Make your video test requests!

Andy Ful

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,826
Shadowra said:
MS Defender disabled ?
Click to expand...

WHHLight on default settings works optimally with Microsoft Defender (ConfigureDefender HIGH), FirewallHardening, and DocumentsAntiExploit. All tools support each other to maximally cover the attack surface at home.

If you disable Defender using custom tweaks/tools, the WDAC may stop working.
If you disable only Defender's real-time protection, most of the advanced ConfigureDefender settings will not work.
 
  • +Reputation
  • Like
Reactions: simmerskool, Gandalf_The_Grey and Shadowra
Andy Ful

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,826
It is possible to test WHHLight default settings with Microsoft Defender on default settings with disabled real-time protection + FirewallHardening + DocumentsAntiExploit (MS Office and Acrobat Reader open documents by default).
Other Defender's settings (like Cloud Delivered Protection) must be enabled.
WHHLight in default settings requires additional protection against weaponized documents (such as DocumentsAntiExploit). Default settings highly restrict scripting attacks, but allow CmdLines with LOLBins (useful for system management). So, FirewallHardening is also required to restrict LOLBins.
 
Last edited:
  • +Reputation
  • Like
Reactions: simmerskool, Gandalf_The_Grey, Captain Awesome and 1 other person
R

rashmi

Level 16
Jan 15, 2024
777
Shadowra said:
MS Defender disabled ?
Click to expand...
Yes, disable Microsoft Defender. I don't want MD's protection, local or cloud, affecting the test.

I know an antivirus should complement the setup for well-rounded protection. The purpose of the test is not protection, for which I viewed your several @Andy Ful's Tools tests, but to see the strength of hardening + reputation.

I just want to see hardening + WDAC setup into effect.

Test:
WHHLight: Set SWH and WDAC to ON.
FirewallHardening: Add LOLBins.

And if the test system has MS Office or Adobe, add:
FirewallHardening: Add MS Office and Adobe Acrobat.
DocumentsAntiExploit: Set MS Office to ON1 for Current Users and to ON for All Users. Set Adobe Acrobat to ON for Current Users and to TL for All Users.

If anything, please let me know.
 
  • Like
Reactions: Shadowra

Similar threads

Shadowra
    • Like
    • +Reputation
    • Applause
App Review Shadowra's Big Comparative - Episode 3 Entreprise Antivirus
Replies
62
Views
4,826
Video Reviews - Security and Privacy
anirbandutta01
anirbandutta01
Shadowra
    • +Reputation
    • Like
    • Applause
App Review Shadowra's Big Comparative - Episode 4 : Finale
Replies
24
Views
2,642
Video Reviews - Security and Privacy
anirbandutta01
anirbandutta01
Shadowra
    • Like
    • +Reputation
    • Thanks
App Review Shadowra's Big Comparative - Episode 1 : Free Antivirus
Replies
173
Views
12,705
Video Reviews - Security and Privacy
nickstar1
nickstar1

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top