I have created a new version of this script so that it is better aligned with the conventions I use for other PowerShell scripts.
I have also created the PowaScripts project were I will publish PowerShell scripts that I use and that might be of public interest. Follows an example on how to invoke the cmdlet.
1Dump-AppLocker -ResultFile policy.xml
As with the previous version, the resulting XML file will contain all the rules and conditions making it easy to audit the AppLocker policy. Follows a example result file.
1<?xml version="1.0" encoding="utf-8"?>
2<AppLocker Date="2016-09-23T21:50:33.1246017Z" Host="test01.domain.local">
3 <Group Name="Appx" />
4 <Group Name="Dll">
5 <FilePathRule Id="3737732c-99b7-41d4-9037-9cddfb0de0d0" Name="(Default Rule) All DLLs located in the Program Files folder" Description="Allows members of the Everyone group to load DLLs that are located in the Program Files folder." UserOrGroupSid="S-1-1-0" Action="Allow">
6 <Conditions>
7 <FilePathCondition Path="%PROGRAMFILES%\*" />
8 </Conditions>
9 </FilePathRule>
10 <FilePathRule Id="ac881f52-1a4c-4f81-9fdc-02179022f08b" Name="(My Rule) All files located in the Windows Temporary folder" Description="" UserOrGroupSid="S-1-1-0" Action="Deny">
11 <Conditions>
12 <FilePathCondition Path="%WINDIR%\Temp\*" />
13 </Conditions>
14 </FilePathRule>
15 <FilePathRule Id="bac4b0bf-6f1b-40e8-8627-8545fa89c8b6" Name="(Default Rule) Microsoft Windows DLLs" Description="Allows members of the Everyone group to load DLLs located in the Windows folder." UserOrGroupSid="S-1-1-0" Action="Allow">
16 <Conditions>
17 <FilePathCondition Path="%WINDIR%\*" />
18 </Conditions>
19 </FilePathRule>
20 <FilePathRule Id="c1a9b922-713f-4a8f-af01-32ff907cd1fd" Name="(My Rule) All files located in the Windows Tasks folder" Description="" UserOrGroupSid="S-1-1-0" Action="Deny">
21 <Conditions>
22 <FilePathCondition Path="%WINDIR%\Tasks\*" />
23 </Conditions>
24 </FilePathRule>
25 <FilePathRule Id="fe64f59f-6fca-45e5-a731-0f6715327c38" Name="(Default Rule) All DLLs" Description="Allows members of the local Administrators group to load all DLLs." UserOrGroupSid="S-1-5-32-544" Action="Allow">
26 <Conditions>
27 <FilePathCondition Path="*" />
28 </Conditions>
29 </FilePathRule>
30 </Group>
31 <Group Name="Exe">
32 <FilePathRule Id="744af0ed-87d1-4bf4-98a1-8ad4d2823bd3" Name="(My Rule) All files located in the Windows Temporary folder" Description="" UserOrGroupSid="S-1-1-0" Action="Deny">
33 <Conditions>
34 <FilePathCondition Path="%WINDIR%\Temp\*" />
35 </Conditions>
36 </FilePathRule>
37 <FilePathRule Id="921cc481-6e17-4653-8f75-050b80acca20" Name="(Default Rule) All files located in the Program Files folder" Description="Allows members of the Everyone group to run applications that are located in the Program Files folder." UserOrGroupSid="S-1-1-0" Action="Allow">
38 <Conditions>
39 <FilePathCondition Path="%PROGRAMFILES%\*" />
40 </Conditions>
41 </FilePathRule>
42 <FilePathRule Id="a61c8b2c-a319-4cd0-9690-d2177cad7b51" Name="(Default Rule) All files located in the Windows folder" Description="Allows members of the Everyone group to run applications that are located in the Windows folder." UserOrGroupSid="S-1-1-0" Action="Allow">
