{"id":27133104,"url":"https://github.com/franckferman/memento-rtlo","last_synced_at":"2026-05-26T14:02:46.716Z","repository":{"id":209466084,"uuid":"717782135","full_name":"franckferman/Memento-RTLO","owner":"franckferman","description":"🔄 Memento: Right-to-Left Override (RTLO) Extension Spoofing File Renamer.","archived":false,"fork":false,"pushed_at":"2025-03-13T16:24:42.000Z","size":83,"stargazers_count":5,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"stable","last_synced_at":"2025-04-07T22:38:08.070Z","etag":null,"topics":["cyber","cybersecurity-education","extension","memento","pentest","pentesting","powershell","powershell-script","powershell-scripting","powershell-scripts","redteam","redteam-tool","redteaming","right-to-left","rtlo","rtlo-extension-spoof","spoof","spoof-extension","spoof-extensions","spoofing-attack"],"latest_commit_sha":null,"homepage":"https://github.com/franckferman/Memento-RTLO","language":"PowerShell","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"agpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/franckferman.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2023-11-12T15:26:03.000Z","updated_at":"2025-04-02T14:21:58.000Z","dependencies_parsed_at":"2023-11-27T14:50:22.755Z","dependency_job_id":null,"html_url":"https://github.com/franckferman/Memento-RTLO","commit_stats":null,"previous_names":["franckferman/memento","franckferman/memento-rtlo"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/franckferman/Memento-RTLO","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/franckferman%2FMemento-RTLO","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/franckferman%2FMemento-RTLO/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/franckferman%2FMemento-RTLO/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/franckferman%2FMemento-RTLO/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/franckferman","download_url":"https://codeload.github.com/franckferman/Memento-RTLO/tar.gz/refs/heads/stable","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/franckferman%2FMemento-RTLO/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28056288,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-12-26T02:00:06.189Z","response_time":55,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cyber","cybersecurity-education","extension","memento","pentest","pentesting","powershell","powershell-script","powershell-scripting","powershell-scripts","redteam","redteam-tool","redteaming","right-to-left","rtlo","rtlo-extension-spoof","spoof","spoof-extension","spoof-extensions","spoofing-attack"],"created_at":"2025-04-07T22:38:22.372Z","updated_at":"2026-05-26T14:02:46.708Z","avatar_url":"https://github.com/franckferman.png","language":"PowerShell","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cdiv id=\"top\" align=\"center\"\u003e\n\n\u003c!-- Shields Header --\u003e\n[![Contributors][contributors-shield]](https://github.com/franckferman/Memento-RTLO/graphs/contributors)\n[![Stargazers][stars-shield]](https://github.com/franckferman/Memento-RTLO/stargazers)\n[![License][license-shield]](https://github.com/franckferman/Memento-RTLO/blob/stable/LICENSE)\n\n\u003c!-- Logo --\u003e\n\u003ca href=\"https://github.com/franckferman/Memento-RTLO\"\u003e\n  \u003cimg src=\"https://raw.githubusercontent.com/franckferman/Memento-RTLO/refs/heads/stable/docs/github/graphical_resources/Logo-without_background-Memento.png\" alt=\"Memento-RTLO Logo\" width=\"auto\" height=\"auto\"\u003e\n\u003c/a\u003e\n\n\u003c!