p0w3rsh3ll/filter-constrained-lang-mode-noise-from-Applocker-eventlog.ps1 Secret

## filter-constrained-lang-mode-noise-from-Applocker-eventlog.ps1
Get-WinEvent -FilterXml @'
<QueryList>
  <Query Id="0" Path="Microsoft-Windows-AppLocker/MSI and Script">
    <Select Path="Microsoft-Windows-AppLocker/MSI and Script">
*[System[(EventID=8007)]]
and
*[UserData[RuleAndFileData[(FileHash!="6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B")]]]
</Select>
  </Query>
</QueryList>
'@ -MaxEvents 1
	Get-WinEvent -FilterXml @'
	<QueryList>
	<Query Id="0" Path="Microsoft-Windows-AppLocker/MSI and Script">
	<Select Path="Microsoft-Windows-AppLocker/MSI and Script">
	*[System[(EventID=8007)]]
	and
	*[UserData[RuleAndFileData[(FileHash!="6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B")]]]
	</Select>
	</Query>
	</QueryList>
	'@ -MaxEvents 1