• expired

[PC] Free - Sandboxie (Was US $20)

1300

Previous paid features are now all free.

How it works

What is Sandboxie and how is it different than other solutions?
Think of your PC as a piece of paper. Every program you run writes on the paper. When you run your browser, it writes on the paper about every site you visited. And any malware you come across will usually try to write itself into the paper.

Traditional privacy and anti-malware software try to locate and erase any writings they think you wouldn't want on the paper. Most of the times they get it right. But first the makers of these solutions must teach the solution what to look for on the paper, and also how to erase it safely.

On the other hand, the Sandboxie sandbox works like a transparency layer placed over the paper. Programs write on the transparency layer and to them it looks like the real paper. When you delete the sandbox, it's like removing the transparency layer, the unchanged, real paper is revealed.


Sophos is excited to announce that we are making Sandboxie a free tool, with plans to transition it to an open source tool.

This new evolution of Sandboxie is one we are enthusiastic about, but that does not mean this was an easy decision to make. Sandboxie has never been a significant component of Sophos’ business, and we have been exploring options for its future for a while.

Frankly, the easiest and least costly decision for Sophos would have been to simply end of life Sandboxie. However, we love the technology too much to see it fade away. More importantly, we love the Sandboxie community too much to do that. The Sandboxie user base represents some of the most passionate, forward thinking, and knowledgeable members of the security community and we didn’t want to let you down.

After thoughtful consideration we decided that the best way to keep Sandboxie going was to give it back to its users – transitioning it to an open source tool. We will release more information about the open source project as we continue to work on the details.

Until the open source transition is completed we have decided to make all restricted features of Sandboxie completely free.

Related Stores

sandboxie.com
sandboxie.com

closed Comments

  • Great, since the included windows 10 sandbox is unstable.

  • paid $60USD for 5pc license 2 years ago… good tool to have around

  • VirtualBox is always free.

    • Agreed.
      This software seems like something you would give your grandparents/parents who somehow download every toolbar under the sun.
      If I were to use this software, it would just encourage me to click and download random programs.

      Also it's concerning that in their own demo program, a file outside of the sandbox gets encrypted by malware. You can see that the file "C:\Users\Public\Pictures\Sample Pictures\penguin.jpg" gets encrypted.

      At the end of the day I prefer CommonSense 2019.

      • Hahahaha that's gold. Damn good find. Ransomware isn't even designed to escape sandboxes (as far as I'm aware?) so that's a pretty big fail.

        • Except that Snowdragon is wrong and didn't watch the video carefully. The file outside the sandbox is there to show it doesn't get affected, only the one inside the sandbox does.

          • @rygle: Not sure how to copy a link with time on the useless yt app. Check at time 2:16. CL shows what files it has encrypted, which includes some files outside of the sandbox.

            • @incipient: But in the video the user also opens a pdf in the Documents folder and it's unencrypted. You can see this pdf also listed in the Malware's list.

              It just gives a list of all the files on the users hard drive(s), regardless of encryption or not.

            • @incipient: It only looks that way, but if you have used this or anything similar, you will know that those files, and anything else that is changed, are completely virtualized and will disappear when the container is turned off, which is the point.

              This technology and this app have been around for over a decade. Sophos would not be doing what they are if it didn't work. This is the technology that led to other very successful software like docker. It's solid.

          • @rygle: I understand now. You're right.

            It's just interesting that the malware says it is encrypted, but it isn't. I guess the malware just gives a list of the file structure and not files it has cryptolocked.

            • @SnowDragon: The malware has no idea it's in a sandbox.

              • @rygle: Interesting that the malware knows the location of the files are in the sandbox though.
                The sandbox should make it appear to the malware as the original location, like C:\Users\eddie\AppData

                Some malware these days can detect if its run in a sandbox, making it a little more risky to use for testing before a real environment. If they detect they are sandboxed they may do nothing, give false security to the user who then runs it outside the sandbox and gets hit with the payload.

                • @bamzero: …so that means the only true safe way would be either test the file in a vm or an air gapped pc….

