Make your video test requests!

Practical Response

Practical Response

Level 8
Mar 10, 2024
359
LoneWolf... said:
I'd like to see AppGuard Solo put through your tests.
Click to expand...

@Shadowra

The below LOLBins list has been around since 2004 although modified and added server .exe's. It has been posted here before I think back some years. Its extensive and used by many that add LOLBins blocking in their applications.

Appguard, is not a install and test at default application. Its not designed to be run at default settings. It is designed to be placed on the system, locked down with no interaction from the "average users" to protect them from themselves. As any products that allow users "choices" is redundant as the user can simply click to ignore the warning if they want to run something bad enough, no matter how severe the warning looks. Locking the system ensures this will not be the case. Using parental controls of Appguard making a Superuser will allow you to set it up so the normal users can not change settings. It is not an easy application to set up and administer, most users lack the knowledge of the application let alone the operating system to know what and how to block. This leaves many users that claim Appguard not effective not only mistakenly wrong but silly because you can be sure they do not know how to use it claiming so.

Testing, can not be done with just a folder of samples in user space, as you will bore the crowd with nothing but "DOH" it wont run. You have to be very creative to test Appguard with simulated attacks. Not to mention there is no "trial" version to test at this point.

Apologies ahead of time for formatting and items being cut off since the website here limits ways to address such lists.

Untitled document_Sheet1_1.jpg
Untitled document_Sheet1_2.jpg
Untitled document_Sheet1_3.jpg
Untitled document_Sheet1_4.jpg
Untitled document_Sheet1_5.jpg
Untitled document_Sheet1_6.jpg
 
  • Like
Reactions: roger_m, Shadowra, harlan4096 and 1 other person
L

LennyFox

Level 7
Jan 18, 2024
314
Practical Response said:
@Shadowra

The below LOLBins list has been around since 2004 although modified and added server .exe's. It has been posted here before I think back some years. Its extensive and used by many that add LOLBins blocking in their applications.

View attachment 282791View attachment 282792View attachment 282793View attachment 282794View attachment 282795View attachment 282796
Click to expand...
Practical response AKA Ultimate vision, always fun to see a Chrome and Linux fan showing his love for Microsoft (y):) we should all block the lolbin winword.exe (and excel and powerpoint and ...)
1713033614886.png
 
Shadowra

Shadowra

Level 34
Thread author
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,319
All comments are welcome, I read all your messages.

Concerning AppGuard, I have no experience of its use. I could test it, but it's an anti-exe.
Why not test it with other security software? :)

Nevertheless, I ask you to remain constructive and above all not to bicker in my requests, not because I ask for it, but it destroys the reading made by myself or the other members of this forum :/

As for the D+2 tests, this will come during May. Namely that I will be away for a few days at the beginning of May.

The next test will be Norton 360, it should be released on Wednesday or Thursday (this weekend, let me watch Coachella, already with the time difference I'm having a hard time xD )

Shadowra
 
  • Like
  • Applause
  • Hundred Points
Reactions: Gandalf_The_Grey, Oldie1950, roger_m and 3 others
Oldie1950

Oldie1950

Level 5
Verified
Well-known
Mar 30, 2022
231
  • Like
Reactions: LennyFox, roger_m and Shadowra
Practical Response

Practical Response

Level 8
Mar 10, 2024
359
LennyFox said:
Practical response AKA Ultimate vision, always fun to see a Chrome and Linux fan showing his love for Microsoft (y):) we should all block the lolbin winword.exe (and excel and powerpoint and ...)
View attachment 282800
Click to expand...
This is a list of Windows binaries that are known to have vulnerabilities "CVEs" or often targeted or used by attackers. Using this for a block list does not mean one has to block everything on it. Anyone that has to use winword should harden it period.
 
  • Like
  • Applause
Reactions: Shadowra and harlan4096
Shadowra

Shadowra

Level 34
Thread author
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,319
Oldie1950 said:
@Shadowra
I became aware of the Cegis Cyber security program through AV-LAB.
avlab.pl

Recent Results In January 2024 » AVLab Cybersecurity Foundation

Recent results of the Advanced In The Wild Malware Test, in which we regularly evaluate software to protect devices.
avlab.pl avlab.pl
The program is based on the whitelist approach, similar to CyberLock. I would be very interested in a test. Has anyone ever looked into this program?
Click to expand...

I don't think there's a link to download it on their site :/.
 
P

PALTO01

Level 1
Jul 7, 2021
23
Please test the latest free version of : Avast, AVG, Kaspersky, Comodo Beta, Ahn Lab V3 Lite, Bitdefender free edition, Zone Alarm free antivirus+firewall against huge number of latest malware samples & all kinds of malicious & phising links.

Also test the latest paid version of : McAfee Total security, ESET Smart Security, Bitdefender Total Security, QuickHeal Total security, Avast & AVG Premium Security & Kaspersky Premium Security against all huge number of latest malware samples & all kinds of malicious & phising links.
 
  • Wow
  • HaHa
  • Like
Reactions: Shadowra, Khushal, Jonny Quest and 1 other person
Practical Response

Practical Response

Level 8
Mar 10, 2024
359
PALTO01 said:
Please test the latest free version of : Avast, AVG, Kaspersky, Comodo Beta, Ahn Lab V3 Lite, Bitdefender free edition, Zone Alarm free antivirus+firewall against huge number of latest malware samples & all kinds of malicious & phising links.

