WDACConfig

WDACConfig (Windows Defender Application Control) Module

WDACConfig is an advanced PowerShell module designed with the aim of automating Application and File whitelisting in Windows using Windows Defender Application Control. You can always find its source code on GitHub and Install it from PowerShell Gallery.

This page is also available on my website.

Requirements

PowerShell 7.3.4 and above
Windows 11 version 22H2 and above
Administrator Privileges
Internet Connection

Features

Uses the official documented methods on Microsoft websites only.
Checks for new version when you run it and will update itself automatically if necessary.
- (This can be bypassed if -SkipVersionCheck is used, but not recommended).
Detailed change logs available in Excel online.
Actively trying to design it with Microsoft Security Development Lifesycle (SDL) guidelines in mind.
The module goes through Extended Validation before each update is released to make sure everything works perfectly.

VIDEO: How to Configure, Use and Setup Unsigned WDAC (Windows Defender Application Control) Automatically using WDACConfig PowerShell module

VIDEO: How to Configure, Use and Setup Signed WDAC (Windows Defender Application Control) Automatically using WDACConfig PowerShell module

How to use it

Install the module

Install-Module -Name WDACConfig -Force

Start using it

WDACConfig -<Press Tab for auto parameter completion>

To get help and syntax on PowerShell console, type:

"Get-Command -Module WDACConfig"
"Get-Help New-WDACConfig"
"Get-Help New-SupplementalWDACConfig"
"Get-Help Remove-WDACConfig"
"Get-Help Edit-WDACConfig"
"Get-Help Edit-SignedWDACConfig"
"Get-Help Deploy-SignedWDACConfig"
"Get-Help Confirm-WDACConfig"
"Get-Help New-DenyWDACConfig"
"Get-Help Set-CommonWDACConfig"
"Get-help New-KernelModeWDACConfig"
"Get-help Get-CommonWDACConfig"
"Get-help Invoke-WDACSimulation"