search

tsale / EDR-Telemetry

This project aims to compare and evaluate the telemetry of various EDR products.
1.43k stars 141 forks source link

[Feature Request] - Telemetry-generator - Check for an existing installation of Invoke-AtomicRedTeam #22

Closed ScioShield closed 1 year ago

ScioShield commented 1 year ago

First thanks for all the handwork with this project.

For v0.2 of the telemetry-generator.ps1 would it be possible to add a check if Invoke-AtomicRedTeam is already installed? Could work something like so 

...
# Function that checks if Invoke-AtomicRedTeam is already installed
function Check-ARTInstalled {
    try {
        Get-Command Invoke-AtomicTest -ErrorAction Stop | Out-Null
        return $true
    }
    catch {
        return $false
    }
}
...
# Install Invoke-Atomic if not already installed
if (-not (Check-ARTInstalled)) {
    Install-ART
}
...

Thanks again!

ScioShield commented 1 year ago

Hi I've just retested and since you are not using the '-Force' parameter flag it doesn't change existing installations. Please feel free to close this FR. My apologies. :)

tsale commented 1 year ago

No problem! Thanks for looking into it.