├── gatoPolyglot.jpg
└── readme.md


/gatoPolyglot.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mindcrypt/polyglot/6fa597780b3bc20be5796861d7d62dd314fb4c56/gatoPolyglot.jpg


--------------------------------------------------------------------------------
/readme.md:
--------------------------------------------------------------------------------
 1 | * Funky File formats - Ange Albertini 2014/12 31C3 - https://fahrplan.events.ccc.de/congress/2014/Fahrplan/system/attachments/2562/original/Funky_File_Formats.pdf
 2 | * https://github.com/corkami/pocs/tree/master/poly
 3 | * https://code.google.com/archive/p/corkami/
 4 | * Scattered - sha1 - https://shattered.io/static/shattered.pdf
 5 | * https://truepolyglot.hackade.org/
 6 | * Exploit Delivery via Steganography and Polyglots - https://stegosploit.info/
 7 | * Polyglots: Crossing Origins by Crossing Formats - http://www.cse.chalmers.se/~andrei/ccs13.pdf
 8 | * Hide Android Applications in Images - https://www.blackhat.com/docs/eu-14/materials/eu-14-Apvrille-Hide-Android-Applications-In-Images-wp.pdf
 9 | 
10 | * GIF/Javascript Polyglots: Abusing GIFs, tags, and MIME types for evil - https://0x00sec.org/t/gif-javascript-polyglots-abusing-gifs-tags-and-mime-types-for-evil/5088
11 | * PDF-based polyglots through SVG images - https://es.slideshare.net/mindedsecurity/pdfbased-polyglots-through-svg-images
12 | * Bypassing Content Security Policy with a JS/GIF Polyglot - https://ajinabraham.com/blog/bypassing-content-security-policy-with-a-jsgif-polyglot
13 | * Malvertising Attack Sneaks JavaScript Payload in Polyglot Images - https://www.bleepingcomputer.com/news/security/malvertising-attack-sneaks-javascript-payload-in-polyglot-images/
14 | * Bypassing CSP using polyglot JPEGs - https://portswigger.net/blog/bypassing-csp-using-polyglot-jpegs
15 | * Unleashing an Ultimate XSS Polyglot - https://github.com/0xsobky/HackVault/wiki/Unleashing-an-Ultimate-XSS-Polyglot
16 | * https://www.peerlyst.com/posts/polyglot-payloads-xss-hari-namburi
17 | * Building an XSS polyglot through SWF and CSP - https://labs.detectify.com/2015/05/28/building-an-xss-polyglot-through-swf-and-csp/
18 | * SHAKESPEARE IN A ZIP IN A RAR, HIDDEN IN AN IMAGE ON TWITTER - https://hackaday.com/2018/11/07/shakespeare-in-a-zip-in-a-rar-hidden-in-an-image-on-twitter/#more-332063
19 | * Hacking group using Polyglot images to hide malvertising attacks - https://devcondetect.com/blog/2019/2/24/hacking-group-using-polyglot-images-to-hide-malvertsing-attacks
20 | * https://hatching.io/blog/lnk-hta-polyglot
21 | * https://en.wikipedia.org/wiki/Gifar
22 | * https://github.com/Polydet/polyglot-database
23 | * https://github.com/ViGrey/3F.py
24 | * https://github.com/rapid7/metasploit-framework/blob/master/modules/encoders/x86/bmp_polyglot.rb
25 | * https://github.com/tickelton/ico-pdf
26 | * https://webassembly-security.com/polyglot-webassembly-module-html-js-wasm/
27 | * https://github.com/Mr-Un1k0d3r/DKMC/blob/master/DKMC%20presentation%202017.pdf
28 | * +- https://kalilinuxtutorials.com/pixload-image-payload-creating-injecting/
29 | * Polyglots PoC using radare2 as binary editor, Abraham Pasamar, INCIDE - https://www.youtube.com/watch?v=0S61uzx-Efk&feature=youtu.be
30 | * Polyglottar, un polyglot TAR+ELF - https://sysfatal.github.io/polyglottar.html
31 | * https://insert-script.blogspot.com/2020/11/imagemagick-shell-injection-via-pdf.html
32 | 
33 | * https://github.com/DavidBuchanan314/tweetable-polyglot-png
34 | * https://github.com/mindcrypt/powerglot
35 | 
36 |  ![alt text](https://github.com/mindcrypt/polyglot/blob/master/gatoPolyglot.jpg)
37 | 
38 | 
39 | 
40 | 


--------------------------------------------------------------------------------