Sevenknight claiming to be better than voodooshield

Status
Not open for further replies.

CMLew

Level 23
Verified
Well-known
Oct 30, 2015
1,251
To give the benefit of doubt rather than trashing the person who "claimed" A is better than B or vice versa; Im just wondering if anyone have done a test comparison instead? Rather than just plain talk?
 

Peter2150

Level 7
Verified
Oct 24, 2015
280
Okay, I tested. Installed it in VM and ran some malware by it. So since it is an AE, and they say they are better then VS, how did it stack up against VS and ERP
First when you install you almost have kill any other security software. So much for layers.

When you throw an unknown at it it catches it an alerts. The simple catch is just a yeah or neah. Yes lets it run and No blocks it. Allowing malware at this point isn't good. But in the advanced options here is there "technology". Not only is there is a yes no option, but also an option called limited that allows you to safely try and run something. Turns out it's a sandbox. The output is written to a new folder in the users are a called Safe Folder. Everything that was encrypted there. But was it a sandbox comparable to Sandboxie NO!! First I saw no evidence it protected the system like SBIE does, and also if you have data on other drives, it was bye bye. So only C: was protected.

Now both ERP and VS will stop script attacks so I threw a script at this thing. Sailed right on throught. VS and ERP handled command lines, 7k didn't

This is a brief test, but it was enough for me to say NO THANK YOU.
 

danb

From VoodooShield
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,635
Thank you Pete for your insight.

BTW, it looks like VS was bypassed!!!!!!

Current state of malicious Powershell script blocking

Ooops. Nope, it wasn't. Another false alarm from the testing squad... so the squad's false alarm rate remains at 100%.

Here is why it is not a bypass...

The attacker must be able to automatically run the command prompt or macro... then it will be a bypass.

The problem is that VS is going to block the command prompt or the macro long before the attacker has a chance to run their command line.

Think of it this way... if the user opens a command prompt (which VS allows command prompts if the user launched it), and runs the format d: command, VS will not block that either.

If I am missing something, please let me know.

BTW, White Cipher is just a silly "alter-ego" I came up with in reaction to Black Cipher's youtube videos ;).

VoodooShield ?
 

mlnevese

Level 26
Verified
Top Poster
Well-known
May 3, 2015
1,531
Thank you Pete for your insight.

BTW, it looks like VS was bypassed!!!!!!

Current state of malicious Powershell script blocking

Ooops. Nope, it wasn't. Another false alarm from the testing squad... so the squad's false alarm rate remains at 100%.

Here is why it is not a bypass...

The attacker must be able to automatically run the command prompt or macro... then it will be a bypass.

The problem is that VS is going to block the command prompt or the macro long before the attacker has a chance to run their command line.

Think of it this way... if the user opens a command prompt (which VS allows command prompts if the user launched it), and runs the format d: command, VS will not block that either.

If I am missing something, please let me know.

BTW, White Cipher is just a silly "alter-ego" I came up with in reaction to Black Cipher's youtube videos ;).

VoodooShield ?

It's a shield. It should be able to protect the computer even if the user is shooting at it with a gun :)
 
  • Like
Reactions: HarborFront

Windows_Security

Level 24
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Mar 13, 2016
1,298
@danb: cool to come over here, I guess you missed me :D

By the way the marketing of Seventh Knight is called VoodooMarketing. VoodooMarketing is named after Voodoo Economics which was build on President Ronald Reagan's promise to cut tax and increase deregulation and the free market powers would restore the eonomy by themselves. Despite the negative annotation Reagan's supply side policies actually worked and the economy and employment recovered based on higher consumer trust and spendings (less tax) and business initiatives and investments (deregulation).

@Peter2150: The idea of VoodooMarketing is that consumers believe those bold big statements, you are not supposed to check them ;)

Seventh Knight said:
  • Built on a patented “whitelisting” engine originally designed for the U.S. Defense Department
Show me the US patent numbers (like VoodooShield has) and show me the US Army awards (like AppGuard has ), then show me the money (show that SeventhKnight blocks malware where VS and AG fail with tests we can reproduce/fact check)
 
Last edited:

Peter2150

Level 7
Verified
Oct 24, 2015
280
@danb: cool to come over here, I guess you missed me :D

By the way the marketing of Seventh Knight is called VoodooMarketing. VoodooMarketing is named after Voodoo Economics which was build on President Ronald Reagan's promise to cut tax and increase deregulation and the free market powers would restore the eonomy by themselves. Despite the negative annotation Reagan's supply side policies actually worked and the economy and employment recovered based on higher consumer trust and spendings (less tax) and business initiatives and investments (deregulation).

@Peter2150: The idea of VoodooMarketing is that consumers believe those bold big statements, you are not supposed to check them ;)

Don't hold your breath on something worth testing
 

Slerion

Level 5
Thread author
Verified
Well-known
Feb 24, 2016
238
Sadly no one reviewed that yet , atleast no one i know of :( and iam not experienced todo it else i would try
 

bunchuu

Level 8
Verified
Well-known
Mar 17, 2015
370
I really dont trust these seriously. it looks like snake oil and crap ware.

its a "security" Bundle thats pretty much a sandbox with whitelist and a game booster

they claim they are a "Generation" ahead of Voodooshield

Seventh Knight | PC Security™ Bundle

rxpf20dFRW_1gsLBFeYaUA.png

W0uwSdpkQm2rmwqrkz6hxQ.png
its called default deny by comodo and its block my newer office program like powerpoint and word. so sad.
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top