Talk with an expert
A pre-exploit product that detects and blocks file-less malware injection attacks, even if they are running undetected today.


File-less injection malware is a type of malicious code execution technique that operates completely within process memory and unseen by the user. Over 75% of new malware today uses this type of injection method – these are the attacks that Harpoon stops before they can do any harm.


A type of malicious software cyber criminals use to block you from accessing your own data. This attack encrypts the files on a computer, renames them and then holds it hostage until the ransom is paid. Harpoon prevents the encryption and locks out the cyber criminals.


When attacks are detected and blocked, Harpoon provides alert and alarm notifications to the user via a plain text or CSV log file. These log files can be reviewed in Windows Event Viewer or exported to a data aggregation platform or Elastic.



  • Microsoft certified Windows application
  • Detection and blocking of file-less injection malware in real-time
  • Supported operating systems (both 64-bit and 32-bit): Windows Server 2012 R2, Windows 10, Windows 8.1, Windows 8, Windows 7.
  • Harpoon Security provides the following protection methods:
    • Malicious DLL injection detection and prevention
    • Export Address Table access filtering (EAF)
    • Atom Tables code injection (AtomBombing)
    • Export Address table access filter plus (EAF+)Harpoon Security can monitor the system in the following modes:
    • No Action mode (Log Only). The default mode of Harpoon Security. In this mode, HarpoonSecurity detects the DLL injection and informs the user about it without preventing the attack or killing the detected malware process. If the Web Service is installed, the No Action mode is automatically switched to the Prevention mode after the Agent receives the whitelist rules from the Web Server.
    • Prevention mode (Access Denied). In this mode, Harpoon Security detects and prevents attempts of the DLL injection without killing the detected malware process.
    • Kill mode (Kill Attacker). In this mode, Harpoon Security detects the attempt of the DLLinjection, prevents the attack, and kills the detected malware process.

Defending Against

Zero Day Attacks

CybrHawk Harpoon Security is not another Anti-Virus end point protection product

The Windows Operating System has Exploit Holes that Don’t Require Flawed Software

  • Identify and Block Attacks before damage occurs
  • Simple add-on to any AV and Next Gen AV solution
  • ‘Works to protect at the kernel level of Windows OS memory sono other malware can be injected.
  • Works with virtual Windows end points and cloud-basedendpoints
  • Integrates into any SIEM environment
  • Can be deployed in seconds without rebooting WindowsEndpoints
  • Works completely in stealth mode with no impact to users