Skip to content

Commit

Permalink
AppControl Manager is now Native AOT and Fully Trimmed (#608)
Browse files Browse the repository at this point in the history 
✅ This change reduces the MSIX package file size from 85MB down to 32MB and the MSIXBundle package file size from 162MB down to 65MB (because it contains both ARM64 and X64 packages).

✅ The performance and launch time of the AppControl Manager has been substantially improved thanks to being natively compiled into machine code. That means more work is done during the packaging process and less time is spent on user's system.

✅ Removed the old DataGrid package and replaced it with the modern built-in ListView. This changes fixes an issue that was previously present due to the old design of DataGrid. As a result, you no longer see a message in the Settings page of the app when running the app in a VM and animations are not enabled on the system.

✅ The design of all of the data grids have been changed, they are more modern, touch friendly and custom built specifically for the AppControl Manager application. One of the benefits it has is that I can improve it whenever necessary without needing to wait for a 3rd party, making the project more independent.

✅ Bumped the app version to 1.9.1.0

✅ Increased the amount of information that is written to the log file in case there is an error in the app, it provides more information about the cause of it.
  • Loading branch information
@HotCakeX
HotCakeX authored Feb 21, 2025
1 parent 5f527ff commit 5c5ab4c
Show file tree
Hide file tree
Showing 95 changed files with 10,869 additions and 7,550 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/Build AppControl Manager MSIX Package.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ jobs:
if ($LASTEXITCODE -ne 0) { throw [System.InvalidOperationException]::New('Failed to install .NET SDK') }
Write-Host -Object "`nInstalling Visual Studio Build Tools" -ForegroundColor Magenta
$null = winget install --id Microsoft.VisualStudio.2022.BuildTools --exact --accept-package-agreements --accept-source-agreements --uninstall-previous --force --source winget --override '--force --wait --passive --add Microsoft.VisualStudio.Workload.ManagedDesktop --add Microsoft.VisualStudio.Workload.VCTools --add Microsoft.VisualStudio.Workload.MSBuildTools --add Microsoft.VisualStudio.Workload.UniversalBuildTools --add Microsoft.VisualStudio.ComponentGroup.WindowsAppSDK.Cs --add Microsoft.VisualStudio.Component.VC.Tools.x86.x64 --add Microsoft.VisualStudio.Component.VC.v141.x86.x64 --add Microsoft.VisualStudio.Component.Windows11SDK.26100 --includeRecommended'
$null = winget install --id Microsoft.VisualStudio.2022.BuildTools --exact --accept-package-agreements --accept-source-agreements --uninstall-previous --force --source winget --override '--force --wait --passive --add Microsoft.VisualStudio.Workload.ManagedDesktop --add Microsoft.VisualStudio.Workload.VCTools --add Microsoft.VisualStudio.Workload.MSBuildTools --add Microsoft.VisualStudio.Workload.UniversalBuildTools --add Microsoft.VisualStudio.ComponentGroup.WindowsAppSDK.Cs --add Microsoft.VisualStudio.Component.VC.Tools.x86.x64 --add Microsoft.VisualStudio.Component.VC.v141.x86.x64 --add Microsoft.VisualStudio.Component.Windows11SDK.26100 --includeRecommended --add Microsoft.VisualStudio.Component.VC.Tools.ARM64 --add Microsoft.VisualStudio.Component.UWP.VC.ARM64'
if ($LASTEXITCODE -ne 0) { throw [System.InvalidOperationException]::New('Failed to install Visual Studio Build Tools') }
Write-Host -Object "`nInstalling Visual C++ Redistributable" -ForegroundColor Magenta
Expand Down
3 changes: 0 additions & 3 deletions AppControl Manager/App.xaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,6 @@
</Style>



<animations:ImplicitAnimationSet x:Name="ShowTransitions">
<animations:OffsetAnimation EasingMode="EaseOut"
From="0,24,0"
Expand All @@ -74,8 +73,6 @@
</animations:ImplicitAnimationSet>




