New Update Sophos Tester v. 3.2.0.17 (Discontinued)

Kongo · Jan 30, 2022

I already shared a test tool like that from HitmanPro.Alert some months ago. This one can be used to test your AV's protection against Ransomware, credential theft and exploits. Not sure if it's working for Sophos products exclusively but I still wanted to share it for the ones interested. As I am using Sophos Home Premium at the moment I was able to get a few blocks. Here an example:

Memory exploit (Data Execution Prevention):

The test tool is more advanced than the HitmanPro.Alert test tool and is a little bit newer. Last version seems to be from 2019.

Download page: https://www.hasslinger.com/downloads/sophos/SophosTester-v3217.zip

Feel free to share your results!

Shadowra · Jan 30, 2022

Hello

With Kaspersky

CryptoLocker

Locky

Cerber

SamSam

harlan4096 · Jan 31, 2022

Of course You will get those results, since it is trusted in KSN with a legit digital signature:

tipo · Jan 31, 2022

same with norton.

harlan4096 said:
Of course You will get those results, since it is trusted in KSN with a legit digital signature:

View attachment 263895

Kongo · Jan 31, 2022

Microsoft Defender with ConfigureDefender at MAX settings could be quite interesting for this testing scenario for example:

Scenario:

ConfigureDefender ASR rules:

Anyone can try that?

goodjohnjr · Feb 1, 2022

SecureKongo said:
Microsoft Defender with ConfigureDefender at MAX settings could be quite interesting for this testing scenario for example:

Scenario:
View attachment 263922

ConfigureDefender ASR rules:
View attachment 263924

Anyone can try that?

Windows 11, Windows Security, ConfigureDefender set to High:

Credintial Theft LASS Screenshot 2022-02-01 024358.png

Kongo · Feb 1, 2022

goodjohnjr said:
Windows 11, Windows Security, ConfigureDefender set to High:

View attachment 263948

Thanks! I actually think that this specific test isn't even working properly. On Sophos I get the same result without any block from the AV. Either it's being blocked silently, or the test doesn't work.

RoboMan · Feb 1, 2022

Nice. Same results like everybody else with BitDefender, every "attack" succeeded. Seems to be treated as a "Trusted" vendor.

EDIT: Like, seriously, how can you release a "test your antivirus tool" and digitally sign it with a well-known certificate such as Sophos? Like... LOL, these results are to be expected

goodjohnjr · Feb 2, 2022

SecureKongo said:
Thanks! I actually think that this specific test isn't even working properly. On Sophos I get the same result without any block from the AV. Either it's being blocked silently, or the test doesn't work.

You are welcome, you might be right, I have no idea about any of this, unfortunately.

Kongo · Feb 2, 2022

RoboMan said:
Nice. Same results like everybody else with BitDefender, every "attack" succeeded. Seems to be treated as a "Trusted" vendor.

EDIT: Like, seriously, how can you release a "test your antivirus tool" and digitally sign it with a well-known certificate such as Sophos? Like... LOL, these results are to be expected

Better than for example Ransim Ransomware Simulator by KnowBe4 that already gets detected before you can even run a test.

Search

Search

New Update Sophos Tester v. 3.2.0.17 (Discontinued)

Kongo

Level 38

Shadowra

Level 40

harlan4096

Super Moderator

tipo

Level 8

Kongo

Level 38

goodjohnjr

Level 6

Kongo

Level 38

RoboMan

Level 38

goodjohnjr

Level 6

Kongo

Level 38

You may also like...