You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 
davhojt 78016943b0
docs(cybersecurity): add warning to advise that projects are for educative purposes only
2 years ago
..
audit docs(evasion): restore hyperlink 2 years ago
README.md docs(cybersecurity): add warning to advise that projects are for educative purposes only 2 years ago

README.md

Evasion

Objective

The goal of this project is to understand the methods of hackers who bypass anti-viruses, so also to understand how antivirus works in a little more advanced way than mal-track.

Guidelines

You will need to develop a windows program
The windows program will have to give us the possibility to encrypt another program
Increase its size by 101mb
Add an increment of an int to 100001
Look at the time, do a sleep of 101 seconds, look at the time to check that 101 seconds has passed, if the 101 seconds have not elapsed, do not decrypt the binary and do not execute it

This project is carried out on a virtual machine (in your malware analysis lab). You are free to choose your virtual machine, it must be windows-based. (but in the audit you will use an official windows virtual machine!) You are free to choose the programming language for your program.

Advice

https://wikileaks.org/ciav7p1/cms/files/BypassAVDynamics.pdf
https://0x00sec.org/c/cryptology/

Submission and audit

Files that must be inside your repository:

  • Your program source code.
  • a README.md file, Which clearly explains how to use the program.

Don’t hesitate to double check the names of your folders and files to ensure they are correct!

These methods and tools are for educational purposes only, so that you have a better understanding of how to protect against similar vulnerabilities. You must ensure that you do not attempt any exploit-type activity without the explicit permission of the owner of the machine, system or application. Failure to obtain permission risks breaking the law.