... or you can try one crypt/packer ($$$) called Morphine - http://hxdef.czweb.org/ Assuming your company is going to support an exclusive antidetection tool like that
2005/12/13, Michael Tewner <[EMAIL PROTECTED]>: > Check The Art of Computer Virus Research and Defense (Paperback) > by Peter Szor. It is one of the foremost books in Virus detection, etc, > and I found it to be a valuable read... > > Examples are in C code, and there's a lot of memory dumping, etc. Check > slashdot's review if you want. > > Jeroen wrote: > > For penetration testing on Wintel system, I often use netcat.exe and stuff > > like pwdump. More and more I need to disable anti-virus services before > > running the tools to avoid alarms and auto-deletion of the applications. It > > works but it isn't an ideal situation since theoretically a network can be > > infected while the AV-services are down. Recompiling tools is an option > > since the source of many tools I use is available. The question is (before I > > burn useless CPU cycles): can someone help me getting info about the inside > > of AV engines? Will addition of some rubbish to the code do the trick (-> > > other checksum), do I need to change some core code or is it a mission > > impossible anyway? Who can help for example getting some useful research > > papers on the subject of detecting viruses and how to bypass mechanisms > > used? Any help will be appreciated. > > > > > > Greets, > > > > Jeroen > > > > > > _______________________________________________ > > Full-Disclosure - We believe in it. > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > Hosted and sponsored by Secunia - http://secunia.com/ > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -- ---------------------------------------------- "O caminho do homem de bem é cercado de todos os lados pelas iniqüidades do egoísmo e tirania dos homens maus. Abençoados os que, em nome da caridade e boa vontade, conduzem os fracos pelo vale das sombras, pois ele é o guardião de seu irmão e o que encontra os filhos perdidos. E eu vou atacar com vingança e fúria os que tentarem envenenar e destruir meus irmãos. E quando minha vingança se abater sobre eles, saberão que eu sou o Senhor." (Ezequiel, 25, 17) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
