Some sophisticated AV detect process behaviour for suspicious activity. I had experienced this once with kaspersky, where the executed trojan process was suspected to have a keylogger activity

As per my knowledge, AVs save signatures of viruses to identify them. The keylogger have written was never reported to any AV org and hence no signature has been created.

Sir would you please tell me what scripting knowledge and what addon OS files are required to write our own malware. Is the C header file "window.h" helpful?

Well there are loads of AVs that not only alert you of some threats but also provide online security. Securing your computer/OS to some extent(No machine is completely secure, never) is easy but what about the OS that is installed on our brain? The biggest vulnerability of the Human OS (HOS) is "trust". So we can define Social Engg as "The clever manipulation of the natural human tendency to trust".

Well the biggest questions over here are:
1) Though AVs, firewalls and IDSs keep the networks perimetere secure, how can we train the HOS to identify any mischief?

2) People who are naive to the internet will never know that they are becoming a victim of a phishing attack. Even after warning the population to check the URL, the SSL favicon, the padlock symbol to ensure the authencity of a websit, how many bother to check that?

3) Techniques like email spoofing add to the nuisance. Who bothers to check the headers of an email to verify the origin if the message?

4) Can there never be a security solution to Social Engg?

I as a script-kiddie had launched quite a few phishing attacks. But being a White Hat I only grabbed email a/cs, no bank accs. Though I never misused them, but merely accessing those accounts gave enormous information about that person including bank & credit card details.

Will we ever have a solution??

j0hnn3k4r
http://techkranti.blogspot.com

This can help!!!

http://blog.metasploit.com/2009/03/capturing-logon-credentials-with.html

Hey take a view at this blog. It highlights the usage of some of the above mentioned tools..

http://techkranti.blogspot.com

Thanks a lot for the links.. i'll surely look upon to you as a mentor...

Thank you sir!!! Can you please provide a good link explaining how to use hex editors.. I have had a tough time using them..

We have posted this article on our blog...

http://techkranti.blogspot.com/2010/02/make-trojan-fully-undetectable-fud.html

You can also view the video at

youtube.com/techkranti

Some readers have claimed that this trick does not work once original file is deleted.. Though we have not yet tested it, we need your opinions

hey, first you'll have turn ssl dissection on. Does your ettercap window say valid redir command need for ssl dissection. Browse to the file /etc/etter.conf..
Get it into editing mode and find iptables.. There are two lines of code below iptables, uncomment those lines.. i.e. remove the '#' from front of those lines.
Your edited code should look like this as in the image below. Save and exit.