Chapter 2: Before Research Begins

To get started researching antivirus software, we first have to take several preliminary steps to ensure that our research will be at the highest possible level and take the least possible time.

Unlike "regular" research, which security researchers and reverse engineers conduct on files, antivirus research is different in its ultimate goal. We must understand that antivirus software is in fact a number of files and components joined together, and most of these files and components are operated through a central process, which is usually the antivirus's GUI-based process.

In this chapter, you will understand how antivirus works in the Windows environment. Furthermore, you will learn how to gather antivirus research ...

Get Antivirus Bypass Techniques now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.