Incapacitating Windows Defender

Dan Tentler aka @viss is definitely one of the people that i make sure i follow on Twitter because he is a fun guy and he knows his stuff. Hak5 recently did a couple of episodes with @viss where he showed a couple of tricks. Nothing too major and nothing foolproof but they can still come in handy at certain environments. The idea behind this approach is that if we have a defending team monitoring that Defender is running on all endpoints as expected, we can slip right through the crack by removing all the signatures that Defender relies upon … Continue reading Incapacitating Windows Defender