cquresphere
cquresphere
/ Create-MitigationFirewallRules.ps1
Last active
April 6, 2022 08:51
— forked from dstreefkerk/Create-MitigationFirewallRules.ps1
A script to automatically generate Windows Firewall with Advanced Security outbound rules to prevent malware from being able to dial home.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Requires -Version 5 -Module NetSecurity -RunAsAdministrator | |
| <# | |
| .SYNOPSIS | |
| Create-MitigationFirewallRules - Creates Windows Firewall rules to mitigate certain app whitelisting bypasses and to prevent command interpreters from accessing the Internet | |
| .DESCRIPTION | |
| A script to automatically generate Windows Firewall with Advanced Security outbound rules | |
| to prevent malware from being able to dial home. | |
| These programs will only be allowed to communicate to IP addresses within the private IPv4 RFC1918 ranges: |