diff --git a/TTPs/Persistence/dll_hijacking.py b/TTPs/Persistence/dll_hijacking.py
deleted file mode 100644
index 9c17456..0000000
--- a/TTPs/Persistence/dll_hijacking.py
+++ /dev/null
@@ -1,78 +0,0 @@
-import sys
-from Modules.Imports.ttp_imports import *
-from Modules.submenu import build_submenu
-
-def dll_hijacking_submenu():
-    """
-    Submenu for DLL Hijacking detection techniques.
-    """
-    actions = {
-        "1": {"description": "File System Analysis", "function": file_system_analysis},
-        "2": {"description": "Memory Analysis", "function": memory_analysis},
-        "3": {"description": "Command Line Analysis", "function": command_line_analysis},
-        "4": {"description": "SANS DFIR Insights", "function": sans_dfir_insights},
-    }
-    build_submenu("DLL Hijacking Detection", actions)
-
-# Individual submenu functions
-
-def file_system_analysis():
-    """
-    Displays information about file system analysis for DLL hijacking detection.
-    """
-    title = "DLL Hijacking File System Analysis"
-    content = """
-- Look for new or unsigned `.exe` and `.dll` files in unusual locations.
-- Example Indicators:
-    - Timestamp: 2021-02-18 03:42:31
-        - Impact: -
-        - Method: mach Meta
-        - File Name: `c:/ProgramData/mcoemcpy.exe` (size: 77824)
-    - File: `c:/ProgramData/McUtil.dll` (size: 131072)
-"""
-    print_info(title, content)
-
-def memory_analysis():
-    """
-    Displays memory analysis techniques for DLL hijacking detection.
-    """
-    title = "DLL Hijacking Memory Analysis"
-    content = """
-- Identify system processes or DLLs loaded from unusual locations.
-- Pay attention to:
-    - Processes running unexpected code.
-    - DLLs loaded from locations outside expected directories.
-- Newly created DLLs and executables can indicate malicious activity.
-"""
-    print_info(title, content)
-
-def command_line_analysis():
-    """
-    Displays command-line analysis techniques for DLL hijacking detection.
-    """
-    title = "DLL Hijacking Command-Line Analysis"
-    content = """
-- Review suspicious command-line execution patterns.
-    - Example:
-        - Command: `C:\\ProgramData\\ncoenchy.exe 0x4`
-        - Method: mach Meta
-- Check for signs of injection or other manipulation.
-"""
-    print_info(title, content)
-
-def sans_dfir_insights():
-    """
-    Displays insights from SANS DFIR training for DLL hijacking detection.
-    """
-    title = "DLL Hijacking Insights from SANS DFIR"
-    content = """
-- Nearly all DLL hijacks require placing a new DLL or executable onto the file system.
-- Investigative Techniques:
-    - **File Timeline Analysis**:
-        - Focus on newly created files during times of interest.
-    - **Memory Forensics**:
-        - Analyze running processes for unexpected DLL locations.
-- Obscure DLLs are more likely to be targeted since common DLLs are usually preloaded into memory.
-- Other anomalous actions like network beaconing or named pipe creation can lead to detection.
-"""
-    print_info(title, content)