JJK96 / applocker_parser Public

Notifications You must be signed in to change notification settings
Fork 0
Star 0

Parse GPOs (based on gpohound) to extract Applocker XML files

0 stars 0 forks Branches Tags Activity

Notifications

Name		Name	Last commit message	Last commit date
Latest commit History 2 Commits
README.md		README.md
parse.py		parse.py

Repository files navigation

Applocker parser

Parse gpohound output for AppLocker policies. For each of these policies, extract the XML contents from the registry values in the GPO.

Usage

Run gpohound to obtain JSON output:

gpohound dump --json 2> gpohound_dump.json

Then run this parser:

python parse.py gpohound_dump.json

About

Parse GPOs (based on gpohound) to extract Applocker XML files

pentesting group-policy applocker gpo red-teaming gpos

Report repository

Releases

No releases published

Packages

No packages published

Languages

Python 100.0%