EC Council compiles massive Frankenstein malware encyclopedia

EC Council compiles massive Frankenstein malware encyclopedia

Attack code and exploits available as ethical hacking resource

Article comments

A new crimeware registry including more than 4,000 entries has been compiled for use by students of the EC Council, a private firm that performs ethical hacker training.

Called Frankenstein, the encyclopedia of attack code is designed so students and penetration testers can actually download and use the attacks, giving them a perspective on how attackers think but also to measure whether networks are vulnerable, says Jay Bavisi, president of the council.

The cost of using the attack code varies depending on whether it's been produced by commercial enterprises that might license it, he says. If it's open source or an underground tool, authorised users of Frankenstein can use it for free. So far, it's only available to students enrolled in EC Council's ethical hacker certification programme.

The registry would be a treasure trove for criminals looking for network attack tools, but it is kept under strict scrutiny, Bavisi says. Only ethical hacker students and professional penetration testers have access, and that is monitored, he says.

Plus, anyone with authorised use has to sign away their data protection act rights, allowing law enforcement agencies to see logs of their activity in the registry should those agencies want to investigate a user.

Besides, the code is available via underground chat rooms and marketplaces online. "They could just go to Google," Bavisi says. "It's not as if it's not available on the Internet."

Share:

Comments

Advertisement
Send to a friend

Email this article to a friend or colleague:


PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.


We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

ComputerworldUK Knowledge Vault

ComputerworldUK
Share
x
Open
* *