tag:blogger.com,1999:blog-3198524635209463884.post1967585950260343732..comments2024-02-21T21:41:52.583-08:00Comments on Security G33k: Published Article: AV EvasionTheGoodGeekhttp://www.blogger.com/profile/10698019254206931429noreply@blogger.comBlogger2125tag:blogger.com,1999:blog-3198524635209463884.post-35383584562661488482013-08-23T06:59:38.026-07:002013-08-23T06:59:38.026-07:00Hi Snake Plisskin,
Thank you for the comment and ...Hi Snake Plisskin,<br /><br />Thank you for the comment and the references. Truly appreciate it.TheGoodGeekhttps://www.blogger.com/profile/10698019254206931429noreply@blogger.comtag:blogger.com,1999:blog-3198524635209463884.post-46603154974826743942013-08-20T12:04:28.902-07:002013-08-20T12:04:28.902-07:00Encoders are for getting around protocol limitatio...Encoders are for getting around protocol limitations and bad chars. Not for AV Evasion. Im afraid you've fallen foul of the encoder myth! <br /><br /><br />Metasploit wrote an article on this:<br />https://community.rapid7.com/community/metasploit/blog/2012/12/14/the-odd-couple-metasploit-and-antivirus-solutions<br /><br />Other references:<br />https://community.rapid7.com/community/metasploit/blog/2012/12/14/the-odd-couple-metasploit-and-antivirus-solutions <br />http://www.scriptjunkie.us/2011/04/why-encoding-does-not-matter-and-how-metasploit-generates-exes/<br />http://schierlm.users.sourceforge.net/avevasion.html<br />http://www.pentestgeek.com/2012/01/25/using-metasm-to-avoid-antivirus-detection-ghost-writing-asm/ Anonymoushttps://www.blogger.com/profile/02094251921127337199noreply@blogger.com