From a98e6eb10792cf1d14ea75090bffe18a979c666a Mon Sep 17 00:00:00 2001
From: mgeeky <mb@binary-offensive.com>
Date: Tue, 8 Feb 2022 21:34:25 +0100
Subject: [PATCH] Added PackMyPayload

---
 .gitmodules               |  3 +++
 red-teaming/PackMyPayload |  1 +
 red-teaming/README.md     | 10 ++++++++++
 3 files changed, 14 insertions(+)
 create mode 160000 red-teaming/PackMyPayload

diff --git a/.gitmodules b/.gitmodules
index 1ef8675..4e52b99 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -58,3 +58,6 @@
 [submodule "clouds/azure/AzureRT"]
 	path = clouds/azure/AzureRT
 	url = https://github.com/mgeeky/AzureRT
+[submodule "red-teaming/PackMyPayload"]
+	path = red-teaming/PackMyPayload
+	url = https://github.com/mgeeky/PackMyPayload
diff --git a/red-teaming/PackMyPayload b/red-teaming/PackMyPayload
new file mode 160000
index 0000000..902f8f6
--- /dev/null
+++ b/red-teaming/PackMyPayload
@@ -0,0 +1 @@
+Subproject commit 902f8f661eee2c68dabecadda6275e6931df18b0
diff --git a/red-teaming/README.md b/red-teaming/README.md
index 961b5a0..76f2f8d 100755
--- a/red-teaming/README.md
+++ b/red-teaming/README.md
@@ -310,6 +310,16 @@ $ ./markOwnedNodesInNeo4j.py kerberoasted.txt
 
 - **`muti-stage-1.md`** - Multi-Stage Penetration-Testing / Red Teaming Malicious Word document creation process. ([gist](https://gist.github.com/mgeeky/6097ea56e0f541aa7d98161e2aa76dfb))
 
+- [**`PackMyPayload`**](https://github.com/mgeeky/PackMyPayload) - A script that takes file/directory on input and creates a new (or backdoors existing) container file with input ones embedded. Some of the formats (ISO, IMG, VHD, VHDX) could be used to bypass Mark-of-the-Web (MOTW) file taint flag. Supported formats: 
+  1. `ZIP` (+password)
+  2. `7zip` (+password)
+  3. `PDF` (+password)
+  4. `ISO` 
+  5. `IMG` 
+  6. `CAB` 
+  7. `VHD` 
+  8. `VHDX` 
+
 - [**`RedWarden`**](https://github.com/mgeeky/RedWarden) - A Cobalt Strike C2 Reverse proxy fending off Blue Teams, AVs, EDRs, scanners through packet inspection and malleable profile correlation.
 
 - [**`rogue-dot-net`**](https://github.com/mgeeky/Penetration-Testing-Tools/tree/master/red-teaming/rogue-dot-net) - Set of scripts, requirements and instructions for generating .NET Assemblies valid for **Regasm**/**Regsvcs**/**InstallUtil** code execution primitives.