A ghost-encoded file looks completely blank in any text editor. cat it in PowerShell and the console spits back ??????? because no font can render zero-width Unicode characters. But execute that same file and the payload runs clean.
Same payload. Same execution result. One is readable, one is invisible.
A 16-character alphabet of zero-width Unicode code points. Each character is invisible in standard rendering — no glyph, no width, no visible presence. Text editors show nothing. Hex editors reveal the truth.
Each payload byte splits into two nibbles. High nibble maps to one ghost character, low nibble to another. Byte 0x48 ('H') becomes ghost char at index 4 + ghost char at index 8. Two invisible characters per byte.
A minimal visible decoder stub reads the ghost data, reconstructs ASCII bytes, and feeds the result to Invoke-Expression. Payload never exists as a readable file on disk. Executes entirely in memory.
| Idx | Code Point | Unicode Name | Idx | Code Point | Unicode Name |
|---|---|---|---|---|---|
| 0x0 | U+200B | Zero Width Space | 0x8 | U+2063 | Invisible Separator |
| 0x1 | U+200C | Zero Width Non-Joiner | 0x9 | U+2064 | Invisible Plus |
| 0x2 | U+200D | Zero Width Joiner | 0xA | U+2065 | Reserved [invisible] |
| 0x3 | U+200E | Left-to-Right Mark | 0xB | U+2066 | LR Isolate |
| 0x4 | U+200F | Right-to-Left Mark | 0xC | U+2067 | RL Isolate |
| 0x5 | U+2060 | Word Joiner | 0xD | U+2068 | First Strong Isolate |
| 0x6 | U+2061 | Function Application | 0xE | U+2069 | Pop Directional Isolate |
| 0x7 | U+2062 | Invisible Times | 0xF | U+180E | Mongolian Vowel Separator |
Input byte: 0x48
High nibble: 0x4 → ghost[4] = U+200F (Right-to-Left Mark)
Low nibble: 0x8 → ghost[8] = U+2063 (Invisible Separator)
One ASCII byte → two invisible Unicode characters.
100-byte payload → 200 ghost characters. Zero visible content.
| Layer | Detects Ghost? | Notes |
|---|---|---|
| Text Editor (Notepad, VS Code) | NO | File appears completely blank — zero rendered glyphs |
PowerShell cat |
Shows ??????? | Console font can't render zero-width chars — substitutes fallback glyph |
| Windows Defender (static) | NO | No signature match on Unicode noise — content is not recognizable as code |
| VirusTotal | NO | 0/72 engine detections — no scanner flags zero-width Unicode as malicious |
| AMSI (runtime) | MAYBE | Scans decoded payload at Invoke-Expression — needs dark_room to blind |
| ETW Logging | YES | Logs the PowerShell command pipeline — needs dark_room to suppress |
Ghost encoding defeats all static analysis. The file is invisible to human review and opaque to signature-based scanning. Runtime detection depends on whether AMSI and ETW are active — if dark_room has already blinded them, the entire chain is undetectable from disk to execution.
Ghost encoding is not a standalone tool. It functions as a steganographic layer that other tools in the arsenal chain through.
-
VADER
--vadermode generates the full chain payload — persistence, reverse shell, screen capture — and wraps it in ghost encoding. The output file is invisible to static analysis and appears blank in any editor. -
All Repos
Ghost encoding available as a steganographic delivery layer across the arsenal. Any PowerShell payload can be ghost-wrapped for invisible storage and transport.
-
Dark Room
Chains with ghost for complete blindness. Dark Room handles AMSI + ETW suppression, ghost handles the file-level invisibility. Together: no static detection, no runtime detection, no logging.