README.md

# ModelScan Bypass — Arbitrary Code Execution via joblib Deserialization

## Summary
This repository contains a proof-of-concept `.joblib` model file that achieves arbitrary code execution when loaded with `joblib.load()`, while evading ModelScan v0.8.8 detection entirely.

## Reproduction

```python
# Step 1: Scan the file (reports clean)
# pip install modelscan
# modelscan scan --path model.joblib

# Step 2: Load the file (executes code)
import joblib
joblib.load("model.joblib")
```

## Files
- `model.joblib` — Uncompressed joblib file (ACE + scanner bypass via denylist gap)
- `model_compressed.joblib` — LZMA-compressed joblib file (ACE + scanner bypass via parsing failure)