Implementing FilePath and PFN based rules in AppControl Manager

[HotCakeX]

The AppControl Manager now supports 3 more rule types for both Supplemental policies and Deny base policies:

• File path rules for each file.
• File path rules based on wildcards for each folder (that means any file that resides in the selected folder will be automatically allowed).
• PFN based rules for packaged apps (Package Family Name)

With these 3 additional rule types, you can allow your apps, files and folders in new ways that suit your needs.

Keep in mind that the most secure rule types are signature based ones such as FilePublisher.

Read more about rule type security in this article:
https://github.com/HotCakeX/Harden-Windows-Security/wiki/WDAC-Rule-Levels-Comparison-and-Guide

[Copilot]

Copilot reviewed 7 out of 14 changed files in this pull request and generated 3 comments.

Files not reviewed (7)

• AppControl Manager/Pages/CreateDenyPolicy.xaml: Language not supported
• AppControl Manager/Pages/CreateSupplementalPolicy.xaml: Language not supported
• AppControl Manager/XMLOps/Master.cs: Evaluated as low risk
• AppControl Manager/XMLOps/SignerAndHashBuilder.cs: Evaluated as low risk
• AppControl Manager/Others/FileBasedInfoPackage.cs: Evaluated as low risk
• AppControl Manager/IntelGathering/ScanLevels.cs: Evaluated as low risk
• AppControl Manager/XMLOps/NewPFNLevelRules.cs: Evaluated as low risk

Comments suppressed due to low confidence (1)

AppControl Manager/Others/FilePathCreator.cs:3

• The class constructor uses a syntax that might not be compatible with all versions of C#. Consider using a more traditional constructor syntax.

internal sealed class FilePathCreator(string filePath, string minimumFileVersion, int siSigningScenario)