WindowsSpyBlocker is an application written in Go and delivered as a single executable to block spying and tracking on Windows systems. The initial approach of this application is to capture and analyze network traffic based on a set of tools.
Configuration file app.conf
is generated at first launch :
Also Read Shodanwave – Tool For Exploring & Obtaining Information From Cameras
To capture and analyze network traffic for the telemetry option, QEMU virtual machines are used on the server virtualization management platform Proxmox VE based on :
Traffic dumps are clean every day and compared with the current rules to add / remove some hosts or firewall rules.
Tools used to capture traffic :
qemu -net dump
: captureThe data
folder contains the blocking rules based on domains or IPs detected during the capture process :
data/<type>/extra.txt
: Block third party applicationsdata/<type>/spy.txt
: Block Windows Spy / Telemetrydata/<type>/update.txt
: Block Windows UpdateFirewall and Hosts data are the main types. The others are generated from these as :
Sanctum EDR demonstrates a multi-layered approach to detecting and preventing Event Tracing for Windows (ETW)…
SpyAI is a sophisticated form of malware that leverages advanced technologies to capture and analyze…
The Proxmark3 is a versatile, open-source tool designed for radio-frequency identification (RFID) security analysis, research,…
The "Awesome Solana Security" collection is a comprehensive resource designed to help developers build more…
The "IngressNightmare" vulnerabilities, disclosed in March 2025, represent a critical set of security issues affecting…
AdaptixC2 is an advanced post-exploitation and adversarial emulation framework designed specifically for penetration testers. It…