I'd like to know does virtualization make use of a virtual machine (such as guest/host OS) but still deploys hooking in its implementation (just like sandboxing) ?
Basically, you have tools like Sandboxie that offer sandboxing combined with virtualization on the real machine. And you have tools like VirtualBox that offer full virtualization on a virtual machine, that's running on top of the real machine. I'm not sure if VirtualBox is hooking the system, but it's likely. Why do you want to know this? Nice find, will do some reading.
I've read here that there are layering associated with virtualization but then my next question is how is the layering implemented ? http://www.it20.info/2007/03/hardwa...virtualization-vs-application-virtualization/ (points out layering file and registry)
I think it's better to ask this stuff on Stack Exchange. And thanks for the links, personally I'm mostly interested in Application Virtualization.
Your welcome. I've discovered from one source that Application Virtualization makes use of hooking a fair bit but that's coming from just one source.
Yes correct, here is some more general info: http://www.malwaretech.com/2014/10/usermode-sandboxing.html https://www.malwaretech.com/2015/09/advanced-desktop-application-sandboxing.html
Sand boxing is simply isolating a product away from every other product. Virtualization is the use of a computer within a computer but the scope is not limited to that. The virtualization is segregated to an extent but still highly accessible. Some major concerns for sand boxing and virtualization is hopping from the VM to the actual host.