From Pixels to Payload: LSB Steganography and In-Memory Execution

Goal This is a personal learning project where I set out to explore how binary payloads can be stealthily hidden inside image files and executed entirely from memory without writing anything obvious to disk or leaving behind a large forensic footprint. The main idea was to combine steganography with in-memory execution , eventually building a custom DLL that can act as a stealth loader using DLL hijacking . The endgame? Code execution inside a trusted process, no UAC prompts, no file drops - or at least that's the theory. To start, I built out a Python prototype to test: LSB steganography to embed payloads into PNGs Base64 encoding/decoding for cleaner transport In-memory shellcode execution using ctypes (just for testing) Right now, both the embedding and extraction logic live in Python, but the plan is to eventually rebuild the extractor in C++ to integrate it with a real DLL hijack scenario. Even if some parts don't fully hit the stealth or reliability I want, that's fine - the goal