Avoiding Anti-Virus Detection with Veil-Evasion

  • 463
  •  
  •  
  •  
  •  
  •  
  •  
    463
    Shares

Veil-Framework is defined in Ryan Gandrud’s blog as,

“Veil-Framework is a collection of tools that help with information gathering and post-exploitation. One such tool is Veil Evasion which is used for creating payloads that can easily bypass Antivirus using known and documented techniques.”

For ethical hackers, evading AV software is a significant detail of success. If an anti-virus program is alerted of an attack, there is a higher likelihood of presenting further weaknesses. Even more, the execution itself would be pointless due to the exploit’s detectability.

Veil-Framework’s official website explains,

“Anytime that a professional pen tester, or red teamer, uses a tool on an assessment, your customer is trusting you to not introduce additional vulnerabilities into their network. When you create a backdoor through Veil-Evasion, or any other payload generator, you need to be sure that the payload you are creating connects back to you and only you.”

Fortunately, tools such as Veil-Evasion exist for this very reason. Designed to evade common antivirus solutions, Veil-Evasion utilizes the generation of payload executables. Although this is just a piece of the Veil Framework suite, it is one of the more useful tools in the overall Veil Superproject.

For Linux users, the installation and set-up is simple:

  • git clone https://github.com/Veil-Framework/Veil-Evasion.git
  • cd Veil-Evasion/setup/
  • ./setup.sh
  • Input Y when prompted
  • Follow Python installation prompts – choose yes when asked about overwriting files
  • Continue to follow the installation prompts until finished
  • To run Veil-Evasion, type: ./Veil-Evasion.py
The available commands included in Veil:
  • use – “use a specific payload”
  • info – “information on a specific payload”
  • list – “list available payloads”
  • update – “update Veil to the latest version”
  • clean – “clean out payload folders”
  • checkvt – “check payload hashes vs. VirusTotal”
  • exit – “exit Veil”

Getting the hang of the Veil Framework suite in general is a huge recommendation for novice hackers. Although the interface can take a bit of getting used to, there are more detailed guides available online.

The following two tabs change content below.

Unallocated Author

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]

Unallocated Author

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]

Do NOT follow this link or you will be banned from the site!