Performance Comparison of PyRAT and Phantom Antivirus Software Evasion Tools

Nowadays, Malwares have become the new way of cybercrime, and hackers are finding various ways to generate it in all available platforms. With this development, information security breach became one of the complex and very challenging issues most of the organizations are facing. This has motivated the penetration testers to indulge and develop tools and techniques similar to those used by real hackers, to attack systems and reveal its security weaknesses. This paper implements tools (pyRAT and Phantom) which automate the generation of Metasploit payload executable, that have the ability to invade systems without getting detected by most antivirus solutions. The exploitation process generates a meterpreter session between the user and the target system, with intention of gaining access to the target system. The paper adopted an experimental research design, in a Virtual lab setup with VMware Oracle VirtualBox, consisted of two machines (attacking and target machine) in order to test the Evasion tools against AV software products. The development of pyRAT and Phantom is strictly, for educational purposes and eventually to be helpful during the process of a penetration testing activities. Any other illegal use of this tool is not recommended. The study proved pyRAT with best evading capability having bypassed most of the selected antivirus by 67% while Phantom evasion tool acquired 50% evading stand