312-50V10 · Question #218
Which Metasploit Framework tool can help penetration tester for evading Anti-virus Systems?
The correct answer is A. msfencode. msfencode applies encoding schemes to Metasploit payloads to transform their byte patterns and evade antivirus signature detection.
Question
Which Metasploit Framework tool can help penetration tester for evading Anti-virus Systems?
Options
- Amsfencode
- Bmsfpayload
- Cmsfcli
- Dmsfd
How the community answered
(32 responses)- A94% (30)
- B3% (1)
- D3% (1)
Why each option
msfencode applies encoding schemes to Metasploit payloads to transform their byte patterns and evade antivirus signature detection.
msfencode applies encoding algorithms such as x86/shikata_ga_nai to shellcode generated by msfpayload, altering the payload's binary signature so it does not match known antivirus definitions. By chaining multiple encoding passes, penetration testers can further reduce the probability of AV detection while preserving the payload's functionality when executed.
msfpayload generates raw shellcode and staged payloads but does not obfuscate or encode them; AV evasion through encoding requires the separate msfencode step.
msfcli is a command-line interface for launching and interacting with Metasploit modules and exploits, and provides no payload encoding or AV evasion capability.
msfd is the Metasploit daemon that listens for remote client connections to the framework and plays no role in encoding payloads or bypassing antivirus systems.
Concept tested: Metasploit msfencode for antivirus signature evasion
Source: https://www.offensive-security.com/metasploit-unleashed/msfencoder/
Topics
Community Discussion
No community discussion yet for this question.