So i have recently started looking into pentesting on the webapps side on things, never really had an interest in web hosting and pentesting, but now due to my work i need to get more of a hold on this area.
I detected on my SIEM a weird hit on a .gif file. Reading further into this i suspect it was a php shell hidden in a gif.
So i have got a php shell , from github, but not sure how to add it into a gif, ive looked at steganography but i dont think this is what im after here... looked at EXIF editors but again not too sure.
I use kali linux so ideally if there is a tool in there i can use to add a.php file to a image file i can then upload it to my own hosting provider and teach myself about it and the signs to look for.
Can anyone point me in the right direction on what to look for?
Much appreciated for any help.