-- Title \u0026 Tagline --\u003e\n\u003ch3 align=\"center\"\u003eMemento-RTLO\u003c/h3\u003e\n\u003cp align=\"center\"\u003e\n    \u003cem\u003eFile extension spoofing via the Right-to-Left Override Unicode character (U+202E).\u003c/em\u003e\n    \u003cbr\u003e\n    PowerShell-based red team and awareness tool demonstrating MITRE ATT\u0026CK T1036.002.\n\u003c/p\u003e\n\n\u003c/div\u003e\n\n---\n\n## Table of Contents\n\n\u003cdetails open\u003e\n  \u003csummary\u003e\u003cstrong\u003eClick to collapse/expand\u003c/strong\u003e\u003c/summary\u003e\n  \u003col\u003e\n    \u003cli\u003e\u003ca href=\"#about\"\u003eAbout\u003c/a\u003e\u003c/li\u003e\n    \u003cli\u003e\u003ca href=\"#unicode-bidi-deep-dive\"\u003eUnicode Bidi Deep Dive\u003c/a\u003e\u003c/li\u003e\n    \u003cli\u003e\u003ca href=\"#rtlo-attack-mechanics\"\u003eRTLO Attack Mechanics\u003c/a\u003e\u003c/li\u003e\n    \u003cli\u003e\u003ca href=\"#mitre-attck-mapping\"\u003eMITRE ATT\u0026CK Mapping\u003c/a\u003e\u003c/li\u003e\n    \u003cli\u003e\u003ca href=\"#detection\"\u003eDetection\u003c/a\u003e\u003c/li\u003e\n    \u003cli\u003e\u003ca href=\"#installation\"\u003eInstallation\u003c/a\u003e\u003c/li\u003e\n    \u003cli\u003e\u003ca href=\"#usage\"\u003eUsage\u003c/a\u003e\u003c/li\u003e\n    \u003cli\u003e\u003ca href=\"#star-evolution\"\u003eStar Evolution\u003c/a\u003e\u003c/li\u003e\n    \u003cli\u003e\u003ca href=\"#license\"\u003eLicense\u003c/a\u003e\u003c/li\u003e\n    \u003cli\u003e\u003ca href=\"#contact\"\u003eContact\u003c/a\u003e\u003c/li\u003e\n  \u003c/ol\u003e\n\u003c/details\u003e\n\n---\n\n## About\n\nMemento-RTLO is a PowerShell tool that demonstrates **file extension spoofing** using the Right-to-Left Override (RTLO) Unicode control character (`U+202E`).\n\nIt renames or copies executable files (`.exe`, `.hta`, `.bat`, `.vbs`) so that their displayed extension appears benign (e.g., `.pdf`, `.jpeg`, `.txt`) while the underlying filesystem entry and operating-system behavior remain unchanged. The visual deception is produced entirely at the Unicode rendering layer, without modifying file content or metadata.\n\nThe project serves three audiences:\n\n- **Red teamers** building phishing payloads for authorized engagements.\n- **Security researchers** analyzing how operating systems and email clients render bidirectional filenames.\n- **Blue teamers and trainers** demonstrating the attack to raise user awareness.\n\n\u003e This technique is well-documented and widely detected by modern endpoint protection platforms. It is not a sophisticated bypass. Its value is pedagogical.\n\n\u003cp align=\"right\"\u003e(\u003ca href=\"#top\"\u003eBack to top\u003c/a\u003e)\u003c/p\u003e\n\n---\n\n## Unicode Bidi Deep Dive\n\n### The Unicode Bidirectional Algorithm (UBA)\n\nThe Unicode Standard defines the **Bidirectional Algorithm** (UAX #9) to handle mixed-direction text — documents that combine left-to-right (LTR) scripts such as Latin with right-to-left (RTL) scripts such as Arabic or Hebrew. The algorithm assigns a **bidi category** to every code point and then applies a set of rules to determine the visual order of characters on screen.