In this Underground video, Overide explains a major downfall of many Anti-Virus Software. Anti-Virus Software detects viruses by searching an executable program for specific signatures; signatures basically are a string of code that the Anti-Virus Software considers malicious. Overide describes how to locate this signature, and how to manipulate the executable’s assembly code so that the Anti-Virus Software does not flag the executable as a virus. In this video, Overide modifies the NetCat signature by changing NOP (No Operation) instructions to INT3 (software interrupt used by debuggers) instructions. For those of you that don’t know, Netcat is a networking utility which reads and writes data across network connections, using the TCP/IP protocol. Anti-Virus software flags NetCat as a virus because it can be used to open a backdoor on a computer. Download Here

NetCat

If you would like to submit a video to Infinity Exists Underground send an email describing your video to underground@infinityexists.com