Skip to content

Commit fc43a3d

Browse files
WildByDesignWildByDesign
authored
Update README.md
1 parent e30db1d commit fc43a3d

File tree

1 file changed

+3
-40
lines changed

1 file changed

+3
-40
lines changed

README.md

Lines changed: 3 additions & 40 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
# App Control Tray Tool
1+
# App Control Tray & Policy Manager
22

33
I created this App Control System Tray Tool to facilitate more efficient changing of App Control policies. Specifically, I wanted a way to quickly switch between Enforced Mode and Audit Mode so that I could review logs and change rules in the policies as necessary. Since this has really helped benefit my application allowlisting journey, I wanted to share it so that others could also benefit.
44

@@ -14,51 +14,14 @@ I created this App Control System Tray Tool to facilitate more efficient changin
1414

1515
![WDAC3screen](https://github.com/user-attachments/assets/e3294dd1-3eb1-4b38-8899-7c935303b7b9)
1616

17-
![TrayStatus](https://github.com/user-attachments/assets/2ddac0cc-cfb0-4c5c-a30b-23f0be3e7d14)
18-
19-
![wdactray3-blocked](https://github.com/user-attachments/assets/ce6f04dd-0dc9-443b-8a92-2ad825670b64)
20-
21-
![wdactray3-audit](https://github.com/user-attachments/assets/55cf14b9-707c-40b0-94c8-b0f95d01c71d)
22-
23-
![wdactray3-refresh](https://github.com/user-attachments/assets/2690a8bf-2a20-4a75-bbb3-bec39526443e)
24-
2517

2618
### Main Files:
2719

2820
`AppControlTray.exe` - System tray tool which run **unelevated** at all times.
2921

22+
`AppControlManager.exe` - App Control for Business GUI
23+
3024
`AppControlHelper.exe` - Command line-only tool which runs only specific **elevated** commands from AppControlTray related to CiTool commands and Event Viewer.
3125

3226
`AppControlTask.exe` - Command line-only tool which runs only specific **unelevated** commands from AppControlTray related to Scheduled Tasks, Toast Notifications and policy conversion.
3327

34-
### Policy Type:
35-
36-
At the moment, this tray tool only supports Multiple Policy Format since that is what I have always used since inception. Although at some point it could be extended to support Single Policy Format as well.
37-
38-
### Usage:
39-
40-
This tray tool makes use of compiled policy binaries (*.cip) that you would ideally already have. There are some included just for simple testing purposes.
41-
42-
To add new policies or update existing policies, simply select the tray menu option `Add or Update Policies`. This will bring up a standard file selection dialog which you can use to select any number of policy files. The selection will be parsed and those policies will be applied immediately via `CiTool -up` for each policy selected.
43-
44-
To remove policies, select the tray menu option `Remove Policies`. You can select as many policies for removal as you want. Those selections will be parsed and the policies will be removed immediately via `CiTool -rp` for each policy selected.
45-
46-
47-
### Compiling:
48-
49-
To compile the script, you need to use SciTE4AutoIt3 which is available here: https://www.autoitscript.com/site/autoit-script-editor/downloads/
50-
51-
52-
### Testing:
53-
54-
The example policies included in this are just for testing purposes and should not be used other than for testing.
55-
The policies basically allow for everything to run. There is one Deny rule for the purpose of testing this tray tool
56-
which is `*\test\speedyfox.exe` so that you can test the tray tool going from Audit Mode to Enforced Mode and vice versa.
57-
58-
59-
### Toast Notifications:
60-
61-
This is implemented now with the simple Enable Notifications option now on the system tray menu to enable/disable toast notifications.
62-
63-
Toast notifications are implemented using KDE's Snoretoast app:
64-
https://invent.kde.org/libraries/snoretoast

0 commit comments

Comments
 (0)