Software security Tests

Discussion in 'other security issues & news' started by broe, Mar 11, 2008.

Thread Status:
Not open for further replies.
  1. broe

    broe Registered Member

    Mar 11, 2008
    Does someone here know of an internet site or sites that have "dummy" Trojans, Backdoors, Keyloggers, Worms, Viruses, Spyware, Adware and/or Rootkits to test computer security programs?

    I googled and found only (~25 sites/6 downloads):

    "Test My Firewall" at,
    "Jason's Toolbox" at,
    "GFI Email Security Testing Zone" at (~15 tests)
    Symantec Security Check at
    PC Security Test download at ( review 3.5/5 rating)
    Audit My PC Firewall, Anonymous, Popup Tests at
    Shields Up at (Several tests.)
    Browser Security Test at
    Eicar anti-virus test at (2 yrs old, checks only if AV scanner is running)
    Wi-Fi Security Test at
    McAfee HackerWatch at
    GRC - Firewall Leak Test download at
    Comodo Online Test download and online at America&country=US (two tests - any firewall)
    MISEC Trojan simulator download at

    Some of them actually work pretty well, but there must/should be others. Such online tests should get zillions of hits -> $$, IMHO. Perfect job for out-of-work hackers.

    I'd pay for this service, seriously. There should be as many INDEPENDENT security testing sites as there are security programs. With frequent updates, for two reasons: malware constantly evolves, and the security programs would "update" their programs very quickly to catch the dummies... to improve their scores.

    I want to KNOW if all these security programs that I have so diligently researched, installed, configured and updated, and updated, actually work? They offer "Tips" to maximize security efficacy. Not enough. I want tests. Real tests of my security software. Maybe I don't have my security configured properly. Maybe some programs are more efficient at picking up the latest malware. Maybe some are better at not reporting false positives. I want to determine the answers myself.

    These tests could certainly be as up-to-date as security software, and possibly more up-to-date, if the "legitimate" hackers were quicker at getting out the "dummies" than the security programs were at getting out their malware blocking updates. It would keep the security programmers on their toes. That could only be a good thing.

    And wouldn't it be a kick to make the screen light up and set off sirens and alarm bells when "dummy malware" is detected? That is, of course, if security software actually works.

    Reliable, controlled testing of my defenses against an evolving external enemy that could potentially trash my computer, steal my identity, my money, and my personal documents is fundamental AND potentially lucrative. Surely, I am not be the first to see this.

    Which leads me to this broader question: Is there a conspiracy to deter the public from testing security software? If so, there can only be one answer to, "Why?"

    ~~~~~~~~~~~~~~~~~~~~Eat your spinach, dude.~~~~~~~~~~~~~~~~~~~~~~
    Last edited: Mar 14, 2008
  2. MrBrian

    MrBrian Registered Member

    Feb 24, 2008
  3. Rmus

    Rmus Exploit Analyst

    Mar 16, 2005
    For testing prevention, the "real tests" are live exploits in the wild. is pretty good about posting advisories on the latest exploits with URLs. You have to be quick because the sites go dead fast these days.

    Recently, I listed samples of the different exploits I've encountered. While I was testing Anti-Executable, I discovered in correspondence with fcukdat, who posts here, that he was doing similar with Process Guard. It became evident that if your security includes White Listing, you will see that no binary executables can install. It was during this time that he wrote,

    Being real live exploits, you can analyze the code to see how they work. Note that much malware still exploit vulnerabilites long since patched. That should tell you something. For example, iframe is still one of the leading attack vectors.

    These are remote code execution exploits - perhaps the most dangerous, since based on the unexpected; yet, the easiest to prevent.

  4. broe

    broe Registered Member

    Mar 11, 2008
    All righty then...

    @ MrBrian.
    Wow. Quite a list. I will investigate the sites you referenced and be back, oh, sometime in May or June I expect. Seriously, this is exactly what I asked for.

    @ Rmus - rich.
    Got it. With some trepidation, I'm off to check out:
    2. your recent samples of different exploits,
    3. your posts RE: Anti-Executable,
    4. fcukdat's posts, RE: Process Guard,
    5. remote code execution exploits at

    (In future, I must be more careful what I ask for.) :D

    Thanks. Brilliant. I'll be back when I actually know something.

    ~~~~~~~~~~~~~~~~~~~~Eat your spinach, dude.~~~~~~~~~~~~~~~~~~~~~~
    Last edited: Mar 17, 2008
Thread Status:
Not open for further replies.