You're reading from Antivirus Bypass Techniques Learn practical techniques and tactics to combat, bypass, and evade antivirus software

Product type Paperback

Published in Jul 2021

Publisher Packt

ISBN-13 9781801079747

Length 242 pages

Edition 1st Edition

Concepts

Malware Analysis

Authors (2):

Uriel Kosayev

Nir Yehoshua

View More author details

Table of Contents (13) Chapters

Preface

1. Section 1: Know the Antivirus – the Basics Behind Your Security Solution

2. Chapter 1: Introduction to the Security Landscape FREE CHAPTER

3. Chapter 2: Before Research Begins

4. Chapter 3: Antivirus Research Approaches

5. Section 2: Bypass the Antivirus – Practical Techniques to Evade Antivirus Software

6. Chapter 4: Bypassing the Dynamic Engine

7. Chapter 5: Bypassing the Static Engine

8. Chapter 6: Other Antivirus Bypass Techniques

9. Section 3: Using Bypass Techniques in the Real World

10. Chapter 7: Antivirus Bypass Techniques in Red Team Operations

11. Chapter 8: Best Practices and Recommendations

12. Other Books You May Enjoy

Preface

This book was created based on 2 and a half years of researching different kinds of antivirus software.

Our goal was to actually understand and evaluate which, and how much, antivirus software provides good endpoint protection. We saw in our research a lot of interesting patterns and behaviors regarding antivirus software, how antivirus software is built, its inner workings, and its detection or lack of detection rates.

As human beings and creators, we create beautiful and smart things, with a lot of intelligence behind us, but as we already know, the fact – the hard fact – is that there is no such thing as perfect, and antivirus software is included in that. As we as humans develop, evolve, learn from our mistakes, try, fail, and eventually succeed with the ambition of achieving perfection, so we believe that antivirus software and other protection systems need to be designed in a way that they can adapt, learn, and evolve against ever-growing cyber threats.

This is why we created this book, where you will understand the importance of growing from self-learning, by accepting the truth that there is no 100-percent-bulletproof security solutions and the fact that there will always be something to humbly learn from, develop, and evolve in order to provide the best security solution, such as antivirus software.

By showing you how antivirus software can be bypassed, you can learn a lot about it, from it, and also make it better, whether it is by securing it at the code level against vulnerability-based bypasses or by writing better detections in order to prevent detection-based antivirus bypasses as much as possible.

While reading our book, you will see cases where we bypassed a lot of antivirus software, but in fact, this does not necessarily suggest that the bypassed antivirus software is not good, and we do not give any recommendations for any specific antivirus software in this book.