Windows Defender

information regarding windows defender security measures

disable windows defender

Tested on Microsoft Windows 10 Pro 10.0.19042 x64

This helps a lot when configuring a Windows pentesting environment, less annoyance regarding exploits.

Tamper protection has to be disabled (only way I found to do that is via GUI, all other approaches didn't work since the reason for it to exists is to prevent programs from modifying the configuration of the AV, which is for example via malicious program or command line).

• Windows Security -> Virus & threat protection -> Tamper Protection

Cmd

powershell -command "Set-MpPreference -DisableRealtimeMonitoring $true" && reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender" /v DisableAntiSpyware /t REG_DWORD_LITTLE_ENDIAN /d 1 /f

Powershell

Set-MpPreference -DisableRealtimeMonitoring $true; New-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender" -Name DisableAntiSpyware -Value 1 -PropertyType DWORD -Force;