Overview

This repository is a collection of PowerShell scripts designed to assist in orchestrating actions via Microsoft Defender for Endpoint (MDE) Live Response. These scripts automate common forensic operations.

Presented at BSides Cayman 2024

Disclaimer

Use at Your Own Risk: These scripts are provided "as-is" without any warranties or guarantees. They have been developed and tested in a controlled environment, but the authors and contributors bear no responsibility for any unintended consequences resulting from their use. Always test in a non-production environment prior to deploying in live environments.

Name		Name	Last commit message	Last commit date
Latest commit History 5 Commits
Create-ForensicAnalysisVM-config-Example.json		Create-ForensicAnalysisVM-config-Example.json
Create-ForensicAnalysisVM.ps1		Create-ForensicAnalysisVM.ps1
Create-LiveResponseKapeScripts-Config-Example.json		Create-LiveResponseKapeScripts-Config-Example.json
Create-LiveResponseKapeScripts.ps1		Create-LiveResponseKapeScripts.ps1
LICENSE		LICENSE
README.md		README.md
Upload-SignandUploadScriptToLiveResponse-Config-Example.json		Upload-SignandUploadScriptToLiveResponse-Config-Example.json
Upload-SignandUploadScriptToLiveResponse.ps1		Upload-SignandUploadScriptToLiveResponse.ps1

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Overview

Disclaimer

About

Uh oh!

Releases

Packages

Uh oh!

Contributors

Uh oh!

Languages

Folders and files

Latest commit

History

Repository files navigation

Overview

Disclaimer

About

Resources

License

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Uh oh!

Contributors

Uh oh!

Languages

Packages