                  • @Zachary:

                    If they detect they are sandboxed they may do nothing, give false security to the user who then runs it outside the sandbox and gets hit with the payload.

                    …so that means the only true safe way would be either test the file in a vm or an air gapped pc…

                    Sort of, and not really.

                    The default behaviour of most VM or sandbox aware malware is to simply not work at all, so that's a big red flag and an extra tick in the "suspicious" box for an unknown binary. It also means you're "safer" on a working machine because a whole class of malicious code will voluntarily not run at all.

                    The makers of this class of malware aren't trying to hide from clueless users: they're trying to disrupt analysis from malware researchers.

                    Ultimately people need to understand the strengths and limitations of something like Sandboxie in order to configure it best for their (or another's) situation. You can make it very restrictive or very porous, and it heavily depends on your understanding of the vectors of infection. I once used Sandboxie extensively, but I find a mix of software policies/script blocking/anti-exploit along with other general hardening is more than sufficient and far less tedious.

            • @SnowDragon: According to the malware it is encrypted - when sandboxie is closed the encrypted version is discarded.

      • Also it's concerning that in their own demo program, a file outside of the sandbox gets encrypted by malware.(youtube.com) You can see that the file "C:\Users\Public\Pictures\Sample Pictures\penguin.jpg" gets encrypted.

        Almost certainly a misconfiguration in the Sandboxie environment where they've allowed direct write back to that location. A bit embarrassing more than a Sandboxie issue.

        Agreed.
        This software seems like something you would give your grandparents/parents who somehow download every toolbar under the sun.

        They might be able to make use of it. But the biggest use case scenarios for this software will be for technically minded folk. Security analysts, systems admins, etc.

        VirtualBox is always free.

        VirtualBox isn't always helpful when you want to play around with malicious software designed to not run if it detects a VM, especially if you don't have to skill set to configure a VM look like its running on a physical.

        • @Tardvark

          They might be able to make use of it. But the biggest use case scenarios for this software will be for technically minded folk. Security analysts, systems admins, etc.

          Pretty much. It's more than possible to set it up for other users, but the challenge is the usual ease of use vs restrictiveness.

      • +3 votes

        Good catch!
        The file though, is inside Sanboxie. The original file is not encrypted.
        The path shown in a sandboxed app is determined by how the program fetches the directory info.
        Sometimes it will use the raw filepath, other times it will be the sandboxed filepath.
        Rest assured everything is isolated

      • +2 votes

        I prefer CommonSense 2019.

        That's not free though !!!

    • +16 votes

      But VirtualBox requires a whole windows installation that has to be blown away completely. Much more complicated than this.

      Sandboxie only blows away exactly what each application installed, whether dlls, registry entries, settings in appdata, etc., leaving windows as it was.

      And the video shows that only the file inside the sandbox was encrypted, while the one outside remained untouched by the encryption malware…

      • Oh come on. You're acting like there aren't save states for VMs in VirtualBox.

        • Sandboxie isn't competing with VM software, it also doesn't use at least 2 Gigabytes of ram like a VM would.

        • No, not at all. But it takes a bit to set that up, it takes a lot of space, and is heaps more complicated overall.

          If I were to show someone how to use Sandboxie vs using VirtualBox, creating a VM, installing Windows, getting files into the VM and doing save states then restoring, that's way more complicated.

          But if you like that, fair enough, all power to you. Why not air gap as well?

    • Different tools different jobs - sure you can use it as a sandbox, but that's not anywhere near as convenient as sandboxie for some simple tasks (and sandboxie likely has better performance).

      They are two good tools.

    • The license for running Windows inside it might not be (if you care about that sort of thing).

  • Is this a good method to run a browser in to stop tracking cookies from Facebook etc?

  • Windows 1903 has a built-in sandbox now. I guess it makes Sandboxie redundant.

    • Sooo Wright Bros are OK then?

      Window's 10 is redundant so Sandboxie and 7 are just fine.

      Thanks OP.

