A simple tool that takes a shell command and a target .py file, then writes a new copy of that file with the command hidden in the source using invisible Unicode characters. When the modified file runs, it decodes and executes that command.
You pick CMD or PowerShell, optional silent execution, and whether to print debug info while building.
-
Your command is turned into a short Python snippet (run via
os.systemorsubprocess, with optional hidden window on Windows). -
That snippet is UTF‑8 encoded, then each bit is written as one of two invisible Unicode characters (zero‑width space / zero‑width joiner). So the payload is a long string of “nothing” you can’t see in a normal editor.
-
The builder inserts a tiny function near the top of the target file (after the
importblock) that re‑opens the file, pulls out only those invisible characters, turns them back into bytes, andexecs them. The hidden data sits on a line that starts with#so the rest of the line still looks like a comment to a quick glance. -
It appends an extra function at the bottom that touches the same markers but doesn’t run the payload—mostly noise so the file looks more “normal.”
-
Output is a new file next to the original, named
*_stealth.py. Running that file runs the original script logic and the embedded command.
Just run the python file and a builder should appear