Posts tagged Antivirus

7 min Metasploit

Hiding Metasploit Shellcode to Evade Windows Defender

Being on the offensive side in the security field, I personally have a lot of respect for the researchers and engineers in the antivirus industry, and the companies dedicated to investing so much in them. If malware development is a cat-and-mouse game, then I would say that the industry creates some of the most terrifying hunters. Penetration testers and red teamers suffer the most from this while using Metasploit [http://4hko.drordi.com/products/metasploit/], which forced me to look into how to

7 min Haxmas

The Twelve Pains of Infosec

One of my favorite Christmas carols is the 12 Days of Christmas [http://www.youtube.com/watch?v=oyEyMjdD2uk]. Back in the 90's, a satire of the song came out in the form of the 12 Pains of Christmas [http://www.youtube.com/watch?v=h4NlR5KQLQ8], which had me rolling on the floor in laughter, and still does. Now that I am in information security, I decided it is time for a new satire, maybe this will start a new tradition, and so I am presenting, the 12 Pains of Infosec. ----------------------

5 min Antivirus

Finding and Protecting mission-critical assets with ControlsInsight

ControlsInsight helps organizations measure how well critical security controls are deployed and configured throughout the enterprise.   Yet, as hard you may try, it's extremely difficult to protect every asset on your network perfectly, and it's often necessary to prioritize "misson-critical" assets that store important or sensitive business data. Clearly, securing the laptop computer of Sally, the chief financial officer, is much more important than securing Joe the intern's laptop, which prob

8 min Metasploit

The Odd Couple: Metasploit and Antivirus Solutions

I hear a lot of questions concerning antivirus evasion with Metasploit, so I'd like to share some the information critical to understanding this problem. This blog post is not designed to give you surefire antivirus (AV) evasion techniques, but rather to help you understand the fundamentals of the issue. A Quick Glossary Before we begin, let's define a few terms. This will be important for understanding some of the things we will discuss. Payload: A payload is the actual code that is being del