User>'
	'</b>'
	'</data>'
	'</font>'
	'</html>'
	'</name>'
	'</password>'
	'</protocol>'
	'</server_ip>'
	'</server_port>'
	'</server_user_name>'
	'</server_user_password>'
	'</string>'
	'<Host>'
	'<Name>'
	'<Pass encoding="base64">'
	'<Pass>'
	'<Password>'
	'<Port>'
	'<Server>'
	'<User>'
	'<a.+?href\\s=\\s(["\'])(?<href>.+?)\\1[^>]*>'
	'<account>'
	'<array>'
	'<br>'
	'<data>'
	'<dict>'
	'<font color="#00b1ba"><b>[ '
	'<font color="#00ba66">↓</font>'
	'<font color="#00ba66">←</font>'
	'<font color="#00ba66">→</font>'
	'<font color="#00ba66">↑</font>'
	'<font color="#00ba66">{ALT+F4}</font>'
	'<font color="#00ba66">{ALT+TAB}</font>'
	'<font color="#00ba66">{BACK}</font>'
	'<font color="#00ba66">{CAPSLOCK}</font>'
	'<font color="#00ba66">{CTRL}</font>'
	'<font color="#00ba66">{DEL}</font>'
	'<font color="#00ba66">{END}</font>'
	'<font color="#00ba66">{ENTER}</font>'
	'<font color="#00ba66">{ESC}</font>'
	'<font color="#00ba66">{F10}</font>'
	'<font color="#00ba66">{F11}</font>'
	'<font color="#00ba66">{F12}</font>'
	'<font color="#00ba66">{F1}</font>'
	'<font color="#00ba66">{F2}</font>'
	'<font color="#00ba66">{F3}</font>'
	'<font color="#00ba66">{F4}</font>'
	'<font color="#00ba66">{F5}</font>'
	'<font color="#00ba66">{F6}</font>'
	'<font color="#00ba66">{F7}</font>'
	'<font color="#00ba66">{F8}</font>'
	'<font color="#00ba66">{F9}</font>'
	'<font color="#00ba66">{HOME}</font>'
	'<font color="#00ba66">{Insert}</font>'
	'<font color="#00ba66">{NumLock}</font>'
	'<font color="#00ba66">{PageDown}</font>'
	'<font color="#00ba66">{PageUp}</font>'
	'<font color="#00ba66">{TAB}</font>'
	'<font color="#00ba66">{Win}</font>'
	'<hr>'
	'<html>'
	'<name>'
	'<password>'
	'<protocol>'
	'<server>'
	'<server_ip>'
	'<server_port>'
	'<server_user_name>'
	'<server_user_password>'
	'<string>'
	'='
	'>'
	'A'
	'ABCDEF'
	'AES'
	'ALLUSERSPROFILE'
	'APPDATA'
	'AUTHENTICATE "%torpass%"'
	'Account'
	'AccountConfiguration'
	'AccountConfiguration+accountName'
	'AccountConfiguration+password'
	'AccountConfiguration+username'
	'Accounts'
	'Add'
	'All Users'
	'Amigo'
	'Amigo\\User Data'
	'Application:'
	'Application: '
	'Arguments'
	'AuthTagLength'
	'AvoidDiskWrites 1\r\nLog notice stdout\r\nDormantCanceledByStartup 1\r\nControlPort 9051\r\nCookieAuthentication 1\r\nrunasdaemon 1\r\nExtORPort auto\r\nhashedcontrolpassword %hash%\r\nDataDirectory %tordir%\\Data\\Tor\r\nGeoIPFile %tordir%\\Data\\Tor\\geoip\r\nGeoIPv6File %tordir%\\Data\\Tor\\geoip6\r\n'
	'B'
	'Backend=([A-z0-9\\/\\.-]+)'
	'Becky!'