</ResourceDictionary>
</Application.Resources>
</Application>
7 changes: 1 addition & 6 deletions AppControl Manager/App.xaml.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -79,7 +79,6 @@ public App()
}



/// <summary>
/// Event handler for when the sound setting is changed.
/// </summary>
Expand All @@ -101,7 +100,6 @@ private void OnSoundSettingChanged(object? sender, SoundSettingChangedEventArgs
}



/// <summary>
/// Invoked when the application is launched.
/// </summary>
Expand Down Expand Up @@ -135,15 +133,12 @@ protected override void OnLaunched(LaunchActivatedEventArgs args)
/// </summary>
private async void App_UnhandledException(object sender, Microsoft.UI.Xaml.UnhandledExceptionEventArgs e)
{
Logger.Write($"Unhandled exception: {e.Exception.Message}");
Logger.Write(ErrorWriter.FormatException(e.Exception));

// Prevent the app from crashing
// With this set to false, the same error would keep writing to the log file forever. The exception keeps bubbling up since it's unhandled.
e.Handled = true;

// Log the error to a file
Logger.Write(e.Exception.ToString());

// Show error dialog to the user
await ShowErrorDialogAsync(e.Exception);
}
Expand Down
59 changes: 28 additions & 31 deletions AppControl Manager/AppControl Manager.csproj
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
<Project Sdk="Microsoft.NET.Sdk">
<!-- The following are the details for AppControlManager, a Self-Contained MSIX Packaged App -->
<PropertyGroup>
<OutputType>WinExe</OutputType>
<TargetFramework>net9.0-windows10.0.26100.0</TargetFramework>
Expand All @@ -25,7 +24,6 @@
<EnableMsixTooling>true</EnableMsixTooling>
<Nullable>enable</Nullable>


<!-- https://learn.microsoft.com/en-us/dotnet/core/project-sdk/msbuild-props#satelliteresourcelanguages -->
<SatelliteResourceLanguages>en-US</SatelliteResourceLanguages>

Expand All @@ -48,22 +46,7 @@
<WindowsAppSDKSelfContained>true</WindowsAppSDKSelfContained>

<!-- Publish Properties -->
<PublishReadyToRun Condition="'$(Configuration)' == 'Debug'">False</PublishReadyToRun>
<PublishReadyToRun Condition="'$(Configuration)' != 'Debug'">True</PublishReadyToRun>

<!-- Disabling trimming temporarily -->
<!-- There should be absolutely no trim warnings before this can be enabled
Otherwise there is no guarantee that the app will work as expected at all times -->
<!-- https://learn.microsoft.com/en-us/dotnet/core/deploying/trimming/trimming-options -->


<PublishTrimmed>false</PublishTrimmed>
<!--
<TrimMode>partial</TrimMode>
<SuppressTrimAnalysisWarnings>false</SuppressTrimAnalysisWarnings>
<TrimmerSingleWarn>false</TrimmerSingleWarn>
-->
<PublishReadyToRun>True</PublishReadyToRun>

<ImplicitUsings>disable</ImplicitUsings>
<Description>A modern secure application that simplifies management of Application Control in Windows.</Description>
Expand All @@ -90,9 +73,9 @@
<EnforceCodeStyleInBuild>True</EnforceCodeStyleInBuild>
<AssemblyName>AppControlManager</AssemblyName>
<!-- https://learn.microsoft.com/en-us/dotnet/core/deploying/native-aot/optimizing -->
<PublishAot>false</PublishAot>
<PublishAot>True</PublishAot>
<ErrorReport>send</ErrorReport>
<FileVersion>1.9.0.0</FileVersion>
<FileVersion>1.9.1.0</FileVersion>
<AssemblyVersion>$(FileVersion)</AssemblyVersion>
<NeutralLanguage>en-US</NeutralLanguage>
<PackageLicenseFile>LICENSE</PackageLicenseFile>
Expand All @@ -108,7 +91,20 @@
<CheckForOverflowUnderflow>True</CheckForOverflowUnderflow>
<NuGetAuditMode>all</NuGetAuditMode>
<RepositoryType>git</RepositoryType>
<TreatWarningsAsErrors>True</TreatWarningsAsErrors>
<TreatWarningsAsErrors>true</TreatWarningsAsErrors>

