Palo Alto Networks Knowledgebase: How to Test WildFire with a Fake Malicious File

How to Test WildFire with a Fake Malicious File

11697
Created On 02/07/19 23:44 PM - Last Updated 02/07/19 23:45 PM
WildFire
Resolution

Details

During the deployment of WildFire or WF-500 customers may want to test the download of malicious files. Since WildFire does not forward files that are known or signed by a trusted file signer, Palo Alto Networks provides a mechanism to easily test this setup.

 

Palo Alto Networks randomly generates a test file and provides it at the following URL:

http://wildfire.paloaltonetworks.com/publicapi/test/pe

 

The purpose of this test file is strictly for testing file forwarding to the WildFire Cloud (public and private WF-500).  Note that there will be no signature created for these test PE files, therefore the test file will never be blocked as virus or wildifre-virus even if Antivirus Profile is configured for the policy.

 

owner: mdjeric



Attachments
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000CloTCAS&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Attachments
Choose Language