	'Berkelet DB'
	'BlackHawk'
	'Bootstrapped 100%'
	'Brave'
	'Brave Browser'
	'BraveSoftware\\Brave-Browser\\User Data'
	'C'
	'CO'
	'CONNECTION'
	'CO_'
	'CPU: '
	'CatalinaGroup\\Citrio\\User Data'
	'CentBrowser'
	'CentBrowser\\User Data'
	'ChainingMode'
	'ChainingModeGCM'
	'Chedot'
	'Chedot\\User Data'
	'Chrome'
	'Chromium'
	'Chromium\\User Data'
	'Citrio'
	'ClawsMail'
	'Close'
	'CocCoc'
	'CocCoc\\Browser\\User Data'
	'Coccoc'
	'Comodo Dragon'
	'Comodo\\Dragon\\User Data'
	'ComputeHash'
	'Computer Name: '
	'Connect'
	'Contains'
	'Content-Disposition: form-data; name="{0}"\r\n\r\n{1}'
	'Content-Disposition: form-data; name="{0}"; filename="{1}"\r\nContent-Type: {2}\r\n\r\n'
	'ControlPassword'
	'Cookie'
	'Cookies'
	'Cool Novo'
	'CoolNovo'
	'Coowon'
	'Coowon\\Coowon\\User Data'
	'Copied Text: '
	'Copy'
	'CopyTo'
	'CoreFTP'
	'CreateDecryptor'
	'CreateNoWindow'
	'CyberFox'
	'D'
	'Data'
	'DataDir'
	'DecryptTripleDes'
	'Dispose'
	'DynDNS'
	'DynDNS\\Updater\\config.dyndns'
	'E'
	'E69D7838-91B5-4FC9-89D5-230D4D4CC2BC'
	'Edge Chromium'
	'Elements Browser'
	'Elements Browser\\User Data'
	'Email'
	'EmailAddress'
	'EncPassword'
	'EncryptedPassword'
	'EndOfStream'
	'EndsWith'
	'Epic Privacy'
	'Epic Privacy Browser'
	'Epic Privacy Browser\\User Data'
	'Eudora'
	'Executable'
	'ExtractFile'
	'F'
	'FTP Navigator'
	'FTPCommander'
	'FTPGetter'
	'Falkon Browser'
	'False'
	'Fenrir Inc\\Sleipnir5\\setting\\modules\\ChromiumViewer'
	'FileName'
	'FileZilla'
	'Firefox'
	'FlashFXP'
	'Flock'
	'Flock Browser'
	'Folder.lst'
	'Foxmail'
	'FoxmailPath'
	'Fragment'
	'GET'
	'GetBytes'
	'GuidMasterKey'
	'HKEY_CURRENT_USERSoftwareFTPWareCOREFTPSites'
	'HKEY_CURRENT_USER\\SOFTWARE\\Vitalwerks\\DUC'
	'HKEY_CURRENT_USER\\Software\\Aerofox\\FoxmailPreview'
	'HKEY_CURRENT_USER\\Software\\Aerofox\\Foxmail\\V3.1'
	'HKEY_CURRENT_USER\\Software\\FTPWare\\COREFTP\\Sites\\'
	'HKEY_CURRENT_USER\\Software\\Paltalk\\'
	'HKEY_CURRENT_USER\\Software\\Qualcomm\\Eudora\\CommandLine'
	'HKEY_CURRENT_USER\\Software\\RimArts\\B2\\Settings'
	'HKEY_LOCAL_MACHINE\\SOFTWARE\\Vitalwerks\\DUC'
	'HOST'
	'HTTP Password'
	'HTTP/1.1 '
	'Hash'
	'Host'
	'HostName'
	'Hostname'
	'IE/Edge'
	'IMAP Password'
	"INSERT INTO CONFIG VALUES('AccountController','"
	'IP Address: '
	'IP='
	'IPEnabled'
	'IV'
	'IceCat'
	'IceDragon'
	'Id'
	'IncomingServer'
	'IndexOf'
	'InnerText'
	'InstancesOf'
	'Internet Download Manager'
	'Iridium Browser'
	'Iridium\\User Data'
	'IterationCount'
	'JDownloader'
	'K-Meleon'
	'KEEP-ALIVE'
	'KL'
	'KL_'
	'Key'
	'KeyDataBlob'
	'Kometa'
	'Kometa\\User Data'
	'Length'
	'Liebao Browser'
	'Load'
	'Log'
	'Login Data'
	'MM/dd/yyyy HH:mm:ss'
	'MacAddress'
	'MailAddress'
	'MailClient.Accounts.ArchivingScope'
	'MailClient.Accounts.CredentialsModelTypes'
	'MailClient.Accounts.Mail.MailAccountConfiguration'
	'MailClient.Accounts.TlsType'
	'MailClient.Mail.MailAddress'
	'MailClient.Protocols.Smtp.SmtpAccountConfiguration'
	'Mailbird'
	'Major'
	'MapleStudio\\ChromePlus\\User Data'
	'Microsoft Primitive Provider'
	'Minor'
	'Mode'
	'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:80.0) Gecko/20100101 Firefox/80.0'
	'MySQL Workbench'
	'NO-IP'
	'Name'
	'Name='
	'New '
	'No Password'
	'None'
	'NordVPN'
	'NordVPN directory not found!'
