Invoke-DumpMDEConfig is a PowerShell script designed to extract and display Microsoft Defender configuration and logs, including excluded paths, enabled ASR rules, allowed threats, protection history, and Exploit Guard protection history. The script provides options to output the data in a table or CSV format.
# To run the script and output the results in list format:
Invoke-DumpMDEConfig
# To run the script and output the results in table format:
Invoke-DumpMDEConfig -TableOutput
# To run the script and output the results in CSV format:
Invoke-DumpMDEConfig -CSVOutput
# To specify a custom file for table output:
Invoke-DumpMDEConfig -TableOutput -TableOutputFile "CustomFile.txt"Exploit-Street, where we dive into the ever-evolving world of cybersecurity with a focus on Local…
Shadow Dumper is a powerful tool used to dump LSASS (Local Security Authority Subsystem Service)…
shadow-rs is a Windows kernel rootkit written in Rust, demonstrating advanced techniques for kernel manipulation…
Extract and execute a PE embedded within a PNG file using an LNK file. The…
Embark on the journey of becoming a certified Red Team professional with our definitive guide.…
This repository contains proof of concept exploits for CVE-2024-5836 and CVE-2024-6778, which are vulnerabilities within…