[WDACConfig] WDACSimulation should handle inaccessible files properly

HotCakeX / Harden-Windows-Security

Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Personal, Enterprise, Government and Military security levels | Read The Rationale https://github.com/HotCakeX/Harden-Windows-Security/blob/main/Rationale.md

MIT License

1.87k stars 148 forks source link

Discussed in https://github.com/HotCakeX/Harden-Windows-Security/discussions/224

^{Originally posted by **andy4871** April 2, 2024} I am having hard time using invoke-wdacsimulation. 1. It’s failing when gci does not have permissions to the path (e.g. c:\programdata\Microsoft\Windows Defender Advanced Threat Protection Cache). I can ignore it with by providing -EA Continue common parameter, but not sure it’s there right choice. Would be great to have a parameter to skip files/dirs to which the process cannot have access (and a separate log with list of skipped files) 2. It stops with: TerminatingError(Get-SignedFileCertificates): “Exception calling “Import” with “3” argument(s): “Cannot find the requested object.””

HotCakeX / Harden-Windows-Security

[WDACConfig] WDACSimulation should handle inaccessible files properly #225

Discussed in https://github.com/HotCakeX/Harden-Windows-Security/discussions/224