I think you need to use your imagination with this tool but it could be quite handy for that right spot. I think the author's description does a fine job of explaining what this tool can do: "What this tool does is taking a file (any type of file), encrypt it, and embed it into an HTML file as resource, along with an automatic download routine simulating a user clicking on the embedded resource."Let's dig into the tool and then I'll add some additional thoughts:

I'm presenting at BSides College Station next month and in my talk, I'm using PowerShell as a method for enumerating the environment while living off the land.  Also in my talk, I give an example of a PowerShell reverse shell in plain form and the same reverse shell in an obfuscated form.  I don't reference it directly but the tool I use to obfuscate the shell is Invoke-Obfuscation created by Daniel Bohannon.  In advance of the talk, I want to do a little write-up on this tool in case I get asked about it -- I can then point them to here...

Consider the following -- you have a mysql database and you want to periodically backup the database to the file system.  You setup a cronjob and you have a script that performs the following task:

mysqldump --user root --password=Secretp4ssw0rd testing > testing.sql

Simple, right?

Obviously, there's probably more to it -- we backup a /var/www/html directory and we probably backup that DB to a location.  And maybe we even tar.gz it up to make a neat little package.  The point though is that we've now placed the password in memory.