So I started network programming a few days ago, and I created a very simple trojan (Victims execute a client that create a connection to the hackers PC's and then Hackers can execute function of CMD by a simple system() command).
Basically my trojan works but I don't understand why my Anti-Virus doesn't detect it. I mean the only thing that possibly could have stopped my trojan is my firewall which detected an outgoing connection. So I don't understand why other trojans are detected but not this new one.
I can provide source code if needed, and I would like to emphasize that I do this only for educational purposes. I will never use any of this knowledge to attack anyone (Anyway I don't have enough skill), I just want to learn and understand :).
Avira :
AMES is using the Avira engine for virus detection. If the Avira engine is not able to detect a virus, then the most likely cause could be that this virus is brand new and cannot be detected yet. We would greatly appreciate if you submit the suspicious file to us so we can analyze it immediately. Our virus lab will subsequently send you a feedback. If we cannot detect the suspicious file as a virus, we will work on creating an update to make sure we detect the file in the future.
AVG :
Sometimes a new virus is not detected even if your AVG is fully up to date. This happens when a threat has just been written or released, or we’ve discovered it only very short time ago and are now working on an update that will recognize and contain the virus.
DELL (https://powermore.dell.com/technology/teaching-your-computer-to-detect-new-viruses/) :
Most antivirus programs use signatures — mathematically derived strings or regular expressions of malware code — to detect viruses. But that requires a lengthy process of finding malware in the wild, getting a sample, analyzing it, generating a signature and adding it to the repository that is pushed to users in anti-virus updates.
So it seems, like mentioned in the comments, that viruses are only detected when their signatures are recorded by the security software.
Here is a link on how you can use ClamAV to create your own signature : http://blog.adamsweet.org/?p=250