Ag3nt47 Security – Carolinacon – 9 – 2013 – Msfpayload Isn’t Dead Yet: Av Avoidance In Payload Delivery

Description: Most, if not all, executables generated by msfpayload/msfencode/msfvenom get destroyed by every antivirus available. Msfpayload is still fantastic, but it’s inevitable that something this fantastic will get a lot of attention from AV providers. It is crucial for security professionals to have reliable payloads to provide quality deliverables to their clients. Rather than having a theoretical discussion regarding various avoidance techniques, this talk will demonstrate methods that these chaps use on a regular basis with ridiculous success rates. Of particular focus will be ghost-writing ASM, use of binary-level encryption for payloads, and remote command execution for shell generation.

melvin2001 is a penetration tester that loves cinnabon, and is a founding member of the FALE Association of Locksport Enthusiasts.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s