Anti-Virus evasion

Methodology

1. AV Fingerprinting
   • Tools : SharpEDRChecker, Seatbelt
   • Social engineering
2. Replicates the victim environment to test our payloads

Info

We should always disable any kind of cloud-based protection in the AV settings (potentially by outright disconnecting the VM from the internet) so that the AV doesn't upload our carefully crafted payloads to a server somewhere for analysis.

• On-Disk evasion
• In-Memory evasion