Get-AppLockerEventlog - Script For Fetching Applocker Event Log By Parsing The Win-Event Log

This script will parse all the channels of events from the win-event log to extract all the log relatives to AppLocker. The script will gather all the important pieces of information relative to the events for forensic or threat-hunting purposes, or even in order to troubleshoot. Here are the log...

AppLocker Policy Bypass

Exploit Title: AppLocker 'Packaged App' Installation Policy Bypass Date: 2/1/20 Exploit Author: Social Engineering Neo - @EngineeringNeo Vendor Homepage: https://microsoft.com Software Link: N/A Version: Windows build 18363.535 and below. Tested on: Windows 10 build 17763.253, 18362.295, 18362.35...