BYPASSING ANTI-VIRUS PROGRAMS

AV programs detect viruses based on:

1. Code - compare files to huge databases of signatures.

->Use own code, obfuscation, useless operations, encode, pack ...etc

2. Behaviour - run a file in a sandbox and analyze it.

-> Run trusted operations before evil code.

->Delay execution of evil code.

Scan the file on the following website:

NoDistribute - Online Virus Scanner Without Result Distribution

https://nodistribute.com/

Using UPX to Package the executable program.

https://upx.github.io/

Download the file from https://github.com/upx/upx/releases/download/v3.95/upx-3.95-amd64_linux.tar.xz.

And extract to the /opt folder.

Compress the evil file through UPX.

./upx /root/PycharmProjects/reverse_backdoor/dist/reverse_backdoor.exe -o compressed_backdoor.exe

Scan the compressed_backdoor.exe file, the result is a little better.

 Take your file Unique and delay to execute the evil code to let the AV program think your program is harmless.

Python Ethical Hacking - TROJANS Analysis(3)的更多相关文章

  1. Python Ethical Hacking - TROJANS Analysis(2)

    DOWNLOAD & EXECUTE PAYLOAD A generic executable that downloads & executes files. Disadvantag ...

  2. Python Ethical Hacking - TROJANS Analysis(1)

    TROJANS A trojan is a file that looks and functions as a normal file(image, pdf, song ..etc). When e ...

  3. Python Ethical Hacking - TROJANS Analysis(4)

    Adding Icons to Generated Executables Prepare a proper icon file. https://www.iconfinder.com/ Conver ...

  4. Python Ethical Hacking - TROJANS Analysis(5)

    Spoofing File Extention - A trick. Use the Kali Linux Program - Characters 1. Open the program. 2. F ...

  5. Python Ethical Hacking - Malware Analysis(1)

    WRITING MALWARE Download file. Execute Code. Send Report. Download & Execute. Execute & Repo ...

  6. Python Ethical Hacking - Malware Analysis(4)

    DOWNLOAD_FILE Download files on a system. Once packaged properly will work on all operating systems. ...

  7. Python Ethical Hacking - Malware Analysis(3)

    Stealing WiFi Password Saved on a Computer #!/usr/bin/env python import smtplib import subprocess im ...

  8. Python Ethical Hacking - Malware Analysis(2)

    Filtering Command Output using Regex #!/usr/bin/env python import smtplib import subprocess import r ...

  9. Python Ethical Hacking - BACKDOORS(8)

    Cross-platform hacking All programs we wrote are pure python programs They do not rely on OS-specifi ...

随机推荐

  1. Python学习手册(第4版) - 专业程序员的养成完整版PDF免费下载_百度云盘

    Python学习手册(第4版) - 专业程序员的养成完整版PDF免费下载_百度云盘 提取码:g7v1 作者简介 作为全球Python培训界的领军人物,<Python学习手册:第4版>作者M ...

  2. 能被 K 整除的最大连续子串长度

    [来源]网上流传的2017美团秋招笔试题 [问题描述] 两个测试样例输出都是5 [算法思路] 暴力解法时间会超限,使用一种很巧妙的数学方法.用在读取数组arr时用数组sum记录其前 i 项的和,即 s ...

  3. WeChair项目Beta冲刺(10/10)

    团队项目进行情况 1.昨日进展    Beta冲刺第十天 昨日进展: 项目完工 2.今日安排 对小程序进行测试,同时对项目进行总结,并整理博客材料等 3.燃尽图 4.展示Git当日代码记录    详情 ...

  4. vue入门的第一天:v-clock、v-text、v-html的使用

    vue入门的第一天 1. v-cloak v-cloak可以解决插值闪烁问题(防止代码被人看见),在元素里加入 v-cloak即可 html: <p v-cloak>{{msg}}< ...

  5. Spring7——开发基于注解形式的spring

    开发基于注解形式的spring SpringIOC容器的2种形式: (1)xml配置文件:applicationContext.xml; 存bean:<bean> 取bean: Appli ...

  6. SSM框架出现500的错误解决办法

    1,先确认pom.xml中有没有导入项目依赖, 2,发现导入之后还是报500.点击File->Project  Structure->Artifacts 点击SSM右键,选择put int ...

  7. 入门大数据---HDFS,Zookeeper,ZookeeperFailOverController(简称:ZKFC),JournalNode是什么?

    HDFS介绍: 简述: Hadoop Distributed File System(HDFS)是一种分布式文件系统,设计用于在商用硬件上运行.它与现有的分布式文件系统有许多相似之处.但是,与其他分布 ...

  8. Oracle数据库的闪回操作(查询指定时间的数据、恢复数据)

    通过DELETE删除数据后相当于放入回收站,一般情况下可以找回:通过UPDATE更新数据后数据库也会保留数据快照.闪回就是恢复指定时间的数据快照以达到恢复数据的目的.根据步骤一查询出数据快照,恢复数据 ...

  9. TypeScript学习——数组、元组、接口(2)

    数组 数组类型注解 const numberArr: (number | string)[] = [1, '2', 3]; //既可以是number 也可以是string const stringAr ...

  10. scheduler的调度规则

    对爬虫的请求进行调度管理 允许接收requests并且会调度一个request去下载,且具有去重机制 优先级和队列不会被调度器执行(调度器不管优先级的问题),用户使用字段给每个Request对象,可以 ...