    • Windows Sandbox is only available to Windows 10 Pro or Enterprise users.

    • Didn't realize Windows was rolling their own sandbox. Gonna test if I have it.

      A quick google shows that it looks Windows 10 Sandbox presents the sandbox environment as if it was a VM. Is it possible to only show only the sandboxed application without the entire sandboxed desktop around it? So it feels more like Sandboxie or VMware/Virtualbox in Unity mode?

      I used to launch 2 instances of Starcraft 2 using Sandboxie so I could control 2 accounts on the same computer. Wonder if that's possible with Window's version.

      • it looks Windows 10 Sandbox presents the sandbox environment as if it was a VM.

        That's because Windows 10 Sandbox is a VM.

        (albeit a very lightweight one)

  • Damn good software for running dodgy .exe files you get from the net.
    Was planning to buy a full version 2 month ago, glad I waited!

  • I moved to Comodo virtual desktop.. steeper learning curve to use,however it runs things that would crash in Sandie box.

    • Comodo virtual desktop..

      Is it free?

      • Well I didn't pay for it, comes free with the free version of Comodo internet security suite.

        Downside is ever 6 months you'll need spend several minutes to reject the upgrade to the paid pro version.

        And any popups such as firewall warnings can't be seen on the virtual desktop, you need to switch to your real desktop to manage them.

        To access the Control panel you need a batch file to launch it, from there installing and uninstalling apps installed virtually seemed to work ok.

  • is there a direct link?

    • Stop being lazy. It's literally on the page right in front of you after you open it.

      • lol. You were too lazy to check it yourself! There is no direct link on that page. Those links redirect to a license agreement page & then an export compliance form that requests personal info.
        Quit being a jerk & try adding something constructive to the conversation instead of just trying to cut other people down.

      • ^^^dis guy the reel mvp

      • can't seem to download it says
        <Error>
        <Code>AccessDenied</Code>
        <Message>Access Denied</Message>

        • …hey you're right…. Hmmmmmmmmmm…………….well then I guess it wasn't really a direct link at all but a temporary expiry one….. link 2's work but you have to accept the End User License Agreement & Privacy Policy's….and still need to fill in the compliance form for them….

          I guess I can host it on a thirdparty if you want…?

          • @Zachary:

            I guess I can host it on a thirdparty if you want…?

            It would be more convenient for the rest of us if you simply kept agreeing to the EULAs and updating your post regularly with new links as the old ones expire.

            Thank you in advance for your service.

            • @RJK: That would require 24/7 surveillance of the links…

              • @Zachary: Yes no one said it was going to be easy, but I'd say it's worth it if it saves the rest of us a few clicks.

                • @RJK: Here you go, just because I feel in a good mood today.

                  New link - universal installer mirror
                  New link - 32-bit installer mirror
                  New link - 64-bit installer mirror

                  ==================================================
                  Filename : SandboxieInstall64-531-4.exe
                  MD5 : c4222aae0ee42f1dafd042150a17227b
                  SHA1 : 780b11cfda684232fda5e39de42749fc86800f6d
                  CRC32 : 989a49c0
                  SHA-256 : 29e03c552ab58515cf1714d7813ad25e3a79e3b2866e1c7d1146e4ad657188b6
                  SHA-512 : c8b171f32b79a1464aa3903364e2e475de7d9c18207b8999f06d833f93b5b89f0197445291443e4fdd2b6f93976932ff06dac6998546d24eca310342ab9d9a79
                  SHA-384 : 17a9e030aa90deb0559ef28aec9c47458de2cabaaa37bbab10506f05bc652d5718cd6e984a5f06eb17d82eed72303ee7
                  Modified Time : 19/10/2019 8:19:59 PM
                  Created Time : 19/10/2019 8:19:42 PM
                  Entry Modified Time: 19/10/2019 8:19:59 PM
                  File Size : 3,348,920
                  File Version : 5.31.4
                  Product Version :
                  Identical :
                  Extension : exe

