A tool which is uses to remove Windows Defender in Windows 8.x, Windows 10 (every version) and Windows 11.

Attack and defend active directory using modern post exploitation adversary tradecraft activity

Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Personal, Enterprise, Government and Military security levels | SLSA Level 3 Compliant for Secure Development and Build Process | Apps Available on MS Store✨

Tools and Techniques for Blue Team / Incident Response

An even funnier way to disable windows defender. (through WSC api)

A small course on exploiting and defending neural networks

Identifies the bytes that Microsoft Defender flags on.

Sample queries for Advanced hunting in Microsoft 365 Defender

A slightly more fun way to disable windows defender + firewall. (through the WSC api)

Welcome to the Microsoft Defender for Cloud community repository

Useful Techniques, Tactics, and Procedures for red teamers and defenders, alike!

An open-source windows defender manager. Now you can disable windows defender permanently.

KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.

一款后渗透免杀工具，助力每一位像我这样的脚本小子快速实现免杀，支持bypass AV/EDR 360 火绒 Windows Defender Shellcode Loader

Utility for configuring Windows 10 built-in Defender antivirus settings.

Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. #nolockdown

A web application that assists network defenders, analysts, and researchers in the process of mapping adversary behaviors to the MITRE ATT&CK® framework.

A simple super fast django reusable app that blocks people from brute forcing login attempts

Stop Windows Defender programmatically

Code for Defending Against Neural Fake News, https://rowanzellers.com/grover/

KQL Queries. Microsoft Defender, Microsoft Sentinel

Anti Virtulization, Anti Debugging, AntiVM, Anti Virtual Machine, Anti Debug, Anti Sandboxie, Anti Sandbox, VM Detect package. Windows ONLY.

C# obfuscator that bypass windows defender

Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).

A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 Defender).

Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flows for a small corpus of incidents, and creating visualization tools to display attack flows.

A small POC to make defender useless by removing its token privileges and lowering the token integrity

Image forgery recognition algorithm

A simple python packer to easily bypass Windows Defender

Defender(1981) by Eugene Jarvis and Sam Dicker