RTO
75c6c241e6
QoL update
|
2 سال پیش | |
|---|---|---|
| .. | ||
| README.md | 2 سال پیش | |
| addexclusion.c | 2 سال پیش | |
| addexclusion.cna | 2 سال پیش | |
| addexclusion.h | 2 سال پیش | |
| addexclusion.o | 2 سال پیش | |
| beacon.h | 2 سال پیش | |
| bofcompile.bat | 2 سال پیش | |
README.md
AddExclusion
Add a new exclusion to Windows Defender for a folder, file, process or extension.
This operation requires elevated privileges. Furthermore, currently only Windows Defender exclusions are supported. However, this code is easily enhanced to also support other AV products that communicate via WMI.
Arguments
<exclusion type>: specify one of the following exclusion types:path(file/folder),process,extension.<exclusion data>: specify the data to add as an exclusion.
Usage
addexclusion <exclusion type> <exclusion data>
Example
addexclusion path C:\Users\Public\Downloadsaddexclusion process C:\Windows\System32\example.exeaddexclusion extension *.xll
Compile
- 1. Make sure Visual Studio is installed and supports C/C++.
- 2. Open the
x64 Native Tools Command Prompt for VS <2019/2022>terminal. - 3. Run the
bofcompile.batscript to compile the object file. - 4. In Cobalt strike, use the script manager to load the .cna script to import the tool.