Search for a command to run...
Series
In this series I will explain the basics of anti virus bypass in Windows systems.
Now we can finally start coding our trojan. The malware we are going to use for testing is a reverse TCP shell from Metasploit. Before coding the shellcode loader, let's see if AVs can detect the reverse shell executable. To generate the reverse TCP ...
Now that we have the development and testing environments set up we can start designing and implementing our trojan. The first question to answer is how we will store the piece of malware inside of our trojan. There are two options: Shellcoded hardco...
Before starting, we need to set up the testing environment and the development environment. The Static Analysis will be tested with an online service that allows running a file through 27 different AVs. The most known service is called VirusTotal, ho...
An AV (Anti Virus) is a piece of software that analyses files and monitors the OS (Operative System) status to detect malware. AVs can also analyze the machine’s traffic to determine suspicious behaviour. AVs only work in the machine they are install...
As a final project for my degree, I decided to make a study on how safe are AVs and how to bypass them. This led me to scorch the internet looking for how AVs work and how they can be bypassed. While there is a lot of information online about this to...
