trinitor/DetectionLab
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Don't try to re-disable Defender

Browse Source
This commit is contained in:
Chris Long
2019-04-28 01:42:25 -07:00
parent e1039c8090
commit 88cd120e6e
1 changed files with 1 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
Vagrant/scripts/install-redteam.ps1
View File

@@ -2,19 +2,7 @@
Write-Host "Installing Red Team Tooling..." Write-Host "Installing Red Team Tooling..."
# Windows Defender should be disabled already by O&O ShutUp10
# Disable Windows Defender realtime scanning before downloading Mimikatz and drop the firewall
If ($env:computername -eq "win10") {
If (Test-Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender")
{
Remove-Item "HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender" -Recurse -Force
}
gpupdate /force | Out-String
Write-Host "Disabling Windows Defender Realtime Monitoring..."
Set-MpPreference -ExclusionPath C:\commander.exe, C:\Tools
set-MpPreference -DisableRealtimeMonitoring $true
Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled False
}
# Purpose: Downloads and unzips a copy of the latest Mimikatz trunk # Purpose: Downloads and unzips a copy of the latest Mimikatz trunk
Write-Host "Determining latest release of Mimikatz..." Write-Host "Determining latest release of Mimikatz..."