threatinteltest

## Whitelisting.txt
T1103 - AppInitDlls
T1017 - Application Deployment Software
T1131 - Authentication Package
T1009 - Binary Padding
T1042 - Change Default Association
T1116 - Code Signing
T1122 - Component Object Model Hijacking
T1003 - Credential Access
T1055 - DLL Injection
T1038 - DLL Search Order Hijacking

## ocr-shot.sh
#!/bin/bash

set -e

CONTENTS=$(tesseract -c language_model_penalty_non_dict_word=0.8 --tessdata-dir /usr/local/share/ "$1" stdout -l eng | xml esc)

hex=$((cat <<EOF
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
	T1103 - AppInitDlls
	T1017 - Application Deployment Software
	T1131 - Authentication Package
	T1009 - Binary Padding
	T1042 - Change Default Association
	T1116 - Code Signing
	T1122 - Component Object Model Hijacking
	T1003 - Credential Access
	T1055 - DLL Injection
	T1038 - DLL Search Order Hijacking
	#!/bin/bash

	set -e

	CONTENTS=$(tesseract -c language_model_penalty_non_dict_word=0.8 --tessdata-dir /usr/local/share/ "$1" stdout -l eng \| xml esc)

	hex=$((cat <<EOF
	<?xml version="1.0" encoding="UTF-8"?>
	<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
	<plist version="1.0">