From the course: Ethical Hacking: Evading IDS, Firewalls, and Honeypots

Unlock the full course today

Join today to access over 22,600 courses taught by industry experts or purchase this course individually.

Evading antivirus detection

Evading antivirus detection

From the course: Ethical Hacking: Evading IDS, Firewalls, and Honeypots

Start my 1-month free trial

Evading antivirus detection

- [Instructor] As organizations acquire and deploy cybersecurity technologies to detect attack, adversaries at the same time are analyzing those same technologies to find ways to avoid being detected by them. As a pen tester, it's important to be able to use evasive techniques to test how effective an organization is in detecting such attacks. We'll have a look at three different aspects of evasion. The first is to evade detection. There are many ways that a hacker will use to avoid being detected by an intrusion detection or prevention system. We'll look at how we can use msfvenom to hide payloads with obfuscation or encryption. Custom packaging is also a technique used to defeat malware signature checks. The second aspect of evasion is for the malware to avoid detection after it penetrates the target. One way is to directly execute in memory, an approach known as fileless malware. Another way is to hide using…

Contents