ReHIPS - An HIPS/Sandbox without kernel Hooks - (quick test included)

  • This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Umbra

Level 61
Content Creator
Verified
May 16, 2011
17,482
30,712
Operating System
Windows 10
Installed Antivirus
Default-Deny
#1
technology

Windows meets the requirements of C2-level security of the U.S. Department of Defense, it already has all the necessary mechanisms to provide access control. ReHIPS takes advantage of these built-in mechanisms and operates in a restrictive manner (if it is not explicitly allowed, block it). It executes every restricted application in the isolated environment (ReHIPS mode) with its own set of rights. Even if this application is compromised, your operating system stays protected and secure.

ReHIPS ensures system integrity and stability

Unlike some other sandboxes ReHIPS doesn't use kernel-mode hooks, splicing and other unsafe rootkit-techniques. It is based on documented Windows security mechanisms ensuring system stability.
source


changelogs



ReHIPS 1.1.0 Beta was released.
Changelog:
- Architecture was refactored and changed to multithreaded
- Separate desktops support was added to make system more secure
- Many small fixes and improvements
Demo-version restrictions were added:
- Limit for the restricted processes is 10
 
Last edited:

pablozi

Level 22
Verified
Jun 14, 2011
1,180
5,055
Operating System
Windows 10
Installed Antivirus
Norton
#2
Umbra, can you provide some more details? Have you tested ReHIPS? Does it works good on x64?
Looks promising and maybe we have already an DefenseWall-like app for x64 :)
 

Umbra

Level 61
Content Creator
Verified
May 16, 2011
17,482
30,712
Operating System
Windows 10
Installed Antivirus
Default-Deny
#14
can't run any malware at all lol , the popup show off but the malware doesn't even started.



it said it failed to restrict but at same time the malware didn't run; not sure if i was protected or it was a bug :D
 
Last edited: