DumpMDEConfig – Extracting Microsoft Defender Configuration And Logs With PowerShell Script

Invoke-DumpMDEConfig is a PowerShell script designed to extract and display Microsoft Defender configuration and logs, including excluded paths, enabled ASR rules, allowed threats, protection history, and Exploit Guard protection history. The script provides options to output the data in a table or CSV format.

Usage

# To run the script and output the results in list format:
Invoke-DumpMDEConfig

# To run the script and output the results in table format:
Invoke-DumpMDEConfig -TableOutput

# To run the script and output the results in CSV format:
Invoke-DumpMDEConfig -CSVOutput

# To specify a custom file for table output:
Invoke-DumpMDEConfig -TableOutput -TableOutputFile "CustomFile.txt"

Related

DeepBlueCLI : A PowerShell Module For Threat Hunting Via Windows Event Logs

November 10, 2020

In "Kali Linux"

Xencrypt : A PowerShell Script Anti-Virus Evasion Tool

March 3, 2020

In "Kali Linux"

BetterXencrypt : A Better Version Of Xencrypt

April 28, 2021

In "Kali Linux"

Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.

Next CVE-2024-26229 : Address Validation Flaws In IOCTL With METHOD_NEITHER »

Previous « Phishing Engagement Infrastructure Setup Guide

Leave a Comment

Share

Published by

Varshini

Tags: cybersecurityinformationsecuritykalilinuxkalilinuxtools

2 years ago

Recent Posts

News

How EDR Killers Bypass Security Tools

Endpoint Detection and Response (EDR) solutions have become a cornerstone of modern cybersecurity, designed to…

2 days ago

Cyber security

AI-Generated Malware Campaign Scales Threats Through Vibe Coding Techniques

A large-scale malware campaign leveraging AI-assisted development techniques has been uncovered, revealing how attackers are…

2 days ago

Cyber security

How Does a Firewall Work Step by Step

How Does a Firewall Work Step by Step? What Is a Firewall and How Does…

2 days ago

News

Fake VPN Download Trap Can Steal Your Work Login in Minutes

People trying to securely connect to work are being tricked into doing the exact opposite.…

3 days ago

Android Security

This Android Bug Can Crack Your Lock Screen in 60 Seconds

A newly disclosed Android vulnerability is making noise for a good reason. Researchers showed that…

7 days ago

Database Assessment

How to Fix MyISAM Table Corruption in MySQL?

In MySQL Server 5.5 and earlier versions, the MyISAM was the default storage engine. So,…

1 week ago

L