Chapter 8: Antivirus Evasion and Anti-Forensics

In the previous two chapters, you learned how to leverage the Metasploit Framework to generate custom payloads and launch advanced client-side attacks. However, the payloads that we generate will be of no use if they get detected and blocked by antivirus programs. In this chapter, we'll explore the various techniques to employ in order to make our payloads as undetectable as possible. You will also become familiar with various techniques to cover our tracks after a successful compromise.

In this chapter, we will cover the following topics:

Using encoders to avoid antivirus detection
Using the new evasion module
Using packagers and encrypters
Understanding what a sandbox is
Using Metasploit for ...

Get Metasploit 5.0 for Beginners - Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Metasploit 5.0 for Beginners - Second Edition by Sagar Rahalkar

Chapter 8: Antivirus Evasion and Anti-Forensics

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly