Installation

Build

From the repository agent/ folder:

dotnet build EDRAgent.sln -c Release

Run the desktop UI

dotnet run --project EDRAgent.UI

Run as Administrator when you need full access to Sysmon and related logs (see product README).

Windows Service

The solution includes a Windows Service project for background operation. Build and install according to your deployment standard (sc.exe, installer, or dotnet worker patterns documented in agent/README.md).

Sysmon

Install Sysmon with an appropriate configuration (the repo may include sysmon-config.xml). Without Sysmon, the current detection path will not receive the expected events.

Build​

Run the desktop UI​

Windows Service​

Sysmon​

Build

Run the desktop UI

Windows Service

Sysmon