#readwise # Using the Metasploit Framework - Encoders  ## Metadata - Author: [[Hack The Box]] - Full Title: Using the Metasploit Framework - Encoders - URL: https://academy.hackthebox.com/module/39/section/409 ## Summary The Metasploit Framework has been used for 15 years to create payloads that can evade antivirus detection. Encoders help modify payloads to work on different operating systems and remove harmful characters. The Shikata Ga Nai encoder was once very effective, but modern detection methods have made it less reliable. Users can now use the msfvenom tool to generate and encode payloads more efficiently, but many antivirus programs still detect them. ## Highlights `Encoders` come into play with the role of changing the payload to run on different operating systems and architectures. ([View Highlight](https://read.readwise.io/read/01jrz9en7fdm1k4378mjkzcff2)) --- They are also needed to remove hexadecimal opcodes known as `bad characters` from the payload. Not only that but encoding the payload in different formats could help with the AV detection. ([View Highlight](https://read.readwise.io/read/01jrz9f9pmb1zk4j19v862e8x3)) --- The use of encoders strictly for AV evasion has diminished over time, as IPS/IDS manufacturers have improved how their protection software deals with signatures in malware and viruses. ([View Highlight](https://read.readwise.io/read/01jrz9fgq3zzg0gkf560mptqez)) ---