Also test the latest paid version of : McAfee Total security, ESET Smart Security, Bitdefender Total Security, QuickHeal Total security, Avast & AVG Premium Security & Kaspersky Premium Security against all huge number of latest malware samples & all kinds of malicious & phising links.
Click to expand...
@Shadowra probably be just as easy to put them all on at the same time then run that pack, time saving at least 🤪
 
  • Like
  • Applause
Reactions: Khushal, Shadowra, Digmor Crusher and 1 other person
Jonny Quest

Jonny Quest

Level 17
Verified
Top Poster
Well-known
Mar 2, 2023
800
PALTO01 said:
Please test the latest free version of : Avast, AVG, Kaspersky, Comodo Beta, Ahn Lab V3 Lite, Bitdefender free edition, Zone Alarm free antivirus+firewall against huge number of latest malware samples & all kinds of malicious & phising links.

Also test the latest paid version of : McAfee Total security, ESET Smart Security, Bitdefender Total Security, QuickHeal Total security, Avast & AVG Premium Security & Kaspersky Premium Security against all huge number of latest malware samples & all kinds of malicious & phising links.
Click to expand...
Agree with @Digmor Crusher this would be a good place to start:
malwaretips.com

Video Reviews - Security and Privacy

Video reviews for security and privacy software.
malwaretips.com malwaretips.com
 
  • +Reputation
  • Like
Reactions: roger_m, Gandalf_The_Grey and Shadowra
Shadowra

Shadowra

Level 34
Thread author
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,319
PALTO01 said:
Please test the latest free version of : Avast, AVG, Kaspersky, Comodo Beta, Ahn Lab V3 Lite, Bitdefender free edition, Zone Alarm free antivirus+firewall against huge number of latest malware samples & all kinds of malicious & phising links.

Also test the latest paid version of : McAfee Total security, ESET Smart Security, Bitdefender Total Security, QuickHeal Total security, Avast & AVG Premium Security & Kaspersky Premium Security against all huge number of latest malware samples & all kinds of malicious & phising links.
Click to expand...

Most of the ones you mentioned have already been tested ;)
Then, I can do a few but with time (like AhnLab, ZA, QuickHeal, K7).
(there's no point in testing the same antivirus 20 times)
 
  • Like
Reactions: Behold Eck, roger_m, PALTO01 and 4 others
P

PALTO01

Level 1
Jul 7, 2021
23
Shadowra said:
Most of the ones you mentioned have already been tested ;)
Then, I can do a few but with time (like AhnLab, ZA, QuickHeal, K7).
(there's no point in testing the same antivirus 20 times)
Click to expand...
But testing the latest versions with fresh malware samples and fresh malicious links is important & makes more sense if i am not wrong.
 
Shadowra

Shadowra

Level 34
Thread author
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,319
PALTO01 said:
But testing the latest versions with fresh malware samples and fresh malicious links is important & makes more sense if i am not wrong.
Click to expand...

Yes, but I only test in case of new versions which can be important (engine improvement, new features, major new build etc).
Some of the antivirus programs you mention don't have this. Others, I'll do because it's been a long time.
(Except for Avast, which will have a re-test).
 
  • Like
  • Thanks
  • +Reputation
Reactions: Behold Eck, LennyFox, roger_m and 1 other person
Practical Response

Practical Response

Level 8
Mar 10, 2024
359
PALTO01 said:
But testing the latest versions with fresh malware samples and fresh malicious links is important & makes more sense if i am not wrong.
Click to expand...
Let me help you understand. Testing even at this level takes lots of time, resources and patience, especially for (and this here is a key word to understand) a "volunteer" to dedicate the time to making these videos. I mention this so as to not take away from his work with this next part.

That said, there is also the safety factor, which is why you do not see dedicated labs here providing true route of infection videos that would actually be more realistic and accurate as to a products abilities. If you could for example explain how the tester could execute a sample, let it openly establish connection with a command and control server yet contain it from infecting a network or a server, I'm all ears.

Yet without letting the samples do what they do naturally in the wild, the product can not do as "it's designed" and shine it's strengths and weaknesses properly. Hence making this testing inaccurate.

So enjoy the tests you do get from these volunteers and treat them with a grain of salt as the disclaimer states above. Understand it's not wise to base an opinion on the products abilities from these tests.although one does get a glimpse into the modules and workings of them.
 
  • Applause
  • +Reputation
  • Like
Reactions: Behold Eck, roger_m and Oldie1950

Similar threads

Shadowra
    • +Reputation
    • Like
    • Thanks
App Review Adlice RogueKiller Anti-Malware Pro 2024
Replies
9
Views
663
Video Reviews - Security and Privacy
vaccineboy
vaccineboy
struppigel
    • Applause
    • +Reputation
    • Like
Malware Analysis Video: C2 extractor for Turla's Kopiluwak using Binary Refinery
Replies
0
Views
326
Malware Analysis
struppigel
struppigel
Shadowra
    • Like
    • +Reputation
    • Thanks
App Review SpyShelter Premium
Replies
17
Views
2,099
Video Reviews - Security and Privacy
Sorrento
Sorrento

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top