β οΈ This project demonstrates how Joblib serialization can be abused to execute reverse shell payloads. For educational and red teaming only.
Healthcare Chatbot (Feather Payload Edition)
β Overview
This chatbot project demonstrates how a malicious payload can be hidden inside a Feather (.feather) file format, often used in data science workflows. The chatbot uses a modified Q&A dataset where the payload is executed upon loading.
β Important: This is for educational research only. Do not execute untrusted Feather files.
π How to Run
1. Generate the Feather Payload
python generate_data_feather.py
2. Launch the Chatbot
streamlit run healthcare_chatbot_feather.py
A reverse shell connection will attempt to connect back to the attacker's machine as the Feather file is deserialized.
π File Structure
generate_data_feather.py: Creates a malicious Feather file.train_data_mod_obfuscated_fixed.feather: The resulting Feather file.healthcare_chatbot_feather.py: Loads the payload during chatbot startup.
π§ Security Implications
- Demonstrates the hidden threat of trusting Feather files blindly.
- Many blue teams and EDRs ignore Feather files.
- Shows how scientific formats can be abused for stealth payload delivery.
π© Contact
For collaboration or questions, reach out through the project's repository page.
Inference Providers
NEW
This model isn't deployed by any Inference Provider.
π
Ask for provider support