@inproceedings{5a374876bec54feaa92d614f529625cb,
title = "Evading signature-based antivirus software using custom reverse shell exploit",
abstract = "Antivirus software is considered to be the primary line of defense against malicious software in modern computing systems. The purpose of this paper is to expose exploitation that can evade Antivirus software that uses signature-based detection algorithms. In this paper, a novel approach was proposed to change the source code of a common Metasploit-Framework used to compile the reverse shell payload without altering its functionality but changing its signature. The proposed method introduced an additional stage to the shellcode program. Instead of the shellcode being generated and stored within the program, it was generated separately and stored on a remote server and then only accessed when the program is executed. This approach was able to reduce its detectability by the Antivirus software by 97% compared to a typical reverse shell program.",
keywords = "Anti-Virus, Kali Linux, Metasploit-Framework, Meterpreter, Msfvenom, Reverse Shell",
author = "Andrew Johnson and Haddad, {Rami J.}",
note = "Publisher Copyright: {\textcopyright} 2021 IEEE.; 2021 SoutheastCon, SoutheastCon 2021 ; Conference date: 10-03-2021 Through 13-03-2021",
year = "2021",
month = mar,
day = "10",
doi = "10.1109/SoutheastCon45413.2021.9401881",
language = "English",
series = "Conference Proceedings - IEEE SOUTHEASTCON",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
booktitle = "SoutheastCon 2021",
address = "United States",
}