[Owasp-ireland] Xenotix XSS Exploitation Framework flagged as malware

David Rook david.rook at realexpayments.com
Mon Sep 10 15:11:29 UTC 2012


My guess would be the payloads such as the key logger are triggering AV 
signatures.

I've had similar happen to me before where a presentation I gave was 
setting off AV alerts because I had included malicious javascript in one 
of the slides.

On 10/09/2012 16:05, Eoin Hinchy wrote:
> Hi folks,
>
> Just wondering if anyone knows why the Xenotix XSS Exploitation 
> Framework looks so horrible in VirusTotal:
> https://www.virustotal.com/file/e546b20d1d3716a6e438a76c7de923361cb875e5316e12db24c48c230378d11c/analysis/
>
> Thanks a bunch,
> Eoin
>
>
> _______________________________________________
> Owasp-ireland mailing list
> Owasp-ireland at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-ireland

-- 
David Rook
Application Security Lead
Product Management
Realex Payments
Enabling thousands of businesses to sell online.

Connect with us:
http://www.twitter.com/securityninja
http://www.twitter.com/realexpayments
http://www.facebook.com/realexpayments
http://www.linkedin.com/company/realex-payments
http://www.youtube.com/realexpayments

Realex Payments Dublin:
t: +353 (0)1 2808559 | f: +353 (0)1 2808538  | http://www.realexpayments.com

Realex Payments London:
t: +44 (0)20 3178 5370 | f: +44 (0)20 7691 7264  | http://www.realexpayments.co.uk

Realex Payments Paris:
t: +33 (0)1 70 38 51 37  | f: +33 (0)1 70 38 51 51 | http://www.realexpayments.fr

Pay and Shop Limited, trading as Realex Payments has its registered office at The Observatory 7-11 Sir John Rogerson's Quay Dublin 2, Co. Dublin, Ireland and is registered in Ireland, company number 324929. This mail and any documents attached are classified as confidential and are intended for use by the addressee(s) only unless otherwise indicated. If you are not an intended recipient of this email, you must not use, disclose, copy, distribute or retain this message or any part of it. If you have received this email in error, please notify us immediately and delete all copies of this email from your computer system(s).

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-ireland/attachments/20120910/53b19a52/attachment.html>


More information about the Owasp-ireland mailing list