Obfuscation Guidance & Resources by Daniel Bohannon

I gathered videos and resources about three great tools for obfuscation made by Daniel Bohannon.

Invoke - Obfuscation

• [Daniel Bohannon – Invoke-Obfuscation: PowerShell obFUsk8tion](https://www.youtube.com/watch?v=uE8IAxM_BhE)
• [Hacks Weekly #34: Going Undercover With Invoke-Obfuscation](https://www.youtube.com/watch?v=1-sb0jXPzjU)
• [How To: Bypass Windows Defender and other Antiviruses](https://www.youtube.com/watch?v=u42SoG22jZQ&ab_channel=HackersAcademy)

• https://www.danielbohannon.com/blog-1/2017/12/2/the-invoke-obfuscation-usage-guide
• https://www.danielbohannon.com/blog-1/2017/12/2/the-invoke-obfuscation-usage-guide-part-2

• https://github.com/danielbohannon/Invoke-Obfuscation

Invoke - DOSfuscation

• Invoke-DOSfuscation: Techniques FOR %F IN (-style) DO (S-level CMD Obfuscation)


• https://hackinparis.com/data/slides/2018/talks/HIP2018_Daniel_Bohannon_Invoke_Dosfuscation.pdf


• https://github.com/danielbohannon/Invoke-DOSfuscation

Revoke - Obfuscation _ Obfuscation Detection Framework

• List item

Revoke-Obfuscation: PowerShell Obfuscation Detection (And Evasion) Using Science

Thanks for posting this.

this is a really good read on the subject. thanks for sharing.
I’ve been trying so many tools to Crypt and Obfuscate payload with no luck. What pen testers are not showing in the youtube videos is how their payloads sessions do against Anti-Virus software.

I’m finding Avast to be a pain. its a challenge is all i can say on a windows box. I’ve tried tools like FatRat, Unicorn, and msfvenom. none of these were 100% successful even if you scanned your payload.exe on websites and showed Avast was clean, when actually tested in my lab, Avast was able to detect it. i had no luck doing dll injection or memory injection. maybe someone can show how that really works?

The only thing that I’m starting to have success with is with a C# payload complied in Visual Studio. Avast will pick it up but says its “okay”