Metasploit mailing list archives
Bypassing AV for Java payloads
From: Pedro Ribeiro <pedrib () gmail com>
Date: Sat, 2 Aug 2014 01:01:32 +0100
Hi, I'm testing a module that uses a Java WAR payload, and it's detected by most AVs, even a 2 year old Windows Defender installation. I know this is an arms race, but what can we do to make the Java payload harder to detect in the framework? Can it be regenerated / packed at every run? Or maybe have some kind of git hook that regenerates it at every new release? Regards, Pedro _______________________________________________ https://dev.metasploit.com/mailman/listinfo/framework
Current thread:
- Bypassing AV for Java payloads Pedro Ribeiro (Aug 01)
- Re: Bypassing AV for Java payloads HD Moore (Aug 01)
- Re: Bypassing AV for Java payloads Michael Schierl (Aug 02)
- Re: Bypassing AV for Java payloads HD Moore (Aug 02)
- Re: Bypassing AV for Java payloads Michael Schierl (Aug 02)
- Re: Bypassing AV for Java payloads Michael Schierl (Aug 02)
- Re: Bypassing AV for Java payloads HD Moore (Aug 01)