The
Metasploit is one of the best tools out there for penetration testing and generating exploits with payloads. It is an excellent framework to run field tests and quality checks for the anti-malware software capabilities in both manual and automated modes. Here is a nice
quick reference guide to the Metasploit covering main features and commands. For our core technology - malicious content detection engine, it is critical that each of the engine modules (especially the heuristic and behavior-based components) work together correctly while investigating and weighing the bits of code. Such sophisticated and self-learning engine requires regular testing on various samples to ensure both performance and regression aspects are covered. In addition to the millions of URLs scanned for malware through our publicly free
Online Website Malware Scanner, the engine is continuously undergoing harness and functional tests on arbitrary generated new malware samples of various kinds. This post is just a small glance at specific (legacy) regression test cases picked from the quality assurance process we employ at Quttera labs.