DumpMDEConfig – Extracting Microsoft Defender Configuration And Logs With PowerShell Script

Invoke-DumpMDEConfig is a PowerShell script designed to extract and display Microsoft Defender configuration and logs, including excluded paths, enabled ASR rules, allowed threats, protection history, and Exploit Guard protection history. The script provides options to output the data in a table or CSV format.

Usage

# To run the script and output the results in list format:
Invoke-DumpMDEConfig

# To run the script and output the results in table format:
Invoke-DumpMDEConfig -TableOutput

# To run the script and output the results in CSV format:
Invoke-DumpMDEConfig -CSVOutput

# To specify a custom file for table output:
Invoke-DumpMDEConfig -TableOutput -TableOutputFile "CustomFile.txt"

Related

DeepBlueCLI : A PowerShell Module For Threat Hunting Via Windows Event Logs

November 10, 2020

In "Kali Linux"

Xencrypt : A PowerShell Script Anti-Virus Evasion Tool

March 3, 2020

In "Kali Linux"

Invoke-Stealth : Simple And Powerful PowerShell Script Obfuscator

May 10, 2021

In "Kali Linux"

Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.

Next CVE-2024-26229 : Address Validation Flaws In IOCTL With METHOD_NEITHER »

Previous « Phishing Engagement Infrastructure Setup Guide

Leave a Comment

Share

Published by

Varshini

Tags: cybersecurityinformationsecuritykalilinuxkalilinuxtools

2 years ago

Recent Posts

How To

Install Gitea Ubuntu: Complete Setup Guide for Developers

Managing source code efficiently is essential for modern software development, and Install Gitea Ubuntu is…

21 hours ago

How To

Install Ruby Ubuntu – 3 Easy Ways to Set Up Ruby on Ubuntu 20.04

Ruby remains one of the most popular programming languages for web development, automation, and software…

22 hours ago

How To

Plex Media Server Setup: Install and Configure on Ubuntu 20.04

A Plex Media Server Setup on Ubuntu 20.04 is one of the easiest ways to…

23 hours ago

TECH

Why Deploying AI Is Just the Beginning: The Case for Ongoing AI Operations Monitoring

Most enterprise AI programs treat deployment as the destination. The business case is built around…

2 days ago

How To

Bash Scripting Best Practices Every Beginner Should Know

Introduction Bash scripting is a powerful way to automate Linux tasks, but writing a script…

7 days ago

How To

How To Create A Self-Signed SSL Certificate Using Bash And OpenSSL

Introduction A self-signed SSL certificate is a certificate that is created and signed by the…

7 days ago

L