\n\nKey bidi categories relevant to this attack:\n\n| Category | Name | Description |\n|---|---|---|\n| L | Left-to-Right | Standard Latin characters, digits in LTR context |\n| R | Right-to-Left | Hebrew base characters |\n| AL | Arabic Letter | Arabic base characters |\n| AN | Arabic Number | Arabic-Indic digits |\n| RLE | Right-to-Left Embedding | U+202B — open RTL embedding |\n| LRE | Left-to-Right Embedding | U+202A — open LTR embedding |\n| RLO | Right-to-Left Override | **U+202E** — force all following characters RTL |\n| LRO | Left-to-Right Override | U+202D — force all following characters LTR |\n| PDF | Pop Directional Formatting | U+202C — terminate the innermost embedding |\n\n### U+202E: Right-to-Left Override\n\n`U+202E RIGHT-TO-LEFT OVERRIDE` is a **format character** — it has zero width, produces no visible glyph, and is designed for use in contexts where a run of characters must be rendered right-to-left regardless of their intrinsic bidi properties.\n\nLegitimate use cases include:\n\n- Displaying a product code or part number written in a Latin script inside an otherwise RTL document.\n- Embedding a URL that contains LTR punctuation inside Arabic body text.\n\nBecause it is a non-printing character, it is **invisible in most GUI contexts** — Windows Explorer, email clients, Outlook attachment lists, messaging applications, and web browsers all render the reversed characters without exposing the control character itself.\n\n### Code Point Anatomy\n\n```\nU+202E\n  Block    : General Punctuation (U+2000 - U+206F)\n  Category : Cf  (Format character)\n  Bidi     : RLO (Right-to-Left Override)\n  Mirrored : No\n  UTF-8    : E2 80 AE  (3 bytes)\n  UTF-16LE : 2E 20     (2 bytes, BMP)\n```\n\nThe three-byte UTF-8 sequence `0xE2 0x80 0xAE` is what appears in the raw bytes of any NTFS filename that embeds this character.\n\n### Visual Reversal Mechanism\n\nWhen `U+202E` is inserted at position *k* in a string, every character at positions *k+1* onward is rendered in reverse visual order by the bidi algorithm. The characters are stored in logical (memory) order unchanged; only the **rendering pipeline** reorders them.\n\nExample — logical storage vs. visual presentation:\n\n```\nLogical bytes:  A n n e x e [U+202E] e p e j . e x e\n                 ^-- LTR name --^    ^-- RTL rendering starts here --^\n\nVisual output:  Annexe exe.jpeg\n                         ^^^^^^ appears to be .jpeg extension\n```\n\nThe file is an `.exe`. The filesystem, the kernel, and the process loader all see `exe.jpeg` reversed back to `gpej.exe` — but the **bidi display layer** shows `jpeg`. The operating system executes it as an EXE.\n\n\u003cp align=\"right\"\u003e(\u003ca href=\"#top\"\u003eBack to top\u003c/a\u003e)\u003c/p\u003e\n\n---\n\n## RTLO Attack Mechanics\n\n### Filename Construction\n\nThe attack constructs a filename with the following logical structure:\n\n```\n\u003cDisplayName\u003e + U+202E + reverse(\u003cSpoofExtension\u003e) + \u003cRealExtension\u003e\n```\n\nStep by step for a target file `payload.exe` spoofed to appear as `Annexe.jpeg`:\n\n1. Choose display name: `Annexe`\n2. Choose spoof extension: `jpeg`\n3. Reverse the spoof extension character by character: `gepj`\n4. Append the real extension: `gepj.exe`\n5. Insert `U+202E` between display name and reversed string: `Annexe[U+202E]gepj.exe`\n\nThe bidi algorithm renders `gepj.exe` right-to-left, producing the visual string `exe.jpeg` appended to `Annexe`, so the user sees **`Annexe exe.jpeg`**.\n\nWindows Explorer also assigns the icon associated with `.jpeg` files to this entry (via shell association lookup on the **displayed** extension string), completing the visual deception.\n\n### Supported File Types\n\n| Real Extension | Spoof Options |\n|---|---|\n| `.exe` | `Annexe.jpeg`, `Document.pdf` |\n| `.hta` | `Info.jpg`, `Fichier.txt` |\n| `.bat` | `Note.txt`, `Liste.csv` |\n| `.vbs` | `Script.txt`, `Email.eml` |\n\n### Operating System Behavior\n\n- **NTFS**: stores the exact logical byte sequence including `U+202E`. No sanitization occurs at the filesystem layer.