As I mentioned in the previous post, it is very important to have undetectable payloads if you want to attack a target with anti-malware security controls. Veil 3.0 is another framework which allows us to create undetectable payloads that can be used to attack Windows based targets. Here we are trying to change the signature of known metasploit payloads so we can bypass the signature based detection in anti-virus software. Veil 3.0 is the latest release of the previously known Veil-Evasion framework.
How to install?
First you have to download veil 3.0 from github, You can use git command to clone the veil repository.
git clone https://github.com/Veil-Framework/Veil.git
after the download is finished, move into Veil/setup directory to start the installation
cd Veil/setup
./setup.sh
this will start the installer
this process will take some time and will prompt you to install python and other needed softwares and libraries. Install them if they are not already installed on your system.
Anti virus softwares are the last and only defense against malwares in most of the personal computers. So getting through them or evading them is one of the most important thing in penetrating such systems. Payload encoding is one of the method used by attackers to evade detection. You can use metasploit built-in encoders to encode your payloads, but most of the anti virus solutions will detect these payloads. So we need alternatives to evade the detection. Shellter is one of the available solution.
Shellter is able to re-encode windows 32 bit application packages after including the payload or the shell codes so that anti virus softwares will not be able to detect it.
Shellter is not built into Kali Linux, so you have to install it manually. You can either download Shellter from here or use the command apt-get install shellter
