“AaronLocker” updates (13 May 2019)

Article
05/14/2019

Hot on the heels of yesterday's changes, "AaronLocker" now handles EXE and DLL files with non-standard extensions. Scan a directory with, say, "*.pyd" files or "*.api" files or any other non-standard extension, the "AaronLocker" scripts now identify them, distinguish whether they are Win32 EXE or DLL rules, and builds rules to cover them.

Reminders of "AaronLocker" resources:

7 minute "Intro to 'AaronLocker:'"
https://youtu.be/nQyODwPR5qo

13 minute "AaronLocker Quick Start" - how to build, customize, and deploy robust and practical AppLocker rules quickly using AaronLocker:
https://youtu.be/E-IrqFtJOKU

All scripts and full documentation on GitHub:
https://github.com/Microsoft/AaronLocker

Blog posts:
https://blogs.msdn.microsoft.com/aaron_margosis/tag/aaronlocker/

“AaronLocker” updates (13 May 2019)

Additional resources