Smug_Fuck – Bring Your Own File and create your own Dropper.

File Smuggling HTML Smuggling techniques sidestep traditional network security solutions such as email scanners, proxies and sandboxes by using the features of HTML5 and Javascript. This is done by generating the malicious HTML code within the browser on the target device which is already inside the security perimeter of the network. image

ezgif com-gif-maker (2)

There is two option for smuggling:

  1. Base64
  2. Bytes_array

there is one obsfucation method:

1)Url Decode (Utf-8).

On_The_Road_Map:

  1. Add more Obfuscation technique (Speicaly Javascript obfuscation).
  2. Add more Html Events and triggers to avoid sandbox detection such as (Onclick, Onmouseover, Onscroll, etc..).

GitHub

View Github