AntiVirus software evasion: an evaluation of the AV Evasion tools
KeywordsPortable executable file ; AV evasion ; Encoding ; Decoding ; Code cave ; Encryptor ; Decryptor
This thesis focuses in the efficiency of the free given to the internet AV Evasion tools which have been developed for penetration testing. A selection of these tools has been made for the purpose of testing on how they can generate undetectable malwares against the most popular AV software products of the market. The selected AV Evasion tools for evaluation are used for patching malicious Windows Portable Executable files. A brief review is made for the most popular malware detection and evasion techniques and the selection criteria for the AV Evasion tools and for the AV Software products are presented. Additionally, it is described the lab test and the evaluation results are presented.