diff --git a/README.md b/README.md
index 30e8193f..9284f6f2 100644
--- a/README.md
+++ b/README.md
@@ -74,25 +74,25 @@
| Family | Summary | Signature Behaviors | Report |
|-------------|----------------------------------------------------|--------------------------|--------|
-| DroidKungFu | Privilege escalation with C2 control. | 1. Gain unlimited access to a device.
2. Install/Uninstall additional apps.
3. Forward confidential data. | [View](https://quark-engine.readthedocs.io/en/latest/quark_rules.html#new-quark-rules-for-droidkungfu) |
-| GoldDream | SMS/call log exfiltration with remote C2 commands. | 1. Monitor SMS messages and phone calls.
2. Upload SMS messages and phone calls to remote servers. | [View](https://quark-engine.readthedocs.io/en/latest/quark_rules.html#new-quark-rules-for-golddream) |
-| SpyNote | Credential theft and device surveillance via RAT. | 1. Take screenshots.
2. Simulate user gestures.
3. Log user input.
4. Communicate with C2 servers. | [View](https://quark-engine.readthedocs.io/en/latest/quark_rules.html#new-quark-rules-for-spynote) |
-| DawDropper | Dropper that installs banking trojans for financial theft. | 1. Download APKs from remote servers.
2. Install additional APKs. | [View](https://quark-engine.readthedocs.io/en/latest/quark_rules.html#new-quark-rules-for-dawdropper) |
-| SLocker | Android ransomware locking/encrypting devices. | 1. Lock the device with an overlay screen. | [View](https://quark-engine.readthedocs.io/en/latest/quark_rules.html#new-quark-rules-for-slocker) |
-| PhantomCard | NFC relay–based financial fraud. | 1. Communicate with C2 servers.
2. Read the payment data of NFC cards.
3. Captures PINs of NFC cards through deceptive screens. | [View](https://quark-engine.readthedocs.io/en/latest/quark_rules.html#new-quark-rules-for-phantomcard) |
-| ToxicPanda | Banking trojan enabling on-device fraud. | 1. Abuse Accessibility.
2. Remote device control.
3. Intercept OTP. | [View](https://quark-engine.readthedocs.io/en/latest/quark_rules.html#new-quark-rules-for-toxicpanda) |
-| Hydra | Banking trojan using overlay attacks. | 1. Overlay credential theft.
2. Accessibility abuse.
3. Steal OTP/cookies. | [View](https://quark-engine.readthedocs.io/en/latest/quark_rules.html#new-quark-rules-for-hydra) |
-| SharkBot | Banking trojan targeting financial credentials and transactions. | 1. Abuse Accessibility services.
2. Perform overlay attacks to steal credentials.
3. Intercept SMS messages (OTP). | [View](https://quark-engine.readthedocs.io/en/latest/quark_rules.html#new-quark-rules-for-sharkbot) |
-| Antidot | Banking trojan disguised as legitimate updates for financial data theft. | 1. Intercept SMS messages (OTP).
2. Log user input (keylogging).
3. Enable remote control via C2. | [View](https://quark-engine.readthedocs.io/en/latest/quark_rules.html#new-quark-rules-for-antidot) |
-| Arsink | Banking trojan focusing on credential and financial data exfiltration. | 1. Steal sensitive data from device.
2. Intercept SMS messages (OTP). | [View](https://quark-engine.readthedocs.io/en/latest/quark_rules.html#new-quark-rules-for-arsink) |
-| TrickMo | Banking trojan using overlay attacks and accessibility abuse for credential theft. | 1. Overlay attacks to steal banking credentials.
2. Intercept SMS for 2FA bypass.
3. Screen recording and accessibility abuse.
4. Dynamic payload loading via reflection. | [View](https://quark-engine.readthedocs.io/en/latest/quark_rules.html#new-quark-rules-for-trickmo) |
-| Anubis | Banking trojan with RAT capabilities. | 1. Overlay credential theft.
2. Keylogging.
3. Intercept SMS (OTP).
4. Remote control via C2. | [View](https://quark-engine.readthedocs.io/en/latest/quark_rules.html#new-quark-rules-for-anubis) |
-| GodFather | Banking trojan targeting financial credentials through overlay and accessibility abuse. | 1. Perform overlay attacks to steal credentials.
