AppLocker Enumeration

Enumerating AppLocker configurations present within the domain or the machine.

Discover the AppLocker policies. You may need to retrieve the AppLocker policy based on its unique LDAP path as shown the last example.

C:\> reg query HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\SrpV2\Exe\

PS C:\> (Get-AppLockerPolicy -Local).RuleCollections
PS C:\> Get-AppLockerPolicy -Effective -Xml
PS C:\> Get-ChildItem -Path HKLM:Software\Policies\Microsoft\Windows\SrpV2 -Recurse
PS C:\> Get-AppLockerPolicy -Domain -LDAP "LDAP:// DC13.Contoso.com/CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=Contoso,DC=com

PreviousGroup Enumeration NextVBA Macros and the Windows API

Last updated 3 years ago