win_mitigations

Features

Configure Windows process mitigation policies using ergonomic Rust types
Builder-style APIs for each mitigation
Safe wrappers over Windows API
No unsafe code required for typical usage

Supported Policies

ASLR (src/aslr.rs)
Binary Signature (src/binary_signature.rs)
Child Process (src/child_process.rs)
Dynamic Code (src/dynamic_code.rs)
Extension Point (src/extension_point.rs)
Font Disable (src/font_disable.rs)
Image Load (src/image_load.rs)
Strict Handle (src/strict_handle.rs)

Installation

Add to your Cargo.toml:

win_mitigations = "0.1.1"

Usage

See API documentation for full details.

Enable ASLR and Strict Handle Checks

use win_mitigations::aslr::AslrPolicy;
use win_mitigations::strict_handle::StrictHandlePolicy;

fn main() -> Result<(), windows::core::Error> {
    AslrPolicy::new()
        .set_enable_high_entropy(true)
        .set_enable_force_relocate_images(true)
        .build()?;

    StrictHandlePolicy::new()
        .set_raise_exception_on_invalid_handle_reference(true)
        .set_handle_exceptions_permanently_enabled(true)
        .build()?;
    Ok(())
}

Disable Extension Points

use win_mitigations::extension_point::ExtensionPointPolicy;

fn main() -> Result<(), windows::core::Error> {
    ExtensionPointPolicy::new()
        .set_disable_extension_points(true)
        .build()?;
    Ok(())
}

Restrict Child Process Creation

use win_mitigations::child_process::ChildProcessPolicy;

fn main() -> Result<(), windows::core::Error> {
    ChildProcessPolicy::new()
        .set_no_child_process_creation(true)
        .build()?;
    Ok(())
}

Documentation

API Docs (docs.rs)
src/lib.rs — main API
Individual modules for each mitigation policy

License

Licensed under MIT

win_mitigations 0.1.2

win_mitigations

Features

Supported Policies

Installation

Usage

Enable ASLR and Strict Handle Checks

Disable Extension Points

Restrict Child Process Creation

Documentation

License