AV EVASION TECHNIQUES

How to fool the Microsoft Defender and other anti-virus systems.

INTRODUCTION

During the Penetration Testing, if you come across a Windows OS, in most cases it will be protected at least by the basic anti-virus system called "Microsoft Defender". In this article, you will learn how to bypass it and some of the other anti-viruses to avoid seeing the below message:

The operation did not complete successfully because the file contains a virus or potentially unwanted software.

BEFORE YOU START

• You should turn off Automatic sample submission to not deliver the samples to Microsoft during the test.

• Additionally, you should turn off the real-time protection or add the working directory to the Microsoft Defender Exclusion list.

MALWARE DELIVERY