Skip to Main Content
June 11, 2010

Anti-Virus Evasion through JavaScript Obfuscation

Written by David Kennedy
Penetration Testing Security Testing & Analysis
Easy way of utilizing Metasploit and an online packer to evade Anti-Virus when performing exploitation on Browser-Side exploits. Metasploit obfuscates very well on a lot of things however there are certain patterns that still get picked up by anti-virus (specifically the %u encoding). This demonstration is a simple way of getting around all of that and evading Anti-Virus. You can use the packer here: