Categories: Kali Linux

WindowsSpyBlocker – Block Spying & Tracking On Windows

WindowsSpyBlocker is an application written in Go and delivered as a single executable to block spying and tracking on Windows systems. The initial approach of this application is to capture and analyze network traffic based on a set of tools.

Main window of WindowsSpyBlocker

Configuration file app.conf is generated at first launch :

 

 

 

 

Also Read Shodanwave – Tool For Exploring & Obtaining Information From Cameras

WindowsSpyBlocker Telemetry & Data collection

To capture and analyze network traffic for the telemetry option, QEMU virtual machines are used on the server virtualization management platform Proxmox VE based on :

  • Windows 10 Pro 64bits with automatic updates enabled.
  • Windows 8.1 Pro 64bits with automatic updates enabled.
  • Windows 7 SP1 Pro 64bits with automatic updates enabled.

Traffic dumps are clean every day and compared with the current rules to add / remove some hosts or firewall rules.

Tools used to capture traffic :

  • qemu -net dump : capture
  • Wireshark : capture + logs
  • Sysmon : capture + logs
  • Proxifier : logs

The data folder contains the blocking rules based on domains or IPs detected during the capture process :

  • data/<type>/extra.txt : Block third party applications
  • data/<type>/spy.txt : Block Windows Spy / Telemetry
  • data/<type>/update.txt : Block Windows Update

Firewall and Hosts data are the main types. The others are generated from these as :

  • DNSCrypt : a protocol for securing communications between a client and a DNS resolver.
  • OpenWrt : an open source project used on embedded devices to route network traffic.
  • P2P : a plaintext IP data format from PeerGuardian.
  • Proxifier : an advanced proxy client on Windows with a flexible rule system.
  • Simplewall : a simple tool to configure Windows Filtering Platform (WFP).

R K

Recent Posts

Pystinger : Bypass Firewall For Traffic Forwarding Using Webshell

Pystinger is a Python-based tool that enables SOCKS4 proxying and port mapping through webshells. It…

6 days ago

CVE-Search : A Tool To Perform Local Searches For Known Vulnerabilities

Introduction When it comes to cybersecurity, speed and privacy are critical. Public vulnerability databases like…

6 days ago

CVE-Search : A Tool To Perform Local Searches For Known Vulnerabilities

Introduction When it comes to cybersecurity, speed and privacy are critical. Public vulnerability databases like…

7 days ago

How to Bash Append to File: A Simple Guide for Beginners

If you are working with Linux or writing bash scripts, one of the most common…

7 days ago

Mastering the Bash Case Statement with Simple Examples

What is a bash case statement? A bash case statement is a way to control…

7 days ago

How to Check if a File Exists in Bash – Simply Explained

Why Do We Check Files in Bash? When writing a Bash script, you often work…

1 week ago