[tags]evasion,antivirus,obfuscation[/tags]
[short_descr]AntiVirus Evasion Tool.[/short_descr]
[link] https://github.com/govolution/avet [/link]
[long_descr]
AVET is an AntiVirus Evasion Tool, which was developed for making life easier for pentesters and for experimenting with antivirus evasion techniques, as well as other methods used by malicious software.
Some features:
when running a .exe file made with msfpayload & co, the file will often be recognized by antivirus software
AVET is an antivirus evasion tool targeting windows machines with executable files
different kinds of input payloads can be used now: shellcode, exe and dlls
more techniques available: shellcode/dll injection, process hollowing and more
flexible retrieval methods for payload, decryption key, etc.
usage as a dropper
chaining multiple iterations of AVET enables you to add multiple evasion layers, if necessary
combination of techniques: download your encrypted payload via powershell, while supplying the decryption key via command line argument at execution time, and finally inject your payload into another process, choosing from multiple techniques
basic sandbox checks
generation of adversarial examples against static detectors based on machine learning
[tags]evasion,antivirus,obfuscation[/tags] [short_descr]AntiVirus Evasion Tool.[/short_descr] [link] https://github.com/govolution/avet [/link] [long_descr] AVET is an AntiVirus Evasion Tool, which was developed for making life easier for pentesters and for experimenting with antivirus evasion techniques, as well as other methods used by malicious software.
Some features: