From ec5af82e6eee3799b99ae219f3373b56b90f4950 Mon Sep 17 00:00:00 2001
From: Rahmat Nurfauzi <rahmat.nf42@gmail.com>
Date: Fri, 13 Apr 2018 20:29:22 +0700
Subject: [PATCH] Update Disabling_Security_Tools.md

---
 .../Defense_Evasion/Disabling_Security_Tools.md | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/Windows/Defense_Evasion/Disabling_Security_Tools.md b/Windows/Defense_Evasion/Disabling_Security_Tools.md
index 4d4d51fa..b65fb6ea 100644
--- a/Windows/Defense_Evasion/Disabling_Security_Tools.md
+++ b/Windows/Defense_Evasion/Disabling_Security_Tools.md
@@ -11,13 +11,28 @@ MITRE ATT&CK Technique: [T1089](https://attack.mitre.org/wiki/Technique/T1089)
 ## Stop Windows Security Center
 `net stop wscsvc`
 
+## Add Local Firewall Rule Exceptions : Enable a Program
+`netsh advfirewall firewall add rule name="My Application" dir=in action=allow program="C:\MyApp\MyApp.exe" enable=yes`
+
+## Add Local Firewall Rule Exceptions : Enable a Port
+`netsh advfirewall firewall add rule name="Open Remote Desktop" protocol=TCP dir=in localport=3389 action=allow`
+
+## Disable The LAN Network Connection
+`netsh interface set interface name="Local Area Connection" admin=disabled`
+
 ## Stop Windows Defender
 
 ### Windows 7/8
 `net stop windefend`
 
 ### Windows 10
-`PS > Set-MpPreference -DisableRealtimeMonitoring $true`
+```
+PS > Set-MpPreference -DisableRealtimeMonitoring $true -Verbose
+PS > Set-MpPreference -DisableIOAVProtection $true -Verbose
+PS > Set-MpPreference -DisableBehaviorMonitoring $true -Verbose
+PS > Set-MpPreference -DisableIntrusionPreventionSystem $true -Verbose
+PS > Set-MpPreference -DisablePrivacyMode $true -Verbose
+```
 
 ## Disable Default Web Site Logging IIS 7