Evading Anti-Virus Solutions with Dynamic Payloads in Metasploit Pro

Join Us: Thursday April 3 | 2:00 PM GMT | 3:00 PM CET

David "TheLightCosine" Maloney is a Software Engineer on Rapid7’s Metasploit team, where he is responsible for development of core features for the commercial Metasploit editions. Before Rapid7, he worked as a Security Engineer and Penetration Tester at Time Warner Cable and as an Application Security Specialist for a global insurance company. David has been a long-time community contributor to the Metasploit Framework. He is also a member of the Corelan Security Team. He is one of the founders of Hackerspace Charlotte and is an avid locksport enthusiast.

Fill out the form below to register for this live webcast

Malicious attackers use custom payloads to evade anti-virus solutions. Because traditional Metasploit Framework payloads are open source and well known to AV vendors, they are often quarantined by AV solutions when conducting a penetration test, significantly delaying an engagement or even stopping a successful intrusion, giving the organization a false sense of security. Penetration testers must therefore have the ability to evade AV solutions to simulate realistic attacks.

In this webcast, David Maloney will demonstrate a new AV evasion technique in Metasploit Pro that evades detection in more than 90% of cases and has the ability to evade all ten leading anti-virus solutions. These techniques significantly increase productivity of a penetration tester by saving many hours of trial and error to evade detection and ensure that organizations do not fall prey to a false sense of security.

Watch this webcast to learn about:

  • Challenges with current Metasploit Framework payloads
  • New techniques for generating AV-evading payloads
  • Using AV-evading payloads for exploits, credentials, and social engineering
  • Creating both classic and AV-evading stand-alone payloads
  • Tips for evading intrusion prevention systems (IPS)