New Update Simple Windows Hardening

Moonhorse

Level 37
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,602
ransomoff had this extension blocking ability , but they took it off for further develop wich is sad

I guess i give this a go anytime soon, maybe it might be bit painfull whitelisting specific games, but only hurts once(y)
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
ransomoff had this extension blocking ability , but they took it off for further develop wich is sad

I guess i give this a go anytime soon, maybe it might be bit painfull whitelisting specific games, but only hurts once(y)
Most games should install/run/update without whitelisting. From my experience, some blocks are expected if the application uses .bin or .dat files (and scripts of course). The less-painful method is simply whitelisting the game folder.
 

ashledombos

New Member
Jul 7, 2020
3
Hello @Andy Ful and all the MalwareTips team.
Thanks for this software, especially for making it FOSS. The only equivalent I knew util recently was Simple SRP, but it's getting outdated.
Amongst several environments I have to manage, I have a FabLab which needs to be set up automatically (thanks to Samba 4 GPO and WAPT, a Python suite for deploying software). The idea is to activate it by default, but let local admin be quite autonomous with the tools (it's a FabLab, so they must also put their hands under the hood).
So I let a copy of SWH on the local storage, but, as mentioned, would like it to be enabled by default. I was wondering if there was an argument (switch) to execute the program silently (or at least to close the windows immediately)
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
...
So I let a copy of SWH on the local storage, but, as mentioned, would like it to be enabled by default. I was wondering if there was an argument (switch) to execute the program silently (or at least to close the windows immediately)
I am not sure if I understand you correctly. The SWH is required to be run only once and then you can close it. After that, SWH is not required - the real-time protection comes from Windows native processes. You can run SWH again if you want to adjust/switch OFF/switch ON/remove the settings.
Most SSRP configs apply restrictions on EXE and MSI files, so you have to pay attention to these files, because they are not restricted in SWH. The configs similar to those used in SSRP can be applied via Hard_Configurator (Strict or Recommended settings).
 
Last edited:

ashledombos

New Member
Jul 7, 2020
3
The SWH is required to be run only once and then you can close it. After that, SWH is not required - the real-time protection comes from Windows native processes. You can run SWH again if you want to adjust/switch OFF/switch ON/remove the settings.
Yes I understood that, in fact I just wanted to know if there was a way to execute "run/activate then close HSW" in a single command line. Sorry for not having been clear!
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
Yes I understood that, in fact I just wanted to know if there was a way to execute "run/activate then close HSW" in a single command line. Sorry for not having been clear!
Understand. No, it is not possible. In this way, the attacker could use it as LOLBin to remove silently some advanced SRP settings or advanced Hard_Configurator settings.
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040

brigantes

Level 1
Jun 22, 2020
40
Simple Windows Hardening ver. 1.0.0.2
https://github.com/AndyFul/Hard_Con... Windows Hardening/SimpleWindowsHardening.exe

Only some minor improvements. This version should work well with RunBySmartscreen, FirewallHardening, ConfigureDefender, and DocumentsAntiExploit tools. These portable standalone tools are available as H_C_HardeningTools:
https://github.com/AndyFul/ConfigureDefender/blob/master/H_C_HardeningTools.zip

This is sooooo amazing. Other vendors should follow your style of simplicity instead of product bloat and weakness.
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
This is sooooo amazing. Other vendors should follow your style of simplicity instead of product bloat and weakness.
Ha, ha. This simplicity is mostly to the credit of MT members. I have a rather twisted kind of simplicity that can be seen in Hard_Configurator.:)
 

Decopi

Level 6
Verified
Oct 29, 2017
252
Hi @Andy Ful !

Firstly, thank you for your great work... kudos! Please, allow me a question:

I'm not a WD' defender user, for long time I used all kind of tweaks (I can't remember all of them), and I believe WD is totally disabled on my Windows10. But for unknown reasons, smartscreen seems to be active in my system (at TaskManager I can see the exe process working), however for years I saw zero smartscreen alerts. Well, for bad or for good, this is my WD' current situation : )

In the other hand (and one of the reasons I disabled WD), I have CruelComodo (I tested it several times, and never had a problem in the last years). I disabled UAC, because is not fully compatible with CruelComodo. But I use SysHardener because is compatible with CruelComodo, because is "plug-and-play" (doesn't need a tutorial), and mainly because SysHardener hasn't negative impact in my hardware.

In this context above, I wonder if you (please) can help me, about what software I can use from your GitHub' repo, but compatible with CruelComodo + Syshardener + No WD + No UAC.

Thank you in advance!
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
...
In this context above, I wonder if you (please) can help me, about what software I can use from your GitHub' repo, but compatible with CruelComodo + Syshardener + No WD + No UAC.
...
If you like it and there are no problems, then just keep the above setup.
 
Last edited:

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
Thanks for the replay, but my question remains: Is there any software in your repo, compatible with my current context? Thanks again.
Simple Windows Hardening, DocumentsAntiExploit, RunBySmartScreen (If your SmartScreen works). I do not know which of them is trusted in the CF file lookup.
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
Thanks @Andy Ful . I'll test everything.
PS: You may want to know, of course it might be a false positive, but Cylance blocks your H_C_HardeningTools.zip . At virustotal, a total of 7 engines (including Bitdefender) detected something in same file: VirusTotal
Interesting. It is Bitdefender's false positive. I have to investigate why it is so.

Edit.
Sample sent to whitelisting. We will see the effect after some days.
 
Last edited:

blackice

Level 38
Verified
Top Poster
Well-known
Apr 1, 2019
2,730
Interesting. It is Bitdefender's false positive. I have to investigate why it is so.

Edit.
Sample sent to whitelisting. We will see the effect after some days.
Bitdefender always quarantines your tools when it runs an initial scan. I just add an exception and move on, apologies for not giving you a heads up. It’s happened with Sophos as well, but that was many months ago. I figured a lot of AVs did since it touches WD settings.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top