ZeroVulnerabilityLabs ExploitShield

Discussion in 'other anti-malware software' started by sbwhiteman, Sep 28, 2012.

Thread Status:
Not open for further replies.
  1. Thankful

    Thankful Savings Monitor

    Joined:
    Feb 28, 2005
    Posts:
    5,997
    Location:
    New York City
    Can I send an email instead? PMs don't allow file attachments.
     
  2. ZeroVulnLabs

    ZeroVulnLabs Developer (aka "pbust")

    Joined:
    Mar 5, 2012
    Posts:
    1,189
    Location:
    USA
  3. JimboW

    JimboW Registered Member

    Joined:
    Oct 22, 2010
    Posts:
    280
    Windows 7 Professional 32-bit.

    Thanks for looking at the FP.
     
  4. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    Yes I understand your point.
     
  5. TomAZ

    TomAZ Registered Member

    Joined:
    Feb 27, 2010
    Posts:
    1,131
    Location:
    USA
    Are all of the Shields currently displayed in v. 0.7 functional, or are they not active?
     
  6. ZeroVulnLabs

    ZeroVulnLabs Developer (aka "pbust")

    Joined:
    Mar 5, 2012
    Posts:
    1,189
    Location:
    USA
    Yes they are functional. We simply deactivated them for the Browser Edition beta.

    In our YouTube channel you can view some vids of the full version and all the shields in action.
    PS: the vids are of prototypes and early versions, but with all shields enabled.
     
  7. guest

    guest Guest

    Same here Win7 x64 Enterprise. It worked well until I restarted the computer.
    And If I open the program the tray icon appear and disappear after a few seconds.
     
  8. Adric

    Adric Registered Member

    Joined:
    Feb 1, 2006
    Posts:
    1,499
    Is there any substance to the tracking software claim mentioned here?

    Al
     
  9. guest

    guest Guest

    What is wrong about appearing in CNET website...?
     
  10. moontan

    moontan Registered Member

    Joined:
    Sep 11, 2010
    Posts:
    3,931
    Location:
    Québec
    sounds like an interesting program.

    i'll give it a try with Metasploit.

    maybe play with the 'real stuff' later on when i have the times.
     
  11. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,104
    Location:
    USA
    Just saw this - very positive review:

    http://www.pcmag.com/article2/0,2817,2410274,00.asp

    By the way, it looks like ExploitShield (ES) is detecting Waterfox as Firefox (there's a log entry saying ES is protecting Firefox which I'm not running). Is that correct and is it actually protecting Waterfox? I see that Waterfox is not on the list of supported browsers at the moment.
     
    Last edited: Oct 2, 2012
  12. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    By the way, will there be an option not to send any data to your servers? By data, I mean the info about the URL that were blocked. I think that sending any info out, regardless of the application, should always be optional (unless of course, the application needs it to work).
     
  13. popcorn

    popcorn Registered Member

    Joined:
    Apr 3, 2012
    Posts:
    239
    Hi


    Same thing here, running Waterfox and logging as "firefox is now protected"

    Thanx
    Popcorn
     
  14. ZeroVulnLabs

    ZeroVulnLabs Developer (aka "pbust")

    Joined:
    Mar 5, 2012
    Posts:
    1,189
    Location:
    USA
    We are thinking about adding that to a PRO and/or Corporate version, but not the free version. That's the price you pay for getting free software.

    PS: we only send data related to exploits, not about ANYTHING else.
     
  15. Adric

    Adric Registered Member

    Joined:
    Feb 1, 2006
    Posts:
    1,499
    I understood him as saying ExploitShield contained tracking software. CNET was just something else he didn't like.

    Al
     
    Last edited: Oct 2, 2012
  16. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Ahh hooks user land API's and sanitizes them, surprised how well it worked :thumb: any thoughts on protecting against different attack vectors like meterpreter and the likes? Okay test convinced me, I dropped EMET in favour of Z see pic :D
     

    Attached Files:

  17. kdcdq

    kdcdq Registered Member

    Joined:
    Apr 19, 2002
    Posts:
    815
    Location:
    A Non-Sh*thole State
    I know that it is extremely early in the product cycle, but I am going to ask anyway:

    ZeroVulnLabs, do you guys have any idea yet how much you are going to charge for the Pro version of your product? I'm not looking for an exact figure, but a ballpark number would be great.:)
     
  18. TomAZ

    TomAZ Registered Member

    Joined:
    Feb 27, 2010
    Posts:
    1,131
    Location:
    USA
    @Kees1958

    Are you using the free Browser Edition of Z or the Corporate Edition?
     
  19. syk69

    syk69 Registered Member

    Joined:
    Feb 7, 2010
    Posts:
    183
    ZeroVul,

    Will there be an option to hide the block message so that it just blocks in the background without the popup window?
     
  20. ZeroVulnLabs

    ZeroVulnLabs Developer (aka "pbust")

    Joined:
    Mar 5, 2012
    Posts:
    1,189
    Location:
    USA
    That's a good idea. Please post it at our Suggestion forum so we can keep track of it.
     
  21. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    like a ballon mesage
     
  22. zitch

    zitch Guest

    Older system/Windows XP/SP3, Avast antivirus,up to date, older version of Comodo firewall (to avoid conflicts- version 3.0.25.378..), Comodo Secure DNS Server, VPN4ALL, Opera browser up to date, all settings (firewall and antivirus) set tight, Opera tweaked a little bit, NOT using EMET, downloaded ExploitShield couple of days ago, had a couple of problems that were easily solved, may have been my settings, did notice that it erased my system restore points, but, it seems like every time I download some kind of program, that happens o_O uninstalled it, rebooted, reinstalled, seems to be working fine, nice program, lots of vulnerabilities in this old XP system, will put it to the test....I run scans very often with a multitude of antivirus programs, including Avast boot scan, Eset online scanner, Comodo firewall online scanner, Malware Bytes scanner, etc. I am pretty sure that the only problems with this PC is it's age, and a few registry problems. This is a good test bed for Exploit Shield, will use it for a while and report back.....Java is enabled....can't get this system to work with Java disabled. Oh, by the way, I like Moontan's picture, it is from the album cover of King Crimson, some of you may be too young to remember that....
     
    Last edited by a moderator: Oct 3, 2012
  23. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Freebrowser edition. I have enabled SEHOP though. I have the directories of my mail (outlook 2007) and mediaplayer (VLC) denied execution through ACL (right click directory, security tab, add a deny "traverse folder/excute file for everyone), disabled visual basic for office (not installed) and Scripts (through GPO) and cross my fingers that Office2007 and VLC do not contain a lot of weak programming techniques. Office 2007 has had some service packs released, and VLC has had few exploits in the past, so it is an acceptable risk IMO.
     
  24. NormanF

    NormanF Registered Member

    Joined:
    Feb 20, 2009
    Posts:
    2,742
    If you run this - its a good enough hardening tool.

    You wouldn't need EMET or a sandbox.
     
  25. ZeroVulnLabs

    ZeroVulnLabs Developer (aka "pbust")

    Joined:
    Mar 5, 2012
    Posts:
    1,189
    Location:
    USA
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.