Exploitation Tools Video Tutorials

Phantom Evasion – Python AV Evasion Tool – Generate (Almost) FUD Payload – Kali Linux 2018.2

Phantom-Evasion is an interactive antivirus evasion tool written in python capable to generate (almost) FUD executable even with the most common 32 bit msfvenom payload (best performances are obtained with 64 bit payload). The aim of this tool is to make antivirus evasion an easy task for pentesters through the use of prewritten modules focused on polymorphic code and antivirus sandbox detection techniques. Since version 1.0 Phantom-Evasion also include a post-exploitation section dedicated to persistence and auxiliary modules.

Kali Linux Rolling 2018.1+ is the only OS with automatic setup officially supported

The following OSs support (unofficially) automatic setup :

  1. Parrot Security

The following OSs are likely able to run Phantom Evasion through manual setup:

  1. Arch Linux
  2. BlackArch Linux
  3. Elementary
  4. Linux Mint
  5. Ubuntu 15.10+
  6. Windows 7/8/10

Dependencies (only for maunal setup)

  1. metasploit
  2. mingw-w64
  3. gcc
  4. apktool
  5. strip
  6. wine
  7. zipalign

require libc6-dev-i386 (linux only)

Getting Started

Simply git clone or download and unzip Phantom-Evasion folder

Kali Linux:

Automatic setup officially supported, open a terminal and execute phantom-evasion:

python phantom-evasion.py