{"id":13843809,"url":"https://github.com/whydee86/PlayWithDefender","last_synced_at":"2025-07-11T20:30:38.452Z","repository":{"id":50455824,"uuid":"413046052","full_name":"whydee86/PlayWithDefender","owner":"whydee86","description":"An easy tool to disable and enable windows defender protections","archived":false,"fork":false,"pushed_at":"2022-03-20T12:07:59.000Z","size":12,"stargazers_count":110,"open_issues_count":0,"forks_count":22,"subscribers_count":3,"default_branch":"main","last_synced_at":"2024-11-21T15:39:35.597Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Nim","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/whydee86.png","metadata":{"files":{"readme":"Readme.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2021-10-03T10:32:44.000Z","updated_at":"2024-11-01T10:58:13.000Z","dependencies_parsed_at":"2022-09-24T08:50:29.241Z","dependency_job_id":null,"html_url":"https://github.com/whydee86/PlayWithDefender","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/whydee86/PlayWithDefender","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/whydee86%2FPlayWithDefender","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/whydee86%2FPlayWithDefender/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/whydee86%2FPlayWithDefender/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/whydee86%2FPlayWithDefender/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/whydee86","download_url":"https://codeload.github.com/whydee86/PlayWithDefender/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/whydee86%2FPlayWithDefender/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":264891996,"owners_count":23679201,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-04T17:02:27.766Z","updated_at":"2025-07-11T20:30:38.205Z","avatar_url":"https://github.com/whydee86.png","language":"Nim","funding_links":[],"categories":["其他_安全与渗透","Nim"],"sub_categories":["网络服务_其他"],"readme":"## Disable Windows Defender via registry ##\r\nAn easy tool to disable and enable windows defender protections\r\n\r\n### Install \u0026 Compile ###\r\n```\r\nnimble install winregistry winim cligen\r\nnim c -x -f Fdefender.nim\r\n```\r\n## How to use ##\r\n\r\nProtection                          | Command\r\n----------------------------------- | ----------------------\r\nDisable all protections             | Fdefender.exe -D\r\nEnable all protections              | Fdefender.exe -E\r\nDisable Automatic sample submission | Fdefender.exe -S --Off\r\nEnable Automatic sample submission  | Fdefender.exe -S --On\r\nDisable Real-Time protection        | Fdefender.exe -R --Off\r\nEnable Real-Time protection         | Fdefender.exe -R --On\r\nDisable Cloud-Delivered protection  | Fdefender.exe -C --Off\r\nEnable Cloud-Delivered protection   | Fdefender.exe -C --On\r\nDisable Network Protection          | Fdefender.exe -N --Off\r\nEnable Network Protection           | Fdefender.exe -N --On\r\nDisable Controlled folder access    | Fdefender.exe -F --Off\r\nEnable Controlled folder access     | Fdefender.exe -F --On\r\n\r\n### You can also combine flags in order to disable/enable many protections together. ###\r\nFdefender.exe -FRS --On | Fdefender.exe -FRS --Off\r\n\r\n#### All Flags must start with Capital letters: Info, Off, On. ####\r\n------\r\n### Good To Mention ###\r\nI want to mention that the following technique to turn on and off \"windows defender\" came from the necessity to quickly turn off \"windows defender\" on a computer managed by an organization.\r\nThe registry values under:\r\n\"Computer\\HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows Defender\\Policy Manager\"\r\nThey appear only if the computer is under an organization.\r\n#### BUT ####\r\nIt still works on a computer that is not managed. All you have to do is execute \"Fdefender.exe -E\" which will enable all defender protections in order to create the values we need under the key above. After that, you can manage your defender via this tool.\r\n### TODO ###\r\n- [ ] Auto Privilege escalation using exploit/Vul driver\r\n\r\n\r\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwhydee86%2FPlayWithDefender","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fwhydee86%2FPlayWithDefender","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwhydee86%2FPlayWithDefender/lists"}