Open Source Security Atlas

Fidelis-EDR-Scripts: An Open Source Script for Endpoint Security | Open Source Security Atlas

Endpoint Security

Script

Fidelis-EDR-Scripts

A collection of scripts designed to enhance the functionality of Fidelis CyberSecurity EDR for threat hunting and incident response.

View on GitHub

About This Tool

Collection of scripts for Fidelis CyberSecurity EDR

Primary Use Case

This tool is primarily used by cybersecurity threat hunters and incident responders to facilitate investigations through the Fidelis CyberSecurity EDR platform. The scripts help in gathering and analyzing endpoint data, enriching the EDR library with additional capabilities.

Key Features

Checks the status of group policy objects on endpoints
Enumerates the contents of the Windows hosts file
Integrates with Fidelis CyberSecurity EDR server for result visibility

Insights & Recommendations

Ensure that the scripts are executed in an environment where the Fidelis CyberSecurity EDR is properly configured to receive results.

Usage

GroupPolicyStatus.vbs "{5102029F-2D2B-4596-99D0-150E8F4B0F6D}"

Checks the group policy object status by GUID and returns if it is enabled or disabled.

HostsFileEnumeration.vbs

Parses and enumerates the lines of the Windows hosts file, displaying the content list of hostnames and IPs.

Smart Usage Notes

Can be chained with Metasploit for automated exploitation
Useful for continuous security monitoring in CI/CD pipelines
Integrate with SIEM for enhanced visibility and alerting
Consider developing additional scripts for automated response actions
Utilize the scripts for training purposes in incident response simulations

Open Source Security Atlas

Fidelis-EDR-Scripts

About This Tool

Primary Use Case

Key Features

Insights & Recommendations

Usage

Smart Usage Notes

Security Capability Profile

Tags

You Might Also Like