Veil-Framework is defined in Ryan Gandrud’s blog as,
“Veil-Framework is a collection of tools that help with information gathering and post-exploitation. One such tool is Veil Evasion which is used for creating payloads that can easily bypass Antivirus using known and documented techniques.”
For ethical hackers, evading AV software is a significant detail of success. If an anti-virus program is alerted of an attack, there is a higher likelihood of presenting further weaknesses. Even more, the execution itself would be pointless due to the exploit’s detectability.
Veil-Framework’s official website explains,
“Anytime that a professional pen tester, or red teamer, uses a tool on an assessment, your customer is trusting you to not introduce additional vulnerabilities into their network. When you create a backdoor through Veil-Evasion, or any other payload generator, you need to be sure that the payload you are creating connects back to you and only you.”
Fortunately, tools such as Veil-Evasion exist for this very reason. Designed to evade common antivirus solutions, Veil-Evasion utilizes the generation of payload executables. Although this is just a piece of the Veil Framework suite, it is one of the more useful tools in the overall Veil Superproject.
For Linux users, the installation and set-up is simple:
- git clone https://github.com/Veil-Framework/Veil-Evasion.git
- cd Veil-Evasion/setup/
- ./setup.sh
- Input Y when prompted
- Follow Python installation prompts – choose yes when asked about overwriting files
- Continue to follow the installation prompts until finished
- To run Veil-Evasion, type: ./Veil-Evasion.py
The available commands included in Veil:
- use – “use a specific payload”
- info – “information on a specific payload”
- list – “list available payloads”
- update – “update Veil to the latest version”
- clean – “clean out payload folders”
- checkvt – “check payload hashes vs. VirusTotal”
- exit – “exit Veil”
Getting the hang of the Veil Framework suite in general is a huge recommendation for novice hackers. Although the interface can take a bit of getting used to, there are more detailed guides available online.