A penetration tester has found that using Metasploit and UPX does not reliably bypass antivirus software.
They tested seven windows meterpreter reverse TCP payloads encoded in different ways, and all were detected by filescan.io as either suspicious or malicious.
The tester also tried using penetration testing tool Veil-Evasion with UPX, but this was also detected as malicious.
They note that rust-coded payloads may be more effective, as they can be harder to reverse engineer, and mention the Nim programming language as another potential option.
The tester stresses that these tools should only be used in a controlled manner as agreed in a rules of engagement document, and are not to be used to develop malware.