312-50V9 · Question #297
Which Metasploit Framework tool can help penetration tester for evading Anti-virus Systems?
The correct answer is C. msfencode. msfencode applies encoding algorithms to Metasploit payloads to alter their byte signatures, enabling shellcode to bypass antivirus signature-based detection.
Question
Which Metasploit Framework tool can help penetration tester for evading Anti-virus Systems?
Options
- Amsfpayload
- Bmsfcli
- Cmsfencode
- Dmsfd
How the community answered
(34 responses)- A3% (1)
- B3% (1)
- C94% (32)
Why each option
msfencode applies encoding algorithms to Metasploit payloads to alter their byte signatures, enabling shellcode to bypass antivirus signature-based detection.
msfpayload generates raw shellcode payloads but performs no encoding or obfuscation to evade antivirus detection.
msfcli is a command-line interface for scripting and launching Metasploit modules and has no payload encoding or AV evasion functionality.
msfencode transforms raw payloads using encoders such as x86/shikata_ga_nai, which applies a polymorphic XOR additive feedback scheme to obfuscate the payload's byte pattern. Applying multiple encoding iterations (-t -c) further mutates the signature, reducing the chance of AV detection. It was the dedicated payload encoding tool in the Metasploit Framework before being merged into msfvenom.
msfd is the Metasploit background daemon that listens for incoming connections and provides no encoding or payload manipulation capabilities.
Concept tested: Metasploit payload encoding for antivirus evasion
Source: https://docs.metasploit.com/docs/using-metasploit/basics/how-to-use-msfvenom.html
Topics
Community Discussion
No community discussion yet for this question.