Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from Metasploit for Beginners Create a threat-free environment with the best-in-class tool

Product type Paperback

Published in Jul 2017

Publisher Packt

ISBN-13 9781788295970

Length 190 pages

Edition 1st Edition

Tools

Metasploit

Concepts

Cybersecurity

Author (1):

Sagar Rahalkar

View More author details

Table of Contents (11) Chapters

Preface

1. Introduction to Metasploit and Supporting Tools

2. Setting up Your Environment FREE CHAPTER

3. Metasploit Components and Environment Configuration

4. Information Gathering with Metasploit

5. Vulnerability Hunting with Metasploit

6. Client-side Attacks with Metasploit

7. Web Application Scanning with Metasploit

8. Antivirus Evasion and Anti-Forensics

9. Cyber Attack Management with Armitage

10. Extending Metasploit and Exploit Development

Using encoders to avoid AV detection

In Chapter 6, Client-side Attacks with Metasploit, we have already seen how to use the msfvenom utility to generate various payloads. However, these payloads if used as-is are most likely to be detected by antivirus programs. In order to avoid antivirus detection of our payload, we need to use encoders offered by the msfvenom ;utility. ;

To get started, we'll generate a simple payload in the ;.exe ;format using the shikata_ga_nai ;encoder, as shown in the following screenshot:

Once the payload has been generated, we upload it to the site http://www.virustotal.com for analysis. As the analysis is completed, we can see that our file apache-update.exe ;(containing a payload) was detected by 46 out of the ;60 antivirus programs that were used. This is quite a high detection rate for our payload. Sending this payload as-is to our victim is...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at €18.99/month. Cancel anytime

Authors (1)

Rahalkar

Sagar Rahalkar is a seasoned information security professional having more than 10 years of comprehensive experience in various verticals of IS. His domain expertise is mainly into breach detection, cyber crime investigations, digital forensics, application security, vulnerability assessment and penetration testing, compliance for mandates and regulations, IT GRC, and much more. He holds a masters degree in computer science and several industry-recognized certifications such as Certified Cyber Crime Investigator, Certified Ethical Hacker, Certified Security Analyst, ISO 27001 Lead Auditor, IBM certified Specialist-Rational AppScan, Certified Information Security Manager (CISM), and PRINCE2. He has been closely associated with Indian law enforcement agencies for more than 3 years dealing with digital crime investigations and related training and received several awards and appreciations from senior officials of the police and defense organizations in India. Sagar has also been a reviewer and author for various books and online publications.

See other products by Rahalkar