So, this blog is just going to be a rant about the comments on the twitter that I was facing for Windows Defender and Symantec Endpoint Protection Evasion. You can find the tweet here:

So, since a lot of people thought that I cannot evade Antivirus by using an SSL certificate to sign the code,  I decided to upload this small video along with a small narration of what I am doing to prove that code signing with SSL spoofing can be used to evade Antivirus.

I used this method to evade Windows Defender and Symantec Endpoint Protection which are both focused on Machine Learning. And below is the POC for the same. Enjoy!

4 Comments

Leave a Reply