hausec/ADAPE-Script

In Summary :

After running the .ps1, it will create the capture file and start creating module folders to store the downloaded scripts into. Everything captured is stored and zipped up into the C:/Capture.zip file. This can be changed, i.e. if C:/ cannot be be written to, change the directory in the code under the comment that says "Change storage directory here". Bloodhound's "Sharphound.ps1" has recently been updated to Windows Defender to be flagged as malicious, but ironically the Sharphound.exe has not. I've switched the script to use the .exe by default, as the new 1.5 version of Sharphound is still not being picked up by any AV engine (according to Virus Total). If you don't want to use the .exe, you can comment that section out and use the .ps1 still. I've obfuscated the .ps1 section a bit by downloaded the .ps1 as a string, base64 encoding it, then decoding it and storing it as a new .ps1 to change the signature [...]

kindly refer the following link as follow up :
https://github.com/hausec/ADAPE-Script