Sandboxie Plus 1.15.3 / Classic 5.70.3 – Free

Software for application isolation and secure Web browsing

0
824
To request this update you need to login first.
5 1 vote
Rate It
Sandboxie software for application isolation and secure Web browsing ▷ Download Now!

Sandboxie is a proprietary sandbox-based isolation software for Windows operating systems. It creates a sandbox-like isolated operating environment.

You can run or install all applications without perpetually modifying the local or mapped drive. An isolated virtual environment allows for control testing of untrusted software and web surfing.

Sandboxie runs your software in an isolated space. It prevents them from permanently changing other software and data in your computer.

When you run software on your computer, data flows from the hard disk to the software via read operations. The data is then processed and displayed, and finally flows back from the software to the hard disk via write operations.

Sandboxie changes the rules so that write operations do not affect your hard disk.

Intercepts changes to your files and registry settings, preventing any software from reaching outside the sandbox. It traps cached browser items in the sandbox as a by-product of normal operation. Therefore, when you delete the sandbox, all your browsing history and other side effects are removed.

Benefits of the Isolated Sandbox:

  • Secure Web Browsing. If you run a web browser under the protection of Sandboxie, all malicious applications downloaded by the browser are trapped within the sandbox and can be easily discarded.
  • Enhanced Privacy. Browsing historical past, cookies, and cached temporary files collected while Web browsing stays within the sandbox and doesn’t leak into Windows.
  • Secure E-mail. Viruses and malicious applications hiding in your email can’t break out of the sandbox and might infect your system.
  • Windows Stays Lean. Prevent wear-and-tear in Windows by installing the application into a remote sandbox.

Sandboxie Plus Features:

Sandboxie Plus offers a variety of new features that enhance security, compatibility, and the overall sandboxing experience.

Rule Specificity

  • Prioritize rules based on specificity (see changelog/docs for details). This allows for granular control, enabling sub-paths to be readable/writable while maintaining protection for parent parts.

Security enhanced sandboxes

  • Restrict syscall elevation to approved known safe/filtered sys calls
  • Limit access to device endpoints to known safe / filtered endpoints

Privacy enhanced Sandboxes

  • By applying a preset rule collection, all locations potentially containing personal data can be protected. Applications running in boxes with personal data protection will encounter an empty PC with no user data available.

Compartment Mode

  • This mode prioritizes compatibility over security. As such, Sandboxie’s token-based isolation scheme is not employed. Isolation is restricted to the file system mini filter, registry, and object callbacks. This approach may significantly enhance compatibility with various applications.

Virtual Disk Integration

  • RamDisk support, introduced in the latest insider build, enables the creation of a virtual disk in your system’s memory using the ImDisk driver. This feature can enhance file access speed and increase confidentiality, as all data stored in the virtual disk is discarded when it is unmounted, either manually or automatically upon reboot.
  • Encrypted Box Image support is currently in development and allows you to create encrypted sandboxed environments for even greater protection of your confidential data. With this feature, the box file root is mounted from an AES-XTS encrypted box image, with other ciphers also available. Upcoming additions to this root functionality will contain secure box passphrase handling and a driver extension to prevent applications not running in the encrypted sandbox from accessing the sandboxed files.

Enhanced network filtering and redirection

  • A new feature added in recent Insider Builds, Proxy Injection allows you to force any application to use a SOCKS5 proxy instead of a direct connection.
  • DNS query logging, filtering, and redirection feature allows you to block, or redirect DNS queries made by sandboxed programs for selected domains.

WFP (Windows Filtering Platform) support

  • With this feature, Sandboxie functions like an application firewall, applying rules for each box. This allows the same application to access the internet in one box while blocking it in another.

Windows 11 context menu integration

Process/Thread handle filtering (obCallbacks)

  • Using this mechanism greatly enhances process isolation and provides improved security.

Win32 syscall hooking

  • This feature enables Win32 system calls to receive the same treatment as NT system calls, improving graphics and hardware acceleration.

New UI with dark mode and much more

  • Sandboxie-Plus brings an entirely new Qt-based UI sandman.exe
  • Customizable per box run menu
  • Global hotkey to terminate all boxes
  • INI section editor for easy configuration of advanced options
  • Box event triggers/scripts
  • Ability to stop selected applications from running globally, regardless of box presets

Snapshots

  • Sandboxie-Plus can create box snapshots, facilitating quick restoration of a box to a specified earlier state.
  • Boxes set to auto-delete will automatically revert to the last snapshot when available. This allows you to start with a fresh, clean box each time while retaining some preset configurations.

Enhanced debug/trace monitor

Fake admin privileges

  • Allows to make all processes in a box think they have admin permissions and act accordingly, without the potential drawbacks of granting them admin permissions

Box size monitor

  • Monitor and list box size in their column

Start Menu integration

  • Integrate start menu entries from sandboxes into the host start menu

Sandbox SID isolation

  • Instead of employing a generic anonymous login SID, use custom SIDs for each box (such as Sandboxie/DefaultBox). This prevents processes from different boxes from accessing each other’s resources.

Breakout Process

  • It allows to specify which applications shall run unsandboxed when launched within the sandbox. Combining this mode with ForceProcess creates a straightforward priority system.
  • Document BreakOut is an extension of the well-known Breakout mechanism that allows the opening of selected file types saved to an open file path from within the sandbox in an unsandboxed instance of the associated application.

USB drive sandboxing

  • This feature automatically sandboxes any USB drive you plug into your computer, adding an extra layer of protection to your system.

EFS Support

  • Support for EFS (Encrypted File System) protected files.

Supported Operating Systems: Windows 7, 8.1, 10, 11 (32-bit, 64-bit).

Translations: English, Albanian, Chinese (Simplified and Traditional), Czech, Finnish, French, German, Italian, Japanese, Korean, Polish, Portuguese (Brazil), Russian and Turkish.

5 1 vote
Rate It
Visited 824 times, 1 visit(s) today
Subscribe
Notify of
0 Comments
Inline Feedbacks
View all comments