Anti Virus Evasion Techniques

Recently I’ve been playing around with various methods for evading Anti Virus, when deploying a payload to a victim, either through Metasploit or other means.

It seems the AV vendors are targeting the standard Metasploit methods of  encoding payloads, so we have to be a bit more devious to get the payload onto our victim.

What I’m not going to do tho is give you direct AV avoidance commands, I have not put any of these payloads through Virus Total – thats up to you, I’m just trying to show you how it is possible and you should experiment on your own systems and not someone else’s – after all it is illegal.

There are a few avenues I’m gonna explore in this post, from standard Metasploit encoding thro multi encoding payloads and IExpress.

Continue reading “Anti Virus Evasion Techniques”

Foolish Reliance On AntiVirus Software

I recently received an email from another Sys Admin pushing the idea of a single corporate  Anti Virus Solution and the importance of getting it in place ASAP and having a single Management console for Reporting, Management etc etc.

Now knowing what I know about this guys company I had to compile a little list of things he might think about or consider implementing before he puts all his eggs in this really rather ‘hole’ y basket.

As far as I know this guys company has few if any of the following suggestions or security polices in place, and I’m sure this is true of many companies in the world.

Continue reading “Foolish Reliance On AntiVirus Software”