16 lines
795 B
Markdown
16 lines
795 B
Markdown
# Applocker
|
|
|
|
* Ruleset/policy for files and directories
|
|
* Config file is `secpol.msc`
|
|
* Sysadmins may create rules and push them to devices on the network.
|
|
|
|
## Categories
|
|
* `Executable Rules`, Determines what executables and applications can be run from specified directories.
|
|
* `Windows Installer Rules`, Determines what Installers can be run
|
|
* `Script Rules`, Determines what and where scripts can be run
|
|
* `Packaged app Rules`, Determines what pre-packaged Windows applications can be run
|
|
|
|
## Bypass
|
|
* Check for executable paths at [HackLikeAPornStar's repo](https://github.com/HackLikeAPornstar/GibsonBird/blob/master/chapter4/applocker-bypas-checker.ps1)
|
|
* [api0cradle's generic bypasses](https://github.com/api0cradle/UltimateAppLockerByPassList/blob/master/Generic-AppLockerbypasses.md)
|