D

Deleted member 178

HitmanPro.Alert 3.7 build 704 CTP1 - PRIVATE

Finally we have a build with major new features! Most new features are located on the orange tile but we have also improved existing mitigations. The executable is still less than 5MB.

Please help us test how these new features fare alongside other security products (compatibility).

New Features
  • Real-time Anti-Malware
    Works with the HitmanPro cloud.

  • Credential Theft Protection
    Preventing theft of authentication passwords and hash information from memory, registry and disk. Prevents Mimikatz-style attacks.

  • Local Privilege Guard
    Prevents exploits of the operating system kernel. Prevents an attacker from using the privilege information of another process.

  • Code Cave mitigation
    Stops backdoors in trusted code.

  • Sticky Keys mitigation
    Prevents misuse of the Microsoft sticky key feature. Usually used by attackers to gain persistence.

  • Asynchronous Procedure Call (APC) mitigation
    Stops code injection via APC (ex. Atom Bombing attack).

  • Application Verifier mitigation
    Prevents misuse of the Application Verifier feature of Windows (eg. Double Agent attack).

  • Malicious Process Migration
    Detects remote reflective DLL injection used to move laterally between processes.

Improvements

  • Application Lockdown
    Now blocks CVE-2017-0199

  • Increased height of the user interface
    There are now three rows of applications under the tiles

  • 64-bit DLL is now compiled with Intel MPX instructions

  • Various minor improvements
Participate
Please PM me (on Wilders Security Forum) to participate in this (currently) PRIVATE program. :
We will open up the program to PUBLIC once we received enough confidence that the new features run fine alongside other security products :thumb:
HitmanPro.ALERT Support and Discussion Thread

Note the real-time AM. bye bye MBAM+ MBAE :D
 

Mr.Wave

Level 16
Installed this yesterday and it runs smooth even on win 10 creators built. Erik said in a pm that there could be a unsigned m $ driver issue and that secure boot had to be dissabled but this was not the case I instantly fell in love with this product ;)
 

Peter2150

Level 7
Verified
One of the coolest features that has been there is the Application Lockdown. What it is if you have a program like a zip program or even an office product protected and it has an executable with in(like a macro with code) that that code will be blocked for running