It is widely acknowledged that antivirus is not an effective security mechanism against 0-day threats. It is not until malware has been out in the wild propagating for a while that it catches a vendor’s eye and a signature for it is developed. Once that happens it is trivial for a malicious actor to modify his source code while preserving the functionality of his tool, and then the process starts all over again. Unfortunately, for the penetration tester this means that each one of us must have our own individual solution to the antivirus problem in order to give our clients the value they deserve out of an information security assessment. After all, if the bad guys are doing it, it MUST also be a part of our security evaluation procedures. Penetration testers should not have to spend their time bypassing a security mechanism that other less ethical hackers would simply vaporize. We built Artemis to solve this deficiency.
Artemis is an advanced malware simulation suite capable of emulating the Advanced Persistent Threat. Artemis raises the bar allowing ethical hackers and penetration testers the luxury of an advanced set of features equivalent to many of the tools employed by criminal gangs today. By abstracting polymorphism to a server based platform at cevincere.com Artemis is able to stay one step ahead of antivirus vendors, and ensure that penetration testers can give their clients the value that they deserve.
How Artemis Bypasses Antivirus
Cevincere uses several techniques to generate a unique binary in order to bypass antivirus. Because Artemis’ signature is vastly altered each time it is created AV is unable to create an effective signature.
- Evades signature-based anti-virus detection
- Integrates with free tools like the Metasploit Framework & Armitage
- Robust communication channel maximizes connectivity
- Increases stealth by dialing back on a customizable interval
I hope that Artemis is able to help you push your penetration tests to the next level! The video below is a short demonstration of how Artemis may be able to assist you. Happy Hacking!