Bitcoin Forum
November 14, 2018, 10:10:59 AM *
News: Latest Bitcoin Core release: 0.17.0 [Torrent].
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Universal Exploit Scanner | Is there any demand?  (Read 499 times)
PremiumCodeX
Hero Member
*****
Offline Offline

Activity: 882
Merit: 508


Live, Clare!


View Profile WWW
December 18, 2016, 12:16:10 PM
 #1

Is there any out of the box file scanner around? Is there a demand on BCT of it?

By "out of the box file scanner" I mean a file scanner that searches not only if the file has a suspicious signature in it, but search the internet for the history of the file, looking up user opinions on the file from different sites, checks whether it appears in any article/blog related suspicious behavior and heuristically tries to determine whether it COULD be used for malicious purposes. Then the scanner would collect the information into an organized table.

▀▄▀▄▀▄   👻  𝒞♡𝒹𝑒𝒳  👻   ▄▀▄▀▄▀
1542190259
Hero Member
*
Offline Offline

Posts: 1542190259

View Profile Personal Message (Offline)

Ignore
1542190259
Reply with quote  #2

1542190259
Report to moderator
1542190259
Hero Member
*
Offline Offline

Posts: 1542190259

View Profile Personal Message (Offline)

Ignore
1542190259
Reply with quote  #2

1542190259
Report to moderator
1542190259
Hero Member
*
Offline Offline

Posts: 1542190259

View Profile Personal Message (Offline)

Ignore
1542190259
Reply with quote  #2

1542190259
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1542190259
Hero Member
*
Offline Offline

Posts: 1542190259

View Profile Personal Message (Offline)

Ignore
1542190259
Reply with quote  #2

1542190259
Report to moderator
1542190259
Hero Member
*
Offline Offline

Posts: 1542190259

View Profile Personal Message (Offline)

Ignore
1542190259
Reply with quote  #2

1542190259
Report to moderator
1542190259
Hero Member
*
Offline Offline

Posts: 1542190259

View Profile Personal Message (Offline)

Ignore
1542190259
Reply with quote  #2

1542190259
Report to moderator
Qartersa
Hero Member
*****
Offline Offline

Activity: 868
Merit: 535


View Profile
December 19, 2016, 12:59:53 PM
 #2

Is there any out of the box file scanner around? Is there a demand on BCT of it?

By "out of the box file scanner" I mean a file scanner that searches not only if the file has a suspicious signature in it, but search the internet for the history of the file, looking up user opinions on the file from different sites, checks whether it appears in any article/blog related suspicious behavior and heuristically tries to determine whether it COULD be used for malicious purposes. Then the scanner would collect the information into an organized table.

It could work. It's nice because we can trace scam events similar to how we do it here on the forums. Knowing if some user (or person in real life) has scammed somebody is a good info for anyone dealing with anyone. It's like a real world trust rating. However, I don't think it's possible yet. As there not much people who upload a signed document/contract. Probably in the future where almost all the documents will be electronic. That's my opinion in the matter.
TheButterZone
Legendary
*
Offline Offline

Activity: 2310
Merit: 1008


Pay with SegWit!


View Profile WWW
December 20, 2016, 08:55:28 PM
 #3

Sounds a lot like https://www.virustotal.com/

Saying that you don't trust someone because of their behavior is completely valid.
avatar_kiyoshi
Legendary
*
Offline Offline

Activity: 952
Merit: 1000


Campaign manager & Designer https://goo.gl/Ahh2r2


View Profile WWW
December 21, 2016, 02:30:31 PM
 #4

I think it will be good, especially nowadays to much site which place suspicious things on the site.
This app/project looks like virustotal but if you have plan to collect information features about the site/file which where is exist and there's no false scan features it will be awesome.
PremiumCodeX
Hero Member
*****
Offline Offline

Activity: 882
Merit: 508


Live, Clare!


View Profile WWW
December 21, 2016, 02:46:04 PM
 #5

I think it will be good, especially nowadays to much site which place suspicious things on the site.
This app/project looks like virustotal but if you have plan to collect information features about the site/file which where is exist and there's no false scan features it will be awesome.

Thank you for your responses! A major difference between VirusTotal and my project is that, VirusTotal tells if a file has malicious signature in it, but does not provide information if there is vulnerability in the software while my project will be able to search DBs for vulnerabilities and tell if a vulnerability of the software was released / being sold somewhere.

