CrystalAEP - Anti-Exploit Protection Tool
CrystalAEP is designed to provide frontline protection against Internet-borne threats such as viruses and malware. Unlike the typical anti-virus program, Crystal does not attempt to recognise threats based on signatures, and does not require constant updating to protect against the latest threats. Crystal works instead by manipulating at-risk software while it runs to help form an environment which is hostile to Internet worms, malware and other types of malicious code.
Anti-virus software is generally designed to protect users from well known threats which have been analysed in a laboratory, and for which signatures have been released by the anti-virus company. This means that a typical anti-virus will not be particularly effective at blocking novel threats which have not been examined by the company's researchers, so no matter how fast the anti-virus company is in detecting the threat after it is discovered in the wild thousands of users will have already been successfully attacked by the time protective signatures are released.
As CrystalAEP does not require signatures to be effective, instead seeking to undermine the launch mechanisms employed by malicious code to install itself on a user's system, Crystal can be effective against the most novel threats right from day one.
Anti-virus software is generally designed to protect users from well known threats which have been analysed in a laboratory, and for which signatures have been released by the anti-virus company. This means that a typical anti-virus will not be particularly effective at blocking novel threats which have not been examined by the company's researchers, so no matter how fast the anti-virus company is in detecting the threat after it is discovered in the wild thousands of users will have already been successfully attacked by the time protective signatures are released.
As CrystalAEP does not require signatures to be effective, instead seeking to undermine the launch mechanisms employed by malicious code to install itself on a user's system, Crystal can be effective against the most novel threats right from day one.
The idea behind CrystalAEP was first conceived by the author in late 2006 at the time that the infamous Windows Metafile exploit was being exploited all over the Internet. The Metafile exploit leveraged a flaw in the way that Windows handled certain types of images which provided malware developers with a means of running their malicious software on an unwitting user's system. The Metafile flaw was at the time being used to install malware, spyware and adware.
Crystal Anti Exploitation Protection Tool |
CrystalAEP does not verify downloaded files or email attachments against a list of recognised viruses. Instead Crystal scuppers the ability of drive-by download attacks to succeed. It does this by altering the behaviour of the most at risk software programs (such as the email client and the web browser) to introduce checks at key points at which malicious software can be installed or observed in the first stages of execution, and preventing it preemptively from succeeding.
Crystal is freeware for personal and business use. The software creates a minimal install footprint and can be removed at any time with ease.
Note: If you want to learn more about Linux and Windows based Penetration testing, you might want to subscribe our RSS feed and Email Subscription or become our Facebook fan! You will get all the latest updates at both the places.