A modern, interactive web tool to help you understand, configure, and deploy Microsoft Defender Attack Surface Reduction (ASR) rules with confidence.
🌐 Live Demo: https://asrconfigurator.pages.dev
- Full ASR Rule Coverage — Browse and configure all major Microsoft Defender ASR rules with clear explanations and examples
- Security Presets — Start quickly with predefined postures:
- Disabled (All Off)
- Basic Protection
- Balanced (Recommended)
- Strict Protection
- Developer-Friendly
- Per-Rule Control — Switch each rule between Block, Audit, or Disabled
- Instant Code Generation — Export ready-to-use configuration in:
- PowerShell (local machines)
- Group Policy (GPO)
- Microsoft Intune (JSON)
- One-Click Copy — Copy generated config directly to clipboard
- Responsive UI — Works on desktop, tablet, and mobile
- Light & Dark Mode — Theme preference saved locally
Attack Surface Reduction rules help prevent:
- Macro-based malware
- Credential theft
- Ransomware behavior
- Script-based attacks
- Living-off-the-land techniques (LOLBins)
Misconfiguration can break applications — this tool emphasizes education first, audit before block, and safe defaults.
- React with TypeScript
- Vite — fast build and development
- Tailwind CSS — styling
- shadcn/ui — UI components
- Fully client-side — no backend, no tracking, no data collection
- Node.js 18+ and npm
# Clone the repository
git clone https://github.com/Ashutoshgit47/ASR-Configurator.git
# Navigate to the project directory
cd ASR-Configurator
# Install dependencies
npm install
# Start the development server
npm run devThe app will be available at http://localhost:5173
npm run build
npm run preview- Select a Preset — Choose from Basic, Balanced, Strict, or Developer-Friendly
- Customize Rules — Toggle individual ASR rules between Block, Audit, or Disabled
- Export Configuration — Pick PowerShell, Group Policy, or Intune format and copy the code
- Apply Carefully — Always test in Audit mode before enabling Block in production
- Fully client-side
- No tracking, analytics, or cookies
- No data is sent to any server
- All configuration is generated locally in your browser
This tool is for educational and configuration assistance purposes only. Always test ASR rules in Audit mode before deploying them in production environments.
The author is not responsible for any system instability, application breakage, or data loss caused by improper ASR configuration.
If you find ASR Configurator useful:
- ⭐ Star this repository — It helps others discover this tool
- 🐛 Report bugs — Found something broken? Let us know
- 💡 Suggest features — Have an idea? Open an issue
- 🔀 Submit a PR — Fork, improve, and submit a pull request
- 🔁 Share — Know someone interested in Windows security? Spread the word!
- Fork the repository
- Create your feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
If this tool saved you time or helped secure your systems, consider supporting the project — it keeps things alive and motivates future updates!
MIT
Ashutosh Gautam — Cybersecurity Enthusiast & Developer