Vault 7: Projects

This publication series is about specific projects related to the Vault 7 main publication.
SECRET//ORCON//NOFORN
5 Output Directory Layout
<target_id>
- Used to group files from the same target
<> = ID of target or ‘unidentified’
beacon
- Contains all beacons received from target
<beacon_id>
- Contains files generated from one beacon
<> = Time beacon processed as ‘yyyy-mm-
ddThh.mm.ss_beacon’
beacon.xml
- XML file of beacon information
beacon.archive
- Copy of unencrypted beacon file, created if ‘-a’
flag set
result
- Contains all task results received from target
<result_id>
- Contains files generated from one task result
<> = Time result processed as ‘yyyy-mm-
ddThh.mm.ss_result’
result.xml
- XML file of result information
result.archive
- Copy of unencrypted result file, created if ‘-a’ flag
set
data
- Contains extra data generated by result
push
- Contains all files sent from target’s push and output
directories
<push_id>
- Contains files generated from one push event
<> = Time push processed as ‘yyyy-mm-
ddThh.mm.ss_<filename>’
push.xml
- XML file of push information
push.archive
- Copy of unencrypted push file, created if ‘-a’ flag
set
<push_file>
- File that was placed in push or output directory on
target
task
- Contains all processed task files (never associated with a
target)
<task_id>
- Contains files generated by parsing task file
task.xml
- XML file of task information
task.archive
- Copy of unencrypted task file, created if ‘-a’ flag
set
...
- Other files generated by task (e.g. contents of put
command)
unidentified
- Contains all unidentified files from target
118
SECRET//ORCON//NOFORN