	'NordVpn.exe*'
	'OK'
	'OSFullName'
	'OSFullName: '
	'ObjectLength'
	'Open VPN'
	'Opera'
	'Opera Browser'
	'Opera Mail'
	'Opera Software\\Opera Stable'
	'Orbitum'
	'Orbitum\\User Data'
	'Outlook'
	'POP3 Password'
	'POP3Host'
	'POP3Password'
	'POPPass'
	'POST'
	'PROXY-AUTHENTICATE'
	'PROXY-AUTHORIZATION'
	'PW'
	'PWD'
	'PWD='
	'PW_'
	'Padding'
	'PaleMoon'
	'Paltalk'
	'PassWd'
	'Password'
	'Password:'
	'Password: '
	'PasswordViewOnly'
	'Path=([A-z0-9\\/\\.\\-]+)'
	'PathAndQuery'
	'Pidgin'
	'PocoMail'
	'PopPassword'
	'Port'
	'PortNumber'
	'Postbox'
	'Private Internet Access'
	'Private Internet Access\\data'
	'Profile'
	'ProgramFiles'
	'ProgramFiles(x86)'
	'Programfiles(x86)'
	'Psi/Psi+'
	'PublicKeyFile'
	'QIP Surf'
	'QIP Surf\\User Data'
	'QQ Browser'
	'RAM: '
	'Read'
	'ReadLine'
	'RealVNC 3.x'
	'RealVNC 4.x'
	'RedirectStandardOutput'
	'RegRead'
	'Replace'
	'ReturnAddress'
	'SC'
	'SC_'
	'SELECT * FROM Win32_Processor'
	'SEQUENCE {'
	'SIGNAL NEWNYM'
	'SMTP'
	'SMTP Password'
	'SMTP Server'
	'SMTPHost'
	'SMTPPass'
	'SMTPServer'
	'SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run'
	'SOFTWARE\\RealVNC\\WinVNC4'
	'SOFTWARE\\RealVNC\\vncserver'
	'SOFTWARE\\Wow6432Node\\RealVNC\\WinVNC4'
	'SOFTWARE\\\\Martin Prikryl\\\\WinSCP 2\\\\Sessions'
	'SRWare Iron'
	'STOR'
	'Safari Browser'
	'SavePasswordText'
	'SchemaId'
	'Screenshot'
	'SeaMonkey'
	'SelectSingleNode'
	'SenderIdentities'
	'SerialNumber'
	'Server'
	'Server_Host'
	'Settings'
	'Sleipnir 6'
	'SmartFTP'
	'SmtpPassword'
	'SmtpServer'
	'Software\\DownloadManager\\Passwords\\'
	'Software\\IncrediMail\\Identities\\'
	'Software\\Microsoft\\Office\\15.0\\Outlook\\Profiles\\Outlook\\9375CFF0413111d3B88A00104B2A6676'
	'Software\\Microsoft\\Office\\16.0\\Outlook\\Profiles\\Outlook\\9375CFF0413111d3B88A00104B2A6676'
	'Software\\Microsoft\\Windows Messaging Subsystem\\Profiles\\9375CFF0413111d3B88A00104B2A6676'
	'Software\\Microsoft\\Windows NT\\CurrentVersion\\Windows'
	'Software\\Microsoft\\Windows NT\\CurrentVersion\\Windows Messaging Subsystem\\Profiles\\Outlook\\9375CFF0413111d3B88A00104B2A6676'
	'Software\\Microsoft\\Windows\\CurrentVersion\\Run'
	'Software\\ORL\\WinVNC3'
	'Software\\OpenVPN-GUI\\configs'
	'Software\\OpenVPN-GUI\\configs\\'
	'Software\\Paltalk'
	'Software\\TigerVNC\\Server'
	'Software\\TightVNC\\Server'
	'Sputnik'
	'Sputnik\\Sputnik\\User Data'
	'StandardOutput'
	'Start'
	'StartInfo'
	'Substring'
	'System'
	'SystemDrive'
	'TE'
	'TRAILER'
	'TRANSFER-ENCODING'
	'Tencent\\QQBrowser\\User Data'
	'TheBat'
	'Thunderbird'
	'TigerVNC'
	'TightVNC'
	'TightVNC ControlPassword'
