Sysmon EDR POC Build within Powershell to prove ability.
-
Updated
May 1, 2021 - PowerShell
#
edr
Here are 11 public repositories matching this topic...
MDE Tester is designed to help testing various features in Microsoft Defender for Endpoint.
-
Updated
Mar 4, 2024 - PowerShell
A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.
-
Updated
Apr 6, 2025 - PowerShell
Red Teaming Tactics and Techniques
-
Updated
Sep 28, 2023 - PowerShell
Checks running processes for a list of potentially "risky" ones that should not be spawned by certain parent processes. If found, the results could indicate abnormal behavior.
-
Updated
Nov 5, 2025 - PowerShell
Simple GUI for Microsoft Defender for Endpoint API machine actions in PowerShell.
-
Updated
Nov 26, 2025 - PowerShell
Presentations
-
Updated
Feb 9, 2024 - PowerShell
EDR is powerful tool combines IDS (Intrusion Detection System) and IPS (Intrusion Prevention System) capabilities into a single, efficient package. Leveraging PowerShell scripts, it continuously monitors network activity, isolates compromised machines.......
-
Updated
Oct 28, 2024 - PowerShell
-
Updated
May 29, 2023 - PowerShell
🕵️♂️ Hands-on threat hunting projects using Sentinel, MDE, and KQL. Includes queries, visualizations, and step-by-step analysis of suspicious activity.
log-analysis incident-response cybersecurity threat-hunting siem tor-browser mde edr azure-security security-operations kql defender-for-endpoint microsoft-sentinel
-
Updated
Aug 4, 2025 - PowerShell
Improve this page
Add a description, image, and links to the edr topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the edr topic, visit your repo's landing page and select "manage topics."