https://github.com/infosecredd/btsm-payloads

BTSM (Behind-the-Scenes Manipulation) Payloads PoC
https://github.com/infosecredd/btsm-payloads

obfuscation payloads steganography steganography-encoding

Last synced: about 2 months ago
JSON representation

BTSM (Behind-the-Scenes Manipulation) Payloads PoC

• Host: GitHub
• URL: https://github.com/infosecredd/btsm-payloads
• Owner: InfoSecREDD
• License: mit
• Created: 2024-03-08T23:40:16.000Z (11 months ago)
• Default Branch: main
• Last Pushed: 2024-03-09T00:02:55.000Z (11 months ago)
• Last Synced: 2024-03-10T20:48:52.369Z (11 months ago)
• Topics: obfuscation, payloads, steganography, steganography-encoding
• Language: PowerShell
• Homepage:
• Size: 6.84 KB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        
# BTSM Payloads

### BTSM (Behind-the-Scenes Manipulation) Payloads PoC

 (It's a "play" on BDSM; Because it feels so wrong, and probably shouldn't be shared with the world.)

This Proof of Concept requires Microsoft Windows PowerShell 7+.

### What does it do?

As of the time of this release, I will leave it up to your imagination. Once this PoC has been around for awhile, this will be filled in accurately.

### Why this only works on PowerShell 7+?

The transition from PowerShell version 5 to version 7 marked a significant improvement in the language's capabilities. In version 5, handling arrays and complex byte assembly posed challenges, limiting its ability to execute payloads like InvisInk effectively. However, with the upgrade to PowerShell 7, these limitations were addressed. The new version enabled the integration of complex arrays seamlessly, allowing for the execution of [InvisInk](https://github.com/InfoSecREDD/InvisInk-Encoder) payloads without revealing the underlying code while also skipping the decoy code. 

[InvisInk Encoder](https://github.com/InfoSecREDD/InvisInk-Encoder) - By InfoSecREDD