Good Source For Non-Malicious Malware (Used For Practice/Testing)

egrizzlyegrizzly B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+Member Posts: 367 ■■■■□□□□□□
edited January 24 in Pentesting
Hello all,

We just deployed a new group of devices (Firewall, IDS/IPS, and SIEM) tool in our environment.  In order to help the process of testing out all the rules is their a safe reputable place where one can get affordable non-malicious malware with harmless payloads that we can use to test out the functionality of our new IPS/IDS, Firewall, and SIEM?

The plan is basically to introduce these fake malware into the network.  Since you know precisely what the malware will we can check the firewall, IDS/IPS on our network to make sure it's blocking the malware and generating expected logs.

Please pardon my asking too much I've searched google tirelessly and quite overwhelmed at initial results as I'm not in the "pen testing" team at work.

Comments

  • Mike7Mike7 Member Posts: 1,076 ■■■■□□□□□□
    Transfer EICAR malware test file though your network. Can be file download, or upload or  email attachment.

    Run VA scans on your servers. The scans should be  picked up by your IPS. 
Sign In or Register to comment.