\n- **Windows Shell**: renders the filename through the DirectWrite/GDI bidi stack, showing the reversed visual form.\n- **Process execution**: the Windows kernel resolves the filename using its logical byte sequence. When the user double-clicks the visually deceptive entry, the loader reads the real extension (`.exe`) and executes accordingly.\n- **Linux (ext4/NTFS-3g)**: the character is valid in filenames. Terminal emulators with bidi support (e.g., mlterm, recent versions of GNOME Terminal with fribidi) will render the reversal.\n\n### Delivery Vectors\n\nThe technique has been observed in the following delivery contexts:\n\n- Email attachments (Outlook renders bidi filenames in the attachment pane).\n- ZIP archives opened via Explorer or third-party archivers.\n- Messenger file transfers (Telegram, WhatsApp Web).\n- SMB shares browsed via Explorer.\n- Malicious ISO/IMG mounts.\n\n\u003cp align=\"right\"\u003e(\u003ca href=\"#top\"\u003eBack to top\u003c/a\u003e)\u003c/p\u003e\n\n---\n\n## MITRE ATT\u0026CK Mapping\n\n### T1036.002 - Masquerading: Right-to-Left Override\n\n| Field | Value |\n|---|---|\n| Tactic | Defense Evasion |\n| Technique | T1036 - Masquerading |\n| Sub-technique | T1036.002 - Right-to-Left Override |\n| Platforms | Windows, Linux, macOS |\n| Data Sources | File: File Metadata, File: File Creation, Process: Process Creation |\n\n**ATT\u0026CK description (paraphrased):** Adversaries may abuse the RTLO character to disguise the true file extension of a malicious payload. This sub-technique focuses on the Unicode bidirectional control character `U+202E`, which causes text following it to be displayed in reverse. When placed strategically in a filename, it causes the displayed extension to differ from the actual extension processed by the operating system.\n\n### Related Techniques\n\n| ID | Name | Relationship |\n|---|---|---|\n| T1566.001 | Spearphishing Attachment | Common delivery mechanism for RTLO-renamed payloads |\n| T1204.002 | User Execution: Malicious File | Depends on the user clicking the spoofed file |\n| T1036 | Masquerading (parent) | RTLO is one sub-technique of broader masquerading |\n| T1027 | Obfuscated Files or Information | Conceptual overlap — non-content-level obfuscation |\n\n### Real-World Usage\n\nRTLO-based filename spoofing has been documented in:\n\n- **APT28 (Fancy Bear)** spearphishing campaigns (2014-2016) targeting journalists and government officials.\n- **Mahdi malware** (2012) — one of the early documented uses of RTLO in targeted attacks.\n- Multiple commodity phishing kits distributed via email platforms.\n- **FIN7** operational tooling in financial sector attacks.\n\n\u003cp align=\"right\"\u003e(\u003ca href=\"#top\"\u003eBack to top\u003c/a\u003e)\u003c/p\u003e\n\n---\n\n## Detection\n\n### Filesystem-Level Detection\n\nScan filenames for the presence of Unicode bidi override/embedding characters:\n\n| Code Point | Name | UTF-8 bytes |\n|---|---|---|\n| U+202A | Left-to-Right Embedding | `E2 80 AA` |\n| U+202B | Right-to-Left Embedding | `E2 80 AB` |\n| U+202C | Pop Directional Formatting | `E2 80 AC` |\n| U+202D | Left-to-Right Override | `E2 80 AD` |\n| U+202E | Right-to-Left Override | `E2 80 AE` |\n| U+2066 | Left-to-Right Isolate | `E2 81 A6` |\n| U+2067 | Right-to-Left Isolate | `E2 81 A7` |\n| U+2068 | First Strong Isolate | `E2 81 A8` |\n| U+2069 | Pop Directional Isolate | `E2 81 A9` |\n\nPowerShell one-liner to scan the current directory for RTLO characters in filenames:\n\n```powershell\nGet-ChildItem -Recurse | Where-Object { $_.Name -match [char]0x202E } | Select-Object FullName\n```\n\nPython equivalent for cross-platform use:\n\n```python\nimport os\n\nBIDI_CONTROLS = {'\\u202a', '\\u202b', '\\u202c', '\\u202d', '\\u202e',\n                 '\\u2066', '\\u2067', '\\u2068', '\\u2069'}\n\nfor root, dirs, files in os.walk('.'):\n    for name in files:\n        if any(c in name for c in BIDI_CONTROLS):\n            print(os.path.join(root, name))\n```\n\n### SIEM / EDR Detection Rules\n\n**Sigma rule concept (Windows file creation event):**\n\n```yaml\ntitle: RTLO Character in Filename\nstatus: experimental\nlogsource:\n  category: file_event\n  product: windows\ndetection:\n  selection:\n    TargetFilename|contains: \"\\u202E\"\n  condition: selection\nfalsepositives:\n  - Legitimate Arabic/Hebrew software with RTL product names (rare)\nlevel: high\ntags:\n  - attack.defense_evasion\n  - attack.t1036.002\n```\n\n**Windows Defender / MDE KQL:**\n\n```kql\nDeviceFileEvents\n| where FileName contains \"\\u202E\"\n| project Timestamp, DeviceName, FileName, FolderPath, InitiatingProcessFileName\n```\n\n### Email Gateway\n\nMost enterprise email gateways (Proofpoint, Mimecast, Microsoft EOP) flag or strip attachments whose filename bytes contain `0xE2 0x80 0xAE`. Verify your gateway's Unicode normalization policy if RTLO files are a concern in your threat model.\n\n### Antivirus Heuristics\n\nMajor AV vendors flag RTLO-named executables at the file-open/scan event layer. Detection is reliable on Windows when the file is written to disk. Network-level inspection varies by vendor.\n\n\u003cp align=\"right\"\u003e(\u003ca href=\"#top\"\u003eBack to top\u003c/a\u003e)\u003c/p\u003e\n\n---\n\n## Installation\n\n### Prerequisites\n\n- **Windows OS** (tested on Windows 10 and Windows 11).\n- **PowerShell 5.1 or higher** (pre-installed on modern Windows).\n- No external dependencies. Pure PowerShell.\n\n### Getting Memento-RTLO\n\n#### Option 1: One-liner download\n\n```powershell\nInvoke-WebRequest https://raw.githubusercontent.com/franckferman/Memento-RTLO/stable/MementoRTLO.ps1 -OutFile MementoRTLO.ps1\n```\n\n#### Option 2: Clone via Git\n\n```powershell\ngit clone https://github.com/franckferman/Memento-RTLO.git\n```\n\n#### Option 3: Download ZIP\n\n1. Navigate to the GitHub repository.\n2. Click `\u003c\u003e Code` then `Download ZIP`.\n3. Extract to the desired location.\n\n\u003cp align=\"right\"\u003e(\u003ca href=\"#top\"\u003eBack to top\u003c/a\u003e)\u003c/p\u003e\n\n---\n\n## Usage\n\n### Setup\n\nAllow script execution for the current process (does not persist):\n\n```powershell\nSet-ExecutionPolicy -ExecutionPolicy Unrestricted -Scope Process\n```\n\n### Basic Usage\n\n```powershell\n.\\MementoRTLO.ps1 --file \"C:\\Path\\to\\payload.exe\"\n```\n\nIf `--choice` is omitted, the script presents an interactive menu of available spoof patterns for the detected extension.\n\nCombined one-liner:\n\n```powershell\nSet-ExecutionPolicy -ExecutionPolicy Unrestricted -Scope Process; .\\MementoRTLO.ps1 --file \"C:\\Path\\to\\payload.exe\"\n```\n\n### Command-Line Reference\n\n```\n.