IntroductionThe wicar.org website was designed to test the correct operation your anti-virus / anti-malware software.
The name "WICAR" is derived from the industry standard EICAR anti-virus test file, which is a non-dangerous file that all anti-virus products flag as a real virus and quarantine or act upon as such. By being able to execute a test virus program safely, the end user or network administrator can ensure that the anti-virus software is correctly operating (without utilising a real virus which may damage the system should the anti-virus software fail to function). Run the testsThe Test Malware! page contains widely abused browser exploits you may safely click on, to test your defences. Donations to assist with the operational and hosting costs are welcome.
Demonstration VideoThis is a demonstration video using an unpatched Windows 2003 Server SP2 installation to exploit Internet Explorer. In a corporate environment, a combination of firewalls, IDS/IPS, gateway proxies, inline web filters, anti-malware and desktop anti-virus should prevent access to malicious URLs.
|
How it worksWhen you visit a malicious website, a number of actions may occur:
Why?There is not a standardised URL to test your anti-malware solution. Some browsers offer test malware pages, however they are not universal. Each anti-virus vendor has different detection mechanisms and independent lists of known malware sites. The wicar.org website contains actual browser exploits, therefore, regardless of search engine, web browser, filtering appliance or desktop anti-virus product you use, it should be marked as malicious.
All malware is hosted at: http://malware.wicar.org/, which is the correct address that should be blocked by anti-malware solutions (not this site). Questions? Feedback? Share your results!If you have any questions regarding this website or the list of provided exploits, please contact us.
You should also check out our list of useful links and resources. |