The Best Sandbox Tools to Safely Test Windows Programs
Pinterest Stumbleupon Whatsapp
Advertisement

When testing a new, unknown program, there is one sure way to keep your computer from harm: use a sandbox environment.

If the program is unstable, malicious, part of an adware bundle, or even a virus, the sandbox environment is isolated from the rest of your system. That means no interference, no virus, no malware, and so on. And all you have to do is delete the offending article from your system.

Sounds great, right? Well, there are a few different sandbox programs available to Windows users. Here are seven of the best in no particular order.

1. Sandboxie

best sandbox security tools for windows

Sandboxie remains one of the most popular sandbox programs for Windows. One of the best things about Sandboxie is the price point; it’s free! Furthermore, it is lightweight and comes with a host of advanced features.

The main Sandboxie feature is to run an existing program within the sandbox environment. For instance, you can add Google Chrome to Sandboxie, then select Sandbox > Default Box > Run Sandboxed > Run Google Chrome. Slightly slower than clicking the link on your Taskbar, but ultimately providing an ultra-secure environment on demand.

Another great feature is sandbox linking. For instance, if I open Google Chrome in Sandboxie, download and install Slack, the Slack iteration is also within the secure sandbox environment.

2. SHADE Sandbox

best sandbox security tools for windows

Like Sandboxie, SHADE is a great free sandbox program popular with a variety of user types. Compared to Sandboxie, SHADE has a very minimalistic user interface, making it much easier for new users to navigate. Furthermore, menu options are limited to what is necessary, and the entire sandbox is easy to control using few options on display.

SHADE uses a drop and drag system. Find the program icon you want to sandbox, then drag and drop it into the SHADE application box. The program will automatically start in the SHADE sandbox next time you open it (presuming SHADE is also active). In this, SHADE really is a great choice for sandbox novices, adding an extra layer of security without having to worry about turning things on and off.

3. Turbo.net

Turbo.net packages applications into an individual virtual environment, known as a container, and runs on top of your operating system. In this, Turbo.net is akin to a lightweight virtual machine.

In fact, the application sandboxes are built on top of the Turbo Virtual Machine Engine, a custom virtual machine developed by Turbo. Turbo virtualizes and isolates the entire process so the sandboxed applications never directly interact with the host system.

However, unlike a “full” virtual machine running a whole operating system, Turbo uses only a fraction of the resources. Furthermore, Turbo offers some virtual networking functionality allowing you to link individual containers.

4. Toolwiz Time Freeze

Toolwiz Time Freeze works differently to Sandboxie and SHADE. Instead of opening and individually sandboxing applications, Toolwiz Time Freeze takes a snapshot of your entire operating system, saving its current state.

After the snapshot, you’re free to install an application, make changes, or just play around with Windows. When you restart your system, “every change in the system partition” is discarded, returning your system to its original state System Restore On Reboot - Deep Freeze Your Windows Installation With Free Tools System Restore On Reboot - Deep Freeze Your Windows Installation With Free Tools If you've ever wanted to maintain a system state to keep it secure and not allow any changes, then you might want to try deep freezing your Windows computer. Read More .

Toolwiz, then, is great if you want to install something without the limitations of a virtual environment, or the precise sandboxing of some of the other options on the list.

As well as adults testing applications and different settings, Toolwiz is a great tool for letting your kids go wild on your PC. You can let them click and explore, delete, modify, and generally find their way around without consequence. Just make sure Toolwiz is turned on before letting them go!

5. BitBox

BitBox, or Browser in the Box, is a great free tool that allows you to browse the web using a secure sandbox environment. BitBox is essentially a web browser installed on a copy of VirtualBox, running a reduced (Linux) operating system.

You have a choice of BitBox Firefox or BitBox Chrome, and the installer package takes care of anything technical. (What is the most secure browser, anyway?)

BitBox is great if you don’t want to mess around with installing an operating system in a virtual environment of your choice. As it is one package with a minimal interface, BitBox certainly increases overall security. But because it is running a virtual environment and a browser, BitBox can at times be a bit of a resource hog. The following video shows how to install BitBox and what to expect along the way (the video is a little quiet, however).

