From the course: Ethical Hacking: Evading IDS, Firewalls, and Honeypots
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Evading antivirus detection
From the course: Ethical Hacking: Evading IDS, Firewalls, and Honeypots
Evading antivirus detection
- [Instructor] As organizations acquire and deploy cybersecurity technologies to detect attack, adversaries at the same time are analyzing those same technologies to find ways to avoid being detected by them. As a pen tester, it's important to be able to use evasive techniques to test how effective an organization is in detecting such attacks. We'll have a look at three different aspects of evasion. The first is to evade detection. There are many ways that a hacker will use to avoid being detected by an intrusion detection or prevention system. We'll look at how we can use msfvenom to hide payloads with obfuscation or encryption. Custom packaging is also a technique used to defeat malware signature checks. The second aspect of evasion is for the malware to avoid detection after it penetrates the target. One way is to directly execute in memory, an approach known as fileless malware. Another way is to hide using…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Contents
-
-
-
-
-
-
-
-
(Locked)
Evading antivirus detection1m 24s
-
(Locked)
Exotic scanning with Nmap4m 36s
-
(Locked)
Obfuscating payloads with msfvenom2m 9s
-
(Locked)
Hiding payloads in benign files4m 34s
-
(Locked)
Custom packaging of software1m 2s
-
(Locked)
Fileless attacks with PowerShell4m 38s
-
(Locked)
Hiding with the cloak of invisibility1m 42s
-
(Locked)
Embedding malware in an alternate data stream4m 6s
-
(Locked)
Tunneling through DNS with iodine2m 44s
-
(Locked)
Checking for oversight1m 21s
-
(Locked)
-