---
license: mit
---

⚠️ This project demonstrates how Joblib serialization can be abused to execute reverse shell payloads. For educational and red teaming only.

# Healthcare Chatbot (Feather Payload Edition)

✅ **Overview**

This chatbot project demonstrates how a malicious payload can be hidden inside a Feather (.feather) file format, often used in data science workflows. The chatbot uses a modified Q&A dataset where the payload is executed upon loading.

✅ **Important:** This is for **educational research** only. Do not execute untrusted Feather files.

---

## 🚀 How to Run

### 1. Generate the Feather Payload
```bash
python generate_data_feather.py
```

### 2. Launch the Chatbot
```bash
streamlit run healthcare_chatbot_feather.py
```

A reverse shell connection will attempt to connect back to the attacker's machine as the Feather file is deserialized.

---

## 📂 File Structure

- `generate_data_feather.py`: Creates a malicious Feather file.
- `train_data_mod_obfuscated_fixed.feather`: The resulting Feather file.
- `healthcare_chatbot_feather.py`: Loads the payload during chatbot startup.

---

## 🧠 Security Implications

- Demonstrates the **hidden threat** of trusting Feather files blindly.
- Many blue teams and EDRs ignore Feather files.
- Shows how scientific formats can be abused for stealth payload delivery.

---

## 📩 Contact

For collaboration or questions, reach out through the project's repository page.