43 <Conditions>
44 <FilePathCondition Path="%WINDIR%\*" />
45 </Conditions>
46 </FilePathRule>
47 <FilePathRule Id="d9efc88e-0b2a-41f1-b12b-ca24cf942aaf" Name="(My Rule) All files located in the Windows Tasks folder" Description="" UserOrGroupSid="S-1-1-0" Action="Deny">
48 <Conditions>
49 <FilePathCondition Path="%WINDIR%\Tasks\*" />
50 </Conditions>
51 </FilePathRule>
52 <FilePathRule Id="fd686d83-a829-4351-8ff4-27c7de5755d2" Name="(Default Rule) All files" Description="Allows members of the local Administrators group to run all applications." UserOrGroupSid="S-1-5-32-544" Action="Allow">
53 <Conditions>
54 <FilePathCondition Path="*" />
55 </Conditions>
56 </FilePathRule>
57 </Group>
58 <Group Name="Msi">
59 <FilePathRule Id="5b290184-345a-4453-b184-45305f6d9a54" Name="(Default Rule) All Windows Installer files in %systemdrive%\Windows\Installer" Description="Allows members of the Everyone group to run all Windows Installer files located in %systemdrive%\Windows\Installer." UserOrGroupSid="S-1-1-0" Action="Allow">
60 <Conditions>
61 <FilePathCondition Path="%WINDIR%\Installer\*" />
62 </Conditions>
63 </FilePathRule>
64 <FilePathRule Id="64ad46ff-0d71-4fa0-a30b-3f3d30c5433d" Name="(Default Rule) All Windows Installer files" Description="Allows members of the local Administrators group to run all Windows Installer files." UserOrGroupSid="S-1-5-32-544" Action="Allow">
65 <Conditions>
66 <FilePathCondition Path="*.*" />
67 </Conditions>
68 </FilePathRule>
69 </Group>
70 <Group Name="Script">
71 <FilePathRule Id="06dce67b-934c-454f-a263-2515c8796a5d" Name="(Default Rule) All scripts located in the Program Files folder" Description="Allows members of the Everyone group to run scripts that are located in the Program Files folder." UserOrGroupSid="S-1-1-0" Action="Allow">
72 <Conditions>
73 <FilePathCondition Path="%PROGRAMFILES%\*" />
74 </Conditions>
75 </FilePathRule>
76 <FilePathRule Id="3f4760f4-bd8a-47fa-a86e-e2f0222b5e79" Name="(My Rule) All files located in the Windows Tasks folder" Description="" UserOrGroupSid="S-1-1-0" Action="Deny">
77 <Conditions>
78 <FilePathCondition Path="%WINDIR%\Tasks\*" />
79 </Conditions>
80 </FilePathRule>
81 <FilePathRule Id="9428c672-5fc3-47f4-808a-a0011f36dd2c" Name="(Default Rule) All scripts located in the Windows folder" Description="Allows members of the Everyone group to run scripts that are located in the Windows folder." UserOrGroupSid="S-1-1-0" Action="Allow">
82 <Conditions>
83 <FilePathCondition Path="%WINDIR%\*" />
84 </Conditions>
85 </FilePathRule>
86 <FilePathRule Id="b8467b04-066e-40af-8f48-4545e1037e4a" Name="(My Rule) All files located in the Windows Temporary folder" Description="" UserOrGroupSid="S-1-1-0" Action="Deny">
87 <Conditions>
88 <FilePathCondition Path="%WINDIR%\Temp\*" />
89 </Conditions>
90 </FilePathRule>
91 <FilePathRule Id="ed97d0cb-15ff-430f-b82c-8d7832957725" Name="(Default Rule) All scripts" Description="Allows members of the local Administrators group to run all scripts." UserOrGroupSid="S-1-5-32-544" Action="Allow">
92 <Conditions>
93 <FilePathCondition Path="*" />
94 </Conditions>
95 </FilePathRule>
96 </Group>
97</AppLocker>
Hope it is useful :)