Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/whydee86/PlayWithDefender
An easy tool to disable and enable windows defender protections
https://github.com/whydee86/PlayWithDefender
Last synced: 21 days ago
JSON representation
An easy tool to disable and enable windows defender protections
- Host: GitHub
- URL: https://github.com/whydee86/PlayWithDefender
- Owner: whydee86
- Created: 2021-10-03T10:32:44.000Z (about 3 years ago)
- Default Branch: main
- Last Pushed: 2022-03-20T12:07:59.000Z (over 2 years ago)
- Last Synced: 2024-08-05T17:39:55.543Z (4 months ago)
- Language: Nim
- Size: 11.7 KB
- Stars: 110
- Watchers: 3
- Forks: 22
- Open Issues: 0
-
Metadata Files:
- Readme: Readme.md
Awesome Lists containing this project
- awesome-hacking-lists - whydee86/PlayWithDefender - An easy tool to disable and enable windows defender protections (Nim)
- StarryDivineSky - whydee86/PlayWithDefender
README
## Disable Windows Defender via registry ##
An easy tool to disable and enable windows defender protections
### Install & Compile ###
```
nimble install winregistry winim cligen
nim c -x -f Fdefender.nim
```
## How to use ##
Protection | Command
----------------------------------- | ----------------------
Disable all protections | Fdefender.exe -D
Enable all protections | Fdefender.exe -E
Disable Automatic sample submission | Fdefender.exe -S --Off
Enable Automatic sample submission | Fdefender.exe -S --On
Disable Real-Time protection | Fdefender.exe -R --Off
Enable Real-Time protection | Fdefender.exe -R --On
Disable Cloud-Delivered protection | Fdefender.exe -C --Off
Enable Cloud-Delivered protection | Fdefender.exe -C --On
Disable Network Protection | Fdefender.exe -N --Off
Enable Network Protection | Fdefender.exe -N --On
Disable Controlled folder access | Fdefender.exe -F --Off
Enable Controlled folder access | Fdefender.exe -F --On
### You can also combine flags in order to disable/enable many protections together. ###
Fdefender.exe -FRS --On | Fdefender.exe -FRS --Off
#### All Flags must start with Capital letters: Info, Off, On. ####
------
### Good To Mention ###
I want to mention that the following technique to turn on and off "windows defender" came from the necessity to quickly turn off "windows defender" on a computer managed by an organization.
The registry values under:
"Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Policy Manager"
They appear only if the computer is under an organization.
#### BUT ####
It still works on a computer that is not managed. All you have to do is execute "Fdefender.exe -E" which will enable all defender protections in order to create the values we need under the key above. After that, you can manage your defender via this tool.
### TODO ###
- [ ] Auto Privilege escalation using exploit/Vul driver