Guides & Videos

This hub collects all available guides, tutorials, and walkthrough materials for the Veil Framework. Whether you are setting up a lab for the first time or digging into advanced module configuration, you will find structured guidance here.

Beginner Guides

Start here if you are new to the framework:

• Veil Tutorial — Complete setup walkthrough, from lab configuration through your first payload and detection analysis
• Command-Line Usage — CLI reference for interactive and scripted operation
• Framework Overview — Understand the architecture before diving into specific modules

Module Guides

Detailed documentation for each framework component:

• Veil-Evasion — Payload generation and detection testing
• PowerView Usage Guide — Active Directory enumeration and monitoring
• PowerShell Payloads — PowerShell-specific testing and detection
• Catapult — Payload delivery and deployment in lab environments
• Pyherion — Python payload obfuscation

Defensive & Analysis Guides

Understanding the blue team perspective:

• Safely Checking Payloads Against VirusTotal — Evaluation without exposing operational details
• Building Trust in Evasion Payloads — Integrity, signing, and supply-chain safety
• Hunting Sensitive Data — Detection strategies for data discovery activity
• Hunting Users — Identifying enumeration in your environment
• Cobalt Strike Beacon Detection — Telemetry and detection for C2 activity

Technical Deep Dives

• DEP & PyInstaller — Data Execution Prevention and Python packaging
• PrependMigrate — Process migration and detection opportunities

Video Content

Video walkthroughs complement the written guides and are available through the framework's documentation channels. These cover the same material as the written guides but in a visual, step-by-step format that some practitioners find easier to follow during lab setup.