[WEB SECURITY] Backdoor scanners testing

MustLive mustlive at websecurity.com.ua
Mon May 27 14:22:11 EDT 2013

Hello participants of Mailing List.

In 2010 I wrote about testing of systems for searching viruses at web sites
and now I'd present my new research.

I want to tell you about my backdoor scanners testing. Last week I've
published the article with results of the testing. I was planning to made
this testing already in December, after I've released my Backdoored Web
Application (BWA) - a reference test of backdoors scanners
but made it only in May. In my article I examined different backdoor
scanners among plugins for WordPress.

After I released my BWA, I saw that all security guys and developers of
backdoor scanners "became actively testing" such scanners with BWA :-). So
to help you see utility of BWA, I've made my own testing. The topic of
backdoors is very actual now and it'll be useful for all users of Internet
to know about existent scanners.

I checked the next scanners:

1. WordPress Exploit Scanner (two versions).
2. Belavir.
3. AntiVirus for WordPress.
4. WordPress File Monitor.

The results of this research available in my article "Backdoor scanners
testing among plugins for WordPress"
(http://websecurity.com.ua/articles/test_backdoor_scanners/). With pros and
contras of every scanners (including information about using shortcomings of
the scanners to bypass them). The link to Google Translate is at every page
of my site, so it'll help you to make a brief look at the article.

Tell me what do you think about this subject and about my testing.

Best wishes & regards,
Eugene Dokukin aka MustLive
Administrator of Websecurity web site

More information about the websecurity mailing list