	'Time: '
	'Tor'
	'Torch Browser'
	'Torch\\User Data'
	'TransformBlock'
	'TransformFinalBlock'
	'Trillian'
	'Trim'
	'TrimEnd'
	'TrimStart'
	'True'
	'Type'
	'UC Browser'
	'UCBrowser\\'
	'UID'
	'UNIQUE'
	'UPGRADE'
	'URL:'
	'URL: '
	'USERPROFILE'
	'USERname'
	'UltraVNC'
	'Unknow database format'
	'Unknown'
	'Uran'
	'UseShellExecute'
	'User'
	'User Name'
	'User Name: '
	'UserName'
	'Username'
	'Username:'
	'Username: '
	'Value'
	'Version'
	'Version=4.0.0.0'
	'Vivaldi'
	'Vivaldi\\User Data'
	'W'
	'WS_FTP'
	'WScript.Shell'
	'WaterFox'
	'Web Credentials'
	'Win32_BaseBoard'
	'Win32_NetworkAdapterConfiguration'
	'WinMgmts:'
	'WinSCP'
	'Windows Credential Picker Protector'
	'Windows Credentials'
	'Windows Domain Certificate Credential'
	'Windows Domain Password Credential'
	'Windows Extended Credential'
	'Windows RDP'
	'Windows Secure Note'
	'Windows Web Password Credential'
	'Wr'
	'Write'
	'Yandex'
	'Yandex Browser'
	'Yandex\\YandexBrowser\\User Data'
	'['
	'[PRIVATE KEY LOCATION: "{0}"]'
	'[^\\u0020-\\u007F]'
	'\\'
	'\\"(hostname\|encryptedPassword\|encryptedUsername)":"(.*?)"'
	'\\%insfolder%\\'
	'\\%insfolder%\\%insname%'
	'\\.purple\\accounts.xml'
	'\\360Chrome\\Chrome\\User Data'
	'\\8pecxstudios\\Cyberfox\\'
	'\\Account.CFN'
	'\\Account.stg'
	'\\Accounts\\Account.rec0'
	'\\Accounts_New'
	'\\Apple Computer\\Preferences\\keychain.plist'
	'\\Claws-mail'
	'\\Common Files\\Apple\\Apple Application Support\\plutil.exe'
	'\\Comodo\\IceDragon\\'
	'\\CoreFTP\\sites.idx'
	'\\Data\\Tor\\torrc'
	'\\Default\\'
	'\\Default\\EncryptedStorage'
	'\\Default\\Login Data'
	'\\EncryptedStorage'
	'\\FTP Navigator\\Ftplist.txt'
	'\\FTPGetter\\servers.xml'
	'\\FileZilla\\recentservers.xml'
	'\\FlashFXP\\3quick.dat'
	'\\Flock\\Browser\\'
	'\\Google\\Chrome\\User Data'
	'\\Google\\Chrome\\User Data\\'
	'\\Ipswitch\\WS_FTP\\Sites\\ws_ftp.ini'
	'\\Iridium\\User Data'
	'\\K-Meleon\\'
	'\\Local State'
	'\\Login Data'
	'\\Mailbird\\Store\\Store.db'
	'\\Mailbox.ini'
	'\\Microsoft\\Credentials\\'
	'\\Microsoft\\Edge\\User Data'
	'\\Microsoft\\Protect\\'
	'\\Moonchild Productions\\Pale Moon\\'
	'\\Mozilla\\Firefox\\'
	'\\Mozilla\\SeaMonkey\\'
	'\\Mozilla\\icecat\\'
	'\\MySQL\\Workbench\\workbench_user_data.dat'
	'\\NETGATE Technologies\\BlackHawk\\'
	'\\OpenVPN\\config\\'
	'\\Opera Mail\\Opera Mail\\wand.dat'
	'\\Pocomail\\accounts.ini'
	'\\Postbox\\'
	'\\Private Internet Access\\data'
	'\\Psi+\\profiles'
	'\\Psi\\profiles'
	'\\SmartFTP\\Client 2.0\\Favorites\\Quick Connect\\'
	'\\SmartFTP\\Client 2.0\\Favorites\\Quick Connect\\*.xml'
	'\\Storage\\'
	'\\The Bat!'
