Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/lukasjhan/windows-sandbox-system
https://github.com/lukasjhan/windows-sandbox-system
Last synced: 12 days ago
JSON representation
- Host: GitHub
- URL: https://github.com/lukasjhan/windows-sandbox-system
- Owner: lukasjhan
- Created: 2023-04-30T08:06:45.000Z (over 1 year ago)
- Default Branch: master
- Last Pushed: 2023-04-30T08:07:14.000Z (over 1 year ago)
- Last Synced: 2024-10-24T08:52:22.759Z (2 months ago)
- Size: 71.3 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Windows Process Sandbox
## ABSTRACT
![img](./img.png)
## IDEA
The core idea is that, when you run a process in sandbox environment, it runs at low integrity and it uses Windows API by communicating, IPC, with the broker process. When the broker received the request, it logs the request and proceed it.
There are special cases when processing. Files and registries are isolated from normal environment. There is designated location for isolated processes. The broker process makes it look like a normal environment.
Also you can emulate Windows API by logs. It reads the logs in the specified order and shows them as if they were working properly. Or You can just restrict certain interfaces to protect your system.
## Elements
- Sandbox manager
- Broker Process
- Log manager
- IPC manager
- API Hooking DLL
- DLL injector## Possible Usage
- Run a process in isolated environment
- Automated test
- Run malwares securely## Current Working
- Apply Windows App-Container