Installation

What's New

The AppControl Simulation feature has been fully integrated into the AppControl Manager GUI, with rewritten components and improved arbitration logic.
A new Advanced Code Integrity section has been introduced in the AppControl Manager app, offering detailed insights into system integrity.
The SHA3-512 hashing algorithm is now used for hashing files in the WDACConfig module, enhancing security standards.
Keyboard navigation in the AppControl Manager app has been improved, enhancing the selection experience for UI elements.
The color pickers on the Logs page have been refined, with clearer distinctions between selected colors and their labels.
The main navigation in the AppControl Manager app now dynamically adapts to window width, automatically switching modes for optimal responsiveness.
Implemented the process that finds and downloads SignTool from the Microsoft Nuget package natively.
Improved the updating experience in AppControl Manager by implementing progress bars and proper messages to communicate the real time status to the user.

A new GitHub workflow has been added for enhanced security and transparency, allowing the AppControl Manager to be built directly from the source code and generate verified artifacts publicly on GitHub. This workflow uses cryptographic signatures to ensure that the AppControl Manager MSIX package in the release section is verifiably built from the repository's source code and that workflow will upload the package with verification details to the release. Find more about the process in here.
Artifact attestations are used to establish provenance for builds. It guarantees that the package(s) you download from this repository are 100% created from the source code that exist in this repository.
SBOMs (Software Bill of Materials) are generated for the entire repository to comply with data protection standards and providing transparency. Together with attestation they provide SLSA L2 security level for the build process.

The repository's Extras folder has been removed; its PowerShell scripts are now embedded within corresponding Wiki articles, and all C# code previously in that directory has been integrated into the AppControl Manager app.
Windows 11 version 24H2 introduces several new features, including support for the SHA-3 hashing algorithm, enhancements to CiTool.exe that display which policies are signed and which are not, and the ability to remove App Control policies without requiring a reboot. Due to these advancements, both the WDACConfig module and the AppControl Manager app will require Windows 11 24H2 or later.
Updated some internal log names that were referring to "Windows Defender Application Control" to "App Control for Business" to match the new naming convention.
Improved code optimizations and applied best practices through the GitHub's CodeQL scans and detections.
Improved the bootstrapper script.
Added SHA3-512 hashes of all of the files in the WDACConfig module to the CSV file.
Created a text file in the AppControl Manager directory that will always contain the link to the latest version of AppControl Manager and it will remain up to date using an automatic GitHub action. It's used internally by the bootstrapper script and the application itself.

List of the merged PRs:

List of closed issues with this update:

To quickly install the latest version of the new AppControl Manager application use the following PowerShell one-liner:

(irm 'https://raw.githubusercontent.com/HotCakeX/Harden-Windows-Security/main/Harden-Windows-Security.ps1')+'AppControl'|iex