	'\\Thunderbird\\'
	'\\Tor\\tor.exe'
	'\\Trillian\\users\\global\\accounts.dat'
	'\\UltraVNC\\ultravnc.ini'
	'\\VirtualStore\\Program Files (x86)\\Foxmail\\mail\\'
	'\\VirtualStore\\Program Files\\Foxmail\\mail\\'
	'\\Waterfox\\'
	'\\XMM'
	'\\\\'
	'\\account.json'
	'\\accountrc'
	'\\accounts.xml'
	'\\browsedata.db'
	'\\cftp\\Ftplist.txt'
	'\\clawsrc'
	'\\eM Client'
	'\\falkon\\profiles\\'
	'\\fixed_keychain.xml" '
	'\\jDownloader\\config\\database.script'
	'\\mail\\'
	'\\passwordstorerc'
	'\\settings.ini'
	'\\tmpG'
	'\\tor.zip'
	'\\uvnc bvba\\UltraVNC\\ultravnc.ini'
	']'
	'_'
	'a102'
	'a11'
	"abcçdefgğhıijklmnoöpqrsştuüvwxyz1234567890_-.~!@#$%^&*()[{]}\\\|';:,<>/?+=\r\n "
	'account'
	'address'
	'appdata'
	'application/x-www-form-urlencoded'
	'application/zip'
	'auth-data'
	'autofill'
	'blob'
	'blob0'
	'caption'
	'category'
	'chat_id'
	'chrome'
	'control'
	'cookies.sqlite'
	'created='
	'credential'
	'current'
	'document'
	'e8936e51-9fc8-4746-bc00-1f57e8cefdb1'
	'eM Client'
	'eM Client\\accounts.dat'
	'encryptedPassword'
	'encryptedUsername'
	'entries'
	'entropy'
	'ftp'
	'g'
	'global-salt'
	'host'
	'hostname'
	'href'
	'http://127.0.0.1:'
	'http://DynDns.com'
	'http://oWttag.com'
	'https://api.ipify.org'
	'https://api.telegram.org/bot%telegramapi%/sendDocument'
	'https://www.theonionrouter.com/dist.torproject.org/torbrowser/'
	'https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.zip'
	'id'
	'image/jpeg'
	'image/jpg'
	'incredimail'
	'info'
	'item1'
	'item2'
	'jid'
	'journal'
	'key3.db'
	'key4.db'
	'liebao\\User Data'
	'logins'
	'logins.json'
	'mail.privateemail.com'
	'master_passphrase_pbkdf2_rounds=(.+)'
	'master_passphrase_salt=(.+)'
	'metaData'
	'moz_logins'
	'mscorlib'
	'multipart/form-data; boundary='
	'n'
	'name'
	'nssPrivate'
	'o6806642kbM7c5'
	'objects'
	'opera:'
	'origin_url'
	'p='
	'pAuthenticatorElement'
	'pIdentityElement'
	'pPackageSid'
	'pResourceElement'
	'pass='
	'passkey0'
	'passwd'
	'passwd2'
	'password'
	'password-check'
	'password='
	'password_value'
	'policy'
	'port='
	'processorID'
	'profiles.ini'
	'programfiles'
	'programfiles(x86)'
	'providerNam'
	'pwd'
	'rdg'
	'remote '
	'sha256'
	'sha512'
	'signons.sqlite'
	'signons3.txt'
	'smtp'
	'smtp_server'
	'sq'
	'startProfile="([A-z0-9\\/\\.]+)"'
	'startProfile=([A-z0-9\\/\\.]+)'
	'str2'
	'str3'
	'success21'
	't'
	't6KzXhCh'
	'table'
	'text/html'
	'tor'
	'tor-win32-'
	'uCozMedia'
	'uCozMedia\\Uran\\User Data'
	'uninstall'
	'use_master_passphrase=(.+)'
	'user.config'
	'user='
	'username'
	'username='
	'username_value'
	'v10'
	'v11'
	'version=2.0.0.0'
	'[email protected]'
	'webpanel'
	'win32_processor'
	'wow_logins'
	'x'
	'x2'
	'xt'
	'yyyy-MM-dd HH:mm:ss'
	'yyyy-MM-dd hh-mm-ss'
	'yyyy_MM_dd_HH_mm_ss'
	'zzz'
	'{(.),(.)}(.*)'
	'{0:X2}'
	'{0}'
	'{{{0}}}'
	'}'