Author Topic: AV evasion: Recompiling & Optimizing FTW! (Read 887 times)

DiabloHorn · « **on:** January 18, 2013, 10:26:46 pm »

Flattr

It's fun and it takes you like a few minutes to drastically lower detection rates. all this assuming you are using proper code and not full of errors.

Quote

Lowering the detection rate of binaries can be done in two mayor ways like we all know:

modify the binary
modify the source
The first option one has a lot of articles on the internet covering it, so I’ll not be covering it, maybe in the feature. The second one is also a well known one, but not a often used one imo. A lot of people are either afraid of the source, don’t understand it or think they’ll brake it.

So let’s try and take those fears away, specially since it also requires minimal effort & time which can be a real PITA when you need to pwn a company in a couple of hours.

https://diablohorn.wordpress.com/2013/01/19/av-evasion-recompiling-optimizing-ftw/

Hacktalk.net · « **on:** January 18, 2013, 10:26:46 pm »

grap3_ap3 · « **Reply #1 on:** January 23, 2013, 07:43:42 pm »

I recently got a PM from someone on this site asking about something along this line- trying to get something to slip past AV. I wish more people would actually READ the shit on this forum (or the rest of the internet??) rather than asking to have the work done for them.

Another great post Diablohorn!

DiabloHorn · « **Reply #2 on:** January 23, 2013, 08:08:50 pm »

it's a fun topic to research a bit about. Yeah there is literally TONS of information out there on how to do it. powersploit for example makes it really easy

blixnawaka · « **Reply #3 on:** January 23, 2013, 09:16:38 pm »

Hey DiabloHorn, these articles are indeed really great! I appreciate the contribution. Is there any chance that we could get a copy of the blog post here in the forums themselves, formatted and wonderful, for all to read? You can even put your blog link at the top with the title

DiabloHorn · « **Reply #4 on:** January 23, 2013, 09:21:59 pm »

Sure if someone explains to me how to do it with as less effort as possible? Only reason I don't do it cause the layouts gets all fucked when copy/pasting and fixing it by hand is a pain.

connection · « **Reply #5 on:** January 28, 2013, 11:57:48 am »

What if I set up like some sort of user blogging system for SMF?

DiabloHorn · « **Reply #6 on:** January 28, 2013, 02:38:16 pm »

if that means i can copy paste from wordpress into here, that's fine. Would only have to link the images then.

Author Topic: AV evasion: Recompiling & Optimizing FTW! (Read 887 times)

DiabloHorn

AV evasion: Recompiling & Optimizing FTW!

Hacktalk.net

AV evasion: Recompiling & Optimizing FTW!

grap3_ap3

Re: AV evasion: Recompiling & Optimizing FTW!

DiabloHorn

Re: AV evasion: Recompiling & Optimizing FTW!

blixnawaka

Re: AV evasion: Recompiling & Optimizing FTW!

DiabloHorn

Re: AV evasion: Recompiling & Optimizing FTW!

connection

Re: AV evasion: Recompiling & Optimizing FTW!

DiabloHorn

Re: AV evasion: Recompiling & Optimizing FTW!