▀▄▀▄▀▄   👻  𝒞♡𝒹𝑒𝒳  👻   ▄▀▄▀▄▀
Joel_Jantsen
Legendary
*
Offline Offline

Activity: 1120
Merit: 1186


Hand over the Merit and no one will get hurt!


View Profile
December 21, 2016, 02:49:34 PM
 #6

Thank you for your responses! A major difference between VirusTotal and my project is that, VirusTotal tells if a file has malicious signature in it, but does not provide information if there is vulnerability in the software while my project will be able to search DBs for vulnerabilities and tell if a vulnerability of the software was released / being sold somewhere.
And what if you have no information about a particular file in the database ? Let's assume I put a malware inside a zip file and upload only at one of the file sharing sites and share it with one person.What does your project has to offer for the "link" scanned ?

.BitDice.               ▄▄███▄▄
           ▄▄██▀▀ ▄ ▀▀██▄▄
      ▄▄█ ▀▀  ▄▄█████▄▄  ▀▀ █▄▄
  ▄▄██▀▀     ▀▀ █████ ▀▀     ▀▀██▄▄
██▀▀ ▄▄██▀      ▀███▀      ▀██▄▄ ▀▀██
██  ████▄▄       ███       ▄▄████  ██
██  █▀▀████▄▄  ▄█████▄  ▄▄████▀▀█  ██
██  ▀     ▀▀▀███████████▀▀▀     ▀  ██
             ███████████
██  ▄     ▄▄▄███████████▄▄▄     ▄  ██
██  █▄▄████▀▀  ▀█████▀  ▀▀████▄▄█  ██
██  ████▀▀       ███       ▀▀████  ██
██▄▄ ▀▀██▄      ▄███▄      ▄██▀▀ ▄▄██
  ▀▀██▄▄     ▄▄ █████ ▄▄     ▄▄██▀▀
      ▀▀█ ▄▄  ▀▀█████▀▀  ▄▄ █▀▀
           ▀▀██▄▄ ▀ ▄▄██▀▀
               ▀▀███▀▀
        ▄▄███████▄▄
     ▄███████████████▄
    ████▀▀       ▀▀████
   ████▀           ▀████
   ████             ████
   ████ ▄▄▄▄▄▄▄▄▄▄▄ ████
▄█████████████████████████▄
██████████▀▀▀▀▀▀▀██████████
████                   ████
████                   ████
████                   ████
████                   ████
████                   ████
████▄                 ▄████
████████▄▄▄     ▄▄▄████████
  ▀▀▀█████████████████▀▀▀
        ▀▀▀█████▀▀▀
▄▄████████████████████████████████▄▄
██████████████████████████████████████
█████                            █████
█████                            █████
█████                            █████
█████                            █████
█████                     ▄▄▄▄▄▄▄▄▄▄
█████                   ▄█▀▀▀▀▀▀▀▀▀▀█▄
█████                   ██          ██
█████                   ██          ██
█████                   ██          ██
██████████████████▀▀███ ██          ██
 ████████████████▄  ▄██ ██          ██
   ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ ██          ██
             ██████████ ██          ██
           ▄███████████ ██████▀▀██████
          █████████████  ▀████▄▄████▀
[/]
PremiumCodeX
Hero Member
*****
Offline Offline

Activity: 882
Merit: 508


Live, Clare!


View Profile WWW
December 21, 2016, 03:25:32 PM
 #7

Thank you for your responses! A major difference between VirusTotal and my project is that, VirusTotal tells if a file has malicious signature in it, but does not provide information if there is vulnerability in the software while my project will be able to search DBs for vulnerabilities and tell if a vulnerability of the software was released / being sold somewhere.
And what if you have no information about a particular file in the database ? Let's assume I put a malware inside a zip file and upload only at one of the file sharing sites and share it with one person.What does your project has to offer for the "link" scanned ?

"So there is nothing new under the sun" said by the wise Ecclesiastes.

The answer is heuristical decision support with information about the past, current and probable trends. Even if the particular file isn't in any exploit DB, similar files usually occur with similar vulnerabilities. If the file is very similar to a vulnerable other file, it should be tested against the other file's vulnerabilities.

▀▄▀▄▀▄   👻  𝒞♡𝒹𝑒𝒳  👻   ▄▀▄▀▄▀
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!