Incident Response Services
Penetration Testing Services
IoT Security Services
Training & Certification
Managed Vulnerability Management
Managed Application Security
Managed Detection & Response
Find a Partner
Rapid7 Insight is your home for SecOps, equipping you with the visibility, analytics, and automation you need to unite your teams and amplify efficiency.
Insight Cloud Overview Try Now
User Behavior Analytics & SIEM
Orchestration & Automation
Need a hand with your security program? From planning and strategy to full service support, our experts have you covered.
Need immediate help with a breach?
Antivirus has long been considered the first line of defense when malicious actors attempt to compromise a target machine, but it is not a silver bullet for defending against cyberattacks—particularly when new vulnerabilities are discovered and exploited. Rapid7’s Metasploit team has been researching techniques to evade common antivirus products so the broader security community can boost their security defenses by better anticipating and mitigating these approaches.
Rapid7’s Metasploit team has introduced several new capabilities into Metasploit to support antivirus evasion, including a code randomization framework, novel antivirus emulation-detecting code, encoding and encrypting routines, and a new evasion module type to make it easy to add further evasion techniques into Metasploit.
These capabilities help module developers and users build solutions for penetration testers who are pushing the boundaries of customer defenses, assist researchers and developers in improving and testing defensive tools, and enable IT professionals to more effectively illustrate evolving attacker techniques.
In this whitepaper, we offer details of the engineering work that underpins Metasploit’s new evasion capabilities, as well as example code for creating an evasion module yourself.
Know if you’ve been compromised with InsightIDR, Rapid7's incident detection and response solution.