Throughout this chapter, we identified a number of considerations when we perform client-side penetration testing; as we have mentioned throughout the chapter, we have barely scratched the surface on this:
Review the information encoding of our payloads, attempt a number of different techniques, and see if you can improve on reducing the number of products that detected your code. Once you have done this, research the latest information on bypassing antivirus software, and see if any of these can improve your evasion. Finally, research the Veil framework at https://www.veil-framework.com and experiment with the different methods that are contained there to see if you can achieve a better score than that of the encoding methods in Metasploit.
For this second challenge, explore the methods that we use in the chapter for the PowerShell scripting, and explore the latest information contained at http://www.powershellempire.com and experiment with the different methods of the...