Adding Applications to EMET

If you have been using EMET (Enhanced Mitigation Experience Toolkit ) toolkit from Microsoft you probably have had to need to add custom application, one of the main “culprits” is Flash Player with its ever changing name (filename contains it’s version number)
In EMET wildcards are only allowed in paths not filenames, so I wrote a little script to add applications to the EMET “Watch list” 🙂

It consist of 2 functions one to remove an application and one to add an application.

The below example will first remove all applications that starts with Flash, then it will add all .exe found in the path: ‘C:\Windows\System32\Macromed\Flash’, so if there were multiple versions of flash in there, they would all be removed.