Hard_Configurator - Windows Hardening Configurator

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
New H_C ver. 6.0.0.0 beta 1:
This beta version can be installed over the previous version (5.1.1.2). It has been whitelisted by Microsoft, Avast, Norton, and Bitdefender.

Changelog:
  1. Introduced two color-changing buttons. When the restrictions are OFF, the buttons <Switch OFF/ON SRP> and <Switch OFF/ON Restrictions> change the background color from green to blue.
  2. Fixed some minor bugs.
  3. Added finger.exe to blocked sponsors and also to the H_C Enhanced profiles.
  4. Added some EXE files to FirewallHardening LOLBin Blocklist: csc, cvtres, CasPol, finger, ilasm, jsc, Microsoft.Workflow.Compiler, mscorsvw, ngen, ngentask, vbc.
  5. Added SLK file extension to the default protected extensions.
  6. Added a switch -p to run H_C and SwitchDefaultDeny with SRP enforcement to block all users (including Administrators) - it can be used especially on the older Windows versions to improve post-exploitation protection on default Admin account. This switch should be used only by very experienced users.
  7. New version of ConfigureDefender:
    - Added some useful information to the Help and manual.
    - Added "Send All" setting to Automatic Sample Submission.
    - Updated ASR rules (1 new rule added).
    - Added the Warn mode to ASR rules.
    - Added INTERACTIVE Protection Level which uses ASR rules set to Warn.
    - Added the <Info> button next to the Protection Levels buttons. It displays information about which settings are enabled in DEFAULT, HIGH, INTERACTIVE, and MAX Protection Levels.
    - Redesigned slightly the layout of the Exploit Guard section.
  8. Added support for Windows 11.

Be safe.(y)
Thanks Andy!
What's the new ASR rule?
What added support was needed for Win11?
 
F

ForgottenSeer 85179

What's the new ASR rule?

What added support was needed for Win11?
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153


Thanks.
I didn't know about that new ASR rule. Good info.
I did know about that particular Win11 issue, as I reported it. Just wondering whether Andy found others.
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,592
@shmu26,
ConfigureDefender and FirewallHardening Logs have not been displayed correctly on Windows 11. One of the issues was a bug in Windows 11 while using the wevtutil.exe system tool with /f:text switch to retrieve the text output of the Windows Events Log. I had to change the code and use another way to filter events.

Post edited.
 
Last edited:

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
@shmu26,
ConfigureDefender and FirewallHardening Logs have not been displayed correctly on Windows 11. One of the issues was a bug in Windows 11 while using the wevtutil.exe system tool with /text switch to retrieve the text output of the Windows Events Log. I had to change the code and use another way to filter events.
Thanks. I think I experienced that logging bug, but I wasn't sure what happened.
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,592
Some screenshots:

ConfigureDefender:

1626687975943.png

1626688002094.png



Hard_Configurator:

1626688083462.png



1626688115465.png
 

Gandalf_The_Grey

Level 84
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,415
New H_C ver. 6.0.0.0 beta 1:
This beta version can be installed over the previous version (5.1.1.2). It has been whitelisted by Microsoft, Avast, Norton, and Bitdefender.

Changelog:
  1. Introduced two color-changing buttons. When the restrictions are OFF, the buttons <Switch OFF/ON SRP> and <Switch OFF/ON Restrictions> change the background color from green to blue.
  2. Fixed some minor bugs.
  3. Added finger.exe to blocked sponsors and also to the H_C Enhanced profiles.
  4. Added some EXE files to FirewallHardening LOLBin Blocklist: csc, cvtres, CasPol, finger, ilasm, jsc, Microsoft.Workflow.Compiler, mscorsvw, ngen, ngentask, vbc.
  5. Added SLK file extension to the default protected extensions.
  6. Added a switch -p to run H_C and SwitchDefaultDeny with SRP enforcement to block all users (including Administrators) - it can be used especially on the older Windows versions to improve post-exploitation protection on default Admin account. This switch should be used only by very experienced users.
  7. New version of ConfigureDefender:
    - Added some useful information to the Help and manual.
    - Added "Send All" setting to Automatic Sample Submission.
    - Updated ASR rules (1 new rule added).
    - Added the Warn mode to ASR rules.
    - Added INTERACTIVE Protection Level which uses ASR rules set to Warn.
    - Added the <Info> button next to the Protection Levels buttons. It displays information about which settings are enabled in DEFAULT, HIGH, INTERACTIVE, and MAX Protection Levels.
    - Redesigned slightly the layout of the Exploit Guard section.
  8. Added support for Windows 11.

Be safe.(y)
Great work and thanks for keeping those tools up to date (y)
Will there be a standalone (beta) version of the new ConfigureDefender?
 

Gandalf_The_Grey

Level 84
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,415
Posted the news on the other site and got a special thanks for @Andy Ful
Thanks @Gandalf_The_Grey - And special Thanks to AndyFul.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top