Misc. scripts to perform activities for Windows Defender Firewall.
A collection of scripts useful for:
- CyberSecurity Threat Hunters and and incident responder to ease the investigation of the activities.
- SecOps to ease some managment activities.
- Automation of activities via SOAR.
- Enriching EDR library of response scripts, if your EDR supports customs scipts execution.
List of scripts:
1.WDFLogs2cvs.vbs
- Description: Convert the log file of the Windows Defnder Firewall to CSV file with header
- Args in Order:
- String: Windows Firewall Log File Path
- String: CSV Output File Path"
- Integer: 0 = Create New File or 1 = Apped To Existing File
- Example: WDFLogs2cvs.vbs "C:\Windows\System32\LogFiles\Firewall\pfirewall.log" "D:\outputFolder\output.csv" 0