Skip to content

njcve/inflate.py

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits

README.md

README.md

 
 

inflate.py

inflate.py

 
 

Repository files navigation

inflate.py

A quick and simple script that can be used to inflate binary files by padding them out with null bytes. Simply call the script along with the name or location of the binary you want to inflate plus an integer value to inflate it by.

I have used this to successfully evade AV and EDR solutions as many security vendors simply do not check large files!

Example

----
$ ls -la
-rwxrwxrwx 1 kali kali 1001224 Mar  8  2020 mimikatz.exe

----
$ python inflate.py -f mimikatz.exe -s 150
[!]     Inflating mimikatz.exe by 150 MB
[!]     Operation Complete...
----

$ ls -la
-rwxrwxrwx 1 kali kali 158287624 Mar  8  2020 mimikatz.exe
----

About

Artificially inflate a given binary to exceed common EDR file size limits. Can be used to bypass common EDR.

Topics

antivirus bugbounty antivirus-evasion av-evasion av-bypass endpoint-security evasion-attack edr-bypass

Resources

Readme
Activity

Stars

115 stars

Watchers

1 watching

Forks

15 forks
Report repository

Releases 1

v1.0 Latest
Apr 9, 2022

Packages

No packages published

Languages