Your Anti-Virus Cannot Protect You… Ever

Presented at ToorCon San Diego 13 (2011), Oct. 9, 2011, 2:30 p.m. (20 minutes)

I have a methodology for bypassing all current anti-virus solutions. I don't submit to virus-total. I have bypassed every anti-virus I have come in contact with a similar methodology. This includes F-Secure(winner of last year's AV comparatives), Nod ESET32(a popular product), Avira(a popular free product), AVG(what I deem to be a pretty awful product), and others. I have possible proposed solutions and technical details on why a definitions based approach is a failure. I will elaborate more if required.


  • Andrew King
    Work: 7 Years in IT services(varied), 2 Years in security research as an independent consultant. Degrees: BS:IT Security - WGU, MS:ISA - WGU over 90% complete in terms of man-hours Certifications: G2700, CCNA, CCNA Security, CCIE R&S written MCITP Enterprise Admin, CEH, CHFI, EDRP(anticipated) Some CompTIA - not really worth mentioning Some CIW - not really worth mentioning Other: Prolific contributor to, I have code on exploit-db and packetstorm, I have an article pending with hakin9 magazine on this topic

Similar Presentations: