AV Bypass - #metasploit list

Q >>> is a way to apply the msfencode to a generic PE file?

HDM >>> Not yet - msfencode only works on small chunks of an assembler, what you are looking for is a full-blown packer, such as ASPack or UPX. A great way to bypass AV product detection is to use a standard packer (UPX is easy) and then manually tweak the binary in a hex editor (change the UPX0-3 section names, replace some of the instructions at the entry point with equivalent opcodes, etc).

I have used dsplit to understand AV signature before. It can be quite a pita though. I'll post some results using the HDM-UPX methodology.

As usual, 10X to HDM.