HitmanPro.Alert Updates

[Gandalf_The_Grey]

HitmanPro.Alert 3.20.2 Build 2017 RC1

Changelog (compared to 983)

• Fixed Autoruns BSOD
• Fixed CryptoGuard5 Memory leaks
• Fixed CryptoGuard5 Memory leaks
• Fixed CobaltStrike Double messages in report when in audit mode
• Fixed SyscallX64 Added caching to prevent hickups during play when using Chromium browser streams (e.g. Netflix / Prime).
• Improved APCProtection Windows 11 support
• Improved CobaltStrike Add support for WinHttp based beacons
• Improved SyscallX86 Detection and alerting/reporting/suppression options
• Improved SyscallX64 Added protection against Ekko/Foliage/KrakenMask
• Improved C2Interceptor Added generic stager detection
• Improved PipeWorker Security restrictions
• Improved AmsiGuard Added protection for remote processes
• Improved LBR Added newer CPU's: Tiger Lake, Rocket Lake, Alder Lake & Raptor Lake
• Improved CookieGuard Support for Chrome's new "Device Bound Session Credentials"
• Improved Excalibur Code handling of rapid alerts/reports
• Improved AlertProducer Added a rate limiter for repeating alerts - WARNING: Last Alert due to flood! added to eventlog

https://dl.surfright.nl/hmpalert3b2017.exe

Wishing you all a very Merry Christmas and a Happy New Year!
Please let us know how this version runs on your machine

HitmanPro.Alert BETA

HitmanPro.Alert 3.8.26 Build 979 RC1 Changelog (compared to 977) Fixed Intruder/Safe Browsing compatibly issue introduced by a recent Bitdefender...

www.wilderssecurity.com

 

[Sorrento]

I dumped Alert a couple of months back after some years along with OS Armor, neither seemed to be of much help though many FP's esp OS Armor (not ran at the same time!)

 

[Vitali Ortzi]

I dumped Alert a couple of months back after some years along with OS Armor, neither seemed to be of much help though many FP's esp OS Armor (not ran at the same time!)

Hitmanpro.Alert is pretty niche after built in windows exploit mitigations improved
But it is still useful (you can add exclusions , disable components to reduce false positives)

 

[Gandalf_The_Grey]

HitmanPro.Alert 3.20.2 Build 2019 RC1

Changelog (compared to 983)

• Fixed Autoruns BSOD
• Fixed Driver BSOD
• Fixed CryptoGuard5 Memory leaks
• Fixed CobaltStrike Double messages in report when in audit mode
• Fixed SyscallX64 Added caching to prevent hickups during play when using Chromium browser streams (e.g. Netflix / Prime).
• Improved APCProtection Windows 11 support
• Improved CobaltStrike Add support for WinHttp based beacons
• Improved SyscallX86 Detection and alerting/reporting/suppression options
• Improved SyscallX64 Added protection against Ekko/Foliage/KrakenMask
• Improved C2Interceptor Added generic stager detection
• Improved PipeWorker Security restrictions
• Improved AmsiGuard Added protection for remote processes
• Improved LBR Added newer CPU's: Tiger Lake, Rocket Lake
• Improved CookieGuard Support for Chrome's new "Device Bound Session Credentials"
• Improved Excalibur Code handling of rapid alerts/reports
• Improved AlertProducer Added a rate limiter for repeating alerts - WARNING: Last Alert due to flood! added to eventlog
• Improved Selfprotection and alerting logic
• Improved KernelTrap32 added multiple API's
• Improved HollowProcess logic for PEB protection
• Improved CallerCheck thumbprinting for local allow-listing

https://dl.surfright.nl/hmpalert3b2019.exe

We'll switch on auto-update for existing 2017 users, if all goes well we'll be updating 983 users soon after that in staged roll-out.