<!-- There should be absolutely no trim warnings before this can be enabled
Otherwise there is no guarantee that the app will work as expected at all times -->
<!-- https://learn.microsoft.com/en-us/dotnet/core/deploying/trimming/trimming-options -->
<PublishTrimmed>True</PublishTrimmed>
<TrimMode>full</TrimMode>
<SuppressTrimAnalysisWarnings>false</SuppressTrimAnalysisWarnings>
<ILLinkTreatWarningsAsErrors>true</ILLinkTreatWarningsAsErrors>
<TrimmerSingleWarn>false</TrimmerSingleWarn>
<TrimmerRemoveSymbols>true</TrimmerRemoveSymbols>
<EnableUnsafeUTF7Encoding>false</EnableUnsafeUTF7Encoding>
<EnableUnsafeBinaryFormatterSerialization>false</EnableUnsafeBinaryFormatterSerialization>
<XmlResolverIsNetworkingEnabledByDefault>false</XmlResolverIsNetworkingEnabledByDefault>
</PropertyGroup>

<!--
Expand All @@ -121,14 +117,11 @@
-->

<!--
For trimming to exclude incompatible assemblies, but currently not working
<ItemGroup>
<TrimmerRootDescriptor Include="MyRoots.xml" />
</ItemGroup>
-->


<!-- Defining the "Msix" ProjectCapability here allows the Single-project MSIX Packaging
Tools extension to be activated for this project even if the Windows App SDK Nuget
package has not yet been restored. -->
Expand All @@ -137,9 +130,8 @@
</ItemGroup>

<!-- Nuget packages
All transitive/nested packages under the main packages are added
All transitive/nested packages under the main packages are added as well
so they can be updated separately and receive bug/security vulnerability fixes faster
https://devblogs.microsoft.com/nuget/introducing-transitive-dependencies-in-visual-studio/
-->
<ItemGroup>
Expand All @@ -154,7 +146,6 @@
<PackageReference Include="CommunityToolkit.WinUI.Helpers" Version="8.2.250129-preview2" />
<PackageReference Include="CommunityToolkit.WinUI.Lottie" Version="8.1.240821" />
<PackageReference Include="CommunityToolkit.WinUI.Triggers" Version="8.2.250129-preview2" />
<PackageReference Include="CommunityToolkit.WinUI.UI.Controls.DataGrid" Version="7.1.2" />
<PackageReference Include="Microsoft.Graphics.Win2D" Version="1.3.2" />
<PackageReference Include="Microsoft.Identity.Client" Version="4.68.0" />
<PackageReference Include="Microsoft.IdentityModel.Abstractions" Version="8.5.0" />
Expand All @@ -169,9 +160,8 @@
<PackageReference Include="Microsoft.Windows.SDK.Win32Metadata" Version="63.0.31-preview" />
<PackageReference Include="Microsoft.Windows.WDK.Win32Metadata" Version="0.13.25-experimental" />
<PackageReference Include="Microsoft.WindowsAppSDK" Version="1.6.250205002" />
<PackageReference Include="System.CodeDom" Version="9.0.2" />
<PackageReference Include="System.Diagnostics.DiagnosticSource" Version="9.0.2" />

<PackageReference Include="Microsoft.Xaml.Behaviors.WinUI.Managed" Version="3.0.0" />
<PackageReference Include="CommunityToolkit.WinUI.Behaviors" Version="8.2.250129-preview2" />

