Skip to content

DEL-MDATP-IOC.ps1 is used to delete the IOCs on Microsoft Defender ATP.

License

Notifications You must be signed in to change notification settings

banhao/MDATP-IOCs-delete

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
 
 
 
 
 
 

Repository files navigation

DEL-MDATP-IOC

Minimum Supported PowerShell Version Cross Platform PowerShell Gallery Version PowerShell Gallery

DEL-MDATP-IOC.ps1 is used to delete the IOCs on Microsoft Defender ATP.

DEL-MDATP-IOC.ps1 <All | IpAddress | DomainName | Url | FileSha256 | FileSha1>

Microsoft Azure token will be expired in 1 hour, so when the token expired but still have IOCs need to delete, the script will generate a new token untill all the IOCs have been deleted.

Also can find this powershell script on Powershell Gallery https://www.powershellgallery.com/packages/DEL-MDATP-IOC