# Extending the Metasploit Framework to Implement an Evasive Attack   Infrastructure

**Authors:** Aubrey Alston

arXiv: 1705.04853 · 2017-05-16

## TL;DR

This paper enhances the Metasploit framework to generate and deliver evasive malicious payloads via drive-by downloads, enabling more effective testing of antivirus defenses against sophisticated malware.

## Contribution

It introduces new capabilities to Metasploit for creating and deploying evasive payloads in a reproducible manner within the SPICE testing framework.

## Key findings

- Successfully generated evasive binaries
- Demonstrated drive-by download delivery
- Enabled reproducible testing scenarios

## Abstract

Given a desired goal of testing the capabilities of mainstream antivirus software against evasive malicious payloads delivered via drive-by download, this work aims to extend the functionality of Metasploit--the penetration testing suite of choice--in a three-fold manner: (1) to allow it to dynamically generate evasive forms of Metasploit-packaged malicious binaries, (2) to provide an evasive means of delivering said executables through a drive-by download-derived attack vector, and (3) to coordinate the previous two functionalities in a manner which can be used to produce reproducible tests within the SPICE framework

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1705.04853/full.md

## Figures

6 figures with captions in the complete paper: https://tomesphere.com/paper/1705.04853/full.md

## References

1 references — full list in the complete paper: https://tomesphere.com/paper/1705.04853/full.md

---
Source: https://tomesphere.com/paper/1705.04853