Presented at
ToorCon San Diego 13 (2011),
Oct. 9, 2011, 2:30 p.m.
(20 minutes)
I have a methodology for bypassing all current anti-virus solutions. I don't submit to virus-total. I have bypassed every anti-virus I have come in contact with a similar methodology. This includes F-Secure(winner of last year's AV comparatives), Nod ESET32(a popular product), Avira(a popular free product), AVG(what I deem to be a pretty awful product), and others. I have possible proposed solutions and technical details on why a definitions based approach is a failure. I will elaborate more if required.
Presenters:
-
Andrew King
Work: 7 Years in IT services(varied), 2 Years in security research as an independent consultant.
Degrees: BS:IT Security - WGU, MS:ISA - WGU over 90% complete in terms of man-hours
Certifications: G2700, CCNA, CCNA Security, CCIE R&S written
MCITP Enterprise Admin, CEH, CHFI, EDRP(anticipated)
Some CompTIA - not really worth mentioning
Some CIW - not really worth mentioning
Other: Prolific contributor to securitytube.net, I have code on exploit-db and packetstorm, I have an article pending with hakin9 magazine on this topic
Similar Presentations: