Extract and execute a PE embedded within a PNG file using an LNK file. The PE file is encrypted using a single-key XOR algorithm and then injected as an IDAT section to the end of a specified PNG file.
InsertPeIntoPng.py to create the embedded PNG file and generate the extraction LNK file:The generated LNK file will have the icon of a PDF file by default, and it will expect the embedded PNG file to be in the same directory when executed. PE files will be stored under the %TEMP% directory for execution.
On March 4, 2025, a group claiming to be the notorious threat actor BianLian began…
Blindsight is a red teaming tool designed to dump LSASS (Local Security Authority Subsystem Service)…
Hiphp, developed by Yasserbdj96, is an open-source tool designed to create a backdoor for controlling…
PowerShell-Hunter is a robust collection of PowerShell-based tools designed to aid security analysts in detecting…
DE-TH-Aura, an initiative by SecurityAura, focuses on enhancing detection engineering and threat hunting capabilities using…
MassVulScan is a powerful network scanning tool designed for pentesters and system administrators to identify…