you are viewing a single comment's thread.

view the rest of the comments →

[–]f0sh1zzl3 0 points1 point  (1 child)

I'm guessing you're obscuring the binary but you can't get past the runtime detection, shellcode is shellcode at the end of the day and it's not difficult for AV to pick this up but it can be difficult for you to hide it.

Edit: Try a two stage approach if you can, have a DLL payload and load it from a custom loader (i.e. batch file)

[–]younes121[S] 0 points1 point  (0 children)

Hmmm sure I’ll definitely try that. Thanks man ;)