Friday, 13 February 2015

Anti-Exploit Freeware/Software List

Your computer might have a chink in it's armor.  A weakness or hole in its defenses, an unforseen path through which entry can be gained, a vulnerability in your operating system (windows) or a program running on it .

How do you increase the effectiveness of your computer security and block a malicious program or script from taking advantage of these weaknesses?  You do so by adding a protective layer that addresses this problem. You add anti-exploit software.  Your anti-virus actively protects your system, but you can supplement it with passive protection which makes penetrating it a lot harder.  Here’s a list, and quick description, of some of the anti-exploit products available for free.  Also, make sure your system and software is up-to-date:  this plugs most vulnerabilities.


Enhanced Mitigation Experience Toolkit (EMET) - Microsoft
“EMET helps protect against new and undiscovered threats even before they are formally addressed through security updates or antimalware software. EMET includes 14 security mitigations that complement other defense in-depth security measures, such as Windows Defender and antivirus software.”

EMET Security Mitigations
Included
Attack Surface Reduction (ASR) Mitigation
https://i-technet.sec.s-msft.com/jj653751.right.png
Export Address Table Filtering (EAF+) Security Mitigation
https://i-technet.sec.s-msft.com/jj653751.right.png
Data Execution Prevention (DEP) Security Mitigation
https://i-technet.sec.s-msft.com/jj653751.right.png
Structured Execution Handling Overwrite Protection (SEHOP) Security Mitigation
https://i-technet.sec.s-msft.com/jj653751.right.png
NullPage Security Mitigation
https://i-technet.sec.s-msft.com/jj653751.right.png
Heapspray Allocation Security Mitigation
https://i-technet.sec.s-msft.com/jj653751.right.png
Export Address Table Filtering (EAF) Security Mitigation
https://i-technet.sec.s-msft.com/jj653751.right.png
Mandatory Address Space Layout Randomization (ASLR) Security Mitigation
https://i-technet.sec.s-msft.com/jj653751.right.png
Bottom Up ASLR Security Mitigation
https://i-technet.sec.s-msft.com/jj653751.right.png
Load Library Check – Return Oriented Programming (ROP) Security Mitigation
https://i-technet.sec.s-msft.com/jj653751.right.png
Memory Protection Check – Return Oriented Programming (ROP) Security Mitigation
https://i-technet.sec.s-msft.com/jj653751.right.png
Caller Checks – Return Oriented Programming (ROP) Security Mitigation*
https://i-technet.sec.s-msft.com/jj653751.right.png
Simulate Execution Flow – Return Oriented Programming (ROP) Security Mitigation*
https://i-technet.sec.s-msft.com/jj653751.right.png
Stack Pivot – Return Oriented Programming (ROP) Security Mitigation
https://i-technet.sec.s-msft.com/jj653751.right.png


Malwarebytes Anti-Exploit
https://www.malwarebytes.org/antiexploit/

“Popular software programs contain millions of lines of code. Bad guys exploit flaws (vulnerabilities) in the code to deliver malware. Except when they can't. Malwarebytes Anti-Exploit wraps four layers of security around popular browsers, preventing exploits from compromising vulnerable code. Not an antivirus, but compatible with most antivirus, Malwarebytes Anti-Exploit is a small, specialized shield designed to protect you against one of the most dangerous forms of malware attacks. And it's free.”



Alert's CryptoGuard – by HitmanPro
"HitmanPro-Alert's CryptoGuard technology does not try to detect the malware based on its static properties, but it detects crypto-ransomware based on its file system behavior. If suspicious behavior is detected, it is then blocked (the encryption of the files) and the malware is neutralized, without the need for any user intervention."
Note:  Appears to only protect against “ransomware”, and not other exploits.  Though, ransomware is particularly troubling, so if it troubles you ...

Antibody Anti-Exploit
“AntiExploit' scans for well known exploit files. It currently recognizes over 1700 suspicious files, and the database is updated weekly. It is not meant to be a IDS or high-profile security-application, but rather an extension to other security checks. 'aexpl' was developed for a freeshell-server to track script-kiddies.” (source: https://directory.fsf.org/wiki/AntiExploit)
This product appears to be Dead???  But perhaps it is not and still has relevance (even if only for older systems).  I would personally stay clear and use proven products.
 
ROBLOX Anti-Exploit
 Dedicated site protection for Roblox enthusiasts.  Oh, Roblox is an online game:)

ROBLOX Anti-Exploit is dedicated to stopping exploiters from attacking ROBLOX Games. It works by utilizing HttpService - the script communicates with our webservers. We have a actively growing database of exploiters that cannot enter games with RAE.”


Also for your consideration                                        

AVG Linkscanner
“Linkscanner was bought from Exploit prevention labs by AVG. Exploit Labs tried to fingerprint exploits, with the obvious rational that the same exploit kits are used over and over again”.
Although Linkscanner is an active protection, and not a passive one, it is included here because of its origins as an anti-exploit.  Plus, it is very effective and nice to have additional mechanisms to secure yourself.
Download:

NoScript
“Firefox extension provides extra protection for Firefox, Seamonkey and other mozilla-based browsers.
NoScript also provides the most powerful anti-XSS and Clickjacking protection ever available in a browser.
NoScript's unique whitelist based pre-emptive script blocking approach prevents exploitation of security vulnerabilities (known and even not known yet!) with no loss of functionality...”

And no, Chrome's script blocking extensions aren't in the same league as NoScript.  From what I've read, it has something to do with the way Chrome is built.  Though, Google's Chrome does have that sandbox which Firefox lacks ...

Download:
https://noscript.net/



Voodoo Shield  



"VoodooShield™ uses a proprietary proactive whitelist approach to virus protection." 

"But what about exploits? ...
Think of exploits as a pathway for a virus.  When the malicious code spawns a process, it is killed."

Download:
http://voodooshield.com/

No comments:

Post a Comment