- Mar 23, 2015
- 555
Recently I am studying how to simulate the features of AppGuard with some other hips softwares.
Why AppGuard? Because some features of other anti-exe programs, such as command-line whitelist, is too hard for me to simulate.
The fact is that I like AG very much, but I am unable to purchase it owing to some boring cross-border payment issues.
Some features of AG, such as blocking executable files in user space, prevent guarded applications from writing to protected folders and prevent "private" guarded applications from reading the private folders, are not hard to simulate.
The problem is the registry.
We know AG prevents guarded applications from writing to protected registry items/keys/values.
But I do not know the exact registry items/keys/values that are protected by AG.
Only after knowing the items exactly can I write some hips rules to protect them.
So I hope experienced users could explain this to me.
Thank you.
Why AppGuard? Because some features of other anti-exe programs, such as command-line whitelist, is too hard for me to simulate.
The fact is that I like AG very much, but I am unable to purchase it owing to some boring cross-border payment issues.
Some features of AG, such as blocking executable files in user space, prevent guarded applications from writing to protected folders and prevent "private" guarded applications from reading the private folders, are not hard to simulate.
The problem is the registry.
We know AG prevents guarded applications from writing to protected registry items/keys/values.
But I do not know the exact registry items/keys/values that are protected by AG.
Only after knowing the items exactly can I write some hips rules to protect them.
So I hope experienced users could explain this to me.
Thank you.