Antimalware evasion in Python
We explored antimalware evasion in Chapter 6, Advanced Exploitation with Metasploit. The technique we reviewed involved embedding our payload into the natural flow of execution of an innocuous executable. We also covered encoding techniques to reduce detection signatures. However, there's more than one way to skin a cat. (Who thought of that horrible expression?)
If you've ever played defense against real-world attacks, you've likely seen a variety of evasion techniques. The techniques used to often be lower-level (for instance, our demonstration with Shellter in Chapter 6, Advanced Exploitation with Metasploit), but detection has improved so much, it's a lot harder to create a truly undetectable threat that doesn't at least trigger a suspicious file intercept.
Â
Â
Therefore, modern attacks tend to be a blend of low-level and high-level: using social engineering and technical tactics to get the malware onto the target host through some other channel. I've worked...