Obfuscation
Obfuscation is a technique to create unreadable code to hide against logging and detection mechanisms, but still keep its functionality. Still, the problem with all antivirus scanners today is that they are mainly working with definition files. In scripting, it is easy to bypass these kinds of detections by using obfuscation techniques and executing code in a different manner.
Note
A great project to create your own obfuscated scripts is Invoke-Obfuscation, written by Daniel Bohannon:Â https://github.com/danielbohannon/Invoke-Obfuscation
Take a look at the following line of code:
#Obfuscated script
.("{3}{1}{2}{0}" -f 'Host','ri','te-','W') ("{2}{1}{0}{8}{5}{9}{6}{4}{7}{3}" -f 'hell','owerS','P','uage','tic ','a fan','s','lang',' is ','ta')As you can see, it is very hard to identify the real purpose of this code. It starts with the dot sourcer, which we want to remove first, so we can split the obfuscated script into parts:
#removing dot sourcing mechanism #first part of the script...