6. BufferZone

BufferZone is an advanced sandbox solution that allows the creation of virtual spaces. You can limit a BufferZone virtual space to certain activities and programs (e.g. a space that accesses emails, open attachments, and their corresponding web pages.)

But despite being one of the more advanced sandbox options on this list, BufferZone is still easy to set up and use (even if the UI is a little dated).

7. Shadow Defender

Shadow Defender works like Toolwiz. Once installed, you turn Shadow Defender on, and it takes a virtual snapshot of your entire system. When you’re done tinkering with the system, you simply reboot, and your system restores to its snapshot image.

Shadow Defender, however, has many more options than Toolwiz, such as full-disk virtualization and Master Boot Record protections. Want an example of just how good Shadow Defender is? The following video shows a system returning to normal after the notorious Petya ransomware forces a reboot.

8. Virtual Machines

The final option is the manual route: your own virtual machine, isolated from the rest of your machine. Installing a virtual machine application like Oracle’s VirtualBox or VMWare Workstation is an easy process.

Then you have almost free reign over what operating system to run; we’ve covered downloading and installing Windows XP, creating a macOS virtual machine, various Linux distributions, and even Raspberry Pi.

Of course, if you’re looking to test a specific program, you’ll need to install the correct host operating system. But if you want to play around and tinker 7 Practical Reasons to Start Using a Virtual Machine 7 Practical Reasons to Start Using a Virtual Machine The term "virtual" has been co-opted in so many ways. Virtual reality. Virtual RAM. Virtual schools. But Virtualization in the context of PCs can be confusing. We're here to clear it up. Read More with the inner workings of an operating system, a virtual machine is a great option. Also bear in mind that some malware variants can escape the confines of a virtual machine, so double check before unleashing something nasty onto your host device.

Start Using Sandboxes for Security

You now have eight awesome sandbox options to cover almost any eventuality. But did you know that you use sandboxes already?

The same sandbox technology in this list also protects your iPhone, your Android device What Is The Most Secure Mobile Operating System? What Is The Most Secure Mobile Operating System? Battling for the title of Most Secure Mobile OS, we have: Android, BlackBerry, Ubuntu, Windows Phone, and iOS. Which operating system is the best at holding its own against online attacks? Read More , and your web browser. The long-rumored Windows 10 S Mode uses a sandbox of sorts to stop x86 and x64 apps running, limiting the operating system to Windows Store apps only.

Enjoyed this article? Stay informed by joining our newsletter!

Enter your Email

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Andreas Toth
    May 21, 2018 at 4:19 am

    Sandboxie is the only Sandbox that keep changes clearly discoverable, something which is very important when wanting to work out if a software is dumping an unwanted payload or changes on your system or not.

    Sandboxie is also a sandbox on a process-level and not a system-wide level. This is an important distinguishing feature since users don't want to lose changes that should remain on the system; for example, a user may have written a document and saved it to the system. If one then starts a compromised executable and it attempts to attack the system but one is using a system-wide sandbox, that document will be lost. once the system is rolled-back. Of course, that means that users have to know to invoke the sandbox for a process in order to remain protected. However, as always, education and knowledge is power.

    Sandboxie does have a giant flaw, though: it stores all those changes in an unprotected directory in the root of the system drive allowing any user with access to the system to see changes that should have been local to a specific user only.

    P.S. Sandboxie is free fro home users. Yes, it does have a five second start-up delay, but it's worth it considering what it does.

  2. Fred Thompson
    March 1, 2018 at 1:06 am

    No way to download BufferZone. The site makes pretty big promises but it's clearly an enterprise-level solution. Doesn't Comodo's free firewall have a sandbox?

  3. Someguysmail
    February 28, 2018 at 5:56 pm

    Sandboxie is NOT Free. It costs $21 per year for home use.

    • Godel
      March 29, 2018 at 10:38 pm

      I believe Sandboxie is still free if you're willing to put up with a nag screen and small time delay on startup.
      I used to use it but Sandboxie stopped working because of a conflict with my antivirus program (Kaspersky) which hijacked some of the necessary operating system hooks.