Return to Answer

fixed terrible formatting and English

edit approved Mar 30, 2020 at 11:54

One of the way that i haveI found workingthat works, is to generate shellcode from MSF venom remove bad chars from it.Then encrypting the shellcode and put it into a own written C program and when executing the code decrypt the shellcode and execute the shellcode using WIN API create process.You:

generate shellcode from msfvenom,

then remove bad chars from it i.e. -b '\x00',

then encrypt the shellcode,

and put it into a self-written C program, which will decrypt and execute the shellcode, via CreateProcess

You will bypass all static AV analysis.But But you still probably,might might get caught on dynamic analysis with defenderWindows Defender.At the end of the day i have found MSF to be very noisy when it comes to AV

One of the way that i have found working is to generate shellcode from MSF venom remove bad chars from it.Then encrypting the shellcode and put it into a own written C program and when executing the code decrypt the shellcode and execute the shellcode using WIN API create process.You will bypass all static AV analysis.But you still probably,might get caught on dynamic analysis with defender.At the end of the day i have found MSF to be very noisy when it comes to AV

One way I found that works, is to: