Avoidz: bypass most A.V softwares
Avoidz v1.3 tools to bypass most Anti Virus software
This tool Generate encoded powershell with Metasploit payloads, convert C, C#, py, go Templates to EXE’s
Author: Mascerano Bachir [ dev-labs ]
Anti-Virus manufacturers nowadays implements more and more complex functions and algorithms in order to detect the latest and newest viruses along with their variants. Anti-Virus manufacturers has evolved a lot during the last decade, starting with simple signaturebased scanners and thereafter slowly implementing more and more advanced heuristics. Most of these are able to scan files stored on the harddisk, but also opcodes in the memory. Opcodes are in short, Assembly commands which are the lowest level of instructions given to the CPU by any application running. A program is usually developed in a higher level language such as C or C++, where opcodes are usually not directly involved. The compiler on the other hand, translates the high-level code into these opcodes based on the Architecture used and so forth. When a traditional Anti-Virus application scans a file, it does so by reading the offsets and its assigned values. Where the offset is a memory address and the value is an opcode which the scanner can read with a simple binary hex-viewer. Therefore, it is able to look for a signature. If an application passes the file-scan check on the harddisk without any heuristic “sandboxes” applied, then the file is either safe to run or the Anti-Virus application just got bypassed!
There is however simple methods that can be used to bypass most of these, especially those that doesn’t use heuristics and similar techniques at all. To bypass Antivirus sofware, there are many techiques like: Modifying AV Signatures in PE Files, Polymorphic Techniques and Hijacks, Altering the Encoder to a Decoder.
Legal Disclaimer:
The author does not hold any responsibility for the bad use of this tool, remember this is only for educational purpose.
Download/Config/Usage:
Demo
https://www.youtube.com/watch?v=ZilOByKkrVk
Source: M4sc3r4n0
