API tools faq
paste
senthilnasa

SECTION 12

senthilnasa
Nov 28th, 2018
129
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.01 KB | None | 0 0
raw download clone embed print report
  1. SECTION 12
  2. Anti-Malware :
  3. ================
  4. The softwares which are made to detect the malwares and preventing them from destroying the system.
  5. Like : anti-virus or Web security
  6.  
  7. How the Anti-malware programs work:
  8. ------------------------------------
  9. They basically work on the basis of signatures and definitions .Every application created has its own signature so these anti malwares have a database of signatures(of trojans).So when they find a signature of application in the database they consider it to be a virus or trojan and simply remove it or ask for actions to implemented ...
  10.  
  11. https://www.youtube.com/watch?v=bTU1jbVXlmM
  12.  
  13. what are Signatures in antivirus?
  14. -->A unique string of bits, or the binary pattern, of a virus.
  15. --> The virus signature is like a fingerprint in that it can be used to detect and identify specific viruses. Anti-virus software uses the virus signature to scan for the presence of malicious code.
  16.  
  17. How to evade these Anti-Malware:
  18. ---------------------------------
  19. To evade these anti malware we require softwares that are termed as binder and cryptors which help in modifying the signature making a new signature which is not present in thier database. So basically our target is to make a trojan or virus FUD( Fully UnDetectable).
  20.  
  21. what are signatures?
  22. unique string of bits, or the binary pattern, of a virus. The virus signature is like a fingerprint in that it can be used to detect and identify specific viruses. Anti-virus software uses the virus signature to scan for the presence of malicious code
  23.  
  24. Cryptors are those applications which helps as a extra coating layer to an application providing there own self generated "Signatures".
  25.  
  26. Binders are those application which bind the malware with any other file (that file which seems usefull to user but trojan is binded with it and will run in stealth mode).
  27.  
  28. Some of these cryptors are : CHrome Crypter, Urge Crypter
  29.  
  30.  
  31. BOTNETS : roBOT in a NETwork
  32. These are the devices that are effected by the trojans or virus which can be controlled by a single attacker and can be used for several attacks like DDOS...
  33.  
  34. ROOTKITS : Rootkits are those Malicious Applications or Codes which are installed in the Boot option such as BIOS and start executing on every startup.
  35.  
  36.  
  37. Netstat:
  38. -------
  39. -->netstat (network statistics) is a command line tool for monitoring network connections both incoming and outgoing .
  40. --> netstat is available on all Unix-like Operating Systems and also available on Windows OS as well. It is very useful in terms of network troubleshooting and performance measurement.
  41. -->netstat is one of the most basic network service debugging tools, telling you what ports are open and whether any programs are listening on ports.
  42.  
  43.  
  44. CMD > $ netstat -ona
  45. (This will show all the Sockets : IP+Port Connections with their Stats of that particular machine)
  46. = o stands for ports
  47. = n stands for network IPs
  48. = a stands for all connections and ports
  49.  
  50.  
  51. https://lucideustech.blogspot.com/2018/02/tracing-and-terminating-reverse.html
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!