Virus Total Public API will make my live much easier . Look previous post about it http://spookerlabs.blogspot.com/2010/08/virus-total-public-api.html .
Some results really surprised me . Take a look and do your all conclusions .
Best AntiVirus to detect SET Malicious PDF (higher is better):
7 "Sophos"
7 "Microsoft"
7 "GData"
7 "F-Secure"
7 "F-Prot"
7 "ClamAV"
7 "BitDefender"
7 "Avast5"
7 "Avast"
6 "Sunbelt"
6 "nProtect"
6 "McAfee-GW-Edition"
6 "eTrust-Vet"
5 "Symantec"
5 "PCTools"
4 "eSafe"
3 "NOD32"
3 "Kaspersky"
3 "Ikarus"
3 "Emsisoft"
3 "Antiy-AVL"
2 "McAfee"
1 "VBA32"
1 "Panda"
1 "AVG"
1 "Authentium"
1 "AntiVir"
1 "AhnLab-V3"
Missed PDF detection for SET malicious PDF's (higher is worst) :
7 "VirusBuster"
7 "ViRobot"
7 "TrendMicro-HouseCall"
7 "TrendMicro"
7 "TheHacker"
7 "SUPERAntiSpyware"
7 "Rising"
7 "Prevx"
7 "Norman"
7 "Jiangmin"
7 "Fortinet"
7 "DrWeb"
7 "Comodo"
7 "CAT-QuickHeal"
6 "VBA32"
6 "Panda"
6 "AVG"
6 "Authentium"
6 "AntiVir"
6 "AhnLab-V3"
5 "McAfee"
4 "NOD32"
4 "Kaspersky"
4 "Ikarus"
4 "Emsisoft"
4 "Antiy-AVL"
3 "eSafe"
2 "Symantec"
2 "PCTools"
1 "Sunbelt"
1 "nProtect"
1 "McAfee-GW-Edition"
1 "eTrust-Vet"
As we can see lot of AntiVirus missed all PDF from SET what is a big problem for companies . Some AntiVirus have some methods that VirusTotal doesn't emulate and possible those methods could detect them .
I'll do a big analysis against all my pdf's and share the results .
Happy Hacking!
Rodrigo "Sp0oKeR" Montoro
Um comentário:
Ótimo script, estou no aguardo, pra realizar uns testes, já!
Postar um comentário