Hiding keylogger from antivirus

I have a keylogger that I’ve been testing on myself and asked a buddy to test it too on a vm (I told him of course what it was) but antivirus flags it upon download and prevents it. Is there any way to prevent antivirus flagging it/going undetected without turning off antivirus ? I had my friend try it and the download cancels due to the antivirus
W
w33t486d ago
Is this a keylogger that you've written yourself?
F
Forseti485d ago
Nope, downloaded However I’ve just recently went on a video and gotten someones source code So now I have one I can actually edit I guess
W
w33t485d ago
I have to ask what the purpose of this is. Is it just something to learn or are you intending to deploy it?
F
Forseti484d ago
Learn/deploy. However it will go on a device I have purchased myself which afaik is legal
W
w33t484d ago
Good to hear. There's a very fine line between doing something to learn, which I love and encourage and doing something with malicious intent, which we don't support here. As far as that keylogger goes, if it's something already compiled, there really isn't anything you can do for AV evasion. Its hash is likely already well-known and the behavior heuristically is probably well-known too. Your best bet is writing it yourself and then using obfuscation and AV evasion techniques. https://www.hivepro.com/antivirus-evasion-techniques/ https://infosecwriteups.com/antivirus-evasion-26a30f072f76?gi=bb1375e52658 https://resources.infosecinstitute.com/topic/antivirus-evasion-tools/
Hive Pro
AntiVirus Evasion Techniques - Hive Pro
Antivirus software looks for, detects, and eliminates viruses as well as other harmful software such as worms, trojans, adware, and others. Such programs are intended to be used as a preventative measure in cyber security, preventing threats from entering your computer and causing harm.
Medium
Antivirus Evasion — Part 1
An Antivirus, by definition, is a software program used to prevent, detect, and eliminate malware and viruses. AVs in general use…
Infosec Resources
Antivirus evasion tools [updated 2021] | Infosec Resources
Often during our penetration testing engagements, we may have to bypass antivirus applications – especially during the post exploitation phase to execute
WHL
Whata how long can i make these472d ago
@final_fantasy7 to bypass av first you must know a bit about it. You have to know a few things about the target (yourself), making malware is an art and there are a lot that goes into it. I suggest trying to learn the whole process before you get started. Some of the things I suggest researching are: Lockheed Martin kill chain (planning) Networking(how are you gonna receive the keystrokes how does it work) A little bit of python (your not going to need the full language) Git (useful career skill) How to exit vim (lol) Idk I’m not an expert and I just started Learning how to google efficiently is also important It’s bad if you have to rely on the activity of discord or whatevwr A lot of people that just start always do that and it’s not a good trait to have Av detects in a few ways and it will change your attack vector Is it a one time virus or will it passively take in keystrokes Don’t do bad stuff with your software it’s not worth it you’d make more money at McDonald’s Depending on what your software does and your exploitation phase depends on how you will code it and before you start you have to have everything planned out and if you have to change your plan it’s not a good one One thing that I should do more of is documentation, it’s a good skill to write down EVERYTHING and I mean everything that you do and is something that I wish I did when I first started but it’s only been like a year since I started cybersecurity and I haven’t even really done anything and the stuff that I have done I have deleted so do what you want but this is just my advice I know documentation will help me later on If I do decide to do cybersecurity I’m pretty good at talking about things I know nothing about lmao
WHL
Whata how long can i make these472d ago
Did I say anything wrong
W
w33t472d ago
Not inherently, it's just a weird way to join a server. A wall of incoherent rambling lmfao.
WHL
Whata how long can i make these472d ago
😢
W
w33t472d ago
I don't think the lockheed martin kill chain really applies to AV evasion, though. It's a framework to outline attack methodology. AV evasion is something you tie into your tool, if that makes sense.
WHL
Whata how long can i make these472d ago
You can’t rlly do anything with it without knowing the kill chain Ig it doesn’t matter if it’s only for yourself Wich it should be
W
w33t472d ago
I can guarantee the kids that broke into Uber don't know the kill chain lmfao
WHL
Whata how long can i make these472d ago
He used social engineering tho right Not malware
W
w33t472d ago
That falls within the kill chain... It's a framework lol Like ITIL
WHL
Whata how long can i make these472d ago
Ye ur right It’s still a good thing to learn and helps a bit with basic knowledge towards general problem solving skills I have a mountain I need to climb 1. what equipment will I need (climb axe or wtv they use) 2. How will I use this equipment 3. I am now using the equipment what places will I put the axe 4. I’m using the axe now and I’m going up the mountain 5. I’m at the top how will I sleep 6. I need to tell people I’m ok and made it 7. I’m up here ppl know I’m good and now I can go down Pretty bad analogy Idk