EMET profile for Tor Browser

Windows 10 (1511)
EMET: 5.5.5871.31890
Tor Browser: 6.0.1

When configured, EMET will force enable these security settings for Tor Browser:

  • DEP
  • SEHOP
  • NullPage
  • HeapSpray
  • EAF
  • EAF+
  • MandatoryASLR
  • BottomASLR
  • LoadLib
  • MemProt
  • Caller
  • StackPivot
  • ASR

Steps

(Perform the following if you want to manually set this up and not simply import my prepared config file.)

  • Import > CertTrust
  • Import > Popular Software
  • Import > Recommended Software
  • Quick Profile Name: Maximum security settings
  • Apps > Add Application (find and select your *\Tor Browser\Browser\firefox.exe)
  • Enable ASR for Mozilla Firefox then add these ASR modules
    flash*.ocx;njpi*.dll;jp2iexp.dll;vgx.dll;msxml4*.dll;wshom.ocx;scrrun.dll;vbscript.dll
  • Enable ASR for Tor Project Firefox then add the same ASR modules:
    flash*.ocx;njpi*.dll;jp2iexp.dll;vgx.dll;msxml4*.dll;wshom.ocx;scrrun.dll;vbscript.dll
  • Enable ASR for Mozilla Firefox plugin container then add the same ASR modules:
    flash*.ocx;njpi*.dll;jp2iexp.dll;vgx.dll;msxml4*.dll;wshom.ocx;scrrun.dll;vbscript.dll
  • Disable “SimExecFlow” for Tor Project Firefox.

Example EMET view

2016-06-11