AV testing!

omidomi

omidomi

Level 71
Thread author
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Apr 5, 2014
6,001
I find a tool in Github whom Test your AV Vulnerability here:
BreakingMalware/AVulnerabilityChecker · GitHub
i want all member test it with their AVs to see which program is vulnerable and which one is no vulnerable, I test EIS its safe.
stay for your test :)
*These avs pass the test successfully:
Windows Defender
Avira AV Pro + Firefox = not vulnerable
Norton
Emsisoft
Kaspersky
Watchdog anti malware
Eset
Qihoo
Sophos
AVG
Bitdefender
Firefox + Webroot = Passed
Firefox + Avira Pro = Passed
Agnitium
Secure Alive
McAfee
Avira AV Pro + HitmanPro.Alert + Firefox
Avira AV Pro + HitmanPro.Alert + Chrome
*These avs failed in the test :
Chrome + Webroot = Failed
Avira AV Pro + Chrome
Chrome + Avira Pro
Baidu
Bitdefender Internet Security 2016
Trend Micro
Avast
Bullgaurd
 
Last edited:
  • Like
Reactions: AtlBo, JM Safe, bitbizket and 15 others
OokamiCreed

OokamiCreed

Level 18
Verified
Honorary Member
Top Poster
Well-known
May 8, 2015
881
Piteko21 said:
I can run this tool, safely and normaly, on my personal laptop without any virtualization software?
Click to expand...

Personally I've always run tools like this in a VM (which I already did). Mostly due to paranoia and I like to test tools like this with multiple AV and a VM is the best way to do that. I haven't seen this tool do anything negative to the system but then again, I didn't check the system beyond memory via task manager. Run it on your host at your own risk. I personally don't recommend it. VM is a nice controlled/sterile environment to run these test so nothing else gets in the way and alters tests.
 
  • Like
Reactions: Oxygen, LabZero, Hangtooth and 6 others
Rishi

Rishi

Level 19
Verified
Honorary Member
Top Poster
Well-known
Dec 3, 2015
938
It marks me as safe,and I ran it normally. I am not really sure if it's a good idea to run it in VMs(it checks for repetitive memory allocation addresses).But you can for safety. See GoogleProjectZeroBlog.Eset used to have a packer vulnerability, fixed earlier in July 2015 according to this,fixed within 2 days :).

2015_12_11_18_48_21_Untitled.jpg


Pale Moon is not detected by the exploit scanner(awesome), must use the big three. I had used IE 11.
 

Attachments

  • upload_2015-12-11_18-57-31.png
    upload_2015-12-11_18-57-31.png
    81.1 KB · Views: 434
Last edited:
  • Like
Reactions: frogboy, bitbizket, LabZero and 7 others
OokamiCreed

OokamiCreed

Level 18
Verified
Honorary Member
Top Poster
Well-known
May 8, 2015
881
Rishi said:
It's safe for me, and you can run it normally, I am not convinced it's a good idea to run it in VMs(it checks for repetitive memory allocation addresses. See GoogleProjectZeroBlog.Eset used to have a packer vulnerability, fixed earlier in July 2015 according to this,within 2 days :).

2015_12_11_18_48_21_Untitled.jpg


Pale Moon is not detected by the exploit scanner(awesome), must use the big three. I had used IE 11.
Click to expand...

The test works fine in a VM. I used an AV that was vulnerable (Webroot), and one that wasn't (Windows Defender). Ran the test multiple times to make sure I got the same result using both IE 11 and Google Chrome.
 
  • Like
Reactions: Hangtooth, Der.Reisende, kev216 and 2 others
Rishi

Rishi

Level 19
Verified
Honorary Member
Top Poster
Well-known
Dec 3, 2015
938
OokamiCreed said:
The test works fine in a VM. I used an AV that was vulnerable (Webroot), and one that wasn't (Windows Defender). Ran the test multiple times to make sure I got the same result using both IE 11 and Google Chrome.
Click to expand...
Could you try Kaspersky and SOPHOS as mentioned in that blog? Or any generous forum member blessed with a powerful VM and some spare time.
 
Last edited:
  • Like
Reactions: Der.Reisende, OokamiCreed, kev216 and 1 other person
jamescv7

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
Tested on VM with outdated IE 8 which turn out to be not vulnerable to exploitable constant RWX address, guess seems it should depends on the programs that can be alongside for that as mentioned where some AV's contains security risks.
 
  • Like
Reactions: Kent, Hangtooth, Sr. Normal and 5 others
harlan4096

harlan4096

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Apr 28, 2015
8,655
Rishi said:
Could you try Kaspersky and SOPHOS as mentioned in that blog? Or any generous forum member blessed with a powerful VM and some spare time.
Click to expand...
Taken from: Kaspersky Vulnerability Report 22th September:
Description

Kaspersky Lab has fixed vulnerability in Kaspersky Anti-Virus which allowed for allocation of RWX memory regions at predictable addresses. This vulnerability could have been exploited only if a 3rd party application contained vulnerability such as stack based buffer-overflow. CVSS score of this vulnerability is 1.9 (AV:L/AC:M/Au:N/C: p /I:N/A:N)
List of affected products
Kaspersky Anti-Virus 2015 MR2
Kaspersky Internet Security 2015 MR2
Fixed Versions
The fixes are included in the autoupdated patch for latest products versions that was released on 22 Sep. Please update latest products versions.
Acknowledgments
We would like to extend our thanks to enSilo company for reporting this vulnerability to Kaspersky Lab.
Click to expand...
 
  • Like
Reactions: Cats-4_Owners-2, Sr. Normal, Der.Reisende and 4 others
Hangtooth

Hangtooth

Level 5
Verified
Dec 5, 2015
202
Avira Free passed (followed instructions testing twice to be sure) with out of the box settings (just installed it last night). I made sure to turn Malwarebytes AntiExploit Free off as it is the only other real-time protection I am using atm.

Edit: Summary of my testing: AV testing! Message #44
 
Last edited:
  • Like
Reactions: OokamiCreed, omidomi, Sr. Normal and 2 others
You must log in or register to reply here.

Similar threads

Gandalf_The_Grey
    • Like
    • +Reputation
    • Thanks
AV-Comparatives Anti-Phishing Protection in AVs and Browsers – February 2023 - commissioned by Gen Digital
Replies
11
Views
1,405
Security Statistics and Reports
Trident
Trident
Andy Ful
    • Like
    • +Reputation
    • Thanks
The best Home AV protection 2021-2022
Replies
64
Views
7,033
Security Statistics and Reports
Andy Ful
Andy Ful
ShenguiTurmi
    • Like
    • +Reputation
    • Applause
Serious Discussion Turtle‘s Enhanced Realworld Tests ( updated )
Replies
82
Views
6,428
General Security Discussions
Xeno1234
Xeno1234

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top