diff --git a/clusters/tool.json b/clusters/tool.json
index 0606a6a..5ddaf2f 100644
--- a/clusters/tool.json
+++ b/clusters/tool.json
@@ -8235,7 +8235,43 @@
       "related": [],
       "uuid": "1974ea65-7312-4d91-a592-649983b46554",
       "value": "Caterpillar WebShell"
+    },
+    {
+      "description": "The P.A.S. webshell was developed by an ukrainian student, Jaroslav Volodimirovich Panchenko, who used the nick-name Profexer. It was developed in PHP and features a characteristic password-based encryption. This tool was available through a form on his website, where a user had to provide a password to receive a custom webshell. The form suggested a donation to the developer. It was commonly used, including during a WORDPRESS website attack.",
+      "meta": {
+        "refs": [
+          "https://us-cert.cisa.gov/GRIZZLY-STEPPE-Russian-Malicious-Cyber-Activity",
+          "https://www.cert.ssi.gouv.fr/uploads/CERTFR-2021-CTI-005.pdf"
+        ],
+        "synonyms": [
+          "Fobushell"
+        ],
+        "type": [
+          "webshell"
+        ]
+      },
+      "related": [],
+      "uuid": "6baa1f46-daa9-4f40-952b-ec613c835abb",
+      "value": "P.A.S. webshell"
+    },
+    {
+      "description": "",
+      "meta": {
+        "refs": [
+          "https://www.welivesecurity.com/2018/10/11/new-telebots-backdoor-linking-industroyer-notpetya/",
+          "https://www.cert.ssi.gouv.fr/uploads/CERTFR-2021-CTI-005.pdf"
+        ],
+        "synonyms": [
+          ""
+        ],
+        "type": [
+          "backdoor"
+        ]
+      },
+      "related": [],
+      "uuid": "95174297-6dff-47d9-bcb9-263f9b2efcfb",
+      "value": "Exaramel"
     }
   ],
-  "version": 141
+  "version": 142
 }