Bypassing AV detections
All of the methods discussed previously will work only if we are able to bypass security measures such as firewall and antiviruses running on the target systems.
However, we have built-in tools in Metasploit, which will do the honors for bypassing detection by security software or decreasing the detection rates.
In Metasploit, we have two different methods we can use to avoid antivirus detections. Let's focus on what these methods are and how we can use them to bypass detection and get the work done in no time.
msfencode
The msfencode tool provides features for encoding the payload in different formats, which might evade detection mechanisms. It has a clear process of skipping bad characters, and it can encode payloads into normal-looking executables, which may not catch the eye of the victim. The best part is, it keeps the functionality of the template intact, which is the nonmalicious file. Let's have a look at various options that come as part of this tool:
The msfencode...