<!--
No longer needed - manual static code has been implemented
Expand All @@ -181,7 +171,6 @@
-->

<PackageReference Include="System.Diagnostics.EventLog" Version="9.0.2" />
<PackageReference Include="System.Management" Version="9.0.2" />
<PackageReference Include="System.Security.Cryptography.Pkcs" Version="9.0.2" />
</ItemGroup>

Expand Down Expand Up @@ -244,8 +233,10 @@
<None Remove="Pages\ViewCurrentPolicies.xaml" />
<None Remove="Pages\ViewFileCertificates.xaml" />
<None Remove="Resources\AppControlManagerSupplementalPolicy.xml" />
<None Remove="Resources\DriversBlockListAutoUpdaterScheduledTask.ps1" />
<None Remove="Resources\EmptyPolicy.xml" />
<None Remove="Resources\ISGBasedSupplementalPolicy.xml" />
<None Remove="Resources\SnapBackGuaranteeScheduledTask.ps1" />
<None Remove="Resources\StrictKernelMode.xml" />
<None Remove="Resources\StrictKernelMode_NoFlightRoots.xml" />
</ItemGroup>
Expand All @@ -259,12 +250,18 @@
<Content Include="Resources\AppControlManagerSupplementalPolicy.xml">
<CopyToOutputDirectory>Always</CopyToOutputDirectory>
</Content>
<Content Include="Resources\DriversBlockListAutoUpdaterScheduledTask.ps1">
<CopyToOutputDirectory>Always</CopyToOutputDirectory>
</Content>
<Content Include="Resources\EmptyPolicy.xml">
<CopyToOutputDirectory>Always</CopyToOutputDirectory>
</Content>
<Content Include="Resources\ISGBasedSupplementalPolicy.xml">
<CopyToOutputDirectory>Always</CopyToOutputDirectory>
</Content>
<Content Include="Resources\SnapBackGuaranteeScheduledTask.ps1">
<CopyToOutputDirectory>Always</CopyToOutputDirectory>
</Content>
<Content Include="Resources\StrictKernelMode.xml">
<CopyToOutputDirectory>Always</CopyToOutputDirectory>
</Content>
Expand Down
2 changes: 0 additions & 2 deletions AppControl Manager/CustomUIElements/SigningDetailsDialog.xaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -93,7 +93,6 @@
</controls:SettingsCard>



<controls:SettingsCard Header="SignTool Path"
Description="Used to sign the policy CIP file"
HeaderIcon="{ui:FontIcon Glyph=&#xEA86;}">
Expand Down Expand Up @@ -144,5 +143,4 @@
</ScrollView>



</ContentDialog>
6 changes: 0 additions & 6 deletions AppControl Manager/CustomUIElements/SigningDetailsDialogForRemoval.xaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -93,7 +93,6 @@
</controls:SettingsCard>



<controls:SettingsCard Header="SignTool Path"
Description="Used to sign the policy CIP file"
HeaderIcon="{ui:FontIcon Glyph=&#xEA86;}">
Expand All @@ -110,11 +109,9 @@

</controls:WrapPanel>


</controls:SettingsCard>



<controls:SettingsCard Header="XML File"
Description="The XML file of the Signed policy that is going to be removed"
HeaderIcon="{ui:FontIcon Glyph=&#xEA86;}">
Expand All @@ -131,7 +128,6 @@
</controls:SettingsCard>



</StackPanel>

<controls:WrapPanel Grid.Row="3" Orientation="Vertical" HorizontalSpacing="10" VerticalSpacing="10" Margin="10,15,10,0" HorizontalAlignment="Center">
Expand Down Expand Up @@ -161,6 +157,4 @@

</ScrollView>



</ContentDialog>
2 changes: 0 additions & 2 deletions AppControl Manager/CustomUIElements/SigningDetailsDialogForRemoval.xaml.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -498,6 +498,4 @@ private void XMLPolicyFileBrowseButton_Click(object sender, RoutedEventArgs e)
}
}



