312-50V11 · Question #218
Which Metasploit Framework tool can help penetration tester for evading Anti-virus Systems?
The correct answer is A. msfencode. msfencode is the legacy Metasploit tool that encodes payloads using schemes like shikata_ga_nai to alter byte signatures and evade antivirus detection.
Question
Which Metasploit Framework tool can help penetration tester for evading Anti-virus Systems?
Options
- Amsfencode
- Bmsfpayload
- Cmsfcli
- Dmsfd
How the community answered
(15 responses)- A93% (14)
- C7% (1)
Why each option
msfencode is the legacy Metasploit tool that encodes payloads using schemes like shikata_ga_nai to alter byte signatures and evade antivirus detection.
msfencode transforms raw shellcode by applying encoding algorithms that change the binary signature of the payload, preventing static signature-based antivirus engines from recognizing it as malicious. It supports multiple encoders and can apply them iteratively to further obfuscate the payload.
msfpayload generates raw shellcode and payloads but performs no encoding or obfuscation, so it does not on its own help evade antivirus signature detection.
msfcli is a command-line interface for executing Metasploit modules and has no encoding or AV evasion functionality of its own.
msfd is the Metasploit daemon that accepts remote connections to a running Framework instance and provides no payload encoding or AV evasion capability.
Concept tested: Metasploit payload encoding for antivirus evasion
Source: https://docs.metasploit.com/docs/using-metasploit/basics/how-to-use-msfvenom.html
Topics
Community Discussion
No community discussion yet for this question.