In the previous chapter, we saw how we could defeat AVs with custom encoders. Let's go one step ahead and talk about encryption and obfuscation in the Metasploit payloads; we can use a great tool called venom for this. Let's create some encrypted Meterpreter shellcode, as shown in the following screenshot:
![](https://static.packt-cdn.com/products/9781838822477/graphics/91066b52-9866-428a-90ff-6a856f18f156.png)
As soon as you start venom in Kali Linux, you will be presented with the screen shown in the preceding screenshot. The venom framework is a creative work from Pedro Nobrega and Chaitanya Haritash (Suspicious-Shell-Activity), who worked extensively to simplify shellcode and backdoor generation for various operating systems. Let's hit Enter to continue:
![](https://static.packt-cdn.com/products/9781838822477/graphics/dd0e21e5-1e9d-471e-869e-ccb982f36c43.png)
As we can see, we have options to create payloads for a variety of operating systems, and we even have options to create multi-OS payloads. Let's choose 2 to select Windows-OS payloads...