专注 APT 攻击与防御 - Micro8 系列教程项目地址：
https://github.com/Veil-Framework/Veil-Evasion

1、Veil-Evasion

Veil-Evasion 是与 Metasploit 生成相兼容的 Payload 的一款辅助框架，并可以绕过大多数的杀软。

Veil-Evasion 并没有集成在kali，配置 sources.list，可直接 apt-get。

1. root@John:~/Deskto#cat /etc/apt/sources.list
3. #中科大
4. deb http://mirrors.ustc.edu.cn/kali kali-rolling main non-free contrib
5. deb-src http://mirrors.ustc.edu.cn/kali kali-rolling main non-free contrib
6. #阿里云
7. #deb http://mirrors.aliyun.com/kali kali-rolling main non-free contrib
8. #deb-src http://mirrors.aliyun.com/kali kali-rolling main non-free contrib
9. #清华大学
10. #deb http://mirrors.tuna.tsinghua.edu.cn/kali kali-rolling main contrib non-free
11. #deb-src https://mirrors.tuna.tsinghua.edu.cn/kali kali-rolling main contrib non-free
12. #浙大
13. #deb http://mirrors.zju.edu.cn/kali kali-rolling main contrib non-free
14. #deb-src http://mirrors.zju.edu.cn/kali kali-rolling main contrib non-free
15. #东软大学
16. #deb http://mirrors.neusoft.edu.cn/kali kali-rolling/main non-free contrib
17. #deb-src http://mirrors.neusoft.edu.cn/kali kali-rolling/main non-free contrib
18. #官方源
19. deb http://http.kali.org/kali kali-rolling main non-free contrib
20. deb-src http://http.kali.org/kali kali-rolling main non-free contrib
21. #重庆大学
22. #deb http://http.kali.org/kali kali-rolling main non-free contrib
23. #deb-src http://http.kali.org/kali kali-rolling main non-free contrib

2、安装

1. root@John:~/Desktop# apt-get install veil-evasion

由于在实验中本机已经安装，所以我们在虚拟机中使用 git 方式来下载和安装。（以便截图）
ps:本次 kali 下截图使用 scrot

1. root@John:~/Deskto# apt-get install scrot
2. root@John:~/Deskto# scrot -s //即可
3. root@John:~/Deskto# git clone https://github.com/Veil-Framework/Veil-Evasion.git

1. root@John:~/Veil-Evasion# ./setup.sh
2. //安装漫长

3、测试

以 c/meterpreter/rev_tcp 为例：

ps:Veil-Evasion 不再更新，新版本项目地址：
https://github.com/Veil-Framework/Veil

4、附录：

1. [*] 可支持生成payloads:
2. 1) auxiliary/coldwar_wrapper
3. 2) auxiliary/macro_converter
4. 3) auxiliary/pyinstaller_wrapper
5. 4) c/meterpreter/rev_http
6. 5) c/meterpreter/rev_http_service
7. 6) c/meterpreter/rev_tcp
8. 7) c/meterpreter/rev_tcp_service
9. 8) c/shellcode_inject/flatc
10. 9) cs/meterpreter/rev_http
11. 10) cs/meterpreter/rev_https
12. 11) cs/meterpreter/rev_tcp
13. 12) cs/shellcode_inject/base64_substitution
14. 13) cs/shellcode_inject/virtual
15. 14) go/meterpreter/rev_http
16. 15) go/meterpreter/rev_https
17. 16) go/meterpreter/rev_tcp
18. 17) go/shellcode_inject/virtual
19. 18) native/backdoor_factory
20. 19) native/hyperion
21. 20) native/pe_scrambler
22. 21) perl/shellcode_inject/flat
23. 22) powershell/meterpreter/rev_http
24. 23) powershell/meterpreter/rev_https
25. 24) powershell/meterpreter/rev_tcp
26. 25) powershell/shellcode_inject/download_virtual
27. 26) powershell/shellcode_inject/download_virtual_https
28. 27) powershell/shellcode_inject/psexec_virtual
29. 28) powershell/shellcode_inject/virtual
30. 29) python/meterpreter/bind_tcp
31. 30) python/meterpreter/rev_http
32. 31) python/meterpreter/rev_http_contained
33. 32) python/meterpreter/rev_https
34. 33) python/meterpreter/rev_https_contained
35. 34) python/meterpreter/rev_tcp
36. 35) python/shellcode_inject/aes_encrypt
37. 36) python/shellcode_inject/aes_encrypt_HTTPKEY_Request
38. 37) python/shellcode_inject/arc_encrypt
39. 38) python/shellcode_inject/base64_substitution
40. 39) python/shellcode_inject/des_encrypt
41. 40) python/shellcode_inject/download_inject
42. 41) python/shellcode_inject/flat
43. 42) python/shellcode_inject/letter_substitution
44. 43) python/shellcode_inject/pidinject
45. 44) python/shellcode_inject/stallion
46. 45) ruby/meterpreter/rev_http
47. 46) ruby/meterpreter/rev_http_contained
48. 47) ruby/meterpreter/rev_https
49. 48) ruby/meterpreter/rev_https_contained
50. 49) ruby/meterpreter/rev_tcp
51. 50) ruby/shellcode_inject/base64
52. 51) ruby/shellcode_inject/flat

文章来源：《专注 APT 攻击与防御 - Micro8 系列教程》 - 书栈网 · BookStack