cf7/ittavern.com
1
0
Fork 0
Code Issues 2 Pull requests Projects Releases Packages Wiki Activity Actions
ittavern.com/items/2022-12-10_long_eicar-test-file-riskless-method-to-test-your-antivirus-and-firewall-solution.md
CaffeineFueled 3484b45045
init - PoC
2025-10-27 20:12:00 +01:00

34 lines
2.8 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# EICAR test file - riskless method to test your antivirus and firewall solution
Disclaimer: There are more meaningful, and more advanced solutions to test your security solutions, but for a quick, simple, and riskless test, the upcoming test files are more than enough.
## EICAR test file
The most common test file to test said solutions is the [EICAR Anti-Virus Test File](https://en.wikipedia.org/wiki/EICAR_test_file). The European Institute for Computer Antivirus Research (EICAR) and Computer Antivirus Research Organization (CARO) developed the test file, and is in the end a simple text file with a plain string of ASCII characters.
`X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*`
Most solutions will prevent you from downloading it or put it into quarantine, since it will be treated as a threat. That said, some providers - for example Malwarebytes [[1]](https://forums.malwarebytes.com/topic/9994-malwarebytes-cant-detect-eicar-test-virus/)[[2]](https://forums.malwarebytes.com/topic/191650-malwarebytes-3-frequently-asked-questions/?do=findComment&comment=1077438) - refused to add fake malware / test files to their database since they don't see any benefits.
More information and the download link can be found [here](https://www.eicar.org/download-anti-malware-testfile/).
Some additional information about the EICAR test file:
* [Anatomy of the EICAR Antivirus Test File](https://blog.nintechnet.com/anatomy-of-the-eicar-antivirus-test-file/)
* [EICARs TEST FILE HISTORY](https://web.archive.org/web/20151216140407/https://www.eicar.org/files/01_-_eicar_test_file_history.pdf)
* [The Use and Misuse of Test Files in Anti-Malware Testing](https://www.amtso.org/wp-content/uploads/2018/05/AMTSO-Use-and-Misuse-of-Test-Files-in-Anti-Malware-Testing-FINAL.pdf)
#### Vendor specific test files
Various vendors have specific test files for their solutions, but I am not too familiar with them.
* [Broadcom SOCAR cloud test file](https://knowledge.broadcom.com/external/article?legacyId=TECH216647)
* [Cisco AMP test file](https://docs.umbrella.com/umbrella-user-guide/docs/test-file-analysis)
* [FireEye test files](https://community.fireeye.dev/t/testing-sample-files/33)
* [McAfee](https://www.mcafee.com/support/?locale=en-US&articleId=TS101121&page=shell&shell=article-view)
* [Palo Alto Networks test file](https://docs.paloaltonetworks.com/wildfire/9-1/wildfire-admin/submit-files-for-wildfire-analysis/verify-wildfire-submissions/test-a-sample-malware-file) + [Additional Malware Test Files](https://docs.paloaltonetworks.com/wildfire/u-v/wildfire-whats-new/latest-wildfire-cloud-features/additional-malware-test-files)
* [Panda cloud test file](https://www.pandasecurity.com/en/support/card?Id=40066)
Just use your favorite search engine to look for <name of your solution> + 'test file'. For more advanced tests, reach out to the vendor of choice.
---
Reference in a new issue View git blame Copy permalink