This is a simple configuration for Windows Sandbox with some basic tools installed.
For configuration options in the .wsb
file please read https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-sandbox/windows-sandbox-configure-using-wsb-file.
the following software is currently installed
- Visual Studio Code
- Notepad++
- Sublime Text
- Amazon Corretto
- 7-zip
- dosbox
- Sysinternals Suite
- UPX
- python2
- python3
- Ghidra
- x64dbg
- dnSpy
- Detect it easy
- AutoIT extractor
- HxD
- Wireshark
- Npcap (does not support silent install, you have to click next next next)
- Microsoft Edge Chromium
- PEStudio
- PE-Bear
- powershell script block logging activated
- sysmon with SwiftOnSecurity profile installed (view results in eventvwr)
First download all files by executing .\downloadFiles.ps1
inside powershell. This will grab all setups needed. Then run .\createSandboxConfig.ps1
once to create the .wsb
file. This is needed because relative paths are currently not supported by Windows Sandbox.
Then simply doubleclick the sandbox.wsb
file to launch the sandbox. This will install all needed software on start.