Most security solutions also do network intrusion detection, by analyzing the traffic coming to and from the target machines. In this case, it is most likely that, even if we can use encoders to bypass the antivirus, our payload will get caught when trying to connect to our listener.
Because we are using a valid TLS certificate for this recipe, I have used a DigitalOcean droplet running Ubuntu 16 with 1 GB of RAM. Configure a custom domain zinitiative.com
, and use Let's Encrypt to get a certificate.
After configuring the domain DNS servers to point to the DigitalOcean droplet, getting a certificate with Let's Encrypt is very simple.
- First, we need to install
letsencrypt
, which can be done using the following command:
apt install letsencrypt -y
- Next, to generate the certificate run the
letsencrypt
command, and follow the instructions:
letsencrypt certonly --manual -d zinitiative.com
- If all goes as expected, you should have...