In this installment of our ongoing series of security guides, we walk you through methods and best practices for evading anti-virus detection during penetration testing.
How do you test that your defenses are actually working? Penetration testing can give you a clear view of the vulnerabilities that can easily be exploited within your environment; however, organizations need to be able to understand and test their users’ behavior without anti-virus programs stopping these tests in their tracks. A great way to explore that user behavior is by deploying social engineering programs during a pen test.
In this guide, penetration testers will learn how to evade anti-virus detection on target machines for your Metasploit pen tests.
This guide will be most useful to readers who already have some penetration testing experience and are familiar with Metasploit Pro.