Pentesters have a hard time bypassing anti-viruses nowadays Since Antiviruses are evolving as we speak. We at GBHackers decided to put some time to teach how to Bypass an Antivirus with the most common free AVs we come across in our day-to-day life.
Most novice users prefer AVAST or AVG since they are lightly weighted and don’t consume much of the computer resources so here we are using AVAST Free Anti Virus which is Running on Windows 10 Computers.
Veil Framework is an old one to bypass antivirus, they generate payloads that are nearly undetectable by antiviruses. Veil can be installed by opening a terminal and run
More Information can be found on their GitHub click here
In this Kali Linux Tutorial, After installing open a terminal and navigate to the veil framework directory.
Type #python veil-evasion.py
There are few commands available, we will use the list command here to check out the payloads available by default in a veil.
Now let’s select the payload “python/shellcode_inject/arc_encrypt” numbered 37. The shellcode is encrypted by arc4 encryption and it’s decrypted using a key file in memory and then executed.
This information can be viewed by issuing the info command. use the SET command to use phyrion encrypter to yes “SET USE_PHYRION Y”
Now let’s type generate the payload and use msfvenom by default and type the required handle. I have used the default reverse_tcphandler and filled out the LHOST and LPORT of kali Linux.
Once the payload is successfully generated. The payload-generated location and handler file for msf will be shown. Now let’s type
#msfconsole -r /usr/share/veil-output/handlers/payload_handler.rc
Now move your payload to Windows and execute We tested this on the latest free version of Avast.
The payload was executed with no pop-ups or anything from Avast and kindly watch the video we have uploaded.
You can follow us on Linkedin, Twitter, and Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep yourself self-updated.
GitLab has urgently released security updates to address multiple high-severity vulnerabilities in its platform that…
A high-severity security vulnerability (CVE-2025-0514) in LibreOffice, the widely used open-source office suite, has been…
Cisco Systems has disclosed a high-severity vulnerability (CVE-2025-20111) in its Nexus 3000 and 9000 Series…
A sophisticated cyber campaign orchestrated by the Chinese Advanced Persistent Threat (APT) group, Silver Fox,…
A new wave of cyberattacks attributed to the Ghostwriter Advanced Persistent Threat (APT) group has…
The LCRYX ransomware, a malicious VBScript-based threat, has re-emerged in February 2025 after its initial…