}
4 changes: 0 additions & 4 deletions AppControl Manager/IntelGathering/GetEventLogsData.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -491,7 +491,6 @@ private static HashSet<FileIdentity> CodeIntegrityEventsRetriever(string? EvtxFi
}



/// <summary>
/// Retrieves the AppLocker events from the local and EVTX files
/// </summary>
Expand Down Expand Up @@ -897,7 +896,6 @@ private static HashSet<FileIdentity> AppLockerEventsRetriever(string? EvtxFilePa
}



#region Helper methods to extract values

/// <summary>
Expand Down Expand Up @@ -928,7 +926,6 @@ private static HashSet<FileIdentity> AppLockerEventsRetriever(string? EvtxFilePa
}



/// <summary>
/// Only works for the <EventData> node of the Event
/// </summary>
Expand Down Expand Up @@ -1049,7 +1046,6 @@ private static string ResolvePath(string path)
#endregion



#region Async processing

/// <summary>
Expand Down
3 changes: 0 additions & 3 deletions AppControl Manager/IntelGathering/GetMDEAdvancedHuntingLogsData.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -160,11 +160,9 @@ internal static HashSet<FileIdentity> Retrieve(List<MDEAdvancedHuntingData> data
// Add the entire event package to the output list
_ = fileIdentities.Add(eventData);


}



// If the current group has Code Integrity Blocked log
else if (possibleCodeIntegrityBlockEvent is not null)
{
Expand Down Expand Up @@ -488,7 +486,6 @@ internal static HashSet<FileIdentity> Retrieve(List<MDEAdvancedHuntingData> data
}



#region Helper methods to extract values

/// <summary>
Expand Down
1 change: 0 additions & 1 deletion AppControl Manager/IntelGathering/InferCertificatePresence.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -79,7 +79,6 @@ internal static bool InferCertificatePresence(SiPolicy.SiPolicy policyObject, st
}



/// <summary>
/// Gets the path to a .cer certificate file and a certificate common name
/// Makes sure the common name belongs to the certificate file
Expand Down
1 change: 0 additions & 1 deletion AppControl Manager/IntelGathering/KernelModeDrivers.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,6 @@ private static IntPtr OpenFile(string path, out int error)
}



internal static KernelUserVerdict CheckKernelUserModeStatus(string filePath)
{

Expand Down
3 changes: 0 additions & 3 deletions AppControl Manager/IntelGathering/LocalFilesScan.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,6 @@ internal static HashSet<FileIdentity> Scan(List<FileInfo> files, ushort scalabil
}



// Store the output of all of the parallel tasks in this
ConcurrentDictionary<FileInfo, FileIdentity> temporaryOutput = [];

Expand Down Expand Up @@ -103,7 +102,6 @@ internal static HashSet<FileIdentity> Scan(List<FileInfo> files, ushort scalabil
}



// To track whether ECC Signed signature has been detected or not
// Once it's been set to true, it won't be changed to false anymore for the current file
bool IsECCSigned = false;
Expand Down Expand Up @@ -247,7 +245,6 @@ internal static HashSet<FileIdentity> Scan(List<FileInfo> files, ushort scalabil
}



// If the Leaf Certificate exists in the current package
// Indicating that the current signer of the file is a normal certificate with Leaf/Intermediate(s)/Root
if (package.LeafCertificate is not null)
Expand Down
1 change: 0 additions & 1 deletion AppControl Manager/Main/AppControlSimulation.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,6 @@ internal static bool Invoke(List<string>? filePaths, string xmlFilePath, bool no
}



internal static void ExportToCsv(ConcurrentDictionary<string, SimulationOutput> finalResults, string filePath)
{
// Create a list for CSV lines
Expand Down
Loading

0 comments on commit 5c5ab4c

Please sign in to comment.