This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP AW00T"

From OWASP
Jump to: navigation, search
Line 1: Line 1:
=Main=
+
[[Media:Bypassingantivirus.docx]]=Main=
 
The Project is under development .
 
The Project is under development .
 
<br />
 
<br />

Revision as of 08:47, 20 December 2012

Media:Bypassingantivirus.docx=Main= The Project is under development .
Initially the project was focused in displaying raw code and methodologies used in bypassing AV but the project is now going up a new level.
I have decided to develop a functional program that will bypass antivirus on the go with advanced polymorphic and Human like intelligence techniques.

WHITE2.jpg

DARK.jpg

Project About

PROJECT INFO
What does this OWASP project offer you?
RELEASE(S) INFO
What releases are available for this project?
what is this project?
Name: OWASP AW00T (home page)
Purpose: Its an implementation of binary stubs from basic to the polymorphic code that will show how viruses and malicious files get themselves undetected from the Antiviruses.

The generated stubs can be appended to any program and also a new approach of AV avoidance will be shown also special programs for hunting down the signatures and extracting them, and editing them for better use will be incorporated.

<b>The new approach now will show that any virus/malware being fetched to the program in encrypted format will be safely tested
with the installed AV or any other program catching malicious files which will in short fuzz the AV for typical scenarios and weak spots.
If the program fails to somehow attack the target AV it will then try to break up the file and look for exact part of code that is embedded in AV as signature and will then work on our second strategy of avoiding its bypass There will be two variants of program one for just experimentation and other one for real application in testing a machines security </b>

  • The second one named also named as AW00T but will be written in black words and the earlier variant will be written in white.
  • We will use a cloud based environment to check for possible kernel level exploits as after that we can get our programs running underneath the Application level and making it highly impossible for AV and Firewalls to monitor the data. The cloud will be used to share code and determine most probable attacks within less time and collecting attack scenarios and real time and generating our custom signatures and classifying them accordingly this will help us in keeping our program size as low as possible.
  • Antivirus nowadays comes with that protection too i also have a solution for that and will be discussed in our documented regarding the functional in our wiki page. Please check it soon
  • The next important thing comes for protecting our code when it is scanned by the AV in the memory itself while in execution
License: GNU GPL v2
who is working on this project?
Project Leader(s):
  • Nitin Arya @
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: Mailing List Archives
Project Roadmap: View
Key Contacts
  • Contact Nitin Arya @ to contribute to this project
  • Contact Nitin Arya @ to review or sponsor this project
current release
Not Yet Published
last reviewed release
Not Yet Reviewed


other releases