Something in my mind about AVs/AMs

Discussion in 'other anti-virus software' started by Abdallah, Apr 28, 2015.

  1. Abdallah

    Abdallah Registered Member

    Joined:
    Oct 28, 2013
    Posts:
    105
    Location:
    Palestine
    First , I am using AVs/AMs , thats to be clear that I am not against using it,

    So , the point is , many AVs/AMs today include some kind of protection other than the traditional signature based protection , thats nice , but .. this is my own experiance ..

    Lets start with the last one, when I was helping someone close to me doing some kind of university project , and one of its elements was to try to make a tool/technique to hack social media accounts, I was very nervous as I didn't try to do that before and I thought it will be very hard to do.

    But when I finished I realized that it was very simple process , I used some "clean" and "innocent" tricks , I used also some kind of portable widely used utilities , pack it with my package , let it all communicate in a way that even FWs will not detect it ( using the browser on user request! .. without exploiting or injecting anything ) , and thats it !

    I managed to make ( for demonstration ) some kind of social account hacking tool in away that even a top scored AV , and some other security tools ( a FW , a Keystoke encryption tool , a Sandbox ) did not detect or stop its functions ..

    And in the past , I remember I made ( for fun ) a testing tool that managed to work and function in a very popular AV/AM lab but they didn't detect it and said that it is not harmful or something like that !!

    I am not talking about hard tricks to fool and bypass AVs/AMs , I used very simple and straight forward techniques , and it worked !

    So , the thing I want to say here , is AVs/AMs ( and maybe others ) focusing on hard/professional hacking tricks/techniques and leave the simple/straight-forward ways opened and not secured ?


    Abdullah
     
    Last edited: Apr 30, 2015
Loading...