One of the way that i have found working is to generate shellcode from MSF venom remove bad chars from it.Then encrypting the shellcode and put it into a own written C program and when executing the code decrypt the shellcode and execute the shellcode using WIN API create process.You will bypass all static AV analysis.But you still probably,might get caught on dynamic analysis with defender.At the end of the day i have found MSF to be very noisy when it comes to AV
yeah_well
- 3.8k
- 1
- 17
- 32