ScaryByte WINSECMON - UAT TEST BUNDLE
=====================================
Version : v2.0.0-rc.3        Built (UTC): 2026-06-14T17:24:31Z
Coverage: 137 checks across 20 domains
Package hash: 9B4374DCAD04B3D88B82AC3855D08C9F0E7F2AF2F1363FCC6A53F80EC838B587
Signed  : Yes - ScaryByte (68 files, cert 819B2BC70E6FFDB3FEF279F72E6357EBE07D5519)

WHAT THIS IS
------------
A complete, standalone copy of WINSECMON for you to test. Everything needed to run
is inside this folder. You do NOT need to install anything or have the source code.

ESTABLISH TRUST FIRST (recommended - one click, optional)
---------------------------------------------------------
WINSECMON and its scripts are digitally signed by ScaryByte. To make Windows
recognise the signature as a known, trusted publisher (no "unknown publisher"
prompts):
  1. Open the 'package' folder.
  2. Double-click  INSTALL-TRUST.cmd   (click Yes at the UAC prompt).
This imports the ScaryByte signing certificate once. You only do it on each machine
the first time. If the ZIP was downloaded or carries Mark-of-the-Web, run INSTALL-TRUST.cmd
first or unblock the ZIP before extraction. Without publisher trust, Windows may block signed
scripts from an untrusted self-signed publisher.
HOW TO RUN THE TEST (recommended - one click)
---------------------------------------------
1. Open the 'package' folder.
2. Double-click  RUN-UAT-TEST.cmd
   - It will ask for administrator rights (click Yes) so the test is thorough.
   - It runs the full security scan and records everything.
3. When it finishes, open the 'logs' folder (next to 'package').
4. ZIP the entire 'logs' folder and send it back to us. That's it.

JUST WANT TO SEE A REPORT?
--------------------------
  - WINSECMON.exe ......... pre-built one-click scan (double-click; it asks for admin).
   The scan opens an interactive HTML report automatically when done.

WHAT TO TEST / HOW TO RECORD RESULTS
------------------------------------
  - test-flow\TEST-PLAN.md   - what to check and on which Windows versions.
  - test-flow\TEST-CASES.csv - tick each case pass/fail (open in Excel).
  - test-flow\SIGNOFF.md     - record the overall result + who tested.
  - docs\RELEASE-NOTES.md    - what's in this version.
  - docs\KNOWN-ISSUES.md     - already-known limitations.

RUNS ON
-------
Supported baseline: Windows 10 / Server 2016 and newer with Windows PowerShell 5.1
(PowerShell 7+ also works). Windows 7 / Server 2008 R2 through 8.1 / Server 2012 R2
are best-effort legacy (require WMF 5.1, not yet lab-validated). The test records the
exact platform and an honest support verdict for each machine. Please test on as many
different machines as you can.

ABOUT THE ONE-CLICK FILES
-------------------------
  - WINSECMON.exe is a genuine, digitally-signed Windows program (not a script wrapper).
    The compiled launcher reduces self-extracting-script heuristics; Defender/SmartScreen
    behaviour is not asserted and must be captured per release under qa/defender-results/.
  - WINSECMON.cmd does exactly the same thing without the .exe, in case your policy blocks
    running downloaded executables.
  - INSTALL-TRUST.cmd (optional, one click) registers ScaryByte as a known publisher so
    Windows shows our name instead of "unknown publisher". You only need it once per machine.

SAFETY
------
WINSECMON is READ-ONLY. It assesses posture and writes reports/logs only; it makes
no changes to the machine. No credentials are captured and nothing is sent anywhere.
