The threat actor known as ToddyCat has been observed using a wide range of tools to retain access to compromised environments and steal valuable data. Cybersecurity investigators characterized the adversary as relying on various programs to harvest data on an "industrial scale" from primarily governmental organizations, some of them defense related, located in the Asia-Pacific region. To collect large volumes of data from many hosts, attackers need to automate the data harvesting process as m