google detects this as a virus, ???

[soccyyt]

whenever i run the program through a virus scanner it shows up positive, is there a reason for this or is it litterally a virus?

[kattstof]

If you have to ask this question you should probably not use it. v3n0m is a penetration testing tool, it's obviously a false positive. Thank god it's open /source/ so you can pick-up a python book read it then go to the /src and see what its doing right? I recommend automate the boring stuff with python for starters. also , VirusTotal is not showing any false positives so i'm not sure why you're getting one?

[vittring]

I would like to apologize for not seeing this issue before, as I have to weigh in on a thing or two.

1. Venom is a penetration testing tool. It is like scripts you find inside rapid7/metasploit-framework. I even used their ISSUE_TEMPLATE. This is because by design, they contain code that AV flags as dangerous to the user.
2. You should not be using AV because it's essentially a useless tool and provides very little security to the end-user. You should be using IDS/IPS that enables more features than standard AV offers, such as:

• emailing you when your server doesn't respond to PING;
• when you have file permissions altered;
• users are created;
• policies are changed; etc.

That's not to say that all AV services are bad, but I do have one other thing to add to this. You send - by default, usually - every single questionable file on your system to AV companies. They, in turn, will use the hashes of these files to create rules that essentially delete any file they deem questionable from any system using the rules. In exploit development and research this can prove to be a painfully annoying experience and thus, it is recommended to at least disable your AV or add an exception to bypass scans of that file or directory.

If anybody has any other common sense issues with that solution, consult other exploit devs and malware researchers. I'm betting they will say the same.