Expand description
§win_mitigations
Safe, ergonomic Rust wrappers for Windows process mitigation policies.
Harden your Windows processes against exploitation and unwanted behaviors.
§Features
- Configure Windows process mitigation policies using ergonomic Rust types
- Builder-style APIs for each mitigation
- Safe wrappers over Windows API
- No unsafe code required for typical usage
§Supported Policies
- ASLR (src/aslr.rs)
- Binary Signature (src/binary_signature.rs)
- Child Process (src/child_process.rs)
- Dynamic Code (src/dynamic_code.rs)
- Extension Point (src/extension_point.rs)
- Font Disable (src/font_disable.rs)
- Image Load (src/image_load.rs)
- Strict Handle (src/strict_handle.rs)
§Installation
Add to your Cargo.toml:
win_mitigations = "0.1.3"§Usage
See API documentation for full details.
§Enable ASLR and Strict Handle Checks
use win_mitigations::aslr::AslrPolicy;
use win_mitigations::strict_handle::StrictHandlePolicy;
fn main() -> Result<(), windows::core::Error> {
AslrPolicy::new()
.set_enable_high_entropy(true)
.set_enable_force_relocate_images(true)
.build()?;
StrictHandlePolicy::new()
.set_raise_exception_on_invalid_handle_reference(true)
.set_handle_exceptions_permanently_enabled(true)
.build()?;
Ok(())
}§Disable Extension Points
use win_mitigations::extension_point::ExtensionPointPolicy;
fn main() -> Result<(), windows::core::Error> {
ExtensionPointPolicy::new()
.set_disable_extension_points(true)
.build()?;
Ok(())
}§Restrict Child Process Creation
use win_mitigations::child_process::ChildProcessPolicy;
fn main() -> Result<(), windows::core::Error> {
ChildProcessPolicy::new()
.set_no_child_process_creation(true)
.build()?;
Ok(())
}§Documentation
- API Docs (docs.rs)
- src/lib.rs — main API
- Individual modules for each mitigation policy
§License
Licensed under MIT
Modules§
- aslr
- Address Space Layout Randomization (ASLR)
- binary_
signature - Binary Signature Policy (Code Integrity Guard)
- child_
process - Child Process Policy
- dynamic_
code - Dynamic Code Policy (Arbitrary Code Guard)
- extension_
point - Extension Point Policy
- font_
disable - Font Disable Policy
- image_
load - Image Load Policy
- strict_
handle - Strict Handle Policy
Functions§
- set_
process_ mitigation_ policy - Sets the process mitigation policy for the current process.
This function is a wrapper around the Windows API function
SetProcessMitigationPolicy.