Penetration Testing – AV Evasion With the Veil Framework [LIVE PRESENTATION]

Penetration Testing – AV Evasion With the Veil Framework [LIVE PRESENTATION]

Henry Dalziel | Hacker Hotshots | August 28, 2014

Come join us for a live Google Hangout with the two brains behind the Veil Framework: Chris Truncer and Will Schroeder this coming Wednesday September 3rd 2014. Here’s the link to join the Hangout – [there is nothing to download]…

What is the Veil Framework?

The Veil-Framework is a collection of red team security tools that allow penetration testing – with the focus being on evading detection. The framework has three tools, namely:

  • Veil-Evasion: which is a tool to generate antivirus-evading payloads by deploying a variety of techniques and languages against the target.
  • Veil-Catapult: a psexec-style payload delivery system that integrates Veil-Evasion
  • Veil-PowerView: a powershell tool to gain network situational awareness on specific Windows domains

The guys presented at DEF CON 22 and there work is widely distributed throughout the web. Incidentally – worth mentioning that the duo released a new tool for the Veil-Framework at DEF CON called – ‘Veil-Pillage’. Veil-Pillage, in their own words is:

“…a modular post-exploitation framework that subsumes Veil-Catapult and implements a ton more features…”

This is going to be an awesome presentation and we are delighted to have two widely experienced and socially active professional penetration testers on Hacker Hotshots.

What will Chris and Will discuss in the 15 Minute Hacker Hotshot episode?

  • The Veil-Framework is an open source project that aims to bridge the gap between pen-testing and red team toolsets.
  • The presentation will also include a discussion about Veil-Evasion, a tool which generates AV-evading payload executables.
  • Also – they will expand on a bunch of other useful and effective tools within the framework including Veil-Catapult, Veil-PowerView and Veil-Pillage.
  • Why the Veil-Framework will push forward what’s possible in pen testing.

In Summary

If you have even a passing interest in being able to effectively and efficiently use penetration testing frameworks and tools then this is clearly an awesome opportunity for you. These guys are hot off the press from DEF CON 22 (this year 2014) so we’d certainly recommend you hit them up now with questions and advice.

As always – please drop a comment below or during the actual event itself. Here’s the link again. Enjoy!

Leave a comment or reply below...thanks!