Modifying Metasploit x64 template for AV evasion
Summary
This article from Black Hills Information Security discusses techniques for modifying Metasploit's x64 template to evade antivirus software during penetration tests. It highlights the common use of tools like Veil's Powershell Empire in Windows environments.
IFF Assessment
FOE
The article details methods to bypass security defenses, which is advantageous for attackers and poses a challenge for defenders.
Defender Context
Defenders should be aware of evolving techniques used to evade antivirus and endpoint detection solutions. This includes staying updated on how common penetration testing tools are modified to bypass security controls and ensuring their detection mechanisms are robust enough to identify these evasive tactics.