\\MementoRTLO.ps1 --file \u003cpath\u003e [--choice \u003cnumber\u003e] [--replace] [--show-list] [--help]\n```\n\n| Option | Required | Description | Example |\n|---|---|---|---|\n| `--file \u003cpath\u003e` | Yes | Path to the source file to spoof | `--file \"C:\\lab\\test.exe\"` |\n| `--choice \u003cn\u003e` | No | Select spoof pattern by index (see `--show-list`) | `--choice 1` |\n| `--replace` | No | Rename the original file in-place (default: create a copy) | `--replace` |\n| `--show-list` | No | Print all available name/extension pairs and exit | `--show-list` |\n| `--help` / `-help` / `/help` | No | Print help message and exit | `--help` |\n\n### Examples\n\nList available spoof patterns:\n\n```powershell\n.\\MementoRTLO.ps1 --show-list\n```\n\nSpoof `payload.exe` as a PDF document (non-destructive copy):\n\n```powershell\n.\\MementoRTLO.ps1 --file \"C:\\lab\\payload.exe\" --choice 2\n```\n\nSpoof `payload.exe` as a JPEG and rename the original in-place:\n\n```powershell\n.\\MementoRTLO.ps1 --file \"C:\\lab\\payload.exe\" --choice 1 --replace\n```\n\nSpoof a VBS file as an email message:\n\n```powershell\n.\\MementoRTLO.ps1 --file \"C:\\lab\\dropper.vbs\" --choice 2\n```\n\n\u003cp align=\"right\"\u003e(\u003ca href=\"#top\"\u003eBack to top\u003c/a\u003e)\u003c/p\u003e\n\n---\n\n## Star Evolution\n\n\u003ca href=\"https://star-history.com/#franckferman/Memento-RTLO\u0026Timeline\"\u003e\n  \u003cpicture\u003e\n    \u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"https://api.star-history.com/svg?repos=franckferman/Memento-RTLO\u0026type=Timeline\u0026theme=dark\" /\u003e\n    \u003cimg alt=\"Star History Chart\" src=\"https://api.star-history.com/svg?repos=franckferman/Memento-RTLO\u0026type=Timeline\" /\u003e\n  \u003c/picture\u003e\n\u003c/a\u003e\n\n\u003cp align=\"right\"\u003e(\u003ca href=\"#top\"\u003eBack to top\u003c/a\u003e)\u003c/p\u003e\n\n---\n\n## License\n\nThis project is licensed under the GNU Affero General Public License v3.0.\nSee the [LICENSE](https://github.com/franckferman/Memento-RTLO/blob/stable/LICENSE) file for the full terms.\n\n\u003cp align=\"right\"\u003e(\u003ca href=\"#top\"\u003eBack to top\u003c/a\u003e)\u003c/p\u003e\n\n---\n\n## Contact\n\n[![ProtonMail][protonmail-shield]](mailto:contact@franckferman.fr)\n[![LinkedIn][linkedin-shield]](https://www.linkedin.com/in/franckferman)\n[![Twitter][twitter-shield]](https://www.twitter.com/franckferman)\n\n\u003cp align=\"right\"\u003e(\u003ca href=\"#top\"\u003eBack to top\u003c/a\u003e)\u003c/p\u003e\n\n\u003c!-- MARKDOWN LINKS \u0026 IMAGES --\u003e\n[contributors-shield]: https://img.shields.io/github/contributors/franckferman/Memento-RTLO.svg?style=for-the-badge\n[contributors-url]: https://github.com/franckferman/Memento-RTLO/graphs/contributors\n[stars-shield]: https://img.shields.io/github/stars/franckferman/Memento-RTLO.svg?style=for-the-badge\n[stars-url]: https://github.com/franckferman/Memento-RTLO/stargazers\n[license-shield]: https://img.shields.io/github/license/franckferman/Memento-RTLO.svg?style=for-the-badge\n[license-url]: https://github.com/franckferman/Memento-RTLO/blob/stable/LICENSE\n[protonmail-shield]: https://img.shields.io/badge/ProtonMail-8B89CC?style=for-the-badge\u0026logo=protonmail\u0026logoColor=blueviolet\n[linkedin-shield]: https://img.shields.io/badge/-LinkedIn-black.svg?style=for-the-badge\u0026logo=linkedin\u0026colorB=blue\n[twitter-shield]: https://img.shields.io/badge/-Twitter-black.svg?style=for-the-badge\u0026logo=twitter\u0026colorB=blue\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffranckferman%2Fmemento-rtlo","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ffranckferman%2Fmemento-rtlo","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffranckferman%2Fmemento-rtlo/lists"}