Sandboxie Plus 1.17.2 / Classic 5.72.2 – Free Isolation Tool

Sandboxie is a proprietary, sandbox-based isolation software designed for Windows operating systems. It functions by creating a secure, isolated operating environment—a “sandbox”—where applications can be run without permanently affecting the local system. This makes it a crucial security tool for users who want to safely test unverified applications or browse the web in an isolated environment.

Within an isolated virtual environment, you can run or install applications without permanently altering your local or mapped drives. This secure setup enables controlled testing of untrusted programs and provides a safe space for web browsing. It is essential for anyone seeking a controlled environment to evaluate untrusted software without system risk.

Sandboxie runs your software in an isolated environment, preventing applications from making permanent changes to other programs and data on your computer. This provides an essential layer of protection for users who need to run software without compromising the integrity of their local operating system.

When you execute software on your computer, data follows a cycle: it flows from the hard disk to the software via read operations, is then processed and displayed, and finally flows back from the software to the hard disk via write operations. This fundamental input/output (I/O) cycle is essential for users to understand how applications access, modify, and store data on the system’s hard drive.

Sandboxie changes the operational rules so that all write operations by isolated software are redirected, preventing permanent changes to your hard disk. This is achieved by storing all changes within the isolated environment, making it a key feature for users who need guaranteed protection against malicious or unintended system modifications.

• Intercept changes to your files and registry settings to block software from accessing areas outside the sandbox.
• Traps cached browser items into the sandbox as a by-product of normal operation. So when you throw away the sandbox, all the history records and other side effects of your browsing disappear as well.

Benefits of the Isolated Sandbox:

• Secure Web Browsing. If you run a web browser under the protection of Sandboxie, any malicious applications downloaded by the browser remain confined to the sandbox and can be easily removed.
• Enhanced Privacy. Browsing history, cookies, and cached temporary files collected during web browsing remain within the sandbox and do not leak into Windows.
• Secure E-mail. Any viruses or malicious programs in your email remain confined to the sandbox and cannot harm your system.
• Windows Stays Lean. Prevent wear and tear in Windows by installing the application into a remote sandbox.

Sandboxie Plus Features:

Sandboxie Plus offers a variety of new features that enhance security, compatibility, and the overall sandboxing experience.

Rule Specificity

• This feature applies rules according to their level of specificity, enabling subpaths to remain readable or writable while keeping parent paths protected.

Security-enhanced sandboxes

• Restrict syscall elevation to approved, known safe/filtered sys calls
• Limit access to device endpoints to known safe / filtered endpoints

Privacy-enhanced Sandboxes

• By applying a preset rule collection, you can protect all locations that may contain personal data. Applications running in boxes with personal data protection will encounter an empty PC with no user data available.

Compartment Mode

• This mode prioritizes compatibility over security. As such, Sandboxie’s token-based isolation scheme is not employed. Isolation is restricted to the file system mini filter, registry, and object callbacks. This approach may significantly enhance compatibility with various applications.

Virtual Disk Integration

• RamDisk support, introduced in the latest insider build, enables the creation of a virtual disk in your system’s memory using the ImDisk driver. This feature can enhance file access speed and increase confidentiality, as all data stored in the virtual disk is discarded when it is unmounted, either manually or automatically upon reboot.
• Encrypted Box Image support is currently under development to strengthen protection for sensitive data. This upcoming feature allows you to establish encrypted sandboxed environments, ensuring superior protection for your confidential data. Initially, the box file root will be mounted directly from an AES-XTS-encrypted box image, though support for additional ciphers is also planned. Exciting future updates to this foundational functionality will introduce secure box passphrase handling and a crucial driver extension to strictly prevent applications outside the encrypted sandbox from accessing your sandboxed files.

Enhanced network filtering and redirection

• A new feature added in recent Insider Builds, Proxy Injection, allows you to force any application to use a SOCKS5 proxy instead of a direct connection.
• This DNS logging, filtering, and redirection feature enables you to block or reroute DNS requests from sandboxed programs for specific domains.

WFP (Windows Filtering Platform) support

• With this feature, Sandboxie functions like an application firewall, applying rules for each box. This allows the same application to access the internet in one box while blocking it in another.

Windows 11 context menu integration

Process/Thread handle filtering (obCallbacks)

• This mechanism significantly enhances process isolation and strengthens overall system security.

Win32 syscall hooking

• This feature enables Win32 system calls to receive the same treatment as NT system calls, improving graphics and hardware acceleration.

New UI with dark mode and much more

• Sandboxie-Plus brings an entirely new Qt-based UI
• Customizable per-box run menu
• Global hotkey to terminate all boxes
• INI section editor for easy configuration of advanced options
• Box event triggers/scripts
• Ability to stop selected applications from running globally, regardless of box presets

Snapshots

• Sandboxie-Plus can create box snapshots, facilitating quick restoration of a box to a specified earlier state.
• A box set to auto-delete will automatically revert to the last snapshot when available, giving you a fresh, clean box each time while retaining preset configurations.

Enhanced debug/trace monitor

Fake admin privileges

• Allows for making all processes in a box think they have admin permissions and act accordingly, without the potential drawbacks of granting them admin permissions

Box-size monitor

• Monitor and list box size in their column

Start Menu integration

• Integrate start menu entries from sandboxes into the host start menu

Sandbox SID isolation

• Instead of employing a generic anonymous login SID, use custom SIDs for each box (such as Sandboxie/DefaultBox). This prevents processes from different boxes from accessing each other’s resources.

Breakout Process

• It allows you to specify which applications shall run unsandboxed when launched within the sandbox. Combining this mode with ForceProcess creates a straightforward priority system.
• Document BreakOut is an extension of the well-known Breakout mechanism that allows the opening of selected file types saved to an open file path from within the sandbox in an unsandboxed instance of the associated application.

USB drive sandboxing

• This feature automatically sandboxes any USB drive you plug into your computer, adding an extra layer of protection to your system.

EFS Support

• Support for EFS (Encrypted File System) protected files.