Presentation title: Sneaking payloads past AV with Obfy

No ratings

Presented at BsidesDFW2013 2013 by

John Woods

In this talk I will be demonstrating how the Obfy script can obfuscate Metasploit payloads to bypass major AV software. Obfy does all the work of decompiling the payload, obfuscating the ASM code by adding random code, and compiling the payload for you. I will also show how it works and how you can add your own custom ASM code and use the tool on any file you want. There will be a live demo where you will be shocked by how little ASM code is really needed to fool AV software and how anyone can do this, you don’t have to know Assembly.