Originally Posted by Chris Kirsch
Wouldn’t it be fantastic to be invisible for a day? Walk straight into a bank vault in the morning, be a fly on the wall in the Oval Office for lunch, and spend an evening in your favorite movie star’s house. Well, now you can - with Metasploit!
We tested our Metasploit invisibility cloak on a field day recently. Our venue of choice: an anti-virus test lab. The goal was to test how well Metasploit’s anti-virus protection would hold up against the most recent versions of the world’s top ten anti-virus vendors. The results were better than we had hoped for: Every single vendor had gaping holes, two didn’t trigger alerts at all.
I don’t want to single out specific vendors, so I’ve anonymized the chart. In addition, exploit developers and anti-virus engines are in a constant arms race, so I don’t want to disclose how we make our exploits invisible. Otherwise, the AV vendors would fix the holes, my colleagues in development would have to code through the weekend, and I would have to buy them a beer next time. Instead, they're now working on making Metasploit Pro completely invisible.
If you're interested in Metasploit and anti-virus, also check out n00bznet's recent blog post on the subject.