Invoke-DumpMDEConfig
is a PowerShell script designed to extract and display Microsoft Defender configuration and logs, including excluded paths, enabled ASR rules, allowed threats, protection history, and Exploit Guard protection history. The script provides options to output the data in a table or CSV format.
# To run the script and output the results in list format:
Invoke-DumpMDEConfig
# To run the script and output the results in table format:
Invoke-DumpMDEConfig -TableOutput
# To run the script and output the results in CSV format:
Invoke-DumpMDEConfig -CSVOutput
# To specify a custom file for table output:
Invoke-DumpMDEConfig -TableOutput -TableOutputFile "CustomFile.txt"
The project is based on Go and Vue to build a management system for sensitive…
Setting up a Command and Control (C2) server is a critical step in establishing a…
Installing and configuring redirectors as part of your red team infrastructure. Follow these step-by-step instructions…
This step generates TLS key pairs. This is used for encrypting the filebeat traffic between…
enum4linux-ng.py is a rewrite of Mark Lowe's (former Portcullis Labs now Cisco CX Security Labs)…
Interactive PDF Analysis (also called IPA) allows any researcher to explore the inner details of…