remove code folder

windows/keep-secure/code/example-script.ps1

@@ -1,60 +0,0 @@
-$authUrl = 'Your Authorization URL'
-$clientId = 'Your Client ID'
-$clientSecret = 'Your Client Secret'
-
-
-Try
-{
-    $tokenPayload = @{
-        "resource" = 'https://graph.windows.net'
-        "client_id" = $clientId
-        "client_secret" = $clientSecret
-        "grant_type"='client_credentials'}
-
-    "Fetching an access token"
-    $response = Invoke-RestMethod $authUrl -Method Post -Body $tokenPayload
-    $token = $response.access_token
-    "Token fetched successfully"
-
-    $headers = @{
-        "Content-Type" = "application/json"
-        "Accept" = "application/json"
-        "Authorization" = "Bearer {0}" -f $token }
-
-    $apiBaseUrl = "https://ti.securitycenter.windows.com/V1.0/"
-
-    $alertDefinitionPayload = @{
-        "Name" = "Test Alert"
-        "Severity" = "Medium"
-        "InternalDescription" = "A test alert used to demonstrate the Windows Defender ATP TI API feature"
-        "Title" = "Test alert."
-        "UxDescription" = "This is a test alert based on a sample custom alert definition. This alert was triggered manually using a provided test command. It indicates that the Threat Intelligence API has been properly enabled."
-        "RecommendedAction" = "No recommended action for this test alert."
-        "Category" = "SuspiciousNetworkTraffic"
-        "Enabled" = "true"}
-    "Creating an Alert Definition"
-    $alertDefinition =
-        Invoke-RestMethod ("{0}AlertDefinitions" -f $apiBaseUrl) `
-            -Method Post -Headers $headers -Body ($alertDefinitionPayload | ConvertTo-Json)
-    "Alert Definition created successfully"
-    $alertDefinitionId = $alertDefinition.Id
-
-    $iocPayload = @{
-        "Type"="IpAddress"
-        "Value"="52.184.197.12"
-        "DetectionFunction"="Equals"
-        "Enabled"="true"
-        "AlertDefinition@odata.bind"="AlertDefinitions({0})" -f $alertDefinitionId }
-
-    "Creating an Indicator of Compromise"
-    $ioc =
-        Invoke-RestMethod ("{0}IndicatorsOfCompromise" -f $apiBaseUrl) `
-             -Method Post -Headers $headers -Body ($iocPayload | ConvertTo-Json)
-    "Indicator of Compromise created successfully"
-
-    "All done!"
-}
-Catch
-{
-    'Something went wrong! Got the following exception message: {0}' -f $_.Exception.Message
-}

windows/keep-secure/code/example.ps1

@@ -1,50 +0,0 @@
-$authUrl = 'Your Authorization URL'
-$clientId = 'Your Client ID'
-$clientSecret = 'Your Client Secret'
-
-$tokenPayload = @{
-    "resource"='https://graph.windows.net'
-    "client_id" = $clientId
-    "client_secret" = $clientSecret
-    "grant_type"='client_credentials'}
-
-$response = Invoke-RestMethod $authUrl -Method Post -Body $tokenPayload
-$token = $response.access_token
-
-$headers = @{
-    "Content-Type"="application/json"
-    "Accept"="application/json"
-    "Authorization"="Bearer {0}" -f $token }
-
-$apiBaseUrl = "https://ti.securitycenter.windows.com/V1.0/"
-
-$alertDefinitions =
-    (Invoke-RestMethod ("{0}AlertDefinitions" -f $apiBaseUrl) -Method Get -Headers $headers).value
-
-$alertDefinitionPayload = @{
-    "Name"= "The alert's name"
-    "Severity"= "Low"
-    "InternalDescription"= "An internal description of the Alert"
-    "Title"= "The Title"
-    "UxDescription"= "Description of the alerts"
-    "RecommendedAction"= "The alert's recommended action"
-    "Category"= "Trojan"
-    "Enabled"= "true"}
-
-$alertDefinition =
-    Invoke-RestMethod ("{0}AlertDefinitions" -f $apiBaseUrl) `
-        -Method Post -Headers $headers -Body ($alertDefinitionPayload | ConvertTo-Json)
-
-$alertDefinitionId = $alertDefinition.Id
-
-$iocPayload = @{
-    "Type"="Sha1"
-    "Value"="dead1111eeaabbccddeeaabbccddee11ffffffff"
-    "DetectionFunction"="Equals"
-    "Enabled"="true"
-    "AlertDefinition@odata.bind"="AlertDefinitions({0})" -f $alertDefinitionId }
-
-
-$ioc =
-    Invoke-RestMethod ("{0}IndicatorsOfCompromise" -f $apiBaseUrl) `
-         -Method Post -Headers $headers -Body ($iocPayload | ConvertTo-Json)

windows/keep-secure/code/example.py

@@ -1,51 +0,0 @@
-import json
-import requests
-from pprint import pprint
-
-auth_url="Your Authorization URL"
-client_id="Your Client ID"
-client_secret="Your Client Secret"
-
-payload = {"resource": "https://graph.windows.net",
-           "client_id": client_id,
-           "client_secret": client_secret,
-           "grant_type": "client_credentials"}
-
-response = requests.post(auth_url, payload)
-token = json.loads(response.text)["access_token"]
-
-with requests.Session() as session:
-    session.headers = {
-        'Authorization': 'Bearer {}'.format(token),
-        'Content-Type': 'application/json',
-        'Accept': 'application/json'}
-
-    response = session.get("https://ti.securitycenter.windows.com/V1.0/AlertDefinitions")
-    pprint(json.loads(response.text))
-
-    alert_definition = {"Name": "The alert's name",
-                        "Severity": "Low",
-                        "InternalDescription": "An internal description of the alert",
-                        "Title": "The Title",
-                        "UxDescription": "Description of the alerts",
-                        "RecommendedAction": "The alert's recommended action",
-                        "Category": "Trojan",
-                        "Enabled": True}
-
-    response = session.post(
-        "https://ti.securitycenter.windows.com/V1.0/AlertDefinitions",
-        json=alert_definition)
-
-    alert_definition_id = json.loads(response.text)["Id"]
-
-    ioc = {'Type': "Sha1",
-           'Value': "dead1111eeaabbccddeeaabbccddee11ffffffff",
-           'DetectionFunction': "Equals",
-           'Enabled': True,
-           "AlertDefinition@odata.bind": "AlertDefinitions({0})".format(alert_definition_id)}
-
-    response = session.post(
-        "https://ti.securitycenter.windows.com/V1.0/IndicatorsOfCompromise",
-        json=ioc)
-
-    pprint(json.loads(response.text))