Wednesday, 7 August 2013

Published Article: AV Evasion

Another article published by PenTest magazine! 


In this article, i demonstrate an end to end process on how to create a malware using open source tools and used it to avoid being detected by Anti Virus applications. However, besides demonstrating on how to evade them, i also described on how to prevent against such things using additional features from AV vendors.



The Cover Page


The First Page

The Last Page



The full article/magazine can be downloaded for free at

2 comments:

  1. Encoders are for getting around protocol limitations and bad chars. Not for AV Evasion. Im afraid you've fallen foul of the encoder myth!


    Metasploit wrote an article on this:
    https://community.rapid7.com/community/metasploit/blog/2012/12/14/the-odd-couple-metasploit-and-antivirus-solutions

    Other references:
    https://community.rapid7.com/community/metasploit/blog/2012/12/14/the-odd-couple-metasploit-and-antivirus-solutions
    http://www.scriptjunkie.us/2011/04/why-encoding-does-not-matter-and-how-metasploit-generates-exes/
    http://schierlm.users.sourceforge.net/avevasion.html
    http://www.pentestgeek.com/2012/01/25/using-metasm-to-avoid-antivirus-detection-ghost-writing-asm/

    ReplyDelete
    Replies
    1. Hi Snake Plisskin,

      Thank you for the comment and the references. Truly appreciate it.

      Delete