2. Abuse Accessibility services.
3. Intercept SMS messages (OTP).
4. Steal banking credentials and sensitive data. | [View](https://quark-engine.readthedocs.io/en/latest/quark_rules.html#new-quark-rules-for-godfather) |
-| TangleBot | SMS-based Android malware stealing personal and financial data. | 1. Spread through SMS phishing links.
2. Control device interactions and overlay screens.
3. Access SMS, contacts, call logs, camera, and microphone.
4. Steal account and financial information. | [View](https://quark-engine.readthedocs.io/en/latest/quark_rules.html#new-quark-rules-for-tanglebot) |
-| BRATA | Banking trojan with remote control and anti-analysis capabilities. | 1. Perform overlay attacks to steal banking credentials.
2. Abuse Accessibility services for device control.
3. Intercept SMS messages (OTP).
4. Execute factory reset or device wipe commands. | [View](https://quark-engine.readthedocs.io/en/latest/quark_rules.html#new-quark-rules-for-brata) |
-| Cerberus | Banking trojan targeting financial credentials through overlay and device control. | 1. Perform overlay attacks to steal credentials.
2. Abuse Accessibility services.
3. Log user input (keylogging).
4. Enable remote control via C2. | [View](https://quark-engine.readthedocs.io/en/latest/quark_rules.html#new-quark-rules-for-cerberus) |
-| SuperCardX | NFC relay malware enabling contactless payment fraud. | 1. Read NFC payment card data.
2. Relay NFC transactions to attacker-controlled devices.
3. Communicate with C2 servers.
4. Facilitate unauthorized contactless payments. | [View](https://quark-engine.readthedocs.io/en/latest/quark_rules.html#new-quark-rules-for-supercardx) |
-| NGate | NFC-based malware enabling relay attacks and payment fraud. | 1. Read NFC payment card data.
2. Relay NFC communications to attacker-controlled devices.
3. Communicate with C2 servers.
4. Facilitate unauthorized contactless payments. | [View](https://quark-engine.readthedocs.io/en/latest/quark_rules.html#new-quark-rules-for-ngate) |
+| DroidKungFu | Privilege escalation with C2 control. | 1. Gain unlimited access to a device.
2. Install/Uninstall additional apps.
3. Forward confidential data. | [View](https://quark-engine.readthedocs.io/en/latest/malware_report.html#new-quark-rules-for-droidkungfu) |
+| GoldDream | SMS/call log exfiltration with remote C2 commands. | 1. Monitor SMS messages and phone calls.
2. Upload SMS messages and phone calls to remote servers. | [View](https://quark-engine.readthedocs.io/en/latest/malware_report.html#new-quark-rules-for-golddream) |
+| SpyNote | Credential theft and device surveillance via RAT. | 1. Take screenshots.
2. Simulate user gestures.
3. Log user input.
4. Communicate with C2 servers. | [View](https://quark-engine.readthedocs.io/en/latest/malware_report.html#new-quark-rules-for-spynote) |
+| DawDropper | Dropper that installs banking trojans for financial theft. | 1. Download APKs from remote servers.
2. Install additional APKs. | [View](https://quark-engine.readthedocs.io/en/latest/malware_report.html#new-quark-rules-for-dawdropper) |
+| SLocker | Android ransomware locking/encrypting devices. | 1. Lock the device with an overlay screen. | [View](https://quark-engine.readthedocs.io/en/latest/malware_report.html#new-quark-rules-for-slocker) |
+| PhantomCard | NFC relay–based financial fraud. | 1. Communicate with C2 servers.
2. Read the payment data of NFC cards.
3. Captures PINs of NFC cards through deceptive screens. | [View](https://quark-engine.readthedocs.io/en/latest/malware_report.html#new-quark-rules-for-phantomcard) |
+| ToxicPanda | Banking trojan enabling on-device fraud. | 1. Abuse Accessibility.
2. Remote device control.
3. Intercept OTP. | [View](https://quark-engine.readthedocs.io/en/latest/malware_report.html#new-quark-rules-for-toxicpanda) |
+| Hydra | Banking trojan using overlay attacks. | 1. Overlay credential theft.
