December 15, 2014

Today we would like to share a useful resource page with you. If you have a file which you may suspect to be malicious, you can upload it there and it will run checks against the most common AV engines. We use that website too, in order to check encoded client side exploits before sending them in Social Engineering audits. Unfortunately it’s really easy to bypass common AV engines when creating malicious Payloads. The bad guys unfortunately know this too.

So which AV program is the best or in other words the hardest to get around? In our experience, the best AV engine to detect even most encoded malware is Kaspersky.

So if you receive a malicious payload, download it to a standalone sandbox (like VMware) and then upload it to Virus Total to check against common AV engines.