Attack Surface Reduction Rules can be set on different ways. If you don't use any Device Management and no Group Policies, there's only one way left: Powershell. But this is not as userfriendly as I hoped (especially the GUID). So I developed GUI for setting ASR Rules via Powershell.
Download the Powershell Script from here and run it: https://github.com/hemaurer/MDATP_PoSh_Scripts/tree/master/ASR%20GUI
You can set attack surface reduction rules for devices that are running any of the following editions and versions of Windows:
The Powershell Script as well as the Exe have to run in admin mode to work properly.
For development and testing you might need to set the Powershell ExecutionPolicy to Unrestricted. Because of Security Risk it is recommended to set the policy to restricted after finishing development.
Before Development:
Set-ExecutionPolicy Unrestricted
After Development
Set-ExecutionPolicy Restricted
There is no installation as the EXE is based on the Powershell Script.
Thanks to
for Inspiration and initial Code base which is used in the "Report"-Function.