Windows Exploit Protection Settings

This repo contains ultimate security configurations against hacking such as memory space access, malware, credential theft - including some denial of service attacks + rootkit deployments: milsec for a lot of Windows programs. The following apps are protected and guaranteed to start (click categories to show list):

Web Browsers

• Google Chrome
• Mozilla Firefox
• Internet Explorer
• Librewolf
• Opera
• Safari
• Thorium
• Edge
• DuckDuckGo
• Brave

Media Tools

• Audacity
• butt audio streaming
• Virtual DJ
• Traktor
• Photoshop
• Groove Music
• Winamp
• foobar2000
• iTunes
• Windows Media Player
• NDIRecord
• StreamDeck
• Yamaha Steinberg USB
• vMix64
• BlackMagic Video
• VLC Media Player

Communication Apps

• Skype
• Lync
• Pidgin
• Telegram
• MS Outlook
• Thunderbird
• Windows Live Mail
• Google Talk
• Slack
• Whatsapp
• Wire
• Armcord (a Discord client)
• Discord

Gaming

• Steam
• Ubisoft
• BlueStacks X
• EA - Electronic Arts
• GOG Galaxy (edit version number in .XML file accordingly)
• EasyAntiCheat
• The Sims 4
• Cyberpunk 2077
• Firestorm (for Second Life)
• Radegast

Networking

• dnscrypt-proxy
• Tor
• Torifier
• WARP 1.1.1.1
• OpenVPN
• WireGuard
• VPN Unlimited
• Comodo Internet Security

Common Software

• Notepad++
• Obsidian
• OneNote
• Acrobat Reader PDF
• Sumatra PDF
• Foxit PDF Reader
• Java
• MS Access
• MS Excel
• MS PowerPoint
• MS Word
• MS Wordpad
• MS Notepad
• PowerShell
• PowerShell ISE
• Visio
• WinZip
• WinRAR
• 7Z
• ...

Microsoft Services

• Literally all (!) basic Windows programs from boot. Beyond recommendations (took a few bluescreens >.<)
• OneDrive
• File Explorer
• Smartscreen
• Windows Settings
• Task Manager
• Windows Store
• Command terminal
• search index
• SSH
• svchost
• smss
• csrss
• lpcapsvc
• conhost
• dashost
• OOBEbroker
• WMI
• wininit
• winlogon
• WerFault
• lsalso & lsass
• and many more (everything on Windows 10 & 11)

Other Executables

• Adobe (services)
• AMD (GPU driver)
• Citrix Workspace App
• Chrash_handler
• Edge Webview2 (works for Citrix Workspace, DuckDuckGo, Edge...)
• Everything
• HP (drivers)
• Intel (drivers)
• KeePassXC & proxy
• Open SSL
• NVIDIA
• Qbittorrent
• Qt Web Engine
• Real Converter
• RealPlay
• Realtek Audio
• SwitchDefaultDeny(x64)
• SyncThing
• Thunderbolt
• ...

Check separate settings when specific features don't work. 99% of programs are tested & all start with zero configuration

^{Windows Settings > Security & Privacy > Windows Security > App & browser control > Exploit protection settings > Program settings}

XploitProtection.xml + the extra security settings below are focused on Windows Home & Pro consumers, gamers & small businesses (including privacy geeks) where agility is everything. Help update XploitProtection.xml and keep this repo growing with new entries. By using the PoE (process of elimination) methodology while applying WEPS and updating the .xml here, we keep the most complete list available online.

Import

Run XPROT.ps1 to change WEPS quickly. Update every so often (this will not remove entries & gets the most recent online xml every time) & reboot to activate, also after manually importing with this command:

Set-ProcessMitigation -PolicyFilePath "$HOME\Downloads\XploitProtection.xml"

Backup, Remove & Import

Some installations require temporarily removing protection, this can be done quick: reboot & install the software, run again or import your own local XML. After restart, these policies block intrusions like botnets, cache exploits and more.

XPROT, Windows Exploit Protection Manager

This standalone GUI script brings dramatic improvements to the interface that Windows offers today - XPROT Manager excels in speed for bulk actions & repetitive implementations, running tighter security with no trouble: remove & import settings again during any new installation. Be up to date in a few seconds. Protect now!

Security Upgrades

• Use DNS (f.e. 9.9.9.9, 1.1.1.1,...) with activated encryption via Windows network settings or a third party solution
• windows_hardening.cmd (includes anti mimikatz exploit regedit & more security!)
• https://github.com/AndyFul/ConfigureDefender (more extreme hardening of Windows)

Windows Tools

• https://github.com/Sycnex/Windows10Debloater (debloat Windows 10 & 11)
• https://www.thewindowsclub.com/ultimate-windows-tweaker-5-for-windows-11

Merged Repositories

• https://github.com/jdgregson/Exploit-Protection-Settings as to support Microsoft Office
• Added https://github.com/Strana-Mechty/ExploitProtection-Templates supporting Adobe, Telegram & more
• Calibrated with original https://github.com/microsoft/ExploitProtectionConfiguration

⭐ Give a star to help many others find better protection.

#WindowsHome #WindowsPro #Windows10 #Windows11 #Microsoft #WindowsExploitProtectionSettings #Hardening #Cybersecurity #ExploitProtection #Defender #WindowsDefender #Gaming #Mimikatz #Defense #Botnet #Antibotnet #Antivirus #Glitch #Virus #Infection #Privacy #SVC #Vulnerabilities #Cyberdefense #Protection #Gaming #Stackpivot #CFG #SEHOP #ASLR #Heapcorruption #Safeboot #VPN #OpenVPN #WireGuard #Tor #Proxy #Redhat #Whitehat #Anonymous #DEFCON #Opensource #Interface #Tool #Qt #Quantum #Timespace #ProtectionSettings #Manager #Security #Software #GUI #Productivity #CallerCheck #HandleUsage #Fonts #Images #dll #services #taskhost #svchost #PowerShell #TLS

© FrenzyPenguin Media