Your computer might have a chink in it's armor. A weakness or hole in its defenses, an unforseen path through which entry can be gained, a vulnerability in your operating system (windows) or a program running on it .
How do you increase the effectiveness of your computer security and block a malicious program or script from taking advantage of these weaknesses? You do so by adding a protective layer that addresses this problem. You add anti-exploit software. Your anti-virus actively protects your system, but you can supplement it with passive protection which makes penetrating it a lot harder. Here’s a list, and quick description, of some of the anti-exploit products available for free. Also, make sure your system and software is up-to-date: this plugs most vulnerabilities.
How do you increase the effectiveness of your computer security and block a malicious program or script from taking advantage of these weaknesses? You do so by adding a protective layer that addresses this problem. You add anti-exploit software. Your anti-virus actively protects your system, but you can supplement it with passive protection which makes penetrating it a lot harder. Here’s a list, and quick description, of some of the anti-exploit products available for free. Also, make sure your system and software is up-to-date: this plugs most vulnerabilities.
Enhanced Mitigation Experience Toolkit (EMET) - Microsoft
“EMET helps protect against new and undiscovered threats even before they are formally addressed through security updates or antimalware software. EMET includes 14 security mitigations that complement other defense in-depth security measures, such as Windows Defender and antivirus software.”
EMET Security Mitigations
|
Included
|
Attack Surface Reduction (ASR) Mitigation
|
Yes
|
Export Address Table Filtering (EAF+) Security Mitigation
| Yes
|
Data Execution Prevention (DEP) Security Mitigation
|
Yes
|
Structured Execution Handling Overwrite Protection (SEHOP) Security Mitigation
|
Yes
|
NullPage Security Mitigation
|
Yes
|
Heapspray Allocation Security Mitigation
|
Yes
|
Export Address Table Filtering (EAF) Security Mitigation
|
Yes
|
Mandatory Address Space Layout Randomization (ASLR) Security Mitigation
|
Yes
|
Bottom Up ASLR Security Mitigation
|
Yes
|
Load Library Check – Return Oriented Programming (ROP) Security Mitigation
|
Yes
|
Memory Protection Check – Return Oriented Programming (ROP) Security Mitigation
|
Yes
|
Caller Checks – Return Oriented Programming (ROP) Security Mitigation*
|
Yes
|
Simulate Execution Flow – Return Oriented Programming (ROP) Security Mitigation*
|
Yes
|
Stack Pivot – Return Oriented Programming (ROP) Security Mitigation
|
Yes
|
Malwarebytes Anti-Exploit
https://www.malwarebytes.org/antiexploit/
“Popular software programs contain millions of lines of code. Bad guys exploit flaws (vulnerabilities) in the code to deliver malware. Except when they can't. Malwarebytes Anti-Exploit wraps four layers of security around popular browsers, preventing exploits from compromising vulnerable code. Not an antivirus, but compatible with most antivirus, Malwarebytes Anti-Exploit is a small, specialized shield designed to protect you against one of the most dangerous forms of malware attacks. And it's free.”
“Popular software programs contain millions of lines of code. Bad guys exploit flaws (vulnerabilities) in the code to deliver malware. Except when they can't. Malwarebytes Anti-Exploit wraps four layers of security around popular browsers, preventing exploits from compromising vulnerable code. Not an antivirus, but compatible with most antivirus, Malwarebytes Anti-Exploit is a small, specialized shield designed to protect you against one of the most dangerous forms of malware attacks. And it's free.”
Alert's CryptoGuard – by HitmanPro
"HitmanPro-Alert's CryptoGuard technology does not try to detect the malware based on its static properties, but it detects crypto-ransomware based on its file system behavior. If suspicious behavior is detected, it is then blocked (the encryption of the files) and the malware is neutralized, without the need for any user intervention."
Note: Appears to only protect against “ransomware”, and not other exploits. Though, ransomware is particularly troubling, so if it troubles you ...
Antibody Anti-Exploit
“AntiExploit' scans for well known exploit files. It currently recognizes over 1700 suspicious files, and the database is updated weekly. It is not meant to be a IDS or high-profile security-application, but rather an extension to other security checks. 'aexpl' was developed for a freeshell-server to track script-kiddies.” (source: https://directory.fsf.org/wiki/AntiExploit)
This product appears to be Dead??? But perhaps it is not and still has relevance (even if only for older systems). I would personally stay clear and use proven products.
ROBLOX Anti-Exploit
Dedicated site protection for Roblox enthusiasts. Oh, Roblox is an online game:)“ROBLOX Anti-Exploit is dedicated to stopping exploiters from attacking ROBLOX Games. It works by utilizing HttpService - the script communicates with our webservers. We have a actively growing database of exploiters that cannot enter games with RAE.”
Also for your consideration
AVG Linkscanner
“Linkscanner was bought from Exploit prevention labs by AVG. Exploit Labs tried to fingerprint exploits, with the obvious rational that the same exploit kits are used over and over again”.
Although Linkscanner is an active protection, and not a passive one, it is included here because of its origins as an anti-exploit. Plus, it is very effective and nice to have additional mechanisms to secure yourself.
Download:
NoScript
“Firefox extension provides extra protection for Firefox, Seamonkey and other mozilla-based browsers.
NoScript also provides the most powerful anti-XSS and Clickjacking protection ever available in a browser.
NoScript's unique whitelist based pre-emptive script blocking approach prevents exploitation of security vulnerabilities (known and even not known yet!) with no loss of functionality...”
And no, Chrome's script blocking extensions aren't in the same league as NoScript. From what I've read, it has something to do with the way Chrome is built. Though, Google's Chrome does have that sandbox which Firefox lacks ...
And no, Chrome's script blocking extensions aren't in the same league as NoScript. From what I've read, it has something to do with the way Chrome is built. Though, Google's Chrome does have that sandbox which Firefox lacks ...
Download:
https://noscript.net/
Download:
Voodoo Shield
"VoodooShield™ uses a proprietary proactive
whitelist approach to virus protection."
"But what about
exploits? ...
Think of exploits as a pathway for a virus.
When the malicious code spawns a process, it is killed."
Download:
http://voodooshield.com/
No comments:
Post a Comment