Hello, What I can see that ClamAV cannot always successfully detect reverse shell type of files (built using Metasploit msfvenom). And also, if the file is covered using a pseudo extension e.g. test.exe.txt
When I was comparing this on virustotal.com ClamAV seems to be missing quite a lot of them. Is there any reason why ClamAV doesn't do a more extensive search? Reverse shell or bind shell both are sensitive files and I was expecting ClamAV to be detecting them somehow. Could someone clarify? Also, if this is mentioned anywhere in the docs, I would be grateful if you please point me to that. Thanks,
_______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
