matterpreter/DefenderCheck matterpreter/DefenderCheck

  • Stars
    star
    2,081
  • Rank 21,436 (Top 0.5 %)
  • Language
    C#
  • License
    BSD 3-Clause "New...
  • Created about 5 years ago
  • Updated 9 months ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
matterpreter/DefenderCheck
github

matterpreter

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Identifies the bytes that Microsoft Defender flags on.

DefenderCheck

Quick tool to help make evasion work a little bit easier.

Warning: As of the 1.337.157.0 Defender signature update, DefenderCheck is classified as VirTool:MSIL/BytzChk.C!MTB. As a workaround while I work to get around this, please disable Real-time Protection in Defender before compiling DefenderCheck.

Takes a binary as input and splits it until it pinpoints that exact byte that Microsoft Defender will flag on, and then prints those offending bytes to the screen. This can be helpful when trying to identify the specific bad pieces of code in your tool/payload.

Note: Defender must be enabled on your system, but the realtime protection and automatic sample submission features should be disabled.

More Repositories

1

OffensiveCSharp

Collection of Offensive C# Tooling
C#
1,293
star
2

Shhmon

Neutering Sysmon via driver unload
C#
215
star
3

SHAPESHIFTER

Companion PoC for the "Adventures in Dynamic Evasion" blog post
C#
120
star
4

FindETWProviderImage

Quickly search for references to a GUID in DLLs, EXEs, and drivers
C#
58
star
5

cpuid

A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class
C++
23
star
6

getDA.sh

Identify common attack paths to get Domain Administrator
Shell
20
star
7

misc

Collection of things I've written on pentests to make life easier.
PowerShell
15
star
8

penteensy

USB HID for Penetration Testing
Arduino
14
star
9

InternetCatFeeder

Raspberry Pi internet-enabled cat feeder using the PicoBorg Reverse
Python
1
star