2. Accessibility abuse.
3. Steal OTP/cookies. | [View](https://quark-engine.readthedocs.io/en/latest/malware_report.html#new-quark-rules-for-hydra) |
+| SharkBot | Banking trojan targeting financial credentials and transactions. | 1. Abuse Accessibility services.
2. Perform overlay attacks to steal credentials.
3. Intercept SMS messages (OTP). | [View](https://quark-engine.readthedocs.io/en/latest/malware_report.html#new-quark-rules-for-sharkbot) |
+| Antidot | Banking trojan disguised as legitimate updates for financial data theft. | 1. Intercept SMS messages (OTP).
2. Log user input (keylogging).
3. Enable remote control via C2. | [View](https://quark-engine.readthedocs.io/en/latest/malware_report.html#new-quark-rules-for-antidot) |
+| Arsink | Banking trojan focusing on credential and financial data exfiltration. | 1. Steal sensitive data from device.
2. Intercept SMS messages (OTP). | [View](https://quark-engine.readthedocs.io/en/latest/malware_report.html#new-quark-rules-for-arsink) |
+| TrickMo | Banking trojan using overlay attacks and accessibility abuse for credential theft. | 1. Overlay attacks to steal banking credentials.
2. Intercept SMS for 2FA bypass.
3. Screen recording and accessibility abuse.
4. Dynamic payload loading via reflection. | [View](https://quark-engine.readthedocs.io/en/latest/malware_report.html#new-quark-rules-for-trickmo) |
+| Anubis | Banking trojan with RAT capabilities. | 1. Overlay credential theft.
2. Keylogging.
3. Intercept SMS (OTP).
4. Remote control via C2. | [View](https://quark-engine.readthedocs.io/en/latest/malware_report.html#new-quark-rules-for-anubis) |
+| GodFather | Banking trojan targeting financial credentials through overlay and accessibility abuse. | 1. Perform overlay attacks to steal credentials.
2. Abuse Accessibility services.
3. Intercept SMS messages (OTP).
4. Steal banking credentials and sensitive data. | [View](https://quark-engine.readthedocs.io/en/latest/malware_report.html#new-quark-rules-for-godfather) |
+| TangleBot | SMS-based Android malware stealing personal and financial data. | 1. Spread through SMS phishing links.
2. Control device interactions and overlay screens.
3. Access SMS, contacts, call logs, camera, and microphone.
4. Steal account and financial information. | [View](https://quark-engine.readthedocs.io/en/latest/malware_report.html#new-quark-rules-for-tanglebot) |
+| BRATA | Banking trojan with remote control and anti-analysis capabilities. | 1. Perform overlay attacks to steal banking credentials.
2. Abuse Accessibility services for device control.
3. Intercept SMS messages (OTP).
4. Execute factory reset or device wipe commands. | [View](https://quark-engine.readthedocs.io/en/latest/malware_report.html#brata-malware-family-analysis-report) |
+| Cerberus | Banking trojan targeting financial credentials through overlay and device control. | 1. Perform overlay attacks to steal credentials.
2. Abuse Accessibility services.
3. Log user input (keylogging).
4. Enable remote control via C2. | [View](https://quark-engine.readthedocs.io/en/latest/malware_report.html#cerberus-malware-family-analysis-report) |
+| SuperCardX | NFC relay malware enabling contactless payment fraud. | 1. Read NFC payment card data.
2. Relay NFC transactions to attacker-controlled devices.
3. Communicate with C2 servers.
4. Facilitate unauthorized contactless payments. | [View](https://quark-engine.readthedocs.io/en/latest/malware_report.html#supercardx-malware-family-analysis-report) |
+| NGate | NFC-based malware enabling relay attacks and payment fraud. | 1. Read NFC payment card data.
2. Relay NFC communications to attacker-controlled devices.
3. Communicate with C2 servers.
4. Facilitate unauthorized contactless payments. | [View](https://quark-engine.readthedocs.io/en/latest/malware_report.html#ngate-malware-family-analysis-report) |
## Quick Start