Please let us know how this version runs on your machine

HitmanPro.Alert BETA

HitmanPro.Alert 3.20.2 Build 2017 RC1 Changelog (compared to 983) Fixed Autoruns BSOD Fixed CryptoGuard5 Memory leaks Fixed CryptoGuard5 Memory leaks...

www.wilderssecurity.com

 

[Gandalf_The_Grey]

HitmanPro.Alert 3.20.2 Build 2019 RC1

HitmanPro.Alert BETA

HitmanPro.Alert 3.20.2 Build 2017 RC1 Changelog (compared to 983) Fixed Autoruns BSOD Fixed CryptoGuard5 Memory leaks Fixed CryptoGuard5 Memory leaks...

www.wilderssecurity.com

This is now promoted to stable:
HitmanPro.Alert 3.20.2 Build 2019

Changelog (compared to 983)

• Fixed Autoruns BSOD
• Fixed Driver BSOD
• Fixed CryptoGuard5 Memory leaks
• Fixed CobaltStrike Double messages in report when in audit mode
• Fixed SyscallX64 Added caching to prevent hickups during play when using Chromium browser streams (e.g. Netflix / Prime).
• Improved APCProtection Windows 11 support
• Improved CobaltStrike Add support for WinHttp based beacons
• Improved SyscallX86 Detection and alerting/reporting/suppression options
• Improved SyscallX64 Added protection against Ekko/Foliage/KrakenMask
• Improved C2Interceptor Added generic stager detection
• Improved PipeWorker Security restrictions
• Improved AmsiGuard Added protection for remote processes
• Improved LBR Added newer CPU's: Tiger Lake, Rocket Lake
• Improved CookieGuard Support for Chrome's new "Device Bound Session Credentials"
• Improved Excalibur Code handling of rapid alerts/reports
• Improved AlertProducer Added a rate limiter for repeating alerts - WARNING: Last Alert due to flood! added to eventlog
• Improved Selfprotection and alerting logic
• Improved KernelTrap32 added multiple API's
• Improved HollowProcess logic for PEB protection
• Improved CallerCheck thumbprinting for local allow-listing

https://dl.surfright.nl/hmpalert3b2019.exe

Auto-update is on for existing 2017 users, if all goes well we'll be updating 983 users soon after that in staged roll-out (first batch has been released).
Please let us know how this version runs on your machine

HitmanPro.ALERT Support and Discussion Thread

In case anyone is/was running in to the McAfee WebAdvisor v.s. CookieGuard fight, more details here....

www.wilderssecurity.com

 

[Gandalf_The_Grey]

HitmanPro.Alert 3.21.1 Build 2033 RC1

Changelog (compared to 2019)

• New: Vulnerable Driver Guard
  Vulnerable Driver Guard, part of Process Protection, aims to provide signature-less, universal protection against AV/EDR Killers that abuse legitimate but vulnerable kernel drivers.
  It helps prevent attackers from disabling security software or bypassing tamper protection, and reduces the risk of manipulation of critical operating system security mechanisms, even when trusted or digitally signed drivers are used.
  
  
• New: ETW Guard
  ETWGuard, part of Process Protection, protects Event Tracing for Windows (ETW) from manipulation by attackers.
  ETW is critical security infrastructure used by most AV and EDR solutions for detection and monitoring, but is typically left unprotected by those same products.
  ETWGuard hardens the code regions responsible for ETW functionality, blocking malware attempts to blind security tools, even though HitmanPro.Alert itself does not rely on ETW.
  This prevention-first approach stops attacks that would otherwise evade detection by disabling security telemetry.
  
  
• Improved: Syscall
• Improved: HeapSpray
• Improved: SyscallX64
• Improved: HollowProcess
• Improved: Selfprotection
• Improved: HWBGuard (Hardware Break Guard)
• Improved: False Positive suppression logging
• Improved: UI now shows if run as Administrator or not
• Improved: CookieGuard added protection for AppBound cookie security
• Improved: Exploit Mitigation panel shows selected template name per application
• Improved: Process protection UI pumpkin now shows 1/2 grayed-out if one of the protections is disabled
• Fixed: ARM64 driver issue on Win10
• Fixed: Intruder issue with Bitdefender and Tor browser
• Fixed: Right click on "Last event" now prompts for Admin permissions if needed for cleaning

https://dl.surfright.nl/hmpalert3b2033.exe
Please let us know how this version runs on your machine

https://www.wilderssecurity.com/threads/hitmanpro-alert-beta.394398/page-92#post-3261024