                  File Attributes : A

                  ==================================================
                  Filename : SandboxieInstall32-531-4.exe
                  MD5 : 3f68c50a9cc59e94c6a87682b09407d7
                  SHA1 : 920dcef5fff28dce61260775555839ca93937038
                  CRC32 : 100d094c
                  SHA-256 : 308fad6470273d037b7f832b75533248a920df3bb5fb59381a40600a4e44b9a5
                  SHA-512 : 8a3eadbe2ed7e63f1411a466929c263e2a363be260bb4b0cd96f52bd891aede095f9c9fec1e1862d0e5121c4dd13aa43eadd8908699a484644d29f4f23c83c1a
                  SHA-384 : 710d97290067d3a4a49b1e5397a2c276f926ceb4d44745fa66079f61ec2aba03ea0b2610c43f0a6aa50258b37afec608
                  Modified Time : 19/10/2019 8:19:25 PM
                  Created Time : 19/10/2019 8:19:14 PM
                  Entry Modified Time: 19/10/2019 8:19:25 PM
                  File Size : 2,711,440
                  File Version : 5.31.4
                  Product Version :
                  Identical :
                  Extension : exe

                  File Attributes : A

                  ==================================================
                  Filename : SandboxieInstall-531-4.exe
                  MD5 : 321eb38b888b2b24a99f8a82ceee7397
                  SHA1 : ead1f38ef413259e8ad5721622d320b4435565a3
                  CRC32 : a488216c
                  SHA-256 : 4577a1f5af37a9d2203e62dd49da947c79f5a0b0c679dd8db601aab5c0d57c6a
                  SHA-512 : 0ea6a423c7cda9bb6076acce452c911b7c8ea265933b8985827aebfe75717412c51d1cf1bd1669fa594b5ba02ae6bef11ae88734e2c78e8e79a5fa058032e89f
                  SHA-384 : f55566c3193b7c8149342578ede67101600c92d78ad13f1388a2e1d3210469af3b3386c195deff1c5f5dbccf04069737
                  Modified Time : 19/10/2019 8:17:51 PM
                  Created Time : 19/10/2019 8:17:31 PM
                  Entry Modified Time: 19/10/2019 8:17:52 PM
                  File Size : 6,159,000
                  File Version : 5.31.4
                  Product Version : 5.31.4
                  Identical :
                  Extension : exe

                  File Attributes : A

                  • @Zachary: @Zachary

                    I hope someone makes good use of your effort :)

                    I've actually had a lifetime licence for nearly 10 years, so I was mainly here to see what people were saying about this tool. I used to use it heavily to test various security setups, but these days I just use script blocking, software policies, and anti-exploit.

  • For webbrowsing I use
    Bluestacks, I don't have to mess around with exclusions,antivirus warnings, script blocking etc, which you still to deal with in a sandbox environment. Probably use less resources than a win 7 VHD, especially when I use Bluestacks a lot on my 8 gig ram laptop.

  • I got a friend who uses this for mass botting in whatever MMO is their current flavour of the month lol.

    • I used to use this software to play on WoW private servers since you could install a base version of WoW like 2.4.3 and play all the private classic servers then if you want to play on a different server that requires a newer patch you create a sandbox and install the patches and you don't have to waste the hard drive space of having 2 entirely seperate installs.

    • I used to use this for metal farming on Team Fortress 2. Fire up 10 Steam accounts and join an idle server and what those free guns come in lol.

  • Sandboxie is an extremely well crafted piece of software that is lightweight compared to full virtualization solution. In is normally activated through the right clcik context menu.

    Uses:

    1. Install software into sandbox so it doesn't bloat your system with unnecessary registry entries, services and dlls, then extract the software from the sandbox directory (I have done this is Adobe programs, they work perfectly once they are moved into a normal directory)

    2. Testing new programs out without them making any permanent changes to your system (particualy good for trial based software)

    3. Installing software from dodgy sources (warez), running key generators, etc . Prevents malware from installing adware, randsomware and so on into your Windows system directory. Changes are contained inside the sandbox.